Ga naar inhoud

virus sirefef


 Delen

Aanbevolen berichten

Op de computer van mijn vriend is een virus sirefef actief. Zouden jullie mij kunnen helpen? Bij voorbaat dank.

Heb in jullie site reeds opgezocht en hijackthis gedownload. Met dit resultaat.

Graag jullie reactie.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:48:07, on 26-8-2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16446)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Hans & Karin\AppData\Local\Temp\DAT41D0.tmp.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\PROGRA~1\Magentic\bin\MgApp.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Internet explorer\Iexplore.exe

C:\Windows\system32\conime.exe

C:\Program Files\Internet explorer\Iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe

C:\Program Files\Internet explorer\Iexplore.exe

C:\Program Files\Internet explorer\Iexplore.exe

C:\Users\Hans & Karin\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file)

R3 - URLSearchHook: (no name) - {37e17185-b07a-47b3-bd86-c675e4e4b89a} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

O4 - HKCU\..\Run: [DAT41D0.tmp.exe] C:\Users\HANS&K~1\AppData\Local\Temp\DAT41D0.tmp.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Philips Apparaatbeheer.lnk = C:\Program Files\Philips\SA28XX Device Manager\main.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 13673 bytes

Link naar reactie
Delen op andere sites


Ga naar Start – Uitvoeren/Programma’s en bestanden zoeken en tik in: sc stop "Web Assistant Updater"

Druk op Enter.

Ga naar Start – Uitvoeren/Programma’s en bestanden zoeken en tik in: sc delete "Web Assistant Updater"

Druk op Enter.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file)

R3 - URLSearchHook: (no name) - {37e17185-b07a-47b3-bd86-c675e4e4b89a} - (no file)

O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKCU\..\Run: [DAT41D0.tmp.exe] C:\Users\HANS&K~1\AppData\Local\Temp\DAT41D0.tmp.exe

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Verwijder Ask Toolbar of Ask.com via Software (indien aanwezig) of verwijder anders volgende vetgedrukte map : C:\Program Files\Ask.com

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Link naar reactie
Delen op andere sites

Hier zijn de resultaten.

Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300

www.malwarebytes.org

Databaseversie: v2012.08.27.03

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Hans & Karin :: LAPTOPHANSKARIN [administrator]

Realtime bescherming: Ingeschakeld

27-8-2012 11:56:05

mbam-log-2012-08-27 (11-56-05).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 221780

Verstreken tijd: 17 minuut/minuten, 54 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1

HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 1

HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Users\Hans & Karin\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\n. -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 3

C:\Users\Hans & Karin\AppData\Local\Temp\1130820.exe (Trojan.Phex.THAGen1) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Hans & Karin\AppData\Local\Temp\DAT41D0.tmp.exe (Trojan.Phex.THAGen1) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\n (Trojan.Dropper.PE4) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)ijn de resultaten:

Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:42:00, on 27-8-2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16446)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\PROGRA~1\Magentic\bin\MgApp.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe

C:\Program Files\Internet explorer\Iexplore.exe

C:\Program Files\Internet explorer\Iexplore.exe

C:\Program Files\IncrediMail\Bin\ImNotfy.exe

C:\Users\Hans & Karin\Downloads\HijackThis (1).exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Philips Apparaatbeheer.lnk = C:\Program Files\Philips\SA28XX Device Manager\main.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 13009 bytes

Link naar reactie
Delen op andere sites


Ik wil toch nog wat toevoegen.

Ik heb Ask.com met verkenner proberen te verwijderen, want via configuratiescherm was niet mogelijk. Heb niet alle submapjes kunnen verwijderen. Ook de Ask toolbar updater kon ik niet verwijderen (niet gemachtigd).

Er was ook een protection log. Weet niet of dat belangrijk is. Met de volgende inhoud:

2012/08/27 11:54:57 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Starting protection

2012/08/27 11:55:01 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Protection started successfully

2012/08/27 11:55:04 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Starting IP protection

2012/08/27 11:55:04 +0200 LAPTOPHANSKARIN Hans & Karin ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

2012/08/27 11:55:12 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Starting database refresh

2012/08/27 11:55:15 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Database refreshed successfully

2012/08/27 11:55:27 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Starting IP protection

2012/08/27 11:55:27 +0200 LAPTOPHANSKARIN Hans & Karin ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

2012/08/27 12:25:15 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Starting protection

2012/08/27 12:25:22 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Protection started successfully

2012/08/27 12:25:25 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Starting IP protection

2012/08/27 12:25:25 +0200 LAPTOPHANSKARIN Hans & Karin ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

2012/08/27 12:49:10 +0200 LAPTOPHANSKARIN Hans & Karin DETECTION C:\Users\Hans & Karin\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\800000cb.@ Rootkit.0Access ALLOW

2012/08/27 13:02:17 +0200 LAPTOPHANSKARIN Hans & Karin MESSAGE Executing scheduled update: Daily

2012/08/27 13:02:17 +0200 LAPTOPHANSKARIN Hans & Karin ERROR Scheduled update failed: Host not found failed with error code 0

Bedankt weer.

Link naar reactie
Delen op andere sites

Hallo Kape,

De pc is een stuk rustiger geworden. Na het opstarten duurt het een tijdje dat de avira waarschuwing komt, terwijl voorheen steeds Avira meldingen kwamen. Die ik ook niet kon verwijderen. Dus een stuk beter. Onder het typen zie ik zelfs geen waarschuwing.

Na het opstarten, meldt Avira echter nog steeds de Sirefef. Heb een uur terug opnieuw opgestart: toen werden er nog 3 waarschuwingen gegeven: Sirefef en TR/ATRAPS.Gen en TR/ATRAPS.Gen2. Nu wordt dus alleen nog Sirefef gemeld.

Graag hoor ik van je.

Gerty

Link naar reactie
Delen op andere sites


Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Link naar reactie
Delen op andere sites

Hallo Kape,

Heb voor de tdsskiller-scan een scan gemaakt met Avira. 18 Stuks verwijderd.

Eigenlijk waren er toen al geen waarschuwingen van Avira meer.

Heb toch nog de TDSSKiller laten scannen. Volgens mij zonder traceringen. Zal de log hierbij weergeven.

Zoals het er nu uitziet, is alles weer in orde.

Natuurlijk weer hartelijk dank voor de begeleiding.

Heb ik toch nog 2 vragen:

- is een geinfecteerde pc van iemand anders een bedreiging voor mijn netwerk c.q. mijn eigen apparatuur (heb zelf apple Imac en Ipad).

- wat is nu eigenlijk de oorzaak geweest van deze infectie. Ofwel, van welke sites moeten we afblijven.

Graag hoor ik dat nog van je.

Gerty

Hier dan de log:

21:54:28.0951 4396 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

21:54:29.0076 4396 ============================================================

21:54:29.0076 4396 Current date / time: 2012/08/27 21:54:29.0076

21:54:29.0076 4396 SystemInfo:

21:54:29.0076 4396

21:54:29.0076 4396 OS Version: 6.0.6002 ServicePack: 2.0

21:54:29.0076 4396 Product type: Workstation

21:54:29.0076 4396 ComputerName: LAPTOPHANSKARIN

21:54:29.0076 4396 UserName: Hans & Karin

21:54:29.0076 4396 Windows directory: C:\Windows

21:54:29.0076 4396 System windows directory: C:\Windows

21:54:29.0076 4396 Processor architecture: Intel x86

21:54:29.0076 4396 Number of processors: 2

21:54:29.0076 4396 Page size: 0x1000

21:54:29.0076 4396 Boot type: Normal boot

21:54:29.0076 4396 ============================================================

21:54:30.0589 4396 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

21:54:30.0589 4396 ============================================================

21:54:30.0589 4396 \Device\Harddisk0\DR0:

21:54:30.0589 4396 MBR partitions:

21:54:30.0589 4396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BFE7FC1

21:54:30.0589 4396 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BFE8000, BlocksNum 0x11DC000

21:54:30.0589 4396 ============================================================

21:54:30.0589 4396 C: <-> \Device\Harddisk0\DR0\Partition1

21:54:30.0683 4396 D: <-> \Device\Harddisk0\DR0\Partition2

21:54:30.0683 4396 ============================================================

21:54:30.0683 4396 Initialize success

21:54:30.0683 4396 ============================================================

21:55:23.0442 2872 ============================================================

21:55:23.0442 2872 Scan started

21:55:23.0442 2872 Mode: Manual;

21:55:23.0442 2872 ============================================================

21:55:24.0924 2872 ================ Scan system memory ========================

21:55:24.0924 2872 System memory - ok

21:55:24.0924 2872 ================ Scan services =============================

21:55:25.0049 2872 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

21:55:25.0049 2872 !SASCORE - ok

21:55:25.0329 2872 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

21:55:25.0329 2872 ACPI - ok

21:55:25.0407 2872 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

21:55:25.0407 2872 AdobeFlashPlayerUpdateSvc - ok

21:55:25.0454 2872 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

21:55:25.0470 2872 adp94xx - ok

21:55:25.0485 2872 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys

21:55:25.0501 2872 adpahci - ok

21:55:25.0517 2872 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

21:55:25.0532 2872 adpu160m - ok

21:55:25.0548 2872 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

21:55:25.0548 2872 adpu320 - ok

21:55:25.0610 2872 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

21:55:25.0610 2872 AeLookupSvc - ok

21:55:25.0688 2872 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

21:55:25.0704 2872 AFD - ok

21:55:25.0719 2872 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys

21:55:25.0735 2872 agp440 - ok

21:55:25.0766 2872 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

21:55:25.0766 2872 aic78xx - ok

21:55:25.0782 2872 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

21:55:25.0782 2872 ALG - ok

21:55:25.0797 2872 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys

21:55:25.0797 2872 aliide - ok

21:55:25.0813 2872 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys

21:55:25.0829 2872 amdagp - ok

21:55:25.0844 2872 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys

21:55:25.0844 2872 amdide - ok

21:55:25.0875 2872 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

21:55:25.0875 2872 AmdK7 - ok

21:55:25.0907 2872 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

21:55:25.0907 2872 AmdK8 - ok

21:55:25.0969 2872 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe

21:55:25.0969 2872 AntiVirSchedulerService - ok

21:55:26.0000 2872 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe

21:55:26.0016 2872 AntiVirService - ok

21:55:26.0047 2872 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

21:55:26.0047 2872 Appinfo - ok

21:55:26.0234 2872 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:55:26.0250 2872 Apple Mobile Device - ok

21:55:26.0281 2872 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys

21:55:26.0281 2872 arc - ok

21:55:26.0312 2872 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys

21:55:26.0328 2872 arcsas - ok

21:55:26.0359 2872 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

21:55:26.0359 2872 AsyncMac - ok

21:55:26.0406 2872 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

21:55:26.0406 2872 atapi - ok

21:55:26.0453 2872 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys

21:55:26.0499 2872 athr - ok

21:55:26.0546 2872 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:55:26.0562 2872 AudioEndpointBuilder - ok

21:55:26.0562 2872 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

21:55:26.0577 2872 Audiosrv - ok

21:55:26.0624 2872 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys

21:55:26.0640 2872 avgntflt - ok

21:55:26.0671 2872 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys

21:55:26.0687 2872 avipbb - ok

21:55:26.0702 2872 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys

21:55:26.0718 2872 avkmgr - ok

21:55:26.0780 2872 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys

21:55:26.0796 2872 BCM43XV - ok

21:55:26.0843 2872 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

21:55:26.0843 2872 Beep - ok

21:55:26.0858 2872 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

21:55:26.0874 2872 blbdrive - ok

21:55:26.0936 2872 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

21:55:26.0952 2872 Bonjour Service - ok

21:55:26.0983 2872 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

21:55:26.0999 2872 bowser - ok

21:55:27.0030 2872 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

21:55:27.0030 2872 BrFiltLo - ok

21:55:27.0061 2872 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

21:55:27.0061 2872 BrFiltUp - ok

21:55:27.0108 2872 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

21:55:27.0108 2872 Browser - ok

21:55:27.0139 2872 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

21:55:27.0170 2872 Brserid - ok

21:55:27.0217 2872 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

21:55:27.0233 2872 BrSerWdm - ok

21:55:27.0248 2872 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

21:55:27.0264 2872 BrUsbMdm - ok

21:55:27.0279 2872 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

21:55:27.0279 2872 BrUsbSer - ok

21:55:27.0357 2872 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

21:55:27.0373 2872 BTHMODEM - ok

21:55:27.0467 2872 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

21:55:27.0467 2872 cdfs - ok

21:55:27.0529 2872 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

21:55:27.0529 2872 cdrom - ok

21:55:27.0576 2872 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

21:55:27.0576 2872 CertPropSvc - ok

21:55:27.0591 2872 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys

21:55:27.0623 2872 circlass - ok

21:55:27.0669 2872 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

21:55:27.0685 2872 CLFS - ok

21:55:27.0763 2872 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:55:27.0779 2872 clr_optimization_v2.0.50727_32 - ok

21:55:27.0857 2872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:55:27.0857 2872 clr_optimization_v4.0.30319_32 - ok

21:55:27.0872 2872 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

21:55:27.0872 2872 CmBatt - ok

21:55:27.0888 2872 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys

21:55:27.0903 2872 cmdide - ok

21:55:27.0950 2872 [ DDA0CB141150FEF87419926790CD26C8 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys

21:55:27.0950 2872 CnxtHdAudService - ok

21:55:27.0997 2872 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

21:55:28.0013 2872 Com4QLBEx - ok

21:55:28.0013 2872 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

21:55:28.0013 2872 Compbatt - ok

21:55:28.0044 2872 COMSysApp - ok

21:55:28.0059 2872 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

21:55:28.0075 2872 crcdisk - ok

21:55:28.0091 2872 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys

21:55:28.0106 2872 Crusoe - ok

21:55:28.0169 2872 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll

21:55:28.0169 2872 CryptSvc - ok

21:55:28.0215 2872 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

21:55:28.0231 2872 DcomLaunch - ok

21:55:28.0340 2872 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

21:55:28.0356 2872 DfsC - ok

21:55:28.0434 2872 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

21:55:28.0496 2872 DFSR - ok

21:55:28.0559 2872 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

21:55:28.0559 2872 Dhcp - ok

21:55:28.0605 2872 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

21:55:28.0637 2872 disk - ok

21:55:28.0699 2872 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

21:55:28.0699 2872 Dnscache - ok

21:55:28.0730 2872 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

21:55:28.0746 2872 dot3svc - ok

21:55:28.0761 2872 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

21:55:28.0761 2872 DPS - ok

21:55:28.0808 2872 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

21:55:28.0808 2872 drmkaud - ok

21:55:28.0855 2872 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

21:55:28.0871 2872 DXGKrnl - ok

21:55:28.0902 2872 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

21:55:28.0902 2872 E1G60 - ok

21:55:28.0933 2872 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

21:55:28.0933 2872 EapHost - ok

21:55:28.0980 2872 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

21:55:28.0995 2872 Ecache - ok

21:55:29.0058 2872 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

21:55:29.0073 2872 ehRecvr - ok

21:55:29.0089 2872 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

21:55:29.0105 2872 ehSched - ok

21:55:29.0120 2872 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

21:55:29.0120 2872 ehstart - ok

21:55:29.0151 2872 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys

21:55:29.0183 2872 elxstor - ok

21:55:29.0292 2872 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

21:55:29.0292 2872 EMDMgmt - ok

21:55:29.0323 2872 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys

21:55:29.0323 2872 ErrDev - ok

21:55:29.0370 2872 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

21:55:29.0370 2872 EventSystem - ok

21:55:29.0417 2872 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

21:55:29.0432 2872 exfat - ok

21:55:29.0463 2872 [ 42F721C52EEF2D6DF9372A53813A83EF ] ezSharedSvc C:\Windows\System32\ezsvc7.dll

21:55:29.0479 2872 ezSharedSvc - ok

21:55:29.0526 2872 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

21:55:29.0541 2872 fastfat - ok

21:55:29.0573 2872 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

21:55:29.0588 2872 fdc - ok

21:55:29.0619 2872 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

21:55:29.0619 2872 fdPHost - ok

21:55:29.0635 2872 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

21:55:29.0635 2872 FDResPub - ok

21:55:29.0666 2872 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

21:55:29.0666 2872 FileInfo - ok

21:55:29.0838 2872 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

21:55:29.0869 2872 Filetrace - ok

21:55:29.0900 2872 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

21:55:29.0931 2872 flpydisk - ok

21:55:29.0978 2872 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

21:55:29.0994 2872 FltMgr - ok

21:55:30.0041 2872 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

21:55:30.0056 2872 FontCache - ok

21:55:30.0119 2872 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

21:55:30.0134 2872 FontCache3.0.0.0 - ok

21:55:30.0150 2872 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

21:55:30.0150 2872 Fs_Rec - ok

21:55:30.0165 2872 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

21:55:30.0197 2872 gagp30kx - ok

21:55:30.0306 2872 [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

21:55:30.0321 2872 GameConsoleService - ok

21:55:30.0384 2872 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:55:30.0384 2872 GEARAspiWDM - ok

21:55:30.0431 2872 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

21:55:30.0446 2872 gpsvc - ok

21:55:30.0540 2872 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

21:55:30.0540 2872 gupdate - ok

21:55:30.0540 2872 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

21:55:30.0540 2872 gupdatem - ok

21:55:30.0587 2872 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

21:55:30.0602 2872 HdAudAddService - ok

21:55:30.0680 2872 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

21:55:30.0696 2872 HDAudBus - ok

21:55:30.0711 2872 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

21:55:30.0711 2872 HidBth - ok

21:55:30.0727 2872 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

21:55:30.0727 2872 HidIr - ok

21:55:30.0758 2872 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll

21:55:30.0758 2872 hidserv - ok

21:55:30.0789 2872 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

21:55:30.0789 2872 HidUsb - ok

21:55:30.0821 2872 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

21:55:30.0821 2872 hkmsvc - ok

21:55:30.0867 2872 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

21:55:30.0867 2872 HP Health Check Service - ok

21:55:30.0883 2872 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

21:55:30.0899 2872 HpCISSs - ok

21:55:30.0961 2872 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

21:55:30.0961 2872 hpqcxs08 - ok

21:55:30.0992 2872 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

21:55:30.0992 2872 hpqddsvc - ok

21:55:31.0023 2872 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

21:55:31.0023 2872 HpqKbFiltr - ok

21:55:31.0055 2872 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

21:55:31.0055 2872 hpqwmiex - ok

21:55:31.0086 2872 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL

21:55:31.0101 2872 HPSLPSVC - ok

21:55:31.0148 2872 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS

21:55:31.0164 2872 HSFHWAZL - ok

21:55:31.0226 2872 [ CC267848CB3508E72762BE65734E764D ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys

21:55:31.0257 2872 HSF_DPV - ok

21:55:31.0273 2872 [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys

21:55:31.0289 2872 HSXHWAZL - ok

21:55:31.0335 2872 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

21:55:31.0335 2872 HTTP - ok

21:55:31.0367 2872 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys

21:55:31.0367 2872 i2omp - ok

21:55:31.0398 2872 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

21:55:31.0413 2872 i8042prt - ok

21:55:31.0445 2872 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

21:55:31.0460 2872 iaStorV - ok

21:55:31.0523 2872 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

21:55:31.0538 2872 IDriverT - ok

21:55:31.0632 2872 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

21:55:31.0694 2872 idsvc - ok

21:55:31.0975 2872 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys

21:55:32.0240 2872 igfx - ok

21:55:32.0318 2872 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

21:55:32.0318 2872 iirsp - ok

21:55:32.0365 2872 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

21:55:32.0365 2872 IKEEXT - ok

21:55:32.0412 2872 [ AB8B0206BCDFF0ED03CEC500FA03A32A ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys

21:55:32.0412 2872 IntcHdmiAddService - ok

21:55:32.0459 2872 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys

21:55:32.0459 2872 intelide - ok

21:55:32.0474 2872 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

21:55:32.0474 2872 intelppm - ok

21:55:32.0505 2872 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

21:55:32.0521 2872 IPBusEnum - ok

21:55:32.0537 2872 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:55:32.0537 2872 IpFilterDriver - ok

21:55:32.0552 2872 IpInIp - ok

21:55:32.0568 2872 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

21:55:32.0568 2872 IPMIDRV - ok

21:55:32.0599 2872 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

21:55:32.0599 2872 IPNAT - ok

21:55:32.0646 2872 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

21:55:32.0677 2872 iPod Service - ok

21:55:32.0708 2872 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

21:55:32.0708 2872 IRENUM - ok

21:55:32.0739 2872 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys

21:55:32.0739 2872 isapnp - ok

21:55:32.0786 2872 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

21:55:32.0786 2872 iScsiPrt - ok

21:55:32.0802 2872 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

21:55:32.0802 2872 iteatapi - ok

21:55:32.0817 2872 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

21:55:32.0817 2872 iteraid - ok

21:55:32.0849 2872 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

21:55:32.0849 2872 kbdclass - ok

21:55:32.0880 2872 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

21:55:32.0880 2872 kbdhid - ok

21:55:32.0927 2872 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

21:55:32.0927 2872 KeyIso - ok

21:55:32.0958 2872 [ 2B2F1638466E8CB091400C9019CC730E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

21:55:32.0973 2872 KSecDD - ok

21:55:33.0005 2872 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

21:55:33.0005 2872 KtmRm - ok

21:55:33.0051 2872 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll

21:55:33.0051 2872 LanmanServer - ok

21:55:33.0114 2872 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:55:33.0114 2872 LanmanWorkstation - ok

21:55:33.0176 2872 [ 984ECB68ED2A2B2E6A544E87E24FBA2D ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

21:55:33.0176 2872 LightScribeService - ok

21:55:33.0192 2872 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

21:55:33.0207 2872 lltdio - ok

21:55:33.0223 2872 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

21:55:33.0239 2872 lltdsvc - ok

21:55:33.0270 2872 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

21:55:33.0270 2872 lmhosts - ok

21:55:33.0301 2872 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

21:55:33.0301 2872 LSI_FC - ok

21:55:33.0332 2872 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

21:55:33.0332 2872 LSI_SAS - ok

21:55:33.0363 2872 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

21:55:33.0395 2872 LSI_SCSI - ok

21:55:33.0395 2872 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

21:55:33.0410 2872 luafv - ok

21:55:33.0441 2872 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

21:55:33.0441 2872 MBAMProtector - ok

21:55:33.0551 2872 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

21:55:33.0566 2872 MBAMService - ok

21:55:33.0613 2872 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

21:55:33.0613 2872 Mcx2Svc - ok

21:55:33.0644 2872 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys

21:55:33.0644 2872 mdmxsdk - ok

21:55:33.0660 2872 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys

21:55:33.0660 2872 megasas - ok

21:55:33.0722 2872 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys

21:55:33.0738 2872 MegaSR - ok

21:55:33.0847 2872 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

21:55:33.0847 2872 Microsoft Office Groove Audit Service - ok

21:55:33.0878 2872 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

21:55:33.0894 2872 MMCSS - ok

21:55:33.0909 2872 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

21:55:33.0909 2872 Modem - ok

21:55:33.0925 2872 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

21:55:33.0925 2872 monitor - ok

21:55:33.0956 2872 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

21:55:33.0956 2872 mouclass - ok

21:55:33.0972 2872 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

21:55:33.0987 2872 mouhid - ok

21:55:34.0003 2872 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

21:55:34.0003 2872 MountMgr - ok

21:55:34.0019 2872 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys

21:55:34.0034 2872 mpio - ok

21:55:34.0050 2872 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

21:55:34.0065 2872 mpsdrv - ok

21:55:34.0081 2872 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

21:55:34.0097 2872 Mraid35x - ok

21:55:34.0128 2872 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

21:55:34.0128 2872 MRxDAV - ok

21:55:34.0159 2872 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

21:55:34.0175 2872 mrxsmb - ok

21:55:34.0206 2872 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:55:34.0221 2872 mrxsmb10 - ok

21:55:34.0237 2872 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:55:34.0253 2872 mrxsmb20 - ok

21:55:34.0299 2872 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys

21:55:34.0299 2872 msahci - ok

21:55:34.0315 2872 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys

21:55:34.0315 2872 msdsm - ok

21:55:34.0346 2872 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

21:55:34.0362 2872 MSDTC - ok

21:55:34.0393 2872 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

21:55:34.0393 2872 Msfs - ok

21:55:34.0502 2872 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

21:55:34.0518 2872 msisadrv - ok

21:55:34.0549 2872 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

21:55:34.0549 2872 MSiSCSI - ok

21:55:34.0580 2872 msiserver - ok

21:55:34.0596 2872 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

21:55:34.0596 2872 MSKSSRV - ok

21:55:34.0643 2872 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

21:55:34.0643 2872 MSPCLOCK - ok

21:55:34.0658 2872 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

21:55:34.0674 2872 MSPQM - ok

21:55:34.0736 2872 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

21:55:34.0736 2872 MsRPC - ok

21:55:34.0752 2872 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

21:55:34.0752 2872 mssmbios - ok

21:55:34.0767 2872 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

21:55:34.0767 2872 MSTEE - ok

21:55:34.0783 2872 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

21:55:34.0783 2872 Mup - ok

21:55:34.0830 2872 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

21:55:34.0830 2872 napagent - ok

21:55:34.0877 2872 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

21:55:34.0892 2872 NativeWifiP - ok

21:55:34.0939 2872 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

21:55:34.0939 2872 NDIS - ok

21:55:34.0955 2872 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

21:55:34.0970 2872 NdisTapi - ok

21:55:34.0970 2872 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

21:55:34.0986 2872 Ndisuio - ok

21:55:35.0001 2872 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

21:55:35.0001 2872 NdisWan - ok

21:55:35.0033 2872 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

21:55:35.0033 2872 NDProxy - ok

21:55:35.0079 2872 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

21:55:35.0079 2872 Net Driver HPZ12 - ok

21:55:35.0095 2872 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

21:55:35.0111 2872 NetBIOS - ok

21:55:35.0142 2872 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

21:55:35.0157 2872 netbt - ok

21:55:35.0157 2872 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

21:55:35.0173 2872 Netlogon - ok

21:55:35.0189 2872 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

21:55:35.0204 2872 Netman - ok

21:55:35.0220 2872 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

21:55:35.0235 2872 netprofm - ok

21:55:35.0251 2872 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:55:35.0282 2872 NetTcpPortSharing - ok

21:55:35.0298 2872 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

21:55:35.0313 2872 nfrd960 - ok

21:55:35.0407 2872 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

21:55:35.0407 2872 NlaSvc - ok

21:55:35.0454 2872 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

21:55:35.0454 2872 Npfs - ok

21:55:35.0469 2872 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

21:55:35.0485 2872 nsi - ok

21:55:35.0547 2872 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

21:55:35.0547 2872 nsiproxy - ok

21:55:35.0625 2872 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

21:55:35.0672 2872 Ntfs - ok

21:55:35.0688 2872 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

21:55:35.0703 2872 ntrigdigi - ok

21:55:35.0719 2872 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

21:55:35.0719 2872 Null - ok

21:55:35.0781 2872 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys

21:55:35.0797 2872 NVENETFD - ok

21:55:35.0828 2872 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys

21:55:35.0844 2872 nvraid - ok

21:55:35.0859 2872 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys

21:55:35.0859 2872 nvstor - ok

21:55:35.0891 2872 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

21:55:35.0906 2872 nv_agp - ok

21:55:35.0906 2872 NwlnkFlt - ok

21:55:35.0922 2872 NwlnkFwd - ok

21:55:36.0000 2872 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

21:55:36.0015 2872 odserv - ok

21:55:36.0047 2872 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

21:55:36.0047 2872 ohci1394 - ok

21:55:36.0093 2872 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:55:36.0109 2872 ose - ok

21:55:36.0156 2872 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

21:55:36.0187 2872 p2pimsvc - ok

21:55:36.0203 2872 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

21:55:36.0218 2872 p2psvc - ok

21:55:36.0234 2872 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

21:55:36.0249 2872 Parport - ok

21:55:36.0281 2872 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

21:55:36.0296 2872 partmgr - ok

21:55:36.0312 2872 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

21:55:36.0312 2872 Parvdm - ok

21:55:36.0359 2872 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

21:55:36.0359 2872 PcaSvc - ok

21:55:36.0405 2872 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

21:55:36.0405 2872 pci - ok

21:55:36.0437 2872 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys

21:55:36.0437 2872 pciide - ok

21:55:36.0468 2872 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

21:55:36.0483 2872 pcmcia - ok

21:55:36.0515 2872 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

21:55:36.0561 2872 PEAUTH - ok

21:55:36.0624 2872 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

21:55:36.0671 2872 pla - ok

21:55:36.0717 2872 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

21:55:36.0717 2872 PlugPlay - ok

21:55:36.0749 2872 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

21:55:36.0764 2872 Pml Driver HPZ12 - ok

21:55:36.0795 2872 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

21:55:36.0811 2872 PNRPAutoReg - ok

21:55:36.0827 2872 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

21:55:36.0827 2872 PNRPsvc - ok

21:55:36.0858 2872 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

21:55:36.0873 2872 PolicyAgent - ok

21:55:36.0905 2872 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

21:55:36.0905 2872 PptpMiniport - ok

21:55:36.0920 2872 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys

21:55:36.0936 2872 Processor - ok

21:55:36.0951 2872 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

21:55:36.0951 2872 ProfSvc - ok

21:55:36.0967 2872 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

21:55:36.0967 2872 ProtectedStorage - ok

21:55:37.0014 2872 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

21:55:37.0014 2872 PSched - ok

21:55:37.0077 2872 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

21:55:37.0108 2872 ql2300 - ok

21:55:37.0124 2872 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

21:55:37.0140 2872 ql40xx - ok

21:55:37.0171 2872 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

21:55:37.0186 2872 QWAVE - ok

21:55:37.0218 2872 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

21:55:37.0218 2872 QWAVEdrv - ok

21:55:37.0233 2872 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

21:55:37.0233 2872 RasAcd - ok

21:55:37.0264 2872 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

21:55:37.0264 2872 RasAuto - ok

21:55:37.0327 2872 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

21:55:37.0327 2872 Rasl2tp - ok

21:55:37.0389 2872 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

21:55:37.0389 2872 RasMan - ok

21:55:37.0483 2872 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

21:55:37.0483 2872 RasPppoe - ok

21:55:37.0514 2872 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

21:55:37.0530 2872 RasSstp - ok

21:55:37.0561 2872 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

21:55:37.0732 2872 rdbss - ok

21:55:37.0748 2872 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

21:55:37.0748 2872 RDPCDD - ok

21:55:37.0795 2872 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

21:55:37.0795 2872 rdpdr - ok

21:55:37.0810 2872 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

21:55:37.0810 2872 RDPENCDD - ok

21:55:37.0857 2872 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

21:55:37.0873 2872 RDPWD - ok

21:55:37.0951 2872 [ 431723F23D0E065BEF502389E8FFDC10 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe

21:55:37.0966 2872 Recovery Service for Windows - ok

21:55:37.0998 2872 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

21:55:38.0013 2872 RemoteAccess - ok

21:55:38.0060 2872 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

21:55:38.0060 2872 RemoteRegistry - ok

21:55:38.0138 2872 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe

21:55:38.0154 2872 RichVideo - ok

21:55:38.0169 2872 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

21:55:38.0169 2872 RpcLocator - ok

21:55:38.0200 2872 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

21:55:38.0216 2872 RpcSs - ok

21:55:38.0247 2872 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

21:55:38.0247 2872 rspndr - ok

21:55:38.0294 2872 [ 125C504A34D0A2E152517E342E7E432C ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

21:55:38.0294 2872 RTL8169 - ok

21:55:38.0325 2872 [ B0538DEA03E088B80482CA939F4E8740 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS

21:55:38.0325 2872 RTSTOR - ok

21:55:38.0341 2872 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

21:55:38.0341 2872 SamSs - ok

21:55:38.0419 2872 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

21:55:38.0419 2872 SASDIFSV - ok

21:55:38.0450 2872 [ 77B9FC20084B48408AD3E87570EB4A85 ] SAS***IL C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS

21:55:38.0450 2872 SAS***IL - ok

21:55:38.0466 2872 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

21:55:38.0481 2872 sbp2port - ok

21:55:38.0512 2872 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

21:55:38.0512 2872 SCardSvr - ok

21:55:38.0559 2872 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

21:55:38.0590 2872 Schedule - ok

21:55:38.0622 2872 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

21:55:38.0622 2872 SCPolicySvc - ok

21:55:38.0637 2872 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

21:55:38.0637 2872 SDRSVC - ok

21:55:38.0668 2872 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

21:55:38.0684 2872 secdrv - ok

21:55:38.0700 2872 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

21:55:38.0700 2872 seclogon - ok

21:55:38.0715 2872 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll

21:55:38.0715 2872 SENS - ok

21:55:38.0746 2872 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

21:55:38.0762 2872 Serenum - ok

21:55:38.0793 2872 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

21:55:38.0793 2872 Serial - ok

21:55:38.0824 2872 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

21:55:38.0824 2872 sermouse - ok

21:55:38.0856 2872 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

21:55:38.0871 2872 SessionEnv - ok

21:55:38.0887 2872 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

21:55:38.0887 2872 sffdisk - ok

21:55:38.0918 2872 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

21:55:38.0918 2872 sffp_mmc - ok

21:55:38.0934 2872 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

21:55:38.0934 2872 sffp_sd - ok

21:55:38.0949 2872 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

21:55:38.0949 2872 sfloppy - ok

21:55:38.0996 2872 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:55:39.0012 2872 ShellHWDetection - ok

21:55:39.0027 2872 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys

21:55:39.0027 2872 sisagp - ok

21:55:39.0058 2872 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

21:55:39.0058 2872 SiSRaid2 - ok

21:55:39.0090 2872 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

21:55:39.0090 2872 SiSRaid4 - ok

21:55:39.0152 2872 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

21:55:39.0214 2872 SkypeUpdate - ok

21:55:39.0355 2872 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

21:55:39.0417 2872 slsvc - ok

21:55:39.0495 2872 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

21:55:39.0511 2872 SLUINotify - ok

21:55:39.0542 2872 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

21:55:39.0558 2872 Smb - ok

21:55:39.0589 2872 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

21:55:39.0589 2872 SNMPTRAP - ok

21:55:39.0604 2872 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

21:55:39.0620 2872 spldr - ok

21:55:39.0667 2872 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

21:55:39.0667 2872 Spooler - ok

21:55:39.0714 2872 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

21:55:39.0729 2872 srv - ok

21:55:39.0792 2872 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

21:55:39.0807 2872 srv2 - ok

21:55:39.0823 2872 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

21:55:39.0838 2872 srvnet - ok

21:55:39.0854 2872 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

21:55:39.0854 2872 SSDPSRV - ok

21:55:39.0885 2872 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys

21:55:39.0885 2872 ssmdrv - ok

21:55:39.0916 2872 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

21:55:39.0916 2872 SstpSvc - ok

21:55:39.0948 2872 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

21:55:39.0948 2872 StillCam - ok

21:55:40.0010 2872 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

21:55:40.0041 2872 stisvc - ok

21:55:40.0072 2872 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

21:55:40.0072 2872 swenum - ok

21:55:40.0119 2872 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

21:55:40.0119 2872 swprv - ok

21:55:40.0135 2872 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

21:55:40.0150 2872 Symc8xx - ok

21:55:40.0166 2872 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

21:55:40.0166 2872 Sym_hi - ok

21:55:40.0182 2872 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

21:55:40.0182 2872 Sym_u3 - ok

21:55:40.0228 2872 [ 00B19F27858F56181EDB58B71A7C67A0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

21:55:40.0228 2872 SynTP - ok

21:55:40.0291 2872 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

21:55:40.0338 2872 SysMain - ok

21:55:40.0400 2872 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:55:40.0400 2872 TabletInputService - ok

21:55:40.0603 2872 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

21:55:40.0634 2872 TapiSrv - ok

21:55:40.0665 2872 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

21:55:40.0665 2872 TBS - ok

21:55:40.0728 2872 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

21:55:40.0774 2872 Tcpip - ok

21:55:40.0806 2872 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

21:55:40.0806 2872 Tcpip6 - ok

21:55:40.0837 2872 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

21:55:40.0852 2872 tcpipreg - ok

21:55:40.0884 2872 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

21:55:40.0884 2872 TDPIPE - ok

21:55:40.0915 2872 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

21:55:40.0915 2872 TDTCP - ok

21:55:40.0977 2872 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

21:55:41.0008 2872 tdx - ok

21:55:41.0040 2872 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

21:55:41.0040 2872 TermDD - ok

21:55:41.0102 2872 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

21:55:41.0102 2872 TermService - ok

21:55:41.0227 2872 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

21:55:41.0227 2872 Themes - ok

21:55:41.0274 2872 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

21:55:41.0274 2872 THREADORDER - ok

21:55:41.0414 2872 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

21:55:41.0414 2872 TrkWks - ok

21:55:41.0601 2872 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:55:41.0601 2872 TrustedInstaller - ok

21:55:41.0695 2872 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

21:55:41.0695 2872 tssecsrv - ok

21:55:41.0726 2872 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

21:55:41.0726 2872 tunmp - ok

21:55:41.0757 2872 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

21:55:41.0757 2872 tunnel - ok

21:55:41.0804 2872 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys

21:55:41.0882 2872 uagp35 - ok

21:55:41.0929 2872 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

21:55:41.0944 2872 udfs - ok

21:55:41.0991 2872 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

21:55:42.0022 2872 UI0Detect - ok

21:55:42.0054 2872 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

21:55:42.0069 2872 uliagpkx - ok

21:55:42.0100 2872 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys

21:55:42.0100 2872 uliahci - ok

21:55:42.0116 2872 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

21:55:42.0116 2872 UlSata - ok

21:55:42.0132 2872 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

21:55:42.0147 2872 ulsata2 - ok

21:55:42.0163 2872 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

21:55:42.0163 2872 umbus - ok

21:55:42.0303 2872 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

21:55:42.0319 2872 upnphost - ok

21:55:42.0444 2872 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys

21:55:42.0444 2872 USBAAPL - ok

21:55:42.0475 2872 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

21:55:42.0475 2872 usbccgp - ok

21:55:42.0506 2872 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

21:55:42.0522 2872 usbcir - ok

21:55:42.0553 2872 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

21:55:42.0568 2872 usbehci - ok

21:55:42.0600 2872 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

21:55:42.0615 2872 usbhub - ok

21:55:42.0631 2872 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

21:55:42.0631 2872 usbohci - ok

21:55:42.0662 2872 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys

21:55:42.0662 2872 usbprint - ok

21:55:42.0693 2872 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:55:42.0693 2872 USBSTOR - ok

21:55:42.0724 2872 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

21:55:42.0724 2872 usbuhci - ok

21:55:42.0787 2872 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

21:55:42.0787 2872 usbvideo - ok

21:55:42.0834 2872 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

21:55:42.0834 2872 UxSms - ok

21:55:42.0896 2872 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

21:55:42.0927 2872 vds - ok

21:55:42.0943 2872 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

21:55:42.0958 2872 vga - ok

21:55:42.0974 2872 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

21:55:42.0974 2872 VgaSave - ok

21:55:43.0005 2872 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys

21:55:43.0021 2872 viaagp - ok

21:55:43.0036 2872 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys

21:55:43.0036 2872 ViaC7 - ok

21:55:43.0068 2872 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys

21:55:43.0099 2872 viaide - ok

21:55:43.0114 2872 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

21:55:43.0130 2872 volmgr - ok

21:55:43.0177 2872 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

21:55:43.0208 2872 volmgrx - ok

21:55:43.0255 2872 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys

21:55:43.0270 2872 volsnap - ok

21:55:43.0302 2872 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

21:55:43.0317 2872 vsmraid - ok

21:55:43.0380 2872 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

21:55:43.0395 2872 VSS - ok

21:55:43.0426 2872 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

21:55:43.0442 2872 W32Time - ok

21:55:43.0489 2872 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

21:55:43.0489 2872 WacomPen - ok

21:55:43.0536 2872 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

21:55:43.0536 2872 Wanarp - ok

21:55:43.0551 2872 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

21:55:43.0551 2872 Wanarpv6 - ok

21:55:43.0660 2872 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

21:55:43.0692 2872 wcncsvc - ok

21:55:43.0723 2872 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:55:43.0723 2872 WcsPlugInService - ok

21:55:43.0816 2872 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys

21:55:43.0832 2872 Wd - ok

21:55:43.0879 2872 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

21:55:43.0910 2872 Wdf01000 - ok

21:55:43.0926 2872 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

21:55:43.0926 2872 WdiServiceHost - ok

21:55:43.0941 2872 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

21:55:43.0941 2872 WdiSystemHost - ok

21:55:44.0160 2872 [ 68CCD4964E503E2FC16078D11F373E8F ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

21:55:44.0175 2872 Web Assistant Updater - ok

21:55:44.0253 2872 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

21:55:44.0269 2872 WebClient - ok

21:55:44.0440 2872 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

21:55:44.0456 2872 Wecsvc - ok

21:55:44.0487 2872 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

21:55:44.0503 2872 wercplsupport - ok

21:55:44.0581 2872 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

21:55:44.0596 2872 WerSvc - ok

21:55:44.0721 2872 [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys

21:55:44.0752 2872 winachsf - ok

21:55:44.0752 2872 WinHttpAutoProxySvc - ok

21:55:44.0862 2872 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

21:55:44.0908 2872 Winmgmt - ok

21:55:45.0298 2872 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

21:55:45.0345 2872 WinRM - ok

21:55:45.0408 2872 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

21:55:45.0423 2872 Wlansvc - ok

21:55:45.0907 2872 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:55:45.0954 2872 wlidsvc - ok

21:55:46.0110 2872 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

21:55:46.0110 2872 WmiAcpi - ok

21:55:46.0266 2872 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

21:55:46.0328 2872 wmiApSrv - ok

21:55:46.0422 2872 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

21:55:46.0437 2872 WMPNetworkSvc - ok

21:55:46.0531 2872 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

21:55:46.0578 2872 WPCSvc - ok

21:55:46.0609 2872 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

21:55:46.0624 2872 WPDBusEnum - ok

21:55:46.0718 2872 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

21:55:46.0718 2872 WpdUsb - ok

21:55:46.0936 2872 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

21:55:46.0968 2872 WPFFontCache_v0400 - ok

21:55:46.0983 2872 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

21:55:46.0983 2872 ws2ifsl - ok

21:55:46.0999 2872 WSearch - ok

21:55:47.0030 2872 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

21:55:47.0046 2872 WUDFRd - ok

21:55:47.0077 2872 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll

21:55:47.0077 2872 wudfsvc - ok

21:55:47.0092 2872 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys

21:55:47.0108 2872 XAudio - ok

21:55:47.0124 2872 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe

21:55:47.0139 2872 XAudioService - ok

21:55:47.0155 2872 ================ Scan global ===============================

21:55:47.0186 2872 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

21:55:47.0295 2872 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

21:55:47.0342 2872 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

21:55:47.0451 2872 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

21:55:47.0467 2872 [Global] - ok

21:55:47.0467 2872 ================ Scan MBR ==================================

21:55:47.0514 2872 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0

21:55:48.0824 2872 \Device\Harddisk0\DR0 - ok

21:55:48.0824 2872 ================ Scan VBR ==================================

21:55:48.0871 2872 [ A03E964CC0F718B02C104D6A624382A7 ] \Device\Harddisk0\DR0\Partition1

21:55:48.0980 2872 \Device\Harddisk0\DR0\Partition1 - ok

21:55:49.0027 2872 [ 86BA15FBA73F751497D557FFD85DAEDE ] \Device\Harddisk0\DR0\Partition2

21:55:49.0027 2872 \Device\Harddisk0\DR0\Partition2 - ok

21:55:49.0027 2872 ============================================================

21:55:49.0027 2872 Scan finished

21:55:49.0027 2872 ============================================================

21:55:49.0042 5988 Detected object count: 0

21:55:49.0042 5988 Actual detected object count: 0

21:57:26.0698 5696 Deinitialize success

Link naar reactie
Delen op andere sites

- is een geinfecteerde pc van iemand anders een bedreiging voor mijn netwerk c.q. mijn eigen apparatuur (heb zelf apple Imac en Ipad)
indien er geen besmette bestanden worden overgezet, mag dit normaal geen problemen geven.
wat is nu eigenlijk de oorzaak geweest van deze infectie. Ofwel, van welke sites moeten we afblijven
probleem is steeds dat je achteraf moeilijk kan bepalen welke specifieke site de oorzaak van een dergelijke besmetting is. Vaak zijn er verschillende mogelijkheden. Enige advies is "kritisch" internetgebruik, uitkijken bij downloads, linkjes, e.d. en continue update van alle belangrijke programma's (OS, AV-programma, Java, e.d.).
Link naar reactie
Delen op andere sites

Hallo Kape,

Hartelijk dank voor de geweldige ondersteuning. Ook namens mijn vriend. De pc is weer helemaal in orde.

Als er weer iemand problemen heeft: wij weten jullie te vinden. Bedankt.

met vriendelijke Met vriendelijke groet.

Gerty

Ik zal markeren als opgelost.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...