jarsteve
-
Items
94 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door jarsteve
-
virus mystart.incredibar.com?
jarsteve reageerde op jarsteve's topic in Archief Bestrijding malware & virussen
Dit is het logje: ComboFix 12-07-08.02 - Jonas 09/07/2012 19:02:20.1.2 - x86 Gestart vanuit: c:\users\Jonas\Desktop\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Incredibar.com c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe c:\program files\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe c:\program files\Mozilla Firefox\components\AskHPRFF.js c:\programdata\FullRemove.exe c:\programdata\lchqtlbzlzhzqot c:\programdata\rndoynrv.exe c:\programdata\SPL18BE.tmp c:\programdata\SPL5C7D.tmp c:\programdata\SPL706E.tmp c:\programdata\yjlxmdvd.exe c:\users\Jonas\AppData\Local\MSoft c:\users\Jonas\AppData\Local\MSoft\VerCheck\NDde.dll c:\users\Jonas\AppData\Roaming\819A.CD2 c:\users\Jonas\AppData\Roaming\Adobe\plugs c:\users\Jonas\AppData\Roaming\Adobe\shed c:\users\Jonas\AppData\Roaming\Qaqah c:\users\Jonas\AppData\Roaming\Qaqah\ahhee.piw c:\users\Jonas\AppData\Roaming\Ybaq c:\users\Jonas\AppData\Roaming\Ybaq\axxei.tmp c:\users\Jonas\AppData\Roaming\Ybaq\axxei.ufg c:\users\Public\sdelevURL.tmp c:\windows\assembly\GAC\Desktop.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-09 to 2012-07-09 )))))))))))))))))))))))))))))) . . 2012-07-09 17:08 . 2012-07-09 17:33 -------- d-----w- c:\users\Jonas\AppData\Local\temp 2012-07-09 17:08 . 2012-07-09 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-09 17:08 . 2012-07-09 17:08 -------- d-----w- c:\users\Danny\AppData\Local\temp 2012-07-09 16:25 . 2012-07-09 16:25 -------- d-----w- c:\users\Jonas\AppData\Roaming\Oxby 2012-07-09 13:52 . 2012-07-09 13:52 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-07-08 18:37 . 2012-07-09 12:21 271360 ----a-w- c:\windows\system32\drivers\atksgt.sys 2012-07-08 18:37 . 2012-07-08 18:37 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2012-07-08 10:13 . 2012-07-08 10:13 -------- d-----w- c:\program files\Common Files\SWF Studio 2012-07-07 23:10 . 2012-07-09 22:16 -------- d-----w- c:\users\Jonas\AppData\Roaming\DAEMON Tools Lite 2012-07-07 23:08 . 2012-07-09 22:16 -------- d-----w- c:\programdata\DAEMON Tools Lite 2012-07-07 22:38 . 2012-07-07 22:38 -------- d-----w- c:\users\Jonas\AppData\Local\CRE 2012-07-07 22:38 . 2012-07-07 22:38 -------- d-----w- c:\program files\Conduit 2012-07-07 22:38 . 2012-07-07 22:38 -------- d-----w- c:\users\Jonas\AppData\Local\Conduit 2012-07-07 22:38 . 2012-07-09 22:16 -------- d-----w- c:\program files\BittorrentBar_NL 2012-07-07 22:37 . 2012-07-09 16:21 -------- d-----w- c:\users\Jonas\AppData\Roaming\BitTorrent 2012-07-07 20:44 . 2012-07-07 22:33 -------- d-----w- c:\users\Jonas\AppData\Roaming\uTorrent 2012-07-07 20:26 . 2012-07-07 20:26 -------- d-----w- c:\program files\Web Assistant 2012-07-07 20:25 . 2012-07-07 20:26 -------- d-----w- c:\program files\1ClickDownload 2012-07-07 20:05 . 2012-07-09 13:07 -------- d-----w- c:\users\Jonas\anno 2012-06-21 08:36 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 08:36 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 08:36 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 08:36 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 08:35 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-21 08:35 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 08:35 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 08:35 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 08:35 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 18:22 . 2012-06-20 18:22 -------- d-----w- c:\programdata\jmhjsleidlvueef 2012-06-13 07:08 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 07:08 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll 2012-06-13 07:08 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys 2012-06-13 07:08 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 07:08 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 07:08 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 07:08 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-06-13 07:08 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 07:08 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-06-13 07:08 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-10 14:22 . 2012-06-10 14:22 -------- d-----w- c:\programdata\Lexmark Pro700 Series . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-05 16:03 . 2012-03-29 18:58 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-05 16:03 . 2011-05-17 15:17 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-09 13:25 . 2012-06-09 13:25 135680 ----a-w- c:\users\Jonas\AppData\Roaming\pkg_0ll.exe 2012-05-30 08:29 . 2012-05-30 08:29 121856 ----a-w- c:\users\Jonas\AppData\Roaming\opret0l.exe 2012-05-08 16:40 . 2012-06-01 07:01 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BC8DF5B6-422F-4E46-8557-5EAB2EC58C80}\mpengine.dll 2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\system32\QuickTime.qts 2009-10-26 14:05 . 2009-10-26 14:05 124240 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll 2009-10-26 14:10 . 2009-10-26 14:10 13136 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2009-10-26 14:08 . 2009-10-26 14:08 70488 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2009-10-26 14:09 . 2009-10-26 14:09 91480 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2009-10-26 14:08 . 2009-10-26 14:08 22360 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll 2009-10-26 14:06 . 2009-10-26 14:06 255312 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2009-10-26 14:08 . 2009-10-26 14:08 31064 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll 2009-10-26 14:09 . 2009-10-26 14:09 40280 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2009-10-19 16:58 . 2009-10-19 16:58 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2009-10-26 14:08 . 2009-10-26 14:08 23896 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\users\Jonas\anno\daemon tools\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872] "Ylahewly"="c:\users\Jonas\AppData\Roaming\Oxby\sieby.exe" [2012-07-03 319488] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-19 7711264] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2009-07-08 115560] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-10-26 103768] "MRT"="c:\windows\system32\MRT.exe" [2012-06-14 56731752] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "lxeemon.exe"="c:\program files\Lexmark Pro700 Series\lxeemon.exe" [2011-01-24 770728] "EzPrint"="c:\program files\Lexmark Pro700 Series\ezprint.exe" [2011-01-24 148280] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] . c:\users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 lxeeCATSCustConnectService;lxeeCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 lxee_device;lxee_device;c:\windows\system32\lxeecoms.exe [x] S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [x] S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x] S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 20:57] . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 20:57] . 2012-03-29 c:\windows\Tasks\SpeedyPC Registration3.job - c:\program files\Common Files\SpeedyPC Software\UUS3\UUS3.dll [2011-10-06 16:18] . 2012-03-29 c:\windows\Tasks\SpeedyPC Update Version3.job - c:\program files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18] . 2012-07-08 c:\windows\Tasks\SyncBack Backup Jonas Bibliotheken.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-12-30 11:00] . 2012-07-08 c:\windows\Tasks\SyncBack Synchronise Folder RECHTEN.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-12-30 11:00] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\wb6o2362.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com/mb128?a=6R8yiA4Lp5&i=26 FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb128/?loc=IB_DS&a=6R8yiA4Lp5&&i=26&search= FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 55758 FF - prefs.js: network.proxy.type - 1 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591} FF - Ext: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Firefox FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8yiA4Lp5&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 84adbed90000000000000626b67c15e5 FF - user.js: extensions.incredibar_i.instlDay - 15528 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1422:26 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6R8yiA4Lp5 FF - user.js: extensions.incredibar_i.upn2n - 92824666021914927 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10658 FF - user.js: extensions.incredibar_i.ppd - . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) SafeBoot-55724379.sys SafeBoot-mcmscsvc SafeBoot-MCODS SafeBoot-Symantec Antvirus AddRemove-BitTorrent - c:\users\Jonas\anno\BitTorrent.exe AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe AddRemove-uTorrent - c:\users\Jonas\anno\uTorrent.exe AddRemove-{604CD5A1-4520-4844-B064-A3D884B77E91} - c:\users\Jonas\virus\SpeedyPC\uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Symantec\Symantec Endpoint Protection\Smc.exe c:\program files\Common Files\Symantec Shared\ccSvcHst.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Symantec\Symantec Endpoint Protection\Rtvscan.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\taskhost.exe c:\program files\TeamViewer\Version6\TeamViewer.exe c:\program files\TeamViewer\Version6\tv_w32.exe c:\windows\system32\igfxext.exe c:\windows\system32\igfxsrvc.exe c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\program files\Symantec\Symantec Endpoint Protection\SmcGui.exe c:\windows\system32\DllHost.exe . ************************************************************************** . Voltooingstijd: 2012-07-09 19:37:06 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-09 17:37 . Pre-Run: 142.872.748.032 bytes beschikbaar Post-Run: 142.454.665.216 bytes beschikbaar . - - End Of File - - D8E5A4A46930083C1AE228E133DCC731 Ik zie nu wel dat het in firefox wel nog niet verdwenen is... zijn er nog problemen? -
virus mystart.incredibar.com?
jarsteve reageerde op jarsteve's topic in Archief Bestrijding malware & virussen
Hopelijk is het deze keer goed... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:34:17, on 9/07/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Safe mode with network support Running processes: C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\windows\helppane.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Jonas\anno\daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Ylahewly] C:\Users\Jonas\AppData\Roaming\Oxby\sieby.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-837711937-2185517149-3617628737-1001\..\Run: [DAEMON Tools Lite] "C:\Users\Jonas\anno\daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun (User '?') O4 - S-1-5-21-837711937-2185517149-3617628737-1001 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 9265 bytes Jarsteve -
virus mystart.incredibar.com?
jarsteve reageerde op jarsteve's topic in Archief Bestrijding malware & virussen
Hier is mijn Hijackthislog: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:33:48, on 9/07/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\windows\system32\taskeng.exe C:\windows\system32\taskhost.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\TeamViewer\Version6\TeamViewer.exe C:\windows\system32\taskhost.exe C:\windows\system32\igfxext.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Users\Jonas\virus\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Symantec\LiveUpdate\luall.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\notepad.exe C:\windows\system32\taskeng.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Jonas\anno\daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-837711937-2185517149-3617628737-1001\..\Run: [DAEMON Tools Lite] "C:\Users\Jonas\anno\daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun (User '?') O4 - S-1-5-21-837711937-2185517149-3617628737-1001 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- End of file - 12061 bytes Dit is mijn Malwarebytes' Anti-Malware log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.20.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 9/07/2012 14:25:06 mbam-log-2012-07-09 (14-25-06).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 226735 Verstreken tijd: 7 minuut/minuten, 54 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Dit is het vorige Malwarebytes' Anti-Malware log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.20.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 9/07/2012 13:43:53 mbam-log-2012-07-09 (13-43-53).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 227084 Verstreken tijd: 14 minuut/minuten, 4 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 11 c:\users\jonas\appdata\local\temp\dwh1c29.tmp (Trojan.FakeAlert) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh3b2e.tmp (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh471f.tmp (Rootkit.0Access) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh5eb5.tmp (Rootkit.0Access) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh6a87.tmp (Rootkit.0Access) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh6b52.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh763a.tmp (Rootkit.0Access) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh7f10.tmp (Trojan.Agent.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwh84c.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwhc525.tmp (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd. c:\users\jonas\appdata\local\temp\dwheca1.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Bedankt! -
virus mystart.incredibar.com?
jarsteve reageerde op jarsteve's topic in Archief Bestrijding malware & virussen
Bedankt voor het antwoord. Hier is mijn logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:03:21, on 9/07/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\taskeng.exe C:\Program Files\TeamViewer\Version6\TeamViewer.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\windows\system32\igfxext.exe C:\windows\system32\igfxsrvc.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\windows\system32\conhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\windows\system32\SearchFilterHost.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Jonas\anno\daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-837711937-2185517149-3617628737-1001\..\Run: [DAEMON Tools Lite] "C:\Users\Jonas\anno\daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun (User '?') O4 - S-1-5-21-837711937-2185517149-3617628737-1001 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- End of file - 12021 bytes Jarsteve -
Na het downloaden van een bestand kwam ik als startpagina bij internetexplorer op deze link: mystart.incredibar.com. Nadad ik wat gezocht had op google bleek dat dit een virus is... Weet iemand hoe ik hier van kan afgeraken? Bedankt! Jarsteve
-
Bedankt voor het snelle antwoord! Op het eerste zicht zijn de problemen van de baan. MBAM-log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.20.05 Windows 7 Service Pack 1 x86 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 20/06/2012 23:04:48 mbam-log-2012-06-20 (23-04-48).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 229250 Verstreken tijd: 4 minuut/minuten, 6 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Users\Jonas\AppData\Local\{023b0c7e-a8b9-3c6a-88eb-24e115af39b5}\n. -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 1 HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Slecht: (\\.\globalroot\systemroot\Installer\{023b0c7e-a8b9-3c6a-88eb-24e115af39b5}\n.) Goed: (%systemroot%\system32\wbem\wbemess.dll) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\$Recycle.Bin\S-1-5-21-837711937-2185517149-3617628737-1001\$RNM6BJ6.exe (Trojan.Downloader.LK) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jonas\0.25539233764985114.exe (Trojan.Agent.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Dit is het nieuwe HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:24:26, on 20/06/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\taskeng.exe C:\Program Files\TeamViewer\Version6\TeamViewer.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\windows\system32\igfxext.exe C:\windows\system32\igfxsrvc.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\windows\system32\prevhost.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Users\Jonas\virus\Malwarebytes' Anti-Malware\mbam.exe C:\windows\system32\NOTEPAD.EXE C:\windows\system32\SearchFilterHost.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - S-1-5-21-837711937-2185517149-3617628737-1001 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 10646 bytes Bedankt!
-
Sinds kort is mijn pc getroffen door het politie/ukash-virus. In een map vond ik opeens het bestand met de beschrijving "0.25539233764985114". Heeft dit er iets mee te maken? Hopelijk kunnen jullie helpen! Hier is alleszins mijn Hijackthis-logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:43:18, on 20/06/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Safe mode with network support Running processes: C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\windows\helppane.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [conhost] C:\Users\Jonas\AppData\Roaming\Microsoft\conhost.exe O4 - HKCU\..\Run: [cnrog] rundll32.exe "C:\Users\Jonas\AppData\Local\Temp\cnrog.dll",SetPCDResolution O4 - HKCU\..\Run: [yjlxmdvdeqcnyzf] C:\ProgramData\yjlxmdvd.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-837711937-2185517149-3617628737-1001\..\Run: [conhost] C:\Users\Jonas\AppData\Roaming\Microsoft\conhost.exe (User '?') O4 - S-1-5-21-837711937-2185517149-3617628737-1001 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 9210 bytes Bedankt alleszins! Jarsteve
-
Ok, alles lijkt terug normaal! Ongelofelijk bedankt!
-
Dit is de screenshot
-
Dit is het logje van Malwarebytes ... Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.14.06 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 14/04/2012 21:58:58 mbam-log-2012-04-14 (21-58-58).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 217211 Verstreken tijd: 13 minuut/minuten, 9 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
-
Ik heb net op de uninstall van Malwarebites geklikt. Ik zal het nu herinstalleren. Deze bijlage geeft mijn bureaublad weer als ik niet in de veilige modus zit. Zoals je ziet is het FCCU nog steeds actief, maar ik kan nu al wat meer handelingen doen. Als ik echter op het tabblad klik om het te verwijderen gaat alles weer blokkeren.
-
Ik heb de optie "delete" gekozen. Daarna moest de laptop heropstarten, maar het FCCU verscheen opnieuw... Dezelfde foutmelding kwam op het scherm: de pc kon de module malwarebytes antimalware/cleanup.dll niet vinden... heeft dit er iets mee te maken? Bedankt!
-
Dat klopt inderdaad! Ik wist niet direct wat te doen, daarom dat ik het nog op "veilig" hield. welke actie moet ik dan ondernemen?
-
Hallo, Ik herstarte de pc daarnet nog eens en toen kwam er een foutmelding op het scherm: de pc kon de module malwarebytes antimalware/cleanup.dll niet vinden... Hier is alleszins TDSSKILLER-log (er werd wel niets gevonden vrees ik): 18:08:18.0192 3920 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05 18:08:18.0333 3920 ============================================================ 18:08:18.0333 3920 Current date / time: 2012/04/14 18:08:18.0333 18:08:18.0333 3920 SystemInfo: 18:08:18.0333 3920 18:08:18.0333 3920 OS Version: 6.1.7601 ServicePack: 1.0 18:08:18.0333 3920 Product type: Workstation 18:08:18.0333 3920 ComputerName: JONAS-PC 18:08:18.0333 3920 UserName: Jonas 18:08:18.0333 3920 Windows directory: C:\windows 18:08:18.0333 3920 System windows directory: C:\windows 18:08:18.0333 3920 Processor architecture: Intel x86 18:08:18.0333 3920 Number of processors: 2 18:08:18.0333 3920 Page size: 0x1000 18:08:18.0333 3920 Boot type: Safe boot with network 18:08:18.0333 3920 ============================================================ 18:08:18.0832 3920 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:08:18.0832 3920 \Device\Harddisk0\DR0: 18:08:18.0832 3920 MBR used 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x16A3A000 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1886C800, BlocksNum 0xCBC1800 18:08:18.0894 3920 Initialize success 18:08:18.0894 3920 ============================================================ 18:08:36.0491 4004 ============================================================ 18:08:36.0491 4004 Scan started 18:08:36.0491 4004 Mode: Manual; 18:08:36.0491 4004 ============================================================ 18:08:37.0037 4004 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys 18:08:37.0037 4004 1394ohci - ok 18:08:37.0084 4004 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys 18:08:37.0084 4004 ACPI - ok 18:08:37.0146 4004 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys 18:08:37.0146 4004 AcpiPmi - ok 18:08:37.0287 4004 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:08:37.0287 4004 AdobeFlashPlayerUpdateSvc - ok 18:08:37.0411 4004 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 18:08:37.0411 4004 adp94xx - ok 18:08:37.0505 4004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 18:08:37.0505 4004 adpahci - ok 18:08:37.0521 4004 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 18:08:37.0521 4004 adpu320 - ok 18:08:37.0552 4004 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 18:08:37.0552 4004 AeLookupSvc - ok 18:08:37.0661 4004 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys 18:08:37.0661 4004 AFD - ok 18:08:37.0692 4004 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys 18:08:37.0692 4004 agp440 - ok 18:08:37.0801 4004 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 18:08:37.0801 4004 aic78xx - ok 18:08:37.0848 4004 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 18:08:37.0848 4004 ALG - ok 18:08:37.0957 4004 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys 18:08:37.0957 4004 aliide - ok 18:08:37.0989 4004 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys 18:08:37.0989 4004 amdagp - ok 18:08:38.0098 4004 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys 18:08:38.0098 4004 amdide - ok 18:08:38.0145 4004 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 18:08:38.0145 4004 AmdK8 - ok 18:08:38.0223 4004 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 18:08:38.0223 4004 AmdPPM - ok 18:08:38.0285 4004 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys 18:08:38.0285 4004 amdsata - ok 18:08:38.0394 4004 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 18:08:38.0394 4004 amdsbs - ok 18:08:38.0441 4004 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys 18:08:38.0441 4004 amdxata - ok 18:08:38.0550 4004 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys 18:08:38.0550 4004 AppID - ok 18:08:38.0581 4004 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 18:08:38.0597 4004 AppIDSvc - ok 18:08:38.0691 4004 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll 18:08:38.0691 4004 Appinfo - ok 18:08:38.0769 4004 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:08:38.0769 4004 Apple Mobile Device - ok 18:08:38.0878 4004 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 18:08:38.0878 4004 arc - ok 18:08:38.0909 4004 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 18:08:38.0909 4004 arcsas - ok 18:08:38.0940 4004 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 18:08:38.0940 4004 AsyncMac - ok 18:08:39.0065 4004 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys 18:08:39.0065 4004 atapi - ok 18:08:39.0127 4004 athr (de0fbcccd6af0f0e7bf12e8d041cc48f) C:\windows\system32\DRIVERS\athr.sys 18:08:39.0143 4004 athr - ok 18:08:39.0252 4004 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:08:39.0252 4004 AudioEndpointBuilder - ok 18:08:39.0268 4004 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:08:39.0268 4004 Audiosrv - ok 18:08:39.0361 4004 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll 18:08:39.0361 4004 AxInstSV - ok 18:08:39.0424 4004 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 18:08:39.0439 4004 b06bdrv - ok 18:08:39.0533 4004 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 18:08:39.0533 4004 b57nd60x - ok 18:08:39.0642 4004 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 18:08:39.0658 4004 BcmSqlStartupSvc - ok 18:08:39.0751 4004 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 18:08:39.0751 4004 BDESVC - ok 18:08:39.0798 4004 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 18:08:39.0798 4004 Beep - ok 18:08:39.0907 4004 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll 18:08:39.0907 4004 BFE - ok 18:08:40.0017 4004 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll 18:08:40.0048 4004 BITS - ok 18:08:40.0141 4004 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 18:08:40.0141 4004 blbdrive - ok 18:08:40.0235 4004 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 18:08:40.0251 4004 Bonjour Service - ok 18:08:40.0360 4004 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys 18:08:40.0360 4004 bowser - ok 18:08:40.0391 4004 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 18:08:40.0391 4004 BrFiltLo - ok 18:08:40.0407 4004 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 18:08:40.0407 4004 BrFiltUp - ok 18:08:40.0516 4004 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll 18:08:40.0516 4004 Browser - ok 18:08:40.0563 4004 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 18:08:40.0563 4004 Brserid - ok 18:08:40.0594 4004 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 18:08:40.0594 4004 BrSerWdm - ok 18:08:40.0687 4004 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 18:08:40.0687 4004 BrUsbMdm - ok 18:08:40.0719 4004 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 18:08:40.0719 4004 BrUsbSer - ok 18:08:40.0734 4004 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 18:08:40.0734 4004 BTHMODEM - ok 18:08:40.0828 4004 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 18:08:40.0828 4004 bthserv - ok 18:08:40.0906 4004 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:08:40.0906 4004 ccEvtMgr - ok 18:08:40.0921 4004 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:08:40.0921 4004 ccSetMgr - ok 18:08:40.0999 4004 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 18:08:40.0999 4004 cdfs - ok 18:08:41.0062 4004 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys 18:08:41.0062 4004 cdrom - ok 18:08:41.0171 4004 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:08:41.0171 4004 CertPropSvc - ok 18:08:41.0218 4004 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 18:08:41.0218 4004 circlass - ok 18:08:41.0265 4004 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 18:08:41.0265 4004 CLFS - ok 18:08:41.0358 4004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:08:41.0358 4004 clr_optimization_v2.0.50727_32 - ok 18:08:41.0483 4004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:08:41.0499 4004 clr_optimization_v4.0.30319_32 - ok 18:08:41.0561 4004 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 18:08:41.0577 4004 CmBatt - ok 18:08:41.0639 4004 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys 18:08:41.0639 4004 cmdide - ok 18:08:41.0670 4004 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys 18:08:41.0686 4004 CNG - ok 18:08:41.0764 4004 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 18:08:41.0764 4004 Compbatt - ok 18:08:41.0842 4004 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys 18:08:41.0842 4004 CompositeBus - ok 18:08:41.0889 4004 COMSysApp - ok 18:08:41.0935 4004 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 18:08:41.0935 4004 crcdisk - ok 18:08:41.0982 4004 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll 18:08:41.0982 4004 CryptSvc - ok 18:08:42.0123 4004 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys 18:08:42.0123 4004 ctxusbm - ok 18:08:42.0169 4004 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:08:42.0169 4004 DcomLaunch - ok 18:08:42.0263 4004 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 18:08:42.0263 4004 defragsvc - ok 18:08:42.0325 4004 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys 18:08:42.0325 4004 DfsC - ok 18:08:42.0435 4004 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll 18:08:42.0435 4004 Dhcp - ok 18:08:42.0466 4004 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 18:08:42.0466 4004 discache - ok 18:08:42.0591 4004 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 18:08:42.0591 4004 Disk - ok 18:08:42.0622 4004 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll 18:08:42.0622 4004 Dnscache - ok 18:08:42.0700 4004 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll 18:08:42.0700 4004 dot3svc - ok 18:08:42.0809 4004 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys 18:08:42.0809 4004 Dot4 - ok 18:08:42.0903 4004 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\windows\system32\drivers\Dot4Prt.sys 18:08:42.0903 4004 Dot4Print - ok 18:08:42.0965 4004 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys 18:08:42.0965 4004 dot4usb - ok 18:08:43.0012 4004 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll 18:08:43.0012 4004 DPS - ok 18:08:43.0121 4004 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 18:08:43.0121 4004 drmkaud - ok 18:08:43.0183 4004 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys 18:08:43.0183 4004 DXGKrnl - ok 18:08:43.0277 4004 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 18:08:43.0277 4004 EapHost - ok 18:08:43.0386 4004 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 18:08:43.0480 4004 ebdrv - ok 18:08:43.0573 4004 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 18:08:43.0573 4004 eeCtrl - ok 18:08:43.0651 4004 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe 18:08:43.0651 4004 EFS - ok 18:08:43.0729 4004 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe 18:08:43.0729 4004 ehRecvr - ok 18:08:43.0776 4004 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe 18:08:43.0776 4004 ehSched - ok 18:08:43.0885 4004 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 18:08:43.0885 4004 elxstor - ok 18:08:44.0010 4004 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:08:44.0010 4004 EraserUtilRebootDrv - ok 18:08:44.0104 4004 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys 18:08:44.0104 4004 ErrDev - ok 18:08:44.0166 4004 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 18:08:44.0166 4004 EventSystem - ok 18:08:44.0244 4004 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 18:08:44.0244 4004 exfat - ok 18:08:44.0275 4004 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 18:08:44.0275 4004 fastfat - ok 18:08:44.0322 4004 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe 18:08:44.0338 4004 Fax - ok 18:08:44.0416 4004 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 18:08:44.0416 4004 fdc - ok 18:08:44.0447 4004 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 18:08:44.0447 4004 fdPHost - ok 18:08:44.0494 4004 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 18:08:44.0494 4004 FDResPub - ok 18:08:44.0509 4004 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 18:08:44.0509 4004 FileInfo - ok 18:08:44.0556 4004 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 18:08:44.0556 4004 Filetrace - ok 18:08:44.0587 4004 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 18:08:44.0587 4004 flpydisk - ok 18:08:44.0665 4004 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 18:08:44.0665 4004 FltMgr - ok 18:08:44.0712 4004 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll 18:08:44.0712 4004 FontCache - ok 18:08:44.0806 4004 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:08:44.0821 4004 FontCache3.0.0.0 - ok 18:08:44.0899 4004 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 18:08:44.0899 4004 FsDepends - ok 18:08:44.0962 4004 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\windows\system32\DRIVERS\fssfltr.sys 18:08:44.0962 4004 fssfltr - ok 18:08:45.0087 4004 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 18:08:45.0102 4004 fsssvc - ok 18:08:45.0196 4004 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys 18:08:45.0211 4004 Fs_Rec - ok 18:08:45.0258 4004 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys 18:08:45.0274 4004 fvevol - ok 18:08:45.0367 4004 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 18:08:45.0367 4004 gagp30kx - ok 18:08:45.0414 4004 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 18:08:45.0414 4004 GEARAspiWDM - ok 18:08:45.0508 4004 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll 18:08:45.0508 4004 gpsvc - ok 18:08:45.0601 4004 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:08:45.0617 4004 gupdate - ok 18:08:45.0617 4004 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:08:45.0617 4004 gupdatem - ok 18:08:45.0664 4004 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 18:08:45.0664 4004 gusvc - ok 18:08:45.0757 4004 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 18:08:45.0757 4004 hcw85cir - ok 18:08:45.0820 4004 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys 18:08:45.0820 4004 HdAudAddService - ok 18:08:45.0945 4004 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys 18:08:45.0960 4004 HDAudBus - ok 18:08:45.0976 4004 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 18:08:45.0976 4004 HidBatt - ok 18:08:45.0991 4004 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 18:08:45.0991 4004 HidBth - ok 18:08:46.0023 4004 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 18:08:46.0023 4004 HidIr - ok 18:08:46.0085 4004 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 18:08:46.0085 4004 hidserv - ok 18:08:46.0179 4004 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys 18:08:46.0179 4004 HidUsb - ok 18:08:46.0210 4004 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll 18:08:46.0210 4004 hkmsvc - ok 18:08:46.0272 4004 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll 18:08:46.0272 4004 HomeGroupListener - ok 18:08:46.0319 4004 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll 18:08:46.0319 4004 HomeGroupProvider - ok 18:08:46.0491 4004 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 18:08:46.0491 4004 hpqcxs08 - ok 18:08:46.0506 4004 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 18:08:46.0506 4004 hpqddsvc - ok 18:08:46.0615 4004 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys 18:08:46.0615 4004 HpSAMD - ok 18:08:46.0740 4004 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 18:08:46.0740 4004 HPSLPSVC - ok 18:08:46.0881 4004 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys 18:08:46.0881 4004 HTTP - ok 18:08:46.0974 4004 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys 18:08:46.0974 4004 hwpolicy - ok 18:08:47.0037 4004 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys 18:08:47.0037 4004 i8042prt - ok 18:08:47.0115 4004 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 18:08:47.0115 4004 IAANTMON - ok 18:08:47.0255 4004 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys 18:08:47.0255 4004 iaStor - ok 18:08:47.0302 4004 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys 18:08:47.0302 4004 iaStorV - ok 18:08:47.0427 4004 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:08:47.0442 4004 idsvc - ok 18:08:47.0723 4004 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\windows\system32\DRIVERS\igdkmd32.sys 18:08:47.0926 4004 igfx - ok 18:08:48.0035 4004 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 18:08:48.0035 4004 iirsp - ok 18:08:48.0097 4004 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll 18:08:48.0113 4004 IKEEXT - ok 18:08:48.0253 4004 IntcAzAudAddService (5ceef2cccb4fe00d3ffbfeb12bcfa07f) C:\windows\system32\drivers\RTKVHDA.sys 18:08:48.0285 4004 IntcAzAudAddService - ok 18:08:48.0394 4004 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys 18:08:48.0394 4004 intelide - ok 18:08:48.0441 4004 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 18:08:48.0441 4004 intelppm - ok 18:08:48.0534 4004 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 18:08:48.0534 4004 IPBusEnum - ok 18:08:48.0581 4004 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 18:08:48.0581 4004 IpFilterDriver - ok 18:08:48.0690 4004 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll 18:08:48.0690 4004 iphlpsvc - ok 18:08:48.0799 4004 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys 18:08:48.0799 4004 IPMIDRV - ok 18:08:48.0831 4004 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 18:08:48.0846 4004 IPNAT - ok 18:08:48.0940 4004 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe 18:08:48.0940 4004 iPod Service - ok 18:08:49.0049 4004 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 18:08:49.0049 4004 IRENUM - ok 18:08:49.0080 4004 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys 18:08:49.0080 4004 isapnp - ok 18:08:49.0143 4004 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys 18:08:49.0158 4004 iScsiPrt - ok 18:08:49.0221 4004 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys 18:08:49.0221 4004 kbdclass - ok 18:08:49.0283 4004 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys 18:08:49.0283 4004 kbdhid - ok 18:08:49.0314 4004 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:49.0314 4004 KeyIso - ok 18:08:49.0361 4004 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys 18:08:49.0361 4004 KSecDD - ok 18:08:49.0408 4004 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys 18:08:49.0408 4004 KSecPkg - ok 18:08:49.0439 4004 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 18:08:49.0439 4004 KtmRm - ok 18:08:49.0548 4004 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll 18:08:49.0548 4004 LanmanServer - ok 18:08:49.0626 4004 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll 18:08:49.0642 4004 LanmanWorkstation - ok 18:08:49.0798 4004 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 18:08:49.0907 4004 LiveUpdate - ok 18:08:50.0016 4004 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 18:08:50.0016 4004 lltdio - ok 18:08:50.0047 4004 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 18:08:50.0047 4004 lltdsvc - ok 18:08:50.0110 4004 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 18:08:50.0110 4004 lmhosts - ok 18:08:50.0172 4004 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 18:08:50.0172 4004 LSI_FC - ok 18:08:50.0266 4004 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 18:08:50.0266 4004 LSI_SAS - ok 18:08:50.0281 4004 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 18:08:50.0281 4004 LSI_SAS2 - ok 18:08:50.0297 4004 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 18:08:50.0297 4004 LSI_SCSI - ok 18:08:50.0422 4004 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 18:08:50.0422 4004 luafv - ok 18:08:50.0562 4004 lxeeCATSCustConnectService (a9d8d63c7378dd34e4e19036093a9264) C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe 18:08:50.0578 4004 lxeeCATSCustConnectService - ok 18:08:50.0687 4004 lxee_device - ok 18:08:50.0749 4004 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll 18:08:50.0749 4004 Mcx2Svc - ok 18:08:50.0812 4004 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 18:08:50.0812 4004 megasas - ok 18:08:50.0905 4004 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 18:08:50.0905 4004 MegaSR - ok 18:08:51.0030 4004 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 18:08:51.0030 4004 Microsoft Office Groove Audit Service - ok 18:08:51.0108 4004 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:08:51.0108 4004 MMCSS - ok 18:08:51.0155 4004 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 18:08:51.0155 4004 Modem - ok 18:08:51.0249 4004 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 18:08:51.0249 4004 monitor - ok 18:08:51.0295 4004 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys 18:08:51.0295 4004 mouclass - ok 18:08:51.0405 4004 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 18:08:51.0405 4004 mouhid - ok 18:08:51.0451 4004 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys 18:08:51.0451 4004 mountmgr - ok 18:08:51.0483 4004 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys 18:08:51.0498 4004 mpio - ok 18:08:51.0576 4004 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 18:08:51.0576 4004 mpsdrv - ok 18:08:51.0639 4004 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll 18:08:51.0639 4004 MpsSvc - ok 18:08:51.0732 4004 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys 18:08:51.0732 4004 MRxDAV - ok 18:08:51.0779 4004 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys 18:08:51.0779 4004 mrxsmb - ok 18:08:51.0857 4004 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys 18:08:51.0857 4004 mrxsmb10 - ok 18:08:51.0888 4004 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys 18:08:51.0904 4004 mrxsmb20 - ok 18:08:51.0935 4004 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys 18:08:51.0935 4004 msahci - ok 18:08:52.0029 4004 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys 18:08:52.0029 4004 msdsm - ok 18:08:52.0075 4004 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 18:08:52.0075 4004 MSDTC - ok 18:08:52.0169 4004 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 18:08:52.0169 4004 Msfs - ok 18:08:52.0200 4004 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 18:08:52.0200 4004 mshidkmdf - ok 18:08:52.0231 4004 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys 18:08:52.0231 4004 msisadrv - ok 18:08:52.0309 4004 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 18:08:52.0309 4004 MSiSCSI - ok 18:08:52.0325 4004 msiserver - ok 18:08:52.0356 4004 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 18:08:52.0356 4004 MSKSSRV - ok 18:08:52.0450 4004 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 18:08:52.0450 4004 MSPCLOCK - ok 18:08:52.0481 4004 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 18:08:52.0481 4004 MSPQM - ok 18:08:52.0512 4004 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 18:08:52.0512 4004 MsRPC - ok 18:08:52.0543 4004 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys 18:08:52.0543 4004 mssmbios - ok 18:08:52.0637 4004 MSSQL$MSSMLBIZ - ok 18:08:52.0684 4004 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 18:08:52.0699 4004 MSSQLServerADHelper - ok 18:08:52.0793 4004 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 18:08:52.0793 4004 MSTEE - ok 18:08:52.0824 4004 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 18:08:52.0824 4004 MTConfig - ok 18:08:52.0855 4004 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 18:08:52.0855 4004 Mup - ok 18:08:52.0933 4004 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll 18:08:52.0933 4004 napagent - ok 18:08:52.0996 4004 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 18:08:52.0996 4004 NativeWifiP - ok 18:08:53.0121 4004 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVENG.SYS 18:08:53.0121 4004 NAVENG - ok 18:08:53.0183 4004 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVEX15.SYS 18:08:53.0199 4004 NAVEX15 - ok 18:08:53.0308 4004 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys 18:08:53.0308 4004 NDIS - ok 18:08:53.0417 4004 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 18:08:53.0417 4004 NdisCap - ok 18:08:53.0448 4004 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 18:08:53.0448 4004 NdisTapi - ok 18:08:53.0495 4004 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys 18:08:53.0495 4004 Ndisuio - ok 18:08:53.0589 4004 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys 18:08:53.0589 4004 NdisWan - ok 18:08:53.0635 4004 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys 18:08:53.0635 4004 NDProxy - ok 18:08:53.0745 4004 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\windows\system32\HPZinw12.dll 18:08:53.0745 4004 Net Driver HPZ12 - ok 18:08:53.0791 4004 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 18:08:53.0791 4004 NetBIOS - ok 18:08:53.0901 4004 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys 18:08:53.0901 4004 NetBT - ok 18:08:53.0932 4004 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:53.0932 4004 Netlogon - ok 18:08:54.0010 4004 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 18:08:54.0010 4004 Netman - ok 18:08:54.0041 4004 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 18:08:54.0057 4004 netprofm - ok 18:08:54.0135 4004 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:08:54.0135 4004 NetTcpPortSharing - ok 18:08:54.0228 4004 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 18:08:54.0228 4004 nfrd960 - ok 18:08:54.0291 4004 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll 18:08:54.0291 4004 NlaSvc - ok 18:08:54.0353 4004 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 18:08:54.0353 4004 Npfs - ok 18:08:54.0400 4004 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 18:08:54.0415 4004 nsi - ok 18:08:54.0478 4004 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 18:08:54.0478 4004 nsiproxy - ok 18:08:54.0556 4004 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys 18:08:54.0571 4004 Ntfs - ok 18:08:54.0634 4004 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 18:08:54.0634 4004 Null - ok 18:08:54.0696 4004 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys 18:08:54.0696 4004 nvraid - ok 18:08:54.0759 4004 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys 18:08:54.0759 4004 nvstor - ok 18:08:54.0805 4004 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys 18:08:54.0821 4004 nv_agp - ok 18:08:54.0899 4004 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 18:08:54.0899 4004 OberonGameConsoleService - ok 18:08:54.0977 4004 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:08:54.0977 4004 odserv - ok 18:08:55.0086 4004 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys 18:08:55.0086 4004 ohci1394 - ok 18:08:55.0149 4004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:08:55.0149 4004 ose - ok 18:08:55.0242 4004 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:08:55.0242 4004 p2pimsvc - ok 18:08:55.0273 4004 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 18:08:55.0273 4004 p2psvc - ok 18:08:55.0351 4004 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 18:08:55.0351 4004 Parport - ok 18:08:55.0414 4004 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys 18:08:55.0414 4004 partmgr - ok 18:08:55.0476 4004 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 18:08:55.0476 4004 Parvdm - ok 18:08:55.0539 4004 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 18:08:55.0539 4004 PcaSvc - ok 18:08:55.0617 4004 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys 18:08:55.0617 4004 pci - ok 18:08:55.0663 4004 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys 18:08:55.0663 4004 pciide - ok 18:08:55.0741 4004 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 18:08:55.0741 4004 pcmcia - ok 18:08:55.0788 4004 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 18:08:55.0788 4004 pcw - ok 18:08:55.0866 4004 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 18:08:55.0882 4004 PEAUTH - ok 18:08:56.0007 4004 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll 18:08:56.0022 4004 pla - ok 18:08:56.0147 4004 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll 18:08:56.0147 4004 PlugPlay - ok 18:08:56.0209 4004 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\windows\system32\HPZipm12.dll 18:08:56.0209 4004 Pml Driver HPZ12 - ok 18:08:56.0287 4004 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 18:08:56.0287 4004 PNRPAutoReg - ok 18:08:56.0303 4004 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:08:56.0319 4004 PNRPsvc - ok 18:08:56.0350 4004 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll 18:08:56.0350 4004 PolicyAgent - ok 18:08:56.0443 4004 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll 18:08:56.0443 4004 Power - ok 18:08:56.0490 4004 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 18:08:56.0490 4004 PptpMiniport - ok 18:08:56.0584 4004 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 18:08:56.0584 4004 Processor - ok 18:08:56.0631 4004 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll 18:08:56.0631 4004 ProfSvc - ok 18:08:56.0724 4004 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:56.0724 4004 ProtectedStorage - ok 18:08:56.0771 4004 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 18:08:56.0771 4004 Psched - ok 18:08:56.0833 4004 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 18:08:56.0865 4004 ql2300 - ok 18:08:56.0943 4004 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 18:08:56.0943 4004 ql40xx - ok 18:08:56.0974 4004 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 18:08:56.0974 4004 QWAVE - ok 18:08:57.0067 4004 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 18:08:57.0067 4004 QWAVEdrv - ok 18:08:57.0083 4004 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 18:08:57.0083 4004 RasAcd - ok 18:08:57.0130 4004 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 18:08:57.0130 4004 RasAgileVpn - ok 18:08:57.0192 4004 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 18:08:57.0192 4004 RasAuto - ok 18:08:57.0255 4004 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 18:08:57.0255 4004 Rasl2tp - ok 18:08:57.0348 4004 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll 18:08:57.0348 4004 RasMan - ok 18:08:57.0395 4004 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 18:08:57.0395 4004 RasPppoe - ok 18:08:57.0473 4004 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 18:08:57.0473 4004 RasSstp - ok 18:08:57.0535 4004 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys 18:08:57.0535 4004 rdbss - ok 18:08:57.0567 4004 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 18:08:57.0567 4004 rdpbus - ok 18:08:57.0676 4004 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys 18:08:57.0676 4004 RDPCDD - ok 18:08:57.0723 4004 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 18:08:57.0723 4004 RDPENCDD - ok 18:08:57.0785 4004 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 18:08:57.0785 4004 RDPREFMP - ok 18:08:57.0847 4004 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys 18:08:57.0863 4004 RDPWD - ok 18:08:57.0957 4004 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys 18:08:57.0957 4004 rdyboost - ok 18:08:58.0003 4004 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 18:08:58.0003 4004 RemoteAccess - ok 18:08:58.0066 4004 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 18:08:58.0066 4004 RemoteRegistry - ok 18:08:58.0097 4004 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 18:08:58.0097 4004 RpcEptMapper - ok 18:08:58.0128 4004 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 18:08:58.0128 4004 RpcLocator - ok 18:08:58.0206 4004 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:08:58.0206 4004 RpcSs - ok 18:08:58.0253 4004 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 18:08:58.0253 4004 rspndr - ok 18:08:58.0347 4004 RTL8167 (6465166dd9b2f841dabad16abdadbe98) C:\windows\system32\DRIVERS\Rt86win7.sys 18:08:58.0347 4004 RTL8167 - ok 18:08:58.0409 4004 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys 18:08:58.0409 4004 SABI - ok 18:08:58.0471 4004 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:58.0471 4004 SamSs - ok 18:08:58.0549 4004 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys 18:08:58.0549 4004 sbp2port - ok 18:08:58.0581 4004 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 18:08:58.0581 4004 SCardSvr - ok 18:08:58.0674 4004 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys 18:08:58.0674 4004 scfilter - ok 18:08:58.0737 4004 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll 18:08:58.0737 4004 Schedule - ok 18:08:58.0846 4004 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:08:58.0846 4004 SCPolicySvc - ok 18:08:58.0877 4004 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll 18:08:58.0877 4004 SDRSVC - ok 18:08:58.0939 4004 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 18:08:58.0939 4004 secdrv - ok 18:08:59.0002 4004 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 18:08:59.0017 4004 seclogon - ok 18:08:59.0049 4004 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 18:08:59.0049 4004 SENS - ok 18:08:59.0111 4004 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll 18:08:59.0127 4004 SensrSvc - ok 18:08:59.0189 4004 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 18:08:59.0189 4004 Serenum - ok 18:08:59.0283 4004 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 18:08:59.0283 4004 Serial - ok 18:08:59.0329 4004 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 18:08:59.0329 4004 sermouse - ok 18:08:59.0376 4004 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll 18:08:59.0376 4004 SessionEnv - ok 18:08:59.0470 4004 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys 18:08:59.0470 4004 sffdisk - ok 18:08:59.0485 4004 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys 18:08:59.0485 4004 sffp_mmc - ok 18:08:59.0517 4004 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys 18:08:59.0517 4004 sffp_sd - ok 18:08:59.0532 4004 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 18:08:59.0532 4004 sfloppy - ok 18:08:59.0626 4004 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 18:08:59.0641 4004 SharedAccess - ok 18:08:59.0688 4004 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll 18:08:59.0688 4004 ShellHWDetection - ok 18:08:59.0782 4004 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys 18:08:59.0782 4004 sisagp - ok 18:08:59.0829 4004 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 18:08:59.0829 4004 SiSRaid2 - ok 18:08:59.0891 4004 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 18:08:59.0891 4004 SiSRaid4 - ok 18:08:59.0922 4004 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 18:08:59.0922 4004 Smb - ok 18:09:00.0047 4004 SmcService (a58c1a086d9c09c6572c948f22cc0e94) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 18:09:00.0078 4004 SmcService - ok 18:09:00.0156 4004 SNAC (d2c222441255131e29de351475f98f6d) C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE 18:09:00.0172 4004 SNAC - ok 18:09:00.0265 4004 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 18:09:00.0265 4004 SNMPTRAP - ok 18:09:00.0375 4004 SPBBCDrv (e621bb5839cf45fa477f48092edd2b40) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 18:09:00.0375 4004 SPBBCDrv - ok 18:09:00.0484 4004 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 18:09:00.0484 4004 spldr - ok 18:09:00.0515 4004 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe 18:09:00.0531 4004 Spooler - ok 18:09:00.0640 4004 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe 18:09:00.0718 4004 sppsvc - ok 18:09:00.0796 4004 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll 18:09:00.0796 4004 sppuinotify - ok 18:09:00.0889 4004 SpyHunter 4 Service (63f2b52947577dbb075fe646bc758a2f) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 18:09:00.0889 4004 SpyHunter 4 Service - ok 18:09:00.0952 4004 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 18:09:00.0952 4004 SQLBrowser - ok 18:09:01.0014 4004 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 18:09:01.0014 4004 SQLWriter - ok 18:09:01.0092 4004 SRTSP (2abf82c8452ab0b9ffc74a2d5da91989) C:\windows\system32\Drivers\SRTSP.SYS 18:09:01.0092 4004 SRTSP - ok 18:09:01.0139 4004 SRTSPL (e2f9e5887bea5bd8784d337e06eda31b) C:\windows\system32\Drivers\SRTSPL.SYS 18:09:01.0139 4004 SRTSPL - ok 18:09:01.0233 4004 SRTSPX (3b974c158fabd910186f98df8d3e23f3) C:\windows\system32\Drivers\SRTSPX.SYS 18:09:01.0233 4004 SRTSPX - ok 18:09:01.0264 4004 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys 18:09:01.0279 4004 srv - ok 18:09:01.0373 4004 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys 18:09:01.0373 4004 srv2 - ok 18:09:01.0389 4004 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys 18:09:01.0404 4004 srvnet - ok 18:09:01.0467 4004 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 18:09:01.0467 4004 SSDPSRV - ok 18:09:01.0482 4004 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 18:09:01.0498 4004 SstpSvc - ok 18:09:01.0529 4004 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 18:09:01.0529 4004 stexstor - ok 18:09:01.0607 4004 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll 18:09:01.0623 4004 StiSvc - ok 18:09:01.0732 4004 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys 18:09:01.0732 4004 swenum - ok 18:09:01.0763 4004 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 18:09:01.0763 4004 swprv - ok 18:09:01.0888 4004 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 18:09:01.0903 4004 Symantec AntiVirus - ok 18:09:02.0044 4004 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS 18:09:02.0044 4004 SymEvent - ok 18:09:02.0091 4004 SYMREDRV (394b2368212114d538316812af60fddd) C:\windows\System32\Drivers\SYMREDRV.SYS 18:09:02.0091 4004 SYMREDRV - ok 18:09:02.0184 4004 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\windows\System32\Drivers\SYMTDI.SYS 18:09:02.0184 4004 SYMTDI - ok 18:09:02.0231 4004 SynTP (7a9025d8f7852b06d6d08ed536135e7e) C:\windows\system32\DRIVERS\SynTP.sys 18:09:02.0231 4004 SynTP - ok 18:09:02.0340 4004 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll 18:09:02.0356 4004 SysMain - ok 18:09:02.0449 4004 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll 18:09:02.0449 4004 TabletInputService - ok 18:09:02.0496 4004 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll 18:09:02.0512 4004 TapiSrv - ok 18:09:02.0574 4004 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 18:09:02.0574 4004 TBS - ok 18:09:02.0652 4004 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys 18:09:02.0668 4004 Tcpip - ok 18:09:02.0793 4004 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys 18:09:02.0808 4004 TCPIP6 - ok 18:09:02.0917 4004 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys 18:09:02.0917 4004 tcpipreg - ok 18:09:02.0949 4004 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys 18:09:02.0949 4004 TDPIPE - ok 18:09:02.0995 4004 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys 18:09:02.0995 4004 TDTCP - ok 18:09:03.0105 4004 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys 18:09:03.0105 4004 tdx - ok 18:09:03.0229 4004 TeamViewer6 (839e88db24d2d8f05b72e12b175951ca) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe 18:09:03.0292 4004 TeamViewer6 - ok 18:09:03.0401 4004 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys 18:09:03.0401 4004 TermDD - ok 18:09:03.0432 4004 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll 18:09:03.0448 4004 TermService - ok 18:09:03.0526 4004 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 18:09:03.0526 4004 Themes - ok 18:09:03.0557 4004 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:09:03.0557 4004 THREADORDER - ok 18:09:03.0604 4004 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 18:09:03.0604 4004 TrkWks - ok 18:09:03.0651 4004 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe 18:09:03.0651 4004 TrustedInstaller - ok 18:09:03.0729 4004 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys 18:09:03.0729 4004 tssecsrv - ok 18:09:03.0822 4004 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys 18:09:03.0822 4004 TsUsbFlt - ok 18:09:03.0916 4004 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys 18:09:03.0916 4004 tunnel - ok 18:09:03.0978 4004 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 18:09:03.0978 4004 uagp35 - ok 18:09:04.0009 4004 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys 18:09:04.0009 4004 udfs - ok 18:09:04.0072 4004 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 18:09:04.0072 4004 UI0Detect - ok 18:09:04.0150 4004 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys 18:09:04.0150 4004 uliagpkx - ok 18:09:04.0243 4004 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys 18:09:04.0243 4004 umbus - ok 18:09:04.0275 4004 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 18:09:04.0275 4004 UmPass - ok 18:09:04.0321 4004 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 18:09:04.0321 4004 upnphost - ok 18:09:04.0399 4004 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys 18:09:04.0399 4004 USBAAPL - ok 18:09:04.0462 4004 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys 18:09:04.0462 4004 usbccgp - ok 18:09:04.0509 4004 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys 18:09:04.0509 4004 usbcir - ok 18:09:04.0587 4004 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys 18:09:04.0587 4004 usbehci - ok 18:09:04.0649 4004 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys 18:09:04.0649 4004 usbhub - ok 18:09:04.0727 4004 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys 18:09:04.0727 4004 usbohci - ok 18:09:04.0774 4004 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 18:09:04.0774 4004 usbprint - ok 18:09:04.0852 4004 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 18:09:04.0852 4004 usbscan - ok 18:09:04.0914 4004 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\drivers\USBSTOR.SYS 18:09:04.0914 4004 USBSTOR - ok 18:09:04.0992 4004 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys 18:09:04.0992 4004 usbuhci - ok 18:09:05.0070 4004 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys 18:09:05.0070 4004 usbvideo - ok 18:09:05.0101 4004 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 18:09:05.0101 4004 UxSms - ok 18:09:05.0164 4004 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:09:05.0164 4004 VaultSvc - ok 18:09:05.0226 4004 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys 18:09:05.0226 4004 vdrvroot - ok 18:09:05.0289 4004 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe 18:09:05.0289 4004 vds - ok 18:09:05.0398 4004 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 18:09:05.0398 4004 vga - ok 18:09:05.0413 4004 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 18:09:05.0413 4004 VgaSave - ok 18:09:05.0445 4004 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys 18:09:05.0460 4004 vhdmp - ok 18:09:05.0554 4004 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys 18:09:05.0569 4004 viaagp - ok 18:09:05.0585 4004 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 18:09:05.0585 4004 ViaC7 - ok 18:09:05.0710 4004 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys 18:09:05.0710 4004 viaide - ok 18:09:05.0741 4004 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys 18:09:05.0757 4004 volmgr - ok 18:09:05.0835 4004 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 18:09:05.0850 4004 volmgrx - ok 18:09:05.0897 4004 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys 18:09:05.0897 4004 volsnap - ok 18:09:05.0991 4004 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 18:09:05.0991 4004 vsmraid - ok 18:09:06.0053 4004 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe 18:09:06.0069 4004 VSS - ok 18:09:06.0162 4004 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 18:09:06.0162 4004 vwifibus - ok 18:09:06.0193 4004 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 18:09:06.0193 4004 vwififlt - ok 18:09:06.0256 4004 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 18:09:06.0256 4004 vwifimp - ok 18:09:06.0318 4004 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 18:09:06.0318 4004 W32Time - ok 18:09:06.0365 4004 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 18:09:06.0381 4004 WacomPen - ok 18:09:06.0474 4004 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:09:06.0474 4004 WANARP - ok 18:09:06.0474 4004 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:09:06.0474 4004 Wanarpv6 - ok 18:09:06.0568 4004 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe 18:09:06.0583 4004 WatAdminSvc - ok 18:09:06.0677 4004 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe 18:09:06.0693 4004 wbengine - ok 18:09:06.0771 4004 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 18:09:06.0771 4004 WbioSrvc - ok 18:09:06.0833 4004 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll 18:09:06.0833 4004 wcncsvc - ok 18:09:06.0880 4004 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 18:09:06.0880 4004 WcsPlugInService - ok 18:09:06.0942 4004 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 18:09:06.0942 4004 Wd - ok 18:09:06.0958 4004 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 18:09:06.0973 4004 Wdf01000 - ok 18:09:07.0036 4004 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:09:07.0036 4004 WdiServiceHost - ok 18:09:07.0036 4004 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:09:07.0051 4004 WdiSystemHost - ok 18:09:07.0083 4004 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll 18:09:07.0083 4004 WebClient - ok 18:09:07.0129 4004 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 18:09:07.0145 4004 Wecsvc - ok 18:09:07.0176 4004 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 18:09:07.0176 4004 wercplsupport - ok 18:09:07.0223 4004 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 18:09:07.0223 4004 WerSvc - ok 18:09:07.0285 4004 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 18:09:07.0285 4004 WfpLwf - ok 18:09:07.0332 4004 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 18:09:07.0332 4004 WIMMount - ok 18:09:07.0395 4004 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 18:09:07.0395 4004 WinDefend - ok 18:09:07.0395 4004 WinHttpAutoProxySvc - ok 18:09:07.0519 4004 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 18:09:07.0519 4004 Winmgmt - ok 18:09:07.0629 4004 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll 18:09:07.0644 4004 WinRM - ok 18:09:07.0769 4004 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys 18:09:07.0769 4004 WinUsb - ok 18:09:07.0800 4004 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 18:09:07.0816 4004 Wlansvc - ok 18:09:07.0925 4004 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:09:07.0941 4004 wlidsvc - ok 18:09:08.0065 4004 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys 18:09:08.0065 4004 WmiAcpi - ok 18:09:08.0128 4004 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 18:09:08.0128 4004 wmiApSrv - ok 18:09:08.0221 4004 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 18:09:08.0237 4004 WMPNetworkSvc - ok 18:09:08.0315 4004 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 18:09:08.0315 4004 WPCSvc - ok 18:09:08.0362 4004 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll 18:09:08.0362 4004 WPDBusEnum - ok 18:09:08.0424 4004 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 18:09:08.0440 4004 ws2ifsl - ok 18:09:08.0487 4004 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll 18:09:08.0487 4004 wscsvc - ok 18:09:08.0533 4004 WSearch - ok 18:09:08.0611 4004 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll 18:09:08.0627 4004 wuauserv - ok 18:09:08.0736 4004 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys 18:09:08.0736 4004 WudfPf - ok 18:09:08.0767 4004 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys 18:09:08.0767 4004 WUDFRd - ok 18:09:08.0877 4004 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll 18:09:08.0877 4004 wudfsvc - ok 18:09:08.0908 4004 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 18:09:08.0908 4004 WwanSvc - ok 18:09:08.0955 4004 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0 18:09:09.0126 4004 \Device\Harddisk0\DR0 - ok 18:09:09.0142 4004 Boot (0x1200) (5fb009d8d1bbe104d22d071977f32a2a) \Device\Harddisk0\DR0\Partition0 18:09:09.0142 4004 \Device\Harddisk0\DR0\Partition0 - ok 18:09:09.0157 4004 Boot (0x1200) (d5688b55e165a627667567455a328efc) \Device\Harddisk0\DR0\Partition1 18:09:09.0157 4004 \Device\Harddisk0\DR0\Partition1 - ok 18:09:09.0189 4004 Boot (0x1200) (78ee0a60b0242cd51c89824323794145) \Device\Harddisk0\DR0\Partition2 18:09:09.0189 4004 \Device\Harddisk0\DR0\Partition2 - ok 18:09:09.0189 4004 ============================================================ 18:09:09.0189 4004 Scan finished 18:09:09.0189 4004 ============================================================ 18:09:09.0189 3996 Detected object count: 0 18:09:09.0189 3996 Actual detected object count: 0 Sorry voor de kanjer van een spellingsfout nog in mijn vorig bericht Hopelijk kan je helpen! ---------- Post toegevoegd om 18:21 ---------- Vorige post was om 18:13 ---------- Ik merk nu wel op dat als ik de parameters bij TDSSKiller verander, namelijk de optionele mogelijkheden aanvink, ik 5 threats vind. Dit is dan de log: 18:08:18.0192 3920 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05 18:08:18.0333 3920 ============================================================ 18:08:18.0333 3920 Current date / time: 2012/04/14 18:08:18.0333 18:08:18.0333 3920 SystemInfo: 18:08:18.0333 3920 18:08:18.0333 3920 OS Version: 6.1.7601 ServicePack: 1.0 18:08:18.0333 3920 Product type: Workstation 18:08:18.0333 3920 ComputerName: JONAS-PC 18:08:18.0333 3920 UserName: Jonas 18:08:18.0333 3920 Windows directory: C:\windows 18:08:18.0333 3920 System windows directory: C:\windows 18:08:18.0333 3920 Processor architecture: Intel x86 18:08:18.0333 3920 Number of processors: 2 18:08:18.0333 3920 Page size: 0x1000 18:08:18.0333 3920 Boot type: Safe boot with network 18:08:18.0333 3920 ============================================================ 18:08:18.0832 3920 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:08:18.0832 3920 \Device\Harddisk0\DR0: 18:08:18.0832 3920 MBR used 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x16A3A000 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1886C800, BlocksNum 0xCBC1800 18:08:18.0894 3920 Initialize success 18:08:18.0894 3920 ============================================================ 18:08:36.0491 4004 ============================================================ 18:08:36.0491 4004 Scan started 18:08:36.0491 4004 Mode: Manual; 18:08:36.0491 4004 ============================================================ 18:08:37.0037 4004 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys 18:08:37.0037 4004 1394ohci - ok 18:08:37.0084 4004 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys 18:08:37.0084 4004 ACPI - ok 18:08:37.0146 4004 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys 18:08:37.0146 4004 AcpiPmi - ok 18:08:37.0287 4004 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:08:37.0287 4004 AdobeFlashPlayerUpdateSvc - ok 18:08:37.0411 4004 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 18:08:37.0411 4004 adp94xx - ok 18:08:37.0505 4004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 18:08:37.0505 4004 adpahci - ok 18:08:37.0521 4004 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 18:08:37.0521 4004 adpu320 - ok 18:08:37.0552 4004 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 18:08:37.0552 4004 AeLookupSvc - ok 18:08:37.0661 4004 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys 18:08:37.0661 4004 AFD - ok 18:08:37.0692 4004 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys 18:08:37.0692 4004 agp440 - ok 18:08:37.0801 4004 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 18:08:37.0801 4004 aic78xx - ok 18:08:37.0848 4004 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 18:08:37.0848 4004 ALG - ok 18:08:37.0957 4004 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys 18:08:37.0957 4004 aliide - ok 18:08:37.0989 4004 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys 18:08:37.0989 4004 amdagp - ok 18:08:38.0098 4004 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys 18:08:38.0098 4004 amdide - ok 18:08:38.0145 4004 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 18:08:38.0145 4004 AmdK8 - ok 18:08:38.0223 4004 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 18:08:38.0223 4004 AmdPPM - ok 18:08:38.0285 4004 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys 18:08:38.0285 4004 amdsata - ok 18:08:38.0394 4004 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 18:08:38.0394 4004 amdsbs - ok 18:08:38.0441 4004 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys 18:08:38.0441 4004 amdxata - ok 18:08:38.0550 4004 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys 18:08:38.0550 4004 AppID - ok 18:08:38.0581 4004 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 18:08:38.0597 4004 AppIDSvc - ok 18:08:38.0691 4004 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll 18:08:38.0691 4004 Appinfo - ok 18:08:38.0769 4004 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:08:38.0769 4004 Apple Mobile Device - ok 18:08:38.0878 4004 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 18:08:38.0878 4004 arc - ok 18:08:38.0909 4004 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 18:08:38.0909 4004 arcsas - ok 18:08:38.0940 4004 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 18:08:38.0940 4004 AsyncMac - ok 18:08:39.0065 4004 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys 18:08:39.0065 4004 atapi - ok 18:08:39.0127 4004 athr (de0fbcccd6af0f0e7bf12e8d041cc48f) C:\windows\system32\DRIVERS\athr.sys 18:08:39.0143 4004 athr - ok 18:08:39.0252 4004 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:08:39.0252 4004 AudioEndpointBuilder - ok 18:08:39.0268 4004 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:08:39.0268 4004 Audiosrv - ok 18:08:39.0361 4004 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll 18:08:39.0361 4004 AxInstSV - ok 18:08:39.0424 4004 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 18:08:39.0439 4004 b06bdrv - ok 18:08:39.0533 4004 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 18:08:39.0533 4004 b57nd60x - ok 18:08:39.0642 4004 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 18:08:39.0658 4004 BcmSqlStartupSvc - ok 18:08:39.0751 4004 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 18:08:39.0751 4004 BDESVC - ok 18:08:39.0798 4004 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 18:08:39.0798 4004 Beep - ok 18:08:39.0907 4004 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll 18:08:39.0907 4004 BFE - ok 18:08:40.0017 4004 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll 18:08:40.0048 4004 BITS - ok 18:08:40.0141 4004 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 18:08:40.0141 4004 blbdrive - ok 18:08:40.0235 4004 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 18:08:40.0251 4004 Bonjour Service - ok 18:08:40.0360 4004 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys 18:08:40.0360 4004 bowser - ok 18:08:40.0391 4004 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 18:08:40.0391 4004 BrFiltLo - ok 18:08:40.0407 4004 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 18:08:40.0407 4004 BrFiltUp - ok 18:08:40.0516 4004 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll 18:08:40.0516 4004 Browser - ok 18:08:40.0563 4004 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 18:08:40.0563 4004 Brserid - ok 18:08:40.0594 4004 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 18:08:40.0594 4004 BrSerWdm - ok 18:08:40.0687 4004 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 18:08:40.0687 4004 BrUsbMdm - ok 18:08:40.0719 4004 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 18:08:40.0719 4004 BrUsbSer - ok 18:08:40.0734 4004 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 18:08:40.0734 4004 BTHMODEM - ok 18:08:40.0828 4004 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 18:08:40.0828 4004 bthserv - ok 18:08:40.0906 4004 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:08:40.0906 4004 ccEvtMgr - ok 18:08:40.0921 4004 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:08:40.0921 4004 ccSetMgr - ok 18:08:40.0999 4004 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 18:08:40.0999 4004 cdfs - ok 18:08:41.0062 4004 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys 18:08:41.0062 4004 cdrom - ok 18:08:41.0171 4004 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:08:41.0171 4004 CertPropSvc - ok 18:08:41.0218 4004 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 18:08:41.0218 4004 circlass - ok 18:08:41.0265 4004 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 18:08:41.0265 4004 CLFS - ok 18:08:41.0358 4004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:08:41.0358 4004 clr_optimization_v2.0.50727_32 - ok 18:08:41.0483 4004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:08:41.0499 4004 clr_optimization_v4.0.30319_32 - ok 18:08:41.0561 4004 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 18:08:41.0577 4004 CmBatt - ok 18:08:41.0639 4004 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys 18:08:41.0639 4004 cmdide - ok 18:08:41.0670 4004 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys 18:08:41.0686 4004 CNG - ok 18:08:41.0764 4004 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 18:08:41.0764 4004 Compbatt - ok 18:08:41.0842 4004 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys 18:08:41.0842 4004 CompositeBus - ok 18:08:41.0889 4004 COMSysApp - ok 18:08:41.0935 4004 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 18:08:41.0935 4004 crcdisk - ok 18:08:41.0982 4004 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll 18:08:41.0982 4004 CryptSvc - ok 18:08:42.0123 4004 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys 18:08:42.0123 4004 ctxusbm - ok 18:08:42.0169 4004 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:08:42.0169 4004 DcomLaunch - ok 18:08:42.0263 4004 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 18:08:42.0263 4004 defragsvc - ok 18:08:42.0325 4004 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys 18:08:42.0325 4004 DfsC - ok 18:08:42.0435 4004 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll 18:08:42.0435 4004 Dhcp - ok 18:08:42.0466 4004 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 18:08:42.0466 4004 discache - ok 18:08:42.0591 4004 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 18:08:42.0591 4004 Disk - ok 18:08:42.0622 4004 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll 18:08:42.0622 4004 Dnscache - ok 18:08:42.0700 4004 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll 18:08:42.0700 4004 dot3svc - ok 18:08:42.0809 4004 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys 18:08:42.0809 4004 Dot4 - ok 18:08:42.0903 4004 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\windows\system32\drivers\Dot4Prt.sys 18:08:42.0903 4004 Dot4Print - ok 18:08:42.0965 4004 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys 18:08:42.0965 4004 dot4usb - ok 18:08:43.0012 4004 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll 18:08:43.0012 4004 DPS - ok 18:08:43.0121 4004 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 18:08:43.0121 4004 drmkaud - ok 18:08:43.0183 4004 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys 18:08:43.0183 4004 DXGKrnl - ok 18:08:43.0277 4004 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 18:08:43.0277 4004 EapHost - ok 18:08:43.0386 4004 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 18:08:43.0480 4004 ebdrv - ok 18:08:43.0573 4004 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 18:08:43.0573 4004 eeCtrl - ok 18:08:43.0651 4004 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe 18:08:43.0651 4004 EFS - ok 18:08:43.0729 4004 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe 18:08:43.0729 4004 ehRecvr - ok 18:08:43.0776 4004 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe 18:08:43.0776 4004 ehSched - ok 18:08:43.0885 4004 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 18:08:43.0885 4004 elxstor - ok 18:08:44.0010 4004 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:08:44.0010 4004 EraserUtilRebootDrv - ok 18:08:44.0104 4004 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys 18:08:44.0104 4004 ErrDev - ok 18:08:44.0166 4004 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 18:08:44.0166 4004 EventSystem - ok 18:08:44.0244 4004 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 18:08:44.0244 4004 exfat - ok 18:08:44.0275 4004 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 18:08:44.0275 4004 fastfat - ok 18:08:44.0322 4004 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe 18:08:44.0338 4004 Fax - ok 18:08:44.0416 4004 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 18:08:44.0416 4004 fdc - ok 18:08:44.0447 4004 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 18:08:44.0447 4004 fdPHost - ok 18:08:44.0494 4004 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 18:08:44.0494 4004 FDResPub - ok 18:08:44.0509 4004 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 18:08:44.0509 4004 FileInfo - ok 18:08:44.0556 4004 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 18:08:44.0556 4004 Filetrace - ok 18:08:44.0587 4004 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 18:08:44.0587 4004 flpydisk - ok 18:08:44.0665 4004 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 18:08:44.0665 4004 FltMgr - ok 18:08:44.0712 4004 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll 18:08:44.0712 4004 FontCache - ok 18:08:44.0806 4004 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:08:44.0821 4004 FontCache3.0.0.0 - ok 18:08:44.0899 4004 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 18:08:44.0899 4004 FsDepends - ok 18:08:44.0962 4004 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\windows\system32\DRIVERS\fssfltr.sys 18:08:44.0962 4004 fssfltr - ok 18:08:45.0087 4004 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 18:08:45.0102 4004 fsssvc - ok 18:08:45.0196 4004 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys 18:08:45.0211 4004 Fs_Rec - ok 18:08:45.0258 4004 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys 18:08:45.0274 4004 fvevol - ok 18:08:45.0367 4004 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 18:08:45.0367 4004 gagp30kx - ok 18:08:45.0414 4004 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 18:08:45.0414 4004 GEARAspiWDM - ok 18:08:45.0508 4004 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll 18:08:45.0508 4004 gpsvc - ok 18:08:45.0601 4004 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:08:45.0617 4004 gupdate - ok 18:08:45.0617 4004 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:08:45.0617 4004 gupdatem - ok 18:08:45.0664 4004 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 18:08:45.0664 4004 gusvc - ok 18:08:45.0757 4004 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 18:08:45.0757 4004 hcw85cir - ok 18:08:45.0820 4004 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys 18:08:45.0820 4004 HdAudAddService - ok 18:08:45.0945 4004 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys 18:08:45.0960 4004 HDAudBus - ok 18:08:45.0976 4004 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 18:08:45.0976 4004 HidBatt - ok 18:08:45.0991 4004 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 18:08:45.0991 4004 HidBth - ok 18:08:46.0023 4004 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 18:08:46.0023 4004 HidIr - ok 18:08:46.0085 4004 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 18:08:46.0085 4004 hidserv - ok 18:08:46.0179 4004 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys 18:08:46.0179 4004 HidUsb - ok 18:08:46.0210 4004 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll 18:08:46.0210 4004 hkmsvc - ok 18:08:46.0272 4004 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll 18:08:46.0272 4004 HomeGroupListener - ok 18:08:46.0319 4004 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll 18:08:46.0319 4004 HomeGroupProvider - ok 18:08:46.0491 4004 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 18:08:46.0491 4004 hpqcxs08 - ok 18:08:46.0506 4004 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 18:08:46.0506 4004 hpqddsvc - ok 18:08:46.0615 4004 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys 18:08:46.0615 4004 HpSAMD - ok 18:08:46.0740 4004 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 18:08:46.0740 4004 HPSLPSVC - ok 18:08:46.0881 4004 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys 18:08:46.0881 4004 HTTP - ok 18:08:46.0974 4004 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys 18:08:46.0974 4004 hwpolicy - ok 18:08:47.0037 4004 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys 18:08:47.0037 4004 i8042prt - ok 18:08:47.0115 4004 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 18:08:47.0115 4004 IAANTMON - ok 18:08:47.0255 4004 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys 18:08:47.0255 4004 iaStor - ok 18:08:47.0302 4004 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys 18:08:47.0302 4004 iaStorV - ok 18:08:47.0427 4004 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:08:47.0442 4004 idsvc - ok 18:08:47.0723 4004 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\windows\system32\DRIVERS\igdkmd32.sys 18:08:47.0926 4004 igfx - ok 18:08:48.0035 4004 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 18:08:48.0035 4004 iirsp - ok 18:08:48.0097 4004 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll 18:08:48.0113 4004 IKEEXT - ok 18:08:48.0253 4004 IntcAzAudAddService (5ceef2cccb4fe00d3ffbfeb12bcfa07f) C:\windows\system32\drivers\RTKVHDA.sys 18:08:48.0285 4004 IntcAzAudAddService - ok 18:08:48.0394 4004 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys 18:08:48.0394 4004 intelide - ok 18:08:48.0441 4004 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 18:08:48.0441 4004 intelppm - ok 18:08:48.0534 4004 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 18:08:48.0534 4004 IPBusEnum - ok 18:08:48.0581 4004 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 18:08:48.0581 4004 IpFilterDriver - ok 18:08:48.0690 4004 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll 18:08:48.0690 4004 iphlpsvc - ok 18:08:48.0799 4004 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys 18:08:48.0799 4004 IPMIDRV - ok 18:08:48.0831 4004 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 18:08:48.0846 4004 IPNAT - ok 18:08:48.0940 4004 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe 18:08:48.0940 4004 iPod Service - ok 18:08:49.0049 4004 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 18:08:49.0049 4004 IRENUM - ok 18:08:49.0080 4004 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys 18:08:49.0080 4004 isapnp - ok 18:08:49.0143 4004 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys 18:08:49.0158 4004 iScsiPrt - ok 18:08:49.0221 4004 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys 18:08:49.0221 4004 kbdclass - ok 18:08:49.0283 4004 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys 18:08:49.0283 4004 kbdhid - ok 18:08:49.0314 4004 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:49.0314 4004 KeyIso - ok 18:08:49.0361 4004 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys 18:08:49.0361 4004 KSecDD - ok 18:08:49.0408 4004 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys 18:08:49.0408 4004 KSecPkg - ok 18:08:49.0439 4004 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 18:08:49.0439 4004 KtmRm - ok 18:08:49.0548 4004 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll 18:08:49.0548 4004 LanmanServer - ok 18:08:49.0626 4004 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll 18:08:49.0642 4004 LanmanWorkstation - ok 18:08:49.0798 4004 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 18:08:49.0907 4004 LiveUpdate - ok 18:08:50.0016 4004 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 18:08:50.0016 4004 lltdio - ok 18:08:50.0047 4004 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 18:08:50.0047 4004 lltdsvc - ok 18:08:50.0110 4004 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 18:08:50.0110 4004 lmhosts - ok 18:08:50.0172 4004 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 18:08:50.0172 4004 LSI_FC - ok 18:08:50.0266 4004 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 18:08:50.0266 4004 LSI_SAS - ok 18:08:50.0281 4004 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 18:08:50.0281 4004 LSI_SAS2 - ok 18:08:50.0297 4004 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 18:08:50.0297 4004 LSI_SCSI - ok 18:08:50.0422 4004 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 18:08:50.0422 4004 luafv - ok 18:08:50.0562 4004 lxeeCATSCustConnectService (a9d8d63c7378dd34e4e19036093a9264) C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe 18:08:50.0578 4004 lxeeCATSCustConnectService - ok 18:08:50.0687 4004 lxee_device - ok 18:08:50.0749 4004 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll 18:08:50.0749 4004 Mcx2Svc - ok 18:08:50.0812 4004 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 18:08:50.0812 4004 megasas - ok 18:08:50.0905 4004 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 18:08:50.0905 4004 MegaSR - ok 18:08:51.0030 4004 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 18:08:51.0030 4004 Microsoft Office Groove Audit Service - ok 18:08:51.0108 4004 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:08:51.0108 4004 MMCSS - ok 18:08:51.0155 4004 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 18:08:51.0155 4004 Modem - ok 18:08:51.0249 4004 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 18:08:51.0249 4004 monitor - ok 18:08:51.0295 4004 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys 18:08:51.0295 4004 mouclass - ok 18:08:51.0405 4004 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 18:08:51.0405 4004 mouhid - ok 18:08:51.0451 4004 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys 18:08:51.0451 4004 mountmgr - ok 18:08:51.0483 4004 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys 18:08:51.0498 4004 mpio - ok 18:08:51.0576 4004 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 18:08:51.0576 4004 mpsdrv - ok 18:08:51.0639 4004 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll 18:08:51.0639 4004 MpsSvc - ok 18:08:51.0732 4004 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys 18:08:51.0732 4004 MRxDAV - ok 18:08:51.0779 4004 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys 18:08:51.0779 4004 mrxsmb - ok 18:08:51.0857 4004 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys 18:08:51.0857 4004 mrxsmb10 - ok 18:08:51.0888 4004 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys 18:08:51.0904 4004 mrxsmb20 - ok 18:08:51.0935 4004 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys 18:08:51.0935 4004 msahci - ok 18:08:52.0029 4004 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys 18:08:52.0029 4004 msdsm - ok 18:08:52.0075 4004 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 18:08:52.0075 4004 MSDTC - ok 18:08:52.0169 4004 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 18:08:52.0169 4004 Msfs - ok 18:08:52.0200 4004 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 18:08:52.0200 4004 mshidkmdf - ok 18:08:52.0231 4004 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys 18:08:52.0231 4004 msisadrv - ok 18:08:52.0309 4004 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 18:08:52.0309 4004 MSiSCSI - ok 18:08:52.0325 4004 msiserver - ok 18:08:52.0356 4004 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 18:08:52.0356 4004 MSKSSRV - ok 18:08:52.0450 4004 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 18:08:52.0450 4004 MSPCLOCK - ok 18:08:52.0481 4004 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 18:08:52.0481 4004 MSPQM - ok 18:08:52.0512 4004 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 18:08:52.0512 4004 MsRPC - ok 18:08:52.0543 4004 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys 18:08:52.0543 4004 mssmbios - ok 18:08:52.0637 4004 MSSQL$MSSMLBIZ - ok 18:08:52.0684 4004 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 18:08:52.0699 4004 MSSQLServerADHelper - ok 18:08:52.0793 4004 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 18:08:52.0793 4004 MSTEE - ok 18:08:52.0824 4004 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 18:08:52.0824 4004 MTConfig - ok 18:08:52.0855 4004 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 18:08:52.0855 4004 Mup - ok 18:08:52.0933 4004 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll 18:08:52.0933 4004 napagent - ok 18:08:52.0996 4004 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 18:08:52.0996 4004 NativeWifiP - ok 18:08:53.0121 4004 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVENG.SYS 18:08:53.0121 4004 NAVENG - ok 18:08:53.0183 4004 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVEX15.SYS 18:08:53.0199 4004 NAVEX15 - ok 18:08:53.0308 4004 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys 18:08:53.0308 4004 NDIS - ok 18:08:53.0417 4004 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 18:08:53.0417 4004 NdisCap - ok 18:08:53.0448 4004 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 18:08:53.0448 4004 NdisTapi - ok 18:08:53.0495 4004 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys 18:08:53.0495 4004 Ndisuio - ok 18:08:53.0589 4004 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys 18:08:53.0589 4004 NdisWan - ok 18:08:53.0635 4004 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys 18:08:53.0635 4004 NDProxy - ok 18:08:53.0745 4004 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\windows\system32\HPZinw12.dll 18:08:53.0745 4004 Net Driver HPZ12 - ok 18:08:53.0791 4004 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 18:08:53.0791 4004 NetBIOS - ok 18:08:53.0901 4004 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys 18:08:53.0901 4004 NetBT - ok 18:08:53.0932 4004 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:53.0932 4004 Netlogon - ok 18:08:54.0010 4004 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 18:08:54.0010 4004 Netman - ok 18:08:54.0041 4004 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 18:08:54.0057 4004 netprofm - ok 18:08:54.0135 4004 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:08:54.0135 4004 NetTcpPortSharing - ok 18:08:54.0228 4004 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 18:08:54.0228 4004 nfrd960 - ok 18:08:54.0291 4004 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll 18:08:54.0291 4004 NlaSvc - ok 18:08:54.0353 4004 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 18:08:54.0353 4004 Npfs - ok 18:08:54.0400 4004 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 18:08:54.0415 4004 nsi - ok 18:08:54.0478 4004 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 18:08:54.0478 4004 nsiproxy - ok 18:08:54.0556 4004 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys 18:08:54.0571 4004 Ntfs - ok 18:08:54.0634 4004 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 18:08:54.0634 4004 Null - ok 18:08:54.0696 4004 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys 18:08:54.0696 4004 nvraid - ok 18:08:54.0759 4004 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys 18:08:54.0759 4004 nvstor - ok 18:08:54.0805 4004 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys 18:08:54.0821 4004 nv_agp - ok 18:08:54.0899 4004 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 18:08:54.0899 4004 OberonGameConsoleService - ok 18:08:54.0977 4004 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:08:54.0977 4004 odserv - ok 18:08:55.0086 4004 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys 18:08:55.0086 4004 ohci1394 - ok 18:08:55.0149 4004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:08:55.0149 4004 ose - ok 18:08:55.0242 4004 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:08:55.0242 4004 p2pimsvc - ok 18:08:55.0273 4004 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 18:08:55.0273 4004 p2psvc - ok 18:08:55.0351 4004 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 18:08:55.0351 4004 Parport - ok 18:08:55.0414 4004 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys 18:08:55.0414 4004 partmgr - ok 18:08:55.0476 4004 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 18:08:55.0476 4004 Parvdm - ok 18:08:55.0539 4004 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 18:08:55.0539 4004 PcaSvc - ok 18:08:55.0617 4004 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys 18:08:55.0617 4004 pci - ok 18:08:55.0663 4004 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys 18:08:55.0663 4004 pciide - ok 18:08:55.0741 4004 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 18:08:55.0741 4004 pcmcia - ok 18:08:55.0788 4004 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 18:08:55.0788 4004 pcw - ok 18:08:55.0866 4004 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 18:08:55.0882 4004 PEAUTH - ok 18:08:56.0007 4004 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll 18:08:56.0022 4004 pla - ok 18:08:56.0147 4004 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll 18:08:56.0147 4004 PlugPlay - ok 18:08:56.0209 4004 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\windows\system32\HPZipm12.dll 18:08:56.0209 4004 Pml Driver HPZ12 - ok 18:08:56.0287 4004 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 18:08:56.0287 4004 PNRPAutoReg - ok 18:08:56.0303 4004 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:08:56.0319 4004 PNRPsvc - ok 18:08:56.0350 4004 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll 18:08:56.0350 4004 PolicyAgent - ok 18:08:56.0443 4004 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll 18:08:56.0443 4004 Power - ok 18:08:56.0490 4004 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 18:08:56.0490 4004 PptpMiniport - ok 18:08:56.0584 4004 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 18:08:56.0584 4004 Processor - ok 18:08:56.0631 4004 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll 18:08:56.0631 4004 ProfSvc - ok 18:08:56.0724 4004 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:56.0724 4004 ProtectedStorage - ok 18:08:56.0771 4004 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 18:08:56.0771 4004 Psched - ok 18:08:56.0833 4004 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 18:08:56.0865 4004 ql2300 - ok 18:08:56.0943 4004 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 18:08:56.0943 4004 ql40xx - ok 18:08:56.0974 4004 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 18:08:56.0974 4004 QWAVE - ok 18:08:57.0067 4004 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 18:08:57.0067 4004 QWAVEdrv - ok 18:08:57.0083 4004 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 18:08:57.0083 4004 RasAcd - ok 18:08:57.0130 4004 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 18:08:57.0130 4004 RasAgileVpn - ok 18:08:57.0192 4004 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 18:08:57.0192 4004 RasAuto - ok 18:08:57.0255 4004 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 18:08:57.0255 4004 Rasl2tp - ok 18:08:57.0348 4004 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll 18:08:57.0348 4004 RasMan - ok 18:08:57.0395 4004 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 18:08:57.0395 4004 RasPppoe - ok 18:08:57.0473 4004 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 18:08:57.0473 4004 RasSstp - ok 18:08:57.0535 4004 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys 18:08:57.0535 4004 rdbss - ok 18:08:57.0567 4004 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 18:08:57.0567 4004 rdpbus - ok 18:08:57.0676 4004 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys 18:08:57.0676 4004 RDPCDD - ok 18:08:57.0723 4004 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 18:08:57.0723 4004 RDPENCDD - ok 18:08:57.0785 4004 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 18:08:57.0785 4004 RDPREFMP - ok 18:08:57.0847 4004 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys 18:08:57.0863 4004 RDPWD - ok 18:08:57.0957 4004 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys 18:08:57.0957 4004 rdyboost - ok 18:08:58.0003 4004 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 18:08:58.0003 4004 RemoteAccess - ok 18:08:58.0066 4004 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 18:08:58.0066 4004 RemoteRegistry - ok 18:08:58.0097 4004 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 18:08:58.0097 4004 RpcEptMapper - ok 18:08:58.0128 4004 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 18:08:58.0128 4004 RpcLocator - ok 18:08:58.0206 4004 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:08:58.0206 4004 RpcSs - ok 18:08:58.0253 4004 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 18:08:58.0253 4004 rspndr - ok 18:08:58.0347 4004 RTL8167 (6465166dd9b2f841dabad16abdadbe98) C:\windows\system32\DRIVERS\Rt86win7.sys 18:08:58.0347 4004 RTL8167 - ok 18:08:58.0409 4004 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys 18:08:58.0409 4004 SABI - ok 18:08:58.0471 4004 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:58.0471 4004 SamSs - ok 18:08:58.0549 4004 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys 18:08:58.0549 4004 sbp2port - ok 18:08:58.0581 4004 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 18:08:58.0581 4004 SCardSvr - ok 18:08:58.0674 4004 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys 18:08:58.0674 4004 scfilter - ok 18:08:58.0737 4004 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll 18:08:58.0737 4004 Schedule - ok 18:08:58.0846 4004 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:08:58.0846 4004 SCPolicySvc - ok 18:08:58.0877 4004 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll 18:08:58.0877 4004 SDRSVC - ok 18:08:58.0939 4004 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 18:08:58.0939 4004 secdrv - ok 18:08:59.0002 4004 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 18:08:59.0017 4004 seclogon - ok 18:08:59.0049 4004 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 18:08:59.0049 4004 SENS - ok 18:08:59.0111 4004 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll 18:08:59.0127 4004 SensrSvc - ok 18:08:59.0189 4004 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 18:08:59.0189 4004 Serenum - ok 18:08:59.0283 4004 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 18:08:59.0283 4004 Serial - ok 18:08:59.0329 4004 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 18:08:59.0329 4004 sermouse - ok 18:08:59.0376 4004 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll 18:08:59.0376 4004 SessionEnv - ok 18:08:59.0470 4004 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys 18:08:59.0470 4004 sffdisk - ok 18:08:59.0485 4004 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys 18:08:59.0485 4004 sffp_mmc - ok 18:08:59.0517 4004 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys 18:08:59.0517 4004 sffp_sd - ok 18:08:59.0532 4004 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 18:08:59.0532 4004 sfloppy - ok 18:08:59.0626 4004 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 18:08:59.0641 4004 SharedAccess - ok 18:08:59.0688 4004 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll 18:08:59.0688 4004 ShellHWDetection - ok 18:08:59.0782 4004 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys 18:08:59.0782 4004 sisagp - ok 18:08:59.0829 4004 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 18:08:59.0829 4004 SiSRaid2 - ok 18:08:59.0891 4004 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 18:08:59.0891 4004 SiSRaid4 - ok 18:08:59.0922 4004 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 18:08:59.0922 4004 Smb - ok 18:09:00.0047 4004 SmcService (a58c1a086d9c09c6572c948f22cc0e94) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 18:09:00.0078 4004 SmcService - ok 18:09:00.0156 4004 SNAC (d2c222441255131e29de351475f98f6d) C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE 18:09:00.0172 4004 SNAC - ok 18:09:00.0265 4004 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 18:09:00.0265 4004 SNMPTRAP - ok 18:09:00.0375 4004 SPBBCDrv (e621bb5839cf45fa477f48092edd2b40) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 18:09:00.0375 4004 SPBBCDrv - ok 18:09:00.0484 4004 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 18:09:00.0484 4004 spldr - ok 18:09:00.0515 4004 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe 18:09:00.0531 4004 Spooler - ok 18:09:00.0640 4004 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe 18:09:00.0718 4004 sppsvc - ok 18:09:00.0796 4004 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll 18:09:00.0796 4004 sppuinotify - ok 18:09:00.0889 4004 SpyHunter 4 Service (63f2b52947577dbb075fe646bc758a2f) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 18:09:00.0889 4004 SpyHunter 4 Service - ok 18:09:00.0952 4004 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 18:09:00.0952 4004 SQLBrowser - ok 18:09:01.0014 4004 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 18:09:01.0014 4004 SQLWriter - ok 18:09:01.0092 4004 SRTSP (2abf82c8452ab0b9ffc74a2d5da91989) C:\windows\system32\Drivers\SRTSP.SYS 18:09:01.0092 4004 SRTSP - ok 18:09:01.0139 4004 SRTSPL (e2f9e5887bea5bd8784d337e06eda31b) C:\windows\system32\Drivers\SRTSPL.SYS 18:09:01.0139 4004 SRTSPL - ok 18:09:01.0233 4004 SRTSPX (3b974c158fabd910186f98df8d3e23f3) C:\windows\system32\Drivers\SRTSPX.SYS 18:09:01.0233 4004 SRTSPX - ok 18:09:01.0264 4004 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys 18:09:01.0279 4004 srv - ok 18:09:01.0373 4004 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys 18:09:01.0373 4004 srv2 - ok 18:09:01.0389 4004 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys 18:09:01.0404 4004 srvnet - ok 18:09:01.0467 4004 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 18:09:01.0467 4004 SSDPSRV - ok 18:09:01.0482 4004 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 18:09:01.0498 4004 SstpSvc - ok 18:09:01.0529 4004 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 18:09:01.0529 4004 stexstor - ok 18:09:01.0607 4004 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll 18:09:01.0623 4004 StiSvc - ok 18:09:01.0732 4004 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys 18:09:01.0732 4004 swenum - ok 18:09:01.0763 4004 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 18:09:01.0763 4004 swprv - ok 18:09:01.0888 4004 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 18:09:01.0903 4004 Symantec AntiVirus - ok 18:09:02.0044 4004 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS 18:09:02.0044 4004 SymEvent - ok 18:09:02.0091 4004 SYMREDRV (394b2368212114d538316812af60fddd) C:\windows\System32\Drivers\SYMREDRV.SYS 18:09:02.0091 4004 SYMREDRV - ok 18:09:02.0184 4004 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\windows\System32\Drivers\SYMTDI.SYS 18:09:02.0184 4004 SYMTDI - ok 18:09:02.0231 4004 SynTP (7a9025d8f7852b06d6d08ed536135e7e) C:\windows\system32\DRIVERS\SynTP.sys 18:09:02.0231 4004 SynTP - ok 18:09:02.0340 4004 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll 18:09:02.0356 4004 SysMain - ok 18:09:02.0449 4004 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll 18:09:02.0449 4004 TabletInputService - ok 18:09:02.0496 4004 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll 18:09:02.0512 4004 TapiSrv - ok 18:09:02.0574 4004 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 18:09:02.0574 4004 TBS - ok 18:09:02.0652 4004 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys 18:09:02.0668 4004 Tcpip - ok 18:09:02.0793 4004 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys 18:09:02.0808 4004 TCPIP6 - ok 18:09:02.0917 4004 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys 18:09:02.0917 4004 tcpipreg - ok 18:09:02.0949 4004 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys 18:09:02.0949 4004 TDPIPE - ok 18:09:02.0995 4004 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys 18:09:02.0995 4004 TDTCP - ok 18:09:03.0105 4004 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys 18:09:03.0105 4004 tdx - ok 18:09:03.0229 4004 TeamViewer6 (839e88db24d2d8f05b72e12b175951ca) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe 18:09:03.0292 4004 TeamViewer6 - ok 18:09:03.0401 4004 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys 18:09:03.0401 4004 TermDD - ok 18:09:03.0432 4004 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll 18:09:03.0448 4004 TermService - ok 18:09:03.0526 4004 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 18:09:03.0526 4004 Themes - ok 18:09:03.0557 4004 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:09:03.0557 4004 THREADORDER - ok 18:09:03.0604 4004 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 18:09:03.0604 4004 TrkWks - ok 18:09:03.0651 4004 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe 18:09:03.0651 4004 TrustedInstaller - ok 18:09:03.0729 4004 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys 18:09:03.0729 4004 tssecsrv - ok 18:09:03.0822 4004 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys 18:09:03.0822 4004 TsUsbFlt - ok 18:09:03.0916 4004 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys 18:09:03.0916 4004 tunnel - ok 18:09:03.0978 4004 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 18:09:03.0978 4004 uagp35 - ok 18:09:04.0009 4004 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys 18:09:04.0009 4004 udfs - ok 18:09:04.0072 4004 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 18:09:04.0072 4004 UI0Detect - ok 18:09:04.0150 4004 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys 18:09:04.0150 4004 uliagpkx - ok 18:09:04.0243 4004 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys 18:09:04.0243 4004 umbus - ok 18:09:04.0275 4004 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 18:09:04.0275 4004 UmPass - ok 18:09:04.0321 4004 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 18:09:04.0321 4004 upnphost - ok 18:09:04.0399 4004 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys 18:09:04.0399 4004 USBAAPL - ok 18:09:04.0462 4004 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys 18:09:04.0462 4004 usbccgp - ok 18:09:04.0509 4004 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys 18:09:04.0509 4004 usbcir - ok 18:09:04.0587 4004 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys 18:09:04.0587 4004 usbehci - ok 18:09:04.0649 4004 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys 18:09:04.0649 4004 usbhub - ok 18:09:04.0727 4004 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys 18:09:04.0727 4004 usbohci - ok 18:09:04.0774 4004 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 18:09:04.0774 4004 usbprint - ok 18:09:04.0852 4004 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 18:09:04.0852 4004 usbscan - ok 18:09:04.0914 4004 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\drivers\USBSTOR.SYS 18:09:04.0914 4004 USBSTOR - ok 18:09:04.0992 4004 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys 18:09:04.0992 4004 usbuhci - ok 18:09:05.0070 4004 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys 18:09:05.0070 4004 usbvideo - ok 18:09:05.0101 4004 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 18:09:05.0101 4004 UxSms - ok 18:09:05.0164 4004 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:09:05.0164 4004 VaultSvc - ok 18:09:05.0226 4004 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys 18:09:05.0226 4004 vdrvroot - ok 18:09:05.0289 4004 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe 18:09:05.0289 4004 vds - ok 18:09:05.0398 4004 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 18:09:05.0398 4004 vga - ok 18:09:05.0413 4004 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 18:09:05.0413 4004 VgaSave - ok 18:09:05.0445 4004 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys 18:09:05.0460 4004 vhdmp - ok 18:09:05.0554 4004 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys 18:09:05.0569 4004 viaagp - ok 18:09:05.0585 4004 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 18:09:05.0585 4004 ViaC7 - ok 18:09:05.0710 4004 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys 18:09:05.0710 4004 viaide - ok 18:09:05.0741 4004 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys 18:09:05.0757 4004 volmgr - ok 18:09:05.0835 4004 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 18:09:05.0850 4004 volmgrx - ok 18:09:05.0897 4004 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys 18:09:05.0897 4004 volsnap - ok 18:09:05.0991 4004 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 18:09:05.0991 4004 vsmraid - ok 18:09:06.0053 4004 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe 18:09:06.0069 4004 VSS - ok 18:09:06.0162 4004 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 18:09:06.0162 4004 vwifibus - ok 18:09:06.0193 4004 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 18:09:06.0193 4004 vwififlt - ok 18:09:06.0256 4004 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 18:09:06.0256 4004 vwifimp - ok 18:09:06.0318 4004 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 18:09:06.0318 4004 W32Time - ok 18:09:06.0365 4004 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 18:09:06.0381 4004 WacomPen - ok 18:09:06.0474 4004 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:09:06.0474 4004 WANARP - ok 18:09:06.0474 4004 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:09:06.0474 4004 Wanarpv6 - ok 18:09:06.0568 4004 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe 18:09:06.0583 4004 WatAdminSvc - ok 18:09:06.0677 4004 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe 18:09:06.0693 4004 wbengine - ok 18:09:06.0771 4004 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 18:09:06.0771 4004 WbioSrvc - ok 18:09:06.0833 4004 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll 18:09:06.0833 4004 wcncsvc - ok 18:09:06.0880 4004 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 18:09:06.0880 4004 WcsPlugInService - ok 18:09:06.0942 4004 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 18:09:06.0942 4004 Wd - ok 18:09:06.0958 4004 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 18:09:06.0973 4004 Wdf01000 - ok 18:09:07.0036 4004 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:09:07.0036 4004 WdiServiceHost - ok 18:09:07.0036 4004 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:09:07.0051 4004 WdiSystemHost - ok 18:09:07.0083 4004 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll 18:09:07.0083 4004 WebClient - ok 18:09:07.0129 4004 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 18:09:07.0145 4004 Wecsvc - ok 18:09:07.0176 4004 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 18:09:07.0176 4004 wercplsupport - ok 18:09:07.0223 4004 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 18:09:07.0223 4004 WerSvc - ok 18:09:07.0285 4004 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 18:09:07.0285 4004 WfpLwf - ok 18:09:07.0332 4004 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 18:09:07.0332 4004 WIMMount - ok 18:09:07.0395 4004 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 18:09:07.0395 4004 WinDefend - ok 18:09:07.0395 4004 WinHttpAutoProxySvc - ok 18:09:07.0519 4004 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 18:09:07.0519 4004 Winmgmt - ok 18:09:07.0629 4004 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll 18:09:07.0644 4004 WinRM - ok 18:09:07.0769 4004 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys 18:09:07.0769 4004 WinUsb - ok 18:09:07.0800 4004 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 18:09:07.0816 4004 Wlansvc - ok 18:09:07.0925 4004 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:09:07.0941 4004 wlidsvc - ok 18:09:08.0065 4004 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys 18:09:08.0065 4004 WmiAcpi - ok 18:09:08.0128 4004 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 18:09:08.0128 4004 wmiApSrv - ok 18:09:08.0221 4004 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 18:09:08.0237 4004 WMPNetworkSvc - ok 18:09:08.0315 4004 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 18:09:08.0315 4004 WPCSvc - ok 18:09:08.0362 4004 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll 18:09:08.0362 4004 WPDBusEnum - ok 18:09:08.0424 4004 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 18:09:08.0440 4004 ws2ifsl - ok 18:09:08.0487 4004 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll 18:09:08.0487 4004 wscsvc - ok 18:09:08.0533 4004 WSearch - ok 18:09:08.0611 4004 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll 18:09:08.0627 4004 wuauserv - ok 18:09:08.0736 4004 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys 18:09:08.0736 4004 WudfPf - ok 18:09:08.0767 4004 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys 18:09:08.0767 4004 WUDFRd - ok 18:09:08.0877 4004 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll 18:09:08.0877 4004 wudfsvc - ok 18:09:08.0908 4004 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 18:09:08.0908 4004 WwanSvc - ok 18:09:08.0955 4004 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0 18:09:09.0126 4004 \Device\Harddisk0\DR0 - ok 18:09:09.0142 4004 Boot (0x1200) (5fb009d8d1bbe104d22d071977f32a2a) \Device\Harddisk0\DR0\Partition0 18:09:09.0142 4004 \Device\Harddisk0\DR0\Partition0 - ok 18:09:09.0157 4004 Boot (0x1200) (d5688b55e165a627667567455a328efc) \Device\Harddisk0\DR0\Partition1 18:09:09.0157 4004 \Device\Harddisk0\DR0\Partition1 - ok 18:09:09.0189 4004 Boot (0x1200) (78ee0a60b0242cd51c89824323794145) \Device\Harddisk0\DR0\Partition2 18:09:09.0189 4004 \Device\Harddisk0\DR0\Partition2 - ok 18:09:09.0189 4004 ============================================================ 18:09:09.0189 4004 Scan finished 18:09:09.0189 4004 ============================================================ 18:09:09.0189 3996 Detected object count: 0 18:09:09.0189 3996 Actual detected object count: 0 18:16:31.0723 1700 ============================================================ 18:16:31.0723 1700 Scan started 18:16:31.0723 1700 Mode: Manual; SigCheck; TDLFS; 18:16:31.0723 1700 ============================================================ 18:16:31.0933 1700 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys 18:16:32.0033 1700 1394ohci - ok 18:16:32.0073 1700 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys 18:16:32.0083 1700 ACPI - ok 18:16:32.0203 1700 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys 18:16:32.0243 1700 AcpiPmi - ok 18:16:32.0373 1700 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:16:32.0393 1700 AdobeFlashPlayerUpdateSvc - ok 18:16:32.0453 1700 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 18:16:32.0473 1700 adp94xx - ok 18:16:32.0563 1700 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 18:16:32.0573 1700 adpahci - ok 18:16:32.0583 1700 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 18:16:32.0603 1700 adpu320 - ok 18:16:32.0633 1700 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 18:16:32.0683 1700 AeLookupSvc - ok 18:16:32.0783 1700 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys 18:16:32.0853 1700 AFD - ok 18:16:32.0953 1700 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys 18:16:32.0963 1700 agp440 - ok 18:16:33.0023 1700 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 18:16:33.0033 1700 aic78xx - ok 18:16:33.0133 1700 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 18:16:33.0173 1700 ALG - ok 18:16:33.0243 1700 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys 18:16:33.0253 1700 aliide - ok 18:16:33.0373 1700 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys 18:16:33.0393 1700 amdagp - ok 18:16:33.0393 1700 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys 18:16:33.0403 1700 amdide - ok 18:16:33.0433 1700 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 18:16:33.0473 1700 AmdK8 - ok 18:16:33.0563 1700 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 18:16:33.0593 1700 AmdPPM - ok 18:16:33.0623 1700 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys 18:16:33.0633 1700 amdsata - ok 18:16:33.0723 1700 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 18:16:33.0733 1700 amdsbs - ok 18:16:33.0773 1700 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys 18:16:33.0783 1700 amdxata - ok 18:16:33.0813 1700 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys 18:16:33.0943 1700 AppID - ok 18:16:34.0033 1700 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 18:16:34.0073 1700 AppIDSvc - ok 18:16:34.0113 1700 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll 18:16:34.0163 1700 Appinfo - ok 18:16:34.0253 1700 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:16:34.0263 1700 Apple Mobile Device - ok 18:16:34.0353 1700 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 18:16:34.0363 1700 arc - ok 18:16:34.0393 1700 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 18:16:34.0413 1700 arcsas - ok 18:16:34.0423 1700 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 18:16:34.0523 1700 AsyncMac - ok 18:16:34.0623 1700 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys 18:16:34.0643 1700 atapi - ok 18:16:34.0683 1700 athr (de0fbcccd6af0f0e7bf12e8d041cc48f) C:\windows\system32\DRIVERS\athr.sys 18:16:34.0723 1700 athr - ok 18:16:34.0813 1700 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:16:34.0853 1700 AudioEndpointBuilder - ok 18:16:34.0873 1700 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:16:34.0903 1700 Audiosrv - ok 18:16:34.0993 1700 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll 18:16:35.0053 1700 AxInstSV - ok 18:16:35.0153 1700 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 18:16:35.0183 1700 b06bdrv - ok 18:16:35.0273 1700 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 18:16:35.0313 1700 b57nd60x - ok 18:16:35.0373 1700 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 18:16:35.0383 1700 BcmSqlStartupSvc - ok 18:16:35.0473 1700 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 18:16:35.0513 1700 BDESVC - ok 18:16:35.0593 1700 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 18:16:35.0633 1700 Beep - ok 18:16:35.0683 1700 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll 18:16:35.0733 1700 BFE - ok 18:16:35.0833 1700 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll 18:16:35.0873 1700 BITS - ok 18:16:35.0953 1700 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 18:16:35.0963 1700 blbdrive - ok 18:16:36.0033 1700 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 18:16:36.0043 1700 Bonjour Service - ok 18:16:36.0153 1700 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys 18:16:36.0183 1700 bowser - ok 18:16:36.0203 1700 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 18:16:36.0233 1700 BrFiltLo - ok 18:16:36.0323 1700 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 18:16:36.0363 1700 BrFiltUp - ok 18:16:36.0393 1700 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll 18:16:36.0443 1700 Browser - ok 18:16:36.0533 1700 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 18:16:36.0563 1700 Brserid - ok 18:16:36.0573 1700 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 18:16:36.0603 1700 BrSerWdm - ok 18:16:36.0679 1700 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 18:16:36.0710 1700 BrUsbMdm - ok 18:16:36.0725 1700 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 18:16:36.0757 1700 BrUsbSer - ok 18:16:36.0835 1700 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 18:16:36.0866 1700 BTHMODEM - ok 18:16:36.0897 1700 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 18:16:36.0944 1700 bthserv - ok 18:16:37.0022 1700 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:16:37.0022 1700 ccEvtMgr - ok 18:16:37.0037 1700 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:16:37.0037 1700 ccSetMgr - ok 18:16:37.0131 1700 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 18:16:37.0162 1700 cdfs - ok 18:16:37.0193 1700 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys 18:16:37.0225 1700 cdrom - ok 18:16:37.0318 1700 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:16:37.0349 1700 CertPropSvc - ok 18:16:37.0381 1700 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 18:16:37.0412 1700 circlass - ok 18:16:37.0474 1700 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 18:16:37.0490 1700 CLFS - ok 18:16:37.0552 1700 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:16:37.0568 1700 clr_optimization_v2.0.50727_32 - ok 18:16:37.0615 1700 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:16:37.0630 1700 clr_optimization_v4.0.30319_32 - ok 18:16:37.0693 1700 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 18:16:37.0724 1700 CmBatt - ok 18:16:37.0786 1700 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys 18:16:37.0802 1700 cmdide - ok 18:16:37.0880 1700 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys 18:16:37.0895 1700 CNG - ok 18:16:37.0942 1700 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 18:16:37.0958 1700 Compbatt - ok 18:16:38.0005 1700 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys 18:16:38.0020 1700 CompositeBus - ok 18:16:38.0051 1700 COMSysApp - ok 18:16:38.0129 1700 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 18:16:38.0129 1700 crcdisk - ok 18:16:38.0192 1700 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll 18:16:38.0223 1700 CryptSvc - ok 18:16:38.0332 1700 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys 18:16:38.0348 1700 ctxusbm - ok 18:16:38.0410 1700 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:16:38.0457 1700 DcomLaunch - ok 18:16:38.0535 1700 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 18:16:38.0582 1700 defragsvc - ok 18:16:38.0644 1700 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys 18:16:38.0675 1700 DfsC - ok 18:16:38.0769 1700 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll 18:16:38.0800 1700 Dhcp - ok 18:16:38.0831 1700 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 18:16:38.0863 1700 discache - ok 18:16:38.0956 1700 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 18:16:38.0972 1700 Disk - ok 18:16:39.0003 1700 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll 18:16:39.0050 1700 Dnscache - ok 18:16:39.0128 1700 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll 18:16:39.0175 1700 dot3svc - ok 18:16:39.0221 1700 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys 18:16:39.0253 1700 Dot4 - ok 18:16:39.0362 1700 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\windows\system32\drivers\Dot4Prt.sys 18:16:39.0362 1700 Dot4Print - ok 18:16:39.0409 1700 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys 18:16:39.0424 1700 dot4usb - ok 18:16:39.0518 1700 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll 18:16:39.0580 1700 DPS - ok 18:16:39.0611 1700 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 18:16:39.0627 1700 drmkaud - ok 18:16:39.0736 1700 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys 18:16:39.0767 1700 DXGKrnl - ok 18:16:39.0861 1700 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 18:16:39.0892 1700 EapHost - ok 18:16:40.0001 1700 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 18:16:40.0064 1700 ebdrv - ok 18:16:40.0142 1700 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 18:16:40.0158 1700 eeCtrl - ok 18:16:40.0236 1700 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe 18:16:40.0267 1700 EFS - ok 18:16:40.0345 1700 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe 18:16:40.0376 1700 ehRecvr - ok 18:16:40.0438 1700 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe 18:16:40.0470 1700 ehSched - ok 18:16:40.0548 1700 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 18:16:40.0563 1700 elxstor - ok 18:16:40.0641 1700 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:16:40.0641 1700 EraserUtilRebootDrv - ok 18:16:40.0750 1700 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys 18:16:40.0766 1700 ErrDev - ok 18:16:40.0797 1700 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 18:16:40.0828 1700 EventSystem - ok 18:16:40.0922 1700 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 18:16:40.0969 1700 exfat - ok 18:16:41.0000 1700 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 18:16:41.0031 1700 fastfat - ok 18:16:41.0109 1700 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe 18:16:41.0156 1700 Fax - ok 18:16:41.0234 1700 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 18:16:41.0265 1700 fdc - ok 18:16:41.0281 1700 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 18:16:41.0328 1700 fdPHost - ok 18:16:41.0406 1700 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 18:16:41.0452 1700 FDResPub - ok 18:16:41.0484 1700 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 18:16:41.0499 1700 FileInfo - ok 18:16:41.0608 1700 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 18:16:41.0640 1700 Filetrace - ok 18:16:41.0733 1700 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 18:16:41.0764 1700 flpydisk - ok 18:16:41.0796 1700 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 18:16:41.0796 1700 FltMgr - ok 18:16:41.0905 1700 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll 18:16:41.0936 1700 FontCache - ok 18:16:42.0030 1700 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:16:42.0045 1700 FontCache3.0.0.0 - ok 18:16:42.0123 1700 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 18:16:42.0123 1700 FsDepends - ok 18:16:42.0186 1700 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\windows\system32\DRIVERS\fssfltr.sys 18:16:42.0186 1700 fssfltr - ok 18:16:42.0310 1700 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 18:16:42.0342 1700 fsssvc - ok 18:16:42.0451 1700 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys 18:16:42.0451 1700 Fs_Rec - ok 18:16:42.0498 1700 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys 18:16:42.0513 1700 fvevol - ok 18:16:42.0544 1700 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 18:16:42.0544 1700 gagp30kx - ok 18:16:42.0654 1700 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 18:16:42.0654 1700 GEARAspiWDM - ok 18:16:42.0700 1700 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll 18:16:42.0747 1700 gpsvc - ok 18:16:42.0825 1700 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:16:42.0841 1700 gupdate - ok 18:16:42.0841 1700 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:16:42.0856 1700 gupdatem - ok 18:16:42.0888 1700 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 18:16:42.0903 1700 gusvc - ok 18:16:43.0028 1700 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 18:16:43.0044 1700 hcw85cir - ok 18:16:43.0090 1700 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys 18:16:43.0122 1700 HdAudAddService - ok 18:16:43.0231 1700 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys 18:16:43.0246 1700 HDAudBus - ok 18:16:43.0278 1700 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 18:16:43.0293 1700 HidBatt - ok 18:16:43.0459 1700 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 18:16:43.0484 1700 HidBth - ok 18:16:43.0587 1700 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 18:16:43.0599 1700 HidIr - ok 18:16:43.0624 1700 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 18:16:43.0664 1700 hidserv - ok 18:16:43.0877 1700 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys 18:16:43.0897 1700 HidUsb - ok 18:16:44.0007 1700 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll 18:16:44.0062 1700 hkmsvc - ok 18:16:44.0149 1700 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll 18:16:44.0184 1700 HomeGroupListener - ok 18:16:44.0227 1700 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll 18:16:44.0264 1700 HomeGroupProvider - ok 18:16:44.0382 1700 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 18:16:44.0402 1700 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 18:16:44.0402 1700 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 18:16:44.0422 1700 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 18:16:44.0429 1700 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 18:16:44.0429 1700 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 18:16:44.0537 1700 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys 18:16:44.0552 1700 HpSAMD - ok 18:16:44.0672 1700 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 18:16:44.0689 1700 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 18:16:44.0689 1700 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 18:16:44.0902 1700 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys 18:16:44.0932 1700 HTTP - ok 18:16:45.0037 1700 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys 18:16:45.0049 1700 hwpolicy - ok 18:16:45.0084 1700 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys 18:16:45.0112 1700 i8042prt - ok 18:16:45.0164 1700 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 18:16:45.0182 1700 IAANTMON - ok 18:16:45.0292 1700 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys 18:16:45.0309 1700 iaStor - ok 18:16:45.0439 1700 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys 18:16:45.0457 1700 iaStorV - ok 18:16:45.0564 1700 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:16:45.0584 1700 idsvc - ok 18:16:45.0874 1700 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\windows\system32\DRIVERS\igdkmd32.sys 18:16:46.0029 1700 igfx - ok 18:16:46.0170 1700 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 18:16:46.0170 1700 iirsp - ok 18:16:46.0279 1700 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll 18:16:46.0333 1700 IKEEXT - ok 18:16:46.0506 1700 IntcAzAudAddService (5ceef2cccb4fe00d3ffbfeb12bcfa07f) C:\windows\system32\drivers\RTKVHDA.sys 18:16:46.0556 1700 IntcAzAudAddService - ok 18:16:46.0663 1700 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys 18:16:46.0676 1700 intelide - ok 18:16:46.0716 1700 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 18:16:46.0723 1700 intelppm - ok 18:16:46.0817 1700 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 18:16:46.0848 1700 IPBusEnum - ok 18:16:46.0957 1700 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 18:16:47.0004 1700 IpFilterDriver - ok 18:16:47.0097 1700 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll 18:16:47.0129 1700 iphlpsvc - ok 18:16:47.0269 1700 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys 18:16:47.0300 1700 IPMIDRV - ok 18:16:47.0363 1700 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 18:16:47.0394 1700 IPNAT - ok 18:16:47.0550 1700 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe 18:16:47.0581 1700 iPod Service - ok 18:16:47.0675 1700 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 18:16:47.0690 1700 IRENUM - ok 18:16:47.0721 1700 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys 18:16:47.0737 1700 isapnp - ok 18:16:47.0862 1700 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys 18:16:47.0893 1700 iScsiPrt - ok 18:16:48.0130 1700 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys 18:16:48.0142 1700 kbdclass - ok 18:16:48.0382 1700 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys 18:16:48.0455 1700 kbdhid - ok 18:16:48.0557 1700 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:16:48.0572 1700 KeyIso - ok 18:16:48.0600 1700 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys 18:16:48.0615 1700 KSecDD - ok 18:16:48.0615 1700 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys 18:16:48.0631 1700 KSecPkg - ok 18:16:48.0678 1700 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 18:16:48.0709 1700 KtmRm - ok 18:16:48.0787 1700 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll 18:16:48.0818 1700 LanmanServer - ok 18:16:48.0865 1700 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll 18:16:48.0912 1700 LanmanWorkstation - ok 18:16:49.0036 1700 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 18:16:49.0083 1700 LiveUpdate - ok 18:16:49.0192 1700 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 18:16:49.0224 1700 lltdio - ok 18:16:49.0270 1700 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 18:16:49.0317 1700 lltdsvc - ok 18:16:49.0380 1700 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 18:16:49.0426 1700 lmhosts - ok 18:16:49.0473 1700 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 18:16:49.0489 1700 LSI_FC - ok 18:16:49.0614 1700 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 18:16:49.0614 1700 LSI_SAS - ok 18:16:49.0645 1700 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 18:16:49.0686 1700 LSI_SAS2 - ok 18:16:49.0791 1700 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 18:16:49.0808 1700 LSI_SCSI - ok 18:16:49.0836 1700 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 18:16:49.0878 1700 luafv - ok 18:16:50.0016 1700 lxeeCATSCustConnectService (a9d8d63c7378dd34e4e19036093a9264) C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe 18:16:50.0028 1700 lxeeCATSCustConnectService - ok 18:16:50.0093 1700 lxee_device - ok 18:16:50.0140 1700 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll 18:16:50.0140 1700 Mcx2Svc - ok 18:16:50.0202 1700 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 18:16:50.0218 1700 megasas - ok 18:16:50.0264 1700 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 18:16:50.0280 1700 MegaSR - ok 18:16:50.0358 1700 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 18:16:50.0374 1700 Microsoft Office Groove Audit Service - ok 18:16:50.0452 1700 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:16:50.0498 1700 MMCSS - ok 18:16:50.0530 1700 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 18:16:50.0561 1700 Modem - ok 18:16:50.0654 1700 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 18:16:50.0686 1700 monitor - ok 18:16:50.0717 1700 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys 18:16:50.0717 1700 mouclass - ok 18:16:50.0810 1700 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 18:16:50.0826 1700 mouhid - ok 18:16:50.0857 1700 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys 18:16:50.0873 1700 mountmgr - ok 18:16:50.0982 1700 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys 18:16:50.0982 1700 mpio - ok 18:16:51.0013 1700 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 18:16:51.0044 1700 mpsdrv - ok 18:16:51.0138 1700 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll 18:16:51.0185 1700 MpsSvc - ok 18:16:51.0294 1700 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys 18:16:51.0325 1700 MRxDAV - ok 18:16:51.0356 1700 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys 18:16:51.0388 1700 mrxsmb - ok 18:16:51.0497 1700 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys 18:16:51.0512 1700 mrxsmb10 - ok 18:16:51.0544 1700 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys 18:16:51.0575 1700 mrxsmb20 - ok 18:16:51.0668 1700 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys 18:16:51.0684 1700 msahci - ok 18:16:51.0715 1700 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys 18:16:51.0731 1700 msdsm - ok 18:16:51.0762 1700 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 18:16:51.0762 1700 MSDTC - ok 18:16:51.0871 1700 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 18:16:51.0887 1700 Msfs - ok 18:16:51.0902 1700 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 18:16:51.0934 1700 mshidkmdf - ok 18:16:51.0965 1700 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys 18:16:51.0980 1700 msisadrv - ok 18:16:52.0043 1700 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 18:16:52.0074 1700 MSiSCSI - ok 18:16:52.0074 1700 msiserver - ok 18:16:52.0121 1700 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 18:16:52.0152 1700 MSKSSRV - ok 18:16:52.0230 1700 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 18:16:52.0261 1700 MSPCLOCK - ok 18:16:52.0277 1700 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 18:16:52.0308 1700 MSPQM - ok 18:16:52.0433 1700 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 18:16:52.0448 1700 MsRPC - ok 18:16:52.0495 1700 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys 18:16:52.0511 1700 mssmbios - ok 18:16:52.0604 1700 MSSQL$MSSMLBIZ - ok 18:16:52.0651 1700 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 18:16:52.0651 1700 MSSQLServerADHelper - ok 18:16:52.0745 1700 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 18:16:52.0760 1700 MSTEE - ok 18:16:52.0807 1700 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 18:16:52.0807 1700 MTConfig - ok 18:16:52.0838 1700 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 18:16:52.0854 1700 Mup - ok 18:16:52.0932 1700 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll 18:16:52.0994 1700 napagent - ok 18:16:53.0041 1700 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 18:16:53.0088 1700 NativeWifiP - ok 18:16:53.0213 1700 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVENG.SYS 18:16:53.0228 1700 NAVENG - ok 18:16:53.0291 1700 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVEX15.SYS 18:16:53.0322 1700 NAVEX15 - ok 18:16:53.0431 1700 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys 18:16:53.0447 1700 NDIS - ok 18:16:53.0540 1700 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 18:16:53.0572 1700 NdisCap - ok 18:16:53.0572 1700 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 18:16:53.0618 1700 NdisTapi - ok 18:16:53.0665 1700 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys 18:16:53.0712 1700 Ndisuio - ok 18:16:53.0790 1700 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys 18:16:53.0821 1700 NdisWan - ok 18:16:53.0915 1700 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys 18:16:53.0946 1700 NDProxy - ok 18:16:53.0993 1700 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\windows\system32\HPZinw12.dll 18:16:54.0008 1700 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:16:54.0008 1700 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:16:54.0086 1700 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 18:16:54.0118 1700 NetBIOS - ok 18:16:54.0180 1700 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys 18:16:54.0211 1700 NetBT - ok 18:16:54.0274 1700 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:16:54.0289 1700 Netlogon - ok 18:16:54.0336 1700 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 18:16:54.0367 1700 Netman - ok 18:16:54.0476 1700 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 18:16:54.0539 1700 netprofm - ok 18:16:54.0632 1700 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:16:54.0632 1700 NetTcpPortSharing - ok 18:16:54.0726 1700 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 18:16:54.0726 1700 nfrd960 - ok 18:16:54.0804 1700 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll 18:16:54.0866 1700 NlaSvc - ok 18:16:54.0929 1700 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 18:16:54.0976 1700 Npfs - ok 18:16:55.0038 1700 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 18:16:55.0069 1700 nsi - ok 18:16:55.0147 1700 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 18:16:55.0178 1700 nsiproxy - ok 18:16:55.0256 1700 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys 18:16:55.0288 1700 Ntfs - ok 18:16:55.0366 1700 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 18:16:55.0412 1700 Null - ok 18:16:55.0459 1700 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys 18:16:55.0475 1700 nvraid - ok 18:16:55.0537 1700 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys 18:16:55.0553 1700 nvstor - ok 18:16:55.0600 1700 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys 18:16:55.0615 1700 nv_agp - ok 18:16:55.0678 1700 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 18:16:55.0678 1700 OberonGameConsoleService - ok 18:16:55.0771 1700 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:16:55.0787 1700 odserv - ok 18:16:55.0896 1700 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys 18:16:55.0896 1700 ohci1394 - ok 18:16:55.0958 1700 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:16:55.0974 1700 ose - ok 18:16:56.0052 1700 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:16:56.0099 1700 p2pimsvc - ok 18:16:56.0177 1700 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 18:16:56.0192 1700 p2psvc - ok 18:16:56.0239 1700 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 18:16:56.0255 1700 Parport - ok 18:16:56.0286 1700 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys 18:16:56.0302 1700 partmgr - ok 18:16:56.0380 1700 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 18:16:56.0411 1700 Parvdm - ok 18:16:56.0458 1700 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 18:16:56.0473 1700 PcaSvc - ok 18:16:56.0582 1700 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys 18:16:56.0598 1700 pci - ok 18:16:56.0614 1700 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys 18:16:56.0629 1700 pciide - ok 18:16:56.0660 1700 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 18:16:56.0676 1700 pcmcia - ok 18:16:56.0754 1700 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 18:16:56.0770 1700 pcw - ok 18:16:56.0785 1700 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 18:16:56.0832 1700 PEAUTH - ok 18:16:56.0957 1700 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll 18:16:57.0004 1700 pla - ok 18:16:57.0113 1700 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll 18:16:57.0128 1700 PlugPlay - ok 18:16:57.0175 1700 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\windows\system32\HPZipm12.dll 18:16:57.0175 1700 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:16:57.0175 1700 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:16:57.0238 1700 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 18:16:57.0269 1700 PNRPAutoReg - ok 18:16:57.0300 1700 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:16:57.0316 1700 PNRPsvc - ok 18:16:57.0394 1700 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll 18:16:57.0440 1700 PolicyAgent - ok 18:16:57.0487 1700 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll 18:16:57.0534 1700 Power - ok 18:16:57.0612 1700 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 18:16:57.0643 1700 PptpMiniport - ok 18:16:57.0674 1700 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 18:16:57.0690 1700 Processor - ok 18:16:57.0768 1700 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll 18:16:57.0799 1700 ProfSvc - ok 18:16:57.0830 1700 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:16:57.0846 1700 ProtectedStorage - ok 18:16:57.0893 1700 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 18:16:57.0924 1700 Psched - ok 18:16:58.0002 1700 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 18:16:58.0033 1700 ql2300 - ok 18:16:58.0158 1700 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 18:16:58.0174 1700 ql40xx - ok 18:16:58.0189 1700 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 18:16:58.0220 1700 QWAVE - ok 18:16:58.0330 1700 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 18:16:58.0345 1700 QWAVEdrv - ok 18:16:58.0485 1700 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 18:16:58.0512 1700 RasAcd - ok 18:16:58.0582 1700 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 18:16:58.0617 1700 RasAgileVpn - ok 18:16:58.0732 1700 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 18:16:58.0765 1700 RasAuto - ok 18:16:58.0812 1700 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 18:16:58.0843 1700 Rasl2tp - ok 18:16:58.0937 1700 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll 18:16:58.0968 1700 RasMan - ok 18:16:58.0999 1700 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 18:16:59.0015 1700 RasPppoe - ok 18:16:59.0030 1700 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 18:16:59.0077 1700 RasSstp - ok 18:16:59.0171 1700 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys 18:16:59.0202 1700 rdbss - ok 18:16:59.0233 1700 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 18:16:59.0264 1700 rdpbus - ok 18:16:59.0374 1700 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys 18:16:59.0405 1700 RDPCDD - ok 18:16:59.0436 1700 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 18:16:59.0467 1700 RDPENCDD - ok 18:16:59.0561 1700 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 18:16:59.0608 1700 RDPREFMP - ok 18:16:59.0654 1700 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys 18:16:59.0701 1700 RDPWD - ok 18:16:59.0810 1700 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys 18:16:59.0826 1700 rdyboost - ok 18:16:59.0857 1700 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 18:16:59.0888 1700 RemoteAccess - ok 18:16:59.0966 1700 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 18:17:00.0013 1700 RemoteRegistry - ok 18:17:00.0029 1700 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 18:17:00.0060 1700 RpcEptMapper - ok 18:17:00.0138 1700 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 18:17:00.0169 1700 RpcLocator - ok 18:17:00.0200 1700 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:17:00.0232 1700 RpcSs - ok 18:17:00.0294 1700 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 18:17:00.0341 1700 rspndr - ok 18:17:00.0403 1700 RTL8167 (6465166dd9b2f841dabad16abdadbe98) C:\windows\system32\DRIVERS\Rt86win7.sys 18:17:00.0419 1700 RTL8167 - ok 18:17:00.0528 1700 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys 18:17:00.0559 1700 SABI - ok 18:17:00.0637 1700 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:17:00.0653 1700 SamSs - ok 18:17:00.0700 1700 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys 18:17:00.0715 1700 sbp2port - ok 18:17:00.0746 1700 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 18:17:00.0778 1700 SCardSvr - ok 18:17:00.0871 1700 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys 18:17:00.0902 1700 scfilter - ok 18:17:00.0965 1700 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll 18:17:00.0996 1700 Schedule - ok 18:17:01.0090 1700 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:17:01.0105 1700 SCPolicySvc - ok 18:17:01.0136 1700 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll 18:17:01.0168 1700 SDRSVC - ok 18:17:01.0199 1700 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 18:17:01.0246 1700 secdrv - ok 18:17:01.0308 1700 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 18:17:01.0339 1700 seclogon - ok 18:17:01.0355 1700 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 18:17:01.0402 1700 SENS - ok 18:17:01.0464 1700 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll 18:17:01.0495 1700 SensrSvc - ok 18:17:01.0526 1700 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 18:17:01.0542 1700 Serenum - ok 18:17:01.0620 1700 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 18:17:01.0620 1700 Serial - ok 18:17:01.0667 1700 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 18:17:01.0682 1700 sermouse - ok 18:17:01.0776 1700 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll 18:17:01.0807 1700 SessionEnv - ok 18:17:01.0870 1700 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys 18:17:01.0901 1700 sffdisk - ok 18:17:01.0994 1700 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys 18:17:01.0994 1700 sffp_mmc - ok 18:17:02.0026 1700 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys 18:17:02.0041 1700 sffp_sd - ok 18:17:02.0119 1700 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 18:17:02.0135 1700 sfloppy - ok 18:17:02.0182 1700 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 18:17:02.0213 1700 SharedAccess - ok 18:17:02.0291 1700 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll 18:17:02.0322 1700 ShellHWDetection - ok 18:17:02.0384 1700 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys 18:17:02.0384 1700 sisagp - ok 18:17:02.0478 1700 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 18:17:02.0494 1700 SiSRaid2 - ok 18:17:02.0509 1700 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 18:17:02.0525 1700 SiSRaid4 - ok 18:17:02.0540 1700 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 18:17:02.0572 1700 Smb - ok 18:17:02.0681 1700 SmcService (a58c1a086d9c09c6572c948f22cc0e94) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 18:17:02.0728 1700 SmcService - ok 18:17:02.0790 1700 SNAC (d2c222441255131e29de351475f98f6d) C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE 18:17:02.0806 1700 SNAC - ok 18:17:02.0884 1700 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 18:17:02.0899 1700 SNMPTRAP - ok 18:17:02.0993 1700 SPBBCDrv (e621bb5839cf45fa477f48092edd2b40) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 18:17:03.0008 1700 SPBBCDrv - ok 18:17:03.0102 1700 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 18:17:03.0102 1700 spldr - ok 18:17:03.0149 1700 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe 18:17:03.0196 1700 Spooler - ok 18:17:03.0336 1700 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe 18:17:03.0383 1700 sppsvc - ok 18:17:03.0476 1700 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll 18:17:03.0523 1700 sppuinotify - ok 18:17:03.0586 1700 SpyHunter 4 Service (63f2b52947577dbb075fe646bc758a2f) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 18:17:03.0601 1700 SpyHunter 4 Service - ok 18:17:03.0664 1700 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 18:17:03.0664 1700 SQLBrowser - ok 18:17:03.0710 1700 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 18:17:03.0726 1700 SQLWriter - ok 18:17:03.0820 1700 SRTSP (2abf82c8452ab0b9ffc74a2d5da91989) C:\windows\system32\Drivers\SRTSP.SYS 18:17:03.0820 1700 SRTSP - ok 18:17:03.0867 1700 SRTSPL (e2f9e5887bea5bd8784d337e06eda31b) C:\windows\system32\Drivers\SRTSPL.SYS 18:17:03.0882 1700 SRTSPL - ok 18:17:03.0882 1700 SRTSPX (3b974c158fabd910186f98df8d3e23f3) C:\windows\system32\Drivers\SRTSPX.SYS 18:17:03.0898 1700 SRTSPX - ok 18:17:03.0991 1700 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys 18:17:04.0023 1700 srv - ok 18:17:04.0054 1700 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys 18:17:04.0069 1700 srv2 - ok 18:17:04.0163 1700 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys 18:17:04.0179 1700 srvnet - ok 18:17:04.0225 1700 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 18:17:04.0257 1700 SSDPSRV - ok 18:17:04.0319 1700 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 18:17:04.0350 1700 SstpSvc - ok 18:17:04.0397 1700 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 18:17:04.0413 1700 stexstor - ok 18:17:04.0506 1700 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll 18:17:04.0537 1700 StiSvc - ok 18:17:04.0647 1700 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys 18:17:04.0662 1700 swenum - ok 18:17:04.0693 1700 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 18:17:04.0725 1700 swprv - ok 18:17:04.0834 1700 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 18:17:04.0896 1700 Symantec AntiVirus - ok 18:17:05.0021 1700 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS 18:17:05.0037 1700 SymEvent - ok 18:17:05.0068 1700 SYMREDRV (394b2368212114d538316812af60fddd) C:\windows\System32\Drivers\SYMREDRV.SYS 18:17:05.0083 1700 SYMREDRV - ok 18:17:05.0115 1700 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\windows\System32\Drivers\SYMTDI.SYS 18:17:05.0130 1700 SYMTDI - ok 18:17:05.0224 1700 SynTP (7a9025d8f7852b06d6d08ed536135e7e) C:\windows\system32\DRIVERS\SynTP.sys 18:17:05.0255 1700 SynTP - ok 18:17:05.0392 1700 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll 18:17:05.0447 1700 SysMain - ok 18:17:05.0542 1700 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll 18:17:05.0577 1700 TabletInputService - ok 18:17:05.0645 1700 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll 18:17:05.0715 1700 TapiSrv - ok 18:17:05.0827 1700 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 18:17:05.0870 1700 TBS - ok 18:17:06.0050 1700 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys 18:17:06.0087 1700 Tcpip - ok 18:17:06.0212 1700 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys 18:17:06.0245 1700 TCPIP6 - ok 18:17:06.0462 1700 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys 18:17:06.0502 1700 tcpipreg - ok 18:17:06.0600 1700 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys 18:17:06.0617 1700 TDPIPE - ok 18:17:06.0650 1700 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys 18:17:06.0660 1700 TDTCP - ok 18:17:06.0705 1700 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys 18:17:06.0742 1700 tdx - ok 18:17:06.0850 1700 TeamViewer6 (839e88db24d2d8f05b72e12b175951ca) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe 18:17:06.0892 1700 TeamViewer6 - ok 18:17:07.0012 1700 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys 18:17:07.0030 1700 TermDD - ok 18:17:07.0087 1700 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll 18:17:07.0127 1700 TermService - ok 18:17:07.0212 1700 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 18:17:07.0260 1700 Themes - ok 18:17:07.0350 1700 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:17:07.0390 1700 THREADORDER - ok 18:17:07.0485 1700 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 18:17:07.0552 1700 TrkWks - ok 18:17:07.0647 1700 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe 18:17:07.0682 1700 TrustedInstaller - ok 18:17:07.0790 1700 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys 18:17:07.0832 1700 tssecsrv - ok 18:17:07.0965 1700 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys 18:17:08.0002 1700 TsUsbFlt - ok 18:17:08.0137 1700 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys 18:17:08.0175 1700 tunnel - ok 18:17:08.0277 1700 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 18:17:08.0290 1700 uagp35 - ok 18:17:08.0352 1700 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys 18:17:08.0385 1700 udfs - ok 18:17:08.0492 1700 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 18:17:08.0522 1700 UI0Detect - ok 18:17:08.0580 1700 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys 18:17:08.0592 1700 uliagpkx - ok 18:17:08.0700 1700 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys 18:17:08.0735 1700 umbus - ok 18:17:08.0772 1700 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 18:17:08.0802 1700 UmPass - ok 18:17:08.0890 1700 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 18:17:08.0937 1700 upnphost - ok 18:17:08.0982 1700 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys 18:17:09.0002 1700 USBAAPL - ok 18:17:09.0097 1700 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys 18:17:09.0132 1700 usbccgp - ok 18:17:09.0197 1700 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys 18:17:09.0237 1700 usbcir - ok 18:17:09.0320 1700 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys 18:17:09.0335 1700 usbehci - ok 18:17:09.0382 1700 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys 18:17:09.0410 1700 usbhub - ok 18:17:09.0505 1700 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys 18:17:09.0547 1700 usbohci - ok 18:17:09.0602 1700 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 18:17:09.0617 1700 usbprint - ok 18:17:09.0707 1700 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 18:17:09.0732 1700 usbscan - ok 18:17:09.0790 1700 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\drivers\USBSTOR.SYS 18:17:09.0832 1700 USBSTOR - ok 18:17:09.0925 1700 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys 18:17:09.0950 1700 usbuhci - ok 18:17:10.0010 1700 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys 18:17:10.0040 1700 usbvideo - ok 18:17:10.0155 1700 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 18:17:10.0202 1700 UxSms - ok 18:17:10.0282 1700 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:17:10.0295 1700 VaultSvc - ok 18:17:10.0345 1700 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys 18:17:10.0357 1700 vdrvroot - ok 18:17:10.0510 1700 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe 18:17:10.0545 1700 vds - ok 18:17:10.0642 1700 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 18:17:10.0657 1700 vga - ok 18:17:10.0700 1700 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 18:17:10.0762 1700 VgaSave - ok 18:17:10.0892 1700 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys 18:17:10.0907 1700 vhdmp - ok 18:17:10.0945 1700 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys 18:17:10.0957 1700 viaagp - ok 18:17:11.0062 1700 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 18:17:11.0115 1700 ViaC7 - ok 18:17:11.0235 1700 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys 18:17:11.0245 1700 viaide - ok 18:17:11.0297 1700 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys 18:17:11.0310 1700 volmgr - ok 18:17:11.0347 1700 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 18:17:11.0365 1700 volmgrx - ok 18:17:11.0485 1700 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys 18:17:11.0510 1700 volsnap - ok 18:17:11.0565 1700 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 18:17:11.0580 1700 vsmraid - ok 18:17:11.0720 1700 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe 18:17:11.0770 1700 VSS - ok 18:17:11.0870 1700 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 18:17:11.0895 1700 vwifibus - ok 18:17:11.0917 1700 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 18:17:11.0935 1700 vwififlt - ok 18:17:12.0037 1700 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 18:17:12.0082 1700 vwifimp - ok 18:17:12.0182 1700 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 18:17:12.0220 1700 W32Time - ok 18:17:12.0267 1700 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 18:17:12.0282 1700 WacomPen - ok 18:17:12.0395 1700 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:17:12.0427 1700 WANARP - ok 18:17:12.0437 1700 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:17:12.0465 1700 Wanarpv6 - ok 18:17:12.0535 1700 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe 18:17:12.0570 1700 WatAdminSvc - ok 18:17:12.0728 1700 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe 18:17:12.0790 1700 wbengine - ok 18:17:12.0884 1700 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 18:17:12.0915 1700 WbioSrvc - ok 18:17:12.0978 1700 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll 18:17:12.0993 1700 wcncsvc - ok 18:17:13.0071 1700 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 18:17:13.0118 1700 WcsPlugInService - ok 18:17:13.0165 1700 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 18:17:13.0165 1700 Wd - ok 18:17:13.0258 1700 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 18:17:13.0274 1700 Wdf01000 - ok 18:17:13.0352 1700 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:17:13.0414 1700 WdiServiceHost - ok 18:17:13.0414 1700 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:17:13.0430 1700 WdiSystemHost - ok 18:17:13.0508 1700 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll 18:17:13.0524 1700 WebClient - ok 18:17:13.0555 1700 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 18:17:13.0586 1700 Wecsvc - ok 18:17:13.0664 1700 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 18:17:13.0695 1700 wercplsupport - ok 18:17:13.0726 1700 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 18:17:13.0758 1700 WerSvc - ok 18:17:13.0851 1700 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 18:17:13.0882 1700 WfpLwf - ok 18:17:13.0914 1700 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 18:17:13.0914 1700 WIMMount - ok 18:17:13.0976 1700 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 18:17:14.0007 1700 WinDefend - ok 18:17:14.0007 1700 WinHttpAutoProxySvc - ok 18:17:14.0116 1700 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 18:17:14.0163 1700 Winmgmt - ok 18:17:14.0288 1700 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll 18:17:14.0319 1700 WinRM - ok 18:17:14.0444 1700 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys 18:17:14.0460 1700 WinUsb - ok 18:17:14.0522 1700 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 18:17:14.0569 1700 Wlansvc - ok 18:17:14.0678 1700 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:17:14.0709 1700 wlidsvc - ok 18:17:14.0818 1700 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys 18:17:14.0834 1700 WmiAcpi - ok 18:17:14.0896 1700 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 18:17:14.0928 1700 wmiApSrv - ok 18:17:15.0006 1700 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 18:17:15.0037 1700 WMPNetworkSvc - ok 18:17:15.0130 1700 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 18:17:15.0162 1700 WPCSvc - ok 18:17:15.0240 1700 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll 18:17:15.0271 1700 WPDBusEnum - ok 18:17:15.0349 1700 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 18:17:15.0364 1700 ws2ifsl - ok 18:17:15.0411 1700 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll 18:17:15.0442 1700 wscsvc - ok 18:17:15.0474 1700 WSearch - ok 18:17:15.0614 1700 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll 18:17:15.0661 1700 wuauserv - ok 18:17:15.0754 1700 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys 18:17:15.0786 1700 WudfPf - ok 18:17:15.0817 1700 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys 18:17:15.0832 1700 WUDFRd - ok 18:17:15.0942 1700 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll 18:17:15.0973 1700 wudfsvc - ok 18:17:16.0004 1700 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 18:17:16.0035 1700 WwanSvc - ok 18:17:16.0051 1700 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0 18:17:16.0316 1700 \Device\Harddisk0\DR0 - ok 18:17:16.0332 1700 Boot (0x1200) (5fb009d8d1bbe104d22d071977f32a2a) \Device\Harddisk0\DR0\Partition0 18:17:16.0332 1700 \Device\Harddisk0\DR0\Partition0 - ok 18:17:16.0347 1700 Boot (0x1200) (d5688b55e165a627667567455a328efc) \Device\Harddisk0\DR0\Partition1 18:17:16.0347 1700 \Device\Harddisk0\DR0\Partition1 - ok 18:17:16.0363 1700 Boot (0x1200) (78ee0a60b0242cd51c89824323794145) \Device\Harddisk0\DR0\Partition2 18:17:16.0378 1700 \Device\Harddisk0\DR0\Partition2 - ok 18:17:16.0378 1700 ============================================================ 18:17:16.0378 1700 Scan finished 18:17:16.0378 1700 ============================================================ 18:17:16.0394 1688 Detected object count: 5 18:17:16.0394 1688 Actual detected object count: 5 18:20:20.0952 1688 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0952 1688 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0968 1688 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0968 1688 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0968 1688 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0968 1688 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0968 1688 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0968 1688 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0984 1688 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0984 1688 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip ---------- Post toegevoegd om 18:23 ---------- Vorige post was om 18:21 ---------- Ik merk nu wel op dat als ik de parameters bij TDSSKiller verander, namelijk de optionele mogelijkheden aanvink, ik 5 threats vind. Dit is dan de log: 18:08:18.0192 3920 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05 18:08:18.0333 3920 ============================================================ 18:08:18.0333 3920 Current date / time: 2012/04/14 18:08:18.0333 18:08:18.0333 3920 SystemInfo: 18:08:18.0333 3920 18:08:18.0333 3920 OS Version: 6.1.7601 ServicePack: 1.0 18:08:18.0333 3920 Product type: Workstation 18:08:18.0333 3920 ComputerName: JONAS-PC 18:08:18.0333 3920 UserName: Jonas 18:08:18.0333 3920 Windows directory: C:\windows 18:08:18.0333 3920 System windows directory: C:\windows 18:08:18.0333 3920 Processor architecture: Intel x86 18:08:18.0333 3920 Number of processors: 2 18:08:18.0333 3920 Page size: 0x1000 18:08:18.0333 3920 Boot type: Safe boot with network 18:08:18.0333 3920 ============================================================ 18:08:18.0832 3920 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:08:18.0832 3920 \Device\Harddisk0\DR0: 18:08:18.0832 3920 MBR used 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x16A3A000 18:08:18.0832 3920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1886C800, BlocksNum 0xCBC1800 18:08:18.0894 3920 Initialize success 18:08:18.0894 3920 ============================================================ 18:08:36.0491 4004 ============================================================ 18:08:36.0491 4004 Scan started 18:08:36.0491 4004 Mode: Manual; 18:08:36.0491 4004 ============================================================ 18:08:37.0037 4004 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys 18:08:37.0037 4004 1394ohci - ok 18:08:37.0084 4004 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys 18:08:37.0084 4004 ACPI - ok 18:08:37.0146 4004 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys 18:08:37.0146 4004 AcpiPmi - ok 18:08:37.0287 4004 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:08:37.0287 4004 AdobeFlashPlayerUpdateSvc - ok 18:08:37.0411 4004 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 18:08:37.0411 4004 adp94xx - ok 18:08:37.0505 4004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 18:08:37.0505 4004 adpahci - ok 18:08:37.0521 4004 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 18:08:37.0521 4004 adpu320 - ok 18:08:37.0552 4004 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 18:08:37.0552 4004 AeLookupSvc - ok 18:08:37.0661 4004 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys 18:08:37.0661 4004 AFD - ok 18:08:37.0692 4004 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys 18:08:37.0692 4004 agp440 - ok 18:08:37.0801 4004 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 18:08:37.0801 4004 aic78xx - ok 18:08:37.0848 4004 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 18:08:37.0848 4004 ALG - ok 18:08:37.0957 4004 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys 18:08:37.0957 4004 aliide - ok 18:08:37.0989 4004 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys 18:08:37.0989 4004 amdagp - ok 18:08:38.0098 4004 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys 18:08:38.0098 4004 amdide - ok 18:08:38.0145 4004 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 18:08:38.0145 4004 AmdK8 - ok 18:08:38.0223 4004 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 18:08:38.0223 4004 AmdPPM - ok 18:08:38.0285 4004 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys 18:08:38.0285 4004 amdsata - ok 18:08:38.0394 4004 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 18:08:38.0394 4004 amdsbs - ok 18:08:38.0441 4004 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys 18:08:38.0441 4004 amdxata - ok 18:08:38.0550 4004 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys 18:08:38.0550 4004 AppID - ok 18:08:38.0581 4004 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 18:08:38.0597 4004 AppIDSvc - ok 18:08:38.0691 4004 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll 18:08:38.0691 4004 Appinfo - ok 18:08:38.0769 4004 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:08:38.0769 4004 Apple Mobile Device - ok 18:08:38.0878 4004 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 18:08:38.0878 4004 arc - ok 18:08:38.0909 4004 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 18:08:38.0909 4004 arcsas - ok 18:08:38.0940 4004 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 18:08:38.0940 4004 AsyncMac - ok 18:08:39.0065 4004 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys 18:08:39.0065 4004 atapi - ok 18:08:39.0127 4004 athr (de0fbcccd6af0f0e7bf12e8d041cc48f) C:\windows\system32\DRIVERS\athr.sys 18:08:39.0143 4004 athr - ok 18:08:39.0252 4004 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:08:39.0252 4004 AudioEndpointBuilder - ok 18:08:39.0268 4004 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:08:39.0268 4004 Audiosrv - ok 18:08:39.0361 4004 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll 18:08:39.0361 4004 AxInstSV - ok 18:08:39.0424 4004 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 18:08:39.0439 4004 b06bdrv - ok 18:08:39.0533 4004 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 18:08:39.0533 4004 b57nd60x - ok 18:08:39.0642 4004 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 18:08:39.0658 4004 BcmSqlStartupSvc - ok 18:08:39.0751 4004 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 18:08:39.0751 4004 BDESVC - ok 18:08:39.0798 4004 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 18:08:39.0798 4004 Beep - ok 18:08:39.0907 4004 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll 18:08:39.0907 4004 BFE - ok 18:08:40.0017 4004 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll 18:08:40.0048 4004 BITS - ok 18:08:40.0141 4004 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 18:08:40.0141 4004 blbdrive - ok 18:08:40.0235 4004 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 18:08:40.0251 4004 Bonjour Service - ok 18:08:40.0360 4004 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys 18:08:40.0360 4004 bowser - ok 18:08:40.0391 4004 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 18:08:40.0391 4004 BrFiltLo - ok 18:08:40.0407 4004 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 18:08:40.0407 4004 BrFiltUp - ok 18:08:40.0516 4004 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll 18:08:40.0516 4004 Browser - ok 18:08:40.0563 4004 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 18:08:40.0563 4004 Brserid - ok 18:08:40.0594 4004 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 18:08:40.0594 4004 BrSerWdm - ok 18:08:40.0687 4004 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 18:08:40.0687 4004 BrUsbMdm - ok 18:08:40.0719 4004 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 18:08:40.0719 4004 BrUsbSer - ok 18:08:40.0734 4004 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 18:08:40.0734 4004 BTHMODEM - ok 18:08:40.0828 4004 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 18:08:40.0828 4004 bthserv - ok 18:08:40.0906 4004 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:08:40.0906 4004 ccEvtMgr - ok 18:08:40.0921 4004 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:08:40.0921 4004 ccSetMgr - ok 18:08:40.0999 4004 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 18:08:40.0999 4004 cdfs - ok 18:08:41.0062 4004 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys 18:08:41.0062 4004 cdrom - ok 18:08:41.0171 4004 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:08:41.0171 4004 CertPropSvc - ok 18:08:41.0218 4004 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 18:08:41.0218 4004 circlass - ok 18:08:41.0265 4004 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 18:08:41.0265 4004 CLFS - ok 18:08:41.0358 4004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:08:41.0358 4004 clr_optimization_v2.0.50727_32 - ok 18:08:41.0483 4004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:08:41.0499 4004 clr_optimization_v4.0.30319_32 - ok 18:08:41.0561 4004 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 18:08:41.0577 4004 CmBatt - ok 18:08:41.0639 4004 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys 18:08:41.0639 4004 cmdide - ok 18:08:41.0670 4004 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys 18:08:41.0686 4004 CNG - ok 18:08:41.0764 4004 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 18:08:41.0764 4004 Compbatt - ok 18:08:41.0842 4004 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys 18:08:41.0842 4004 CompositeBus - ok 18:08:41.0889 4004 COMSysApp - ok 18:08:41.0935 4004 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 18:08:41.0935 4004 crcdisk - ok 18:08:41.0982 4004 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll 18:08:41.0982 4004 CryptSvc - ok 18:08:42.0123 4004 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys 18:08:42.0123 4004 ctxusbm - ok 18:08:42.0169 4004 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:08:42.0169 4004 DcomLaunch - ok 18:08:42.0263 4004 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 18:08:42.0263 4004 defragsvc - ok 18:08:42.0325 4004 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys 18:08:42.0325 4004 DfsC - ok 18:08:42.0435 4004 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll 18:08:42.0435 4004 Dhcp - ok 18:08:42.0466 4004 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 18:08:42.0466 4004 discache - ok 18:08:42.0591 4004 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 18:08:42.0591 4004 Disk - ok 18:08:42.0622 4004 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll 18:08:42.0622 4004 Dnscache - ok 18:08:42.0700 4004 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll 18:08:42.0700 4004 dot3svc - ok 18:08:42.0809 4004 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys 18:08:42.0809 4004 Dot4 - ok 18:08:42.0903 4004 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\windows\system32\drivers\Dot4Prt.sys 18:08:42.0903 4004 Dot4Print - ok 18:08:42.0965 4004 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys 18:08:42.0965 4004 dot4usb - ok 18:08:43.0012 4004 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll 18:08:43.0012 4004 DPS - ok 18:08:43.0121 4004 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 18:08:43.0121 4004 drmkaud - ok 18:08:43.0183 4004 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys 18:08:43.0183 4004 DXGKrnl - ok 18:08:43.0277 4004 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 18:08:43.0277 4004 EapHost - ok 18:08:43.0386 4004 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 18:08:43.0480 4004 ebdrv - ok 18:08:43.0573 4004 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 18:08:43.0573 4004 eeCtrl - ok 18:08:43.0651 4004 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe 18:08:43.0651 4004 EFS - ok 18:08:43.0729 4004 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe 18:08:43.0729 4004 ehRecvr - ok 18:08:43.0776 4004 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe 18:08:43.0776 4004 ehSched - ok 18:08:43.0885 4004 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 18:08:43.0885 4004 elxstor - ok 18:08:44.0010 4004 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:08:44.0010 4004 EraserUtilRebootDrv - ok 18:08:44.0104 4004 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys 18:08:44.0104 4004 ErrDev - ok 18:08:44.0166 4004 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 18:08:44.0166 4004 EventSystem - ok 18:08:44.0244 4004 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 18:08:44.0244 4004 exfat - ok 18:08:44.0275 4004 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 18:08:44.0275 4004 fastfat - ok 18:08:44.0322 4004 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe 18:08:44.0338 4004 Fax - ok 18:08:44.0416 4004 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 18:08:44.0416 4004 fdc - ok 18:08:44.0447 4004 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 18:08:44.0447 4004 fdPHost - ok 18:08:44.0494 4004 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 18:08:44.0494 4004 FDResPub - ok 18:08:44.0509 4004 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 18:08:44.0509 4004 FileInfo - ok 18:08:44.0556 4004 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 18:08:44.0556 4004 Filetrace - ok 18:08:44.0587 4004 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 18:08:44.0587 4004 flpydisk - ok 18:08:44.0665 4004 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 18:08:44.0665 4004 FltMgr - ok 18:08:44.0712 4004 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll 18:08:44.0712 4004 FontCache - ok 18:08:44.0806 4004 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:08:44.0821 4004 FontCache3.0.0.0 - ok 18:08:44.0899 4004 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 18:08:44.0899 4004 FsDepends - ok 18:08:44.0962 4004 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\windows\system32\DRIVERS\fssfltr.sys 18:08:44.0962 4004 fssfltr - ok 18:08:45.0087 4004 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 18:08:45.0102 4004 fsssvc - ok 18:08:45.0196 4004 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys 18:08:45.0211 4004 Fs_Rec - ok 18:08:45.0258 4004 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys 18:08:45.0274 4004 fvevol - ok 18:08:45.0367 4004 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 18:08:45.0367 4004 gagp30kx - ok 18:08:45.0414 4004 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 18:08:45.0414 4004 GEARAspiWDM - ok 18:08:45.0508 4004 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll 18:08:45.0508 4004 gpsvc - ok 18:08:45.0601 4004 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:08:45.0617 4004 gupdate - ok 18:08:45.0617 4004 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:08:45.0617 4004 gupdatem - ok 18:08:45.0664 4004 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 18:08:45.0664 4004 gusvc - ok 18:08:45.0757 4004 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 18:08:45.0757 4004 hcw85cir - ok 18:08:45.0820 4004 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys 18:08:45.0820 4004 HdAudAddService - ok 18:08:45.0945 4004 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys 18:08:45.0960 4004 HDAudBus - ok 18:08:45.0976 4004 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 18:08:45.0976 4004 HidBatt - ok 18:08:45.0991 4004 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 18:08:45.0991 4004 HidBth - ok 18:08:46.0023 4004 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 18:08:46.0023 4004 HidIr - ok 18:08:46.0085 4004 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 18:08:46.0085 4004 hidserv - ok 18:08:46.0179 4004 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys 18:08:46.0179 4004 HidUsb - ok 18:08:46.0210 4004 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll 18:08:46.0210 4004 hkmsvc - ok 18:08:46.0272 4004 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll 18:08:46.0272 4004 HomeGroupListener - ok 18:08:46.0319 4004 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll 18:08:46.0319 4004 HomeGroupProvider - ok 18:08:46.0491 4004 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 18:08:46.0491 4004 hpqcxs08 - ok 18:08:46.0506 4004 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 18:08:46.0506 4004 hpqddsvc - ok 18:08:46.0615 4004 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys 18:08:46.0615 4004 HpSAMD - ok 18:08:46.0740 4004 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 18:08:46.0740 4004 HPSLPSVC - ok 18:08:46.0881 4004 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys 18:08:46.0881 4004 HTTP - ok 18:08:46.0974 4004 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys 18:08:46.0974 4004 hwpolicy - ok 18:08:47.0037 4004 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys 18:08:47.0037 4004 i8042prt - ok 18:08:47.0115 4004 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 18:08:47.0115 4004 IAANTMON - ok 18:08:47.0255 4004 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys 18:08:47.0255 4004 iaStor - ok 18:08:47.0302 4004 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys 18:08:47.0302 4004 iaStorV - ok 18:08:47.0427 4004 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:08:47.0442 4004 idsvc - ok 18:08:47.0723 4004 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\windows\system32\DRIVERS\igdkmd32.sys 18:08:47.0926 4004 igfx - ok 18:08:48.0035 4004 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 18:08:48.0035 4004 iirsp - ok 18:08:48.0097 4004 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll 18:08:48.0113 4004 IKEEXT - ok 18:08:48.0253 4004 IntcAzAudAddService (5ceef2cccb4fe00d3ffbfeb12bcfa07f) C:\windows\system32\drivers\RTKVHDA.sys 18:08:48.0285 4004 IntcAzAudAddService - ok 18:08:48.0394 4004 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys 18:08:48.0394 4004 intelide - ok 18:08:48.0441 4004 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 18:08:48.0441 4004 intelppm - ok 18:08:48.0534 4004 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 18:08:48.0534 4004 IPBusEnum - ok 18:08:48.0581 4004 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 18:08:48.0581 4004 IpFilterDriver - ok 18:08:48.0690 4004 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll 18:08:48.0690 4004 iphlpsvc - ok 18:08:48.0799 4004 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys 18:08:48.0799 4004 IPMIDRV - ok 18:08:48.0831 4004 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 18:08:48.0846 4004 IPNAT - ok 18:08:48.0940 4004 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe 18:08:48.0940 4004 iPod Service - ok 18:08:49.0049 4004 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 18:08:49.0049 4004 IRENUM - ok 18:08:49.0080 4004 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys 18:08:49.0080 4004 isapnp - ok 18:08:49.0143 4004 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys 18:08:49.0158 4004 iScsiPrt - ok 18:08:49.0221 4004 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys 18:08:49.0221 4004 kbdclass - ok 18:08:49.0283 4004 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys 18:08:49.0283 4004 kbdhid - ok 18:08:49.0314 4004 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:49.0314 4004 KeyIso - ok 18:08:49.0361 4004 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys 18:08:49.0361 4004 KSecDD - ok 18:08:49.0408 4004 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys 18:08:49.0408 4004 KSecPkg - ok 18:08:49.0439 4004 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 18:08:49.0439 4004 KtmRm - ok 18:08:49.0548 4004 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll 18:08:49.0548 4004 LanmanServer - ok 18:08:49.0626 4004 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll 18:08:49.0642 4004 LanmanWorkstation - ok 18:08:49.0798 4004 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 18:08:49.0907 4004 LiveUpdate - ok 18:08:50.0016 4004 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 18:08:50.0016 4004 lltdio - ok 18:08:50.0047 4004 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 18:08:50.0047 4004 lltdsvc - ok 18:08:50.0110 4004 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 18:08:50.0110 4004 lmhosts - ok 18:08:50.0172 4004 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 18:08:50.0172 4004 LSI_FC - ok 18:08:50.0266 4004 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 18:08:50.0266 4004 LSI_SAS - ok 18:08:50.0281 4004 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 18:08:50.0281 4004 LSI_SAS2 - ok 18:08:50.0297 4004 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 18:08:50.0297 4004 LSI_SCSI - ok 18:08:50.0422 4004 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 18:08:50.0422 4004 luafv - ok 18:08:50.0562 4004 lxeeCATSCustConnectService (a9d8d63c7378dd34e4e19036093a9264) C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe 18:08:50.0578 4004 lxeeCATSCustConnectService - ok 18:08:50.0687 4004 lxee_device - ok 18:08:50.0749 4004 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll 18:08:50.0749 4004 Mcx2Svc - ok 18:08:50.0812 4004 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 18:08:50.0812 4004 megasas - ok 18:08:50.0905 4004 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 18:08:50.0905 4004 MegaSR - ok 18:08:51.0030 4004 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 18:08:51.0030 4004 Microsoft Office Groove Audit Service - ok 18:08:51.0108 4004 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:08:51.0108 4004 MMCSS - ok 18:08:51.0155 4004 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 18:08:51.0155 4004 Modem - ok 18:08:51.0249 4004 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 18:08:51.0249 4004 monitor - ok 18:08:51.0295 4004 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys 18:08:51.0295 4004 mouclass - ok 18:08:51.0405 4004 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 18:08:51.0405 4004 mouhid - ok 18:08:51.0451 4004 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys 18:08:51.0451 4004 mountmgr - ok 18:08:51.0483 4004 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys 18:08:51.0498 4004 mpio - ok 18:08:51.0576 4004 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 18:08:51.0576 4004 mpsdrv - ok 18:08:51.0639 4004 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll 18:08:51.0639 4004 MpsSvc - ok 18:08:51.0732 4004 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys 18:08:51.0732 4004 MRxDAV - ok 18:08:51.0779 4004 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys 18:08:51.0779 4004 mrxsmb - ok 18:08:51.0857 4004 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys 18:08:51.0857 4004 mrxsmb10 - ok 18:08:51.0888 4004 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys 18:08:51.0904 4004 mrxsmb20 - ok 18:08:51.0935 4004 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys 18:08:51.0935 4004 msahci - ok 18:08:52.0029 4004 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys 18:08:52.0029 4004 msdsm - ok 18:08:52.0075 4004 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 18:08:52.0075 4004 MSDTC - ok 18:08:52.0169 4004 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 18:08:52.0169 4004 Msfs - ok 18:08:52.0200 4004 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 18:08:52.0200 4004 mshidkmdf - ok 18:08:52.0231 4004 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys 18:08:52.0231 4004 msisadrv - ok 18:08:52.0309 4004 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 18:08:52.0309 4004 MSiSCSI - ok 18:08:52.0325 4004 msiserver - ok 18:08:52.0356 4004 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 18:08:52.0356 4004 MSKSSRV - ok 18:08:52.0450 4004 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 18:08:52.0450 4004 MSPCLOCK - ok 18:08:52.0481 4004 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 18:08:52.0481 4004 MSPQM - ok 18:08:52.0512 4004 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 18:08:52.0512 4004 MsRPC - ok 18:08:52.0543 4004 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys 18:08:52.0543 4004 mssmbios - ok 18:08:52.0637 4004 MSSQL$MSSMLBIZ - ok 18:08:52.0684 4004 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 18:08:52.0699 4004 MSSQLServerADHelper - ok 18:08:52.0793 4004 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 18:08:52.0793 4004 MSTEE - ok 18:08:52.0824 4004 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 18:08:52.0824 4004 MTConfig - ok 18:08:52.0855 4004 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 18:08:52.0855 4004 Mup - ok 18:08:52.0933 4004 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll 18:08:52.0933 4004 napagent - ok 18:08:52.0996 4004 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 18:08:52.0996 4004 NativeWifiP - ok 18:08:53.0121 4004 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVENG.SYS 18:08:53.0121 4004 NAVENG - ok 18:08:53.0183 4004 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVEX15.SYS 18:08:53.0199 4004 NAVEX15 - ok 18:08:53.0308 4004 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys 18:08:53.0308 4004 NDIS - ok 18:08:53.0417 4004 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 18:08:53.0417 4004 NdisCap - ok 18:08:53.0448 4004 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 18:08:53.0448 4004 NdisTapi - ok 18:08:53.0495 4004 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys 18:08:53.0495 4004 Ndisuio - ok 18:08:53.0589 4004 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys 18:08:53.0589 4004 NdisWan - ok 18:08:53.0635 4004 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys 18:08:53.0635 4004 NDProxy - ok 18:08:53.0745 4004 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\windows\system32\HPZinw12.dll 18:08:53.0745 4004 Net Driver HPZ12 - ok 18:08:53.0791 4004 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 18:08:53.0791 4004 NetBIOS - ok 18:08:53.0901 4004 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys 18:08:53.0901 4004 NetBT - ok 18:08:53.0932 4004 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:53.0932 4004 Netlogon - ok 18:08:54.0010 4004 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 18:08:54.0010 4004 Netman - ok 18:08:54.0041 4004 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 18:08:54.0057 4004 netprofm - ok 18:08:54.0135 4004 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:08:54.0135 4004 NetTcpPortSharing - ok 18:08:54.0228 4004 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 18:08:54.0228 4004 nfrd960 - ok 18:08:54.0291 4004 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll 18:08:54.0291 4004 NlaSvc - ok 18:08:54.0353 4004 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 18:08:54.0353 4004 Npfs - ok 18:08:54.0400 4004 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 18:08:54.0415 4004 nsi - ok 18:08:54.0478 4004 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 18:08:54.0478 4004 nsiproxy - ok 18:08:54.0556 4004 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys 18:08:54.0571 4004 Ntfs - ok 18:08:54.0634 4004 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 18:08:54.0634 4004 Null - ok 18:08:54.0696 4004 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys 18:08:54.0696 4004 nvraid - ok 18:08:54.0759 4004 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys 18:08:54.0759 4004 nvstor - ok 18:08:54.0805 4004 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys 18:08:54.0821 4004 nv_agp - ok 18:08:54.0899 4004 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 18:08:54.0899 4004 OberonGameConsoleService - ok 18:08:54.0977 4004 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:08:54.0977 4004 odserv - ok 18:08:55.0086 4004 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys 18:08:55.0086 4004 ohci1394 - ok 18:08:55.0149 4004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:08:55.0149 4004 ose - ok 18:08:55.0242 4004 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:08:55.0242 4004 p2pimsvc - ok 18:08:55.0273 4004 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 18:08:55.0273 4004 p2psvc - ok 18:08:55.0351 4004 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 18:08:55.0351 4004 Parport - ok 18:08:55.0414 4004 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys 18:08:55.0414 4004 partmgr - ok 18:08:55.0476 4004 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 18:08:55.0476 4004 Parvdm - ok 18:08:55.0539 4004 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 18:08:55.0539 4004 PcaSvc - ok 18:08:55.0617 4004 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys 18:08:55.0617 4004 pci - ok 18:08:55.0663 4004 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys 18:08:55.0663 4004 pciide - ok 18:08:55.0741 4004 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 18:08:55.0741 4004 pcmcia - ok 18:08:55.0788 4004 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 18:08:55.0788 4004 pcw - ok 18:08:55.0866 4004 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 18:08:55.0882 4004 PEAUTH - ok 18:08:56.0007 4004 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll 18:08:56.0022 4004 pla - ok 18:08:56.0147 4004 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll 18:08:56.0147 4004 PlugPlay - ok 18:08:56.0209 4004 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\windows\system32\HPZipm12.dll 18:08:56.0209 4004 Pml Driver HPZ12 - ok 18:08:56.0287 4004 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 18:08:56.0287 4004 PNRPAutoReg - ok 18:08:56.0303 4004 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:08:56.0319 4004 PNRPsvc - ok 18:08:56.0350 4004 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll 18:08:56.0350 4004 PolicyAgent - ok 18:08:56.0443 4004 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll 18:08:56.0443 4004 Power - ok 18:08:56.0490 4004 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 18:08:56.0490 4004 PptpMiniport - ok 18:08:56.0584 4004 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 18:08:56.0584 4004 Processor - ok 18:08:56.0631 4004 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll 18:08:56.0631 4004 ProfSvc - ok 18:08:56.0724 4004 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:56.0724 4004 ProtectedStorage - ok 18:08:56.0771 4004 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 18:08:56.0771 4004 Psched - ok 18:08:56.0833 4004 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 18:08:56.0865 4004 ql2300 - ok 18:08:56.0943 4004 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 18:08:56.0943 4004 ql40xx - ok 18:08:56.0974 4004 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 18:08:56.0974 4004 QWAVE - ok 18:08:57.0067 4004 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 18:08:57.0067 4004 QWAVEdrv - ok 18:08:57.0083 4004 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 18:08:57.0083 4004 RasAcd - ok 18:08:57.0130 4004 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 18:08:57.0130 4004 RasAgileVpn - ok 18:08:57.0192 4004 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 18:08:57.0192 4004 RasAuto - ok 18:08:57.0255 4004 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 18:08:57.0255 4004 Rasl2tp - ok 18:08:57.0348 4004 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll 18:08:57.0348 4004 RasMan - ok 18:08:57.0395 4004 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 18:08:57.0395 4004 RasPppoe - ok 18:08:57.0473 4004 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 18:08:57.0473 4004 RasSstp - ok 18:08:57.0535 4004 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys 18:08:57.0535 4004 rdbss - ok 18:08:57.0567 4004 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 18:08:57.0567 4004 rdpbus - ok 18:08:57.0676 4004 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys 18:08:57.0676 4004 RDPCDD - ok 18:08:57.0723 4004 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 18:08:57.0723 4004 RDPENCDD - ok 18:08:57.0785 4004 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 18:08:57.0785 4004 RDPREFMP - ok 18:08:57.0847 4004 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys 18:08:57.0863 4004 RDPWD - ok 18:08:57.0957 4004 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys 18:08:57.0957 4004 rdyboost - ok 18:08:58.0003 4004 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 18:08:58.0003 4004 RemoteAccess - ok 18:08:58.0066 4004 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 18:08:58.0066 4004 RemoteRegistry - ok 18:08:58.0097 4004 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 18:08:58.0097 4004 RpcEptMapper - ok 18:08:58.0128 4004 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 18:08:58.0128 4004 RpcLocator - ok 18:08:58.0206 4004 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:08:58.0206 4004 RpcSs - ok 18:08:58.0253 4004 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 18:08:58.0253 4004 rspndr - ok 18:08:58.0347 4004 RTL8167 (6465166dd9b2f841dabad16abdadbe98) C:\windows\system32\DRIVERS\Rt86win7.sys 18:08:58.0347 4004 RTL8167 - ok 18:08:58.0409 4004 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys 18:08:58.0409 4004 SABI - ok 18:08:58.0471 4004 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:08:58.0471 4004 SamSs - ok 18:08:58.0549 4004 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys 18:08:58.0549 4004 sbp2port - ok 18:08:58.0581 4004 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 18:08:58.0581 4004 SCardSvr - ok 18:08:58.0674 4004 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys 18:08:58.0674 4004 scfilter - ok 18:08:58.0737 4004 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll 18:08:58.0737 4004 Schedule - ok 18:08:58.0846 4004 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:08:58.0846 4004 SCPolicySvc - ok 18:08:58.0877 4004 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll 18:08:58.0877 4004 SDRSVC - ok 18:08:58.0939 4004 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 18:08:58.0939 4004 secdrv - ok 18:08:59.0002 4004 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 18:08:59.0017 4004 seclogon - ok 18:08:59.0049 4004 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 18:08:59.0049 4004 SENS - ok 18:08:59.0111 4004 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll 18:08:59.0127 4004 SensrSvc - ok 18:08:59.0189 4004 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 18:08:59.0189 4004 Serenum - ok 18:08:59.0283 4004 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 18:08:59.0283 4004 Serial - ok 18:08:59.0329 4004 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 18:08:59.0329 4004 sermouse - ok 18:08:59.0376 4004 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll 18:08:59.0376 4004 SessionEnv - ok 18:08:59.0470 4004 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys 18:08:59.0470 4004 sffdisk - ok 18:08:59.0485 4004 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys 18:08:59.0485 4004 sffp_mmc - ok 18:08:59.0517 4004 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys 18:08:59.0517 4004 sffp_sd - ok 18:08:59.0532 4004 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 18:08:59.0532 4004 sfloppy - ok 18:08:59.0626 4004 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 18:08:59.0641 4004 SharedAccess - ok 18:08:59.0688 4004 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll 18:08:59.0688 4004 ShellHWDetection - ok 18:08:59.0782 4004 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys 18:08:59.0782 4004 sisagp - ok 18:08:59.0829 4004 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 18:08:59.0829 4004 SiSRaid2 - ok 18:08:59.0891 4004 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 18:08:59.0891 4004 SiSRaid4 - ok 18:08:59.0922 4004 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 18:08:59.0922 4004 Smb - ok 18:09:00.0047 4004 SmcService (a58c1a086d9c09c6572c948f22cc0e94) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 18:09:00.0078 4004 SmcService - ok 18:09:00.0156 4004 SNAC (d2c222441255131e29de351475f98f6d) C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE 18:09:00.0172 4004 SNAC - ok 18:09:00.0265 4004 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 18:09:00.0265 4004 SNMPTRAP - ok 18:09:00.0375 4004 SPBBCDrv (e621bb5839cf45fa477f48092edd2b40) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 18:09:00.0375 4004 SPBBCDrv - ok 18:09:00.0484 4004 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 18:09:00.0484 4004 spldr - ok 18:09:00.0515 4004 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe 18:09:00.0531 4004 Spooler - ok 18:09:00.0640 4004 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe 18:09:00.0718 4004 sppsvc - ok 18:09:00.0796 4004 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll 18:09:00.0796 4004 sppuinotify - ok 18:09:00.0889 4004 SpyHunter 4 Service (63f2b52947577dbb075fe646bc758a2f) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 18:09:00.0889 4004 SpyHunter 4 Service - ok 18:09:00.0952 4004 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 18:09:00.0952 4004 SQLBrowser - ok 18:09:01.0014 4004 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 18:09:01.0014 4004 SQLWriter - ok 18:09:01.0092 4004 SRTSP (2abf82c8452ab0b9ffc74a2d5da91989) C:\windows\system32\Drivers\SRTSP.SYS 18:09:01.0092 4004 SRTSP - ok 18:09:01.0139 4004 SRTSPL (e2f9e5887bea5bd8784d337e06eda31b) C:\windows\system32\Drivers\SRTSPL.SYS 18:09:01.0139 4004 SRTSPL - ok 18:09:01.0233 4004 SRTSPX (3b974c158fabd910186f98df8d3e23f3) C:\windows\system32\Drivers\SRTSPX.SYS 18:09:01.0233 4004 SRTSPX - ok 18:09:01.0264 4004 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys 18:09:01.0279 4004 srv - ok 18:09:01.0373 4004 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys 18:09:01.0373 4004 srv2 - ok 18:09:01.0389 4004 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys 18:09:01.0404 4004 srvnet - ok 18:09:01.0467 4004 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 18:09:01.0467 4004 SSDPSRV - ok 18:09:01.0482 4004 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 18:09:01.0498 4004 SstpSvc - ok 18:09:01.0529 4004 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 18:09:01.0529 4004 stexstor - ok 18:09:01.0607 4004 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll 18:09:01.0623 4004 StiSvc - ok 18:09:01.0732 4004 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys 18:09:01.0732 4004 swenum - ok 18:09:01.0763 4004 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 18:09:01.0763 4004 swprv - ok 18:09:01.0888 4004 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 18:09:01.0903 4004 Symantec AntiVirus - ok 18:09:02.0044 4004 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS 18:09:02.0044 4004 SymEvent - ok 18:09:02.0091 4004 SYMREDRV (394b2368212114d538316812af60fddd) C:\windows\System32\Drivers\SYMREDRV.SYS 18:09:02.0091 4004 SYMREDRV - ok 18:09:02.0184 4004 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\windows\System32\Drivers\SYMTDI.SYS 18:09:02.0184 4004 SYMTDI - ok 18:09:02.0231 4004 SynTP (7a9025d8f7852b06d6d08ed536135e7e) C:\windows\system32\DRIVERS\SynTP.sys 18:09:02.0231 4004 SynTP - ok 18:09:02.0340 4004 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll 18:09:02.0356 4004 SysMain - ok 18:09:02.0449 4004 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll 18:09:02.0449 4004 TabletInputService - ok 18:09:02.0496 4004 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll 18:09:02.0512 4004 TapiSrv - ok 18:09:02.0574 4004 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 18:09:02.0574 4004 TBS - ok 18:09:02.0652 4004 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys 18:09:02.0668 4004 Tcpip - ok 18:09:02.0793 4004 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys 18:09:02.0808 4004 TCPIP6 - ok 18:09:02.0917 4004 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys 18:09:02.0917 4004 tcpipreg - ok 18:09:02.0949 4004 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys 18:09:02.0949 4004 TDPIPE - ok 18:09:02.0995 4004 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys 18:09:02.0995 4004 TDTCP - ok 18:09:03.0105 4004 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys 18:09:03.0105 4004 tdx - ok 18:09:03.0229 4004 TeamViewer6 (839e88db24d2d8f05b72e12b175951ca) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe 18:09:03.0292 4004 TeamViewer6 - ok 18:09:03.0401 4004 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys 18:09:03.0401 4004 TermDD - ok 18:09:03.0432 4004 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll 18:09:03.0448 4004 TermService - ok 18:09:03.0526 4004 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 18:09:03.0526 4004 Themes - ok 18:09:03.0557 4004 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:09:03.0557 4004 THREADORDER - ok 18:09:03.0604 4004 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 18:09:03.0604 4004 TrkWks - ok 18:09:03.0651 4004 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe 18:09:03.0651 4004 TrustedInstaller - ok 18:09:03.0729 4004 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys 18:09:03.0729 4004 tssecsrv - ok 18:09:03.0822 4004 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys 18:09:03.0822 4004 TsUsbFlt - ok 18:09:03.0916 4004 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys 18:09:03.0916 4004 tunnel - ok 18:09:03.0978 4004 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 18:09:03.0978 4004 uagp35 - ok 18:09:04.0009 4004 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys 18:09:04.0009 4004 udfs - ok 18:09:04.0072 4004 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 18:09:04.0072 4004 UI0Detect - ok 18:09:04.0150 4004 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys 18:09:04.0150 4004 uliagpkx - ok 18:09:04.0243 4004 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys 18:09:04.0243 4004 umbus - ok 18:09:04.0275 4004 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 18:09:04.0275 4004 UmPass - ok 18:09:04.0321 4004 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 18:09:04.0321 4004 upnphost - ok 18:09:04.0399 4004 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys 18:09:04.0399 4004 USBAAPL - ok 18:09:04.0462 4004 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys 18:09:04.0462 4004 usbccgp - ok 18:09:04.0509 4004 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys 18:09:04.0509 4004 usbcir - ok 18:09:04.0587 4004 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys 18:09:04.0587 4004 usbehci - ok 18:09:04.0649 4004 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys 18:09:04.0649 4004 usbhub - ok 18:09:04.0727 4004 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys 18:09:04.0727 4004 usbohci - ok 18:09:04.0774 4004 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 18:09:04.0774 4004 usbprint - ok 18:09:04.0852 4004 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 18:09:04.0852 4004 usbscan - ok 18:09:04.0914 4004 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\drivers\USBSTOR.SYS 18:09:04.0914 4004 USBSTOR - ok 18:09:04.0992 4004 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys 18:09:04.0992 4004 usbuhci - ok 18:09:05.0070 4004 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys 18:09:05.0070 4004 usbvideo - ok 18:09:05.0101 4004 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 18:09:05.0101 4004 UxSms - ok 18:09:05.0164 4004 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:09:05.0164 4004 VaultSvc - ok 18:09:05.0226 4004 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys 18:09:05.0226 4004 vdrvroot - ok 18:09:05.0289 4004 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe 18:09:05.0289 4004 vds - ok 18:09:05.0398 4004 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 18:09:05.0398 4004 vga - ok 18:09:05.0413 4004 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 18:09:05.0413 4004 VgaSave - ok 18:09:05.0445 4004 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys 18:09:05.0460 4004 vhdmp - ok 18:09:05.0554 4004 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys 18:09:05.0569 4004 viaagp - ok 18:09:05.0585 4004 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 18:09:05.0585 4004 ViaC7 - ok 18:09:05.0710 4004 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys 18:09:05.0710 4004 viaide - ok 18:09:05.0741 4004 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys 18:09:05.0757 4004 volmgr - ok 18:09:05.0835 4004 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 18:09:05.0850 4004 volmgrx - ok 18:09:05.0897 4004 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys 18:09:05.0897 4004 volsnap - ok 18:09:05.0991 4004 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 18:09:05.0991 4004 vsmraid - ok 18:09:06.0053 4004 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe 18:09:06.0069 4004 VSS - ok 18:09:06.0162 4004 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 18:09:06.0162 4004 vwifibus - ok 18:09:06.0193 4004 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 18:09:06.0193 4004 vwififlt - ok 18:09:06.0256 4004 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 18:09:06.0256 4004 vwifimp - ok 18:09:06.0318 4004 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 18:09:06.0318 4004 W32Time - ok 18:09:06.0365 4004 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 18:09:06.0381 4004 WacomPen - ok 18:09:06.0474 4004 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:09:06.0474 4004 WANARP - ok 18:09:06.0474 4004 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:09:06.0474 4004 Wanarpv6 - ok 18:09:06.0568 4004 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe 18:09:06.0583 4004 WatAdminSvc - ok 18:09:06.0677 4004 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe 18:09:06.0693 4004 wbengine - ok 18:09:06.0771 4004 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 18:09:06.0771 4004 WbioSrvc - ok 18:09:06.0833 4004 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll 18:09:06.0833 4004 wcncsvc - ok 18:09:06.0880 4004 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 18:09:06.0880 4004 WcsPlugInService - ok 18:09:06.0942 4004 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 18:09:06.0942 4004 Wd - ok 18:09:06.0958 4004 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 18:09:06.0973 4004 Wdf01000 - ok 18:09:07.0036 4004 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:09:07.0036 4004 WdiServiceHost - ok 18:09:07.0036 4004 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:09:07.0051 4004 WdiSystemHost - ok 18:09:07.0083 4004 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll 18:09:07.0083 4004 WebClient - ok 18:09:07.0129 4004 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 18:09:07.0145 4004 Wecsvc - ok 18:09:07.0176 4004 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 18:09:07.0176 4004 wercplsupport - ok 18:09:07.0223 4004 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 18:09:07.0223 4004 WerSvc - ok 18:09:07.0285 4004 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 18:09:07.0285 4004 WfpLwf - ok 18:09:07.0332 4004 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 18:09:07.0332 4004 WIMMount - ok 18:09:07.0395 4004 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 18:09:07.0395 4004 WinDefend - ok 18:09:07.0395 4004 WinHttpAutoProxySvc - ok 18:09:07.0519 4004 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 18:09:07.0519 4004 Winmgmt - ok 18:09:07.0629 4004 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll 18:09:07.0644 4004 WinRM - ok 18:09:07.0769 4004 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys 18:09:07.0769 4004 WinUsb - ok 18:09:07.0800 4004 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 18:09:07.0816 4004 Wlansvc - ok 18:09:07.0925 4004 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:09:07.0941 4004 wlidsvc - ok 18:09:08.0065 4004 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys 18:09:08.0065 4004 WmiAcpi - ok 18:09:08.0128 4004 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 18:09:08.0128 4004 wmiApSrv - ok 18:09:08.0221 4004 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 18:09:08.0237 4004 WMPNetworkSvc - ok 18:09:08.0315 4004 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 18:09:08.0315 4004 WPCSvc - ok 18:09:08.0362 4004 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll 18:09:08.0362 4004 WPDBusEnum - ok 18:09:08.0424 4004 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 18:09:08.0440 4004 ws2ifsl - ok 18:09:08.0487 4004 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll 18:09:08.0487 4004 wscsvc - ok 18:09:08.0533 4004 WSearch - ok 18:09:08.0611 4004 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll 18:09:08.0627 4004 wuauserv - ok 18:09:08.0736 4004 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys 18:09:08.0736 4004 WudfPf - ok 18:09:08.0767 4004 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys 18:09:08.0767 4004 WUDFRd - ok 18:09:08.0877 4004 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll 18:09:08.0877 4004 wudfsvc - ok 18:09:08.0908 4004 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 18:09:08.0908 4004 WwanSvc - ok 18:09:08.0955 4004 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0 18:09:09.0126 4004 \Device\Harddisk0\DR0 - ok 18:09:09.0142 4004 Boot (0x1200) (5fb009d8d1bbe104d22d071977f32a2a) \Device\Harddisk0\DR0\Partition0 18:09:09.0142 4004 \Device\Harddisk0\DR0\Partition0 - ok 18:09:09.0157 4004 Boot (0x1200) (d5688b55e165a627667567455a328efc) \Device\Harddisk0\DR0\Partition1 18:09:09.0157 4004 \Device\Harddisk0\DR0\Partition1 - ok 18:09:09.0189 4004 Boot (0x1200) (78ee0a60b0242cd51c89824323794145) \Device\Harddisk0\DR0\Partition2 18:09:09.0189 4004 \Device\Harddisk0\DR0\Partition2 - ok 18:09:09.0189 4004 ============================================================ 18:09:09.0189 4004 Scan finished 18:09:09.0189 4004 ============================================================ 18:09:09.0189 3996 Detected object count: 0 18:09:09.0189 3996 Actual detected object count: 0 18:16:31.0723 1700 ============================================================ 18:16:31.0723 1700 Scan started 18:16:31.0723 1700 Mode: Manual; SigCheck; TDLFS; 18:16:31.0723 1700 ============================================================ 18:16:31.0933 1700 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys 18:16:32.0033 1700 1394ohci - ok 18:16:32.0073 1700 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys 18:16:32.0083 1700 ACPI - ok 18:16:32.0203 1700 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys 18:16:32.0243 1700 AcpiPmi - ok 18:16:32.0373 1700 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:16:32.0393 1700 AdobeFlashPlayerUpdateSvc - ok 18:16:32.0453 1700 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 18:16:32.0473 1700 adp94xx - ok 18:16:32.0563 1700 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 18:16:32.0573 1700 adpahci - ok 18:16:32.0583 1700 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 18:16:32.0603 1700 adpu320 - ok 18:16:32.0633 1700 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 18:16:32.0683 1700 AeLookupSvc - ok 18:16:32.0783 1700 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys 18:16:32.0853 1700 AFD - ok 18:16:32.0953 1700 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys 18:16:32.0963 1700 agp440 - ok 18:16:33.0023 1700 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 18:16:33.0033 1700 aic78xx - ok 18:16:33.0133 1700 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 18:16:33.0173 1700 ALG - ok 18:16:33.0243 1700 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys 18:16:33.0253 1700 aliide - ok 18:16:33.0373 1700 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys 18:16:33.0393 1700 amdagp - ok 18:16:33.0393 1700 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys 18:16:33.0403 1700 amdide - ok 18:16:33.0433 1700 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 18:16:33.0473 1700 AmdK8 - ok 18:16:33.0563 1700 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 18:16:33.0593 1700 AmdPPM - ok 18:16:33.0623 1700 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys 18:16:33.0633 1700 amdsata - ok 18:16:33.0723 1700 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 18:16:33.0733 1700 amdsbs - ok 18:16:33.0773 1700 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys 18:16:33.0783 1700 amdxata - ok 18:16:33.0813 1700 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys 18:16:33.0943 1700 AppID - ok 18:16:34.0033 1700 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 18:16:34.0073 1700 AppIDSvc - ok 18:16:34.0113 1700 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll 18:16:34.0163 1700 Appinfo - ok 18:16:34.0253 1700 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:16:34.0263 1700 Apple Mobile Device - ok 18:16:34.0353 1700 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 18:16:34.0363 1700 arc - ok 18:16:34.0393 1700 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 18:16:34.0413 1700 arcsas - ok 18:16:34.0423 1700 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 18:16:34.0523 1700 AsyncMac - ok 18:16:34.0623 1700 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys 18:16:34.0643 1700 atapi - ok 18:16:34.0683 1700 athr (de0fbcccd6af0f0e7bf12e8d041cc48f) C:\windows\system32\DRIVERS\athr.sys 18:16:34.0723 1700 athr - ok 18:16:34.0813 1700 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:16:34.0853 1700 AudioEndpointBuilder - ok 18:16:34.0873 1700 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 18:16:34.0903 1700 Audiosrv - ok 18:16:34.0993 1700 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll 18:16:35.0053 1700 AxInstSV - ok 18:16:35.0153 1700 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 18:16:35.0183 1700 b06bdrv - ok 18:16:35.0273 1700 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 18:16:35.0313 1700 b57nd60x - ok 18:16:35.0373 1700 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 18:16:35.0383 1700 BcmSqlStartupSvc - ok 18:16:35.0473 1700 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 18:16:35.0513 1700 BDESVC - ok 18:16:35.0593 1700 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 18:16:35.0633 1700 Beep - ok 18:16:35.0683 1700 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll 18:16:35.0733 1700 BFE - ok 18:16:35.0833 1700 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll 18:16:35.0873 1700 BITS - ok 18:16:35.0953 1700 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 18:16:35.0963 1700 blbdrive - ok 18:16:36.0033 1700 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 18:16:36.0043 1700 Bonjour Service - ok 18:16:36.0153 1700 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys 18:16:36.0183 1700 bowser - ok 18:16:36.0203 1700 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 18:16:36.0233 1700 BrFiltLo - ok 18:16:36.0323 1700 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 18:16:36.0363 1700 BrFiltUp - ok 18:16:36.0393 1700 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll 18:16:36.0443 1700 Browser - ok 18:16:36.0533 1700 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 18:16:36.0563 1700 Brserid - ok 18:16:36.0573 1700 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 18:16:36.0603 1700 BrSerWdm - ok 18:16:36.0679 1700 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 18:16:36.0710 1700 BrUsbMdm - ok 18:16:36.0725 1700 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 18:16:36.0757 1700 BrUsbSer - ok 18:16:36.0835 1700 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 18:16:36.0866 1700 BTHMODEM - ok 18:16:36.0897 1700 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 18:16:36.0944 1700 bthserv - ok 18:16:37.0022 1700 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:16:37.0022 1700 ccEvtMgr - ok 18:16:37.0037 1700 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 18:16:37.0037 1700 ccSetMgr - ok 18:16:37.0131 1700 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 18:16:37.0162 1700 cdfs - ok 18:16:37.0193 1700 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys 18:16:37.0225 1700 cdrom - ok 18:16:37.0318 1700 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:16:37.0349 1700 CertPropSvc - ok 18:16:37.0381 1700 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 18:16:37.0412 1700 circlass - ok 18:16:37.0474 1700 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 18:16:37.0490 1700 CLFS - ok 18:16:37.0552 1700 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:16:37.0568 1700 clr_optimization_v2.0.50727_32 - ok 18:16:37.0615 1700 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:16:37.0630 1700 clr_optimization_v4.0.30319_32 - ok 18:16:37.0693 1700 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 18:16:37.0724 1700 CmBatt - ok 18:16:37.0786 1700 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys 18:16:37.0802 1700 cmdide - ok 18:16:37.0880 1700 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys 18:16:37.0895 1700 CNG - ok 18:16:37.0942 1700 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 18:16:37.0958 1700 Compbatt - ok 18:16:38.0005 1700 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys 18:16:38.0020 1700 CompositeBus - ok 18:16:38.0051 1700 COMSysApp - ok 18:16:38.0129 1700 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 18:16:38.0129 1700 crcdisk - ok 18:16:38.0192 1700 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll 18:16:38.0223 1700 CryptSvc - ok 18:16:38.0332 1700 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys 18:16:38.0348 1700 ctxusbm - ok 18:16:38.0410 1700 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:16:38.0457 1700 DcomLaunch - ok 18:16:38.0535 1700 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 18:16:38.0582 1700 defragsvc - ok 18:16:38.0644 1700 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys 18:16:38.0675 1700 DfsC - ok 18:16:38.0769 1700 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll 18:16:38.0800 1700 Dhcp - ok 18:16:38.0831 1700 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 18:16:38.0863 1700 discache - ok 18:16:38.0956 1700 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 18:16:38.0972 1700 Disk - ok 18:16:39.0003 1700 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll 18:16:39.0050 1700 Dnscache - ok 18:16:39.0128 1700 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll 18:16:39.0175 1700 dot3svc - ok 18:16:39.0221 1700 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys 18:16:39.0253 1700 Dot4 - ok 18:16:39.0362 1700 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\windows\system32\drivers\Dot4Prt.sys 18:16:39.0362 1700 Dot4Print - ok 18:16:39.0409 1700 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys 18:16:39.0424 1700 dot4usb - ok 18:16:39.0518 1700 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll 18:16:39.0580 1700 DPS - ok 18:16:39.0611 1700 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 18:16:39.0627 1700 drmkaud - ok 18:16:39.0736 1700 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys 18:16:39.0767 1700 DXGKrnl - ok 18:16:39.0861 1700 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 18:16:39.0892 1700 EapHost - ok 18:16:40.0001 1700 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 18:16:40.0064 1700 ebdrv - ok 18:16:40.0142 1700 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 18:16:40.0158 1700 eeCtrl - ok 18:16:40.0236 1700 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe 18:16:40.0267 1700 EFS - ok 18:16:40.0345 1700 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe 18:16:40.0376 1700 ehRecvr - ok 18:16:40.0438 1700 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe 18:16:40.0470 1700 ehSched - ok 18:16:40.0548 1700 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 18:16:40.0563 1700 elxstor - ok 18:16:40.0641 1700 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:16:40.0641 1700 EraserUtilRebootDrv - ok 18:16:40.0750 1700 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys 18:16:40.0766 1700 ErrDev - ok 18:16:40.0797 1700 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 18:16:40.0828 1700 EventSystem - ok 18:16:40.0922 1700 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 18:16:40.0969 1700 exfat - ok 18:16:41.0000 1700 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 18:16:41.0031 1700 fastfat - ok 18:16:41.0109 1700 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe 18:16:41.0156 1700 Fax - ok 18:16:41.0234 1700 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 18:16:41.0265 1700 fdc - ok 18:16:41.0281 1700 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 18:16:41.0328 1700 fdPHost - ok 18:16:41.0406 1700 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 18:16:41.0452 1700 FDResPub - ok 18:16:41.0484 1700 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 18:16:41.0499 1700 FileInfo - ok 18:16:41.0608 1700 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 18:16:41.0640 1700 Filetrace - ok 18:16:41.0733 1700 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 18:16:41.0764 1700 flpydisk - ok 18:16:41.0796 1700 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 18:16:41.0796 1700 FltMgr - ok 18:16:41.0905 1700 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll 18:16:41.0936 1700 FontCache - ok 18:16:42.0030 1700 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:16:42.0045 1700 FontCache3.0.0.0 - ok 18:16:42.0123 1700 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 18:16:42.0123 1700 FsDepends - ok 18:16:42.0186 1700 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\windows\system32\DRIVERS\fssfltr.sys 18:16:42.0186 1700 fssfltr - ok 18:16:42.0310 1700 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 18:16:42.0342 1700 fsssvc - ok 18:16:42.0451 1700 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys 18:16:42.0451 1700 Fs_Rec - ok 18:16:42.0498 1700 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys 18:16:42.0513 1700 fvevol - ok 18:16:42.0544 1700 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 18:16:42.0544 1700 gagp30kx - ok 18:16:42.0654 1700 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 18:16:42.0654 1700 GEARAspiWDM - ok 18:16:42.0700 1700 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll 18:16:42.0747 1700 gpsvc - ok 18:16:42.0825 1700 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:16:42.0841 1700 gupdate - ok 18:16:42.0841 1700 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 18:16:42.0856 1700 gupdatem - ok 18:16:42.0888 1700 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 18:16:42.0903 1700 gusvc - ok 18:16:43.0028 1700 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 18:16:43.0044 1700 hcw85cir - ok 18:16:43.0090 1700 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys 18:16:43.0122 1700 HdAudAddService - ok 18:16:43.0231 1700 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys 18:16:43.0246 1700 HDAudBus - ok 18:16:43.0278 1700 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 18:16:43.0293 1700 HidBatt - ok 18:16:43.0459 1700 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 18:16:43.0484 1700 HidBth - ok 18:16:43.0587 1700 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 18:16:43.0599 1700 HidIr - ok 18:16:43.0624 1700 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 18:16:43.0664 1700 hidserv - ok 18:16:43.0877 1700 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys 18:16:43.0897 1700 HidUsb - ok 18:16:44.0007 1700 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll 18:16:44.0062 1700 hkmsvc - ok 18:16:44.0149 1700 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll 18:16:44.0184 1700 HomeGroupListener - ok 18:16:44.0227 1700 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll 18:16:44.0264 1700 HomeGroupProvider - ok 18:16:44.0382 1700 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 18:16:44.0402 1700 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 18:16:44.0402 1700 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 18:16:44.0422 1700 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 18:16:44.0429 1700 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 18:16:44.0429 1700 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 18:16:44.0537 1700 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys 18:16:44.0552 1700 HpSAMD - ok 18:16:44.0672 1700 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 18:16:44.0689 1700 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 18:16:44.0689 1700 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 18:16:44.0902 1700 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys 18:16:44.0932 1700 HTTP - ok 18:16:45.0037 1700 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys 18:16:45.0049 1700 hwpolicy - ok 18:16:45.0084 1700 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys 18:16:45.0112 1700 i8042prt - ok 18:16:45.0164 1700 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 18:16:45.0182 1700 IAANTMON - ok 18:16:45.0292 1700 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys 18:16:45.0309 1700 iaStor - ok 18:16:45.0439 1700 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys 18:16:45.0457 1700 iaStorV - ok 18:16:45.0564 1700 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:16:45.0584 1700 idsvc - ok 18:16:45.0874 1700 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\windows\system32\DRIVERS\igdkmd32.sys 18:16:46.0029 1700 igfx - ok 18:16:46.0170 1700 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 18:16:46.0170 1700 iirsp - ok 18:16:46.0279 1700 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll 18:16:46.0333 1700 IKEEXT - ok 18:16:46.0506 1700 IntcAzAudAddService (5ceef2cccb4fe00d3ffbfeb12bcfa07f) C:\windows\system32\drivers\RTKVHDA.sys 18:16:46.0556 1700 IntcAzAudAddService - ok 18:16:46.0663 1700 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys 18:16:46.0676 1700 intelide - ok 18:16:46.0716 1700 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 18:16:46.0723 1700 intelppm - ok 18:16:46.0817 1700 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 18:16:46.0848 1700 IPBusEnum - ok 18:16:46.0957 1700 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 18:16:47.0004 1700 IpFilterDriver - ok 18:16:47.0097 1700 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll 18:16:47.0129 1700 iphlpsvc - ok 18:16:47.0269 1700 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys 18:16:47.0300 1700 IPMIDRV - ok 18:16:47.0363 1700 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 18:16:47.0394 1700 IPNAT - ok 18:16:47.0550 1700 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe 18:16:47.0581 1700 iPod Service - ok 18:16:47.0675 1700 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 18:16:47.0690 1700 IRENUM - ok 18:16:47.0721 1700 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys 18:16:47.0737 1700 isapnp - ok 18:16:47.0862 1700 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys 18:16:47.0893 1700 iScsiPrt - ok 18:16:48.0130 1700 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys 18:16:48.0142 1700 kbdclass - ok 18:16:48.0382 1700 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys 18:16:48.0455 1700 kbdhid - ok 18:16:48.0557 1700 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:16:48.0572 1700 KeyIso - ok 18:16:48.0600 1700 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys 18:16:48.0615 1700 KSecDD - ok 18:16:48.0615 1700 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys 18:16:48.0631 1700 KSecPkg - ok 18:16:48.0678 1700 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 18:16:48.0709 1700 KtmRm - ok 18:16:48.0787 1700 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll 18:16:48.0818 1700 LanmanServer - ok 18:16:48.0865 1700 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll 18:16:48.0912 1700 LanmanWorkstation - ok 18:16:49.0036 1700 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 18:16:49.0083 1700 LiveUpdate - ok 18:16:49.0192 1700 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 18:16:49.0224 1700 lltdio - ok 18:16:49.0270 1700 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 18:16:49.0317 1700 lltdsvc - ok 18:16:49.0380 1700 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 18:16:49.0426 1700 lmhosts - ok 18:16:49.0473 1700 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 18:16:49.0489 1700 LSI_FC - ok 18:16:49.0614 1700 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 18:16:49.0614 1700 LSI_SAS - ok 18:16:49.0645 1700 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 18:16:49.0686 1700 LSI_SAS2 - ok 18:16:49.0791 1700 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 18:16:49.0808 1700 LSI_SCSI - ok 18:16:49.0836 1700 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 18:16:49.0878 1700 luafv - ok 18:16:50.0016 1700 lxeeCATSCustConnectService (a9d8d63c7378dd34e4e19036093a9264) C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe 18:16:50.0028 1700 lxeeCATSCustConnectService - ok 18:16:50.0093 1700 lxee_device - ok 18:16:50.0140 1700 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll 18:16:50.0140 1700 Mcx2Svc - ok 18:16:50.0202 1700 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 18:16:50.0218 1700 megasas - ok 18:16:50.0264 1700 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 18:16:50.0280 1700 MegaSR - ok 18:16:50.0358 1700 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 18:16:50.0374 1700 Microsoft Office Groove Audit Service - ok 18:16:50.0452 1700 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:16:50.0498 1700 MMCSS - ok 18:16:50.0530 1700 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 18:16:50.0561 1700 Modem - ok 18:16:50.0654 1700 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 18:16:50.0686 1700 monitor - ok 18:16:50.0717 1700 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys 18:16:50.0717 1700 mouclass - ok 18:16:50.0810 1700 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 18:16:50.0826 1700 mouhid - ok 18:16:50.0857 1700 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys 18:16:50.0873 1700 mountmgr - ok 18:16:50.0982 1700 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys 18:16:50.0982 1700 mpio - ok 18:16:51.0013 1700 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 18:16:51.0044 1700 mpsdrv - ok 18:16:51.0138 1700 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll 18:16:51.0185 1700 MpsSvc - ok 18:16:51.0294 1700 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys 18:16:51.0325 1700 MRxDAV - ok 18:16:51.0356 1700 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys 18:16:51.0388 1700 mrxsmb - ok 18:16:51.0497 1700 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys 18:16:51.0512 1700 mrxsmb10 - ok 18:16:51.0544 1700 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys 18:16:51.0575 1700 mrxsmb20 - ok 18:16:51.0668 1700 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys 18:16:51.0684 1700 msahci - ok 18:16:51.0715 1700 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys 18:16:51.0731 1700 msdsm - ok 18:16:51.0762 1700 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 18:16:51.0762 1700 MSDTC - ok 18:16:51.0871 1700 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 18:16:51.0887 1700 Msfs - ok 18:16:51.0902 1700 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 18:16:51.0934 1700 mshidkmdf - ok 18:16:51.0965 1700 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys 18:16:51.0980 1700 msisadrv - ok 18:16:52.0043 1700 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 18:16:52.0074 1700 MSiSCSI - ok 18:16:52.0074 1700 msiserver - ok 18:16:52.0121 1700 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 18:16:52.0152 1700 MSKSSRV - ok 18:16:52.0230 1700 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 18:16:52.0261 1700 MSPCLOCK - ok 18:16:52.0277 1700 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 18:16:52.0308 1700 MSPQM - ok 18:16:52.0433 1700 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 18:16:52.0448 1700 MsRPC - ok 18:16:52.0495 1700 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys 18:16:52.0511 1700 mssmbios - ok 18:16:52.0604 1700 MSSQL$MSSMLBIZ - ok 18:16:52.0651 1700 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 18:16:52.0651 1700 MSSQLServerADHelper - ok 18:16:52.0745 1700 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 18:16:52.0760 1700 MSTEE - ok 18:16:52.0807 1700 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 18:16:52.0807 1700 MTConfig - ok 18:16:52.0838 1700 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 18:16:52.0854 1700 Mup - ok 18:16:52.0932 1700 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll 18:16:52.0994 1700 napagent - ok 18:16:53.0041 1700 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 18:16:53.0088 1700 NativeWifiP - ok 18:16:53.0213 1700 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVENG.SYS 18:16:53.0228 1700 NAVENG - ok 18:16:53.0291 1700 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120412.032\NAVEX15.SYS 18:16:53.0322 1700 NAVEX15 - ok 18:16:53.0431 1700 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys 18:16:53.0447 1700 NDIS - ok 18:16:53.0540 1700 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 18:16:53.0572 1700 NdisCap - ok 18:16:53.0572 1700 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 18:16:53.0618 1700 NdisTapi - ok 18:16:53.0665 1700 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys 18:16:53.0712 1700 Ndisuio - ok 18:16:53.0790 1700 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys 18:16:53.0821 1700 NdisWan - ok 18:16:53.0915 1700 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys 18:16:53.0946 1700 NDProxy - ok 18:16:53.0993 1700 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\windows\system32\HPZinw12.dll 18:16:54.0008 1700 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:16:54.0008 1700 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:16:54.0086 1700 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 18:16:54.0118 1700 NetBIOS - ok 18:16:54.0180 1700 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys 18:16:54.0211 1700 NetBT - ok 18:16:54.0274 1700 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:16:54.0289 1700 Netlogon - ok 18:16:54.0336 1700 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 18:16:54.0367 1700 Netman - ok 18:16:54.0476 1700 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 18:16:54.0539 1700 netprofm - ok 18:16:54.0632 1700 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:16:54.0632 1700 NetTcpPortSharing - ok 18:16:54.0726 1700 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 18:16:54.0726 1700 nfrd960 - ok 18:16:54.0804 1700 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll 18:16:54.0866 1700 NlaSvc - ok 18:16:54.0929 1700 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 18:16:54.0976 1700 Npfs - ok 18:16:55.0038 1700 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 18:16:55.0069 1700 nsi - ok 18:16:55.0147 1700 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 18:16:55.0178 1700 nsiproxy - ok 18:16:55.0256 1700 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys 18:16:55.0288 1700 Ntfs - ok 18:16:55.0366 1700 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 18:16:55.0412 1700 Null - ok 18:16:55.0459 1700 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys 18:16:55.0475 1700 nvraid - ok 18:16:55.0537 1700 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys 18:16:55.0553 1700 nvstor - ok 18:16:55.0600 1700 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys 18:16:55.0615 1700 nv_agp - ok 18:16:55.0678 1700 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 18:16:55.0678 1700 OberonGameConsoleService - ok 18:16:55.0771 1700 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:16:55.0787 1700 odserv - ok 18:16:55.0896 1700 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys 18:16:55.0896 1700 ohci1394 - ok 18:16:55.0958 1700 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:16:55.0974 1700 ose - ok 18:16:56.0052 1700 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:16:56.0099 1700 p2pimsvc - ok 18:16:56.0177 1700 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 18:16:56.0192 1700 p2psvc - ok 18:16:56.0239 1700 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 18:16:56.0255 1700 Parport - ok 18:16:56.0286 1700 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys 18:16:56.0302 1700 partmgr - ok 18:16:56.0380 1700 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 18:16:56.0411 1700 Parvdm - ok 18:16:56.0458 1700 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 18:16:56.0473 1700 PcaSvc - ok 18:16:56.0582 1700 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys 18:16:56.0598 1700 pci - ok 18:16:56.0614 1700 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys 18:16:56.0629 1700 pciide - ok 18:16:56.0660 1700 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 18:16:56.0676 1700 pcmcia - ok 18:16:56.0754 1700 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 18:16:56.0770 1700 pcw - ok 18:16:56.0785 1700 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 18:16:56.0832 1700 PEAUTH - ok 18:16:56.0957 1700 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll 18:16:57.0004 1700 pla - ok 18:16:57.0113 1700 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll 18:16:57.0128 1700 PlugPlay - ok 18:16:57.0175 1700 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\windows\system32\HPZipm12.dll 18:16:57.0175 1700 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:16:57.0175 1700 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:16:57.0238 1700 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 18:16:57.0269 1700 PNRPAutoReg - ok 18:16:57.0300 1700 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 18:16:57.0316 1700 PNRPsvc - ok 18:16:57.0394 1700 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll 18:16:57.0440 1700 PolicyAgent - ok 18:16:57.0487 1700 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll 18:16:57.0534 1700 Power - ok 18:16:57.0612 1700 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 18:16:57.0643 1700 PptpMiniport - ok 18:16:57.0674 1700 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 18:16:57.0690 1700 Processor - ok 18:16:57.0768 1700 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll 18:16:57.0799 1700 ProfSvc - ok 18:16:57.0830 1700 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:16:57.0846 1700 ProtectedStorage - ok 18:16:57.0893 1700 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 18:16:57.0924 1700 Psched - ok 18:16:58.0002 1700 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 18:16:58.0033 1700 ql2300 - ok 18:16:58.0158 1700 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 18:16:58.0174 1700 ql40xx - ok 18:16:58.0189 1700 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 18:16:58.0220 1700 QWAVE - ok 18:16:58.0330 1700 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 18:16:58.0345 1700 QWAVEdrv - ok 18:16:58.0485 1700 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 18:16:58.0512 1700 RasAcd - ok 18:16:58.0582 1700 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 18:16:58.0617 1700 RasAgileVpn - ok 18:16:58.0732 1700 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 18:16:58.0765 1700 RasAuto - ok 18:16:58.0812 1700 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 18:16:58.0843 1700 Rasl2tp - ok 18:16:58.0937 1700 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll 18:16:58.0968 1700 RasMan - ok 18:16:58.0999 1700 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 18:16:59.0015 1700 RasPppoe - ok 18:16:59.0030 1700 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 18:16:59.0077 1700 RasSstp - ok 18:16:59.0171 1700 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys 18:16:59.0202 1700 rdbss - ok 18:16:59.0233 1700 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 18:16:59.0264 1700 rdpbus - ok 18:16:59.0374 1700 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys 18:16:59.0405 1700 RDPCDD - ok 18:16:59.0436 1700 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 18:16:59.0467 1700 RDPENCDD - ok 18:16:59.0561 1700 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 18:16:59.0608 1700 RDPREFMP - ok 18:16:59.0654 1700 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys 18:16:59.0701 1700 RDPWD - ok 18:16:59.0810 1700 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys 18:16:59.0826 1700 rdyboost - ok 18:16:59.0857 1700 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 18:16:59.0888 1700 RemoteAccess - ok 18:16:59.0966 1700 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 18:17:00.0013 1700 RemoteRegistry - ok 18:17:00.0029 1700 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 18:17:00.0060 1700 RpcEptMapper - ok 18:17:00.0138 1700 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 18:17:00.0169 1700 RpcLocator - ok 18:17:00.0200 1700 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 18:17:00.0232 1700 RpcSs - ok 18:17:00.0294 1700 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 18:17:00.0341 1700 rspndr - ok 18:17:00.0403 1700 RTL8167 (6465166dd9b2f841dabad16abdadbe98) C:\windows\system32\DRIVERS\Rt86win7.sys 18:17:00.0419 1700 RTL8167 - ok 18:17:00.0528 1700 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys 18:17:00.0559 1700 SABI - ok 18:17:00.0637 1700 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:17:00.0653 1700 SamSs - ok 18:17:00.0700 1700 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys 18:17:00.0715 1700 sbp2port - ok 18:17:00.0746 1700 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 18:17:00.0778 1700 SCardSvr - ok 18:17:00.0871 1700 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys 18:17:00.0902 1700 scfilter - ok 18:17:00.0965 1700 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll 18:17:00.0996 1700 Schedule - ok 18:17:01.0090 1700 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 18:17:01.0105 1700 SCPolicySvc - ok 18:17:01.0136 1700 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll 18:17:01.0168 1700 SDRSVC - ok 18:17:01.0199 1700 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 18:17:01.0246 1700 secdrv - ok 18:17:01.0308 1700 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 18:17:01.0339 1700 seclogon - ok 18:17:01.0355 1700 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 18:17:01.0402 1700 SENS - ok 18:17:01.0464 1700 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll 18:17:01.0495 1700 SensrSvc - ok 18:17:01.0526 1700 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 18:17:01.0542 1700 Serenum - ok 18:17:01.0620 1700 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 18:17:01.0620 1700 Serial - ok 18:17:01.0667 1700 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 18:17:01.0682 1700 sermouse - ok 18:17:01.0776 1700 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll 18:17:01.0807 1700 SessionEnv - ok 18:17:01.0870 1700 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys 18:17:01.0901 1700 sffdisk - ok 18:17:01.0994 1700 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys 18:17:01.0994 1700 sffp_mmc - ok 18:17:02.0026 1700 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys 18:17:02.0041 1700 sffp_sd - ok 18:17:02.0119 1700 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 18:17:02.0135 1700 sfloppy - ok 18:17:02.0182 1700 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 18:17:02.0213 1700 SharedAccess - ok 18:17:02.0291 1700 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll 18:17:02.0322 1700 ShellHWDetection - ok 18:17:02.0384 1700 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys 18:17:02.0384 1700 sisagp - ok 18:17:02.0478 1700 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 18:17:02.0494 1700 SiSRaid2 - ok 18:17:02.0509 1700 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 18:17:02.0525 1700 SiSRaid4 - ok 18:17:02.0540 1700 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 18:17:02.0572 1700 Smb - ok 18:17:02.0681 1700 SmcService (a58c1a086d9c09c6572c948f22cc0e94) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 18:17:02.0728 1700 SmcService - ok 18:17:02.0790 1700 SNAC (d2c222441255131e29de351475f98f6d) C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE 18:17:02.0806 1700 SNAC - ok 18:17:02.0884 1700 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 18:17:02.0899 1700 SNMPTRAP - ok 18:17:02.0993 1700 SPBBCDrv (e621bb5839cf45fa477f48092edd2b40) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 18:17:03.0008 1700 SPBBCDrv - ok 18:17:03.0102 1700 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 18:17:03.0102 1700 spldr - ok 18:17:03.0149 1700 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe 18:17:03.0196 1700 Spooler - ok 18:17:03.0336 1700 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe 18:17:03.0383 1700 sppsvc - ok 18:17:03.0476 1700 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll 18:17:03.0523 1700 sppuinotify - ok 18:17:03.0586 1700 SpyHunter 4 Service (63f2b52947577dbb075fe646bc758a2f) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 18:17:03.0601 1700 SpyHunter 4 Service - ok 18:17:03.0664 1700 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 18:17:03.0664 1700 SQLBrowser - ok 18:17:03.0710 1700 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 18:17:03.0726 1700 SQLWriter - ok 18:17:03.0820 1700 SRTSP (2abf82c8452ab0b9ffc74a2d5da91989) C:\windows\system32\Drivers\SRTSP.SYS 18:17:03.0820 1700 SRTSP - ok 18:17:03.0867 1700 SRTSPL (e2f9e5887bea5bd8784d337e06eda31b) C:\windows\system32\Drivers\SRTSPL.SYS 18:17:03.0882 1700 SRTSPL - ok 18:17:03.0882 1700 SRTSPX (3b974c158fabd910186f98df8d3e23f3) C:\windows\system32\Drivers\SRTSPX.SYS 18:17:03.0898 1700 SRTSPX - ok 18:17:03.0991 1700 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys 18:17:04.0023 1700 srv - ok 18:17:04.0054 1700 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys 18:17:04.0069 1700 srv2 - ok 18:17:04.0163 1700 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys 18:17:04.0179 1700 srvnet - ok 18:17:04.0225 1700 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 18:17:04.0257 1700 SSDPSRV - ok 18:17:04.0319 1700 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 18:17:04.0350 1700 SstpSvc - ok 18:17:04.0397 1700 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 18:17:04.0413 1700 stexstor - ok 18:17:04.0506 1700 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll 18:17:04.0537 1700 StiSvc - ok 18:17:04.0647 1700 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys 18:17:04.0662 1700 swenum - ok 18:17:04.0693 1700 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 18:17:04.0725 1700 swprv - ok 18:17:04.0834 1700 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 18:17:04.0896 1700 Symantec AntiVirus - ok 18:17:05.0021 1700 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS 18:17:05.0037 1700 SymEvent - ok 18:17:05.0068 1700 SYMREDRV (394b2368212114d538316812af60fddd) C:\windows\System32\Drivers\SYMREDRV.SYS 18:17:05.0083 1700 SYMREDRV - ok 18:17:05.0115 1700 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\windows\System32\Drivers\SYMTDI.SYS 18:17:05.0130 1700 SYMTDI - ok 18:17:05.0224 1700 SynTP (7a9025d8f7852b06d6d08ed536135e7e) C:\windows\system32\DRIVERS\SynTP.sys 18:17:05.0255 1700 SynTP - ok 18:17:05.0392 1700 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll 18:17:05.0447 1700 SysMain - ok 18:17:05.0542 1700 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll 18:17:05.0577 1700 TabletInputService - ok 18:17:05.0645 1700 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll 18:17:05.0715 1700 TapiSrv - ok 18:17:05.0827 1700 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 18:17:05.0870 1700 TBS - ok 18:17:06.0050 1700 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys 18:17:06.0087 1700 Tcpip - ok 18:17:06.0212 1700 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys 18:17:06.0245 1700 TCPIP6 - ok 18:17:06.0462 1700 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys 18:17:06.0502 1700 tcpipreg - ok 18:17:06.0600 1700 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys 18:17:06.0617 1700 TDPIPE - ok 18:17:06.0650 1700 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys 18:17:06.0660 1700 TDTCP - ok 18:17:06.0705 1700 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys 18:17:06.0742 1700 tdx - ok 18:17:06.0850 1700 TeamViewer6 (839e88db24d2d8f05b72e12b175951ca) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe 18:17:06.0892 1700 TeamViewer6 - ok 18:17:07.0012 1700 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys 18:17:07.0030 1700 TermDD - ok 18:17:07.0087 1700 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll 18:17:07.0127 1700 TermService - ok 18:17:07.0212 1700 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 18:17:07.0260 1700 Themes - ok 18:17:07.0350 1700 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 18:17:07.0390 1700 THREADORDER - ok 18:17:07.0485 1700 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 18:17:07.0552 1700 TrkWks - ok 18:17:07.0647 1700 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe 18:17:07.0682 1700 TrustedInstaller - ok 18:17:07.0790 1700 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys 18:17:07.0832 1700 tssecsrv - ok 18:17:07.0965 1700 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys 18:17:08.0002 1700 TsUsbFlt - ok 18:17:08.0137 1700 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys 18:17:08.0175 1700 tunnel - ok 18:17:08.0277 1700 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 18:17:08.0290 1700 uagp35 - ok 18:17:08.0352 1700 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys 18:17:08.0385 1700 udfs - ok 18:17:08.0492 1700 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 18:17:08.0522 1700 UI0Detect - ok 18:17:08.0580 1700 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys 18:17:08.0592 1700 uliagpkx - ok 18:17:08.0700 1700 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys 18:17:08.0735 1700 umbus - ok 18:17:08.0772 1700 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 18:17:08.0802 1700 UmPass - ok 18:17:08.0890 1700 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 18:17:08.0937 1700 upnphost - ok 18:17:08.0982 1700 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys 18:17:09.0002 1700 USBAAPL - ok 18:17:09.0097 1700 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys 18:17:09.0132 1700 usbccgp - ok 18:17:09.0197 1700 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys 18:17:09.0237 1700 usbcir - ok 18:17:09.0320 1700 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys 18:17:09.0335 1700 usbehci - ok 18:17:09.0382 1700 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys 18:17:09.0410 1700 usbhub - ok 18:17:09.0505 1700 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys 18:17:09.0547 1700 usbohci - ok 18:17:09.0602 1700 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 18:17:09.0617 1700 usbprint - ok 18:17:09.0707 1700 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 18:17:09.0732 1700 usbscan - ok 18:17:09.0790 1700 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\drivers\USBSTOR.SYS 18:17:09.0832 1700 USBSTOR - ok 18:17:09.0925 1700 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys 18:17:09.0950 1700 usbuhci - ok 18:17:10.0010 1700 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys 18:17:10.0040 1700 usbvideo - ok 18:17:10.0155 1700 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 18:17:10.0202 1700 UxSms - ok 18:17:10.0282 1700 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 18:17:10.0295 1700 VaultSvc - ok 18:17:10.0345 1700 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys 18:17:10.0357 1700 vdrvroot - ok 18:17:10.0510 1700 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe 18:17:10.0545 1700 vds - ok 18:17:10.0642 1700 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 18:17:10.0657 1700 vga - ok 18:17:10.0700 1700 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 18:17:10.0762 1700 VgaSave - ok 18:17:10.0892 1700 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys 18:17:10.0907 1700 vhdmp - ok 18:17:10.0945 1700 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys 18:17:10.0957 1700 viaagp - ok 18:17:11.0062 1700 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 18:17:11.0115 1700 ViaC7 - ok 18:17:11.0235 1700 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys 18:17:11.0245 1700 viaide - ok 18:17:11.0297 1700 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys 18:17:11.0310 1700 volmgr - ok 18:17:11.0347 1700 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 18:17:11.0365 1700 volmgrx - ok 18:17:11.0485 1700 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys 18:17:11.0510 1700 volsnap - ok 18:17:11.0565 1700 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 18:17:11.0580 1700 vsmraid - ok 18:17:11.0720 1700 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe 18:17:11.0770 1700 VSS - ok 18:17:11.0870 1700 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 18:17:11.0895 1700 vwifibus - ok 18:17:11.0917 1700 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 18:17:11.0935 1700 vwififlt - ok 18:17:12.0037 1700 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 18:17:12.0082 1700 vwifimp - ok 18:17:12.0182 1700 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 18:17:12.0220 1700 W32Time - ok 18:17:12.0267 1700 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 18:17:12.0282 1700 WacomPen - ok 18:17:12.0395 1700 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:17:12.0427 1700 WANARP - ok 18:17:12.0437 1700 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 18:17:12.0465 1700 Wanarpv6 - ok 18:17:12.0535 1700 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe 18:17:12.0570 1700 WatAdminSvc - ok 18:17:12.0728 1700 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe 18:17:12.0790 1700 wbengine - ok 18:17:12.0884 1700 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 18:17:12.0915 1700 WbioSrvc - ok 18:17:12.0978 1700 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll 18:17:12.0993 1700 wcncsvc - ok 18:17:13.0071 1700 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 18:17:13.0118 1700 WcsPlugInService - ok 18:17:13.0165 1700 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 18:17:13.0165 1700 Wd - ok 18:17:13.0258 1700 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 18:17:13.0274 1700 Wdf01000 - ok 18:17:13.0352 1700 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:17:13.0414 1700 WdiServiceHost - ok 18:17:13.0414 1700 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 18:17:13.0430 1700 WdiSystemHost - ok 18:17:13.0508 1700 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll 18:17:13.0524 1700 WebClient - ok 18:17:13.0555 1700 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 18:17:13.0586 1700 Wecsvc - ok 18:17:13.0664 1700 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 18:17:13.0695 1700 wercplsupport - ok 18:17:13.0726 1700 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 18:17:13.0758 1700 WerSvc - ok 18:17:13.0851 1700 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 18:17:13.0882 1700 WfpLwf - ok 18:17:13.0914 1700 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 18:17:13.0914 1700 WIMMount - ok 18:17:13.0976 1700 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 18:17:14.0007 1700 WinDefend - ok 18:17:14.0007 1700 WinHttpAutoProxySvc - ok 18:17:14.0116 1700 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 18:17:14.0163 1700 Winmgmt - ok 18:17:14.0288 1700 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll 18:17:14.0319 1700 WinRM - ok 18:17:14.0444 1700 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys 18:17:14.0460 1700 WinUsb - ok 18:17:14.0522 1700 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 18:17:14.0569 1700 Wlansvc - ok 18:17:14.0678 1700 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:17:14.0709 1700 wlidsvc - ok 18:17:14.0818 1700 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys 18:17:14.0834 1700 WmiAcpi - ok 18:17:14.0896 1700 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 18:17:14.0928 1700 wmiApSrv - ok 18:17:15.0006 1700 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 18:17:15.0037 1700 WMPNetworkSvc - ok 18:17:15.0130 1700 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 18:17:15.0162 1700 WPCSvc - ok 18:17:15.0240 1700 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll 18:17:15.0271 1700 WPDBusEnum - ok 18:17:15.0349 1700 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 18:17:15.0364 1700 ws2ifsl - ok 18:17:15.0411 1700 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll 18:17:15.0442 1700 wscsvc - ok 18:17:15.0474 1700 WSearch - ok 18:17:15.0614 1700 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll 18:17:15.0661 1700 wuauserv - ok 18:17:15.0754 1700 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys 18:17:15.0786 1700 WudfPf - ok 18:17:15.0817 1700 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys 18:17:15.0832 1700 WUDFRd - ok 18:17:15.0942 1700 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll 18:17:15.0973 1700 wudfsvc - ok 18:17:16.0004 1700 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 18:17:16.0035 1700 WwanSvc - ok 18:17:16.0051 1700 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0 18:17:16.0316 1700 \Device\Harddisk0\DR0 - ok 18:17:16.0332 1700 Boot (0x1200) (5fb009d8d1bbe104d22d071977f32a2a) \Device\Harddisk0\DR0\Partition0 18:17:16.0332 1700 \Device\Harddisk0\DR0\Partition0 - ok 18:17:16.0347 1700 Boot (0x1200) (d5688b55e165a627667567455a328efc) \Device\Harddisk0\DR0\Partition1 18:17:16.0347 1700 \Device\Harddisk0\DR0\Partition1 - ok 18:17:16.0363 1700 Boot (0x1200) (78ee0a60b0242cd51c89824323794145) \Device\Harddisk0\DR0\Partition2 18:17:16.0378 1700 \Device\Harddisk0\DR0\Partition2 - ok 18:17:16.0378 1700 ============================================================ 18:17:16.0378 1700 Scan finished 18:17:16.0378 1700 ============================================================ 18:17:16.0394 1688 Detected object count: 5 18:17:16.0394 1688 Actual detected object count: 5 18:20:20.0952 1688 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0952 1688 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0968 1688 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0968 1688 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0968 1688 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0968 1688 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0968 1688 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0968 1688 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:20:20.0984 1688 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:20:20.0984 1688 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
-
Hallo, Ik heb uw instructies uitgevoerd, maar als ik de laptop heropstart komt de virus FCCU terug... De vorige keer toen ik dit meemaakte was FCCU direct weg nadat ik deze instructies had opgevolgd... Weet u wat er scheeld? Dit is mijn nieuw HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:52:43, on 14/04/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\windows\helppane.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jonas\virus\Malwarebytes' Anti-Malware\mbam.exe C:\windows\notepad.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\Users\Jonas\LOCALS~1\Temp\msgelopf.com O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [innoSetupRegFile.0000000001] "C:\windows\is-VP4P7.exe" /REG /REGSVRMODE O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Users\Jonas\virus\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [conhost] C:\Users\Jonas\AppData\Roaming\Microsoft\conhost.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 9537 bytes Dit zijn mijn Malwarebites logjes: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.04.08 Windows 7 Service Pack 1 x86 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 14/04/2012 14:47:32 mbam-log-2012-04-14 (14-47-32).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 211580 Verstreken tijd: 4 minuut/minuten, 11 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\sooi832.bin (Trojan.SpyEyes) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 1 C:\sooi832.bin\CA0A4982B4D.exe (Trojan.SpyEyes) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Dit is het tweede: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.14.04 Windows 7 Service Pack 1 x86 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 14/04/2012 15:36:55 mbam-log-2012-04-14 (15-36-55).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 213620 Verstreken tijd: 4 minuut/minuten, 12 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Hopelijk kunnen julie helpen! Alvast bedankt
-
Hallo, Zoals velen heb ik het FCCU op mijn laptop gekregen. Ongelofelijk is dat het nu al voor de tweede keer is... De vorige keer heeft men mij hier prachtig geholpen dus ik hoop dat ik weer hulp krijg! Dit is mijn hijackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:52:01, on 14/04/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\windows\helppane.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\Users\Jonas\LOCALS~1\Temp\msgelopf.com O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [conhost] C:\Users\Jonas\AppData\Roaming\Microsoft\conhost.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 9067 bytes Alvast bedankt!
-
FCCU virus - hulp aub
jarsteve reageerde op jarsteve's topic in Archief Bestrijding malware & virussen
Momenteel heb ik geen problemen! Ik neem aan dat alles opgelost is. Bedankt voor de hulp! -
FCCU virus - hulp aub
jarsteve reageerde op jarsteve's topic in Archief Bestrijding malware & virussen
ogenschijnlijk zijn de problemen opgelost. Dit is het nieuwe Hijackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:32:49, on 2/04/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\windows\system32\taskeng.exe C:\windows\system32\taskhost.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\TeamViewer\Version6\TeamViewer.exe C:\windows\system32\igfxext.exe C:\windows\system32\igfxsrvc.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe C:\Program Files\Apple Software Update\SoftwareUpdate.exe C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jonas\virus\Malwarebytes' Anti-Malware\mbam.exe C:\windows\system32\NOTEPAD.EXE C:\windows\notepad.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe C:\windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\Users\Jonas\LOCALS~1\Temp\msfakaa.com O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [conhost] C:\Users\Jonas\AppData\Roaming\Microsoft\conhost.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 11034 bytes Dit is het eerste MBAM: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.04.02.03 Windows 7 Service Pack 1 x86 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 2/04/2012 10:16:05 mbam-log-2012-04-02 (10-16-05).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 226624 Verstreken tijd: 8 minuut/minuten, 28 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Agent) -> Data: C:\Users\Jonas\AppData\Roaming\cgs8h0.exe -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 4 C:\Users\Jonas\AppData\Roaming\cgs8h0.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jonas\AppData\Local\Temp\cgs8h0.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jonas\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jonas\AppData\Roaming\Adobe\plugs\mmc224.exe (Trojan.Agent.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Dit is het tweede MBAM log (ter controle): Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.04.02.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [administrator] 2/04/2012 10:57:22 mbam-log-2012-04-02 (10-57-22).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 230331 Verstreken tijd: 14 minuut/minuten, 50 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Bedankt! -
Dag iedereen, Net zoals velen is mijn laptop in contact gekomen met het virus FCCU. Wanneer het virus zichzelf "activeert" kan ik niets meer ondernemen op mijn laptop. Ik had al raad gezocht op enkele andere sites vandaar dat ik ook een programma "spyhynter" recent heb geïnstaleerd, maar dit hielp niet echt. Ik kwam vervolgens deze site tegen en er wordt hier blijkbaar uitstekende hulp verleend. Ik heb hier enkele onderwerpen gelezen en heb ondertussen al Hijackthis geïnstaleerd. Ik zit momenteel in de "safe mode met netwerkmogelijkheden" Hier is mijn log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:28:06, on 1/04/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\windows\helppane.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jonas\virus\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F3 - REG:win.ini: load=C:\Users\Jonas\LOCALS~1\Temp\msfakaa.com F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [MRT] "C:\windows\system32\MRT.exe" /R O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [conhost] C:\Users\Jonas\AppData\Roaming\Microsoft\conhost.exe O4 - HKCU\..\Run: [update] C:\Users\Jonas\AppData\Roaming\cgs8h0.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\windows\system32\lxeecoms.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 9323 bytes Dank bij voorbaat!
