Mededeling

Collapse
No announcement yet.

Laptop start niet meer op

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Laptop start niet meer op

    Hallo,

    Als eerste mijn dank voor de aandacht voor dit probleem.
    Ik ben hierheen verwezen vanaf een ander forumonderdeel door Dorado, welke mij er op wees dat het probleem iig overduidelijk door malware wordt veroorzaakt...

    Het probleem in het kort:
    Mijn laptop startte gisterochtend nog op, gistermiddag niet meer.
    Het is me gelukt om via de veilige modus op te starten en zo dit allemaal uit te voeren.
    Laptop is 1 jaar oud. Windows 8.1
    Ik weet nog onvoldoende van 8.1 maar dat het niet in orde is begrijp ik wel.

    Ik plaats hier de gevraagde logjes.
    Slechts één opmerking: De DDS tool kon ik niet uitvoeren; kreeg een schermpje voor welke windows versies dit geschikt was, en windows 8.1 stond daar niet bij.

    Kreeg ook bij de Gmer een aantal keer een foutmeldingsscherm, met de melding:
    C:/WINDOWS\system32\config\system:het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt.
    Bij het wegklikken hiervan kon ik wel de scan uitvoeren.

    Alvast bedankt voor het nemen van de moeite,
    Fijne kerstdagen

    Nynke

    ___________________________________________________________________________


    defogger_disable by jpshortstuff (23.02.10.1)
    Log created at 13:16 on 25/12/2013 (*********)

    Checking for autostart values...
    HKCU\~\Run values retrieved.
    HKLM\~\Run values retrieved.

    Checking for services/drivers...


    -=E.O.F=-



    ____________________________________________________________________________





    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2013.12.24.05

    Windows 8 x64 NTFS (Veilige modus/netwerkmogelijkheden)
    Internet Explorer 11.0.9600.16476
    Plantinga :: PC [administrator]

    24-12-2013 17:25:32
    mbam-log-2013-12-24 (17-25-32).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 213344
    Verstreken tijd: 4 minuut/minuten, 8 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 22
    HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\PricePeep.PricePeepBho.1 (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\PricePeep.PricePeepBho (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\PricePeep.PricePeepBho.1 (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\PricePeep.PricePeepBho (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\AppID\PricePeep.DLL (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\Software\AppDataLow\Software\PricePeep (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 2
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Slecht: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Goed: () -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Slecht: (http://search.conduit.com/?ctid=CT33...1-7A8608B7E71B) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.

    Mappen gedetecteerd: 20
    C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\Logs (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\PricePeep (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Bestanden gedetecteerd: 86
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\PricePeep\pricepeep.dll (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\PricePeep\pricepeep.dll (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Plantinga\Downloads\awkward.s03e10.hdtv.x264 2hd.mp4.flv__3038_i183519781_il8308378.exe (PUP.Optional.InstallMonetizer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_1382631198031 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_1382631201320 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1380260071716 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1380260071747 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1381092067193 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1381092067269 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1382631197011 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1383752314200 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1383752314395 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1386060903056 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1387289903157 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe_1382631198022 (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\PricePeep\installer.ico (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\PricePeep\uninstall.exe (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\PricePeep\unutil.exe (PUP.Optional.PricePeep.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)




    ________________________________________________________________________________





    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-12-25 13:26:50
    Windows 6.3.9600 x64 \Device\Harddisk0\DR0 -> \Device\0000002d Hitachi_HTS547564A9E384 rev.JEDOA60B 596,17GB
    Running: hrkmvitk.exe; Driver: C:\Users\PLANTI~1\AppData\Local\Temp\uxddapow.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text C:\WINDOWS\system32\ntoskrnl.exe!NtCallbackReturn + 960 fffff801d93cca00 84 bytes [80, 1F, AE, FF, 82, 28, 5E, ...]
    .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960001b6700 15 bytes [00, EA, 0F, 02, 00, 7F, 6F, ...]
    .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff960001b6710 11 bytes [00, 1F, FC, FF, 80, 52, DE, ...]

    ---- User code sections - GMER 2.1 ----

    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff92b80169a 4 bytes [80, 2B, F9, 7F]
    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff92b8016a2 4 bytes [80, 2B, F9, 7F]
    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff92b80181a 4 bytes [80, 2B, F9, 7F]
    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff92b801832 4 bytes [80, 2B, F9, 7F]
    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 714 00007ff9299a154a 4 bytes [9A, 29, F9, 7F]
    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 722 00007ff9299a1552 4 bytes [9A, 29, F9, 7F]
    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 98 00007ff9299a162a 4 bytes [9A, 29, F9, 7F]
    .text C:\WINDOWS\Explorer.EXE[1156] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 122 00007ff9299a1642 4 bytes [9A, 29, F9, 7F]

    ---- Threads - GMER 2.1 ----

    Thread C:\WINDOWS\system32\csrss.exe [476:492] fffff9600092d4d0

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.1 ----

  • #2
    Hoi NynkeF,

    DDS en Gmer zijn niet Windows 8.x compatibel, daarom dat je die foutmeldingen krijgt.


    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links:
    .
    .
    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    .
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

    .
    Zodra het programma gestart is, ga je naar het tabblad "Instellingen"
    .
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
      Indien het veel items zijn, kan je in het venster rechtsklikken en "alle items selecteren" kiezen.
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    .
    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!
    .
    .
    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download RSIT van de onderstaande locaties en sla deze op het bureablad op.
    .
    Dubbelklik op RSIT.exe om de tool te starten.
    .
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
    • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
    • Plaats de inhoud hiervan in het volgende bericht.


    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • RSIT
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Last edited by Emphyrio; 25-12-13, 13:03.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Hallo Emphyrio,

      Bedankt voor je snelle reactie.
      Voor ik de logs plaats één vraag, voordat ik verkeerde of teveel logs plaats.

      Ik kreeg geen log na de reboot van Adwcleaner, nu weet ik dus niet welke log je wilt hebben.
      Ik heb ze wel gevonden mijn ik vind er soweiso 3
      adwcleaner[RO]
      adwcleaner[SO]
      quarantine
      en nog ergens verscheen een log met de naam 'info'

      de rest heb ik al wel maar ik wacht even met plaatsen zodat je het dan volledig hebt.

      Nynke

      Comment


      • #4
        ...
        C:\ AdwCleaner[xx].txt
        ...
        Oorspronkelijk geplaatst door Emphyrio Bekijk Berichten
        Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.
        Last edited by Emphyrio; 25-12-13, 13:45.
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          nee, die komt er dus niet...[xx].txt
          en ik weet ook niet waar ik die kan vinden..

          Comment


          • #6
            Post deze dan even: adwcleaner[RO]
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              logs

              Malwarebytes Anti-Malware 1.75.0.1300
              www.malwarebytes.org

              Databaseversie: v2013.12.24.05

              Windows 8 x64 NTFS (Veilige modus/netwerkmogelijkheden)
              Internet Explorer 11.0.9600.16476
              Plantinga :: PC [administrator]

              25-12-2013 14:32:07
              mbam-log-2013-12-25 (14-32-07).txt

              Scan type: Snelle scan
              Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
              Uitgeschakelde scan opties: P2P
              Objecten gescand: 213526
              Verstreken tijd: 3 minuut/minuten, 55 seconde(n)

              Geheugenprocessen gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Geheugenmodulen gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Registersleutels gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Registerwaarden gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Registerdata gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Mappen gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Bestanden gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              (einde)

              _________________________________________________________________________________


              # AdwCleaner v3.016 - Report created 25/12/2013 at 14:09:20
              # Updated 23/12/2013 by Xplode
              # Operating System : Windows 8.1 (64 bits)
              # Username : Plantinga - PC
              # Running from : C:\Users\Plantinga\Desktop\adwcleaner.exe
              # Option : Scan

              ***** [ Services ] *****


              ***** [ Files / Folders ] *****

              File Found : C:\Users\Public\Desktop\eBay.lnk
              Folder Found : C:\Users\Plantinga\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
              Folder Found C:\Users\Plantinga\AppData\Local\Searchprotect
              Folder Found C:\WINDOWS\SysWOW64\Searchprotect

              ***** [ Shortcuts ] *****


              ***** [ Registry ] *****

              Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
              Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
              Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
              Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
              Key Found : HKLM\Software\SearchProtect
              Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
              Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}

              ***** [ Browsers ] *****

              -\\ Internet Explorer v11.0.9600.16384


              -\\ Google Chrome v31.0.1650.63

              [ File : C:\Users\Plantinga\AppData\Local\Google\Chrome\User Data\Default\preferences ]


              *************************

              AdwCleaner[R0].txt - [1613 octets] - [25/12/2013 14:09:20]

              ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1673 octets] ##########

              ____________________________________________________________________________________________



              Logfile of random's system information tool 1.09 (written by random/random)
              Run by Plantinga at 2013-12-25 14:21:45
              Microsoft Windows 8.1
              System drive C: has 505 GB (84%) free of 599 GB
              Total RAM: 8143 MB (85% free)

              Logfile of Trend Micro HijackThis v2.0.4
              Scan saved at 14:21:55, on 25-12-2013
              Platform: Unknown Windows (WinNT 6.03.1408)
              MSIE: Internet Explorer v11.0 (11.00.9600.16384)
              Boot mode: Safe mode with network support

              Running processes:
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files\trend micro\Plantinga.exe

              R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
              R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
              R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
              R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
              F2 - REG:system.ini: UserInit=userinit.exe,
              O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll
              O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL
              O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
              O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll
              O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
              O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
              O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
              O4 - HKLM\..\Run: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
              O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
              O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
              O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Plantinga\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
              O4 - HKCU\..\Run: [uTorrent] "C:\Users\Plantinga\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
              O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX535WD"
              O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner\AdwCleaner[S0].txt
              O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
              O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
              O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
              O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
              O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
              O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
              O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
              O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
              O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
              O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
              O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
              O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe
              O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
              O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
              O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
              O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
              O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
              O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
              O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
              O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
              O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
              O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
              O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
              O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
              O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
              O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
              O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
              O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
              O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
              O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
              O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
              O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
              O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
              O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
              O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
              O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
              O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
              O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
              O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
              O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
              O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
              O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
              O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
              O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
              O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
              O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
              O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
              O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
              O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

              --
              End of file - 10122 bytes

              ======Listing Processes======

              wininit.exe
              winlogon.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe -k DcomLaunch
              C:\WINDOWS\system32\svchost.exe -k RPCSS
              C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
              "dwm.exe"
              C:\WINDOWS\system32\svchost.exe -k netsvcs
              C:\WINDOWS\system32\svchost.exe -k LocalService
              C:\WINDOWS\system32\svchost.exe -k NetworkService
              C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
              C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
              C:\WINDOWS\Explorer.EXE
              ctfmon.exe
              C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
              "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
              "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1380.0.2084566858\567025552" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x0000 --gpu-device-id=0x0000 --gpu-driver-vendor --gpu-driver-version --ignored=" --type=renderer " /prefetch:822062411
              "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group14 pct:1g stablep1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="1380.1.2145231890\263935849" /prefetch:673131151
              "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group14 pct:1g stablep1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="1380.2.2010472991\707512857" /prefetch:673131151
              "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group14 pct:1g stablep1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="1380.3.928850198\1798419270" /prefetch:673131151
              "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group14 pct:1g stablep1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="1380.4.676985546\317345456" /prefetch:673131151
              C:\WINDOWS\system32\wbem\wmiprvse.exe
              "C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[R0].txt
              "C:\Users\Plantinga\Downloads\RSITx64.exe"
              C:\WINDOWS\system32\wbem\wmiprvse.exe

              ======Scheduled tasks folder======

              C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
              C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
              C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job

              ======Registry dump======

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
              Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

              [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
              Norton Identity Protection - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll [2013-05-31 509776]

              [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
              Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL [2013-04-09 387040]

              [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
              Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

              [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
              {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll [2013-05-31 509776]

              [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
              "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-09-25 13196432]
              "TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2012-09-04 2611112]
              "TODDMain"=C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [2012-08-05 213136]
              "TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2012-08-14 169896]
              "TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2012-07-11 356776]
              "SRS Premium Sound HD"=C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2012-08-20 2170784]
              "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16 2916152]

              [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
              "Spotify Web Helper"=C:\Users\Plantinga\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-12-03 1168896]
              "uTorrent"=C:\Users\Plantinga\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-16 900440]
              "EPLTarget\P0000000000000000"=C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [2011-04-24 239488]

              [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
              "Report"=C:\AdwCleaner\AdwCleaner[S0].txt [2013-12-25 1628]

              [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
              "Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-08-01 155488]
              "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-18 642216]
              "TPUReg"=C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [2012-10-31 7148032]
              "TPUReg(x86)"=C:\Program Files\TOSHIBA\Password Utility\TosPU.exe /Retimes

              [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
              "Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]
              "Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll [2013-04-04 1127496]

              C:\Users\Plantinga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
              OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
              "AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
              WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

              [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
              "SecurityProviders"=credssp.dll

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SystemEventsBroker]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

              [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
              "ConsentPromptBehaviorAdmin"=5
              "EnableUIADesktopToggle"=0
              "EnableCursorSuppression"=1
              "ConsentPromptBehaviorUser"=3
              "dontdisplaylastusername"=0
              "legalnoticecaption"=
              "legalnoticetext"=
              "shutdownwithoutlogon"=1
              "undockwithoutlogon"=1
              "EnableLinkedConnections"=1

              [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
              "ForceActiveDesktopOn"=0
              "NoActiveDesktopChanges"=1
              "NoActiveDesktop"=1

              [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]

              [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
              "msacm.l3acm"=C:\Windows\System32\l3codeca.acm
              "VIDC.YUY2"=msyuv.dll
              "vidc.i420"=iyuv_32.dll
              "msacm.msgsm610"=msgsm32.acm
              "msacm.msg711"=msg711.acm
              "VIDC.YVYU"=msyuv.dll
              "VIDC.YVU9"=tsbyuv.dll
              "wavemapper"=msacm32.drv
              "midimapper"=midimap.dll
              "VIDC.UYVY"=msyuv.dll
              "VIDC.IYUV"=iyuv_32.dll
              "vidc.mrle"=msrle32.dll
              "msacm.imaadpcm"=imaadp32.acm
              "msacm.msadpcm"=msadp32.acm
              "vidc.msvc"=msvidc32.dll
              "wave"=wdmaud.drv
              "midi"=wdmaud.drv
              "mixer"=wdmaud.drv
              "aux"=wdmaud.drv
              "wave1"=wdmaud.drv
              "midi1"=wdmaud.drv
              "mixer1"=wdmaud.drv
              "aux1"=wdmaud.drv
              "MSVideo8"=VfWWDM32.dll

              Comment


              • #8
                ======File associations======

                .js - edit - C:\Windows\System32\Notepad.exe %1
                .js - open - C:\Windows\System32\WScript.exe "%1" %*

                ======List of files/folders created in the last 1 month======

                2013-12-25 14:21:46 ----D---- C:\Program Files\trend micro
                2013-12-25 14:21:45 ----D---- C:\rsit
                2013-12-25 14:09:18 ----D---- C:\AdwCleaner
                2013-12-24 18:05:35 ----D---- C:\Program Files\HijackThis
                2013-12-24 17:33:45 ----D---- C:\ProgramData\Licenses
                2013-12-24 17:33:45 ----AD---- C:\ProgramData\TEMP
                2013-12-24 17:33:44 ----D---- C:\Program Files (x86)\SpywareBlaster
                2013-12-24 17:33:44 ----A---- C:\WINDOWS\SYSWOW64\MSSTDFMT.DLL
                2013-12-24 17:23:33 ----D---- C:\Users\Plantinga\AppData\Roaming\Malwarebytes
                2013-12-24 17:23:23 ----D---- C:\ProgramData\Malwarebytes
                2013-12-24 17:23:22 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
                2013-12-24 17:23:22 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
                2013-12-24 16:40:04 ----A---- C:\WINDOWS\ntbtlog.txt
                2013-12-24 12:47:18 ----D---- C:\Program Files\AMD
                2013-12-24 12:46:49 ----D---- C:\WINDOWS\LastGood.Tmp
                2013-12-16 10:48:09 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
                2013-12-16 10:48:08 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
                2013-12-16 10:48:08 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
                2013-12-16 10:48:07 ----A---- C:\WINDOWS\system32\twinui.dll
                2013-12-16 10:48:06 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
                2013-12-16 10:48:06 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
                2013-12-16 10:48:06 ----A---- C:\WINDOWS\system32\WSShared.dll
                2013-12-16 10:48:05 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
                2013-12-16 10:48:05 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
                2013-12-16 10:48:05 ----A---- C:\WINDOWS\system32\msftedit.dll
                2013-12-16 10:48:05 ----A---- C:\WINDOWS\system32\dcomp.dll
                2013-12-16 10:48:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
                2013-12-16 10:48:05 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
                2013-12-16 10:48:04 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
                2013-12-16 10:48:04 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
                2013-12-16 10:48:04 ----A---- C:\WINDOWS\system32\WMPDMC.exe
                2013-12-16 10:48:04 ----A---- C:\WINDOWS\system32\wlidcli.dll
                2013-12-16 10:48:04 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
                2013-12-16 10:48:03 ----A---- C:\WINDOWS\SYSWOW64\Display.dll
                2013-12-16 10:48:03 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
                2013-12-16 10:48:03 ----A---- C:\WINDOWS\system32\winresume.exe
                2013-12-16 10:48:03 ----A---- C:\WINDOWS\system32\Display.dll
                2013-12-16 10:48:01 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
                2013-12-16 10:48:01 ----A---- C:\WINDOWS\system32\winload.exe
                2013-12-16 10:48:00 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
                2013-12-16 10:48:00 ----AC---- C:\WINDOWS\system32\drivers\intelpep.sys
                2013-12-16 10:48:00 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
                2013-12-16 10:48:00 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
                2013-12-16 10:48:00 ----A---- C:\WINDOWS\system32\wpncore.dll
                2013-12-16 10:48:00 ----A---- C:\WINDOWS\system32\drivers\SerCx2.sys
                2013-12-16 10:48:00 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
                2013-12-16 10:48:00 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
                2013-12-16 10:47:59 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
                2013-12-16 10:47:59 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
                2013-12-16 10:47:59 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
                2013-12-16 10:47:59 ----A---- C:\WINDOWS\system32\dxgi.dll
                2013-12-16 10:47:59 ----A---- C:\WINDOWS\system32\d3d11.dll
                2013-12-16 10:47:58 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
                2013-12-16 10:47:58 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
                2013-12-16 10:47:58 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
                2013-12-16 10:47:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
                2013-12-16 10:47:57 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
                2013-12-16 10:47:57 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
                2013-12-16 10:47:57 ----A---- C:\WINDOWS\system32\winbici.dll
                2013-12-16 10:47:57 ----A---- C:\WINDOWS\system32\dwmcore.dll
                2013-12-13 16:28:13 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
                2013-12-13 16:28:13 ----A---- C:\WINDOWS\system32\WMPhoto.dll
                2013-12-13 16:28:11 ----A---- C:\WINDOWS\system32\SyncEngine.dll
                2013-12-13 16:28:10 ----A---- C:\WINDOWS\system32\SkyDrive.exe
                2013-12-13 16:28:06 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
                2013-12-13 16:28:06 ----A---- C:\WINDOWS\system32\mdmregistration.dll
                2013-12-13 16:28:06 ----A---- C:\WINDOWS\system32\MDMAgent.exe
                2013-12-13 10:24:06 ----A---- C:\WINDOWS\SYSWOW64\OVDecode.dll
                2013-12-13 10:24:06 ----A---- C:\WINDOWS\SYSWOW64\OpenVideo.dll
                2013-12-13 10:24:06 ----A---- C:\WINDOWS\system32\OVDecode64.dll
                2013-12-13 10:24:06 ----A---- C:\WINDOWS\system32\OpenVideo64.dll
                2013-12-13 10:24:06 ----A---- C:\WINDOWS\system32\coinst_13.251.dll
                2013-12-13 10:24:06 ----A---- C:\WINDOWS\system32\clinfo.exe
                2013-12-13 10:23:54 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
                2013-12-13 10:23:54 ----A---- C:\WINDOWS\system32\ativvaxy_cik_nd.dat
                2013-12-13 10:23:54 ----A---- C:\WINDOWS\system32\ativvaxy_cik.dat
                2013-12-13 10:23:54 ----A---- C:\WINDOWS\system32\ativce02.dat
                2013-12-13 10:23:46 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
                2013-12-13 10:23:46 ----A---- C:\WINDOWS\system32\atitmm64.dll
                2013-12-13 10:23:40 ----A---- C:\WINDOWS\system32\atio6axx.dll
                2013-12-13 10:23:36 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
                2013-12-13 10:23:36 ----A---- C:\WINDOWS\system32\drivers\atikmpag.sys
                2013-12-13 10:23:36 ----A---- C:\WINDOWS\system32\drivers\atikmdag.sys
                2013-12-13 10:23:36 ----A---- C:\WINDOWS\system32\atimuixx.dll
                2013-12-13 10:23:36 ----A---- C:\WINDOWS\system32\atimpc64.dll
                2013-12-13 10:23:34 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
                2013-12-13 10:23:34 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
                2013-12-13 10:23:34 ----A---- C:\WINDOWS\system32\atiicdxx.dat
                2013-12-13 10:23:34 ----A---- C:\WINDOWS\system32\atiglpxx.dll
                2013-12-13 10:23:34 ----A---- C:\WINDOWS\system32\atig6txx.dll
                2013-12-13 10:23:34 ----A---- C:\WINDOWS\system32\atig6pxx.dll
                2013-12-13 10:23:32 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
                2013-12-13 10:23:30 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
                2013-12-13 10:23:30 ----A---- C:\WINDOWS\system32\aticalrt64.dll
                2013-12-13 10:23:30 ----A---- C:\WINDOWS\system32\aticaldd64.dll
                2013-12-13 10:23:28 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
                2013-12-13 10:23:28 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
                2013-12-13 10:23:28 ----A---- C:\WINDOWS\system32\aticalcl64.dll
                2013-12-13 10:23:28 ----A---- C:\WINDOWS\system32\atiapfxx.exe
                2013-12-13 10:23:26 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
                2013-12-13 10:23:26 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
                2013-12-13 10:23:26 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
                2013-12-13 10:23:26 ----A---- C:\WINDOWS\system32\OpenCL.dll
                2013-12-13 10:23:26 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
                2013-12-13 10:23:26 ----A---- C:\WINDOWS\system32\amdpcom64.dll
                2013-12-13 10:23:24 ----A---- C:\WINDOWS\SYSWOW64\amdocl_ld32.exe
                2013-12-13 10:23:24 ----A---- C:\WINDOWS\SYSWOW64\amdocl_as32.exe
                2013-12-13 10:23:24 ----A---- C:\WINDOWS\system32\amdocl64.dll
                2013-12-13 10:23:24 ----A---- C:\WINDOWS\system32\amdocl_ld64.exe
                2013-12-13 10:23:24 ----A---- C:\WINDOWS\system32\amdocl_as64.exe
                2013-12-13 10:23:20 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
                2013-12-13 10:23:16 ----A---- C:\WINDOWS\system32\amdmiracast.dll
                2013-12-13 10:23:16 ----A---- C:\WINDOWS\system32\amdhdl64.dll
                2013-12-13 10:23:14 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
                2013-12-12 08:36:26 ----A---- C:\WINDOWS\SYSWOW64\imagehlp.dll
                2013-12-12 08:36:26 ----A---- C:\WINDOWS\system32\imagehlp.dll
                2013-12-12 08:36:24 ----A---- C:\WINDOWS\SYSWOW64\scrrun.dll
                2013-12-12 08:36:24 ----A---- C:\WINDOWS\system32\scrrun.dll
                2013-12-12 08:36:22 ----A---- C:\WINDOWS\system32\mshtml.dll
                2013-12-12 08:36:21 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
                2013-12-12 08:36:20 ----A---- C:\WINDOWS\system32\jscript9.dll
                2013-12-12 08:36:20 ----A---- C:\WINDOWS\system32\ieframe.dll
                2013-12-12 08:36:18 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
                2013-12-12 08:36:18 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
                2013-12-12 08:36:17 ----A---- C:\WINDOWS\system32\wininet.dll
                2013-12-12 08:36:17 ----A---- C:\WINDOWS\system32\urlmon.dll
                2013-12-12 08:36:17 ----A---- C:\WINDOWS\system32\iertutil.dll
                2013-12-12 08:36:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
                2013-12-12 08:36:16 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
                2013-12-12 08:36:16 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
                2013-12-12 08:36:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
                2013-12-12 08:36:14 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
                2013-12-12 08:36:14 ----A---- C:\WINDOWS\system32\ie4uinit.exe
                2013-12-12 08:35:40 ----A---- C:\WINDOWS\system32\win32k.sys
                2013-11-27 10:29:09 ----D---- C:\WINDOWS\Minidump

                ======List of files/folders modified in the last 1 month======

                2013-12-25 14:21:46 ----RD---- C:\Program Files
                2013-12-25 14:16:53 ----RD---- C:\WINDOWS\System32
                2013-12-25 14:16:53 ----D---- C:\WINDOWS\Inf
                2013-12-25 14:16:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
                2013-12-25 14:12:20 ----D---- C:\Windows
                2013-12-25 13:40:14 ----D---- C:\Users\Plantinga\AppData\Roaming\Spotify
                2013-12-24 18:37:56 ----D---- C:\WINDOWS\Temp
                2013-12-24 17:44:49 ----RD---- C:\Program Files (x86)
                2013-12-24 17:33:45 ----HD---- C:\ProgramData
                2013-12-24 17:33:44 ----D---- C:\WINDOWS\SysWOW64
                2013-12-24 17:23:22 ----D---- C:\WINDOWS\system32\drivers
                2013-12-24 17:04:35 ----D---- C:\WINDOWS\system32\wbem
                2013-12-24 16:49:20 ----D---- C:\WINDOWS\registration
                2013-12-24 12:46:38 ----D---- C:\WINDOWS\system32\DriverStore
                2013-12-24 12:46:26 ----D---- C:\Users\Plantinga\AppData\Roaming\uTorrent
                2013-12-24 11:31:51 ----D---- C:\WINDOWS\Prefetch
                2013-12-24 11:00:08 ----D---- C:\WINDOWS\system32\sru
                2013-12-24 10:45:34 ----SHD---- C:\System Volume Information
                2013-12-24 10:42:38 ----D---- C:\WINDOWS\AppReadiness
                2013-12-24 10:42:37 ----HD---- C:\Program Files\WindowsApps
                2013-12-24 10:42:31 ----D---- C:\WINDOWS\Microsoft.NET
                2013-12-17 16:11:55 ----D---- C:\WINDOWS\rescache
                2013-12-17 16:07:58 ----D---- C:\WINDOWS\system32\config
                2013-12-17 15:14:30 ----A---- C:\WINDOWS\SYSWOW64\log.txt
                2013-12-17 15:12:45 ----D---- C:\WINDOWS\WinSxS
                2013-12-17 10:39:55 ----D---- C:\Program Files\Internet Explorer
                2013-12-17 10:39:55 ----D---- C:\Program Files (x86)\Internet Explorer
                2013-12-17 10:39:50 ----RD---- C:\WINDOWS\ToastData
                2013-12-17 10:39:48 ----D---- C:\WINDOWS\WinStore
                2013-12-17 10:39:48 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
                2013-12-17 10:39:48 ----D---- C:\WINDOWS\MediaViewer
                2013-12-17 10:39:45 ----D---- C:\WINDOWS\system32\nl-NL
                2013-12-17 10:39:43 ----D---- C:\WINDOWS\FileManager
                2013-12-17 10:39:43 ----D---- C:\WINDOWS\Camera
                2013-12-17 10:39:42 ----D---- C:\WINDOWS\apppatch
                2013-12-17 10:39:41 ----D---- C:\WINDOWS\system32\Boot
                2013-12-16 10:52:03 ----D---- C:\WINDOWS\system32\MRT
                2013-12-16 10:51:58 ----A---- C:\WINDOWS\system32\MRT.exe
                2013-12-16 10:51:55 ----D---- C:\WINDOWS\CbsTemp
                2013-12-16 10:44:18 ----D---- C:\WINDOWS\system32\catroot2
                2013-12-16 10:26:19 ----SHD---- C:\WINDOWS\Installer
                2013-12-16 10:26:13 ----D---- C:\ProgramData\Microsoft Help
                2013-12-13 10:23:54 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
                2013-12-13 10:23:54 ----A---- C:\WINDOWS\system32\atiuxp64.dll
                2013-12-13 10:23:50 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
                2013-12-13 10:23:50 ----A---- C:\WINDOWS\system32\atiumd6a.dll
                2013-12-13 10:23:48 ----A---- C:\WINDOWS\system32\atiumd64.dll
                2013-12-13 10:23:46 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
                2013-12-13 10:23:46 ----A---- C:\WINDOWS\system32\atiu9p64.dll
                2013-12-13 10:23:32 ----A---- C:\WINDOWS\system32\atiesrxx.exe
                2013-12-13 10:23:32 ----A---- C:\WINDOWS\system32\atieclxx.exe
                2013-12-13 10:23:32 ----A---- C:\WINDOWS\system32\atidxx64.dll
                2013-12-13 10:23:32 ----A---- C:\WINDOWS\system32\atidemgy.dll
                2013-12-13 10:23:30 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
                2013-12-13 10:23:30 ----A---- C:\WINDOWS\system32\aticfx64.dll
                2013-12-13 10:23:26 ----A---- C:\WINDOWS\system32\atiadlxx.dll
                2013-12-05 15:43:08 ----D---- C:\Users\Plantinga\AppData\Roaming\vlc
                2013-12-04 01:05:48 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
                2013-12-02 09:35:35 ----D---- C:\WINDOWS\system32\drivers\UMDF
                2013-11-30 12:53:42 ----SD---- C:\Users\Plantinga\AppData\Roaming\Microsoft
                2013-11-27 10:31:18 ----D---- C:\WINDOWS\system32\wdi
                2013-11-27 10:30:48 ----D---- C:\WINDOWS\system32\migwiz
                2013-11-27 10:30:48 ----D---- C:\WINDOWS\PolicyDefinitions

                Comment


                • #9
                  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

                  R0 3ware;3ware; C:\WINDOWS\System32\drivers\3ware.sys [2013-08-22 108896]
                  R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\WINDOWS\System32\drivers\ACPI.sys [2013-10-08 523096]
                  R0 acpiex;Microsoft ACPIEx Driver; C:\WINDOWS\System32\Drivers\acpiex.sys [2013-08-22 79712]
                  R0 ADP80XX;ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [2013-08-22 782176]
                  R0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\WINDOWS\System32\drivers\agp440.sys [2013-08-22 62304]
                  R0 amdsata;amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [2013-08-22 79200]
                  R0 amdsbs;amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [2013-08-22 259424]
                  R0 amdxata;amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [2013-08-22 25952]
                  R0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver; C:\WINDOWS\System32\drivers\arcsas.sys [2013-08-22 114016]
                  R0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\WINDOWS\System32\drivers\atapi.sys [2013-08-22 26464]
                  R0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\WINDOWS\System32\drivers\bxvbda.sys [2013-08-22 531296]
                  R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\WINDOWS\System32\drivers\CLFS.sys [2013-08-22 377696]
                  R0 CNG;CNG; C:\WINDOWS\System32\Drivers\cng.sys [2013-08-22 564520]
                  R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\WINDOWS\System32\drivers\disk.sys [2013-08-22 100192]
                  R0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\WINDOWS\System32\drivers\evbda.sys [2013-08-22 3357024]
                  R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\WINDOWS\System32\drivers\EhStorClass.sys [2013-08-22 82784]
                  R0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [2013-08-22 114016]
                  R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\WINDOWS\System32\drivers\fileinfo.sys [2013-08-22 79200]
                  R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\WINDOWS\system32\drivers\fltmgr.sys [2013-08-22 358752]
                  R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\WINDOWS\System32\DRIVERS\fvevol.sys [2013-09-30 579416]
                  R0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\System32\drivers\gagp30kx.sys [2013-08-22 65888]
                  R0 HpSAMD;HpSAMD; C:\WINDOWS\System32\drivers\HpSAMD.sys [2013-08-22 64352]
                  R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
                  R0 iaStorAV;@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows; C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-08-10 651248]
                  R0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\WINDOWS\System32\drivers\iaStorV.sys [2013-08-22 412000]
                  R0 intelide;intelide; C:\WINDOWS\System32\drivers\intelide.sys [2013-08-22 18272]
                  R0 intelpep;@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver; C:\WINDOWS\System32\drivers\intelpep.sys [2013-11-11 39768]
                  R0 isapnp;isapnp; C:\WINDOWS\System32\drivers\isapnp.sys [2013-08-22 21856]
                  R0 KSecDD;KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [2013-09-30 101208]
                  R0 KSecPkg;KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [2013-08-22 192864]
                  R0 LSI_SAS;LSI_SAS; C:\WINDOWS\System32\drivers\lsi_sas.sys [2013-08-22 109408]
                  R0 LSI_SAS2;LSI_SAS2; C:\WINDOWS\System32\drivers\lsi_sas2.sys [2013-08-22 93536]
                  R0 LSI_SAS3;LSI_SAS3; C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-08-22 81760]
                  R0 LSI_SSS;LSI_SSS; C:\WINDOWS\System32\drivers\lsi_sss.sys [2013-08-22 82784]
                  R0 megasas;megasas; C:\WINDOWS\System32\drivers\megasas.sys [2013-08-22 56672]
                  R0 megasr;megasr; C:\WINDOWS\System32\drivers\megasr.sys [2013-08-22 575840]
                  R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\WINDOWS\System32\drivers\mountmgr.sys [2013-08-22 101728]
                  R0 msisadrv;msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [2013-08-22 17248]
                  R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\WINDOWS\System32\Drivers\mup.sys [2013-08-22 78688]
                  R0 mvumis;mvumis; C:\WINDOWS\System32\drivers\mvumis.sys [2013-08-22 63840]
                  R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\WINDOWS\system32\drivers\ndis.sys [2013-09-30 1119576]
                  R0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\drivers\nv_agp.sys [2013-08-22 124768]
                  R0 nvraid;nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [2013-08-22 150368]
                  R0 nvstor;nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [2013-08-22 168288]
                  R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\WINDOWS\System32\drivers\partmgr.sys [2013-08-22 88928]
                  R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus-stuurprogramma; C:\WINDOWS\System32\drivers\pci.sys [2013-08-22 285536]
                  R0 pciide;pciide; C:\WINDOWS\System32\drivers\pciide.sys [2013-08-22 14688]
                  R0 pcmcia;pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [2013-08-22 114528]
                  R0 pcw;Performance Counters for Windows Driver; C:\WINDOWS\System32\drivers\pcw.sys [2013-08-22 50016]
                  R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\WINDOWS\system32\drivers\pdc.sys [2013-11-01 86872]
                  R0 rdyboost;ReadyBoost; C:\WINDOWS\System32\drivers\rdyboost.sys [2013-10-13 258904]
                  R0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\WINDOWS\System32\drivers\sbp2port.sys [2013-08-22 107872]
                  R0 SiSRaid2;SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [2013-08-22 44896]
                  R0 SiSRaid4;SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [2013-08-22 81760]
                  R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\WINDOWS\System32\drivers\spaceport.sys [2013-10-31 372568]
                  R0 stexstor;stexstor; C:\WINDOWS\System32\drivers\stexstor.sys [2013-08-22 31072]
                  R0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\WINDOWS\System32\drivers\storahci.sys [2013-08-22 107872]
                  R0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\WINDOWS\system32\DRIVERS\vmstorfl.sys [2013-08-22 49984]
                  R0 stornvme;@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver; C:\WINDOWS\System32\drivers\stornvme.sys [2013-10-05 57176]
                  R0 storvsc;storvsc; C:\WINDOWS\System32\drivers\storvsc.sys [2013-08-22 45888]
                  R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360x64\1404000.028\SYMDS64.SYS [2013-05-21 493656]
                  R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS [2013-05-23 1139800]
                  R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\WINDOWS\System32\drivers\tcpip.sys [2013-10-08 2551640]
                  R0 tos_sps64;@oem15.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\WINDOWS\System32\drivers\tos_sps64.sys [2012-06-18 499096]
                  R0 TVALZ;@oem14.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [2012-07-26 32832]
                  R0 uagp35;@machine.inf,
                  gp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\WINDOWS\System32\drivers\uagp35.sys [2013-08-22 64864]
                  R0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\WINDOWS\System32\drivers\uliagpkx.sys [2013-08-22 65888]
                  R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\WINDOWS\System32\drivers\vdrvroot.sys [2013-08-22 37728]
                  R0 viaide;viaide; C:\WINDOWS\System32\drivers\viaide.sys [2013-08-22 19808]
                  R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\WINDOWS\System32\drivers\vmbus.sys [2013-08-22 97088]
                  R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\WINDOWS\System32\drivers\volmgr.sys [2013-08-22 73568]
                  R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\WINDOWS\System32\drivers\volmgrx.sys [2013-08-22 377696]
                  R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\WINDOWS\System32\drivers\volsnap.sys [2013-08-22 312160]
                  R0 vsmraid;vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [2013-08-22 168800]
                  R0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver; C:\WINDOWS\System32\drivers\vstxraid.sys [2013-08-22 305504]
                  R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\WINDOWS\system32\drivers\Wdf01000.sys [2013-08-22 839488]
                  R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\WINDOWS\system32\DRIVERS\wfplwfs.sys [2013-10-13 136536]
                  R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\WINDOWS\system32\drivers\afd.sys [2013-08-22 567296]
                  R1 BasicDisplay;BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [2013-08-22 50688]
                  R1 BasicRender;BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [2013-08-22 33792]
                  R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2013-08-22 7680]
                  R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\WINDOWS\System32\drivers\cdrom.sys [2013-08-22 164352]
                  R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\WINDOWS\System32\Drivers\dfsc.sys [2013-08-22 134656]
                  R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2013-08-22 30208]
                  R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\WINDOWS\System32\drivers\mssmbios.sys [2013-08-22 37728]
                  R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\WINDOWS\system32\DRIVERS\netbios.sys [2013-08-22 48128]
                  R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\WINDOWS\System32\DRIVERS\netbt.sys [2013-08-22 282624]
                  R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2013-08-22 58880]
                  R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\WINDOWS\System32\drivers\npsvctrig.sys [2013-08-22 23040]
                  R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\WINDOWS\system32\drivers\nsiproxy.sys [2013-08-22 39936]
                  R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2013-08-22 5632]
                  R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\WINDOWS\system32\DRIVERS\pacer.sys [2013-08-22 151552]
                  R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2013-08-22 408576]
                  R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\WINDOWS\system32\DRIVERS\tdx.sys [2013-08-22 107520]
                  R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
                  R2 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys [2013-08-22 283648]
                  R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\WINDOWS\system32\DRIVERS\nwifi.sys [2013-09-30 442368]
                  R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\WINDOWS\system32\DRIVERS\TVALZFL.sys [2012-07-22 16768]
                  R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\WINDOWS\system32\DRIVERS\bowser.sys [2013-08-22 102912]
                  R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\WINDOWS\System32\drivers\CompositeBus.sys [2013-08-22 36352]
                  R3 DXGKrnl;LDDM Graphics Subsystem; C:\WINDOWS\System32\drivers\dxgkrnl.sys [2013-11-04 1530200]
                  R3 fastfat;FAT12/16/32 File System Driver; C:\WINDOWS\system32\drivers\fastfat.sys [2013-08-22 217952]
                  R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\drivers\HDAudBus.sys [2013-08-22 78336]
                  R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\WINDOWS\System32\drivers\hidusb.sys [2013-08-22 33792]
                  R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;Stuurprogramma voor PS/2-toetsenbord en -muispoort; C:\WINDOWS\System32\drivers\i8042prt.sys [2013-08-22 107520]
                  R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Stuurprogramma voor verschillende toetsenbordtypen; C:\WINDOWS\System32\drivers\kbdclass.sys [2013-08-22 58208]
                  R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft-netwerkminipoort voor kernelfoutopsporing (NDIS 6.20); C:\WINDOWS\system32\DRIVERS\kdnic.sys [2013-08-22 19456]
                  R3 MEIx64;@oem17.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
                  R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Stuurprogramma voor muistypen; C:\WINDOWS\System32\drivers\mouclass.sys [2013-08-22 51040]
                  R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\WINDOWS\System32\drivers\mouhid.sys [2013-08-22 30208]
                  R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\WINDOWS\System32\drivers\mpsdrv.sys [2013-08-22 74240]
                  R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2013-09-30 404992]
                  R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys [2013-09-30 207360]
                  R3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\WINDOWS\System32\drivers\mshidkmdf.sys [2013-08-22 8192]
                  R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2013-08-22 60416]
                  R3 NdisVirtualBus;@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-08-22 16384]
                  R3 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2013-08-22 2011488]
                  R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\WINDOWS\System32\drivers\rdpbus.sys [2013-08-22 22528]
                  R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
                  R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E-netwerkadapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
                  R3 sdbus;sdbus; C:\WINDOWS\System32\drivers\sdbus.sys [2013-09-30 236376]
                  R3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\WINDOWS\System32\drivers\sdstor.sys [2013-08-22 78688]
                  R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-16 43832]
                  R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\WINDOWS\System32\drivers\swenum.sys [2013-08-22 14176]
                  R3 SynTP;@oem23.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-16 447800]
                  R3 TDCMDPST;TOSHIBA Writing Engine Filter Driver; C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
                  R3 Thotkey;@oem26.inf,%Thotkey%;Toshiba Hotkey Driver; C:\WINDOWS\System32\drivers\Thotkey.sys [2013-11-01 33168]
                  R3 tosrfec;@oem27.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\WINDOWS\System32\drivers\tosrfec.sys [2013-11-01 27032]
                  R3 UASPStor;@uaspstor.inf,
                  SPortName%;USB Attached SCSI (UAS) Driver; C:\WINDOWS\System32\drivers\uaspstor.sys [2013-08-22 74080]
                  R3 UCX01000;USB Controller Extension; C:\WINDOWS\System32\drivers\ucx01000.sys [2013-08-22 189792]
                  R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\WINDOWS\System32\drivers\umbus.sys [2013-08-22 46080]
                  R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\drivers\usbccgp.sys [2013-10-23 155480]
                  R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbehci.sys [2013-08-22 89952]
                  R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Stuurprogramma voor Microsoft USB Standaard-hub; C:\WINDOWS\System32\drivers\usbhub.sys [2013-08-22 422240]
                  R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\WINDOWS\System32\drivers\UsbHub3.sys [2013-09-30 467800]
                  R3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\System32\drivers\USBSTOR.SYS [2013-08-22 142688]
                  R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\USBXHCI.SYS [2013-11-09 325464]
                  R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\WINDOWS\System32\drivers\vwifibus.sys [2013-08-22 24576]
                  R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
                  S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\WINDOWS\System32\drivers\hwpolicy.sys [2013-08-22 24416]
                  S0 SymELAM;Symantec ELAM Driver; C:\WINDOWS\system32\drivers\N360x64\1404000.028\SymELAM.sys [2012-06-20 23448]
                  S1 ahcache;@%systemroot%\system32\drivers\ahcache.sys,-102; C:\WINDOWS\system32\DRIVERS\ahcache.sys [2013-08-22 76800]
                  S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
                  S1 ccSet_N360;Norton 360 Settings Manager; C:\WINDOWS\system32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-04-16 169048]
                  S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\WINDOWS\system32\drivers\dam.sys [2013-08-22 57696]
                  S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
                  S1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131223.001\IDSvia64.sys [2013-12-13 521944]
                  S1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\WINDOWS\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [2013-03-05 36952]
                  S1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360x64\1404000.028\Ironx64.SYS [2013-03-05 224416]
                  S1 SymNetS;Symantec Network Security WFP Driver; C:\WINDOWS\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [2013-04-25 433752]
                  S2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\WINDOWS\system32\DRIVERS\lltdio.sys [2013-08-22 59392]
                  S2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\WINDOWS\system32\drivers\luafv.sys [2013-08-22 123904]
                  S2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\WINDOWS\system32\drivers\Ndu.sys [2013-08-22 103424]
                  S2 PEAUTH;PEAUTH; C:\WINDOWS\system32\drivers\peauth.sys [2013-08-22 663040]
                  S2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [2009-09-11 14344]
                  S2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2013-08-22 80384]
                  S2 secdrv;Security Driver; C:\WINDOWS\system32\drivers\secdrv.sys [2013-08-22 23040]
                  S2 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\WINDOWS\System32\DRIVERS\srv.sys [2013-10-05 454656]
                  S2 tcpipreg;TCP/IP Registry Compatibility; C:\WINDOWS\System32\drivers\tcpipreg.sys [2013-08-22 48640]
                  S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\1394ohci.sys [2013-08-22 231424]
                  S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\WINDOWS\System32\drivers\acpipagr.sys [2013-08-22 10240]
                  S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\WINDOWS\System32\drivers\acpipmi.sys [2013-08-22 12288]
                  S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\WINDOWS\System32\drivers\acpitime.sys [2013-08-22 10752]
                  S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\WINDOWS\System32\drivers\amdk8.sys [2013-08-22 95744]
                  S3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-13 13207552]
                  S3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-13 626176]
                  S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\WINDOWS\System32\drivers\amdppm.sys [2013-08-22 98816]
                  S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\WINDOWS\system32\drivers\appid.sys [2013-09-30 83456]
                  S3 AtiHDAudioService;@oem20.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-07-17 98472]
                  S3 bcmfn2;@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service; C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-08-13 17624]
                  S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
                  S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
                  S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
                  S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
                  S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2013-08-22 224768]
                  S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\WINDOWS\System32\drivers\bthmodem.sys [2013-08-22 63488]
                  S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
                  S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2013-10-05 1200640]
                  S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2013-10-05 81920]
                  S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\WINDOWS\System32\drivers\circlass.sys [2013-08-22 44032]
                  S3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\drivers\CmBatt.sys [2013-08-22 25472]
                  S3 condrv;Console Driver; C:\WINDOWS\System32\drivers\condrv.sys [2013-08-22 43008]
                  S3 dmvsc;dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [2013-08-22 29696]
                  S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\WINDOWS\system32\drivers\drmkaud.sys [2013-08-22 14560]
                  S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\WINDOWS\System32\drivers\errdev.sys [2013-08-22 10240]
                  S3 exfat;exFAT File System Driver; C:\WINDOWS\system32\drivers\exfat.sys [2013-08-22 200704]
                  S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\WINDOWS\System32\drivers\fdc.sys [2013-08-22 30720]
                  S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\WINDOWS\system32\drivers\filetrace.sys [2013-08-22 34816]
                  S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\WINDOWS\System32\drivers\flpydisk.sys [2013-08-22 25088]
                  S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\WINDOWS\System32\drivers\FsDepends.sys [2013-08-22 56672]
                  S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\WINDOWS\System32\drivers\fxppm.sys [2013-08-22 27136]
                  S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V-generatieteller; C:\WINDOWS\System32\drivers\vmgencounter.sys [2013-08-22 11264]
                  S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\WINDOWS\System32\Drivers\msgpioclx.sys [2013-08-22 146272]
                  S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\WINDOWS\System32\drivers\HidBatt.sys [2013-08-22 26624]
                  S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\WINDOWS\System32\drivers\hidbth.sys [2013-08-22 96768]
                  S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\WINDOWS\System32\drivers\hidi2c.sys [2013-08-22 41472]
                  S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\WINDOWS\System32\drivers\hidir.sys [2013-08-22 45568]
                  S3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\WINDOWS\system32\drivers\HTTP.sys [2013-08-22 994144]
                  S3 hyperkbd;hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [2013-08-22 13824]
                  S3 HyperVideo;HyperVideo; C:\WINDOWS\system32\DRIVERS\HyperVideo.sys [2013-08-22 22016]
                  S3 iaLPSSi_GPIO;@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-07-30 24568]
                  S3 iaLPSSi_I2C;@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-07-25 99320]
                  S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-25 4155536]
                  S3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\WINDOWS\System32\drivers\intelppm.sys [2013-08-22 98816]
                  S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2013-08-22 84992]
                  S3 IPMIDRV;IPMIDRV; C:\WINDOWS\System32\drivers\IPMIDrv.sys [2013-08-22 79360]
                  S3 IPNAT;IP Network Address Translator; C:\WINDOWS\System32\drivers\ipnat.sys [2013-09-30 141824]
                  S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\WINDOWS\system32\drivers\irenum.sys [2013-08-22 17920]
                  S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\WINDOWS\System32\drivers\msiscsi.sys [2013-08-22 274784]
                  S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\WINDOWS\System32\drivers\kbdhid.sys [2013-08-22 32256]
                  S3 ksthunk;Kernel Streaming Thunks; C:\WINDOWS\system32\drivers\ksthunk.sys [2013-08-22 21248]
                  S3 Modem;Modem; C:\WINDOWS\system32\drivers\modem.sys [2013-08-22 40960]
                  S3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\WINDOWS\System32\drivers\monitor.sys [2013-08-22 30208]
                  S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\WINDOWS\system32\drivers\mrxdav.sys [2013-08-22 140288]
                  S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\WINDOWS\system32\DRIVERS\bridge.sys [2013-08-22 115712]
                  S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator; C:\WINDOWS\System32\drivers\msgpiowin32.sys [2013-08-22 41824]
                  S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\WINDOWS\System32\drivers\mshidumdf.sys [2013-08-22 9728]
                  S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service-proxy; C:\WINDOWS\system32\drivers\MSKSSRV.sys [2013-08-22 10624]
                  S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\WINDOWS\system32\DRIVERS\mslldp.sys [2013-08-22 66560]
                  S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock-proxy; C:\WINDOWS\system32\drivers\MSPCLOCK.sys [2013-08-22 7040]
                  S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\WINDOWS\system32\drivers\MSPQM.sys [2013-08-22 6784]
                  S3 MsRPC;MsRPC; C:\WINDOWS\system32\drivers\MsRPC.sys [2013-08-22 366432]
                  S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2013-08-22 7936]
                  S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\WINDOWS\System32\drivers\MTConfig.sys [2013-08-22 13312]
                  S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131223.024\ENG64.SYS [2013-08-31 126040]
                  S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131223.024\EX64.SYS [2013-08-31 2099288]
                  S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\WINDOWS\system32\DRIVERS\ndiscap.sys [2013-08-22 43008]
                  S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys [2013-08-22 124928]
                  S3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2013-08-22 24576]
                  S3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
                  S3 NdisWanLegacy;@%systemroot%\system32\rascfg.dll,-32014; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
                  S3 NDProxy;NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2013-08-22 72192]
                  S3 netvsc;netvsc; C:\WINDOWS\system32\DRIVERS\netvsc63.sys [2013-08-22 87040]
                  S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\WINDOWS\System32\drivers\parport.sys [2013-08-22 94208]
                  S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\WINDOWS\System32\drivers\processr.sys [2013-08-22 92160]
                  S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\WINDOWS\system32\drivers\qwavedrv.sys [2013-08-22 47104]
                  S3 RasAcd;Remote Access Auto Connection Driver; C:\WINDOWS\System32\DRIVERS\rasacd.sys [2013-08-22 17408]
                  S3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2013-08-22 84992]
                  S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\WINDOWS\System32\drivers\rdpdr.sys [2013-09-30 195584]
                  S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\WINDOWS\System32\drivers\rdpvideominiport.sys [2013-09-30 27488]
                  S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2013-08-22 924512]
                  S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2013-09-30 167424]
                  S3 RSUSBSTOR;@oem9.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-06-13 252048]
                  S3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2012-07-11 24208]
                  S3 s3cap;s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [2013-08-22 7168]
                  S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\WINDOWS\System32\DRIVERS\scfilter.sys [2013-08-22 40960]
                  S3 SerCx;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx.sys [2013-08-22 69472]
                  S3 SerCx2;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx2.sys [2013-10-26 146776]
                  S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\WINDOWS\System32\drivers\serenum.sys [2013-08-22 23040]
                  S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\WINDOWS\System32\drivers\serial.sys [2013-08-22 83456]
                  S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\WINDOWS\System32\drivers\sermouse.sys [2013-08-22 26112]
                  S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\WINDOWS\System32\drivers\sfloppy.sys [2013-08-22 17408]
                  S3 SpbCx;Simple Peripheral Bus Support Library; C:\WINDOWS\system32\drivers\SpbCx.sys [2013-08-22 72032]
                  S3 SRTSP;Symantec Real Time Storage Protection x64; C:\WINDOWS\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [2013-05-16 796760]
                  S3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\WINDOWS\System32\DRIVERS\srv2.sys [2013-09-30 675328]
                  S3 srvnet;srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [2013-09-30 244224]
                  S3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2013-06-20 177312]
                  S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2013-10-08 2551640]
                  S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\WINDOWS\System32\drivers\terminpt.sys [2013-09-30 37216]
                  S3 TPM;@tpm.inf,%TPM%;TPM; C:\WINDOWS\system32\drivers\tpm.sys [2013-08-22 159584]
                  S3 TsUsbFlt;TsUsbFlt; C:\WINDOWS\system32\drivers\tsusbflt.sys [2013-08-22 56320]
                  S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\WINDOWS\System32\drivers\TsUsbGD.sys [2013-08-22 29696]
                  S3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter; C:\WINDOWS\system32\DRIVERS\tunnel.sys [2013-08-22 154112]
                  S3 UEFI;@uefi.inf,ïI.SvcDesc%;Microsoft UEFI Driver; C:\WINDOWS\System32\drivers\UEFI.sys [2013-08-22 26976]
                  S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\WINDOWS\System32\drivers\umpass.sys [2013-08-22 11776]
                  S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\WINDOWS\System32\drivers\usbcir.sys [2013-08-22 98304]
                  S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbohci.sys [2013-08-22 30208]
                  S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\WINDOWS\System32\drivers\usbprint.sys [2013-08-22 26112]
                  S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbuhci.sys [2013-08-22 34816]
                  S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
                  S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\WINDOWS\system32\drivers\VerifierExt.sys [2013-09-30 175960]
                  S3 vhdmp;vhdmp; C:\WINDOWS\System32\drivers\vhdmp.sys [2013-08-22 551776]
                  S3 VMBusHID;VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [2013-08-22 21760]
                  S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\WINDOWS\System32\drivers\vpci.sys [2013-08-22 69472]
                  S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\WINDOWS\System32\drivers\wacompen.sys [2013-08-22 26752]

                  Comment


                  • #10
                    S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\WINDOWS\system32\drivers\WdBoot.sys [2013-08-22 34760]
                    S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\WINDOWS\system32\drivers\WdFilter.sys [2013-08-22 265056]
                    S3 WdNisDrv;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370; C:\WINDOWS\system32\Drivers\WdNisDrv.sys [2013-08-22 124256]
                    S3 WIMMount;WIMMount; C:\WINDOWS\system32\drivers\wimmount.sys [2013-08-22 33632]
                    S4 cdfs;CD/DVD File System Reader; C:\WINDOWS\system32\DRIVERS\cdfs.sys [2013-08-22 88576]
                    S4 udfs;udfs; C:\WINDOWS\system32\DRIVERS\udfs.sys [2013-08-22 316928]

                    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

                    R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 DcomLaunch;@combase.dll,-5012; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 RpcSs;@combase.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-13 239616]
                    S2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    S2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    S2 ClassicShellService;Classic Shell Service; C:\Program Files\Classic Shell\ClassicShellService.exe [2013-04-07 68608]
                    S2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 DPS;@%systemroot%\system32\dps.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    S2 EventSystem;@comres.dll,-2450; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [2011-10-13 156672]
                    S2 gpsvc;@gpapi.dll,-112; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12 116648]
                    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
                    S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
                    S2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
                    S2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
                    S2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 N360;Norton 360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [2013-05-21 144368]
                    S2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
                    S2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2012-08-31 201360]
                    S2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
                    S2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    S2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\WINDOWS\System32\spoolsv.exe [2013-08-22 798208]
                    S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\WINDOWS\system32\sppsvc.exe [2013-09-30 6353952]
                    S2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                    S2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                    S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
                    S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2012-08-25 291240]
                    S2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]

                    Comment


                    • #11
                      S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
                      S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\WINDOWS\System32\alg.exe [2013-08-22 92672]
                      S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 AppReadiness;@%SystemRoot%\System32\AppReadiness.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 AppXSvc;@%SystemRoot%\system32\appxdeploymentserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 COMSysApp;@comres.dll,-947; C:\WINDOWS\system32\dllhost.exe [2013-08-22 19296]
                      S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\WINDOWS\System32\lsass.exe [2013-08-22 45008]
                      S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\WINDOWS\system32\fxssvc.exe [2013-08-22 655360]
                      S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
                      S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
                      S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12 116648]
                      S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\WINDOWS\system32\IEEtwCollector.exe [2013-10-19 111616]
                      S3 KeyIso;@keyiso.dll,-100; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
                      S3 KtmRm;@comres.dll,-2946; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 lfsvc;@%SystemRoot%\System32\GeofenceMonitorService.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 MSDTC;@comres.dll,-2797; C:\WINDOWS\System32\msdtc.exe [2013-08-22 142848]
                      S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\WINDOWS\system32\msiexec.exe [2013-08-22 62464]
                      S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 NcbService;@%SystemRoot%\system32\ncbservice.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
                      S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
                      S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
                      S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\WINDOWS\SysWow64\perfhost.exe [2013-08-22 21504]
                      S3 pla;@%systemroot%\system32\pla.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 PrintNotify;@C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                      S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                      S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\WINDOWS\system32\locator.exe [2013-08-22 10240]
                      S3 ScDeviceEnum;@%SystemRoot%\System32\ScDeviceEnum.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]

                      Comment


                      • #12
                        S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 smphost;@%SystemRoot%\System32\smphost.dll,-102; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\WINDOWS\System32\snmptrap.exe [2013-08-22 14848]
                        S3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2012-09-25 114656]
                        S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-07-27 53384]
                        S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-07-28 458152]
                        S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\WINDOWS\servicing\TrustedInstaller.exe [2013-08-22 98816]
                        S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\WINDOWS\system32\UI0Detect.exe [2013-08-22 40960]
                        S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
                        S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\WINDOWS\System32\vds.exe [2013-08-22 1283584]
                        S3 vmicguestinterface;@%systemroot%\system32\vmicres.dll,-801; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\WINDOWS\system32\vssvc.exe [2013-08-22 1436160]
                        S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\WINDOWS\system32\wbengine.exe [2013-08-22 1542144]
                        S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 WdNisSvc;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320; C:\Program Files\Windows Defender\NisSrv.exe [2013-08-22 346872]
                        S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 WEPHOSTSVC;@%systemroot%\system32\wephostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-08-22 23840]
                        S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
                        S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
                        S4 RemoteRegistry;@regsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
                        S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]

                        -----------------EOF-----------------


                        _________________________________________________________________________________________


                        Results of screen317's Security Check version 0.99.77
                        x64 (UAC is enabled)
                        Internet Explorer 11
                        ``````````````Antivirus/Firewall Check:``````````````
                        Windows Security Center service is not running! This report may not be accurate!
                        Windows Firewall Enabled!
                        Windows Defender
                        Norton 360 Premier Edition
                        WMI entry may not exist for antivirus; attempting automatic update.
                        `````````Anti-malware/Other Utilities Check:`````````
                        Out of date HijackThis installed!
                        SpywareBlaster 5.0
                        HijaChrome 31.0.1650.63
                        ````````Process Check: objlist.exe by Laurent````````
                        `````````````````System Health check`````````````````
                        Total Fragmentation on Drive C: % u]
                        [u]````````````````````End of Log``````````````````````[/ckThis 1.99.1
                        Google Chrome 31.0.1650.57
                        Google

                        Comment


                        • #13
                          Hoi NynkeF,

                          Ik had om een volledige scan van MBAM gevraagd.
                          Als je dat hebt gedaan, tracht dan AdwCleaner nog eens uit te voeren volgens de handleiding eerder gegeven.
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Hallo Emphyrio,

                            Mijn excuus, ik heb alsnog een volledige scan uitgevoerd, daarna een snelle en daarna nogmaals de adwCleaner. Maar ook dit keer kreeg ik na de reboot geen logbestand [xx] daarvan, helemaal niets zelfs.

                            Ik weet niet of het iets uitmaakt maar weet dat ik alleen maar werk in de veilige modus, de laptop is anders niet aan de praat te krijgen.

                            En vanmiddag naderhand is er ineens een kladblok bestand geopend, genaamd 'info'? (dit zag ik vanavond toen ik weer thuiskwam) ik vermoed dat dit een log is aangemaakt van de security check. Maar het is een vrij lang en groot bestand. Ik weet dus niet of ik dat had moeten plaatsen i.p.v. het check up logje dat ik geplaatst heb.
                            Mocht dat nog wel de bedoeling zijn dan hoor ik het wel, dan plaats ik dat. Het begint in ieder geval met het volgende:
                            info.txt logfile of random's system information tool 1.09 2013-12-25 14:21:58

                            ======Uninstall list======

                            (en dan volgt er een hele lijst met programma's o.i.d. c:// etc etc)

                            -----------------------------
                            Ik plaats hier de twee logbestanden (volledige en daarna snelle) van Mbam:

                            ____________________________________________________________________

                            Malwarebytes Anti-Malware 1.75.0.1300
                            www.malwarebytes.org

                            Databaseversie: v2013.12.25.05

                            Windows 8 x64 NTFS (Veilige modus/netwerkmogelijkheden)
                            Internet Explorer 11.0.9600.16476
                            ******** :: PC [administrator]

                            25-12-2013 22:48:33
                            mbam-log-2013-12-25 (22-48-33).txt

                            Scan type: Volledige scan (C:\|)
                            Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
                            Uitgeschakelde scan opties: P2P
                            Objecten gescand: 360042
                            Verstreken tijd: 32 minuut/minuten, 29 seconde(n)

                            Geheugenprocessen gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Geheugenmodulen gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Registersleutels gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Registerwaarden gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Registerdata gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Mappen gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Bestanden gedetecteerd: 10
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
                            C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

                            (einde)

                            ______________________________________________


                            Malwarebytes Anti-Malware 1.75.0.1300
                            www.malwarebytes.org

                            Databaseversie: v2013.12.25.05

                            Windows 8 x64 NTFS (Veilige modus/netwerkmogelijkheden)
                            Internet Explorer 11.0.9600.16476
                            ******** :: PC [administrator]

                            25-12-2013 23:27:28
                            mbam-log-2013-12-25 (23-27-28).txt

                            Scan type: Snelle scan
                            Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
                            Uitgeschakelde scan opties: P2P
                            Objecten gescand: 213285
                            Verstreken tijd: 4 minuut/minuten, 31 seconde(n)

                            Geheugenprocessen gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Geheugenmodulen gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Registersleutels gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Registerwaarden gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Registerdata gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Mappen gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            Bestanden gedetecteerd: 0
                            (Geen kwaadaardige objecten gedetecteerd)

                            (einde)
                            Last edited by NynkeF; 25-12-13, 23:04.

                            Comment


                            • #15
                              Verwijder Chrome eens van je PC.
                              PC herstarten daarna.


                              Download of Update Ccleaner

                              Start CCleaner op.
                              • Run Ccleaner en klik in de linkse kolom op Opties
                              • Selecteer het tabblad Geavanceerd
                              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                              • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
                              • Selecteer het tabblad Instellingen
                              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                              • Klik in de linkse kolom op Cleaner.
                              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                              • Klik vervolgens in de linkse kolom op Register
                              • Klik op Scan naar problemen.
                              • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
                              • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK



                              Geef je verborgen bestanden en mappen weer.

                              Ga naar Virus Total en upload de volgende file:

                              C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE

                              Druk op verzenden en wacht tot de resultaten verschijnen.
                              Indien het bestand reeds gescant is, laat je deze heranalyseren.(Je klikt dan op Re Analyse)

                              Uit het rapport, koppieer je het volgende:

                              KLIK HIER voor een vergroting! 
                              .
                              Plaats ook even de link naar dat rapport.
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X