Mededeling

**Emphyrio** · 21-07-13, 16:09

Oorspronkelijk geplaatst door Yves w Bekijk Berichten

Op dit moment kan ik geen logjes plaatsen, omdat ik niets wil downloaden tijdens het recoveren van bestanden, maar dit is mijn probleem:

Hoi Yves,

Je begrijpt dat deze stelling onze taak onmogelijk maakt?

**Yves w** · 21-07-13, 17:43

Ik ben klaar met de recovery. Alle gerecoverde bestanden staan nu echter in de map recovery, dus ik heb er niets aan, omdat ik niet weet waar ze horen.

DDS.txt

Code:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Yves at 17:36:44 on 2013-07-21
Microsoft Windows 7 Professional   6.1.7601.1.1252.31.1043.18.8147.6043 [GMT 2:00]
.
AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
C:\Windows\system32\taskeng.exe
D:\Program Files\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
D:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Yves\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Users\Yves\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
D:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\NCS2\WMIProv\NCS2Prov.exe
D:\Program Files\AI Suite II\AI Suite II.exe
D:\Program Files\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll
uRun: [KeePass Password Safe 2] "D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe"
uRun: [Steam] "D:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Google Update] "C:\Users\Yves\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [7 Taskbar Tweaker] "C:\Users\Yves\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [KeePass 2 PreLoad] "D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Razer Mamba Elite Driver] D:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
mRun: [DivXMediaServer] D:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60
StartupFolder: C:\Users\Yves\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Yves\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LockWorkStation.vbs
StartupFolder: C:\Users\Yves\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZILL~1.LNK - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: %windir%\system32\vsocklib.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{6C86F51A-EFC6-4321-ACF4-8053BA3DA340} : NameServer = 194.109.6.66,194.109.104.104
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Yves\AppData\Roaming\Mozilla\Firefox\Profiles\9jjtpsus.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - lunagang.nl|hxxps://www.youtube.com/my_subscriptions?feature=mhee|http://www.reignofgaming.net/|http://retro.grooveshark.com/#!/playlist/Yves+W+s+Gaming+Playlist/85327865
FF - prefs.js: keyword.URL - hxxps://www.google.nl/search?hl=nl&site=webhp&source=hp&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\Yves\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: D:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
FF - ExtSQL: 2013-06-27 11:44; [email protected]; C:\Users\Yves\AppData\Roaming\Mozilla\Firefox\Profiles\9jjtpsus.default\extensions\[email protected]
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2012-7-8 19224]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-17 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-17 1139800]
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2013-3-15 70296]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-7-13 26176]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-16 1393240]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-17 169048]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130719.002\IDSviA64.sys [2013-7-20 513184]
R1 nbdrv;NetBalancer LightWeight Filter;C:\Windows\System32\drivers\nbdrv.sys [2013-7-10 41392]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-17 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-17 433752]
R1 VDiskBus;ASUS Disk Unlocker;C:\Windows\System32\drivers\VDiskBus64.sys [2010-9-21 43136]
R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-7-13 2938408]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2012-7-8 918448]
R2 ASDiskUnlocker;ASDiskUnlocker;C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [2010-12-2 258688]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-7-8 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-7-8 586880]
R2 DevoloNetworkService;devolo Network Service;C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2013-7-15 3516408]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-8-20 233328]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-8 178344]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-8 161560]
R2 N360;Norton 360;D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccsvchst.exe [2013-6-17 144368]
R2 NetBalancerService;NetBalancerService;D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2013-7-10 16384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R3 ASFLTDrv.sys;ASFLTDrv.sys;C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [2010-9-16 16512]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\Windows\System32\drivers\evolve.sys [2012-12-30 21656]
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2012-7-8 356632]
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2012-7-8 789272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-8 13592]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-8 363800]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-7-13 66320]
S3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-7-13 57032]
S3 EvoSvc;Evolve Service;C:\Program Files\Echobit\Evolve\EvoSvc.exe [2012-12-30 1495512]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2009-6-17 74256]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2009-6-17 13328]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-25 19456]
S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2012-9-28 31232]
S3 Te.Service;Te.Service;D:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-25 57856]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-9 1255736]
S4 ReflectService.exe;Macrium Reflect Image Mounting Service;"D:\Program Files\Macrium\Reflect\ReflectService.exe" --> D:\Program Files\Macrium\Reflect\ReflectService.exe [?]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-16 4150112]
S4 TunngleService;TunngleService;D:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-9-28 745368]
.
=============== Created Last 30 ================
.
2013-07-17 17:29:18	--------	d-----w-	C:\Users\Yves\AppData\Local\Rockstar Games
2013-07-15 19:33:23	81920	----a-w-	C:\Windows\SysWow64\devolopacket.dll
2013-07-15 19:33:23	34048	----a-w-	C:\Windows\SysWow64\drivers\npf_devolo.sys
2013-07-15 19:33:23	221184	----a-w-	C:\Windows\SysWow64\devolopcap.dll
2013-07-12 23:46:31	--------	d-----w-	C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-11 00:55:28	9216	----a-w-	C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 00:49:33	41392	----a-w-	C:\Windows\System32\drivers\nbdrv.sys
2013-07-10 00:45:53	1536	----a-w-	C:\Windows\SysWow64\bcevent.dll
2013-07-10 00:28:02	--------	d-sh--w-	C:\Windows\SysWow64\AI_RecycleBin
2013-07-10 00:27:40	--------	d-----w-	C:\Users\Yves\AppData\Roaming\Locktime
2013-07-06 20:06:23	--------	d-----w-	C:\ProgramData\SeriousBit
2013-07-05 23:32:01	238352	----a-w-	C:\Windows\System32\drivers\VBoxDrv.sys
2013-07-05 23:32:00	120080	----a-w-	C:\Windows\System32\drivers\VBoxUSBMon.sys
2013-07-04 13:57:00	131856	----a-w-	C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-06-23 18:27:04	96168	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2013-07-20 22:54:41	1048576	----a-w-	C:\Windows\PE_Rom.dll
2013-07-11 12:35:25	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-11 12:35:25	692104	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-04 13:57:00	146704	----a-w-	C:\Windows\System32\drivers\VBoxNetFlt.sys
2013-07-04 13:56:58	204048	----a-w-	C:\Windows\System32\VBoxNetFltNobj.dll
2013-06-23 18:27:02	867240	----a-w-	C:\Windows\SysWow64\npDeployJava1.dll
2013-06-23 18:27:02	789416	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2013-06-19 05:55:26	177312	----a-w-	C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-06-11 23:43:37	1767936	----a-w-	C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00	2877440	----a-w-	C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58	61440	----a-w-	C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58	109056	----a-w-	C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20	2241024	----a-w-	C:\Windows\System32\wininet.dll
2013-06-11 23:25:16	3958784	----a-w-	C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13	67072	----a-w-	C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13	136704	----a-w-	C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45	71680	----a-w-	C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58	89600	----a-w-	C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18	2706432	----a-w-	C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52	2706432	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27	3153920	----a-w-	C:\Windows\System32\win32k.sys
2013-06-04 06:00:13	624128	----a-w-	C:\Windows\System32\qedit.dll
2013-06-04 04:53:07	509440	----a-w-	C:\Windows\SysWow64\qedit.dll
2013-05-23 05:25:28	1139800	----a-w-	C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys
2013-05-21 05:02:00	493656	----a-w-	C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys
2013-05-16 05:02:14	796760	----a-w-	C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys
2013-05-13 05:51:01	184320	----a-w-	C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00	1464320	----a-w-	C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00	139776	----a-w-	C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40	52224	----a-w-	C:\Windows\System32\certenc.dll
2013-05-13 04:45:55	140288	----a-w-	C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55	1160192	----a-w-	C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55	103936	----a-w-	C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55	1192448	----a-w-	C:\Windows\System32\certutil.exe
2013-05-13 03:08:10	903168	----a-w-	C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06	43008	----a-w-	C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27	30720	----a-w-	C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54	24576	----a-w-	C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01	1910632	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49	1887744	----a-w-	C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35	1620480	----a-w-	C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-01 01:59:12	94208	----a-w-	C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59:12	69632	----a-w-	C:\Windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36	751104	----a-w-	C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21	492544	----a-w-	C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32	1505280	----a-w-	C:\Windows\SysWow64\d3d11.dll
2013-04-25 00:43:56	433752	----a-w-	C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys
2006-05-03 10:06:54	163328	--sha-r-	C:\Windows\SysWOW64\flvDX.dll
2007-02-21 11:47:16	31232	--sha-r-	C:\Windows\SysWOW64\msfDX.dll
2008-03-16 13:30:52	216064	--sha-r-	C:\Windows\SysWOW64\nbDX.dll
2010-01-06 22:00:00	107520	--sha-r-	C:\Windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 18:54:00	188416	--sha-r-	C:\Windows\SysWOW64\winDCE32.dll
.
============= FINISH: 17:36:53,45 ===============

attach.txt

Code:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 8-7-2012 2:04:06
System Uptime: 21-7-2013 17:35:08 (0 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. |  | P8Z77-V
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | LGA1155 | 2890/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 66,211 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 1543,975 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter V9 (Tunngle)
Device ID: ROOT\NET\0001
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Name: TAP-Win32 Adapter V9 (Tunngle)
PNP Device ID: ROOT\NET\0001
Service: tap0901t
.
==== System Restore Points ===================
.
RP191: 15-7-2013 23:22:35 - DirectX is geïnstalleerd.
RP192: 15-7-2013 23:48:41 - DirectX is geïnstalleerd.
RP193: 17-7-2013 17:04:19 - Installed osu!
RP196: 20-7-2013 21:21:10 - Norton 360 Registry Clean
.
==== Installed Programs ======================
.
7+ Taskbar Tweaker v4.2.7
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop 7.0
Adobe Reader XI - Nederlands
Adobe Shockwave Player 12.0
AI Suite II
AMD APP CPU SDK Runtime
AMD APP SDK Developer
AMD APP SDK Samples
Apple Application Support
Apple Software Update
Application Verifier x64 External Package
Arma 3 Alpha Lite
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
Assassin's Creed (R) III
µTorrent
AutoHotkey 1.0.48.05
Awesomenauts
Battlefield 1942™
Borderlands 2
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Multiplayer
Capsized
Castle Crashers
CCleaner
Cheat Engine 6.2
Chivalry: Medieval Warfare
Cross Fire En
Crysis®3
Dear Esther
devolo dLAN Cockpit
Disk Unlocker
DivX Setup
dLAN Cockpit
Dota 2
Dropbox
Dungeon Defenders
Dxtory version 2.0.120
Emsisoft Anti-Malware
erLT
Evolve
Fraps (remove only)
Garry's Mod
Garry's Mod 13 Beta
Google Chrome
Gotham City Impostors
GTAIV overclockers edition by dax1, âåðñèÿ Final
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life 2: Lost Coast
IconChanger
ImgBurn
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Network Connections 16.6.126.0
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Java 7 Update 17 (64-bit)
Java 7 Update 25
Java Auto Updater
Java SE Development Kit 7 Update 17 (64-bit)
Java SE Development Kit 7 Update 5
JavaFX 2.1.1
JavaFX 2.1.1 SDK
JC2-MP version 0.0.11
JSmooth 0.9.9-7
Just Cause 2
KeePass Password Safe 2.22
Killing Floor
Kits Configuration Installer
League of Legends
Left 4 Dead 2
Left 4 Dead 2 Add-on Support
Little Inferno
LockHunter 2.0 beta 2, 64 bit
LOLReplay
Macrium Reflect Free Edition
MagicDisc 2.7.106
Magicka
Metro 2033
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 NLD Language Pack
Microsoft .NET Framework 4.5 SDK
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft IntelliType Pro 7.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (Dutch) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 22.0 (x86 nl)
Mozilla Maintenance Service
NetBalancer
NetBeans IDE 7.3
Neverwinter
Nexus Mod Manager
Norton 360 Premier Edition
NVIDIA-configuratiescherm 311.06
NVIDIA 3D Vision controllerstuurprogramma 306.23
NVIDIA 3D Vision stuurprogramma 311.06
NVIDIA Grafisch stuurprogramma 311.06
NVIDIA HD Audio-stuurprogramma 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
Oracle VM VirtualBox 4.2.16
Origin
osu!
Paint.NET v3.5.10
Pando Media Booster
PAYDAY: The Heist
Picasa 3
Pirates, Vikings, & Knights II
PlanetSide 2
Portal 2
PunkBuster Services
Qualcomm Atheros WiFi Driver Installation
QuickTime
Razer Mamba
Realtek High Definition Audio Driver
Recuva
Sanctum
Sandboxie 3.76 (64-bit)
SDK Debuggers
Security Update for Microsoft .NET Framework 4.5 (KB2729460)
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
ShiftWindow 1.02
Skype™ 6.5
Sony Media Manager 2.2
Sony Vegas 7.0
Source SDK Base 2007
Speccy
SpeedFan (remove only)
Steam
SUPER © +Recorder.2013.55 (Mar 7, 2013) versie +Recorder.2013.5
SUPER © v2012.build.52 (July 7, 2012) versie v2012.build.52
swMSM
Taalpakket voor Microsoft .NET Framework 4.5 - NLD
Team Fortress 2
TeamSpeak 3 Client
TeamViewer 8
TechPowerUp GPU-Z
The Binding of Isaac
Thomas Was Alone
TI Connect 1.6
tools-linux
tools-windows
Torchlight
Transformice
Tunngle beta
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
Uplay
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.7
VMware Player
Warcraft III
Warcraft III: All Products
Windows App Certification Kit Native Components
Windows App Certification Kit x64
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1)
Windows Installer Clean Up
Windows Live ID Sign-in Assistant
Windows Software Development Kit
Windows Software Development Kit DirectX x64 Remote
Windows Software Development Kit DirectX x86 Remote
Windows Software Development Kit EULA
Windows Software Development Kit for Windows Store Apps
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
Windows Software Development Kit Redistributables
WinRAR 4.20 (64-bit)
Woordenboek Latijn-Nederlands
WPT Redistributables
WPTx64
YTD Video Downloader 3.9.6
.
==== End Of File ===========================

Op dit moment scan ik met MBAM. GMER past niet in de post (aantal tekens). Ik zet het even op pastebin.

**Yves w** · 21-07-13, 17:46

GMER: http://pastebin.com/ayF75JPJ

**Emphyrio** · 21-07-13, 19:04

Hoi Yves,

Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
.

Log enkel in als beheerder met alle rechten.
Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
Volg aandachtig de instructies die door mij worden gegeven.
Volg enkel het door mij gegeven advies op
Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
Als je iets niet weet of verstaat, vraag het dan even aub.
Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
Zet je emoticons (Smileys) uit als je logs plaatst aub .
De logs niet als bijlage, noch tussen codetags zetten aub.

.
Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

Stap 1:

Malware scannen en verwijderen....

Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links:

Dubbelklik op mbam-setup.exe om het programma te installeren.

Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

Zorg dat er na de installatie een vinkje is geplaatst bij:

Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Zodra het programma gestart is, ga je naar het tabblad "Instellingen".

Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga naar het tabblad "Updates" en Update MBAM.
Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Indien MBAM vraagt om een herstart, doe dit dan ook.
Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
In dat geval post je dus de twee logs.

De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Bij problemen!!!

___________________________________________________________

Stap 2:

Controle op slechte toolbars...

Opmerking:Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Beveiligingssoftware uitschakelen.

Download AdwCleaner by Xplode naar je Bureaublad.

Sluit alle openstaande vensters
Start AdwCleaner en klik op Verwijderen
Klik bij AdwCleaner – Information op OK
Klik bij AdwCleaner – Restart Required op OK

Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

Vergeet niet om je "smileys" uit te schakelen.

Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

___________________________________________________________

Stap 3:

Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:

DDS is een diagnosetool en maakt gebruik van scripts.
Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.

Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
Beide logfiles sla je op je bureaublad.

Post de inhoud van DDS.txt.

De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

___________________________________________________________

Stap 4:

Controle op updates...

Download Security Check op je bureaublad via hier of hier

Start Security Check
Volg de Instructies in het scherm
Aan het eind verschijnt een log ( checkup.txt )
Plaats de inhoud ervan in je volgende antwoord.

In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
.

MBAM
AdwCleaner
DDS
checkup.txt

.
Deze logs NIET als bijlage of tussen codetags posten aub.
(Desnoods in meerdere postingen.)

Emphyrio

**Yves w** · 21-07-13, 19:32

De logs komen even in gedeelten

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes Cyber Security for Home & Business | Anti-Malware

https://www.malwarebytes.org

Protect your home and business PCs, Macs, iOS and Android devices from malware, viruses & cyber threats with our comprehensive cyber security solutions. Free trials available.

Databaseversie: v2013.07.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Yves :: DESKTOP1YVES [administrator]

21-7-2013 17:47:48
MBAM-log-2013-07-21 (19-30-43).txt

Scan type: Volledige scan (C:\|D:\|E:\|F:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 709970
Verstreken tijd: 1 uur/uren, 35 minuut/minuten, 36 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 40
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\chromepass.exe (PUP.ChromePasswordTool) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\iehv.exe (PUP.HistoryTool) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\lsasecretsview-x64.exe (PUP.PwdDump) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\lsasecretsview.exe (PUP.PwdDump) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\netpass-x64.exe (PUP.NetworkPasswordTool) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\produkey-x64.exe (PUP.PSWTool.ProductKey) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\produkey.exe (PUP.PSWTool.ProductKey) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\sniffpass-x64.exe (PUP.PswdSniffer) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\sniffpass.exe (PUP.PswdSniffer) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\vncpassview.exe (PUP.VNCPasswordTool) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\wirelesskeyview-x64.exe (PUP.WirelessKeyView) -> Geen actie ondernomen.
C:\Users\Yves\Desktop\Junk\Programma\NirSoft\NirLauncher\NirSoft\wirelessnetview.exe (PUP.WirelessNetworkTool) -> Geen actie ondernomen.
D:\Recovery\40_Web_0_3.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\4_Web_0_4.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Ahri_Splash_1_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Akali_Splash_4_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Alistar_Splash_6.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Ashe_Splash_3_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Blitzcrank_6_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\championsskin_113002.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\championsskin_55005_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\championsskin_59005_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\championsskin_69002_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\flist_repeat.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\GetImage[2].jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\groothoek.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Irelia_0_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\JarvanIV_Splash_5_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Khazix_Splash_1_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\league_header_XERATH.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Rammus_Splash_5_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Shyvana_Splash_3_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\splash_title.bmp (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\TDU.exe (Packer.ModifiedUPX) -> Geen actie ondernomen.
D:\Recovery\Twitch_Splash_2_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Veigar_Splash_0_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\VKF3735_1.BMP (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\VKF3744.BMP (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\vragen.jpg (Extension.Mismatch) -> Geen actie ondernomen.
D:\Recovery\Zed_Splash_1.jpg (Extension.Mismatch) -> Geen actie ondernomen.

(einde)

De eerste serie is allemaal Nirsoft, false positives. De tweede serie allemaal League of Legends bestanden die ik heb gerecovered. De LoL bestanden heb ik verwijderd, Nirsoft niet.

**Yves w** · 21-07-13, 19:36

# AdwCleaner v2.306 - Verslag gemaakt op 21/07/2013 om 19:34:36
# Geactualiseerd op 19/07/2013 door Xplode
# Besturingssysteem : Windows 7 Professional Service Pack 1 (64 bits)
# Gebruiker : Yves - DESKTOP1YVES
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Yves\Downloads\adwcleaner.exe
# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijderd : C:\END
Map Verwijderd : C:\Users\Yves\AppData\Roaming\Mozilla\Firefox\Profiles\9jjtpsus.default\jetpack

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\APN PIP
Sleutel Verwijderd : HKCU\Software\Conduit
Sleutel Verwijderd : HKCU\Software\PIP
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Sleutel Verwijderd : HKLM\Software\PIP
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}

***** [Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v22.0 (nl)

File : C:\Users\Yves\AppData\Roaming\Mozilla\Firefox\Profiles\9jjtpsus.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Yves\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[S1].txt - [2044 octets] - [21/07/2013 19:34:36]

########## EOF - C:\AdwCleaner[S1].txt - [2104 octets] ##########

**Yves w** · 21-07-13, 19:37

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by Yves at 19:36:50 on 2013-07-21
Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.8147.5822 [GMT 2:00]
.
AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
D:\Program Files\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
D:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
D:\Program Files (x86)\Steam\Steam.exe
C:\Users\Yves\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
C:\Users\Yves\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
D:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\Intel\NCS2\WMIProv\NCS2Prov.exe
D:\Program Files\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
D:\Program Files\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll
uRun: [KeePass Password Safe 2] "D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe"
uRun: [Steam] "D:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Google Update] "C:\Users\Yves\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [7 Taskbar Tweaker] "C:\Users\Yves\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [KeePass 2 PreLoad] "D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Razer Mamba Elite Driver] D:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
mRun: [DivXMediaServer] D:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60
StartupFolder: C:\Users\Yves\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Yves\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LockWorkStation.vbs
StartupFolder: C:\Users\Yves\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZILL~1.LNK - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: %windir%\system32\vsocklib.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{6C86F51A-EFC6-4321-ACF4-8053BA3DA340} : NameServer = 194.109.6.66,194.109.104.104
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Yves\AppData\Roaming\Mozilla\Firefox\Profiles\9jjtpsus.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - lunagang.nl|hxxps://www.youtube.com/my_subscriptions?feature=mhee|http://www.reignofgaming.net/|http:/...ylist/85327865
FF - prefs.js: keyword.URL - hxxps://www.google.nl/search?hl=nl&site=webhp&source=hp&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\Yves\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: D:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
FF - ExtSQL: 2013-06-27 11:44; [email protected]; C:\Users\Yves\AppData\Roaming\Mozilla\Firefox\Profiles\9jjtpsus.default\extensions\[email protected]
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2012-7-8 19224]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-17 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-17 1139800]
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2013-3-15 70296]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-7-13 26176]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-16 1393240]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-17 169048]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130719.002\IDSviA64.sys [2013-7-20 513184]
R1 nbdrv;NetBalancer LightWeight Filter;C:\Windows\System32\drivers\nbdrv.sys [2013-7-10 41392]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-17 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-17 433752]
R1 VDiskBus;ASUS Disk Unlocker;C:\Windows\System32\drivers\VDiskBus64.sys [2010-9-21 43136]
R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-7-13 2938408]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2012-7-8 918448]
R2 ASDiskUnlocker;ASDiskUnlocker;C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [2010-12-2 258688]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-7-8 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-7-8 586880]
R2 DevoloNetworkService;devolo Network Service;C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2013-7-15 3516408]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-8-20 233328]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-8 178344]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-8 161560]
R2 N360;Norton 360;D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccsvchst.exe [2013-6-17 144368]
R2 NetBalancerService;NetBalancerService;D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2013-7-10 16384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R3 ASFLTDrv.sys;ASFLTDrv.sys;C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [2010-9-16 16512]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-7-21 138912]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\Windows\System32\drivers\evolve.sys [2012-12-30 21656]
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2012-7-8 356632]
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2012-7-8 789272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-8 13592]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-8 363800]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-7-13 66320]
S3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-7-13 57032]
S3 EvoSvc;Evolve Service;C:\Program Files\Echobit\Evolve\EvoSvc.exe [2012-12-30 1495512]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2009-6-17 74256]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2009-6-17 13328]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-25 19456]
S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2012-9-28 31232]
S3 Te.Service;Te.Service;D:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-25 57856]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-9 1255736]
S4 ReflectService.exe;Macrium Reflect Image Mounting Service;"D:\Program Files\Macrium\Reflect\ReflectService.exe" --> D:\Program Files\Macrium\Reflect\ReflectService.exe [?]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-16 4150112]
S4 TunngleService;TunngleService;D:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-9-28 745368]
.
=============== Created Last 30 ================
.
2013-07-21 15:40:41 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-17 17:29:18 -------- d-----w- C:\Users\Yves\AppData\Local\Rockstar Games
2013-07-15 19:33:23 81920 ----a-w- C:\Windows\SysWow64\devolopacket.dll
2013-07-15 19:33:23 34048 ----a-w- C:\Windows\SysWow64\drivers\npf_devolo.sys
2013-07-15 19:33:23 221184 ----a-w- C:\Windows\SysWow64\devolopcap.dll
2013-07-12 23:46:31 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-11 00:55:28 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 00:49:33 41392 ----a-w- C:\Windows\System32\drivers\nbdrv.sys
2013-07-10 00:45:53 1536 ----a-w- C:\Windows\SysWow64\bcevent.dll
2013-07-10 00:28:02 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-07-10 00:27:40 -------- d-----w- C:\Users\Yves\AppData\Roaming\Locktime
2013-07-06 20:06:23 -------- d-----w- C:\ProgramData\SeriousBit
2013-07-05 23:32:01 238352 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2013-07-05 23:32:00 120080 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2013-07-04 13:57:00 131856 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-06-23 18:27:04 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2013-07-20 22:54:41 1048576 ----a-w- C:\Windows\PE_Rom.dll
2013-07-11 12:35:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-11 12:35:25 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-04 13:57:00 146704 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2013-07-04 13:56:58 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2013-06-23 18:27:02 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-23 18:27:02 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-19 05:55:26 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-05-23 05:25:28 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys
2013-05-21 05:02:00 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys
2013-05-16 05:02:14 796760 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-01 01:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-04-25 00:43:56 433752 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys
2006-05-03 10:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll
2007-02-21 11:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll
2008-03-16 13:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll
2010-01-06 22:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 18:54:00 188416 --sha-r- C:\Windows\SysWOW64\winDCE32.dll
.
============= FINISH: 19:36:58,65 ===============

**Yves w** · 21-07-13, 19:39

Results of screen317's Security Check version 0.99.70
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Norton 360 Premier Edition
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
JavaFX 2.1.1 SDK
Java 7 Update 25
Java SE Development Kit 7 Update 5
Adobe Flash Player 11.8.800.94
Adobe Reader XI
Mozilla Firefox (22.0)
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Emsisoft Anti-Malware a2service.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 19% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

C is een SSD.

**Emphyrio** · 21-07-13, 19:42

Download TDSSKiller naar je bureaublad.
Dubbelklik op TDSSKiller.exe om de tool te starten.

Klik op de knop "Start Scan" en volg de instructies.
Zet de items dat het vind in quarantaine
De unsigned files skip je.
Rootkit.Boot.SST.b en anderen zoals Sinowal, ZeroAccess of Whistler laat je herstellen (= Cure).

Als er een Reboot (herstart) wordt gevraagt, dan klik je op Reboot Now.
Anders klik je op Report.
Kopie en plak de logfile die tevoorschijn komt.

Opmerking:

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

**Yves w** · 21-07-13, 19:48

No threats found.

**Emphyrio** · 21-07-13, 19:49

Mag ik alsnog de log aub?

**Yves w** · 21-07-13, 20:19

Oops, vergeten. Hij is te groot om in één post te passen.

19:47:38.0130 6588 Mcx2Svc - ok
19:47:38.0132 6588 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:47:38.0133 6588 megasas - ok
19:47:38.0136 6588 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:47:38.0139 6588 MegaSR - ok
19:47:38.0141 6588 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:47:38.0141 6588 MEIx64 - ok
19:47:38.0143 6588 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:47:38.0144 6588 MMCSS - ok
19:47:38.0146 6588 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:47:38.0147 6588 Modem - ok
19:47:38.0148 6588 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:47:38.0149 6588 monitor - ok
19:47:38.0150 6588 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:47:38.0151 6588 mouclass - ok
19:47:38.0153 6588 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:47:38.0153 6588 mouhid - ok
19:47:38.0156 6588 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:47:38.0156 6588 mountmgr - ok
19:47:38.0159 6588 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:47:38.0161 6588 MozillaMaintenance - ok
19:47:38.0163 6588 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:47:38.0165 6588 mpio - ok
19:47:38.0167 6588 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:47:38.0168 6588 mpsdrv - ok
19:47:38.0175 6588 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:47:38.0181 6588 MpsSvc - ok
19:47:38.0184 6588 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:47:38.0185 6588 MRxDAV - ok
19:47:38.0188 6588 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:47:38.0190 6588 mrxsmb - ok
19:47:38.0194 6588 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:47:38.0196 6588 mrxsmb10 - ok
19:47:38.0198 6588 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:47:38.0200 6588 mrxsmb20 - ok
19:47:38.0202 6588 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:47:38.0202 6588 msahci - ok
19:47:38.0205 6588 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:47:38.0206 6588 msdsm - ok
19:47:38.0209 6588 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:47:38.0210 6588 MSDTC - ok
19:47:38.0213 6588 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:47:38.0214 6588 Msfs - ok
19:47:38.0216 6588 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:47:38.0216 6588 mshidkmdf - ok
19:47:38.0218 6588 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:47:38.0218 6588 msisadrv - ok
19:47:38.0221 6588 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:47:38.0223 6588 MSiSCSI - ok
19:47:38.0224 6588 msiserver - ok
19:47:38.0226 6588 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:47:38.0227 6588 MSKSSRV - ok
19:47:38.0228 6588 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:47:38.0229 6588 MSPCLOCK - ok
19:47:38.0230 6588 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:47:38.0231 6588 MSPQM - ok
19:47:38.0235 6588 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:47:38.0238 6588 MsRPC - ok
19:47:38.0241 6588 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:47:38.0241 6588 mssmbios - ok
19:47:38.0338 6588 MSSQL$SONY_MEDIAMGR - ok
19:47:38.0342 6588 [ CB7524C21727404BD3140DCA32DEB7DE ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
19:47:38.0344 6588 MSSQLServerADHelper - ok
19:47:38.0348 6588 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:47:38.0349 6588 MSTEE - ok
19:47:38.0353 6588 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:47:38.0354 6588 MTConfig - ok
19:47:38.0359 6588 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:47:38.0359 6588 Mup - ok
19:47:38.0518 6588 [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360 D:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
19:47:38.0520 6588 N360 - ok
19:47:38.0529 6588 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:47:38.0535 6588 napagent - ok
19:47:38.0542 6588 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:47:38.0546 6588 NativeWifiP - ok
19:47:38.0551 6588 [ 56540E526B46E379A476FB5BC381B290 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130720.007\ENG64.SYS
19:47:38.0552 6588 NAVENG - ok
19:47:38.0576 6588 [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130720.007\EX64.SYS
19:47:38.0587 6588 NAVEX15 - ok
19:47:38.0590 6588 [ 64899EA9F8E9D23CE990AB86E7C3DB1D ] nbdrv C:\Windows\system32\DRIVERS\nbdrv.sys
19:47:38.0590 6588 nbdrv - ok
19:47:38.0599 6588 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:47:38.0606 6588 NDIS - ok
19:47:38.0608 6588 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:47:38.0609 6588 NdisCap - ok
19:47:38.0611 6588 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:47:38.0612 6588 NdisTapi - ok
19:47:38.0614 6588 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:47:38.0615 6588 Ndisuio - ok
19:47:38.0618 6588 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:47:38.0619 6588 NdisWan - ok
19:47:38.0621 6588 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:47:38.0622 6588 NDProxy - ok
19:47:38.0675 6588 [ B54D7734BE49104F3032C015CBE81BD4 ] NetBalancerService D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
19:47:38.0675 6588 NetBalancerService - ok
19:47:38.0678 6588 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:47:38.0679 6588 NetBIOS - ok
19:47:38.0683 6588 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:47:38.0685 6588 NetBT - ok
19:47:38.0687 6588 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:47:38.0688 6588 Netlogon - ok
19:47:38.0692 6588 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:47:38.0695 6588 Netman - ok
19:47:38.0698 6588 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:47:38.0700 6588 NetMsmqActivator - ok
19:47:38.0702 6588 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:47:38.0703 6588 NetPipeActivator - ok
19:47:38.0708 6588 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:47:38.0712 6588 netprofm - ok
19:47:38.0714 6588 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:47:38.0715 6588 NetTcpActivator - ok
19:47:38.0717 6588 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:47:38.0718 6588 NetTcpPortSharing - ok
19:47:38.0720 6588 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:47:38.0721 6588 nfrd960 - ok
19:47:38.0725 6588 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:47:38.0727 6588 NlaSvc - ok
19:47:38.0730 6588 NLNdisMP - ok
19:47:38.0731 6588 NLNdisPT - ok
19:47:38.0733 6588 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:47:38.0734 6588 Npfs - ok
19:47:38.0751 6588 [ 49697C2C761ACB5C0DE99CC8FE93E95B ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys
19:47:38.0752 6588 NPF_devolo - ok
19:47:38.0754 6588 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:47:38.0754 6588 nsi - ok
19:47:38.0756 6588 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:47:38.0756 6588 nsiproxy - ok
19:47:38.0772 6588 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:47:38.0783 6588 Ntfs - ok
19:47:38.0785 6588 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:47:38.0785 6588 Null - ok
19:47:38.0789 6588 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:47:38.0790 6588 NVHDA - ok
19:47:38.0893 6588 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:47:38.0924 6588 nvlddmkm - ok
19:47:38.0928 6588 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:47:38.0930 6588 nvraid - ok
19:47:38.0933 6588 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:47:38.0935 6588 nvstor - ok
19:47:38.0943 6588 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:47:38.0949 6588 nvsvc - ok
19:47:38.0960 6588 [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:47:38.0969 6588 nvUpdatusService - ok
19:47:38.0972 6588 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:47:38.0973 6588 nv_agp - ok
19:47:38.0980 6588 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:47:38.0983 6588 odserv - ok
19:47:38.0999 6588 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:47:39.0007 6588 ohci1394 - ok
19:47:39.0010 6588 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:47:39.0011 6588 ose - ok
19:47:39.0016 6588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:47:39.0018 6588 p2pimsvc - ok
19:47:39.0024 6588 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:47:39.0027 6588 p2psvc - ok
19:47:39.0029 6588 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:47:39.0031 6588 Parport - ok
19:47:39.0033 6588 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:47:39.0034 6588 partmgr - ok
19:47:39.0037 6588 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:47:39.0039 6588 PcaSvc - ok
19:47:39.0042 6588 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:47:39.0044 6588 pci - ok
19:47:39.0046 6588 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:47:39.0046 6588 pciide - ok
19:47:39.0050 6588 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:47:39.0052 6588 pcmcia - ok
19:47:39.0054 6588 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:47:39.0054 6588 pcw - ok
19:47:39.0061 6588 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:47:39.0065 6588 PEAUTH - ok
19:47:39.0078 6588 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:47:39.0087 6588 PeerDistSvc - ok

**Yves w** · 21-07-13, 20:19

19:47:39.0090 6588 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:47:39.0091 6588 PerfHost - ok
19:47:39.0107 6588 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:47:39.0116 6588 pla - ok
19:47:39.0122 6588 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:47:39.0125 6588 PlugPlay - ok
19:47:39.0126 6588 PnkBstrA - ok
19:47:39.0129 6588 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:47:39.0130 6588 PNRPAutoReg - ok
19:47:39.0134 6588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:47:39.0135 6588 PNRPsvc - ok
19:47:39.0141 6588 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:47:39.0145 6588 PolicyAgent - ok
19:47:39.0149 6588 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:47:39.0151 6588 Power - ok
19:47:39.0153 6588 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:47:39.0155 6588 PptpMiniport - ok
19:47:39.0157 6588 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:47:39.0158 6588 Processor - ok
19:47:39.0161 6588 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:47:39.0163 6588 ProfSvc - ok
19:47:39.0165 6588 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:47:39.0165 6588 ProtectedStorage - ok
19:47:39.0169 6588 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:47:39.0170 6588 Psched - ok
19:47:39.0182 6588 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:47:39.0192 6588 ql2300 - ok
19:47:39.0195 6588 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:47:39.0197 6588 ql40xx - ok
19:47:39.0201 6588 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:47:39.0204 6588 QWAVE - ok
19:47:39.0206 6588 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:47:39.0207 6588 QWAVEdrv - ok
19:47:39.0208 6588 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:47:39.0209 6588 RasAcd - ok
19:47:39.0211 6588 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:47:39.0212 6588 RasAgileVpn - ok
19:47:39.0215 6588 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:47:39.0216 6588 RasAuto - ok
19:47:39.0220 6588 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:47:39.0221 6588 Rasl2tp - ok
19:47:39.0225 6588 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:47:39.0229 6588 RasMan - ok
19:47:39.0231 6588 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:47:39.0232 6588 RasPppoe - ok
19:47:39.0234 6588 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:47:39.0235 6588 RasSstp - ok
19:47:39.0241 6588 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:47:39.0243 6588 rdbss - ok
19:47:39.0245 6588 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:47:39.0246 6588 rdpbus - ok
19:47:39.0247 6588 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:47:39.0247 6588 RDPCDD - ok
19:47:39.0251 6588 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:47:39.0253 6588 RDPDR - ok
19:47:39.0255 6588 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:47:39.0256 6588 RDPENCDD - ok
19:47:39.0258 6588 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:47:39.0258 6588 RDPREFMP - ok
19:47:39.0261 6588 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:47:39.0262 6588 RdpVideoMiniport - ok
19:47:39.0265 6588 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:47:39.0267 6588 RDPWD - ok
19:47:39.0271 6588 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:47:39.0273 6588 rdyboost - ok
19:47:39.0274 6588 ReflectService.exe - ok
19:47:39.0277 6588 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:47:39.0279 6588 RemoteAccess - ok
19:47:39.0282 6588 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:47:39.0284 6588 RemoteRegistry - ok
19:47:39.0286 6588 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:47:39.0287 6588 RpcEptMapper - ok
19:47:39.0289 6588 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:47:39.0290 6588 RpcLocator - ok
19:47:39.0295 6588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:47:39.0297 6588 RpcSs - ok
19:47:39.0300 6588 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:47:39.0301 6588 rspndr - ok
19:47:39.0303 6588 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:47:39.0303 6588 s3cap - ok
19:47:39.0305 6588 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:47:39.0306 6588 SamSs - ok
19:47:39.0308 6588 SbieDrv - ok
19:47:39.0309 6588 SbieSvc - ok
19:47:39.0312 6588 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:47:39.0314 6588 sbp2port - ok
19:47:39.0317 6588 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:47:39.0319 6588 SCardSvr - ok
19:47:39.0321 6588 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:47:39.0322 6588 scfilter - ok
19:47:39.0332 6588 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:47:39.0340 6588 Schedule - ok
19:47:39.0342 6588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:47:39.0342 6588 SCPolicySvc - ok
19:47:39.0346 6588 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
19:47:39.0346 6588 ScreamBAudioSvc - ok
19:47:39.0350 6588 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:47:39.0352 6588 SDRSVC - ok
19:47:39.0354 6588 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:47:39.0354 6588 secdrv - ok
19:47:39.0356 6588 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:47:39.0358 6588 seclogon - ok
19:47:39.0360 6588 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:47:39.0361 6588 SENS - ok
19:47:39.0363 6588 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:47:39.0364 6588 SensrSvc - ok
19:47:39.0366 6588 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:47:39.0367 6588 Serenum - ok
19:47:39.0369 6588 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:47:39.0370 6588 Serial - ok
19:47:39.0372 6588 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:47:39.0373 6588 sermouse - ok
19:47:39.0378 6588 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:47:39.0380 6588 SessionEnv - ok
19:47:39.0382 6588 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:47:39.0382 6588 sffdisk - ok
19:47:39.0384 6588 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:47:39.0385 6588 sffp_mmc - ok
19:47:39.0387 6588 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:47:39.0387 6588 sffp_sd - ok
19:47:39.0389 6588 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:47:39.0390 6588 sfloppy - ok
19:47:39.0394 6588 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:47:39.0397 6588 SharedAccess - ok
19:47:39.0402 6588 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:47:39.0405 6588 ShellHWDetection - ok
19:47:39.0407 6588 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:47:39.0408 6588 SiSRaid2 - ok
19:47:39.0410 6588 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:47:39.0411 6588 SiSRaid4 - ok
19:47:39.0415 6588 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:47:39.0417 6588 SkypeUpdate - ok
19:47:39.0420 6588 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:47:39.0421 6588 Smb - ok
19:47:39.0424 6588 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:47:39.0425 6588 SNMPTRAP - ok
19:47:39.0427 6588 [ 0FFE35F0B0CD5A324BBE22F02569AE3B ] speedfan C:\Windows\syswow64\speedfan.sys
19:47:39.0428 6588 speedfan - ok
19:47:39.0430 6588 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:47:39.0430 6588 spldr - ok
19:47:39.0436 6588 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:47:39.0440 6588 Spooler - ok
19:47:39.0470 6588 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:47:39.0488 6588 sppsvc - ok
19:47:39.0491 6588 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:47:39.0492 6588 sppuinotify - ok
19:47:39.0493 6588 SQLAgent$SONY_MEDIAMGR - ok
19:47:39.0503 6588 [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS
19:47:39.0506 6588 SRTSP - ok
19:47:39.0508 6588 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS
19:47:39.0509 6588 SRTSPX - ok
19:47:39.0514 6588 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:47:39.0518 6588 srv - ok
19:47:39.0523 6588 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:47:39.0526 6588 srv2 - ok
19:47:39.0529 6588 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:47:39.0531 6588 srvnet - ok
19:47:39.0534 6588 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:47:39.0536 6588 SSDPSRV - ok
19:47:39.0538 6588 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:47:39.0540 6588 SstpSvc - ok
19:47:39.0542 6588 Steam Client Service - ok
19:47:39.0548 6588 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:47:39.0551 6588 Stereo Service - ok
19:47:39.0553 6588 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:47:39.0554 6588 stexstor - ok
19:47:39.0560 6588 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:47:39.0565 6588 stisvc - ok
19:47:39.0567 6588 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:47:39.0567 6588 storflt - ok
19:47:39.0569 6588 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
19:47:39.0570 6588 StorSvc - ok
19:47:39.0572 6588 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:47:39.0573 6588 storvsc - ok
19:47:39.0575 6588 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:47:39.0575 6588 swenum - ok
19:47:39.0581 6588 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:47:39.0585 6588 swprv - ok
19:47:39.0591 6588 [ 52DC0048D667757A8A2E4C87182890AC ] SymDS C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS
19:47:39.0594 6588 SymDS - ok
19:47:39.0605 6588 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS
19:47:39.0612 6588 SymEFA - ok
19:47:39.0616 6588 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:47:39.0617 6588 SymEvent - ok
19:47:39.0621 6588 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS
19:47:39.0622 6588 SymIRON - ok
19:47:39.0628 6588 [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS
19:47:39.0629 6588 SymNetS - ok
19:47:39.0645 6588 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:47:39.0657 6588 SysMain - ok
19:47:39.0660 6588 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:47:39.0661 6588 TabletInputService - ok
19:47:39.0664 6588 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
19:47:39.0665 6588 tap0901t - ok
19:47:39.0669 6588 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:47:39.0672 6588 TapiSrv - ok
19:47:39.0674 6588 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:47:39.0675 6588 TBS - ok
19:47:39.0691 6588 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:47:39.0704 6588 Tcpip - ok
19:47:39.0720 6588 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:47:39.0725 6588 TCPIP6 - ok
19:47:39.0729 6588 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:47:39.0730 6588 tcpipreg - ok
19:47:39.0732 6588 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:47:39.0733 6588 TDPIPE - ok
19:47:39.0736 6588 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:47:39.0737 6588 TDTCP - ok
19:47:39.0739 6588 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:47:39.0741 6588 tdx - ok
19:47:39.0772 6588 [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service D:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
19:47:39.0774 6588 Te.Service - ok
19:47:39.0826 6588 [ 57DDE1395F86EE048AB25717EEB8CAEB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:47:39.0865 6588 TeamViewer8 - ok
19:47:39.0869 6588 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:47:39.0870 6588 TermDD - ok
19:47:39.0878 6588 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:47:39.0884 6588 TermService - ok
19:47:39.0886 6588 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:47:39.0887 6588 Themes - ok
19:47:39.0889 6588 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:47:39.0890 6588 THREADORDER - ok
19:47:39.0893 6588 [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
19:47:39.0895 6588 TIEHDUSB - ok
19:47:39.0897 6588 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:47:39.0898 6588 TrkWks - ok
19:47:39.0901 6588 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:47:39.0902 6588 TrustedInstaller - ok
19:47:39.0904 6588 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:47:39.0905 6588 tssecsrv - ok
19:47:39.0908 6588 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:47:39.0908 6588 TsUsbFlt - ok
19:47:39.0911 6588 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:47:39.0912 6588 tunnel - ok
19:47:39.0953 6588 [ 2FD0FE0A0C721C8E47C5A3AE16E519B1 ] TunngleService D:\Program Files (x86)\Tunngle\TnglCtrl.exe
19:47:39.0958 6588 TunngleService - ok
19:47:39.0960 6588 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:47:39.0961 6588 uagp35 - ok
19:47:39.0965 6588 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:47:39.0968 6588 udfs - ok
19:47:39.0971 6588 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:47:39.0973 6588 UI0Detect - ok
19:47:39.0975 6588 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:47:39.0976 6588 uliagpkx - ok
19:47:39.0977 6588 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:47:39.0978 6588 umbus - ok
19:47:39.0980 6588 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:47:39.0981 6588 UmPass - ok
19:47:39.0984 6588 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:47:39.0986 6588 UmRdpService - ok
19:47:39.0992 6588 [ 182BBA1B43898D5DA0938D2E9A526B31 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:47:39.0993 6588 UNS - ok
19:47:39.0997 6588 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:47:40.0000 6588 upnphost - ok
19:47:40.0003 6588 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:47:40.0004 6588 usbccgp - ok
19:47:40.0006 6588 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:47:40.0007 6588 usbcir - ok
19:47:40.0009 6588 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:47:40.0010 6588 usbehci - ok
19:47:40.0014 6588 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:47:40.0017 6588 usbhub - ok
19:47:40.0019 6588 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:47:40.0020 6588 usbohci - ok
19:47:40.0021 6588 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:47:40.0022 6588 usbprint - ok
19:47:40.0024 6588 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:47:40.0025 6588 USBSTOR - ok
19:47:40.0027 6588 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:47:40.0028 6588 usbuhci - ok
19:47:40.0029 6588 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:47:40.0030 6588 UxSms - ok
19:47:40.0032 6588 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:47:40.0032 6588 VaultSvc - ok
19:47:40.0036 6588 [ 68EF855725F65A5C3C24F78D33388F30 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:47:40.0037 6588 VBoxDrv - ok
19:47:40.0039 6588 [ 7FFC48B516856FD40B9F55687C8D70A2 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:47:40.0040 6588 VBoxNetAdp - ok
19:47:40.0043 6588 [ 7A92E82A1DCC528F4E7D3F655BDEA6AA ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:47:40.0044 6588 VBoxNetFlt - ok
19:47:40.0046 6588 [ F3CF9F56C2A8AEB50EB679DC76902BE0 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:47:40.0047 6588 VBoxUSBMon - ok
19:47:40.0048 6588 [ 1D3D716E05CAA17122DE65D0DBA4F6D7 ] VDiskBus C:\Windows\system32\DRIVERS\VDiskBus64.sys
19:47:40.0049 6588 VDiskBus - ok
19:47:40.0050 6588 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:47:40.0051 6588 vdrvroot - ok
19:47:40.0056 6588 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:47:40.0060 6588 vds - ok
19:47:40.0062 6588 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:47:40.0063 6588 vga - ok
19:47:40.0064 6588 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:47:40.0065 6588 VgaSave - ok
19:47:40.0068 6588 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:47:40.0070 6588 vhdmp - ok
19:47:40.0072 6588 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:47:40.0073 6588 viaide - ok
19:47:40.0133 6588 [ C740CC9D52EB278A86F42075DA96CB19 ] VMAuthdService D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
19:47:40.0134 6588 VMAuthdService - ok
19:47:40.0140 6588 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:47:40.0143 6588 vmbus - ok
19:47:40.0147 6588 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:47:40.0148 6588 VMBusHID - ok
19:47:40.0153 6588 [ 6203C901DEFF10631AAD919B3BD1489B ] vmci C:\Windows\system32\DRIVERS\vmci.sys
19:47:40.0155 6588 vmci - ok
19:47:40.0159 6588 [ E75DDD0A4768CF509C80E76B8428A644 ] vmkbd2 C:\Windows\system32\drivers\VMkbd.sys
19:47:40.0160 6588 vmkbd2 - ok
19:47:40.0164 6588 [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
19:47:40.0164 6588 VMnetAdapter - ok
19:47:40.0169 6588 [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
19:47:40.0170 6588 VMnetBridge - ok
19:47:40.0173 6588 VMnetDHCP - ok
19:47:40.0177 6588 [ 25FBBC8C168AEE1753C330352EA6D009 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
19:47:40.0177 6588 VMnetuserif - ok
19:47:40.0188 6588 [ B55A8DADA1D825B73C811101B06E012F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
19:47:40.0194 6588 VMUSBArbService - ok
19:47:40.0197 6588 VMware NAT Service - ok
19:47:40.0200 6588 [ D37CB37BF3FB6612BCA19D81EFA16122 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
19:47:40.0201 6588 vmx86 - ok
19:47:40.0203 6588 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:47:40.0204 6588 volmgr - ok
19:47:40.0209 6588 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:47:40.0211 6588 volmgrx - ok
19:47:40.0216 6588 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:47:40.0218 6588 volsnap - ok
19:47:40.0221 6588 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:47:40.0223 6588 vsmraid - ok
19:47:40.0226 6588 [ EF1E48D431223F670CFFD6169B1A136F ] vsock C:\Windows\system32\drivers\vsock.sys
19:47:40.0227 6588 vsock - ok
19:47:40.0241 6588 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:47:40.0252 6588 VSS - ok
19:47:40.0255 6588 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:47:40.0256 6588 vwifibus - ok
19:47:40.0261 6588 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:47:40.0263 6588 W32Time - ok
19:47:40.0266 6588 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:47:40.0267 6588 WacomPen - ok
19:47:40.0269 6588 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:47:40.0270 6588 WANARP - ok
19:47:40.0272 6588 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:47:40.0273 6588 Wanarpv6 - ok
19:47:40.0285 6588 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:47:40.0294 6588 WatAdminSvc - ok
19:47:40.0307 6588 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:47:40.0319 6588 wbengine - ok
19:47:40.0323 6588 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:47:40.0325 6588 WbioSrvc - ok
19:47:40.0330 6588 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:47:40.0334 6588 wcncsvc - ok
19:47:40.0336 6588 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:47:40.0338 6588 WcsPlugInService - ok
19:47:40.0340 6588 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:47:40.0341 6588 Wd - ok
19:47:40.0348 6588 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:47:40.0354 6588 Wdf01000 - ok
19:47:40.0357 6588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:47:40.0358 6588 WdiServiceHost - ok
19:47:40.0360 6588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:47:40.0361 6588 WdiSystemHost - ok
19:47:40.0365 6588 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:47:40.0368 6588 WebClient - ok
19:47:40.0372 6588 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:47:40.0374 6588 Wecsvc - ok
19:47:40.0377 6588 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:47:40.0378 6588 wercplsupport - ok
19:47:40.0381 6588 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:47:40.0382 6588 WerSvc - ok
19:47:40.0384 6588 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:47:40.0385 6588 WfpLwf - ok
19:47:40.0386 6588 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:47:40.0387 6588 WIMMount - ok
19:47:40.0388 6588 WinDefend - ok
19:47:40.0391 6588 WinHttpAutoProxySvc - ok
19:47:40.0397 6588 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:47:40.0398 6588 Winmgmt - ok
19:47:40.0403 6588 WinRing0_1_2_0 - ok
19:47:40.0418 6588 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:47:40.0432 6588 WinRM - ok
19:47:40.0442 6588 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:47:40.0448 6588 Wlansvc - ok
19:47:40.0468 6588 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:47:40.0482 6588 wlidsvc - ok
19:47:40.0485 6588 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:47:40.0485 6588 WmiAcpi - ok
19:47:40.0489 6588 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:47:40.0491 6588 wmiApSrv - ok
19:47:40.0493 6588 WMPNetworkSvc - ok
19:47:40.0495 6588 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:47:40.0497 6588 WPCSvc - ok
19:47:40.0499 6588 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:47:40.0500 6588 WPDBusEnum - ok
19:47:40.0502 6588 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:47:40.0503 6588 ws2ifsl - ok
19:47:40.0505 6588 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:47:40.0506 6588 wscsvc - ok
19:47:40.0507 6588 WSearch - ok
19:47:40.0527 6588 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:47:40.0539 6588 wuauserv - ok
19:47:40.0541 6588 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:47:40.0542 6588 WudfPf - ok
19:47:40.0546 6588 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:47:40.0548 6588 WUDFRd - ok
19:47:40.0550 6588 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:47:40.0552 6588 wudfsvc - ok
19:47:40.0555 6588 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:47:40.0558 6588 WwanSvc - ok
19:47:40.0573 6588 X6va011 - ok
19:47:40.0578 6588 ================ Scan global ===============================
19:47:40.0580 6588 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:47:40.0583 6588 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:47:40.0588 6588 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:47:40.0591 6588 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:47:40.0595 6588 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:47:40.0598 6588 [Global] - ok
19:47:40.0598 6588 ================ Scan MBR ==================================
19:47:40.0599 6588 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:47:40.0753 6588 \Device\Harddisk0\DR0 - ok
19:47:40.0755 6588 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:47:40.0757 6588 \Device\Harddisk1\DR1 - ok
19:47:40.0757 6588 ================ Scan VBR ==================================
19:47:40.0758 6588 [ 3F9C0CBF731950AA298D89AB1AA3A9B8 ] \Device\Harddisk0\DR0\Partition1
19:47:40.0759 6588 \Device\Harddisk0\DR0\Partition1 - ok
19:47:40.0760 6588 [ F0FE125B19A6B0AEC0AC3B9370FA6380 ] \Device\Harddisk0\DR0\Partition2
19:47:40.0761 6588 \Device\Harddisk0\DR0\Partition2 - ok
19:47:40.0762 6588 [ 767C584E59EEBE5DAE24BEA38C7F7EF0 ] \Device\Harddisk1\DR1\Partition1
19:47:40.0763 6588 \Device\Harddisk1\DR1\Partition1 - ok
19:47:40.0763 6588 ============================================================
19:47:40.0763 6588 Scan finished
19:47:40.0763 6588 ============================================================
19:47:40.0767 2836 Detected object count: 0
19:47:40.0767 2836 Actual detected object count: 0

**Emphyrio** · 21-07-13, 20:20

Mooi zo.

Download TFC en sla deze op je Bureaublad op.

Dubbelklik op TFC.exe om het programma te openen.
Het programma zal alle andere programma's sluiten, zorg er dus voor dat je al je werk hebt opgeslagen voordat je verder gaat.
Klik op de knop Start om het programma te starten.
Als het programma klaar is, dan zal het je computer opnieuw opstarten.
Als dit niet gebeurt, start dan je computer handmatig opnieuw op.

_____________________________________________________________

Download Combofix en plaats het op je bureaublad.

Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

Als Combofix vraagt om een update, dan staat je dit toe.

Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
Deze kan je vinden als C:\combofix.txt.

Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

Emphyrio

Mededeling

Bijna al mijn bestanden verdwijnen van zelf?!

Bijna al mijn bestanden verdwijnen van zelf?!

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment