Mededeling

Collapse
No announcement yet.

malwarebytes blokeert constant toegang van een kwaadaardige website, zelfs al ik niet op het internet zit.

Collapse
This topic is closed.
X
X
 
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • malwarebytes blokeert constant toegang van een kwaadaardige website, zelfs al ik niet op het internet zit.

    hijakc logg uitgevoerd met RSITx64


    Logfile of random's system information tool 1.09 (written by random/random)
    Run by ArnaudM at 2014-02-09 20:30:30
    Microsoft Windows 8.1 Pro N
    System drive C: has 1224 GB (64%) free of 1908 GB
    Total RAM: 6127 MB (46% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:30:32, on 9/02/2014
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.16384)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    C:\Users\ArnaudM\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\PROGRA~2\Raptr\raptr.exe
    C:\PROGRA~2\Raptr\raptr_im.exe
    C:\Program Files (x86)\iTunes\iTunes.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Users\ArnaudM\AppData\Roaming\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
    C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
    C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.199\deploy\LoLLauncher.exe
    C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.69\deploy\LolClient.exe
    C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.6\deploy\League of Legends.exe
    C:\Program Files\trend micro\ArnaudM.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/i...u=___userid___
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enumn /alertsn /notificationsn /fln /frn /appDatan /tmcpn
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
    O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
    O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
    O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
    O4 - Startup: Dropbox.lnk = C:\Users\ArnaudM\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: CineForm Status.lnk = C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Open Client to monitor &1 - C:\WINDOWS\web\AOpenClient.htm
    O8 - Extra context menu item: Open Client to monitor &2 - C:\WINDOWS\web\AOpenClient.htm
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12235 bytes

    ======Listing Processes======

    wininit.exe
    C:\WINDOWS\system32\lsass.exe
    winlogon.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k RPCSS
    C:\WINDOWS\system32\atiesrxx.exe
    C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
    "dwm.exe"
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k LocalService
    atieclxx
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\System32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
    "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
    "C:\Program Files\Bonjour\mDNSResponder.exe"
    "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
    dashost.exe {568fc165-b6f3-43ab-9a5f41aabb2e2268}
    C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
    "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe"
    "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
    "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
    C:\WINDOWS\SysWOW64\PnkBstrA.exe
    "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    "C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
    C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
    "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-062b69c6-f2ae-404c-9076-7300db46a2ae -SystemEventPortName:HostProcess-4839550f-3278-42a7-b9a5-b39967ef190f -IoCancelEventPortName:HostProcess-5c43419c-e596-4d53-afd6-fb66a47b1749 -NonStateChangingEventPortName:HostProcess-84e81d2a-bee7-4f3a-af9d-ac92732d95e0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1aa97364-c805-419c-868a-c87290673430 -DeviceGroupId:WpdFsGroup
    C:\WINDOWS\system32\SearchIndexer.exe /Embedding
    "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    C:\WINDOWS\Explorer.EXE
    "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.ex e" -ServerName:Microsoft.WindowsLive.Platform.Server
    C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
    C:\Windows\System32\skydrive.exe -Embedding
    "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
    "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
    taskhostex.exe
    C:\Windows\System32\RuntimeBroker.exe -Embedding
    "C:\Program Files (x86)\HP\hp laserjet m2727\hppfaxprintersrv.exe" "HP LaserJet M2727 MFP Series Fax"
    "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe"
    "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
    "C:\Users\ArnaudM\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
    HydraDM64.exe -h:66082 "Maximize to full desktop" "Maximize to window corners" "Restore desktop"
    "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enumn /alertsn /notificationsn /fln /frn /appDatan /tmcpn
    "C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
    "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    "C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
    "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
    "C:\Program Files\iPod\bin\iPodService.exe"
    raptr_im.exe
    "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
    "C:\Program Files (x86)\Raptr\raptr_ep64.exe"
    "C:\Windows\System32\SettingSyncHost.exe" -Embedding
    taskhost.exe $(Arg0)
    "C:\Program Files (x86)\iTunes\iTunes.exe"
    "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\30352779-149875594184894960 --parentPipe
    \??\C:\WINDOWS\system32\conhost.exe 0x4
    "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe"
    \??\C:\WINDOWS\system32\conhost.exe 0x4
    "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"
    \??\C:\WINDOWS\system32\conhost.exe 0x4
    "C:\Program Files (x86)\Skype\Phone\Skype.exe"
    "C:\Users\ArnaudM\AppData\Roaming\uTorrent\uTorrent.exe"
    "C:\WINDOWS\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.Mail.wwa
    "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
    "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4292.27207000.2070482250 "C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4292 "\\.\pipe\gecko-crash-server-pipe.4292" plugin
    "C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe" --proxy-stub-channel=Flash5852.568FB990.20788 --host-broker-channel=Flash5852.568FB990.23200 --host-pid=5852 --host-npapi-version=27 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_12_0_0_44.dll"
    "C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe" --channel=7388.00F6F650.965400634 --proxy-stub-channel=Flash5852.568FB990.20788 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_12_0_0_44.dll" --host-npapi-version=27 --type=renderer
    "C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe" updateandrun lol_launcher LoLLauncher.exe
    LoLLauncher.exe
    "C:/Riot Games/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.69/deploy/LolClient.exe" -runtime .\ -nodebug META-INF\AIR\application.xml .\ -- 8393
    "C:/Riot Games/League of Legends/RADS/solutions/lol_game_client_sln/releases/0.0.1.6/deploy/League of Legends.exe" "8394" "LoLLauncher.exe" "C:/Riot Games/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.69/deploy/LolClient.exe" "spectator 95.172.65.26:8088 EHn7xKQaGvtgjYu/dKQ1y1O1IYdRwM+9 1317658060 EUW1"
    "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe20_ Global\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
    "C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
    "C:\Users\ArnaudM\Downloads\RSITx64.exe"
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Adobe Flash Player Updater.job

    =========Mozilla firefox=========

    ProfilePath - C:\Users\ArnaudM\AppData\Roaming\Mozilla\Firefox\Profiles\sqahn9g4.default

    prefs.js - "browser.search.suggest.enabled" - false
    prefs.js - "browser.search.useDBForOrder" - "false"
    prefs.js - "browser.startup.homepage" - "https://www.facebook.com/|https://cas.arteveldehs.be/cas/login?service=http%3A%2F%2Fchamilo.arteveldehs.be%2Fchamilo%2F|http://kuiken.co/browse/200/0/7/0|http://www.linkedin.com/"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
    "Description"=Adobe® Flash® Player 12.0.0.44 Plugin
    "Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
    "Description"=Adobe Shockwave Player
    "Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
    "Description"=iTunes Detector Plug-in
    "Path"=

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
    "Description"=
    "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
    "Description"=ESN Sonar browser plugin
    "Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2]
    "Description"=
    "Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
    "Description"=
    "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
    "Description"=Java™ Deployment Toolkit
    "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
    "Description"=Oracle® Next Generation Java™ Plug-In
    "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
    "Description"=Ag Player Plugin
    "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
    "Description"=Office Authorization plug-in for NPAPI browsers
    "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
    "Description"=Microsoft SharePoint Plug-in for Firefox
    "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
    "Description"=This plugin detects and launches Pando Media Booster
    "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
    "Description"=VLC Multimedia Plugin
    "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
    "Description"=VLC Multimedia Plugin
    "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
    "Description"=VLC Multimedia Plugin
    "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
    "Description"=Handles PDFs in-place in Firefox
    "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
    "Description"=Adobe® Flash® Player 12.0.0.43 Plugin
    "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
    "Description"=Ag Player Plugin
    "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
    "Description"=Office Authorization plug-in for NPAPI browsers
    "Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

    C:\Program Files (x86)\Mozilla Firefox\extensions\
    {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

    C:\Users\ArnaudM\AppData\Roaming\Mozilla\Firefox\Profiles\sqahn9g4.default\extensions\
    [email protected]
    [email protected]

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
    Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-21 462760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
    Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-21 171944]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HP LaserJet M2727 MFP Series Fax"=C:\Program Files (x86)\HP\hp LaserJet M2727\hppfaxprintersrv.exe [2009-09-22 3700736]
    ""=
    "AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [2014-01-23 4114264]
    "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Steam"=C:\Program Files (x86)\Steam\Steam.exe [2014-01-07 1815464]
    "ALLUpdate"=C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe sleep
    "EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-01-29 3598680]
    ""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
    "AdobeBridge"=
    "HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2014-01-31 389120]
    "Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2014-01-23 55360]

    [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
    "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]
    "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
    "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
    "ToolBoxFX"=C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [2010-01-27 53248]
    "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
    ""=
    "HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2007-08-31 36864]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
    "Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2013-09-27 559696]
    "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392]
    "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
    "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-01-31 767200]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    CineForm Status.lnk - C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe

    C:\Users\ArnaudM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Dropbox.lnk - C:\Users\ArnaudM\AppData\Roaming\Dropbox\bin\Dropbox.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
    Last edited by Emphyrio; 10-02-14, 01:17. Reden: Smileys uitgezet.

  • #2
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SystemEventsBroker]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "EnableUIADesktopToggle"=0
    "EnableCursorSuppression"=1
    "ConsentPromptBehaviorUser"=3
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "ForceActiveDesktopOn"=0
    "NoActiveDesktopChanges"=1
    "NoActiveDesktop"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.yuy2"=msyuv.dll
    "vidc.i420"=iyuv_32.dll
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msg711"=msg711.acm
    "vidc.yvyu"=msyuv.dll
    "vidc.yvu9"=tsbyuv.dll
    "wavemapper"=msacm32.drv
    "midimapper"=midimap.dll
    "vidc.uyvy"=msyuv.dll
    "vidc.iyuv"=iyuv_32.dll
    "vidc.mrle"=msrle32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msadpcm"=msadp32.acm
    "vidc.msvc"=msvidc32.dll
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv
    "wave2"=wdmaud.drv
    "midi2"=wdmaud.drv
    "mixer2"=wdmaud.drv
    "aux2"=wdmaud.drv
    "msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
    "vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
    "vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
    "VIDC.CFHD"=CFHD.dll
    "wave1"=wdmaud.drv
    "midi1"=wdmaud.drv
    "mixer1"=wdmaud.drv
    "aux1"=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 month======

    2014-02-09 00:43:33 ----D---- C:\Users\ArnaudM\AppData\Roaming\library_dir
    2014-02-09 00:43:23 ----D---- C:\Users\ArnaudM\AppData\Roaming\Raptr
    2014-02-09 00:42:54 ----D---- C:\Program Files (x86)\Raptr
    2014-02-07 15:31:21 ----D---- C:\Program Files\trend micro
    2014-02-07 15:31:20 ----D---- C:\rsit
    2014-02-05 16:28:34 ----D---- C:\ProgramData\ATI
    2014-02-05 16:22:58 ----D---- C:\Program Files (x86)\AMD AVT
    2014-02-05 13:33:15 ----D---- C:\Users\ArnaudM\AppData\Roaming\Malwarebytes
    2014-02-05 13:33:12 ----D---- C:\ProgramData\Malwarebytes
    2014-02-05 13:33:11 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-05 13:33:11 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
    2014-01-31 22:07:44 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
    2014-01-31 22:07:44 ----A---- C:\WINDOWS\system32\atimpc64.dll
    2014-01-31 22:07:30 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
    2014-01-31 22:07:30 ----A---- C:\WINDOWS\system32\amdpcom64.dll
    2014-01-31 22:07:26 ----A---- C:\WINDOWS\system32\atiu9p64.dll
    2014-01-31 22:07:24 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
    2014-01-31 22:07:02 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
    2014-01-31 22:06:54 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
    2014-01-31 22:06:38 ----A---- C:\WINDOWS\system32\atiumd6a.dll
    2014-01-31 22:06:34 ----A---- C:\WINDOWS\system32\atiumd64.dll
    2014-01-31 21:57:20 ----A---- C:\WINDOWS\system32\drivers\atikmdag.sys
    2014-01-31 21:43:36 ----A---- C:\WINDOWS\system32\clinfo.exe
    2014-01-31 21:43:20 ----A---- C:\WINDOWS\system32\OpenVideo64.dll
    2014-01-31 21:43:14 ----A---- C:\WINDOWS\SYSWOW64\OpenVideo.dll
    2014-01-31 21:43:08 ----A---- C:\WINDOWS\system32\OVDecode64.dll
    2014-01-31 21:43:04 ----A---- C:\WINDOWS\SYSWOW64\OVDecode.dll
    2014-01-31 21:42:58 ----A---- C:\WINDOWS\system32\amdocl64.dll
    2014-01-31 21:40:34 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
    2014-01-31 21:38:16 ----A---- C:\WINDOWS\system32\OpenCL.dll
    2014-01-31 21:38:12 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
    2014-01-31 21:26:44 ----A---- C:\WINDOWS\system32\amdmiracast.dll
    2014-01-31 21:26:40 ----A---- C:\WINDOWS\system32\atiapfxx.exe
    2014-01-31 21:26:30 ----A---- C:\WINDOWS\system32\aticalrt64.dll
    2014-01-31 21:26:28 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
    2014-01-31 21:26:20 ----A---- C:\WINDOWS\system32\aticalcl64.dll
    2014-01-31 21:26:18 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
    2014-01-31 21:26:04 ----A---- C:\WINDOWS\system32\aticaldd64.dll
    2014-01-31 21:24:36 ----A---- C:\WINDOWS\system32\mantle64.dll
    2014-01-31 21:24:16 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
    2014-01-31 21:23:54 ----A---- C:\WINDOWS\system32\amdmantle64.dll
    2014-01-31 21:22:52 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
    2014-01-31 21:22:04 ----A---- C:\WINDOWS\system32\atio6axx.dll
    2014-01-31 21:10:46 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
    2014-01-31 21:06:22 ----A---- C:\WINDOWS\system32\atidemgy.dll
    2014-01-31 21:06:12 ----A---- C:\WINDOWS\system32\atimuixx.dll
    2014-01-31 21:06:06 ----A---- C:\WINDOWS\system32\atieclxx.exe
    2014-01-31 21:05:12 ----A---- C:\WINDOWS\system32\atiesrxx.exe
    2014-01-31 21:03:34 ----A---- C:\WINDOWS\system32\atitmm64.dll
    2014-01-31 21:03:32 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
    2014-01-31 20:59:12 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
    2014-01-31 20:59:02 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
    2014-01-31 20:48:04 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
    2014-01-31 20:47:58 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
    2014-01-31 20:37:06 ----A---- C:\WINDOWS\system32\coinst_13.350.dll
    2014-01-31 20:30:14 ----A---- C:\WINDOWS\system32\atiadlxx.dll
    2014-01-31 20:30:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
    2014-01-31 20:29:46 ----A---- C:\WINDOWS\system32\atig6pxx.dll
    2014-01-31 20:29:40 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
    2014-01-31 20:29:40 ----A---- C:\WINDOWS\system32\atiglpxx.dll
    2014-01-31 20:29:36 ----A---- C:\WINDOWS\system32\atig6txx.dll
    2014-01-31 20:29:14 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
    2014-01-31 20:28:50 ----A---- C:\WINDOWS\system32\drivers\atikmpag.sys
    2014-01-31 20:25:02 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
    2014-01-31 20:20:22 ----A---- C:\WINDOWS\system32\amdhdl64.dll
    2014-01-31 20:20:16 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
    2014-01-31 16:45:26 ----D---- C:\Users\ArnaudM\AppData\Roaming\GoPro
    2014-01-31 16:45:09 ----D---- C:\Program Files\DIFX
    2014-01-31 16:45:09 ----D---- C:\Program Files (x86)\CineForm
    2014-01-31 16:44:47 ----D---- C:\Program Files (x86)\QuickTime
    2014-01-31 16:44:43 ----D---- C:\Program Files (x86)\GoPro
    2014-01-31 15:53:46 ----A---- C:\WINDOWS\system32\kdbsdk64.dll
    2014-01-31 15:49:02 ----A---- C:\WINDOWS\SYSWOW64\kdbsdk32.dll
    2014-01-29 19:55:18 ----A---- C:\WINDOWS\system32\CFHD.dll
    2014-01-29 19:52:34 ----A---- C:\WINDOWS\SYSWOW64\CFHD.dll
    2014-01-26 21:31:11 ----D---- C:\ProgramData\regid.1986-12.com.adobe
    2014-01-26 21:27:49 ----D---- C:\Program Files\Adobe
    2014-01-26 21:26:30 ----D---- C:\Program Files\Common Files\Adobe
    2014-01-26 21:06:25 ----D---- C:\WINDOWS\system32\appmgmt
    2014-01-25 18:01:15 ----D---- C:\Users\ArnaudM\AppData\Roaming\TechSmith
    2014-01-24 18:15:29 ----D---- C:\Program Files\Common Files\Lavasoft
    2014-01-23 11:04:34 ----D---- C:\Program Files\iPod
    2014-01-23 11:04:33 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-01-23 11:04:33 ----D---- C:\Program Files\iTunes
    2014-01-23 11:04:33 ----D---- C:\Program Files (x86)\iTunes
    2014-01-16 09:34:52 ----A---- C:\WINDOWS\system32\atiicdxx.dat
    2014-01-15 10:45:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-01-15 10:45:56 ----A---- C:\WINDOWS\system32\WSService.dll
    2014-01-15 10:45:56 ----A---- C:\WINDOWS\system32\uDWM.dll
    2014-01-15 10:45:55 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
    2014-01-15 10:45:55 ----A---- C:\WINDOWS\SYSWOW64\WSClient.dll
    2014-01-15 10:45:55 ----A---- C:\WINDOWS\system32\WSShared.dll
    2014-01-15 10:45:55 ----A---- C:\WINDOWS\system32\WSCollect.exe
    2014-01-15 10:45:55 ----A---- C:\WINDOWS\system32\WSClient.dll
    2014-01-15 10:45:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-01-15 10:45:54 ----A---- C:\WINDOWS\SYSWOW64\OEMLicense.dll
    2014-01-15 10:45:54 ----A---- C:\WINDOWS\system32\OEMLicense.dll
    2014-01-11 00:50:32 ----A---- C:\WINDOWS\system32\ativvaxy_cik.dat
    2014-01-11 00:03:21 ----D---- C:\Users\ArnaudM\AppData\Roaming\.minecraft
    2014-01-10 23:37:38 ----D---- C:\WINDOWS\SYSWOW64\Adobe

    ======List of files/folders modified in the last 1 month======

    2014-02-09 20:29:40 ----D---- C:\Users\ArnaudM\AppData\Roaming\uTorrent
    2014-02-09 20:25:05 ----D---- C:\Users\ArnaudM\AppData\Roaming\Skype
    2014-02-09 20:16:10 ----D---- C:\WINDOWS\Temp
    2014-02-09 20:03:15 ----D---- C:\WINDOWS\system32\sru
    2014-02-09 16:04:00 ----D---- C:\WINDOWS\Prefetch
    2014-02-09 14:24:07 ----D---- C:\Users\ArnaudM\AppData\Roaming\Dropbox
    2014-02-09 13:50:49 ----D---- C:\WINDOWS\Microsoft.NET
    2014-02-09 12:34:13 ----RD---- C:\WINDOWS\System32
    2014-02-09 00:46:38 ----D---- C:\WINDOWS\SysWOW64
    2014-02-09 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
    2014-02-09 00:44:21 ----SHD---- C:\WINDOWS\Installer
    2014-02-09 00:44:21 ----HD---- C:\Config.Msi
    2014-02-09 00:43:36 ----D---- C:\Users\ArnaudM\AppData\Roaming\DRPSu
    2014-02-09 00:43:26 ----RD---- C:\Program Files (x86)
    2014-02-09 00:43:25 ----D---- C:\WINDOWS\system32\Tasks
    2014-02-09 00:36:23 ----D---- C:\DriverPack Solution
    2014-02-09 00:29:33 ----D---- C:\Program Files (x86)\Origin
    2014-02-08 18:24:01 ----SHD---- C:\System Volume Information
    2014-02-08 02:36:28 ----D---- C:\WINDOWS\system32\config
    2014-02-08 02:32:56 ----D---- C:\WINDOWS\WinSxS
    2014-02-07 15:31:21 ----RD---- C:\Program Files
    2014-02-07 12:00:26 ----D---- C:\Windows
    2014-02-07 00:19:19 ----D---- C:\WINDOWS\system32\drivers
    2014-02-06 14:04:44 ----D---- C:\WINDOWS\Inf
    2014-02-06 14:04:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2014-02-05 16:28:34 ----HD---- C:\ProgramData
    2014-02-05 16:22:59 ----D---- C:\ProgramData\AMD
    2014-02-05 16:22:58 ----D---- C:\Program Files (x86)\Common Files
    2014-02-05 16:22:50 ----D---- C:\Program Files (x86)\ATI Technologies
    2014-02-05 16:22:37 ----D---- C:\Program Files\ATI Technologies
    2014-02-05 16:21:54 ----D---- C:\WINDOWS\system32\DriverStore
    2014-02-05 16:21:54 ----D---- C:\WINDOWS\system32\catroot
    2014-02-05 16:21:20 ----D---- C:\Program Files\AMD
    2014-02-05 16:19:17 ----D---- C:\AMD
    2014-02-05 15:56:24 ----D---- C:\ProgramData\Search Protection
    2014-02-05 06:53:42 ----D---- C:\WINDOWS\CbsTemp
    2014-02-03 16:15:42 ----SD---- C:\ProgramData\Microsoft
    2014-02-02 17:15:28 ----SD---- C:\Users\ArnaudM\AppData\Roaming\Microsoft
    2014-02-02 16:53:38 ----D---- C:\Program Files\CCleaner
    2014-01-31 22:07:28 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
    2014-01-31 22:07:28 ----A---- C:\WINDOWS\system32\atiuxp64.dll
    2014-01-31 22:07:22 ----A---- C:\WINDOWS\system32\aticfx64.dll
    2014-01-31 22:07:20 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
    2014-01-31 22:07:14 ----A---- C:\WINDOWS\system32\atidxx64.dll
    2014-01-31 22:07:10 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
    2014-01-31 16:46:22 ----D---- C:\Program Files\Internet Explorer
    2014-01-31 16:40:22 ----D---- C:\Users\ArnaudM\AppData\Roaming\vlc
    2014-01-31 11:58:14 ----D---- C:\WINDOWS\AppReadiness
    2014-01-30 21:47:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
    2014-01-29 11:34:54 ----D---- C:\ProgramData\Origin
    2014-01-26 21:36:40 ----D---- C:\Users\ArnaudM\AppData\Roaming\Adobe
    2014-01-26 21:31:11 ----D---- C:\ProgramData\Adobe
    2014-01-26 21:29:35 ----D---- C:\Program Files (x86)\Adobe
    2014-01-26 21:28:45 ----RSD---- C:\WINDOWS\Fonts
    2014-01-26 21:26:30 ----D---- C:\Program Files\Common Files
    2014-01-23 11:02:45 ----D---- C:\ProgramData\Apple
    2014-01-19 15:29:18 ----D---- C:\WINDOWS\system32\catroot2
    2014-01-18 11:01:08 ----D---- C:\Program Files (x86)\Steam
    2014-01-16 22:04:15 ----D---- C:\WINDOWS\system32\MRT
    2014-01-16 22:03:12 ----A---- C:\WINDOWS\system32\MRT.exe
    2014-01-15 23:53:10 ----D---- C:\WINDOWS\WinStore
    2014-01-15 23:53:10 ----D---- C:\WINDOWS\system32\migration

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\WINDOWS\System32\drivers\ACPI.sys [2013-10-08 523096]
    R0 acpiex;Microsoft ACPIEx Driver; C:\WINDOWS\System32\Drivers\acpiex.sys [2013-08-22 79712]
    R0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\WINDOWS\System32\drivers\atapi.sys [2013-08-22 26464]
    R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\WINDOWS\System32\drivers\CLFS.sys [2013-08-22 377696]
    R0 CNG;CNG; C:\WINDOWS\System32\Drivers\cng.sys [2013-08-22 564520]
    R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\WINDOWS\System32\drivers\disk.sys [2013-08-22 100192]
    R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\WINDOWS\System32\drivers\fileinfo.sys [2013-08-22 79200]
    R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\WINDOWS\system32\drivers\fltmgr.sys [2013-08-22 358752]
    R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\WINDOWS\System32\DRIVERS\fvevol.sys [2013-09-21 579416]
    R0 intelide;intelide; C:\WINDOWS\System32\drivers\intelide.sys [2013-08-22 18272]
    R0 intelpep;@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver; C:\WINDOWS\System32\drivers\intelpep.sys [2013-11-11 39768]
    R0 KSecDD;KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [2013-09-21 101208]
    R0 KSecPkg;KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [2013-08-22 192864]
    R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\WINDOWS\System32\drivers\mountmgr.sys [2013-08-22 101728]
    R0 msisadrv;msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [2013-08-22 17248]
    R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\WINDOWS\System32\Drivers\mup.sys [2013-08-22 78688]
    R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\WINDOWS\system32\drivers\ndis.sys [2013-09-21 1119576]
    R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\WINDOWS\System32\drivers\partmgr.sys [2013-08-22 88928]
    R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\WINDOWS\System32\drivers\pci.sys [2013-08-22 285536]
    R0 pcw;Performance Counters for Windows Driver; C:\WINDOWS\System32\drivers\pcw.sys [2013-08-22 50016]
    R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\WINDOWS\system32\drivers\pdc.sys [2013-11-01 86872]
    R0 rdyboost;ReadyBoost; C:\WINDOWS\System32\drivers\rdyboost.sys [2013-10-13 258904]
    R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\WINDOWS\System32\drivers\spaceport.sys [2013-10-31 372568]
    R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\WINDOWS\System32\drivers\tcpip.sys [2013-10-08 2551640]
    R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\WINDOWS\System32\drivers\vdrvroot.sys [2013-08-22 37728]
    R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\WINDOWS\System32\drivers\volmgr.sys [2013-08-22 73568]
    R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\WINDOWS\System32\drivers\volmgrx.sys [2013-08-22 377696]
    R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\WINDOWS\System32\drivers\volsnap.sys [2013-08-22 312160]
    R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\WINDOWS\system32\drivers\Wdf01000.sys [2013-08-22 839488]
    R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\WINDOWS\system32\DRIVERS\wfplwfs.sys [2013-10-13 136536]
    R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\WINDOWS\system32\drivers\afd.sys [2013-08-22 567296]
    R1 ahcache;@%systemroot%\system32\drivers\ahcache.sys,-102; C:\WINDOWS\system32\DRIVERS\ahcache.sys [2013-08-22 76800]
    R1 BasicDisplay;BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [2013-08-22 50688]
    R1 BasicRender;BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [2013-08-22 33792]
    R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2013-08-22 7680]
    R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\WINDOWS\System32\drivers\cdrom.sys [2013-08-22 164352]
    R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\WINDOWS\system32\drivers\csc.sys [2013-08-22 559616]
    R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\WINDOWS\System32\Drivers\dfsc.sys [2013-08-22 134656]
    R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2013-08-22 30208]
    R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\WINDOWS\System32\drivers\mssmbios.sys [2013-08-22 37728]
    R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\WINDOWS\system32\DRIVERS\netbios.sys [2013-08-22 48128]
    R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\WINDOWS\System32\DRIVERS\netbt.sys [2013-08-22 282624]
    R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2013-08-22 58880]
    R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\WINDOWS\System32\drivers\npsvctrig.sys [2013-08-22 23040]

    Comment


    • #3
      R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\WINDOWS\system32\drivers\nsiproxy.sys [2013-08-22 39936]
      R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2013-08-22 5632]
      R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\WINDOWS\system32\DRIVERS\pacer.sys [2013-08-22 151552]
      R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2013-08-22 408576]
      R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\WINDOWS\system32\DRIVERS\tdx.sys [2013-08-22 107520]
      R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\WINDOWS\system32\DRIVERS\lltdio.sys [2013-08-22 59392]
      R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\WINDOWS\system32\drivers\luafv.sys [2013-08-22 123904]
      R2 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys [2013-08-22 283648]
      R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\WINDOWS\system32\drivers\Ndu.sys [2013-08-22 103424]
      R2 PEAUTH;PEAUTH; C:\WINDOWS\system32\drivers\peauth.sys [2013-08-22 663040]
      R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2013-08-22 80384]
      R2 secdrv;Security Driver; C:\WINDOWS\system32\drivers\secdrv.sys [2013-08-22 23040]
      R2 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\WINDOWS\System32\DRIVERS\srv.sys [2013-10-05 454656]
      R2 tcpipreg;TCP/IP Registry Compatibility; C:\WINDOWS\System32\drivers\tcpipreg.sys [2013-08-22 48640]
      R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-01-31 13929472]
      R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-01-31 636928]
      R3 AtiHDAudioService;@oem35.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-12-19 222720]
      R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\WINDOWS\system32\DRIVERS\bowser.sys [2013-08-22 102912]
      R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\WINDOWS\System32\drivers\CompositeBus.sys [2013-08-22 36352]
      R3 condrv;Console Driver; C:\WINDOWS\System32\drivers\condrv.sys [2013-08-22 43008]
      R3 DXGKrnl;LDDM Graphics Subsystem; C:\WINDOWS\System32\drivers\dxgkrnl.sys [2013-11-04 1530200]
      R3 exfat;exFAT File System Driver; C:\WINDOWS\system32\drivers\exfat.sys [2013-08-22 200704]
      R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
      R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [2013-07-17 138232]
      R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\drivers\HDAudBus.sys [2013-08-22 78336]
      R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\WINDOWS\System32\drivers\hidusb.sys [2013-08-22 33792]
      R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\WINDOWS\system32\drivers\HTTP.sys [2013-08-22 994144]
      R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-30 3379272]
      R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\WINDOWS\System32\drivers\intelppm.sys [2013-08-22 98816]
      R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\WINDOWS\System32\drivers\kbdclass.sys [2013-08-22 58208]
      R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\WINDOWS\System32\drivers\kbdhid.sys [2013-08-22 32256]
      R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\WINDOWS\system32\DRIVERS\kdnic.sys [2013-08-22 19456]
      R3 ksthunk;Kernel Streaming Thunks; C:\WINDOWS\system32\drivers\ksthunk.sys [2013-08-22 21248]
      R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2013-04-04 25928]
      R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2011-09-22 56600]
      R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\WINDOWS\System32\drivers\monitor.sys [2013-08-22 30208]
      R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\WINDOWS\System32\drivers\mouclass.sys [2013-08-22 51040]
      R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\WINDOWS\System32\drivers\mouhid.sys [2013-08-22 30208]
      R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\WINDOWS\System32\drivers\mpsdrv.sys [2013-08-22 74240]
      R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2013-09-21 404992]
      R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys [2013-09-21 207360]
      R3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\WINDOWS\system32\DRIVERS\mslldp.sys [2013-08-22 66560]
      R3 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\WINDOWS\system32\DRIVERS\nwifi.sys [2013-09-11 442368]
      R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2013-08-22 60416]
      R3 NdisVirtualBus;@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-08-22 16384]
      R3 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2013-08-22 2011488]
      R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\WINDOWS\System32\drivers\rdpbus.sys [2013-08-22 22528]
      R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
      R3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\WINDOWS\System32\drivers\serenum.sys [2013-08-22 23040]
      R3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\WINDOWS\System32\drivers\serial.sys [2013-08-22 83456]
      R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\WINDOWS\System32\DRIVERS\srv2.sys [2013-09-21 675328]
      R3 srvnet;srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [2013-09-11 244224]
      R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\WINDOWS\System32\drivers\swenum.sys [2013-08-22 14176]
      R3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2013-07-17 329800]
      R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunnel.sys [2013-08-22 154112]
      R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\WINDOWS\System32\drivers\umbus.sys [2013-08-22 46080]
      R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-08-22 121088]
      R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\drivers\usbccgp.sys [2013-10-23 155480]
      R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbehci.sys [2013-08-22 89952]
      R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\drivers\usbhub.sys [2013-08-22 422240]
      R3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\WINDOWS\System32\drivers\USBSTOR.SYS [2013-08-22 142688]
      R4 cdfs;CD/DVD File System Reader; C:\WINDOWS\system32\DRIVERS\cdfs.sys [2013-08-22 88576]
      S0 3ware;3ware; C:\WINDOWS\System32\drivers\3ware.sys [2013-08-22 108896]
      S0 ADP80XX;ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [2013-08-22 782176]
      S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\WINDOWS\System32\drivers\agp440.sys [2013-08-22 62304]
      S0 amdkmafd;@oem4.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
      S0 amdsata;amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [2013-08-22 79200]
      S0 amdsbs;amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [2013-08-22 259424]
      S0 amdxata;amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [2013-08-22 25952]
      S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver; C:\WINDOWS\System32\drivers\arcsas.sys [2013-08-22 114016]
      S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\WINDOWS\System32\drivers\bxvbda.sys [2013-08-22 531296]
      S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\WINDOWS\System32\drivers\evbda.sys [2013-08-22 3357024]
      S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\WINDOWS\System32\drivers\EhStorClass.sys [2013-08-22 82784]
      S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [2013-08-22 114016]
      S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\System32\drivers\gagp30kx.sys [2013-08-22 65888]
      S0 HpSAMD;HpSAMD; C:\WINDOWS\System32\drivers\HpSAMD.sys [2013-08-22 64352]
      S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\WINDOWS\System32\drivers\hwpolicy.sys [2013-08-22 24416]
      S0 iaStorAV;@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows; C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-08-10 651248]
      S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\WINDOWS\System32\drivers\iaStorV.sys [2013-08-22 412000]
      S0 isapnp;isapnp; C:\WINDOWS\System32\drivers\isapnp.sys [2013-08-22 21856]
      S0 LSI_SAS;LSI_SAS; C:\WINDOWS\System32\drivers\lsi_sas.sys [2013-08-22 109408]
      S0 LSI_SAS2;LSI_SAS2; C:\WINDOWS\System32\drivers\lsi_sas2.sys [2013-08-22 93536]
      S0 LSI_SAS3;LSI_SAS3; C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-08-22 81760]
      S0 LSI_SSS;LSI_SSS; C:\WINDOWS\System32\drivers\lsi_sss.sys [2013-08-22 82784]
      S0 megasas;megasas; C:\WINDOWS\System32\drivers\megasas.sys [2013-08-22 56672]
      S0 megasr;megasr; C:\WINDOWS\System32\drivers\megasr.sys [2013-08-22 575840]
      S0 mvumis;mvumis; C:\WINDOWS\System32\drivers\mvumis.sys [2013-08-22 63840]
      S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\drivers\nv_agp.sys [2013-08-22 124768]
      S0 nvraid;nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [2013-08-22 150368]
      S0 nvstor;nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [2013-08-22 168288]
      S0 pciide;pciide; C:\WINDOWS\System32\drivers\pciide.sys [2013-08-22 14688]
      S0 pcmcia;pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [2013-08-22 114528]
      S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\WINDOWS\System32\drivers\sbp2port.sys [2013-08-22 107872]
      S0 SiSRaid2;SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [2013-08-22 44896]
      S0 SiSRaid4;SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [2013-08-22 81760]
      S0 stexstor;stexstor; C:\WINDOWS\System32\drivers\stexstor.sys [2013-08-22 31072]
      S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\WINDOWS\System32\drivers\storahci.sys [2013-08-22 107872]
      S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\WINDOWS\system32\DRIVERS\vmstorfl.sys [2013-08-22 49984]
      S0 stornvme;@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver; C:\WINDOWS\System32\drivers\stornvme.sys [2013-10-05 57176]
      S0 storvsc;storvsc; C:\WINDOWS\System32\drivers\storvsc.sys [2013-08-22 45888]
      S0 uagp35;@machine.inf,
      gp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\WINDOWS\System32\drivers\uagp35.sys [2013-08-22 64864]
      S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\WINDOWS\System32\drivers\uliagpkx.sys [2013-08-22 65888]
      S0 viaide;viaide; C:\WINDOWS\System32\drivers\viaide.sys [2013-08-22 19808]
      S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\WINDOWS\System32\drivers\vmbus.sys [2013-08-22 97088]
      S0 vsmraid;vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [2013-08-22 168800]
      S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver; C:\WINDOWS\System32\drivers\vstxraid.sys [2013-08-22 305504]
      S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\WINDOWS\system32\drivers\dam.sys [2013-08-22 57696]
      S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\1394ohci.sys [2013-08-22 231424]
      S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\WINDOWS\System32\drivers\acpipagr.sys [2013-08-22 10240]
      S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\WINDOWS\System32\drivers\acpipmi.sys [2013-08-22 12288]
      S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\WINDOWS\System32\drivers\acpitime.sys [2013-08-22 10752]
      S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\WINDOWS\System32\drivers\amdk8.sys [2013-08-22 95744]
      S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\WINDOWS\System32\drivers\amdppm.sys [2013-08-22 98816]
      S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\WINDOWS\system32\drivers\appid.sys [2013-09-14 83456]
      S3 athrusb;@oem1.inf,%ATHR.Service.DispName%;Atheros Wireless LAN USB device driver; C:\WINDOWS\system32\DRIVERS\athrxusb.sys [2008-07-29 1075712]
      S3 bcmfn2;@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service; C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-08-13 17624]
      S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
      S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
      S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
      S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\WINDOWS\System32\drivers\bthmodem.sys [2013-08-22 63488]
      S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\WINDOWS\System32\drivers\circlass.sys [2013-08-22 44032]
      S3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\drivers\CmBatt.sys [2013-08-22 25472]
      S3 dmvsc;dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [2013-08-22 29696]
      S3 dot4;@oem22.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
      S3 Dot4Print;@oem23.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
      S3 dot4usb;@oem22.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
      S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\WINDOWS\system32\drivers\drmkaud.sys [2013-08-22 14560]
      S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\WINDOWS\System32\drivers\errdev.sys [2013-08-22 10240]
      S3 fastfat;FAT12/16/32 File System Driver; C:\WINDOWS\system32\drivers\fastfat.sys [2013-08-22 217952]
      S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\WINDOWS\System32\drivers\fdc.sys [2013-08-22 30720]
      S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\WINDOWS\system32\drivers\filetrace.sys [2013-08-22 34816]
      S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\WINDOWS\System32\drivers\flpydisk.sys [2013-08-22 25088]
      S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\WINDOWS\System32\drivers\FsDepends.sys [2013-08-22 56672]
      S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\WINDOWS\System32\drivers\fxppm.sys [2013-08-22 27136]
      S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\WINDOWS\System32\drivers\vmgencounter.sys [2013-08-22 11264]
      S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\WINDOWS\System32\Drivers\msgpioclx.sys [2013-08-22 146272]
      S3 HdAudAddService;@hdaudio.inf,યunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2013-08-22 395776]
      S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\WINDOWS\System32\drivers\HidBatt.sys [2013-08-22 26624]
      S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\WINDOWS\System32\drivers\hidbth.sys [2013-08-22 96768]
      S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\WINDOWS\System32\drivers\hidi2c.sys [2013-08-22 41472]
      S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\WINDOWS\System32\drivers\hidir.sys [2013-08-22 45568]
      S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [2007-07-16 20504]
      S3 HPFXFAX;HPFXFAX; C:\WINDOWS\system32\drivers\hpfx64fax.sys [2007-07-16 23064]
      S3 hyperkbd;hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [2013-08-22 13824]
      S3 HyperVideo;HyperVideo; C:\WINDOWS\system32\DRIVERS\HyperVideo.sys [2013-08-22 22016]
      S3 i8042prt;@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\System32\drivers\i8042prt.sys [2013-08-22 107520]
      S3 iaLPSSi_GPIO;@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-07-30 24568]
      S3 iaLPSSi_I2C;@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-07-25 99320]
      S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2013-08-22 84992]
      S3 IPMIDRV;IPMIDRV; C:\WINDOWS\System32\drivers\IPMIDrv.sys [2013-08-22 79360]
      S3 IPNAT;IP Network Address Translator; C:\WINDOWS\System32\drivers\ipnat.sys [2013-09-14 141824]
      S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\WINDOWS\system32\drivers\irenum.sys [2013-08-22 17920]
      S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\WINDOWS\System32\drivers\msiscsi.sys [2013-08-22 274784]
      S3 kbldfltr;kbldfltr; C:\WINDOWS\system32\drivers\kbldfltr.sys [2013-08-22 22272]
      S3 Modem;Modem; C:\WINDOWS\system32\drivers\modem.sys [2013-08-22 40960]
      S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\WINDOWS\system32\drivers\mrxdav.sys [2013-08-22 140288]
      S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\WINDOWS\system32\DRIVERS\bridge.sys [2013-08-22 115712]
      S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator; C:\WINDOWS\System32\drivers\msgpiowin32.sys [2013-08-22 41824]
      S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\WINDOWS\System32\drivers\mshidkmdf.sys [2013-08-22 8192]
      S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\WINDOWS\System32\drivers\mshidumdf.sys [2013-08-22 9728]
      S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\WINDOWS\system32\drivers\MSKSSRV.sys [2013-08-22 10624]
      S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\WINDOWS\system32\drivers\MSPCLOCK.sys [2013-08-22 7040]
      S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\WINDOWS\system32\drivers\MSPQM.sys [2013-08-22 6784]
      S3 MsRPC;MsRPC; C:\WINDOWS\system32\drivers\MsRPC.sys [2013-08-22 366432]
      S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2013-08-22 7936]
      S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\WINDOWS\System32\drivers\MTConfig.sys [2013-08-22 13312]
      S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\WINDOWS\system32\DRIVERS\ndiscap.sys [2013-08-22 43008]
      S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys [2013-08-22 124928]
      S3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2013-08-22 24576]
      S3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
      S3 NdisWanLegacy;@%systemroot%\system32\rascfg.dll,-32014; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
      S3 NDProxy;NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2013-08-22 72192]
      S3 netvsc;netvsc; C:\WINDOWS\system32\DRIVERS\netvsc63.sys [2013-08-22 87040]
      S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\WINDOWS\System32\drivers\parport.sys [2013-08-22 94208]
      S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\WINDOWS\System32\drivers\processr.sys [2013-08-22 92160]
      S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\WINDOWS\system32\drivers\qwavedrv.sys [2013-08-22 47104]
      S3 RasAcd;Remote Access Auto Connection Driver; C:\WINDOWS\System32\DRIVERS\rasacd.sys [2013-08-22 17408]
      S3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2013-08-22 84992]
      S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\WINDOWS\System32\drivers\rdpdr.sys [2013-08-22 195584]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\WINDOWS\System32\drivers\rdpvideominiport.sys [2013-08-22 27488]
      S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2013-08-22 924512]
      S3 s3cap;s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [2013-08-22 7168]
      S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\WINDOWS\System32\DRIVERS\scfilter.sys [2013-08-22 40960]
      S3 sdbus;sdbus; C:\WINDOWS\System32\drivers\sdbus.sys [2013-09-21 236376]
      S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\WINDOWS\System32\drivers\sdstor.sys [2013-08-22 78688]
      S3 SerCx;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx.sys [2013-08-22 69472]
      S3 SerCx2;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx2.sys [2013-10-26 146776]
      S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\WINDOWS\System32\drivers\sermouse.sys [2013-08-22 26112]
      S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\WINDOWS\System32\drivers\sfloppy.sys [2013-08-22 17408]
      S3 SpbCx;Simple Peripheral Bus Support Library; C:\WINDOWS\system32\drivers\SpbCx.sys [2013-08-22 72032]
      S3 storvsp;storvsp; C:\WINDOWS\System32\drivers\storvsp.sys [2013-08-22 68608]
      S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2013-10-08 2551640]
      S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\WINDOWS\System32\drivers\terminpt.sys [2013-08-22 37216]
      S3 TPM;@tpm.inf,%TPM%;TPM; C:\WINDOWS\system32\drivers\tpm.sys [2013-08-22 159584]
      S3 TsUsbFlt;TsUsbFlt; C:\WINDOWS\system32\drivers\tsusbflt.sys [2013-08-22 56320]
      S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\WINDOWS\System32\drivers\TsUsbGD.sys [2013-08-22 29696]
      S3 UASPStor;@uaspstor.inf,
      SPortName%;USB Attached SCSI (UAS) Driver; C:\WINDOWS\System32\drivers\uaspstor.sys [2013-08-22 74080]
      S3 UCX01000;USB Controller Extension; C:\WINDOWS\System32\drivers\ucx01000.sys [2013-08-22 189792]
      S3 UEFI;@uefi.inf,ïI.SvcDesc%;Microsoft UEFI Driver; C:\WINDOWS\System32\drivers\UEFI.sys [2013-08-22 26976]
      S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\WINDOWS\System32\drivers\umpass.sys [2013-08-22 11776]
      S3 USBAAPL64;@oem15.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
      S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\WINDOWS\System32\drivers\usbcir.sys [2013-08-22 98304]
      S3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\WINDOWS\System32\drivers\UsbHub3.sys [2013-09-17 467800]
      S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbohci.sys [2013-08-22 30208]
      S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\WINDOWS\System32\drivers\usbprint.sys [2013-08-22 26112]
      S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
      S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbuhci.sys [2013-08-22 34816]
      S3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\USBXHCI.SYS [2013-11-09 325464]
      S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\WINDOWS\system32\drivers\VerifierExt.sys [2013-09-14 175960]
      S3 vhdmp;vhdmp; C:\WINDOWS\System32\drivers\vhdmp.sys [2013-08-22 551776]
      S3 Vid;Vid; C:\WINDOWS\System32\drivers\Vid.sys [2013-08-22 220672]
      S3 VMBusHID;VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [2013-08-22 21760]
      S3 vmbusr;@%SystemRoot%\system32\drivers\vmbusr.sys,-1001; C:\WINDOWS\System32\drivers\vmbusr.sys [2013-08-22 129536]
      S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\WINDOWS\System32\drivers\vpci.sys [2013-08-22 69472]
      S3 vpcivsp;@wvpcivsp.inf,%vpcivsp.SVCDESC%;Microsoft Hyper-V PCI Server; C:\WINDOWS\System32\drivers\vpcivsp.sys [2013-08-22 65536]
      S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\WINDOWS\System32\drivers\vwifibus.sys [2013-08-22 24576]
      S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\WINDOWS\System32\drivers\wacompen.sys [2013-08-22 26752]
      S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\WINDOWS\system32\drivers\WdBoot.sys [2013-08-22 34760]
      S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\WINDOWS\system32\drivers\WdFilter.sys [2013-08-22 265056]
      S3 WdNisDrv;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370; C:\WINDOWS\system32\Drivers\WdNisDrv.sys [2013-08-22 124256]
      S3 WIMMount;WIMMount; C:\WINDOWS\system32\drivers\wimmount.sys [2013-08-22 33632]
      S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]
      S3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\drivers\wmiacpi.sys [2013-08-22 16384]
      S4 udfs;udfs; C:\WINDOWS\system32\DRIVERS\udfs.sys [2013-08-22 316928]

      ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
      R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-01-31 240128]
      R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
      R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
      R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 DcomLaunch;@combase.dll,-5012; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\WINDOWS\System32\lsass.exe [2013-08-22 45008]
      R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 EventSystem;@comres.dll,-2450; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-11-12 136192]
      R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [2014-01-23 702744]
      R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
      R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
      R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2013-12-17 76888]
      R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 RpcSs;@combase.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
      R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
      R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\WINDOWS\System32\spoolsv.exe [2013-08-22 798208]
      R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
      R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R2 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
      R3 NcbService;@%SystemRoot%\system32\ncbservice.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
      R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S2 gpsvc;@gpapi.dll,-112; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
      S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\WINDOWS\system32\sppsvc.exe [2013-09-12 6353952]
      S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04 257928]
      S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\WINDOWS\System32\alg.exe [2013-08-22 92672]
      S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 AppMgmt;@appmgmts.dll,-3250; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 AppReadiness;@%SystemRoot%\System32\AppReadiness.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 AppXSvc;@%SystemRoot%\system32\appxdeploymentserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 COMSysApp;@comres.dll,-947; C:\WINDOWS\system32\dllhost.exe [2013-08-22 19296]
      S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\WINDOWS\system32\fxssvc.exe [2013-08-22 655360]
      S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
      S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\WINDOWS\system32\IEEtwCollector.exe [2013-10-19 111616]
      S3 KeyIso;@keyiso.dll,-100; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
      S3 KtmRm;@comres.dll,-2946; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 lfsvc;@%SystemRoot%\System32\GeofenceMonitorService.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
      S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-11 119408]
      S3 MSDTC;@comres.dll,-2797; C:\WINDOWS\System32\msdtc.exe [2013-08-22 142848]
      S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\WINDOWS\system32\msiexec.exe [2013-08-22 62464]
      S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
      S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
      S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
      S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\WINDOWS\SysWow64\perfhost.exe [2013-08-22 21504]
      S3 pla;@%systemroot%\system32\pla.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 PrintNotify;@C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\WINDOWS\system32\locator.exe [2013-08-22 10240]
      S3 ScDeviceEnum;@%SystemRoot%\System32\ScDeviceEnum.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 smphost;@%SystemRoot%\System32\smphost.dll,-102; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\WINDOWS\System32\snmptrap.exe [2013-08-22 14848]
      S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768]
      S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\WINDOWS\servicing\TrustedInstaller.exe [2013-08-22 98816]
      S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\WINDOWS\system32\UI0Detect.exe [2013-08-22 40960]
      S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\WINDOWS\System32\vds.exe [2013-08-22 1283584]
      S3 vmicguestinterface;@%systemroot%\system32\vmicres.dll,-801; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\WINDOWS\system32\vssvc.exe [2013-08-22 1436160]
      S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\WINDOWS\system32\wbengine.exe [2013-08-22 1542144]
      S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 WdNisSvc;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320; C:\Program Files\Windows Defender\NisSrv.exe [2013-08-22 346872]
      S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 WEPHOSTSVC;@%systemroot%\system32\wephostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-08-22 23840]
      S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S4 MsKeyboardFilter;@%SystemRoot%\system32\KeyboardFilterSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
      S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
      S4 RemoteRegistry;@regsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
      S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]

      -----------------EOF-----------------

      Comment


      • #4
        Hoi en Welkom op Nucia Security Forum,

        Stap 1

        Start MBAM
        Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
        • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
        • Ga naar het tabblad "Updates" en Update MBAM.
        • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
        • Druk vervolgens op "Scannen" om de scan te starten.
        • Het scannen kan een tijdje duren, dus wees geduldig.
        • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
        • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
        • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

        Indien MBAM vraagt om een herstart, doe dit dan ook.
        Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
        In dat geval post je dus de twee logs.

        De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


        Bij problemen!!!


        Stap 2

        Download AdwCleaner by Xplode naar je Bureaublad.
        • Sluit alle openstaande vensters
        • Start AdwCleaner
        • Klik op Scan
        • Klik op Clean
        • KLIK HIER voor een vergroting! 

        Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
        Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

        Enkel de log na de "clean" optie heb ik nodig.

        Vergeet niet om je "smileys" uit te schakelen.

        Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com


        Stap 3

        Download of Update Ccleaner

        Start CCleaner op.
        • Run Ccleaner en klik in de linkse kolom op Opties
        • Selecteer het tabblad Geavanceerd
        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
        • Selecteer het tabblad Instellingen
        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
        • Klik in de linkse kolom op Cleaner.
        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
        • Klik vervolgens in de linkse kolom op Register
        • Klik op Scan naar problemen.
        • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK



        Stap 4
        • Download PC Info naar je bureaublad.
        • Unzip en klik op SetupPC Info.
        • Doorloop het installatieproces.

        .
        Dubbelklik op PC Info.
        De scanning wordt nu ingezet...
        Na de scanning selecteer je de tab: Logs
        Vervolgens check je uitsluitend deze items:
        .
        • Software
        • Hardware
        • Software Installed List
        • Startup List
        • Running Processes
        • Expert Mode
        • Registry Scan

        .
        Klik nu op 'Create a log' kopieer en plak deze in je volgende posting.


        In je volgende posting had ik graag de volgende logs gehad:
        .
        1. MBAM
        2. AdwCleaner
        3. PC Info

        .
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Bedankt voor al uw moeite!

          deze van vandaag bracht niets op
          Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
          www.malwarebytes.org

          Databaseversie: v2014.02.10.06

          Windows 8 x64 NTFS
          Internet Explorer 11.0.9600.16476
          ArnaudM :: ARNAUD [administrator]

          Bescherming: Ingeschakeld

          10/02/2014 22:12:31
          mbam-log-2014-02-10 (22-12-31).txt

          Scan type: Volledige scan (C:\|E:\|F:\|)
          Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken
          Uitgeschakelde scan opties: PUP | PUM | P2P
          Objecten gescand: 513907
          Verstreken tijd: 1 uur/uren, 25 minuut/minuten, 1 seconde(n)

          Geheugenprocessen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Geheugenmodulen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registersleutels gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerwaarden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerdata gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Mappen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Bestanden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          (einde)

          maar deze 2 van vorige week wel (een snelle & volledige scan)

          Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
          www.malwarebytes.org

          Databaseversie: v2014.02.05.05

          Windows 8 x64 NTFS
          Internet Explorer 11.0.9600.16476
          ArnaudM :: ARNAUD [administrator]

          Bescherming: Ingeschakeld

          5/02/2014 13:33:45
          mbam-log-2014-02-05 (13-33-45).txt

          Scan type: Snelle scan
          Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
          Uitgeschakelde scan opties: P2P
          Objecten gescand: 214852
          Verstreken tijd: 5 minuut/minuten,

          Geheugenprocessen gedetecteerd: 1
          C:\ProgramData\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> 4880 -> Zal worden verwijderd tijdens het herstarten.

          Geheugenmodulen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registersleutels gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerwaarden gedetecteerd: 1
          HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Search Protection (PUP.Optional.SearchProtection.A) -> Data: C:\ProgramData\Search Protection\SearchProtection.exe -> Succesvol in quarantaine geplaatst en verwijderd.

          Registerdata gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Mappen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Bestanden gedetecteerd: 3
          C:\ProgramData\InstallMate\{FAD49980-101D-47CE-A525-583F2137BB76}\Custom.dll (PUP.Optional.InstalleRex) -> Succesvol in quarantaine geplaatst en verwijderd.
          C:\Users\ArnaudM\Downloads\SoftonicDownloader_voor_simple-shutdown-timer.exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd.
          C:\ProgramData\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> Zal worden verwijderd tijdens het herstarten.

          (einde)

          Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
          www.malwarebytes.org

          Databaseversie: v2014.02.05.05

          Windows 8 x64 NTFS
          Internet Explorer 11.0.9600.16476
          ArnaudM :: ARNAUD [administrator]

          Bescherming: Ingeschakeld

          5/02/2014 13:43:20
          mbam-log-2014-02-05 (13-43-20).txt

          Scan type: Volledige scan (C:\|F:\|)
          Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
          Uitgeschakelde scan opties: P2P
          Objecten gescand: 492523
          Verstreken tijd: 1 uur/uren, 13 minuut/minuten, 58 seconde(n)

          Geheugenprocessen gedetecteerd: 1
          C:\ProgramData\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> 4880 -> Zal worden verwijderd tijdens het herstarten.

          Geheugenmodulen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registersleutels gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerwaarden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerdata gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Mappen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Bestanden gedetecteerd: 3
          C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.
          C:\Users\ArnaudM\Desktop\Voltooid\Adobe After Effects CS6 11.0.0.378 LS7 Multilanguage [ChingLiu]\Cracked dll\amtlib.dll (PUP.RiskwareTool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.
          C:\ProgramData\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> Zal worden verwijderd tijdens het herstarten.

          (einde)


          adwcleaner log
          # AdwCleaner v3.018 - Report created 10/02/2014 at 23:44:37
          # Updated 28/01/2014 by Xplode
          # Operating System : Windows 8.1 Pro N (64 bits)
          # Username : ArnaudM - ARNAUD
          # Running from : C:\Users\ArnaudM\Downloads\adwcleaner.exe
          # Option : Clean

          ***** [ Services ] *****


          ***** [ Files / Folders ] *****

          Folder Deleted : C:\ProgramData\blekko toolbars
          Folder Deleted : C:\ProgramData\Search Protection
          Folder Deleted : C:\ProgramData\DownLeoad keePeeR
          Folder Deleted : C:\Program Files (x86)\myfree codec
          Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
          Folder Deleted : C:\Program Files (x86)\DownLeoad keePeeR
          Folder Deleted : C:\Users\ArnaudM\AppData\LocalLow\adawaretb
          Folder Deleted : C:\Users\ArnaudM\AppData\Roaming\Mozilla\Firefox\Profiles\sqahn9g4.default\adawaretb

          ***** [ Shortcuts ] *****


          ***** [ Registry ] *****

          Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
          Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
          Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
          Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
          Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
          Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
          Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Key Deleted : HKCU\Software\Softonic
          Key Deleted : HKLM\Software\adawaretb
          Key Deleted : HKLM\Software\Toolbar Cleaner
          Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner

          ***** [ Browsers ] *****

          -\\ Internet Explorer v11.0.9600.16384


          -\\ Mozilla Firefox v26.0 (nl)

          [ File : C:\Users\ArnaudM\AppData\Roaming\Mozilla\Firefox\Profiles\sqahn9g4.default\prefs.js ]

          Line Deleted : user_pref("extensions.7M7.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement(\"script\");script.typ

          *************************

          AdwCleaner[R0].txt - [3125 octets] - [10/02/2014 23:39:01]
          AdwCleaner[S0].txt - [2832 octets] - [10/02/2014 23:44:37]

          ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2892 octets] ##########


          als ik clean met ccleaner krijg ik (na de eerste keer) elke keer terug 5MB verwijderd van internet explorer, tijdelijke bestanden, een bestand (zelfs 10x na elkaar)


          log van PC info

          PC Info vs 2.0.2.2 © 2011-2013 Onsia Patrick (Emphyrio)
          11/2/2014 00:02:04
          Boot Status: Normal boot

          ==================== OS INFO ====================================

          OS version : Windows 8.1
          Edition : Professional N
          Service Pack :
          Build version : 6.3.9600.0
          Windows OS Bits : 64 *

          Update detected : 2014-02-10 22:55:39
          Update downloaded : 2014-02-10 22:56:22
          Update installed : 2014-02-06 12:52:50

          ==================== GENERAL INFO ===============================

          Windows Directory : C:\WINDOWS
          User Profile : C:\Users\ArnaudM
          Java Version : 1.7.0_45
          Antivirus : Windows Defender [Updated - Not Running ]
          Anti Spam : Windows Defender [Updated - Not Running ]
          Firewall : Ad-Aware Firewall [Updated - Not Running ]

          ==================== HARDWARE ===================================

          GenuineIntel Intel64 Family 6 Model 42 Stepping 7
          Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz

          Mainboard : Gigabyte Technology Co., Ltd.

          Model : PH67-UD3-B3

          Bios Version : F8 (Award Software International, Inc.)

          RAM Present : 6127 MB / 6 GB
          RAM Free : 3892 Mb ( 64 % Free )

          Videocard : AMD Radeon HD 6900 Series
          Memory : 2048Mb
          Driver version : 13.350.1005.0

          ==================== APP LIST ===================================

          C:\ Fixed - - NTFS - 1862 Gb (Free : 1256639 Mb / 1227 Gb )
          E:\ Fixed - Media HDD - exFAT - 1862 Gb (Free : 108787 Mb / 106 Gb )

          ==================== INSTALLED SOFTWARE LIST ====================


          64 Bit HP CIO Components Installer 4.2.1
          7-Zip 9.20 9.20.00.0
          Ad-Aware Antivirus 11.1.5354.0
          AdAwareInstaller 11.1.5354.0
          AdAwareUpdater 11.1.5354.0
          Adobe After Effects CS6 11
          Adobe AIR 3.1.0.4880
          Adobe Flash Player 12 Plugin 12.0.0.44
          Adobe Help Manager 4.0.244
          Adobe Reader XI (11.0.06) - Nederlands 11.0.06
          Adobe Shockwave Player 12.0 12.0.7.148
          AMD Accelerated Video Transcoding 13.30.100.40131
          AMD Catalyst Control Center 2014.0131.1535.27922
          AMD Catalyst Install Manager 8.0.916.0
          AntimalwareEngine 2.6.0.0
          AntispamEngine 2.3.29.0
          Apple Application Support 3.0
          Apple Mobile Device Support 7.1.0.32
          Apple Software Update 2.1.3.127
          Battlefield 4™ 1.0.0.1
          Bonjour 3.0.0.10
          Call of Duty: Black Ops - Multiplayer
          Call of Duty: Black Ops
          Catalyst Control Center - Branding 1.00.0000
          Catalyst Control Center Graphics Previews Common 2014.0131.1535.27922
          Catalyst Control Center InstallProxy 2014.0131.1535.27922
          Catalyst Control Center Localization All 2014.0131.1535.27922
          ccc-utility64 2014.0131.1535.27922
          CCC Help Chinese Standard 2014.0131.1534.27922
          CCC Help Chinese Traditional 2014.0131.1534.27922
          CCC Help Czech 2014.0131.1534.27922
          CCC Help Danish 2014.0131.1534.27922
          CCC Help Dutch 2014.0131.1534.27922
          CCC Help English 2014.0131.1534.27922
          CCC Help Finnish 2014.0131.1534.27922
          CCC Help French 2014.0131.1534.27922
          CCC Help German 2014.0131.1534.27922
          CCC Help Greek 2014.0131.1534.27922
          CCC Help Hungarian 2014.0131.1534.27922
          CCC Help Italian 2014.0131.1534.27922
          CCC Help Japanese 2014.0131.1534.27922
          CCC Help Korean 2014.0131.1534.27922
          CCC Help Norwegian 2014.0131.1534.27922
          CCC Help Polish 2014.0131.1534.27922
          CCC Help Portuguese 2014.0131.1534.27922
          CCC Help Russian 2014.0131.1534.27922
          CCC Help Spanish 2014.0131.1534.27922
          CCC Help Swedish 2014.0131.1534.27922
          CCC Help Thai 2014.0131.1534.27922
          CCC Help Turkish 2014.0131.1534.27922
          CCleaner 4.10
          Counter-Strike: Source
          CustomerResearchQFolder 1.00.0000
          Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
          DeviceDiscovery 90.0.146.000
          DeviceManagementQFolder 1.00.0000
          DriverPack Solution Lite version 13 13
          ESN Sonar 0.70.4
          FirewallEngine 1.6.0.0
          Foxit Reader 5.1.3.1201
          GoPro Studio 2.0.1 2.0.1
          HP Customer Participation Program 9.0 9.0
          HP LaserJet M2727 MFP Series 5.2 5.2
          HP Update 4.000.006.002
          hppFaxDrvM2727 003.100.00001
          hppFaxUtility 001.001.00017
          hppFonts 001.001.00056
          hppLaserJetService 001.200.00001
          hppLJM2727 000.102.00101
          hppManualsM2727 000.002.00001
          hppScanTo 003.103.00004
          hppSendFaxM2727 003.000.00001
          hppTLBXFXM2727 001.005.00009
          hppusgM2727 000.000.00006
          HPSSupply 2.2.0.0000
          hpzTLBXFX 005.009.00181
          HydraVision 4.2.252.0
          iTunes 11.1.4.62
          Java 7 Update 45 7.0.450
          Java Auto Updater 2.1.9.8
          League of Legends 3.0.1
          LibreOffice 4.1.3.2 4.1.3.2
          Malwarebytes Anti-Malware versie 1.75.0.1300 1.75.0.1300
          MarketResearch 90.0.146.000
          Microsoft Mouse and Keyboard Center 2.2.173.0
          Microsoft Office Access MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Access MUI (English) 2010 14.0.4734.1000
          Microsoft Office Access Setup Metadata MUI (English) 2010 14.0.4734.1000
          Microsoft Office Excel MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Excel MUI (English) 2010 14.0.4734.1000
          Microsoft Office Groove MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Groove MUI (English) 2010 14.0.4734.1000
          Microsoft Office InfoPath MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office InfoPath MUI (English) 2010 14.0.4734.1000
          Microsoft Office Language Pack 2010 - Dutch/Nederlands 14.0.7015.1000
          Microsoft Office O MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Office 64-bit Components 2010 14.0.4734.1000
          Microsoft Office OneNote MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office OneNote MUI (English) 2010 14.0.4734.1000
          Microsoft Office Outlook MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Outlook MUI (English) 2010 14.0.4734.1000
          Microsoft Office PowerPoint MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office PowerPoint MUI (English) 2010 14.0.4734.1000
          Microsoft Office Professional Plus 2010 14.0.4734.1000
          Microsoft Office Project MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Project MUI (English) 2010 14.0.7015.1000
          Microsoft Office Project Professional 2010 14.0.7015.1000
          Microsoft Office Proof (Dutch) 2010 14.0.7015.1000
          Microsoft Office Proof (English) 2010 14.0.4734.1000
          Microsoft Office Proof (French) 2010 14.0.4734.1000
          Microsoft Office Proof (German) 2010 14.0.7015.1000
          Microsoft Office Proof (Spanish) 2010 14.0.4734.1000
          Microsoft Office Proofing (Dutch) 2010 14.0.7015.1000
          Microsoft Office Proofing (English) 2010 14.0.4734.1000
          Microsoft Office Publisher MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Publisher MUI (English) 2010 14.0.4734.1000
          Microsoft Office Shared 64-bit MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Shared 64-bit MUI (English) 2010 14.0.4734.1000
          Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 14.0.4734.1000
          Microsoft Office Shared MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Shared MUI (English) 2010 14.0.4734.1000
          Microsoft Office Shared Setup Metadata MUI (English) 2010 14.0.4734.1000
          Microsoft Office SharePoint Designer MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Word MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Office Word MUI (English) 2010 14.0.4734.1000
          Microsoft Office X MUI (Dutch) 2010 14.0.7015.1000
          Microsoft Project Language Pack 2010 - Dutch/Nederlands 14.0.7015.1000
          Microsoft Project Professional 2010 14.0.7015.1000
          Microsoft Silverlight 5.1.20913.0
          Microsoft Visual C++ 2005 Redistributable 8.0.56336
          Microsoft Visual C++ 2005 Redistributable 8.0.59193
          Microsoft Visual C++ 2005 Redistributable 8.0.61001
          Microsoft Visual C++ 2005 Redistributable (x64) 8.0.56336
          Microsoft Visual C++ 2005 Redistributable (x64) 8.0.59192
          Microsoft Visual C++ 2005 Redistributable (x64) 8.0.61000
          Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 9.0.30729
          Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 9.0.30729.4148
          Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 9.0.30729.6161
          Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
          Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148
          Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 9.0.30729.6161
          Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 10.0.40219
          Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 10.0.40219
          Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 11.0.50727.1
          Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 11.0.60610.1
          Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 11.0.50727.1
          Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 11.0.60610.1
          Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 11.0.50727
          Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 11.0.60610
          Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 11.0.50727
          Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 11.0.60610
          Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 11.0.50727
          Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 11.0.60610
          Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 11.0.50727
          Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 11.0.60610
          Minecraft1.7.2
          Mozilla Firefox 26.0 (x86 nl) 26.0
          Mozilla Maintenance Service 26.0
          MPC-HC 1.7.1 (64-bit) 1.7.1.0
          OnlineThreatsEngine 2.2.2.0
          Opera 12.16 12.16.1860
          Origin 9.3.6.4639
          PC Info 2.0.22
          Product_Min_QFolder 1.00.0000
          PunkBuster Services 0.993
          QuickTime 7.74.80.86
          Raptr
          Realtek High Definition Audio Driver 6.0.1.6873
          Safari 5.34.57.2
          Secure Download Manager 3.1.20
          Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
          Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
          Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
          Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
          Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
          Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
          Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition
          Simple Shutdown Timer 1.1.2
          Skype Click to Call 6.13.13771
          Skype™ 6.2 6.2.106
          Smart Port Forwarding 1.0.0.1
          Steam 1.0.0.0
          swMSM 12.0.0.1
          TeamViewer 8 8.0.22298
          Update for Microsoft en-us Dictionary 16.1.723.1
          Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
          Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
          Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
          VLC media player 2.1.2 2.1.2
          WebFilteringEngine 2.2.1.0
          WebReg 90.0.146.000
          Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) 03/07/2012
          WinRAR 4.00 (64-bit) 4.00.0

          ==================== STARTUP LIST Enabled========================

          ------- Local 32/64 HKLM ArnaudM------------

          APSDaemon : "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
          Adobe ARM : "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          BCSSync : "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
          ToolBoxFX : "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enumn /alertsn /notificationsn /fln /frn /appDatan /tmcpn
          HP Software Update : C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
          :
          HPUsageTracking : "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
          SunJavaUpdateSched : "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
          iTunesHelper : "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
          QuickTime Task : "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
          StartCCC : "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

          ------- Local [HKLM] ArnaudM------------

          HP LaserJet M2727 MFP Series Fax : C:\Program Files (x86)\HP\hp LaserJet M2727\hppfaxprintersrv.exe "HP LaserJet M2727 MFP Series Fax"
          :
          AdAwareTray : "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe"
          AdobeAAMUpdater-1.0 : "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

          ------- Current User [HKCU] ArnaudM------------

          Steam : "C:\Program Files (x86)\Steam\Steam.exe" -silent
          EADM : "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
          AdobeBridge :
          HydraVisionDesktopManager : "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
          Raptr : C:\PROGRA~2\Raptr\raptrstub.exe --startup


          ==================== RUNNING PROCESSES ==========================

          ipoint ID = 3148 Path: c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
          iTunesHelper ID = 5116 Path: C:\Program Files (x86)\iTunes\iTunesHelper.exe
          dwm ID = 380 Path: C:\WINDOWS\system32\dwm.exe
          raptr_ep64 ID = 4120 Path: C:\Program Files (x86)\Raptr\raptr_ep64.exe
          explorer ID = 3792 Path: C:\WINDOWS\Explorer.EXE
          winlogon ID = 756 Path: C:\WINDOWS\system32\winlogon.exe
          livecomm ID = 3308 Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.ex e
          WinRAR ID = 5716 Path: C:\Program Files\WinRAR\WinRAR.exe
          hpwuSchd2 ID = 4480 Path: C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
          SettingSyncHost ID = 5488 Path: C:\Windows\System32\SettingSyncHost.exe
          AdAwareTray ID = 3296 Path: C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
          dllhost ID = 3884 Path: C:\WINDOWS\system32\DllHost.exe
          atieclxx ID = 928 Path: C:\WINDOWS\system32\atieclxx.exe
          mbam ID = 5252 Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
          plugin-container ID = 4660 Path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
          PC Info ID = 4324 Path: C:\Program Files (x86)\E Dev\PC Info\PC Info.exe
          firefox ID = 908 Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
          notepad ID = 5140 Path: C:\WINDOWS\system32\NOTEPAD.EXE
          Dropbox ID = 3652 Path: C:\Users\ArnaudM\AppData\Roaming\Dropbox\bin\Dropbox.exe
          SkyDrive ID = 4044 Path: C:\Windows\System32\skydrive.exe
          HydraDM64 ID = 3252 Path: C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
          FlashPlayerPlugin_12_0_0_44 ID = 688 Path: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
          hppusg ID = 4616 Path: C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
          MOM ID = 4812 Path: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
          raptr_im ID = 4612 Path: C:\PROGRA~2\Raptr\raptr_im.exe
          FlashPlayerPlugin_12_0_0_44 ID = 868 Path: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
          RuntimeBroker ID = 3400 Path: C:\Windows\System32\RuntimeBroker.exe
          CCC ID = 4396 Path: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
          HPTLBXFX ID = 3204 Path: C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe

          ==================== REG SCAN ===================================

          Empthy keys and/or values aren't logged !


          ==================== SESSION MANAGER ============================

          HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\
          BootExecute = autocheck autochk *


          ==================== WINLOGON ===================================

          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

          Userinit = C:\Windows\system32\userinit.exe,
          Shell = explorer.exe


          ==================== ShellServiceObjectDelayLoad ================

          HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

          WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
          File in HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32\


          ==================== Shell Extensions\Approved ==================

          HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

          {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck
          {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
          File in HKCR\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InProcServer32\ = C:\Windows\System32\webcheck.dll


          ==================== Shell Extensions\Approved WOW 6432 =========

          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
          {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
          {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck


          ==================== SharedTaskScheduler ========================

          HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\



          File in HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32\ = C:\WINDOWS\system32\explorerframe.dll


          ==================== RUN KEYS====================================

          HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
          HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
          HKCU\Software\Microsoft\Windows\CurrentVersion\Run


          EADM = "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
          HydraVisionDesktopManager = "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
          Raptr = C:\PROGRA~2\Raptr\raptrstub.exe --startup
          Steam = "C:\Program Files (x86)\Steam\Steam.exe" -silent
          HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
          HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
          HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
          HKLM\Software\Microsoft\Windows\CurrentVersion\Run


          AdAwareTray = "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe"
          AdobeAAMUpdater-1.0 = "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
          HP LaserJet M2727 MFP Series Fax = C:\Program Files (x86)\HP\hp LaserJet M2727\hppfaxprintersrv.exe "HP LaserJet M2727 MFP Series Fax"

          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run


          Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
          BCSSync = "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
          HP Software Update = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
          HPUsageTracking = "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
          iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
          QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
          StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
          SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
          ToolBoxFX = "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enumn /alertsn /notificationsn /fln /frn /appDatan /tmcpnHKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
          HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce


          ==================== vVv Krepper Trojan Pointers vVv ============

          HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run


          ==================== RUN SERVICES ===============================

          HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
          HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
          HKU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
          HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


          ==================== Shell Folder ===============================

          HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
          Startup = C:\Users\ArnaudM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

          HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run


          ==================== DLL Loaded =================================

          HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows


          ( 0x0 – Load any DLLs. 0x1 – Load only code-signed DLLs.)



          HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load



          ==================== ShellExecuteHooks ==========================

          HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks

          {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook

          ==================== Command Processor ==========================

          HKLM\Software\Microsoft\Command Processor
          HKCU\Software\Microsoft\Command Processor


          ==================== BROWSER HELPER OBJECTS =====================

          HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

          {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper
          File in HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32\
          = C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
          --------------------------------------------------------------------
          {B4F3A835-0E21-4959-BA22-42B3008E02FF} = Office Document Cache Handler
          File in HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32\
          = C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
          --------------------------------------------------------------------

          ==================== BHO - CLSID Wow6432Node ====================

          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects

          {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper
          File in HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32\
          = C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

          --------------------------------------------------------------------
          {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = Java(tm) Plug-In SSV Helper
          File in HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32\
          = C:\Program Files (x86)\Java\jre7\bin\ssv.dll

          --------------------------------------------------------------------
          {B4F3A835-0E21-4959-BA22-42B3008E02FF} = Office Document Cache Handler
          File in HKCR\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32\
          = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

          --------------------------------------------------------------------
          {DBC80044-A445-435b-BC74-9C25C1C588A9} = Java(tm) Plug-In 2 SSV Helper
          File in HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32\
          = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

          --------------------------------------------------------------------

          ==================== TOOLBAR ====================================

          HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

          # Not exist #


          ==================== TOOLBAR - Wow6432Node ======================

          HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar

          # Not exist #


          ==================== URL SEARCH HOOKS ===========================

          HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks

          HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks

          HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks


          ==================== SAFE BOOT ==================================

          HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

          AlternateShell = cmd.exe
          HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

          {533C5B84-EC70-11D2-9505-00C04F79DEAF}
          = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
          = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
          = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
          = SecurityDevices

          HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

          {50DD5230-BA8A-11D1-BF5D-0000F805F530}
          = Smart card readers{533C5B84-EC70-11D2-9505-00C04F79DEAF}
          = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
          = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
          = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
          = SecurityDevicesDnsCache
          = ServiceWudfPf
          = DriverWudfRd
          = DriverWudfSvc
          = ServiceWudfUsbccidDriver
          = Driver

          ==================== DESKTOP ====================================

          HKCU\Control Panel\Desktop

          ScreenSaveActive = 1
          HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop\SCRNSAVE.EXE

          ==================== SECURITYPROVIDERS ==========================

          HKLM\system\currentcontrolset\control\securityproviders

          SecurityProviders = credssp.dll
          File in C:\WINDOWS\System32\credssp.dll 21504 bytes [ 22/08/2013 12:01:38 ]

          ==================== SVCHOST (White Listed) ==================

          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost

          HPZ12 => Pml Driver HPZ12
          SYSTEM\CurrentControlSet\Services\Pml Driver HPZ12\Parameters
          ServiceDll = C:\Windows\System32\HPZipm12.dll
          HPZ12 => Net Driver HPZ12
          SYSTEM\CurrentControlSet\Services\Net Driver HPZ12\Parameters
          ServiceDll = C:\Windows\System32\HPZinw12.dll


          ==================== WOW-SVCHOST ================================

          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost

          hpdevmgmt => hpqcxs08
          HKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Services\hpqcxs08\Parameters
          ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
          hpdevmgmt => hpqddsvc
          HKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Services\hpqddsvc\Parameters
          ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

          ==================== INTERFACES =================================

          HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

          {a37d2f3d-0b41-11e3-9bf0-806e6f6e6963}
          ====================*============================================

          {C7FEAAFB-5090-4A66-9A48-AB351C7046E6}
          ====================*============================================

          {E55C872F-5CE8-404D-BE61-5B90E1AAB1A1}
          ====================*============================================

          {EB966A22-0E64-46C1-AAAF-C695A09B0F27}
          ====================*============================================


          ==================== SEARCHSCOPES ===============================

          HKCU\Software\Microsoft\Internet Explorer\SearchScopes

          DefaultScope :

          {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
          URL : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
          ====================*============================================


          HKLM\Software\Microsoft\Internet Explorer\SearchScopes

          DefaultScope : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

          {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
          URL : http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
          --------------------------------------------------------------------


          ==================== Job files ==================================

          There are no .job files found.
          =================================================================

          Log finished at 11/02/2014 0:02:04
          Thanks for using PC Info...

          ==================== END ========================================

          Comment


          • #6
            Met een log van twee weken terug ben ik niet veel uiteraard, het gaat me om het moment

            AdwCleaner heeft wat opgeruimd en ik zie dat je verschillende browsers gebruikt, waaronder FF op dit moment.

            Als je Ccleaner uitvoerd (en dat geld voor elke bewerking), sluit je het best al je vensters, dus ook je browser.

            Deze mag je nog verwijderen:
            .
            • Java 7 Update 45 7.0.450
            • Java Auto Updater 2.1.9.8

            .
            Wil je naderhand Java terug installeren, dan volg je deze richtlijnen.


            Start je PC op in Veilige Modus.
            Laat Ccleaner runnen en selecteer de gevonden items voor verwijdering.
            Herstart je pc in Normale modus.

            Hoe is de situatie nu?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              malwarebytes op veilige modus toch?

              Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
              www.malwarebytes.org

              Databaseversie: v2014.02.10.06

              Windows 8 x64 NTFS (Veilige modus/netwerkmogelijkheden)
              Internet Explorer 11.0.9600.16476
              ArnaudM :: ARNAUD [administrator]

              Bescherming: Uitgeschakeld

              11/02/2014 18:15:06
              mbam-log-2014-02-11 (18-15-06).txt

              Scan type: Volledige scan (C:\|E:\|F:\|)
              Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken
              Uitgeschakelde scan opties: PUP | PUM | P2P
              Objecten gescand: 498877
              Verstreken tijd: 57 minuut/minuten, 45 seconde(n)

              Geheugenprocessen gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Geheugenmodulen gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Registersleutels gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Registerwaarden gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Registerdata gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Mappen gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              Bestanden gedetecteerd: 0
              (Geen kwaadaardige objecten gedetecteerd)

              (einde)

              Comment


              • #8
                Lees eens aandachtig wat ik geschreven heb (en dat is niet MBAM)
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  dat heb ik ook gedaan maar daar krijg je toch geen logg van?

                  Comment


                  • #10
                    Oorspronkelijk geplaatst door G4M3RS Bekijk Berichten
                    dat heb ik ook gedaan maar daar krijg je toch geen logg van?
                    Dat weet ik, heb ik ook niet gevraagd toch ?

                    Hoe is het nu?
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      ik krijg nog altijd af en toe die meldingen :s

                      Comment


                      • #12
                        Vergeet Combofix, dat zal niet gaan op een W 8.1.
                        Geef me eens een rapport van die melding die MBAM maakt.
                        Oorspronkelijk geplaatst door G4M3RS Bekijk Berichten
                        ik krijg nog altijd af en toe die meldingen :s
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          dit is van vandaag,

                          2014/02/12 00:04:20 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:04:20 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:04:28 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:04:28 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:04:28 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:06:12 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:06:12 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:06:37 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.2.180 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:11:05 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:11:05 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:11:05 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:11:05 +0100 ARNAUD ArnaudM IP-BLOCK 77.78.215.32 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:15:06 +0100 ARNAUD ArnaudM IP-BLOCK 222.186.19.9 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:21:06 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.2.180 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 00:32:05 +0100 ARNAUD ArnaudM IP-BLOCK 222.186.19.9 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:35:13 +0100 ARNAUD ArnaudM IP-BLOCK 176.120.38.238 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:47:55 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:47:55 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:47:55 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:47:55 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:47:55 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:49:32 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:49:32 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:49:40 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:49:40 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:54:21 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:54:21 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:54:21 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:54:21 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:54:29 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 01:54:29 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.86.25 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 11:24:25 +0100 ARNAUD (null) MESSAGE Starting protection
                          2014/02/12 11:24:25 +0100 ARNAUD (null) MESSAGE Protection started successfully
                          2014/02/12 11:24:25 +0100 ARNAUD (null) MESSAGE Starting IP protection
                          2014/02/12 11:24:26 +0100 ARNAUD (null) MESSAGE IP Protection started successfully
                          2014/02/12 12:28:01 +0100 ARNAUD ArnaudM IP-BLOCK 218.9.177.37 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 12:41:57 +0100 ARNAUD ArnaudM IP-BLOCK 94.102.48.43 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 12:56:16 +0100 ARNAUD ArnaudM IP-BLOCK 219.152.122.195 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 12:58:57 +0100 ARNAUD ArnaudM IP-BLOCK 46.17.96.236 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 13:23:25 +0100 ARNAUD ArnaudM MESSAGE Executing scheduled update: Daily
                          2014/02/12 13:23:34 +0100 ARNAUD ArnaudM MESSAGE Scheduled update executed successfully: database updated from version v2014.02.10.06 to version v2014.02.12.05
                          2014/02/12 13:23:34 +0100 ARNAUD ArnaudM MESSAGE Starting database refresh
                          2014/02/12 13:23:35 +0100 ARNAUD ArnaudM MESSAGE Stopping IP protection
                          2014/02/12 13:23:35 +0100 ARNAUD ArnaudM MESSAGE IP Protection stopped successfully
                          2014/02/12 13:23:37 +0100 ARNAUD ArnaudM MESSAGE Database refreshed successfully
                          2014/02/12 13:23:37 +0100 ARNAUD ArnaudM MESSAGE Starting IP protection
                          2014/02/12 13:23:38 +0100 ARNAUD ArnaudM MESSAGE IP Protection started successfully
                          2014/02/12 14:11:34 +0100 ARNAUD ArnaudM IP-BLOCK 89.248.172.148 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 14:16:56 +0100 ARNAUD ArnaudM IP-BLOCK 89.248.172.148 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:06:45 +0100 ARNAUD ArnaudM IP-BLOCK 89.28.46.65 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:09:02 +0100 ARNAUD ArnaudM IP-BLOCK 41.233.112.8 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:14:39 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:17:04 +0100 ARNAUD ArnaudM IP-BLOCK 213.186.121.142 (Type: outgoing, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:29:39 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:32:28 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:32:28 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:32:28 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:32:28 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:32:36 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:32:36 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:34:20 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:34:28 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:39:09 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:39:09 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 15:39:17 +0100 ARNAUD ArnaudM IP-BLOCK 91.214.45.86 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 16:08:13 +0100 ARNAUD ArnaudM IP-BLOCK 94.242.206.148 (Type: incoming, Port: 49026, Process: skype.exe)
                          2014/02/12 16:18:15 +0100 ARNAUD ArnaudM IP-BLOCK 213.55.112.156 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 16:44:38 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 16:59:38 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:07:16 +0100 ARNAUD ArnaudM IP-BLOCK 195.216.179.146 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:14:38 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:29:39 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:44:38 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:56:01 +0100 ARNAUD ArnaudM IP-BLOCK 222.186.19.2 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:56:33 +0100 ARNAUD ArnaudM IP-BLOCK 222.186.19.2 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:56:41 +0100 ARNAUD ArnaudM IP-BLOCK 222.186.19.2 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 17:59:38 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 18:14:38 +0100 ARNAUD ArnaudM IP-BLOCK 188.211.239.7 (Type: incoming, Port: 39764, Process: utorrent.exe)
                          2014/02/12 18:23:29 +0100 ARNAUD ArnaudM IP-BLOCK 222.186.19.2 (Type: incoming, Port: 39764, Process: utorrent.exe)

                          btw, bedankt voor uw hulp, ik ken er zelf wel redelijk wat van, ik had ook al veel dingen geprobeerd voor ik naar hier kwam maar ik kon nix vinden

                          Comment


                          • #14
                            Misschien moet je uTorrent eens uitschakelen, dat zal een hoop schelen.

                            Je pc is clean.

                            1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                            2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                            Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                            3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                            4) Allerlei tips en hints kan je hier raadplegen.


                            Ik zet het topic op opgelost.

                            Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                            naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                            Dit is gedaan om het forum netjes en overzichtelijk te houden.

                            Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                            Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                            Emphyrio
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment

                            Working...
                            X