rob1984
-
Items
6 -
Registratiedatum
-
Laatst bezocht
rob1984's prestaties
-
12:18:37.0082 1772 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 12:18:37.0348 1772 ============================================================ 12:18:37.0348 1772 Current date / time: 2013/06/27 12:18:37.0348 12:18:37.0348 1772 SystemInfo: 12:18:37.0348 1772 12:18:37.0348 1772 OS Version: 6.0.6002 ServicePack: 2.0 12:18:37.0348 1772 Product type: Workstation 12:18:37.0348 1772 ComputerName: PC_VAN_ROB 12:18:37.0348 1772 UserName: Rob 12:18:37.0348 1772 Windows directory: C:\windows 12:18:37.0348 1772 System windows directory: C:\windows 12:18:37.0348 1772 Processor architecture: Intel x86 12:18:37.0348 1772 Number of processors: 1 12:18:37.0348 1772 Page size: 0x1000 12:18:37.0348 1772 Boot type: Normal boot 12:18:37.0348 1772 ============================================================ 12:18:37.0800 1772 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 12:18:37.0800 1772 ============================================================ 12:18:37.0800 1772 \Device\Harddisk0\DR0: 12:18:37.0800 1772 MBR partitions: 12:18:37.0800 1772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11818E71 12:18:37.0800 1772 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11818EB0, BlocksNum 0x1201000 12:18:37.0800 1772 ============================================================ 12:18:37.0831 1772 C: <-> \Device\Harddisk0\DR0\Partition1 12:18:37.0878 1772 D: <-> \Device\Harddisk0\DR0\Partition2 12:18:37.0878 1772 ============================================================ 12:18:37.0878 1772 Initialize success 12:18:37.0878 1772 ============================================================ 12:20:17.0431 4196 ============================================================ 12:20:17.0431 4196 Scan started 12:20:17.0431 4196 Mode: Manual; SigCheck; TDLFS; 12:20:17.0431 4196 ============================================================ 12:20:17.0867 4196 ================ Scan system memory ======================== 12:20:17.0867 4196 System memory - ok 12:20:17.0867 4196 ================ Scan services ============================= 12:20:19.0022 4196 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\windows\system32\drivers\acpi.sys 12:20:19.0162 4196 ACPI - ok 12:20:19.0209 4196 [ FB9ECE3F7B8A03E474E611031AD4CD23 ] ADIHdAudAddService C:\windows\system32\drivers\ADIHdAud.sys 12:20:19.0303 4196 ADIHdAudAddService - ok 12:20:19.0427 4196 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:20:19.0490 4196 AdobeFlashPlayerUpdateSvc - ok 12:20:19.0552 4196 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\windows\system32\drivers\adp94xx.sys 12:20:19.0583 4196 adp94xx - ok 12:20:19.0615 4196 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\windows\system32\drivers\adpahci.sys 12:20:19.0630 4196 adpahci - ok 12:20:19.0661 4196 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\windows\system32\drivers\adpu160m.sys 12:20:19.0677 4196 adpu160m - ok 12:20:19.0739 4196 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\windows\system32\drivers\adpu320.sys 12:20:19.0786 4196 adpu320 - ok 12:20:19.0849 4196 [ 12D23758621B00B8D3134095EC3325FD ] AEADIFilters C:\windows\system32\AEADISRV.EXE 12:20:19.0895 4196 AEADIFilters - ok 12:20:19.0911 4196 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\windows\System32\aelupsvc.dll 12:20:20.0005 4196 AeLookupSvc - ok 12:20:20.0067 4196 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\windows\system32\drivers\afd.sys 12:20:20.0145 4196 AFD - ok 12:20:20.0192 4196 [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe 12:20:20.0223 4196 AgereModemAudio - ok 12:20:20.0613 4196 [ 3712986CC3ABF0DC656B43525B9D1279 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys 12:20:20.0707 4196 AgereSoftModem - ok 12:20:20.0769 4196 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\windows\system32\drivers\agp440.sys 12:20:20.0785 4196 agp440 - ok 12:20:20.0816 4196 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\windows\system32\drivers\djsvs.sys 12:20:20.0863 4196 aic78xx - ok 12:20:20.0894 4196 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\windows\System32\alg.exe 12:20:21.0050 4196 ALG - ok 12:20:21.0097 4196 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\windows\system32\drivers\aliide.sys 12:20:21.0128 4196 aliide - ok 12:20:21.0206 4196 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\windows\system32\drivers\amdagp.sys 12:20:21.0221 4196 amdagp - ok 12:20:21.0237 4196 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\windows\system32\drivers\amdide.sys 12:20:21.0253 4196 amdide - ok 12:20:21.0284 4196 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\windows\system32\drivers\amdk7.sys 12:20:21.0315 4196 AmdK7 - ok 12:20:21.0331 4196 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys 12:20:21.0377 4196 AmdK8 - ok 12:20:21.0923 4196 [ 075DE33661971DE058854C526BDBBF0D ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 12:20:21.0939 4196 AntiVirSchedulerService - ok 12:20:22.0017 4196 [ 826ADD8689FA33632CF98A0EAC89F156 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 12:20:22.0017 4196 AntiVirService - ok 12:20:22.0111 4196 [ DFAE18C675D71FD06D57DC69D2913975 ] AppHostSvc C:\windows\system32\inetsrv\apphostsvc.dll 12:20:22.0189 4196 AppHostSvc - ok 12:20:22.0235 4196 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\windows\System32\appinfo.dll 12:20:22.0267 4196 Appinfo - ok 12:20:22.0313 4196 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\windows\system32\drivers\arc.sys 12:20:22.0329 4196 arc - ok 12:20:22.0360 4196 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\windows\system32\drivers\arcsas.sys 12:20:22.0376 4196 arcsas - ok 12:20:22.0735 4196 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 12:20:22.0766 4196 aspnet_state - ok 12:20:22.0797 4196 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 12:20:22.0844 4196 AsyncMac - ok 12:20:22.0875 4196 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\windows\system32\drivers\atapi.sys 12:20:22.0891 4196 atapi - ok 12:20:22.0953 4196 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 12:20:23.0000 4196 AudioEndpointBuilder - ok 12:20:23.0031 4196 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\windows\System32\Audiosrv.dll 12:20:23.0062 4196 Audiosrv - ok 12:20:23.0125 4196 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys 12:20:23.0140 4196 avgntflt - ok 12:20:23.0187 4196 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\windows\system32\DRIVERS\avipbb.sys 12:20:23.0218 4196 avipbb - ok 12:20:23.0265 4196 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys 12:20:23.0281 4196 avkmgr - ok 12:20:23.0343 4196 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys 12:20:23.0390 4196 b57nd60x - ok 12:20:23.0468 4196 [ 3F5E7621CDF6867D3D8417D13A098277 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys 12:20:23.0530 4196 BCM43XX - ok 12:20:23.0624 4196 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\windows\system32\drivers\Beep.sys 12:20:23.0671 4196 Beep - ok 12:20:23.0702 4196 BFE - ok 12:20:23.0873 4196 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\windows\System32\qmgr.dll 12:20:23.0936 4196 BITS - ok 12:20:23.0983 4196 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\windows\system32\drivers\blbdrive.sys 12:20:24.0029 4196 blbdrive - ok 12:20:24.0092 4196 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\windows\system32\DRIVERS\bowser.sys 12:20:24.0154 4196 bowser - ok 12:20:24.0217 4196 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\brfiltlo.sys 12:20:24.0248 4196 BrFiltLo - ok 12:20:24.0263 4196 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\brfiltup.sys 12:20:24.0310 4196 BrFiltUp - ok 12:20:24.0341 4196 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\windows\System32\browser.dll 12:20:24.0404 4196 Browser - ok 12:20:24.0451 4196 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\windows\system32\drivers\brserid.sys 12:20:24.0591 4196 Brserid - ok 12:20:24.0607 4196 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\system32\drivers\brserwdm.sys 12:20:24.0685 4196 BrSerWdm - ok 12:20:24.0747 4196 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\system32\drivers\brusbmdm.sys 12:20:24.0825 4196 BrUsbMdm - ok 12:20:24.0856 4196 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\system32\drivers\brusbser.sys 12:20:24.0903 4196 BrUsbSer - ok 12:20:24.0965 4196 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys 12:20:25.0012 4196 BTHMODEM - ok 12:20:25.0168 4196 catchme - ok 12:20:25.0215 4196 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 12:20:25.0277 4196 cdfs - ok 12:20:25.0309 4196 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 12:20:25.0340 4196 cdrom - ok 12:20:25.0402 4196 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\windows\System32\certprop.dll 12:20:25.0480 4196 CertPropSvc - ok 12:20:25.0511 4196 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\windows\system32\drivers\circlass.sys 12:20:25.0543 4196 circlass - ok 12:20:25.0574 4196 [ 745D20B75B3BDDA545022625ED5DBB1B ] CISVC C:\windows\system32\CISVC.EXE 12:20:25.0605 4196 CISVC - ok 12:20:25.0683 4196 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\windows\system32\CLFS.sys 12:20:25.0730 4196 CLFS - ok 12:20:25.0777 4196 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:20:25.0777 4196 clr_optimization_v2.0.50727_32 - ok 12:20:25.0839 4196 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 12:20:25.0886 4196 CmBatt - ok 12:20:25.0901 4196 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\windows\system32\drivers\cmdide.sys 12:20:25.0917 4196 cmdide - ok 12:20:26.0120 4196 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe 12:20:26.0135 4196 Com4QLBEx - ok 12:20:26.0182 4196 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys 12:20:26.0229 4196 Compbatt - ok 12:20:26.0245 4196 COMSysApp - ok 12:20:26.0276 4196 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\windows\system32\drivers\crcdisk.sys 12:20:26.0291 4196 crcdisk - ok 12:20:26.0323 4196 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\windows\system32\drivers\crusoe.sys 12:20:26.0354 4196 Crusoe - ok 12:20:26.0447 4196 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\windows\system32\cryptsvc.dll 12:20:26.0494 4196 CryptSvc - ok 12:20:26.0557 4196 [ 5D5984255A4BFAA4262FB750DF7CD537 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv.sys 12:20:26.0603 4196 DAMDrv ( UnsignedFile.Multi.Generic ) - warning 12:20:26.0603 4196 DAMDrv - detected UnsignedFile.Multi.Generic (1) 12:20:26.0806 4196 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\windows\system32\rpcss.dll 12:20:26.0869 4196 DcomLaunch - ok 12:20:26.0900 4196 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\windows\system32\Drivers\dfsc.sys 12:20:26.0947 4196 DfsC - ok 12:20:27.0181 4196 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\windows\system32\DFSR.exe 12:20:27.0352 4196 DFSR - ok 12:20:27.0415 4196 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\windows\System32\dhcpcsvc.dll 12:20:27.0477 4196 Dhcp - ok 12:20:27.0524 4196 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\windows\system32\drivers\disk.sys 12:20:27.0539 4196 disk - ok 12:20:27.0602 4196 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\windows\System32\dnsrslvr.dll 12:20:27.0664 4196 Dnscache - ok 12:20:27.0711 4196 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\windows\System32\dot3svc.dll 12:20:27.0742 4196 dot3svc - ok 12:20:27.0820 4196 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\windows\system32\dps.dll 12:20:27.0851 4196 DPS - ok 12:20:27.0914 4196 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 12:20:27.0945 4196 drmkaud - ok 12:20:28.0007 4196 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 12:20:28.0070 4196 DXGKrnl - ok 12:20:28.0148 4196 [ 476D9F2F0789CDE89ACEE2A2FB21EC5A ] e1express C:\windows\system32\DRIVERS\e1e6032.sys 12:20:28.0163 4196 e1express - ok 12:20:28.0195 4196 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\windows\system32\DRIVERS\E1G60I32.sys 12:20:28.0226 4196 E1G60 - ok 12:20:28.0288 4196 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\windows\System32\eapsvc.dll 12:20:28.0319 4196 EapHost - ok 12:20:28.0366 4196 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\windows\system32\drivers\ecache.sys 12:20:28.0382 4196 Ecache - ok 12:20:28.0444 4196 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\windows\system32\drivers\elxstor.sys 12:20:28.0475 4196 elxstor - ok 12:20:28.0725 4196 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\windows\system32\emdmgmt.dll 12:20:28.0803 4196 EMDMgmt - ok 12:20:28.0897 4196 [ EDC243EF33F8DA2A1A499331891D9472 ] EngineServer C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE 12:20:28.0912 4196 EngineServer - ok 12:20:28.0928 4196 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\windows\system32\drivers\errdev.sys 12:20:28.0975 4196 ErrDev - ok 12:20:29.0037 4196 esgiguard - ok 12:20:29.0099 4196 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\windows\system32\es.dll 12:20:29.0131 4196 EventSystem - ok 12:20:29.0255 4196 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\windows\system32\drivers\exfat.sys 12:20:29.0349 4196 exfat - ok 12:20:29.0443 4196 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\windows\system32\drivers\fastfat.sys 12:20:29.0521 4196 fastfat - ok 12:20:29.0567 4196 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\windows\system32\DRIVERS\fdc.sys 12:20:29.0614 4196 fdc - ok 12:20:29.0723 4196 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\windows\system32\fdPHost.dll 12:20:29.0755 4196 fdPHost - ok 12:20:29.0786 4196 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\windows\system32\fdrespub.dll 12:20:29.0879 4196 FDResPub - ok 12:20:29.0942 4196 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\windows\system32\drivers\fileinfo.sys 12:20:29.0973 4196 FileInfo - ok 12:20:30.0020 4196 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\windows\system32\drivers\filetrace.sys 12:20:30.0082 4196 Filetrace - ok 12:20:30.0176 4196 [ 224138E0CCDF7CE3281298473F6FD1D2 ] FLCDLOCK C:\Windows\system32\flcdlock.exe 12:20:30.0207 4196 FLCDLOCK ( UnsignedFile.Multi.Generic ) - warning 12:20:30.0207 4196 FLCDLOCK - detected UnsignedFile.Multi.Generic (1) 12:20:30.0254 4196 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys 12:20:30.0301 4196 flpydisk - ok 12:20:30.0363 4196 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 12:20:30.0394 4196 FltMgr - ok 12:20:30.0550 4196 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\windows\system32\FntCache.dll 12:20:30.0628 4196 FontCache - ok 12:20:30.0800 4196 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 12:20:30.0815 4196 FontCache3.0.0.0 - ok 12:20:30.0909 4196 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\windows\system32\FsUsbExDisk.SYS 12:20:30.0925 4196 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 12:20:30.0925 4196 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 12:20:30.0956 4196 [ 0796C1E47ADB9825269E64B9DAB4E741 ] FsUsbExService C:\windows\system32\FsUsbExService.Exe 12:20:30.0987 4196 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning 12:20:30.0987 4196 FsUsbExService - detected UnsignedFile.Multi.Generic (1) 12:20:31.0018 4196 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 12:20:31.0049 4196 Fs_Rec - ok 12:20:31.0127 4196 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys 12:20:31.0159 4196 gagp30kx - ok 12:20:31.0205 4196 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\windows\system32\drivers\gfibto.sys 12:20:31.0221 4196 gfibto - ok 12:20:31.0424 4196 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\windows\System32\gpsvc.dll 12:20:31.0517 4196 gpsvc - ok 12:20:31.0689 4196 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 12:20:31.0689 4196 gupdate - ok 12:20:31.0736 4196 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 12:20:31.0751 4196 gupdatem - ok 12:20:31.0814 4196 [ 93AEE3434935FC2F805FEFD8DC5ED1B4 ] HBtnKey C:\windows\system32\DRIVERS\cpqbttn.sys 12:20:31.0814 4196 HBtnKey - ok 12:20:31.0876 4196 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 12:20:31.0939 4196 HdAudAddService - ok 12:20:32.0219 4196 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys 12:20:32.0313 4196 HDAudBus - ok 12:20:32.0407 4196 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\windows\system32\drivers\hidbth.sys 12:20:32.0469 4196 HidBth - ok 12:20:32.0500 4196 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\windows\system32\drivers\hidir.sys 12:20:32.0547 4196 HidIr - ok 12:20:32.0594 4196 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\windows\System32\hidserv.dll 12:20:32.0625 4196 hidserv - ok 12:20:32.0656 4196 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 12:20:32.0703 4196 HidUsb - ok 12:20:32.0734 4196 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\windows\system32\kmsvc.dll 12:20:32.0812 4196 hkmsvc - ok 12:20:32.0875 4196 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 12:20:32.0890 4196 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning 12:20:32.0890 4196 HP Health Check Service - detected UnsignedFile.Multi.Generic (1) 12:20:32.0937 4196 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\windows\system32\drivers\hpcisss.sys 12:20:32.0953 4196 HpCISSs - ok 12:20:33.0015 4196 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys 12:20:33.0031 4196 HpqKbFiltr - ok 12:20:33.0171 4196 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 12:20:33.0187 4196 hpqwmiex - ok 12:20:33.0405 4196 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\windows\system32\drivers\HTTP.sys 12:20:33.0514 4196 HTTP - ok 12:20:33.0545 4196 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\windows\system32\drivers\i2omp.sys 12:20:33.0561 4196 i2omp - ok 12:20:33.0608 4196 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys 12:20:33.0639 4196 i8042prt - ok 12:20:34.0091 4196 [ 3AD7614C487C948ADD435662265750FB ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 12:20:34.0107 4196 IAANTMON - ok 12:20:34.0294 4196 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\windows\system32\drivers\iastor.sys 12:20:34.0310 4196 iaStor - ok 12:20:34.0435 4196 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\windows\system32\drivers\iastorv.sys 12:20:34.0481 4196 iaStorV - ok 12:20:34.0575 4196 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 12:20:34.0637 4196 IDriverT ( UnsignedFile.Multi.Generic ) - warning 12:20:34.0637 4196 IDriverT - detected UnsignedFile.Multi.Generic (1) 12:20:34.0934 4196 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 12:20:35.0027 4196 idsvc - ok 12:20:35.0870 4196 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys 12:20:36.0057 4196 igfx - ok 12:20:36.0151 4196 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\windows\system32\drivers\iirsp.sys 12:20:36.0182 4196 iirsp - ok 12:20:36.0229 4196 [ DAE181C2FDB0D02159C56185A469E10B ] IISADMIN C:\windows\system32\inetsrv\inetinfo.exe 12:20:36.0291 4196 IISADMIN - ok 12:20:36.0525 4196 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\windows\System32\ikeext.dll 12:20:36.0587 4196 IKEEXT - ok 12:20:36.0634 4196 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\windows\system32\drivers\intelide.sys 12:20:36.0650 4196 intelide - ok 12:20:36.0697 4196 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 12:20:36.0775 4196 intelppm - ok 12:20:36.0806 4196 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\windows\system32\ipbusenum.dll 12:20:36.0884 4196 IPBusEnum - ok 12:20:36.0899 4196 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 12:20:36.0946 4196 IpFilterDriver - ok 12:20:36.0962 4196 IpInIp - ok 12:20:37.0055 4196 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\windows\system32\drivers\ipmidrv.sys 12:20:37.0133 4196 IPMIDRV - ok 12:20:37.0165 4196 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\windows\system32\DRIVERS\ipnat.sys 12:20:37.0211 4196 IPNAT - ok 12:20:37.0243 4196 [ 03D54E7BCF9B77CEAF34DC0057420352 ] iprip C:\windows\System32\iprip.dll 12:20:37.0321 4196 iprip - ok 12:20:37.0352 4196 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\windows\system32\drivers\irenum.sys 12:20:37.0399 4196 IRENUM - ok 12:20:37.0430 4196 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\windows\system32\drivers\isapnp.sys 12:20:37.0477 4196 isapnp - ok 12:20:37.0523 4196 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys 12:20:37.0539 4196 iScsiPrt - ok 12:20:37.0570 4196 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\windows\system32\drivers\iteatapi.sys 12:20:37.0586 4196 iteatapi - ok 12:20:37.0664 4196 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\windows\system32\drivers\iteraid.sys 12:20:37.0695 4196 iteraid - ok 12:20:37.0773 4196 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 12:20:37.0804 4196 IviRegMgr - ok 12:20:37.0835 4196 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys 12:20:37.0851 4196 kbdclass - ok 12:20:37.0898 4196 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys 12:20:37.0945 4196 kbdhid - ok 12:20:37.0991 4196 [ A3E186B4B935905B829219502557314E ] KeyIso C:\windows\system32\lsass.exe 12:20:38.0038 4196 KeyIso - ok 12:20:38.0257 4196 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 12:20:38.0350 4196 KSecDD - ok 12:20:38.0413 4196 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\windows\system32\msdtckrm.dll 12:20:38.0475 4196 KtmRm - ok 12:20:38.0522 4196 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\windows\System32\srvsvc.dll 12:20:38.0569 4196 LanmanServer - ok 12:20:38.0615 4196 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\windows\System32\wkssvc.dll 12:20:38.0662 4196 LanmanWorkstation - ok 12:20:38.0678 4196 LgBttPort - ok 12:20:38.0709 4196 lgbusenum - ok 12:20:38.0725 4196 LGVMODEM - ok 12:20:38.0771 4196 [ C215E09622118383B236DD56C2065183 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 12:20:38.0787 4196 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 12:20:38.0787 4196 LightScribeService - detected UnsignedFile.Multi.Generic (1) 12:20:38.0849 4196 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe 12:20:38.0865 4196 LinksysUpdater ( UnsignedFile.Multi.Generic ) - warning 12:20:38.0865 4196 LinksysUpdater - detected UnsignedFile.Multi.Generic (1) 12:20:38.0896 4196 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 12:20:38.0927 4196 lltdio - ok 12:20:38.0974 4196 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\windows\System32\lltdsvc.dll 12:20:39.0021 4196 lltdsvc - ok 12:20:39.0037 4196 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\windows\System32\lmhsvc.dll 12:20:39.0083 4196 lmhosts - ok 12:20:39.0161 4196 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys 12:20:39.0177 4196 LSI_FC - ok 12:20:39.0208 4196 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys 12:20:39.0224 4196 LSI_SAS - ok 12:20:39.0255 4196 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys 12:20:39.0286 4196 LSI_SCSI - ok 12:20:39.0317 4196 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\windows\system32\drivers\luafv.sys 12:20:39.0349 4196 luafv - ok 12:20:39.0395 4196 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\windows\system32\drivers\mbam.sys 12:20:39.0411 4196 MBAMProtector - ok 12:20:39.0567 4196 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 12:20:39.0629 4196 MBAMScheduler - ok 12:20:39.0676 4196 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 12:20:39.0739 4196 MBAMService - ok 12:20:39.0910 4196 [ 38BCCF016B694A745E1CDBC0B080A59C ] McAfee HackerWatch Service C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe 12:20:39.0957 4196 McAfee HackerWatch Service - ok 12:20:40.0051 4196 [ B177A24AAD92A838B22A685BED1CB4A6 ] McShield C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe 12:20:40.0066 4196 McShield - ok 12:20:40.0113 4196 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\windows\system32\drivers\megasas.sys 12:20:40.0129 4196 megasas - ok 12:20:40.0160 4196 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\windows\system32\drivers\megasr.sys 12:20:40.0191 4196 MegaSR - ok 12:20:40.0238 4196 [ 4A802C0D6F1AE9A11CC778E7D3378FE0 ] MfeAVFK C:\windows\system32\drivers\MfeAVFK.sys 12:20:40.0253 4196 MfeAVFK - ok 12:20:40.0269 4196 [ F8DEDC7B973E7311458FA52774242D19 ] MfeBOPK C:\windows\system32\drivers\MfeBOPK.sys 12:20:40.0300 4196 MfeBOPK - ok 12:20:40.0347 4196 [ 04E66896EBB00E94F1A51358D32E24AF ] mfehidk C:\windows\system32\drivers\mfehidk.sys 12:20:40.0363 4196 mfehidk - ok 12:20:40.0378 4196 [ 459330ECF667872821FA1E56A2A37D24 ] MfeRKDK C:\windows\system32\drivers\MfeRKDK.sys 12:20:40.0394 4196 MfeRKDK - ok 12:20:40.0409 4196 [ 74A22591E2AFE1091E949952BDBF7C20 ] mfetdik C:\windows\system32\drivers\mfetdik.sys 12:20:40.0441 4196 mfetdik - ok 12:20:40.0472 4196 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\windows\system32\mmcss.dll 12:20:40.0503 4196 MMCSS - ok 12:20:40.0534 4196 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\windows\system32\drivers\modem.sys 12:20:40.0565 4196 Modem - ok 12:20:40.0612 4196 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\windows\system32\DRIVERS\monitor.sys 12:20:40.0659 4196 monitor - ok 12:20:40.0690 4196 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 12:20:40.0706 4196 mouclass - ok 12:20:40.0768 4196 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 12:20:40.0799 4196 mouhid - ok 12:20:40.0831 4196 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\windows\system32\drivers\mountmgr.sys 12:20:40.0862 4196 MountMgr - ok 12:20:40.0955 4196 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 12:20:40.0971 4196 MozillaMaintenance - ok 12:20:41.0049 4196 [ E320F922BEAD67774D84A1F2FEBF01F9 ] MPFP C:\windows\system32\Drivers\Mpfp.sys 12:20:41.0080 4196 MPFP - ok 12:20:41.0267 4196 [ 7869AE9E3533D5A6F006E7B97F5FB991 ] MpfService C:\Program Files\McAfee\MPF\MPFSrv.exe 12:20:41.0314 4196 MpfService - ok 12:20:41.0377 4196 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\windows\system32\drivers\mpio.sys 12:20:41.0392 4196 mpio - ok 12:20:41.0423 4196 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 12:20:41.0470 4196 mpsdrv - ok 12:20:41.0501 4196 [ 4116CDE6C8C97E2F4492F2755810019F ] MQAC C:\windows\system32\drivers\mqac.sys 12:20:41.0548 4196 MQAC - ok 12:20:41.0579 4196 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\windows\system32\drivers\mraid35x.sys 12:20:41.0595 4196 Mraid35x - ok 12:20:41.0657 4196 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 12:20:41.0704 4196 MRxDAV - ok 12:20:41.0782 4196 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 12:20:41.0829 4196 mrxsmb - ok 12:20:41.0923 4196 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 12:20:41.0985 4196 mrxsmb10 - ok 12:20:42.0032 4196 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 12:20:42.0063 4196 mrxsmb20 - ok 12:20:42.0110 4196 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\windows\system32\drivers\msahci.sys 12:20:42.0141 4196 msahci - ok 12:20:42.0157 4196 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\windows\system32\drivers\msdsm.sys 12:20:42.0172 4196 msdsm - ok 12:20:42.0203 4196 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\windows\System32\msdtc.exe 12:20:42.0235 4196 MSDTC - ok 12:20:42.0266 4196 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\windows\system32\drivers\Msfs.sys 12:20:42.0313 4196 Msfs - ok 12:20:42.0328 4196 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\windows\system32\drivers\msisadrv.sys 12:20:42.0344 4196 msisadrv - ok 12:20:42.0406 4196 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\windows\system32\iscsiexe.dll 12:20:42.0437 4196 MSiSCSI - ok 12:20:42.0453 4196 msiserver - ok 12:20:42.0500 4196 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 12:20:42.0531 4196 MSKSSRV - ok 12:20:42.0578 4196 [ AABD2BC9DADA61AD5EB4223BAAC4486D ] MSMQ C:\windows\system32\mqsvc.exe 12:20:42.0593 4196 MSMQ - ok 12:20:42.0656 4196 [ FA3849C021B463E383BF188A9F0C8ED5 ] MSMQTriggers C:\windows\system32\mqtgsvc.exe 12:20:42.0703 4196 MSMQTriggers - ok 12:20:42.0734 4196 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 12:20:42.0765 4196 MSPCLOCK - ok 12:20:42.0812 4196 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\windows\system32\drivers\MSPQM.sys 12:20:42.0843 4196 MSPQM - ok 12:20:42.0874 4196 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\windows\system32\drivers\MsRPC.sys 12:20:42.0890 4196 MsRPC - ok 12:20:42.0937 4196 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys 12:20:42.0952 4196 mssmbios - ok 12:20:42.0983 4196 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\windows\system32\drivers\MSTEE.sys 12:20:43.0030 4196 MSTEE - ok 12:20:43.0077 4196 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\windows\system32\Drivers\mup.sys 12:20:43.0108 4196 Mup - ok 12:20:43.0139 4196 myAgtSvc - ok 12:20:43.0233 4196 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\windows\system32\qagentRT.dll 12:20:43.0280 4196 napagent - ok 12:20:43.0373 4196 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 12:20:43.0405 4196 NativeWifiP - ok 12:20:43.0436 4196 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\windows\system32\drivers\ndis.sys 12:20:43.0467 4196 NDIS - ok 12:20:43.0498 4196 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 12:20:43.0529 4196 NdisTapi - ok 12:20:43.0561 4196 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 12:20:43.0607 4196 Ndisuio - ok 12:20:43.0639 4196 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 12:20:43.0670 4196 NdisWan - ok 12:20:43.0701 4196 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 12:20:43.0748 4196 NDProxy - ok 12:20:43.0810 4196 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll 12:20:43.0826 4196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 12:20:43.0826 4196 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 12:20:43.0873 4196 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 12:20:43.0888 4196 NetBIOS - ok 12:20:43.0982 4196 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\windows\system32\DRIVERS\netbt.sys 12:20:44.0013 4196 netbt - ok 12:20:44.0044 4196 [ A3E186B4B935905B829219502557314E ] Netlogon C:\windows\system32\lsass.exe 12:20:44.0060 4196 Netlogon - ok 12:20:44.0122 4196 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\windows\System32\netman.dll 12:20:44.0169 4196 Netman - ok 12:20:44.0200 4196 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\windows\System32\netprofm.dll 12:20:44.0231 4196 netprofm - ok 12:20:44.0294 4196 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:20:44.0309 4196 NetTcpPortSharing - ok 12:20:44.0341 4196 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\windows\system32\drivers\nfrd960.sys 12:20:44.0356 4196 nfrd960 - ok 12:20:44.0403 4196 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\windows\System32\nlasvc.dll 12:20:44.0434 4196 NlaSvc - ok 12:20:44.0621 4196 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe 12:20:44.0653 4196 nmservice - ok 12:20:44.0715 4196 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\windows\system32\drivers\Npfs.sys 12:20:44.0762 4196 Npfs - ok 12:20:44.0793 4196 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\windows\system32\nsisvc.dll 12:20:44.0840 4196 nsi - ok 12:20:44.0887 4196 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 12:20:44.0949 4196 nsiproxy - ok 12:20:45.0261 4196 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 12:20:45.0355 4196 Ntfs - ok 12:20:45.0417 4196 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\windows\system32\drivers\ntrigdigi.sys 12:20:45.0495 4196 ntrigdigi - ok 12:20:45.0511 4196 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\windows\system32\drivers\Null.sys 12:20:45.0557 4196 Null - ok 12:20:45.0589 4196 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\windows\system32\drivers\nvraid.sys 12:20:45.0604 4196 nvraid - ok 12:20:45.0635 4196 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\windows\system32\drivers\nvstor.sys 12:20:45.0651 4196 nvstor - ok 12:20:45.0682 4196 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\windows\system32\drivers\nv_agp.sys 12:20:45.0698 4196 nv_agp - ok 12:20:45.0713 4196 NwlnkFlt - ok 12:20:45.0729 4196 NwlnkFwd - ok 12:20:45.0776 4196 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys 12:20:45.0807 4196 ohci1394 - ok 12:20:45.0869 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\windows\system32\p2psvc.dll 12:20:45.0947 4196 p2pimsvc - ok 12:20:45.0979 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\windows\system32\p2psvc.dll 12:20:46.0025 4196 p2psvc - ok 12:20:46.0103 4196 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\windows\system32\DRIVERS\parport.sys 12:20:46.0150 4196 Parport - ok 12:20:46.0213 4196 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\windows\system32\drivers\partmgr.sys 12:20:46.0228 4196 partmgr - ok 12:20:46.0259 4196 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys 12:20:46.0291 4196 Parvdm - ok 12:20:46.0337 4196 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\windows\System32\pcasvc.dll 12:20:46.0384 4196 PcaSvc - ok 12:20:46.0400 4196 pccsmcfd - ok 12:20:46.0447 4196 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\windows\system32\drivers\pci.sys 12:20:46.0462 4196 pci - ok 12:20:46.0509 4196 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\windows\system32\DRIVERS\pciide.sys 12:20:46.0525 4196 pciide - ok 12:20:46.0571 4196 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys 12:20:46.0587 4196 pcmcia - ok 12:20:46.0634 4196 pdfcDispatcher - ok 12:20:46.0696 4196 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\windows\system32\drivers\peauth.sys 12:20:46.0774 4196 PEAUTH - ok 12:20:47.0086 4196 [ B1689DF169143F57053F795390C99DB3 ] pla C:\windows\system32\pla.dll 12:20:47.0195 4196 pla - ok 12:20:47.0258 4196 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\windows\system32\umpnpmgr.dll 12:20:47.0305 4196 PlugPlay - ok 12:20:47.0367 4196 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll 12:20:47.0383 4196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 12:20:47.0383 4196 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 12:20:47.0429 4196 [ B63A3AE87ED0AC525B3AA88B39608BFC ] pnarp C:\windows\system32\DRIVERS\pnarp.sys 12:20:47.0429 4196 pnarp - ok 12:20:47.0476 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\windows\system32\p2psvc.dll 12:20:47.0492 4196 PNRPAutoReg - ok 12:20:47.0539 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\windows\system32\p2psvc.dll 12:20:47.0570 4196 PNRPsvc - ok 12:20:47.0648 4196 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 12:20:47.0710 4196 PolicyAgent - ok 12:20:47.0757 4196 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 12:20:47.0788 4196 PptpMiniport - ok 12:20:47.0819 4196 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\windows\system32\drivers\processr.sys 12:20:47.0851 4196 Processor - ok 12:20:47.0897 4196 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\windows\system32\profsvc.dll 12:20:47.0944 4196 ProfSvc - ok 12:20:47.0960 4196 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\windows\system32\lsass.exe 12:20:47.0991 4196 ProtectedStorage - ok 12:20:48.0022 4196 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\windows\system32\DRIVERS\pacer.sys 12:20:48.0053 4196 PSched - ok 12:20:48.0085 4196 [ 633CC728D6493C4263368A86928B0BFD ] purendis C:\windows\system32\DRIVERS\purendis.sys 12:20:48.0100 4196 purendis - ok 12:20:48.0147 4196 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys 12:20:48.0147 4196 PxHelp20 - ok 12:20:48.0381 4196 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\windows\system32\drivers\ql2300.sys 12:20:48.0459 4196 ql2300 - ok 12:20:48.0490 4196 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\windows\system32\drivers\ql40xx.sys 12:20:48.0506 4196 ql40xx - ok 12:20:48.0553 4196 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\windows\system32\qwave.dll 12:20:48.0584 4196 QWAVE - ok 12:20:48.0615 4196 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 12:20:48.0646 4196 QWAVEdrv - ok 12:20:48.0662 4196 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 12:20:48.0709 4196 RasAcd - ok 12:20:48.0755 4196 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\windows\System32\rasauto.dll 12:20:48.0802 4196 RasAuto - ok 12:20:48.0849 4196 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 12:20:48.0880 4196 Rasl2tp - ok 12:20:48.0958 4196 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\windows\System32\rasmans.dll 12:20:48.0989 4196 RasMan - ok 12:20:49.0036 4196 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 12:20:49.0083 4196 RasPppoe - ok 12:20:49.0130 4196 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 12:20:49.0161 4196 RasSstp - ok 12:20:49.0223 4196 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 12:20:49.0270 4196 rdbss - ok 12:20:49.0301 4196 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 12:20:49.0348 4196 RDPCDD - ok 12:20:49.0457 4196 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\windows\system32\drivers\rdpdr.sys 12:20:49.0504 4196 rdpdr - ok 12:20:49.0535 4196 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 12:20:49.0582 4196 RDPENCDD - ok 12:20:49.0629 4196 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 12:20:49.0691 4196 RDPWD - ok 12:20:49.0723 4196 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\windows\System32\mprdim.dll 12:20:49.0785 4196 RemoteAccess - ok 12:20:49.0832 4196 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\windows\system32\regsvc.dll 12:20:49.0863 4196 RemoteRegistry - ok 12:20:49.0910 4196 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\windows\system32\DRIVERS\RMCAST.sys 12:20:49.0925 4196 RMCAST - ok 12:20:50.0284 4196 [ 5C13017FC008F8492D03143634A479CE ] RoxMediaDB10 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe 12:20:50.0347 4196 RoxMediaDB10 - ok 12:20:50.0393 4196 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\windows\system32\locator.exe 12:20:50.0425 4196 RpcLocator - ok 12:20:50.0518 4196 [ 6684437F3628EF237C354F77D33426D1 ] rpcnet C:\windows\system32\rpcnet.exe 12:20:50.0534 4196 rpcnet - ok 12:20:50.0565 4196 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\windows\system32\rpcss.dll 12:20:50.0612 4196 RpcSs - ok 12:20:50.0643 4196 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 12:20:50.0674 4196 rspndr - ok 12:20:50.0705 4196 [ A3E186B4B935905B829219502557314E ] SamSs C:\windows\system32\lsass.exe 12:20:50.0721 4196 SamSs - ok 12:20:50.0737 4196 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\windows\system32\drivers\sbp2port.sys 12:20:50.0768 4196 sbp2port - ok 12:20:50.0830 4196 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\windows\System32\SCardSvr.dll 12:20:50.0861 4196 SCardSvr - ok 12:20:50.0924 4196 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\windows\system32\schedsvc.dll 12:20:51.0017 4196 Schedule - ok 12:20:51.0033 4196 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\windows\System32\certprop.dll 12:20:51.0064 4196 SCPolicySvc - ok 12:20:51.0127 4196 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\windows\System32\SDRSVC.dll 12:20:51.0173 4196 SDRSVC - ok 12:20:51.0236 4196 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys 12:20:51.0283 4196 secdrv - ok 12:20:51.0329 4196 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\windows\system32\seclogon.dll 12:20:51.0376 4196 seclogon - ok 12:20:51.0423 4196 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\windows\System32\sens.dll 12:20:51.0470 4196 SENS - ok 12:20:51.0517 4196 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\windows\system32\drivers\serenum.sys 12:20:51.0579 4196 Serenum - ok 12:20:51.0610 4196 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\windows\system32\drivers\serial.sys 12:20:51.0657 4196 Serial - ok 12:20:51.0704 4196 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\windows\system32\drivers\sermouse.sys 12:20:51.0751 4196 sermouse - ok 12:20:51.0797 4196 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\windows\system32\sessenv.dll 12:20:51.0829 4196 SessionEnv - ok 12:20:51.0875 4196 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\windows\system32\drivers\sffdisk.sys 12:20:51.0907 4196 sffdisk - ok 12:20:51.0938 4196 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 12:20:51.0969 4196 sffp_mmc - ok 12:20:52.0000 4196 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 12:20:52.0047 4196 sffp_sd - ok 12:20:52.0078 4196 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\windows\system32\drivers\sfloppy.sys 12:20:52.0141 4196 sfloppy - ok 12:20:52.0187 4196 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\windows\System32\shsvcs.dll 12:20:52.0234 4196 ShellHWDetection - ok 12:20:52.0265 4196 [ A275FBB7C99458C12E088DFF3E58EB4D ] simptcp C:\windows\System32\tcpsvcs.exe 12:20:52.0297 4196 simptcp - ok 12:20:52.0343 4196 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\windows\system32\drivers\sisagp.sys 12:20:52.0359 4196 sisagp - ok 12:20:52.0390 4196 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\windows\system32\drivers\sisraid2.sys 12:20:52.0406 4196 SiSRaid2 - ok 12:20:52.0437 4196 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys 12:20:52.0453 4196 SiSRaid4 - ok 12:20:52.0515 4196 [ 875B04A71869D34A415CC8B4D4673EC4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 12:20:52.0531 4196 SkypeUpdate - ok 12:20:53.0326 4196 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\windows\system32\SLsvc.exe 12:20:53.0560 4196 slsvc - ok 12:20:53.0607 4196 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\windows\system32\SLUINotify.dll 12:20:53.0669 4196 SLUINotify - ok 12:20:53.0716 4196 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\windows\system32\DRIVERS\smb.sys 12:20:53.0747 4196 Smb - ok 12:20:53.0779 4196 [ 26BA81BA48C3D9FB292B4B60FDE849F2 ] SNMP C:\windows\System32\snmp.exe 12:20:53.0825 4196 SNMP - ok 12:20:53.0857 4196 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\windows\System32\snmptrap.exe 12:20:53.0872 4196 SNMPTRAP - ok 12:20:53.0903 4196 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\windows\system32\drivers\spldr.sys 12:20:53.0919 4196 spldr - ok 12:20:53.0950 4196 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\windows\System32\spoolsv.exe 12:20:53.0981 4196 Spooler - ok 12:20:54.0028 4196 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\windows\system32\DRIVERS\srv.sys 12:20:54.0075 4196 srv - ok 12:20:54.0122 4196 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\windows\system32\DRIVERS\srv2.sys 12:20:54.0169 4196 srv2 - ok 12:20:54.0184 4196 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 12:20:54.0215 4196 srvnet - ok 12:20:54.0278 4196 [ BB6EDB0257860083193CC1581AC7D485 ] ssadbus C:\windows\system32\DRIVERS\ssadbus.sys 12:20:54.0293 4196 ssadbus - ok 12:20:54.0325 4196 [ 5BCB68F7B62159C07789D3F405750623 ] ssadmdfl C:\windows\system32\DRIVERS\ssadmdfl.sys 12:20:54.0340 4196 ssadmdfl - ok 12:20:54.0418 4196 [ 1588A89F9CD9E68DE9FCC9F60FDB5C08 ] ssadmdm C:\windows\system32\DRIVERS\ssadmdm.sys 12:20:54.0449 4196 ssadmdm - ok 12:20:54.0527 4196 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 12:20:54.0590 4196 SSDPSRV - ok 12:20:54.0637 4196 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys 12:20:54.0668 4196 ssmdrv - ok 12:20:54.0683 4196 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\windows\system32\sstpsvc.dll 12:20:54.0699 4196 SstpSvc - ok 12:20:54.0824 4196 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\windows\System32\wiaservc.dll 12:20:54.0902 4196 stisvc - ok 12:20:54.0964 4196 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe 12:20:54.0995 4196 stllssvr - ok 12:20:55.0027 4196 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\windows\system32\DRIVERS\swenum.sys 12:20:55.0042 4196 swenum - ok 12:20:55.0151 4196 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\windows\System32\swprv.dll 12:20:55.0214 4196 swprv - ok 12:20:55.0229 4196 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\windows\system32\drivers\symc8xx.sys 12:20:55.0245 4196 Symc8xx - ok 12:20:55.0276 4196 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\windows\system32\drivers\sym_hi.sys 12:20:55.0292 4196 Sym_hi - ok 12:20:55.0323 4196 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\windows\system32\drivers\sym_u3.sys 12:20:55.0339 4196 Sym_u3 - ok 12:20:55.0385 4196 [ F5D926807BD9BC0AF68F9376144DE425 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys 12:20:55.0417 4196 SynTP - ok 12:20:55.0510 4196 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\windows\system32\sysmain.dll 12:20:55.0573 4196 SysMain - ok 12:20:55.0619 4196 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\windows\System32\TabSvc.dll 12:20:55.0651 4196 TabletInputService - ok 12:20:55.0697 4196 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\windows\System32\tapisrv.dll 12:20:55.0744 4196 TapiSrv - ok 12:20:55.0775 4196 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\windows\System32\tbssvc.dll 12:20:55.0822 4196 TBS - ok 12:20:55.0963 4196 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\windows\system32\drivers\tcpip.sys 12:20:56.0056 4196 Tcpip - ok 12:20:56.0337 4196 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\windows\system32\DRIVERS\tcpip.sys 12:20:56.0399 4196 Tcpip6 - ok 12:20:56.0462 4196 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 12:20:56.0509 4196 tcpipreg - ok 12:20:56.0587 4196 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 12:20:56.0665 4196 TDPIPE - ok 12:20:56.0696 4196 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 12:20:56.0711 4196 TDTCP - ok 12:20:56.0774 4196 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\windows\system32\DRIVERS\tdx.sys 12:20:56.0821 4196 tdx - ok 12:20:56.0852 4196 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\windows\system32\DRIVERS\termdd.sys 12:20:56.0867 4196 TermDD - ok 12:20:56.0992 4196 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\windows\System32\termsrv.dll 12:20:57.0039 4196 TermService - ok 12:20:57.0086 4196 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\windows\system32\shsvcs.dll 12:20:57.0117 4196 Themes - ok 12:20:57.0148 4196 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\windows\system32\mmcss.dll 12:20:57.0179 4196 THREADORDER - ok 12:20:57.0211 4196 [ CB258C2F726F1BE73C507022BE33EBB3 ] TPM C:\windows\system32\drivers\tpm.sys 12:20:57.0242 4196 TPM - ok 12:20:57.0273 4196 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\windows\System32\trkwks.dll 12:20:57.0320 4196 TrkWks - ok 12:20:57.0398 4196 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 12:20:57.0445 4196 TrustedInstaller - ok 12:20:57.0460 4196 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 12:20:57.0507 4196 tssecsrv - ok 12:20:57.0538 4196 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\windows\system32\DRIVERS\tunmp.sys 12:20:57.0554 4196 tunmp - ok 12:20:57.0601 4196 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 12:20:57.0616 4196 tunnel - ok 12:20:57.0647 4196 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\windows\system32\drivers\uagp35.sys 12:20:57.0663 4196 uagp35 - ok 12:20:57.0757 4196 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\windows\system32\DRIVERS\udfs.sys 12:20:57.0788 4196 udfs - ok 12:20:57.0835 4196 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\windows\system32\UI0Detect.exe 12:20:57.0881 4196 UI0Detect - ok 12:20:57.0913 4196 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 12:20:57.0944 4196 uliagpkx - ok 12:20:57.0975 4196 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\windows\system32\drivers\uliahci.sys 12:20:57.0991 4196 uliahci - ok 12:20:58.0022 4196 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\windows\system32\drivers\ulsata.sys 12:20:58.0037 4196 UlSata - ok 12:20:58.0100 4196 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\windows\system32\drivers\ulsata2.sys 12:20:58.0100 4196 ulsata2 - ok 12:20:58.0147 4196 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\windows\system32\DRIVERS\umbus.sys 12:20:58.0178 4196 umbus - ok 12:20:58.0240 4196 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\windows\System32\upnphost.dll 12:20:58.0287 4196 upnphost - ok 12:20:58.0318 4196 upperdev - ok 12:20:58.0349 4196 usbbus - ok 12:20:58.0381 4196 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 12:20:58.0412 4196 usbccgp - ok 12:20:58.0427 4196 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\windows\system32\drivers\usbcir.sys 12:20:58.0505 4196 usbcir - ok 12:20:58.0521 4196 UsbDiag - ok 12:20:58.0552 4196 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys 12:20:58.0583 4196 usbehci - ok 12:20:58.0677 4196 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 12:20:58.0755 4196 usbhub - ok 12:20:58.0771 4196 USBModem - ok 12:20:58.0849 4196 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys 12:20:58.0911 4196 usbohci - ok 12:20:58.0927 4196 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\windows\system32\drivers\usbprint.sys 12:20:58.0989 4196 usbprint - ok 12:20:59.0036 4196 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 12:20:59.0083 4196 USBSTOR - ok 12:20:59.0145 4196 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys 12:20:59.0192 4196 usbuhci - ok 12:20:59.0223 4196 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\windows\System32\uxsms.dll 12:20:59.0254 4196 UxSms - ok 12:20:59.0363 4196 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\windows\System32\vds.exe 12:20:59.0410 4196 vds - ok 12:20:59.0457 4196 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\windows\system32\DRIVERS\vgapnp.sys 12:20:59.0488 4196 vga - ok 12:20:59.0519 4196 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\windows\System32\drivers\vga.sys 12:20:59.0535 4196 VgaSave - ok 12:20:59.0566 4196 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\windows\system32\drivers\viaagp.sys 12:20:59.0597 4196 viaagp - ok 12:20:59.0629 4196 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\windows\system32\drivers\viac7.sys 12:20:59.0675 4196 ViaC7 - ok 12:20:59.0707 4196 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\windows\system32\drivers\viaide.sys 12:20:59.0738 4196 viaide - ok 12:20:59.0769 4196 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\windows\system32\drivers\volmgr.sys 12:20:59.0785 4196 volmgr - ok 12:20:59.0894 4196 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\windows\system32\drivers\volmgrx.sys 12:20:59.0941 4196 volmgrx - ok 12:21:00.0019 4196 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\windows\system32\drivers\volsnap.sys 12:21:00.0034 4196 volsnap - ok 12:21:00.0081 4196 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\windows\system32\drivers\vsmraid.sys 12:21:00.0097 4196 vsmraid - ok 12:21:00.0143 4196 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\windows\system32\vssvc.exe 12:21:00.0237 4196 VSS - ok 12:21:00.0284 4196 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\windows\system32\w32time.dll 12:21:00.0331 4196 W32Time - ok 12:21:00.0393 4196 [ F22CA75C05204F76D06E6C530529455C ] W3SVC C:\windows\system32\inetsrv\iisw3adm.dll 12:21:00.0440 4196 W3SVC - ok 12:21:00.0471 4196 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\windows\system32\drivers\wacompen.sys 12:21:00.0518 4196 WacomPen - ok 12:21:00.0549 4196 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys 12:21:00.0580 4196 Wanarp - ok 12:21:00.0596 4196 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 12:21:00.0627 4196 Wanarpv6 - ok 12:21:00.0658 4196 [ F22CA75C05204F76D06E6C530529455C ] WAS C:\windows\system32\inetsrv\iisw3adm.dll 12:21:00.0705 4196 WAS - ok 12:21:00.0752 4196 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\windows\System32\wcncsvc.dll 12:21:00.0783 4196 wcncsvc - ok 12:21:00.0814 4196 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 12:21:00.0861 4196 WcsPlugInService - ok 12:21:00.0892 4196 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\windows\system32\drivers\wd.sys 12:21:00.0908 4196 Wd - ok 12:21:00.0939 4196 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 12:21:00.0986 4196 Wdf01000 - ok 12:21:01.0017 4196 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\windows\system32\wdi.dll 12:21:01.0079 4196 WdiServiceHost - ok 12:21:01.0095 4196 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\windows\system32\wdi.dll 12:21:01.0126 4196 WdiSystemHost - ok 12:21:01.0189 4196 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\windows\System32\webclnt.dll 12:21:01.0204 4196 WebClient - ok 12:21:01.0251 4196 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\windows\system32\wecsvc.dll 12:21:01.0298 4196 Wecsvc - ok 12:21:01.0329 4196 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\windows\System32\wercplsupport.dll 12:21:01.0360 4196 wercplsupport - ok 12:21:01.0407 4196 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\windows\System32\WerSvc.dll 12:21:01.0423 4196 WerSvc - ok 12:21:01.0469 4196 WinDefend - ok 12:21:01.0485 4196 WinHttpAutoProxySvc - ok 12:21:01.0547 4196 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 12:21:01.0579 4196 Winmgmt - ok 12:21:01.0657 4196 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\windows\system32\WsmSvc.dll 12:21:01.0781 4196 WinRM - ok 12:21:01.0844 4196 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\windows\System32\wlansvc.dll 12:21:01.0891 4196 Wlansvc - ok 12:21:02.0031 4196 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 12:21:02.0156 4196 wlidsvc - ok 12:21:02.0187 4196 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys 12:21:02.0234 4196 WmiAcpi - ok 12:21:02.0281 4196 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 12:21:02.0312 4196 wmiApSrv - ok 12:21:02.0390 4196 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 12:21:02.0421 4196 WMPNetworkSvc - ok 12:21:02.0483 4196 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\windows\System32\wpcsvc.dll 12:21:02.0530 4196 WPCSvc - ok 12:21:02.0593 4196 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 12:21:02.0624 4196 WPDBusEnum - ok 12:21:02.0671 4196 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\windows\system32\DRIVERS\wpdusb.sys 12:21:02.0702 4196 WpdUsb - ok 12:21:02.0733 4196 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 12:21:02.0749 4196 ws2ifsl - ok 12:21:02.0795 4196 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\windows\system32\wscsvc.dll 12:21:02.0827 4196 wscsvc - ok 12:21:02.0889 4196 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys 12:21:02.0905 4196 WSDPrintDevice - ok 12:21:02.0920 4196 WSearch - ok 12:21:03.0045 4196 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll 12:21:03.0123 4196 wuauserv - ok 12:21:03.0170 4196 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 12:21:03.0201 4196 WUDFRd - ok 12:21:03.0263 4196 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\windows\System32\WUDFSvc.dll 12:21:03.0310 4196 wudfsvc - ok 12:21:03.0341 4196 ================ Scan global =============================== 12:21:03.0373 4196 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\windows\system32\basesrv.dll 12:21:03.0451 4196 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\windows\system32\winsrv.dll 12:21:03.0466 4196 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\windows\system32\winsrv.dll 12:21:03.0529 4196 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\windows\system32\services.exe 12:21:03.0529 4196 [Global] - ok 12:21:03.0529 4196 ================ Scan MBR ================================== 12:21:03.0544 4196 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 12:21:03.0950 4196 \Device\Harddisk0\DR0 - ok 12:21:03.0950 4196 ================ Scan VBR ================================== 12:21:03.0950 4196 [ 6C4FA8002DF4DAC3808508E59C57F95A ] \Device\Harddisk0\DR0\Partition1 12:21:03.0950 4196 \Device\Harddisk0\DR0\Partition1 - ok 12:21:03.0981 4196 [ 4C49EFD08F9AF39B49272610341042E3 ] \Device\Harddisk0\DR0\Partition2 12:21:03.0981 4196 \Device\Harddisk0\DR0\Partition2 - ok 12:21:03.0981 4196 ============================================================ 12:21:03.0981 4196 Scan finished 12:21:03.0981 4196 ============================================================ 12:21:03.0997 5876 Detected object count: 10 12:21:03.0997 5876 Actual detected object count: 10 12:22:36.0011 5876 DAMDrv ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0011 5876 DAMDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0011 5876 FLCDLOCK ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0011 5876 FLCDLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0011 5876 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0011 5876 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0011 5876 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0011 5876 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0011 5876 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0011 5876 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0011 5876 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0011 5876 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0011 5876 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0011 5876 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0027 5876 LinksysUpdater ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0027 5876 LinksysUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0027 5876 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0027 5876 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:22:36.0027 5876 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 12:22:36.0027 5876 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
-
combofix werkt inmiddels, maar elke keer moet ik opnieuw opstarten en daarna combofix nogmaals draaien.. dit inmiddels al 5 keer is dit normaal? ik krijg inderdaad een melding een rootkit. logbestand van combofix kan ik niet vinden, hierbij wel nogmaals die van hijackthis: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 22:16:09, on 26-6-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16490) FIREFOX: 21.0 (nl) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\taskeng.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\PDF Complete\pdfsty.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\windows\system32\conime.exe C:\Program Files\Opera\opera.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Rob\Desktop\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Lavasoft R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: BFE - Unknown owner - C:\windows\. O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 10265 bytes
-
Er lijkt iets fout te gaan tijdens de installatie van combofix, als het programma bijna klaar is met installeren krijg ik een geluidsignaal en verdwijnt het venster. halverwege de installatie krijg ik een foutmelding: fout bij schrijven naar bestand C:\32788R22FWJFW\swxcacls.3XE met drie keuzemogelijkheden: afbreken, opnieuw, negeren. afbreken stopt de installatie, opnieuw geeft dezelfde foutmelding en negeren maakt de installatie af tot bijna aan het einde en stopt dan dus.
-
malwarebytes vindt niks, en hoeft dus ook niet opnieuw op te starten, het is wel duidelijk dat ik nog niet van de malware af ben.. hier het malwarebytes logje: Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.06.26.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Rob :: PC_VAN_ROB [administrator] Bescherming: Uitgeschakeld 26-6-2013 15:38:24 mbam-log-2013-06-26 (15-38-24).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM | P2P Uitgeschakelde scan opties: Objecten gescand: 232174 Verstreken tijd: 14 minuut/minuten, 6 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) en die van hijackthis: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 15:59:23, on 26-6-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16490) FIREFOX: 21.0 (nl) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\taskeng.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\PDF Complete\pdfsty.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\windows\system32\conime.exe C:\Users\Rob\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exe C:\Users\Rob\Desktop\hijackthis\HijackThis.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Opera\opera.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\windows\system32\NOTEPAD.EXE C:\windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Lavasoft R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f O4 - HKCU\..\RunOnce: [adawarebp_DATA_FOLDER] cmd.exe /c rmdir "C:\ProgramData\Ad-Aware Browsing Protection" /s /q O4 - HKCU\..\RunOnce: [adawarebp_INSTALL_FOLDER] cmd.exe /c rmdir "C:\Users\Rob\AppData\Local\adawarebp" /s /q O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 11435 bytes
-
ik weet ook niet waarom dat verkeerd is gegaan, maar hierbij de herkansing: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 0:43:37, on 26-6-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16490) FIREFOX: 21.0 (nl) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\taskeng.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\PDF Complete\pdfsty.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\windows\system32\conime.exe C:\Program Files\Opera\opera.exe C:\Users\Rob\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exe C:\Users\Rob\Desktop\hijackthis\HijackThis.exe C:\windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.torrentz.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [tyntn] C:\windows\system32\dt6ty7yy.exe O4 - HKCU\..\Run: [inytii] C:\windows\system32\yti6ddntd.exe O4 - HKCU\..\Run: [llff5l] C:\windows\system32\avvava7alv.exe O4 - HKCU\..\Run: [avqff1l] C:\windows\system32\l6avllaqq3.exe O4 - HKCU\..\Run: [qvqv7] C:\windows\system32\afaaf41lf.exe O4 - HKCU\..\Run: [qqf9a] C:\windows\system32\falvqllvfav.exe O4 - HKCU\..\Run: [laavaa] C:\windows\system32\qv7alvvqq.exe O4 - HKCU\..\Run: [lfaqqf] C:\windows\system32\vvava7alvvq.exe O4 - HKCU\..\Run: [vqvfqqv] C:\windows\system32\alf6qqf1vlq.exe O4 - HKCU\..\Run: [ynint] C:\windows\system32\niityidyyit.exe O4 - HKCU\..\Run: [diiynn] C:\windows\system32\inyitdnn.exe O4 - HKCU\..\Run: [gvllg] C:\windows\system32\vqggaavllg.exe O4 - HKCU\..\Run: [vvvfaq] C:\windows\system32\fvf4vaqaa6f.exe O4 - HKCU\..\Run: [kffafaq] C:\windows\system32\avafkqakva.exe O4 - HKCU\..\Run: [fqqfvv0] C:\windows\system32\vf4vaqaa6f.exe O4 - HKCU\..\Run: [llggbb] C:\windows\system32\6qqg1vb.exe O4 - HKCU\..\Run: [lgbbvb] C:\windows\system32\ggqv1a2lglv.exe O4 - HKCU\..\Run: [gglgb9] C:\windows\system32\qgga6qlb1gq.exe O4 - HKCU\..\Run: [vlaav] C:\windows\system32\a2qlaa1llg.exe O4 - HKCU\..\Run: [aqql1g] C:\windows\system32\v2qlaa1llg.exe O4 - HKCU\..\Run: [qqllg] C:\windows\system32\g21vqggaavl.exe O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 12413 bytes
-
Het lijkt er op dat ik een virus heb.Na wat googlen komt het erg overeen met text enhance, maar dan bij al mijn browsers ipv 1hierbij mijn hijackthis logje:Logfile of Trend Micro HijackThis v2.0.5Scan saved at 0:43:37, on 26-6-2013Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v9.00 (9.00.8112.16490)FIREFOX: 21.0 (nl)Boot mode: NormalRunning processes:C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\windows\system32\Dwm.exeC:\windows\Explorer.EXEC:\windows\system32\taskeng.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\PDF Complete\pdfsty.exeC:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\HP\HP Software Update\hpwuschd2.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exeC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files\Samsung\Kies\Kies.exeC:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXEC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exeC:\windows\system32\wbem\unsecapp.exeC:\Program Files\Hewlett-Packard\Shared\hpqToaster.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\windows\system32\conime.exeC:\Program Files\Opera\opera.exeC:\Users\Rob\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exeC:\Users\Rob\Desktop\hijackthis\HijackThis.exeC:\windows\system32\DllHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - United States | Laptop Computers, Desktops , Printers, Servers and more - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Torrent Search Engine - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - United States | Laptop Computers, Desktops , Printers, Servers and more - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP - United States | Laptop Computers, Desktops , Printers, Servers and more - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)O1 - Hosts: ::1 localhostO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Increase performance and video formats for your HTML5 - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /StartO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exeO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exeO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimizedO4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /minO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [tyntn] C:\windows\system32\dt6ty7yy.exeO4 - HKCU\..\Run: [inytii] C:\windows\system32\yti6ddntd.exeO4 - HKCU\..\Run: [llff5l] C:\windows\system32\avvava7alv.exeO4 - HKCU\..\Run: [avqff1l] C:\windows\system32\l6avllaqq3.exeO4 - HKCU\..\Run: [qvqv7] C:\windows\system32\afaaf41lf.exeO4 - HKCU\..\Run: [qqf9a] C:\windows\system32\falvqllvfav.exeO4 - HKCU\..\Run: [laavaa] C:\windows\system32\qv7alvvqq.exeO4 - HKCU\..\Run: [lfaqqf] C:\windows\system32\vvava7alvvq.exeO4 - HKCU\..\Run: [vqvfqqv] C:\windows\system32\alf6qqf1vlq.exeO4 - HKCU\..\Run: [ynint] C:\windows\system32\niityidyyit.exeO4 - HKCU\..\Run: [diiynn] C:\windows\system32\inyitdnn.exeO4 - HKCU\..\Run: [gvllg] C:\windows\system32\vqggaavllg.exeO4 - HKCU\..\Run: [vvvfaq] C:\windows\system32\fvf4vaqaa6f.exeO4 - HKCU\..\Run: [kffafaq] C:\windows\system32\avafkqakva.exeO4 - HKCU\..\Run: [fqqfvv0] C:\windows\system32\vf4vaqaa6f.exeO4 - HKCU\..\Run: [llggbb] C:\windows\system32\6qqg1vb.exeO4 - HKCU\..\Run: [lgbbvb] C:\windows\system32\ggqv1a2lglv.exeO4 - HKCU\..\Run: [gglgb9] C:\windows\system32\qgga6qlb1gq.exeO4 - HKCU\..\Run: [vlaav] C:\windows\system32\a2qlaa1llg.exeO4 - HKCU\..\Run: [aqql1g] C:\windows\system32\v2qlaa1llg.exeO4 - HKCU\..\Run: [qqllg] C:\windows\system32\g21vqggaavl.exeO4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /runO4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeO4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preloadO4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrunO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exeO4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dllO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXEO23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exeO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exeO23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.ExeO23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exeO23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exeO23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exeO23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe--End of file - 12413 bytes
