Virus

[kweezie wabbit]

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

[Neymar]

15:43:09.0589 3336 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

15:43:09.0734 3336 ============================================================

15:43:09.0734 3336 Current date / time: 2012/09/21 15:43:09.0734

15:43:09.0734 3336 SystemInfo:

15:43:09.0734 3336

15:43:09.0734 3336 OS Version: 6.0.6002 ServicePack: 2.0

15:43:09.0734 3336 Product type: Workstation

15:43:09.0734 3336 ComputerName: GEBRUIK-VJ0OOQ1

15:43:09.0735 3336 UserName: Gebruiker

15:43:09.0735 3336 Windows directory: C:\Windows

15:43:09.0735 3336 System windows directory: C:\Windows

15:43:09.0735 3336 Processor architecture: Intel x86

15:43:09.0735 3336 Number of processors: 2

15:43:09.0735 3336 Page size: 0x1000

15:43:09.0735 3336 Boot type: Normal boot

15:43:09.0735 3336 ============================================================

15:43:10.0230 3336 Drive \Device\Harddisk0\DR0 - Size: 0x3A36000000 (232.84 Gb), SectorSize: 0x200, Cylinders: 0x76BB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058

15:43:10.0242 3336 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058

15:43:10.0245 3336 ============================================================

15:43:10.0245 3336 \Device\Harddisk0\DR0:

15:43:10.0245 3336 MBR partitions:

15:43:10.0245 3336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1AF000

15:43:10.0245 3336 \Device\Harddisk1\DR1:

15:43:10.0245 3336 MBR partitions:

15:43:10.0245 3336 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542

15:43:10.0245 3336 ============================================================

15:43:10.0273 3336 C: <-> \Device\Harddisk1\DR1\Partition1

15:43:10.0587 3336 D: <-> \Device\Harddisk0\DR0\Partition1

15:43:10.0587 3336 ============================================================

15:43:10.0587 3336 Initialize success

15:43:10.0587 3336 ============================================================

15:43:33.0553 4848 ============================================================

15:43:33.0554 4848 Scan started

15:43:33.0554 4848 Mode: Manual;

15:43:33.0554 4848 ============================================================

15:43:33.0863 4848 ================ Scan system memory ========================

15:43:33.0863 4848 System memory - ok

15:43:33.0863 4848 ================ Scan services =============================

15:43:33.0978 4848 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

15:43:33.0979 4848 !SASCORE - ok

15:43:34.0104 4848 A2DDA - ok

15:43:34.0253 4848 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

15:43:34.0257 4848 ACPI - ok

15:43:34.0323 4848 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

15:43:34.0325 4848 AdobeARMservice - ok

15:43:34.0383 4848 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

15:43:34.0388 4848 AdobeFlashPlayerUpdateSvc - ok

15:43:34.0425 4848 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

15:43:34.0434 4848 adp94xx - ok

15:43:34.0459 4848 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys

15:43:34.0465 4848 adpahci - ok

15:43:34.0487 4848 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

15:43:34.0490 4848 adpu160m - ok

15:43:34.0507 4848 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

15:43:34.0511 4848 adpu320 - ok

15:43:34.0590 4848 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

15:43:34.0596 4848 AdvancedSystemCareService5 - ok

15:43:34.0618 4848 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

15:43:34.0619 4848 AeLookupSvc - ok

15:43:34.0654 4848 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

15:43:34.0658 4848 AFD - ok

15:43:34.0695 4848 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys

15:43:34.0697 4848 agp440 - ok

15:43:34.0729 4848 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys

15:43:34.0732 4848 aic78xx - ok

15:43:34.0945 4848 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files\common files\akamai/netsession_win_5891ae0.dll

15:43:34.0946 4848 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76

15:43:34.0955 4848 Akamai ( HiddenFile.Multi.Generic ) - warning

15:43:34.0955 4848 Akamai - detected HiddenFile.Multi.Generic (1)

15:43:34.0961 4848 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

15:43:34.0963 4848 ALG - ok

15:43:34.0987 4848 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys

15:43:34.0989 4848 aliide - ok

15:43:35.0006 4848 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys

15:43:35.0008 4848 amdagp - ok

15:43:35.0029 4848 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys

15:43:35.0030 4848 amdide - ok

15:43:35.0050 4848 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

15:43:35.0052 4848 AmdK7 - ok

15:43:35.0069 4848 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

15:43:35.0071 4848 AmdK8 - ok

15:43:35.0103 4848 [ 459C0FFF8FF5EB4E8DF7E2EFDCB28DE1 ] apf003 C:\Windows\system32\apf003.sys

15:43:35.0104 4848 apf003 - ok

15:43:35.0131 4848 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

15:43:35.0133 4848 Appinfo - ok

15:43:35.0192 4848 [ D503DF3ABA595F551B98B9BAE017A271 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:43:35.0196 4848 Apple Mobile Device - ok

15:43:35.0213 4848 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys

15:43:35.0216 4848 arc - ok

15:43:35.0229 4848 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys

15:43:35.0232 4848 arcsas - ok

15:43:35.0263 4848 [ 294C60FAD24A5A5FC56117F69D7D69E4 ] arcs_x86 C:\Windows\system32\drivers\arcs_x86.sys

15:43:35.0265 4848 arcs_x86 - ok

15:43:35.0367 4848 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

15:43:35.0384 4848 aspnet_state - ok

15:43:35.0409 4848 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

15:43:35.0410 4848 aswFsBlk - ok

15:43:35.0444 4848 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

15:43:35.0445 4848 aswMonFlt - ok

15:43:35.0460 4848 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys

15:43:35.0461 4848 aswRdr - ok

15:43:35.0517 4848 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

15:43:35.0522 4848 aswSnx - ok

15:43:35.0551 4848 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys

15:43:35.0554 4848 aswSP - ok

15:43:35.0573 4848 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

15:43:35.0574 4848 aswTdi - ok

15:43:35.0604 4848 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

15:43:35.0606 4848 AsyncMac - ok

15:43:35.0626 4848 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

15:43:35.0628 4848 atapi - ok

15:43:35.0663 4848 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

15:43:35.0669 4848 AudioEndpointBuilder - ok

15:43:35.0686 4848 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

15:43:35.0688 4848 Audiosrv - ok

15:43:35.0724 4848 [ 76B04173A13A045523FD10DB483E2B25 ] Autodata Limited License Service C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

15:43:35.0726 4848 Autodata Limited License Service - ok

15:43:35.0793 4848 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

15:43:35.0794 4848 avast! Antivirus - ok

15:43:35.0822 4848 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

15:43:35.0824 4848 Beep - ok

15:43:35.0855 4848 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

15:43:35.0862 4848 BFE - ok

15:43:35.0904 4848 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll

15:43:35.0936 4848 BITS - ok

15:43:35.0961 4848 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

15:43:35.0963 4848 blbdrive - ok

15:43:36.0032 4848 [ EBAD0F51D8D4DADE7660B1851ADDBD07 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

15:43:36.0039 4848 Bonjour Service - ok

15:43:36.0069 4848 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

15:43:36.0071 4848 bowser - ok

15:43:36.0088 4848 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

15:43:36.0089 4848 BrFiltLo - ok

15:43:36.0102 4848 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

15:43:36.0104 4848 BrFiltUp - ok

15:43:36.0140 4848 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

15:43:36.0142 4848 Browser - ok

15:43:36.0165 4848 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

15:43:36.0167 4848 Brserid - ok

15:43:36.0188 4848 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

15:43:36.0190 4848 BrSerWdm - ok

15:43:36.0209 4848 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

15:43:36.0210 4848 BrUsbMdm - ok

15:43:36.0228 4848 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

15:43:36.0230 4848 BrUsbSer - ok

15:43:36.0259 4848 [ 3472331B9D460212965B51A8D38E8BEC ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys

15:43:36.0259 4848 BthAvrcp - ok

15:43:36.0273 4848 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys

15:43:36.0274 4848 BthEnum - ok

15:43:36.0310 4848 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

15:43:36.0312 4848 BTHMODEM - ok

15:43:36.0329 4848 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

15:43:36.0331 4848 BthPan - ok

15:43:36.0382 4848 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

15:43:36.0392 4848 BTHPORT - ok

15:43:36.0430 4848 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll

15:43:36.0432 4848 BthServ - ok

15:43:36.0449 4848 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

15:43:36.0450 4848 BTHUSB - ok

15:43:36.0497 4848 [ 166EBA385178229475B6AEB950E0A082 ] Cam5603D C:\Windows\system32\Drivers\BisonCam.sys

15:43:36.0514 4848 Cam5603D - ok

15:43:36.0607 4848 catchme - ok

15:43:36.0649 4848 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

15:43:36.0651 4848 cdfs - ok

15:43:36.0668 4848 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

15:43:36.0670 4848 cdrom - ok

15:43:36.0718 4848 [ 039F27EA2344C541CB6A0EF288BC8996 ] CEBFilter C:\Program Files\C&E\OSD\OsdService\cebuffer.sys

15:43:36.0719 4848 CEBFilter - ok

15:43:36.0731 4848 [ 147019ABEB922507F2FA107032C480CE ] CEIO C:\Program Files\C&E\OSD\OsdService\ceio.sys

15:43:36.0732 4848 CEIO - ok

15:43:36.0759 4848 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

15:43:36.0761 4848 CertPropSvc - ok

15:43:36.0784 4848 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys

15:43:36.0785 4848 circlass - ok

15:43:36.0789 4848 [ CB11E608025AA6E601FF0C097E6009BD ] cKBFilter C:\Program Files\C&E\OSD\OsdService\kbfiltr.sys

15:43:36.0790 4848 cKBFilter - ok

15:43:36.0809 4848 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

15:43:36.0814 4848 CLFS - ok

15:43:36.0859 4848 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:43:36.0862 4848 clr_optimization_v2.0.50727_32 - ok

15:43:36.0898 4848 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:43:36.0926 4848 clr_optimization_v4.0.30319_32 - ok

15:43:36.0950 4848 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

15:43:36.0951 4848 CmBatt - ok

15:43:36.0968 4848 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys

15:43:36.0970 4848 cmdide - ok

15:43:36.0991 4848 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

15:43:36.0992 4848 Compbatt - ok

15:43:36.0997 4848 COMSysApp - ok

15:43:37.0015 4848 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

15:43:37.0016 4848 crcdisk - ok

15:43:37.0029 4848 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys

15:43:37.0031 4848 Crusoe - ok

15:43:37.0072 4848 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll

15:43:37.0075 4848 CryptSvc - ok

15:43:37.0118 4848 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

15:43:37.0140 4848 DcomLaunch - ok

15:43:37.0165 4848 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

15:43:37.0167 4848 DfsC - ok

15:43:37.0250 4848 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

15:43:37.0306 4848 DFSR - ok

15:43:37.0335 4848 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

15:43:37.0340 4848 Dhcp - ok

15:43:37.0362 4848 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

15:43:37.0364 4848 disk - ok

15:43:37.0402 4848 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

15:43:37.0405 4848 Dnscache - ok

15:43:37.0425 4848 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

15:43:37.0429 4848 dot3svc - ok

15:43:37.0447 4848 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

15:43:37.0451 4848 DPS - ok

15:43:37.0474 4848 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

15:43:37.0476 4848 drmkaud - ok

15:43:37.0526 4848 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

15:43:37.0530 4848 DXGKrnl - ok

15:43:37.0550 4848 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys

15:43:37.0555 4848 e1express - ok

15:43:37.0573 4848 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

15:43:37.0576 4848 E1G60 - ok

15:43:37.0580 4848 EagleNT - ok

15:43:37.0586 4848 EagleXNt - ok

15:43:37.0611 4848 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

15:43:37.0614 4848 EapHost - ok

15:43:37.0633 4848 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

15:43:37.0636 4848 Ecache - ok

15:43:37.0692 4848 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

15:43:37.0698 4848 ehRecvr - ok

15:43:37.0714 4848 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

15:43:37.0717 4848 ehSched - ok

15:43:37.0720 4848 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

15:43:37.0722 4848 ehstart - ok

15:43:37.0750 4848 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys

15:43:37.0757 4848 elxstor - ok

15:43:37.0791 4848 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

15:43:37.0802 4848 EMDMgmt - ok

15:43:37.0835 4848 [ FC37A2212B56663BBABEF748266A58C7 ] EMSCR C:\Windows\system32\drivers\ems7sk.sys

15:43:37.0837 4848 EMSCR - ok

15:43:37.0865 4848 [ A81AB23EDDB4693612014D87367D014C ] ErrDev C:\Windows\system32\drivers\errdev.sys

15:43:37.0866 4848 ErrDev - ok

15:43:37.0885 4848 [ A498240D0E1F0B27702E3DF77B0C6E56 ] ESDCR C:\Windows\system32\drivers\esd7sk.sys

15:43:37.0887 4848 ESDCR - ok

15:43:37.0901 4848 [ CE6E1032802EE415955721A208A86718 ] ESMCR C:\Windows\system32\drivers\esm7sk.sys

15:43:37.0903 4848 ESMCR - ok

15:43:37.0926 4848 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

15:43:37.0932 4848 EventSystem - ok

15:43:37.0949 4848 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

15:43:37.0953 4848 exfat - ok

15:43:37.0979 4848 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

15:43:37.0982 4848 fastfat - ok

15:43:37.0999 4848 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

15:43:38.0001 4848 fdc - ok

15:43:38.0023 4848 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

15:43:38.0025 4848 fdPHost - ok

15:43:38.0045 4848 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

15:43:38.0047 4848 FDResPub - ok

15:43:38.0065 4848 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

15:43:38.0067 4848 FileInfo - ok

15:43:38.0088 4848 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

15:43:38.0090 4848 Filetrace - ok

15:43:38.0113 4848 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

15:43:38.0115 4848 flpydisk - ok

15:43:38.0138 4848 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

15:43:38.0143 4848 FltMgr - ok

15:43:38.0189 4848 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

15:43:38.0195 4848 FontCache - ok

15:43:38.0258 4848 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

15:43:38.0261 4848 FontCache3.0.0.0 - ok

15:43:38.0294 4848 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

15:43:38.0295 4848 Fs_Rec - ok

15:43:38.0313 4848 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

15:43:38.0315 4848 gagp30kx - ok

15:43:38.0353 4848 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

15:43:38.0353 4848 GEARAspiWDM - ok

15:43:38.0388 4848 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

15:43:38.0408 4848 gpsvc - ok

15:43:38.0503 4848 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

15:43:38.0506 4848 gupdate - ok

15:43:38.0512 4848 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

15:43:38.0513 4848 gupdatem - ok

15:43:38.0558 4848 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

15:43:38.0563 4848 gusvc - ok

15:43:38.0588 4848 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

15:43:38.0593 4848 HdAudAddService - ok

15:43:38.0626 4848 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

15:43:38.0636 4848 HDAudBus - ok

15:43:38.0649 4848 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

15:43:38.0651 4848 HidBth - ok

15:43:38.0682 4848 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

15:43:38.0683 4848 HidIr - ok

15:43:38.0699 4848 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll

15:43:38.0701 4848 hidserv - ok

15:43:38.0714 4848 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

15:43:38.0715 4848 HidUsb - ok

15:43:38.0746 4848 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

15:43:38.0750 4848 hkmsvc - ok

15:43:38.0784 4848 [ 7EBEC5EB56B90ED65A8BBD91464E5CFB ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

15:43:38.0787 4848 HpCISSs - ok

15:43:38.0818 4848 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS

15:43:38.0824 4848 HSFHWAZL - ok

15:43:38.0863 4848 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS

15:43:38.0897 4848 HSF_DPV - ok

15:43:38.0942 4848 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

15:43:38.0948 4848 HTTP - ok

15:43:38.0969 4848 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys

15:43:38.0971 4848 i2omp - ok

15:43:39.0002 4848 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

15:43:39.0004 4848 i8042prt - ok

15:43:39.0087 4848 [ 582F2D900A3AC34C98FBDC2C0ABEF6B9 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

15:43:39.0094 4848 IAANTMON - ok

15:43:39.0121 4848 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

15:43:39.0127 4848 iaStor - ok

15:43:39.0149 4848 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

15:43:39.0154 4848 iaStorV - ok

15:43:39.0217 4848 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:43:39.0237 4848 idsvc - ok

15:43:39.0260 4848 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

15:43:39.0262 4848 iirsp - ok

15:43:39.0304 4848 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

15:43:39.0314 4848 IKEEXT - ok

15:43:39.0431 4848 [ 37B96B2EC34819CBC145AD5AB3AFAB19 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

15:43:39.0448 4848 IntcAzAudAddService - ok

15:43:39.0476 4848 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys

15:43:39.0485 4848 intelide - ok

15:43:39.0504 4848 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

15:43:39.0505 4848 intelppm - ok

15:43:39.0522 4848 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

15:43:39.0525 4848 IPBusEnum - ok

15:43:39.0545 4848 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:43:39.0547 4848 IpFilterDriver - ok

15:43:39.0589 4848 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

15:43:39.0592 4848 iphlpsvc - ok

15:43:39.0599 4848 IpInIp - ok

15:43:39.0613 4848 [ 4B9C0F4D4A3ACC535F9771039ECD6365 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

15:43:39.0615 4848 IPMIDRV - ok

15:43:39.0631 4848 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

15:43:39.0634 4848 IPNAT - ok

15:43:39.0685 4848 [ 3C30491045DBBD44A42876B3D6F3917D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

15:43:39.0696 4848 iPod Service - ok

15:43:39.0717 4848 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys

15:43:39.0719 4848 irda - ok

15:43:39.0739 4848 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

15:43:39.0741 4848 IRENUM - ok

15:43:39.0752 4848 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll

15:43:39.0755 4848 Irmon - ok

15:43:39.0771 4848 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys

15:43:39.0774 4848 isapnp - ok

15:43:39.0822 4848 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

15:43:39.0825 4848 iScsiPrt - ok

15:43:39.0857 4848 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

15:43:39.0859 4848 iteatapi - ok

15:43:39.0888 4848 [ E4B04A0D8B237ECF026D849439F1BCCE ] itecir C:\Windows\system32\DRIVERS\itecir.sys

15:43:39.0890 4848 itecir - ok

15:43:39.0914 4848 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

15:43:39.0915 4848 iteraid - ok

15:43:39.0953 4848 [ FE372FDE0AFC9F724ED9393A33AC9AA7 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys

15:43:39.0954 4848 JRAID - ok

15:43:39.0968 4848 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

15:43:39.0969 4848 kbdclass - ok

15:43:39.0984 4848 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

15:43:39.0986 4848 kbdhid - ok

15:43:40.0018 4848 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

15:43:40.0020 4848 KeyIso - ok

15:43:40.0065 4848 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

15:43:40.0074 4848 KSecDD - ok

15:43:40.0113 4848 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

15:43:40.0121 4848 KtmRm - ok

15:43:40.0153 4848 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll

15:43:40.0157 4848 LanmanServer - ok

15:43:40.0209 4848 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

15:43:40.0216 4848 LanmanWorkstation - ok

15:43:40.0245 4848 [ 05D6B85ECC3204931923AB7940B9596E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys

15:43:40.0248 4848 LHidFilt - ok

15:43:40.0289 4848 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

15:43:40.0291 4848 lltdio - ok

15:43:40.0332 4848 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

15:43:40.0338 4848 lltdsvc - ok

15:43:40.0344 4848 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

15:43:40.0347 4848 lmhosts - ok

15:43:40.0366 4848 [ 053DBCC1082FDF74AB145A71917A6556 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys

15:43:40.0368 4848 LMouFilt - ok

15:43:40.0396 4848 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

15:43:40.0399 4848 LSI_FC - ok

15:43:40.0424 4848 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

15:43:40.0427 4848 LSI_SAS - ok

15:43:40.0452 4848 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

15:43:40.0455 4848 LSI_SCSI - ok

15:43:40.0475 4848 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

15:43:40.0477 4848 luafv - ok

15:43:40.0496 4848 [ 95DAB70D56BBAC7DDB7E6D0017D71369 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys

15:43:40.0498 4848 LUsbFilt - ok

15:43:40.0527 4848 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

15:43:40.0531 4848 Mcx2Svc - ok

15:43:40.0548 4848 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys

15:43:40.0550 4848 megasas - ok

15:43:40.0581 4848 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys

15:43:40.0589 4848 MegaSR - ok

15:43:40.0663 4848 Microsoft SharePoint Workspace Audit Service - ok

15:43:40.0683 4848 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

15:43:40.0687 4848 MMCSS - ok

15:43:40.0710 4848 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

15:43:40.0711 4848 Modem - ok

15:43:40.0747 4848 [ CBB59C41F19EFEA1A000793E08070A62 ] MODEMCSA C:\Windows\system32\drivers\MODEMCSA.sys

15:43:40.0748 4848 MODEMCSA - ok

15:43:40.0769 4848 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

15:43:40.0770 4848 monitor - ok

15:43:40.0790 4848 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

15:43:40.0792 4848 mouclass - ok

15:43:40.0810 4848 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

15:43:40.0811 4848 mouhid - ok

15:43:40.0835 4848 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

15:43:40.0837 4848 MountMgr - ok

15:43:40.0878 4848 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

15:43:40.0881 4848 MozillaMaintenance - ok

15:43:40.0898 4848 [ 5DA347912FD3AF24D7BFB3DE519D4BD0 ] mpio C:\Windows\system32\drivers\mpio.sys

15:43:40.0901 4848 mpio - ok

15:43:40.0918 4848 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

15:43:40.0920 4848 mpsdrv - ok

15:43:40.0951 4848 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

15:43:40.0961 4848 MpsSvc - ok

15:43:40.0991 4848 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

15:43:40.0993 4848 Mraid35x - ok

15:43:41.0017 4848 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

15:43:41.0020 4848 MRxDAV - ok

15:43:41.0049 4848 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

15:43:41.0051 4848 mrxsmb - ok

15:43:41.0097 4848 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:43:41.0101 4848 mrxsmb10 - ok

15:43:41.0121 4848 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:43:41.0123 4848 mrxsmb20 - ok

15:43:41.0144 4848 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys

15:43:41.0145 4848 msahci - ok

15:43:41.0174 4848 [ 2C563AEF15B8D0014C36C5F27742AC7B ] msdsm C:\Windows\system32\drivers\msdsm.sys

15:43:41.0177 4848 msdsm - ok

15:43:41.0196 4848 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

15:43:41.0200 4848 MSDTC - ok

15:43:41.0239 4848 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

15:43:41.0240 4848 Msfs - ok

15:43:41.0259 4848 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

15:43:41.0261 4848 msisadrv - ok

15:43:41.0290 4848 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

15:43:41.0295 4848 MSiSCSI - ok

15:43:41.0300 4848 msiserver - ok

15:43:41.0317 4848 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

15:43:41.0319 4848 MSKSSRV - ok

15:43:41.0341 4848 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

15:43:41.0343 4848 MSPCLOCK - ok

15:43:41.0360 4848 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

15:43:41.0362 4848 MSPQM - ok

15:43:41.0390 4848 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

15:43:41.0394 4848 MsRPC - ok

15:43:41.0415 4848 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

15:43:41.0416 4848 mssmbios - ok

15:43:41.0436 4848 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

15:43:41.0438 4848 MSTEE - ok

15:43:41.0466 4848 [ BB16693616427EAC1A436E106EA8D318 ] MTsensor C:\Windows\system32\drivers\atkacpi.sys

15:43:41.0467 4848 MTsensor - ok

15:43:41.0492 4848 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

15:43:41.0494 4848 Mup - ok

15:43:41.0536 4848 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

15:43:41.0544 4848 napagent - ok

15:43:41.0568 4848 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

15:43:41.0572 4848 NativeWifiP - ok

15:43:41.0608 4848 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

15:43:41.0617 4848 NDIS - ok

15:43:41.0650 4848 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

15:43:41.0652 4848 NdisTapi - ok

15:43:41.0667 4848 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

15:43:41.0668 4848 Ndisuio - ok

15:43:41.0688 4848 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

15:43:41.0691 4848 NdisWan - ok

15:43:41.0710 4848 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

15:43:41.0712 4848 NDProxy - ok

15:43:41.0730 4848 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

15:43:41.0732 4848 NetBIOS - ok

15:43:41.0751 4848 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

15:43:41.0755 4848 netbt - ok

15:43:41.0776 4848 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

15:43:41.0778 4848 Netlogon - ok

15:43:41.0811 4848 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

15:43:41.0820 4848 Netman - ok

15:43:41.0850 4848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:43:41.0864 4848 NetMsmqActivator - ok

15:43:41.0872 4848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:43:41.0874 4848 NetPipeActivator - ok

15:43:41.0919 4848 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

15:43:41.0926 4848 netprofm - ok

15:43:41.0932 4848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:43:41.0934 4848 NetTcpActivator - ok

15:43:41.0941 4848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:43:41.0943 4848 NetTcpPortSharing - ok

15:43:42.0124 4848 [ 39CBA1AE2A400EF99C3DEC9F9F601876 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys

15:43:42.0297 4848 NETw5v32 - ok

15:43:42.0329 4848 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

15:43:42.0331 4848 nfrd960 - ok

15:43:42.0369 4848 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

15:43:42.0375 4848 NlaSvc - ok

15:43:42.0396 4848 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

15:43:42.0397 4848 Npfs - ok

15:43:42.0404 4848 npggsvc - ok

15:43:42.0447 4848 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

15:43:42.0450 4848 nsi - ok

15:43:42.0465 4848 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

15:43:42.0466 4848 nsiproxy - ok

15:43:42.0508 4848 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

15:43:42.0541 4848 Ntfs - ok

15:43:42.0562 4848 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

15:43:42.0563 4848 ntrigdigi - ok

15:43:42.0583 4848 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

15:43:42.0585 4848 Null - ok

15:43:42.0619 4848 [ BC9795F928C1775286E207F55F4870CD ] nvamacpi C:\Windows\system32\drivers\nvamacpi.sys

15:43:42.0621 4848 nvamacpi - ok

15:43:42.0946 4848 [ AFB33A823AABC112FC7BD62AFBCDB0CD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:43:43.0010 4848 nvlddmkm - ok

15:43:43.0055 4848 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys

15:43:43.0058 4848 nvraid - ok

15:43:43.0095 4848 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys

15:43:43.0096 4848 nvsmu - ok

15:43:43.0117 4848 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys

15:43:43.0119 4848 nvstor - ok

15:43:43.0166 4848 [ 782945716AD010AC3D41758E8E52C735 ] nvsvc C:\Windows\system32\nvvsvc.exe

15:43:43.0186 4848 nvsvc - ok

15:43:43.0303 4848 [ A974E5C310B9B00894070CEB055D467F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

15:43:43.0335 4848 nvUpdatusService - ok

15:43:43.0359 4848 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

15:43:43.0362 4848 nv_agp - ok

15:43:43.0368 4848 NwlnkFlt - ok

15:43:43.0375 4848 NwlnkFwd - ok

15:43:43.0404 4848 [ D51942F12090FC947CA8AA01736DADE2 ] O2MDRDR C:\Windows\system32\drivers\o2media.sys

15:43:43.0407 4848 O2MDRDR - ok

15:43:43.0432 4848 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

15:43:43.0433 4848 ohci1394 - ok

15:43:43.0463 4848 [ FD8CE9DDE60565D4158F9DD7C179E002 ] OsdService C:\Program Files\C&E\OSD\OsdService\OsdService.exe

15:43:43.0464 4848 OsdService - ok

15:43:43.0538 4848 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:43:43.0542 4848 ose - ok

15:43:43.0723 4848 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:43:43.0843 4848 osppsvc - ok

15:43:43.0910 4848 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

15:43:43.0941 4848 p2pimsvc - ok

15:43:43.0956 4848 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

15:43:43.0963 4848 p2psvc - ok

15:43:43.0989 4848 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

15:43:43.0991 4848 Parport - ok

15:43:44.0032 4848 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

15:43:44.0034 4848 partmgr - ok

15:43:44.0055 4848 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

15:43:44.0056 4848 Parvdm - ok

15:43:44.0064 4848 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

15:43:44.0068 4848 PcaSvc - ok

15:43:44.0096 4848 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

15:43:44.0100 4848 pci - ok

15:43:44.0115 4848 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys

15:43:44.0116 4848 pciide - ok

15:43:44.0138 4848 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

15:43:44.0142 4848 pcmcia - ok

15:43:44.0196 4848 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

15:43:44.0228 4848 PEAUTH - ok

15:43:44.0307 4848 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

15:43:44.0350 4848 pla - ok

15:43:44.0377 4848 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

15:43:44.0385 4848 PlugPlay - ok

15:43:44.0423 4848 [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA C:\Windows\system32\PnkBstrA.exe

15:43:44.0428 4848 PnkBstrA - ok

15:43:44.0468 4848 [ 8C74C611ADAF9DA2A918B8E82E14766B ] Pnp680 C:\Windows\system32\drivers\pnp680.sys

15:43:44.0471 4848 Pnp680 - ok

15:43:44.0511 4848 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

15:43:44.0518 4848 PNRPAutoReg - ok

15:43:44.0544 4848 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

15:43:44.0551 4848 PNRPsvc - ok

15:43:44.0589 4848 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

15:43:44.0598 4848 PolicyAgent - ok

15:43:44.0637 4848 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

15:43:44.0639 4848 PptpMiniport - ok

15:43:44.0658 4848 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys

15:43:44.0660 4848 Processor - ok

15:43:44.0697 4848 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

15:43:44.0703 4848 ProfSvc - ok

15:43:44.0723 4848 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

15:43:44.0726 4848 ProtectedStorage - ok

15:43:44.0748 4848 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

15:43:44.0749 4848 PSched - ok

15:43:44.0805 4848 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

15:43:44.0849 4848 ql2300 - ok

15:43:44.0887 4848 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

15:43:44.0890 4848 ql40xx - ok

15:43:44.0919 4848 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

15:43:44.0927 4848 QWAVE - ok

15:43:44.0944 4848 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

15:43:44.0946 4848 QWAVEdrv - ok

15:43:44.0953 4848 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

15:43:44.0955 4848 RasAcd - ok

15:43:44.0979 4848 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

15:43:44.0984 4848 RasAuto - ok

15:43:44.0992 4848 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

15:43:44.0995 4848 Rasl2tp - ok

15:43:45.0018 4848 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

15:43:45.0026 4848 RasMan - ok

15:43:45.0069 4848 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

15:43:45.0071 4848 RasPppoe - ok

15:43:45.0079 4848 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

15:43:45.0081 4848 RasSstp - ok

15:43:45.0091 4848 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

15:43:45.0096 4848 rdbss - ok

15:43:45.0104 4848 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

15:43:45.0106 4848 RDPCDD - ok

15:43:45.0131 4848 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

15:43:45.0136 4848 rdpdr - ok

15:43:45.0143 4848 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

15:43:45.0145 4848 RDPENCDD - ok

15:43:45.0193 4848 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

15:43:45.0198 4848 RDPWD - ok

15:43:45.0231 4848 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

15:43:45.0235 4848 RemoteAccess - ok

15:43:45.0248 4848 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

15:43:45.0255 4848 RemoteRegistry - ok

15:43:45.0266 4848 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

15:43:45.0269 4848 RFCOMM - ok

15:43:45.0295 4848 [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk C:\Windows\system32\drivers\rimmptsk.sys

15:43:45.0309 4848 rimmptsk - ok

15:43:45.0340 4848 [ AF213955C4D952C914620E8DB0CD0CF7 ] rimspci C:\Windows\system32\drivers\rimspe86.sys

15:43:45.0342 4848 rimspci - ok

15:43:45.0360 4848 [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk C:\Windows\system32\drivers\rimsptsk.sys

15:43:45.0363 4848 rimsptsk - ok

15:43:45.0401 4848 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys

15:43:45.0404 4848 RimUsb - ok

15:43:45.0449 4848 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys

15:43:45.0451 4848 RimVSerPort - ok

15:43:45.0472 4848 [ 6978DECC2C38C5CE10A8B0F2B12F4451 ] risdpcie C:\Windows\system32\drivers\risdpe86.sys

15:43:45.0508 4848 risdpcie - ok

15:43:45.0531 4848 [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp C:\Windows\system32\drivers\rixdptsk.sys

15:43:45.0554 4848 rismxdp - ok

15:43:45.0586 4848 [ 764C1F3453E779724BA647327DE7DDD4 ] rixdpcie C:\Windows\system32\drivers\rixdpe86.sys

15:43:45.0638 4848 rixdpcie - ok

15:43:45.0726 4848 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys

15:43:45.0741 4848 ROOTMODEM - ok

15:43:45.0779 4848 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

15:43:45.0782 4848 RpcLocator - ok

15:43:45.0841 4848 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

15:43:45.0849 4848 RpcSs - ok

15:43:45.0861 4848 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

15:43:45.0864 4848 rspndr - ok

15:43:45.0901 4848 [ 83F7A29B659771E60CD71999EF57AA0C ] RSUSBSTOR C:\Windows\system32\drivers\rtsustor.sys

15:43:45.0905 4848 RSUSBSTOR - ok

15:43:45.0980 4848 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

15:43:45.0982 4848 RTL8169 - ok

15:43:46.0014 4848 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

15:43:46.0016 4848 SamSs - ok

15:43:46.0093 4848 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

15:43:46.0094 4848 SASDIFSV - ok

15:43:46.0138 4848 [ 77B9FC20084B48408AD3E87570EB4A85 ] SAS***IL C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS

15:43:46.0140 4848 SAS***IL - ok

15:43:46.0159 4848 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

15:43:46.0162 4848 sbp2port - ok

15:43:46.0328 4848 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

15:43:46.0336 4848 SBSDWSCService - ok

15:43:46.0384 4848 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

15:43:46.0389 4848 SCardSvr - ok

15:43:46.0474 4848 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

15:43:46.0494 4848 Schedule - ok

15:43:46.0527 4848 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

15:43:46.0528 4848 SCPolicySvc - ok

15:43:46.0553 4848 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

15:43:46.0556 4848 sdbus - ok

15:43:46.0578 4848 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

15:43:46.0584 4848 SDRSVC - ok

15:43:46.0680 4848 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

15:43:46.0686 4848 SeaPort - ok

15:43:46.0693 4848 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

15:43:46.0695 4848 secdrv - ok

15:43:46.0740 4848 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

15:43:46.0744 4848 seclogon - ok

15:43:46.0758 4848 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll

15:43:46.0762 4848 SENS - ok

15:43:46.0770 4848 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

15:43:46.0773 4848 Serenum - ok

15:43:46.0781 4848 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

15:43:46.0784 4848 Serial - ok

15:43:46.0792 4848 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

15:43:46.0794 4848 sermouse - ok

15:43:46.0874 4848 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

15:43:46.0884 4848 SessionEnv - ok

15:43:46.0892 4848 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

15:43:46.0894 4848 sffdisk - ok

15:43:46.0905 4848 [ E5EAFE85815BD89095FEF3144A09AB68 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

15:43:46.0907 4848 sffp_mmc - ok

15:43:46.0930 4848 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

15:43:46.0931 4848 sffp_sd - ok

15:43:46.0939 4848 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

15:43:46.0941 4848 sfloppy - ok

15:43:46.0992 4848 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

15:43:46.0999 4848 SharedAccess - ok

15:43:47.0053 4848 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

15:43:47.0058 4848 ShellHWDetection - ok

15:43:47.0177 4848 [ 93BEACC3815A4653A655C8BD7622FF63 ] Si3531 C:\Windows\system32\DRIVERS\Si3531.sys

15:43:47.0180 4848 Si3531 - ok

15:43:47.0199 4848 [ 165448BC832D424B97270C8D1276E24A ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys

15:43:47.0212 4848 SiFilter - ok

15:43:47.0256 4848 [ 9BE8EA3A8C7E6D47E710F6FA14B7442B ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys

15:43:47.0265 4848 SiRemFil - ok

15:43:47.0301 4848 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys

15:43:47.0304 4848 sisagp - ok

15:43:47.0328 4848 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

15:43:47.0330 4848 SiSRaid2 - ok

15:43:47.0341 4848 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

15:43:47.0344 4848 SiSRaid4 - ok

15:43:47.0462 4848 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

15:43:47.0548 4848 slsvc - ok

15:43:47.0562 4848 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

15:43:47.0567 4848 SLUINotify - ok

15:43:47.0576 4848 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

15:43:47.0578 4848 Smb - ok

15:43:47.0591 4848 [ 12B62474E707A26D662232C54A4EF322 ] SMSCIRDA C:\Windows\system32\DRIVERS\SMSCirda.sys

15:43:47.0593 4848 SMSCIRDA - ok

15:43:47.0637 4848 [ 2D97B7CC3F118620A704C5DA138CA120 ] smserial C:\Windows\system32\DRIVERS\smserial.sys

15:43:47.0672 4848 smserial - ok

15:43:47.0715 4848 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

15:43:47.0719 4848 SNMPTRAP - ok

15:43:47.0732 4848 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

15:43:47.0734 4848 spldr - ok

15:43:47.0773 4848 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

15:43:47.0779 4848 Spooler - ok

15:43:47.0853 4848 [ A199171385BE17973FD800FA91F8F78A ] sptd C:\Windows\system32\Drivers\sptd.sys

15:43:47.0854 4848 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: A199171385BE17973FD800FA91F8F78A

15:43:47.0858 4848 sptd ( LockedFile.Multi.Generic ) - warning

15:43:47.0858 4848 sptd - detected LockedFile.Multi.Generic (1)

15:43:47.0896 4848 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

15:43:47.0902 4848 srv - ok

15:43:47.0924 4848 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

15:43:47.0927 4848 srv2 - ok

15:43:47.0982 4848 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

15:43:47.0985 4848 srvnet - ok

15:43:48.0030 4848 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

15:43:48.0038 4848 SSDPSRV - ok

15:43:48.0073 4848 [ DF5C19F053EFF7F8BA25D73AEA899656 ] ssm_bus C:\Windows\system32\DRIVERS\ssm_bus.sys

15:43:48.0076 4848 ssm_bus - ok

15:43:48.0085 4848 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

15:43:48.0091 4848 SstpSvc - ok

15:43:48.0123 4848 Steam Client Service - ok

15:43:48.0174 4848 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

15:43:48.0181 4848 Stereo Service - ok

15:43:48.0215 4848 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

15:43:48.0216 4848 StillCam - ok

15:43:48.0261 4848 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

15:43:48.0280 4848 stisvc - ok

15:43:48.0332 4848 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

15:43:48.0333 4848 swenum - ok

15:43:48.0352 4848 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

15:43:48.0361 4848 swprv - ok

15:43:48.0370 4848 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

15:43:48.0372 4848 Symc8xx - ok

15:43:48.0380 4848 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

15:43:48.0383 4848 Sym_hi - ok

15:43:48.0394 4848 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

15:43:48.0397 4848 Sym_u3 - ok

15:43:48.0463 4848 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

15:43:48.0484 4848 SysMain - ok

15:43:48.0519 4848 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

15:43:48.0524 4848 TabletInputService - ok

15:43:48.0545 4848 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

15:43:48.0553 4848 TapiSrv - ok

15:43:48.0581 4848 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

15:43:48.0585 4848 TBS - ok

15:43:48.0640 4848 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

15:43:48.0660 4848 Tcpip - ok

15:43:48.0681 4848 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

15:43:48.0687 4848 Tcpip6 - ok

15:43:48.0737 4848 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

15:43:48.0738 4848 tcpipreg - ok

15:43:48.0778 4848 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

15:43:48.0780 4848 TDPIPE - ok

15:43:48.0788 4848 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

15:43:48.0790 4848 TDTCP - ok

15:43:48.0799 4848 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

15:43:48.0801 4848 tdx - ok

15:43:48.0989 4848 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

15:43:49.0005 4848 TeamViewer7 - ok

15:43:49.0014 4848 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

15:43:49.0016 4848 TermDD - ok

15:43:49.0051 4848 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

15:43:49.0072 4848 TermService - ok

15:43:49.0112 4848 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

15:43:49.0117 4848 Themes - ok

15:43:49.0138 4848 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

15:43:49.0141 4848 THREADORDER - ok

15:43:49.0150 4848 [ CB258C2F726F1BE73C507022BE33EBB3 ] TPM C:\Windows\system32\drivers\tpm.sys

15:43:49.0152 4848 TPM - ok

15:43:49.0230 4848 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

15:43:49.0236 4848 TrkWks - ok

15:43:49.0283 4848 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

15:43:49.0285 4848 TrustedInstaller - ok

15:43:49.0299 4848 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

15:43:49.0301 4848 tssecsrv - ok

15:43:49.0309 4848 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

15:43:49.0311 4848 tunmp - ok

15:43:49.0361 4848 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

15:43:49.0363 4848 tunnel - ok

15:43:49.0382 4848 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys

15:43:49.0386 4848 uagp35 - ok

15:43:49.0394 4848 ucos - ok

15:43:49.0408 4848 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

15:43:49.0413 4848 udfs - ok

15:43:49.0448 4848 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

15:43:49.0454 4848 UI0Detect - ok

15:43:49.0472 4848 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

15:43:49.0475 4848 uliagpkx - ok

15:43:49.0497 4848 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys

15:43:49.0503 4848 uliahci - ok

15:43:49.0513 4848 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

15:43:49.0516 4848 UlSata - ok

15:43:49.0526 4848 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

15:43:49.0529 4848 ulsata2 - ok

15:43:49.0544 4848 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

15:43:49.0546 4848 umbus - ok

15:43:49.0564 4848 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

15:43:49.0572 4848 upnphost - ok

15:43:49.0627 4848 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

15:43:49.0630 4848 usbccgp - ok

15:43:49.0640 4848 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

15:43:49.0642 4848 usbcir - ok

15:43:49.0678 4848 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

15:43:49.0680 4848 usbehci - ok

15:43:49.0696 4848 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

15:43:49.0700 4848 usbhub - ok

15:43:49.0709 4848 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys

15:43:49.0711 4848 usbohci - ok

15:43:49.0753 4848 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

15:43:49.0756 4848 usbprint - ok

15:43:49.0782 4848 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

15:43:49.0784 4848 usbscan - ok

15:43:49.0817 4848 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:43:49.0833 4848 USBSTOR - ok

15:43:49.0868 4848 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

15:43:49.0869 4848 usbuhci - ok

15:43:49.0896 4848 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

15:43:49.0901 4848 UxSms - ok

15:43:49.0923 4848 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

15:43:49.0934 4848 vds - ok

15:43:49.0943 4848 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

15:43:49.0946 4848 vga - ok

15:43:49.0955 4848 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

15:43:49.0957 4848 VgaSave - ok

15:43:49.0966 4848 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys

15:43:49.0969 4848 viaagp - ok

15:43:49.0978 4848 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys

15:43:49.0980 4848 ViaC7 - ok

15:43:50.0035 4848 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys

15:43:50.0037 4848 viaide - ok

15:43:50.0046 4848 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

15:43:50.0048 4848 volmgr - ok

15:43:50.0094 4848 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

15:43:50.0100 4848 volmgrx - ok

15:43:50.0133 4848 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys

15:43:50.0138 4848 volsnap - ok

15:43:50.0148 4848 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

15:43:50.0152 4848 vsmraid - ok

15:43:50.0195 4848 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

15:43:50.0229 4848 VSS - ok

15:43:50.0259 4848 vtany - ok

15:43:50.0273 4848 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

15:43:50.0282 4848 W32Time - ok

15:43:50.0310 4848 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

15:43:50.0312 4848 WacomPen - ok

15:43:50.0321 4848 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

15:43:50.0323 4848 Wanarp - ok

15:43:50.0331 4848 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

15:43:50.0333 4848 Wanarpv6 - ok

15:43:50.0374 4848 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

15:43:50.0386 4848 wcncsvc - ok

15:43:50.0401 4848 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

15:43:50.0406 4848 WcsPlugInService - ok

15:43:50.0415 4848 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys

15:43:50.0418 4848 Wd - ok

15:43:50.0462 4848 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

15:43:50.0470 4848 Wdf01000 - ok

15:43:50.0501 4848 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

15:43:50.0506 4848 WdiServiceHost - ok

15:43:50.0516 4848 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

15:43:50.0520 4848 WdiSystemHost - ok

15:43:50.0540 4848 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

15:43:50.0548 4848 WebClient - ok

15:43:50.0582 4848 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

15:43:50.0589 4848 Wecsvc - ok

15:43:50.0614 4848 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

15:43:50.0619 4848 wercplsupport - ok

15:43:50.0640 4848 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

15:43:50.0647 4848 WerSvc - ok

15:43:50.0688 4848 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS

15:43:50.0709 4848 winachsf - ok

15:43:50.0773 4848 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

15:43:50.0779 4848 WinDefend - ok

15:43:50.0799 4848 WinHttpAutoProxySvc - ok

15:43:50.0877 4848 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

15:43:50.0881 4848 Winmgmt - ok

15:43:50.0909 4848 WinRing0_1_2_0 - ok

15:43:50.0970 4848 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

15:43:51.0015 4848 WinRM - ok

15:43:51.0113 4848 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

15:43:51.0130 4848 Wlansvc - ok

15:43:51.0240 4848 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:43:51.0285 4848 wlidsvc - ok

15:43:51.0314 4848 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

15:43:51.0315 4848 WmiAcpi - ok

15:43:51.0352 4848 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

15:43:51.0356 4848 wmiApSrv - ok

15:43:51.0439 4848 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

15:43:51.0472 4848 WMPNetworkSvc - ok

15:43:51.0506 4848 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

15:43:51.0513 4848 WPCSvc - ok

15:43:51.0549 4848 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

15:43:51.0555 4848 WPDBusEnum - ok

15:43:51.0594 4848 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

15:43:51.0597 4848 WpdUsb - ok

15:43:51.0664 4848 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

15:43:51.0684 4848 WPFFontCache_v0400 - ok

15:43:51.0716 4848 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

15:43:51.0717 4848 ws2ifsl - ok

15:43:51.0731 4848 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll

15:43:51.0737 4848 wscsvc - ok

15:43:51.0745 4848 WSearch - ok

15:43:51.0833 4848 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

15:43:51.0864 4848 wuauserv - ok

15:43:51.0874 4848 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

15:43:51.0877 4848 WUDFRd - ok

15:43:51.0919 4848 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll

15:43:51.0924 4848 wudfsvc - ok

15:43:51.0948 4848 xhunter1 - ok

15:43:52.0031 4848 [ 0357445AB248C74DE6D5A383A1413D20 ] xsherlock C:\Windows\system32\xsherlock.xem

15:43:52.0051 4848 xsherlock - ok

15:43:52.0096 4848 ================ Scan global ===============================

15:43:52.0159 4848 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

15:43:52.0198 4848 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

15:43:52.0220 4848 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

15:43:52.0263 4848 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

15:43:52.0271 4848 [Global] - ok

15:43:52.0271 4848 ================ Scan MBR ==================================

15:43:52.0274 4848 [ 87D88FA4D3EFD4431866EA91949644BF ] \Device\Harddisk0\DR0

15:43:52.0274 4848 Suspicious mbr (Forged): \Device\Harddisk0\DR0

15:43:52.0562 4848 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected

15:43:52.0562 4848 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)

15:43:52.0615 4848 [ 87D88FA4D3EFD4431866EA91949644BF ] \Device\Harddisk1\DR1

15:43:52.0647 4848 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - infected

15:43:52.0647 4848 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Wistler.a (0)

15:43:52.0648 4848 ================ Scan VBR ==================================

15:43:52.0651 4848 [ E4870E073C305E64B838282E0A1638F7 ] \Device\Harddisk0\DR0\Partition1

15:43:52.0652 4848 \Device\Harddisk0\DR0\Partition1 - ok

15:43:52.0655 4848 [ 4C2D5FEF3CB50ECDC5F3CCB7CC58A108 ] \Device\Harddisk1\DR1\Partition1

15:43:52.0656 4848 \Device\Harddisk1\DR1\Partition1 - ok

15:43:52.0657 4848 ============================================================

15:43:52.0657 4848 Scan finished

15:43:52.0657 4848 ============================================================

15:43:52.0666 4788 Detected object count: 4

15:43:52.0666 4788 Actual detected object count: 4

15:44:28.0755 4788 c:\program files\common files\akamai/netsession_win_5891ae0.dll - copied to quarantine

15:44:28.0823 4788 HKLM\SYSTEM\ControlSet001\services\Akamai - will be deleted on reboot

15:44:29.0150 4788 HKLM\SYSTEM\ControlSet011\services\Akamai - will be deleted on reboot

15:44:29.0190 4788 c:\program files\common files\akamai/netsession_win_5891ae0.dll - will be deleted on reboot

15:44:29.0190 4788 Akamai ( HiddenFile.Multi.Generic ) - User select action: Delete

15:44:29.0264 4788 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine

15:44:29.0285 4788 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot

15:44:29.0339 4788 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot

15:44:29.0351 4788 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted on reboot

15:44:29.0362 4788 HKLM\SYSTEM\ControlSet004\services\sptd - will be deleted on reboot

15:44:29.0371 4788 HKLM\SYSTEM\ControlSet005\services\sptd - will be deleted on reboot

15:44:29.0383 4788 HKLM\SYSTEM\ControlSet006\services\sptd - will be deleted on reboot

15:44:29.0394 4788 HKLM\SYSTEM\ControlSet007\services\sptd - will be deleted on reboot

15:44:29.0405 4788 HKLM\SYSTEM\ControlSet008\services\sptd - will be deleted on reboot

15:44:29.0415 4788 HKLM\SYSTEM\ControlSet009\services\sptd - will be deleted on reboot

15:44:29.0415 4788 HKLM\SYSTEM\ControlSet011\services\sptd - will be deleted on reboot

15:44:29.0419 4788 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot

15:44:29.0419 4788 sptd ( LockedFile.Multi.Generic ) - User select action: Delete

15:44:30.0082 4788 \Device\Harddisk0\DR0\# - copied to quarantine

15:44:30.0085 4788 \Device\Harddisk0\DR0 - copied to quarantine

15:44:30.0093 4788 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - will be cured on reboot

15:44:30.0095 4788 \Device\Harddisk0\DR0 - ok

15:44:30.0095 4788 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure

15:44:30.0581 4788 \Device\Harddisk1\DR1\# - copied to quarantine

15:44:30.0582 4788 \Device\Harddisk1\DR1 - copied to quarantine

15:44:30.0590 4788 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - will be cured on reboot

15:44:30.0591 4788 \Device\Harddisk1\DR1 - ok

15:44:30.0591 4788 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - User select action: Cure

[kape]

Wil je nu de PC afsluiten en opnieuw opstarten. En laat dan je antivirus eens scannen. Benieuwd of er nog virusmeldingen komen ?

[Neymar]

Zo te zien spelen er geen geluiden meer af op het achtergrond.. Zou de virus verwijderd zijn? Ik ben nu een housecall van Trenmicro bezig. Daarna ga ik ook een scan met mijn eigen antivirus

21 september 2012 aangepast door Neymar

[kweezie wabbit]

Laat maar weten wat het resultaat is van die scans.

[Neymar]

Geen virus detectie en ik hoor niks meer. Dus zal het opgelost zijn?

[kape]

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Verwijder manueel TDSS Killer en Emsisoft.

Laat CCleaner nog eens scannen en verwijder alle gevonden zaken.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In Vista : via Configuratiescherm -> Systeem en Onderhoud -> Systeem -> tabblad "Systeembeveiliging" -> vinkje weghalen bij de schijf waarvan je de herstelpunten wil verwijderen -> klikken op "toepassen". Dan krijg je de schermmelding “Weet u zeker dat u systeemherstel wil uitschakelen”. Klik hier op “Systeemherstel uitschakelen”. Dan zijn alle herstelpunten verwijderd op de aangeduide schijf.

Zet daarna opnieuw een vinkje bij de harde schijf. Maak meteen ook een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.

Indien dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

[Neymar]

Oke alles gedaan, hartelijk bedankt om mij te helpen!