mogelijk virus

Status
Niet open voor verdere reacties.

leootje

Enthousiast
#1
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:45:59, on 5-12-2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
c:\windows\system32\taskhost.exe
c:\windows\system32\rdpclip.exe
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\program files\sigmatel\c-major audio\stacmon.exe
c:\program files\avg\avg2013\avgui.exe
c:\program files\canon\myprinter\bjmyprt.exe
c:\program files\common files\java\java update\jusched.exe
c:\windows\system32\searchprotocolhost.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\macromed\flash\flashutil32_11_9_900_152_activex.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\searchfilterhost.exe
c:\users\veronica\desktop\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]https://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
r3 - urlsearchhook: ytnavassistplugin class - {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn35\yt.dll
o2 - bho: canon easy-webprint ex bho - {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o3 - toolbar: canon easy-webprint ex - {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
o4 - hklm\..\run: [sigmatel stacmon] c:\program files\sigmatel\c-major audio\stacmon.exe
o4 - hklm\..\run: [avg_ui] c:\program files\avg\avg2013\avgui.exe /trayonly
o4 - hklm\..\run: [adobe arm] c:\program files\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [canonmyprinter] c:\program files\canon\myprinter\bjmyprt.exe /logon
o4 - hklm\..\run: [canonsolutionmenu] c:\program files\canon\solutionmenu\cnslmain.exe /logon
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\common files\java\java update\jusched.exe
o11 - options group: [accelerated_graphics] accelerated graphics
o23 - service: adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files\common files\adobe\arm\1.0\armsvc.exe
o23 - service: adobe flash player update service (adobeflashplayerupdatesvc) - adobe systems incorporated - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
o23 - service: ati hotkey poller - ati technologies inc. - c:\windows\system32\ati2evxx.exe
o23 - service: avg firewall (avgfws) - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgfws.exe
o23 - service: avgidsagent - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgidsagent.exe
o23 - service: avg watchdog (avgwd) - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgwdsvc.exe
o23 - service: google update-service (gupdate) (gupdate) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: canon inkjet printer/scanner/fax extended survey program (ijplmsvc) - unknown owner - c:\program files\canon\ijplm\ijplmsvc.exe
o23 - service: pevsystemstart - unknown owner - c:\combofix\pev.3xe
o23 - service: smartlinkservice (slservice) - - c:\windows\system32\slserv.exe
o23 - service: yahoo! updater (yahooauservice) - yahoo! inc. - c:\program files\yahoo!\softwareupdate\yahooauservice.exe
--
end of file - 4600 bytes
[/hjt]
 

abbs

Heeft veel posts
#2
Hallo,

Graag de drie logs in n keer posten.


Stap 1
Download
AdwCleaner by Xplode naar het bureaublad.
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt
Post aansluitend de inhoud van dit log in je volgende bericht.


Stap 2
Download
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap 3
Download
MalwareBytes' Anti-Malware en sla het op je bureaublad op.

  • Dubbelklik op mbam-setup-x.xx.x.xxx.exe om de installatie van Malwarebytes Anti-Malware te starten.
  • Wanneer u een beveiligingswaarschuwing van Windows krijgt klikt u op de knop "uitvoeren".
  • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
  • Als de installatie gereed is staat de optie Start de gratis probeerversie van Malwarebytes Anti-Malware PRO aangevinkt.
  • Wanneer u hier geen gebruik van wilt maken, vink deze optie dan uit.
  • Klik vervolgens op "Voltooien" om de installatie af te ronden.
  • Vervolgens wordt er automatisch een update uitgevoerd, als dit gereed is klikt u op de knop "OK".
  • Malwarebytes Anti-Malware wordt nu gestart, klik vervolgens op de knop "Scan".
  • Als de scan gereed is klik dan op de knop "bekijk resultaten".
  • Zorg ervoor dat alle items staan aangevinkt, als dit niet zo is klik dan met de rechtermuisknop op n van de items en kies "Selecteer alle objecten"
  • Klik vervolgens op de knop "Verwijder geselecteerde".
  • Wanneer de scan gereed is wordt er in kladblok een logbestand geopend, plaats deze in het volgende bericht. (Het logbestand is tevens terug te vinden onder het tabblad logbestanden).
  • Bij de melding "DRINGEND! Je moet je computer opnieuw opstarten om alle actieve infecties volledig te verwijderen." klikt u op JA om de computer opnieuw op te starten.

 

leootje

Enthousiast
#3
# AdwCleaner v3.014 - Report created 05/12/2013 at 19:35:12
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : veronica - VERONICA-PC
# Running from : C:\Users\veronica\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


*************************

AdwCleaner[R16].txt - [1874 octets] - [05/12/2013 19:33:22]
AdwCleaner[S11].txt - [1818 octets] - [05/12/2013 19:35:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [1879 octets] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x86
Ran by veronica on do 05-12-2013 at 19:43:05,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1



~~~ Files

Successfully deleted: [File] "C:\Users\veronica\appdata\locallow\SkwConfig.bin"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on do 05-12-2013 at 19:51:04,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Databaseversie: v2013.12.05.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16428
veronica :: VERONICA-PC [administrator]

5-12-2013 19:54:43
mbam-log-2013-12-05 (19-54-43).txt

Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 212651
Verstreken tijd: 11 minuut/minuten, 25 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)








Ik weet niet wat er met jrt aan de hand was maar hij kon vele keren niet in DLL.bestand wbemcomn.dll komen .
 

abbs

Heeft veel posts
#4
Hallo,

Je had het over mogelijk een virus waar merkte je dat aan?

Doe het volgende;




Download
Zoek.zip naar het bureaublad.

  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
    Code:
    firefoxlook;
    emptyclsid;
    resetWMI;
    torpigcheck;
    emptyfolderscheck;delete
    chromelook;
    standardsearch;
    filesrcm;
    autoclean;
    startupall;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.
 

leootje

Enthousiast
#5
DLL.bestand wbemcomn.dll geeft problemen kan processen niet vinden .
Ccleaner kan ook systeemherstelpunten niet openen / vinden
jou voorgaande scanner had ook problemen hiermee , dus ik dacht aan een virus.
 

leootje

Enthousiast
#7
Zoek.exe Version 4.0.0.5 Updated 05-December-2013
Tool run by veronica on vr 06-12-2013 at 21:54:21,96.

Running in: Normal Mode Internet Access Detected
Launched: C:\Users\veronica\Desktop\zoek.exe [Script inserted]

==== System Restore Info ======================

Failed to create System Restore Point

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


==== Empty Folders Check ======================

C:\Program Files\ATI Technologies deleted successfully
C:\Program Files\Belarc deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\Users\veronica\AppData\Local\DriverTuner deleted successfully
C:\Users\veronica\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8D75359D-F0F7-4FA8-88B3-BD0C5B269D17} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{DEDAF650-12B8-48f5-A843-BBA100716106} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\slserv.exe
C:\Program Files\Yahoo\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\rdpclip.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
C:\Program Files\AVG\AVG2013\avgcfgex.exe
C:\Users\veronica\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YahooAUService deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files\Yahoo! deleted
C:\Users\veronica\AppData\Roaming\Yahoo! deleted
C:\ProgramData\Yahoo! deleted
C:\ProgramData\Yahoo! Companion deleted
C:\Users\veronica\AppData\LocalLow\Yahoo! deleted
C:\Users\veronica\AppData\LocalLow\Yahoo! Companion deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Yahoo! deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Yahoo! Companion deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)
Memory (RAM): 1024 MB
CPU Info: Intel(R) Pentium(R) 4 CPU 2.50GHz
CPU Speed: 2474,3 MHz
Sound Card: Geluid van externe computer |
Display Adapters: RDPDD Chained DD | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x;
Screen Resolution: 1280 X 800 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8139/810x Family Fast Ethernet NIC
CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpCD/DVDW SH-S182M | F: HL-DT-STDVD-ROM GDR8161B
Ports: COM3 | COM1 | COM2 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 76,3GB
Hard Disks - Free: C: 14,8GB
Manufacturer *:
BIOS Info: AT/AT COMPATIBLE | 08/15/03 | _ASUS_ - 10
Time Zone: West-Europa (standaardtijd)
Motherboard *:
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Internet Explorer Version: 11.0.9600.16428
Google Chrome version: 31.0.1650.63
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Shockwave Player version: 11.0.3r472

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-11-19 15:06:41 5BD91C544E95963056C19AA3C1FC2BC8 81920 ------w- C:\Windows\bwUnin-6.1.4.36-8876480L.exe
====== C:\Users\veronica\AppData\Local\Temp ====
2013-12-05 18:42:34 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\veronica\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-12-05 08:07:39 BCAB8B6531B595A9030274E8B6EAE3D8 73016 ----a-w- C:\Users\veronica\AppData\Local\Temp\CATCHME.SYS
====== Java Cache =====
====== C:\Windows\system32 =====
2013-12-04 15:26:14 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-12-04 15:25:49 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-12-04 15:25:46 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-12-04 15:25:40 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
====== C:\Windows\system32\drivers =====
2013-11-17 09:17:38 C4FB8E7ADEA9B5CEEA885A1B504B7E40 43008 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-17 09:17:38 71D97F1A3CC47A56728F7A400A3F8295 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-17 09:17:37 FDA6F2BB7FA034D95863ED8788B4E416 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-17 09:17:37 DCDF9855145A14DFCA0AB32308871961 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-17 09:17:37 8E51D04175BAA14C4F79AA5F6D248770 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-17 09:17:37 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-17 09:17:37 6FB17D7A2E76B838886E5E8C60239DAE 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-16 08:49:39 F81BB7E487EDCEAB630A7EE66CF23913 338944 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-11-16 08:49:39 CA59F7C570AF70BC174F477CFE2D9EE3 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-11-16 08:49:30 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-11-16 08:49:30 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-11-16 08:49:30 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-11-16 08:49:24 71BC35067CABC02C9453AEAA42B2E43E 729024 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-11-16 08:49:23 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\drivers\usbscan.sys
2013-11-16 08:49:23 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-11-16 08:49:23 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-11-16 08:49:10 21F4B24ACFC79A483515BD986DD9043F 115712 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-11-16 08:43:09 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2013-11-16 08:42:28 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
====== C:\Windows\Tasks ======
2013-11-20 07:58:41 5733501BC62233ADC8ABDCAE9B14AFC3 2958 ----a-w- C:\Windows\system32\Tasks\{E60714D8-CEB4-4BCF-89C8-532FFD6C8AB0}
2013-11-20 07:39:19 2A37E8A73C441ED82AA6985A52FC65C0 3284 ----a-w- C:\Windows\system32\Tasks\{37DA67B8-2326-4C6F-AE00-A2343E446430}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Users\veronica\AppData\Roaming ======
2013-12-05 08:03:02 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\veronica\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\Public\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\leo van der stelt\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\Default User\AppData\Local\temp
====== C:\Users\veronica ======
2013-12-04 15:25:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2013-12-05 18:42:34 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\erunt\ERUNT.EXE
2013-12-05 06:18:37 0C04A51D2892F0501FED4D0EAA43FA36 1751392 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_31.0.1650.57_chrome_updater.exe
2013-12-04 15:17:20 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2013-12-04 15:17:20 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2013-12-04 15:17:20 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2013-12-04 15:17:20 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe
2013-12-04 15:17:20 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2013-12-04 15:17:20 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2013-12-04 15:17:20 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2013-12-04 15:17:20 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2013-12-04 15:17:20 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2013-12-04 15:17:20 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe
2013-12-04 15:17:20 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2013-12-04 15:17:20 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2013-12-04 15:17:20 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2013-12-04 15:17:20 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2013-12-04 15:17:20 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2013-12-04 15:17:19 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2013-12-04 15:17:19 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2013-12-04 15:17:19 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2013-12-04 15:17:19 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2013-12-04 15:17:19 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files\Java\jre7\bin\java.exe
2013-12-04 15:17:19 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
2013-12-03 22:25:32 4C2AE8D0E01A80BD6A4C71E799BBBE67 5494320 ----a-w- C:\Program Files\AVG\AVG2013\avgcremx.exe
=== C: other files ==
2013-12-06 08:19:50 81B2B7B7498D94B9A9812A8A1613BBD9 167590 ----a-w- C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3E7A0SF\wbemcomn.zip
2013-12-05 18:42:33 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\modules.bat
2013-12-05 18:42:33 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\chrome.bat
2013-12-05 18:42:33 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\firefox.bat
2013-12-05 18:42:33 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\FWPolicy.bat
2013-12-05 18:42:33 B8AF52799C6359D40228B006C1432C57 16063 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\get.bat
2013-12-05 18:42:33 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\ask.bat
2013-12-05 18:42:33 87458834C37183459AA6F19EF5E06533 9099 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\runvalues.bat
2013-12-05 18:42:33 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\ev_clear.bat
2013-12-05 18:42:33 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\iexplore.bat
2013-12-05 18:42:33 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\delorphans.bat
2013-12-05 18:42:33 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\prelim.bat
2013-12-05 18:42:33 504CA0FC8BE3A47ECE89CEC2E5B21E67 10261 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\JRT.bat
2013-12-05 18:42:33 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\searchlnk.bat
2013-12-05 18:42:33 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\TDL4.bat
2013-12-05 18:42:33 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\medfos.bat
2013-12-05 18:42:33 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\delfolders.bat
2013-12-05 18:42:33 006F09DF7EB9E9E61935F16AF2B6DC71 150291 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\misc.bat
2013-12-05 08:07:39 BCAB8B6531B595A9030274E8B6EAE3D8 73016 ----a-w- C:\Users\veronica\AppData\Local\temp\CATCHME.SYS
2013-12-05 08:05:07 650E725002C116E3A1F6A0377CC0AFB7 78510 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\2f2cc3ca-5383-47d3-a79e-d1442749c4d9.zip
2013-12-05 07:43:39 76236CD6BC2498F101E6D0379B6DD291 345641 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\1d2c1ba9-5389-47d3-a79e-d1442749c4d9.zip
2013-12-04 15:25:11 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmaTel StacMon"="C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe"
"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24-11-2013 09:14]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-07-2013 12:24]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-07-2013 12:24]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Ad-Aware Update (Weekly)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\{E60714D8-CEB4-4BCF-89C8-532FFD6C8AB0}" [C:\Users\veronica\Downloads\it222enu.exe]

==== Folders in C:\ProgramData 0-6 Months Old ======================

2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Bureaublad
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Documenten
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Favorieten
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Menu Start
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Sjablonen
2013-07-19 12:52:38 -------- d-----w- C:\ProgramData\IM
2013-07-19 14:26:46 -------- d-----w- C:\ProgramData\IncrediMail
2013-07-19 14:28:00 -------- d-----w- C:\ProgramData\Photo Notifier and Animation Creator
2013-07-19 15:25:03 -------- d-----w- C:\ProgramData\MFAData
2013-07-19 15:25:23 -------- d--h--w- C:\ProgramData\Common Files
2013-07-19 15:30:59 -------- d-----w- C:\ProgramData\AVG2012
2013-07-22 07:35:31 -------- d-----w- C:\ProgramData\Lavasoft
2013-07-23 11:24:31 -------- d-----w- C:\ProgramData\DriverGenius
2013-07-24 07:02:41 -------- d-----w- C:\ProgramData\Sun
2013-07-26 18:10:41 -------- d--h--w- C:\ProgramData\CanonBJ
2013-07-27 23:51:41 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-29 22:10:35 -------- d-----w- C:\ProgramData\Adobe
2013-07-29 22:11:36 -------- d-----w- C:\ProgramData\Google
2013-08-15 22:58:17 -------- d-----w- C:\ProgramData\AVG2013
2013-09-01 20:05:33 -------- d--h--w- C:\ProgramData\CanonIJScan
2013-09-07 17:29:05 -------- d-----w- C:\ProgramData\Auslogics
2013-09-07 18:41:39 -------- d-----w- C:\ProgramData\WinZip
2013-10-18 18:10:11 -------- d-----w- C:\ProgramData\CanonIJPLM
2013-10-18 18:10:30 -------- d--h--w- C:\ProgramData\CanonIJMyPrinter
2013-10-18 18:11:03 -------- d--h--w- C:\ProgramData\CanonIJEPPEX
2013-10-18 18:23:47 -------- d--h--w- C:\ProgramData\CanonIJSolutionMenu
2013-10-18 18:31:55 -------- d--h--w- C:\ProgramData\CanonIJEGV
2013-10-18 18:36:27 -------- d-----w- C:\ProgramData\CanonIJ

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\0C33954C22E80A548861507D218A7799 deleted successfully

==== HijackThis Entries ======================

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SmartLinkService (SLService) - - C:\Windows\SYSTEM32\slserv.exe

==== Empty IE Cache ======================

C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J9GL9GRX will be deleted at reboot
C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K7BS6J0O will be deleted at reboot
C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3E7A0SF will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\veronica\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Reset WMI ======================

De Windows Management Instrumentation-service is niet gestart.

Typ NET HELPMSG 3521 voor meer hulp.

C:\Windows\system32\wbem\repository renamed to repository.old

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\leo van der stelt\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\veronica\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\veronica\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J9GL9GRX" not found
"C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K7BS6J0O" not found
"C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3E7A0SF" not found

==== EOF on vr 06-12-2013 at 22:31:12,65 ======================





Ook met deze scan hetzelfde probleem met dat dll bestand

---------- Bericht toegevoegd op 22:40 ---------- Vorige bericht was op 22:37 ----------

Zoek.exe Version 4.0.0.5 Updated 05-December-2013
Tool run by veronica on vr 06-12-2013 at 21:54:21,96.

Running in: Normal Mode Internet Access Detected
Launched: C:\Users\veronica\Desktop\zoek.exe [Script inserted]

==== System Restore Info ======================

Failed to create System Restore Point

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


==== Empty Folders Check ======================

C:\Program Files\ATI Technologies deleted successfully
C:\Program Files\Belarc deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\Users\veronica\AppData\Local\DriverTuner deleted successfully
C:\Users\veronica\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8D75359D-F0F7-4FA8-88B3-BD0C5B269D17} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-999374491-2198632272-2187689358-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{DEDAF650-12B8-48f5-A843-BBA100716106} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\slserv.exe
C:\Program Files\Yahoo\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\rdpclip.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
C:\Program Files\AVG\AVG2013\avgcfgex.exe
C:\Users\veronica\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YahooAUService deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files\Yahoo! deleted
C:\Users\veronica\AppData\Roaming\Yahoo! deleted
C:\ProgramData\Yahoo! deleted
C:\ProgramData\Yahoo! Companion deleted
C:\Users\veronica\AppData\LocalLow\Yahoo! deleted
C:\Users\veronica\AppData\LocalLow\Yahoo! Companion deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Yahoo! deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Yahoo! Companion deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)
Memory (RAM): 1024 MB
CPU Info: Intel(R) Pentium(R) 4 CPU 2.50GHz
CPU Speed: 2474,3 MHz
Sound Card: Geluid van externe computer |
Display Adapters: RDPDD Chained DD | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x;
Screen Resolution: 1280 X 800 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8139/810x Family Fast Ethernet NIC
CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpCD/DVDW SH-S182M | F: HL-DT-STDVD-ROM GDR8161B
Ports: COM3 | COM1 | COM2 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 76,3GB
Hard Disks - Free: C: 14,8GB
Manufacturer *:
BIOS Info: AT/AT COMPATIBLE | 08/15/03 | _ASUS_ - 10
Time Zone: West-Europa (standaardtijd)
Motherboard *:
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Internet Explorer Version: 11.0.9600.16428
Google Chrome version: 31.0.1650.63
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Shockwave Player version: 11.0.3r472

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-11-19 15:06:41 5BD91C544E95963056C19AA3C1FC2BC8 81920 ------w- C:\Windows\bwUnin-6.1.4.36-8876480L.exe
====== C:\Users\veronica\AppData\Local\Temp ====
2013-12-05 18:42:34 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\veronica\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-12-05 08:07:39 BCAB8B6531B595A9030274E8B6EAE3D8 73016 ----a-w- C:\Users\veronica\AppData\Local\Temp\CATCHME.SYS
====== Java Cache =====
====== C:\Windows\system32 =====
2013-12-04 15:26:14 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-12-04 15:25:49 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-12-04 15:25:46 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-12-04 15:25:40 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
====== C:\Windows\system32\drivers =====
2013-11-17 09:17:38 C4FB8E7ADEA9B5CEEA885A1B504B7E40 43008 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-17 09:17:38 71D97F1A3CC47A56728F7A400A3F8295 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-17 09:17:37 FDA6F2BB7FA034D95863ED8788B4E416 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-17 09:17:37 DCDF9855145A14DFCA0AB32308871961 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-17 09:17:37 8E51D04175BAA14C4F79AA5F6D248770 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-17 09:17:37 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-17 09:17:37 6FB17D7A2E76B838886E5E8C60239DAE 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-16 08:49:39 F81BB7E487EDCEAB630A7EE66CF23913 338944 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-11-16 08:49:39 CA59F7C570AF70BC174F477CFE2D9EE3 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-11-16 08:49:30 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-11-16 08:49:30 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-11-16 08:49:30 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-11-16 08:49:24 71BC35067CABC02C9453AEAA42B2E43E 729024 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-11-16 08:49:23 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\drivers\usbscan.sys
2013-11-16 08:49:23 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-11-16 08:49:23 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-11-16 08:49:10 21F4B24ACFC79A483515BD986DD9043F 115712 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-11-16 08:43:09 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2013-11-16 08:42:28 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
====== C:\Windows\Tasks ======
2013-11-20 07:58:41 5733501BC62233ADC8ABDCAE9B14AFC3 2958 ----a-w- C:\Windows\system32\Tasks\{E60714D8-CEB4-4BCF-89C8-532FFD6C8AB0}
2013-11-20 07:39:19 2A37E8A73C441ED82AA6985A52FC65C0 3284 ----a-w- C:\Windows\system32\Tasks\{37DA67B8-2326-4C6F-AE00-A2343E446430}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Users\veronica\AppData\Roaming ======
2013-12-05 08:03:02 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\veronica\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\Public\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\leo van der stelt\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-12-05 08:03:02 -------- d-----w- C:\Users\Default User\AppData\Local\temp
====== C:\Users\veronica ======
2013-12-04 15:25:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2013-12-05 18:42:34 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\erunt\ERUNT.EXE
2013-12-05 06:18:37 0C04A51D2892F0501FED4D0EAA43FA36 1751392 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_31.0.1650.57_chrome_updater.exe
2013-12-04 15:17:20 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2013-12-04 15:17:20 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2013-12-04 15:17:20 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2013-12-04 15:17:20 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe
2013-12-04 15:17:20 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2013-12-04 15:17:20 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2013-12-04 15:17:20 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2013-12-04 15:17:20 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2013-12-04 15:17:20 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2013-12-04 15:17:20 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe
2013-12-04 15:17:20 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2013-12-04 15:17:20 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2013-12-04 15:17:20 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2013-12-04 15:17:20 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2013-12-04 15:17:20 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2013-12-04 15:17:19 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2013-12-04 15:17:19 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2013-12-04 15:17:19 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2013-12-04 15:17:19 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2013-12-04 15:17:19 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files\Java\jre7\bin\java.exe
2013-12-04 15:17:19 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
2013-12-03 22:25:32 4C2AE8D0E01A80BD6A4C71E799BBBE67 5494320 ----a-w- C:\Program Files\AVG\AVG2013\avgcremx.exe
=== C: other files ==
2013-12-06 08:19:50 81B2B7B7498D94B9A9812A8A1613BBD9 167590 ----a-w- C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3E7A0SF\wbemcomn.zip
2013-12-05 18:42:33 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\modules.bat
2013-12-05 18:42:33 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\chrome.bat
2013-12-05 18:42:33 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\firefox.bat
2013-12-05 18:42:33 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\FWPolicy.bat
2013-12-05 18:42:33 B8AF52799C6359D40228B006C1432C57 16063 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\get.bat
2013-12-05 18:42:33 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\ask.bat
2013-12-05 18:42:33 87458834C37183459AA6F19EF5E06533 9099 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\runvalues.bat
2013-12-05 18:42:33 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\ev_clear.bat
2013-12-05 18:42:33 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\iexplore.bat
2013-12-05 18:42:33 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\delorphans.bat
2013-12-05 18:42:33 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\prelim.bat
2013-12-05 18:42:33 504CA0FC8BE3A47ECE89CEC2E5B21E67 10261 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\JRT.bat
2013-12-05 18:42:33 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\searchlnk.bat
2013-12-05 18:42:33 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\TDL4.bat
2013-12-05 18:42:33 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\medfos.bat
2013-12-05 18:42:33 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\delfolders.bat
2013-12-05 18:42:33 006F09DF7EB9E9E61935F16AF2B6DC71 150291 ----a-w- C:\Users\veronica\AppData\Local\temp\jrt\misc.bat
2013-12-05 08:07:39 BCAB8B6531B595A9030274E8B6EAE3D8 73016 ----a-w- C:\Users\veronica\AppData\Local\temp\CATCHME.SYS
2013-12-05 08:05:07 650E725002C116E3A1F6A0377CC0AFB7 78510 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\2f2cc3ca-5383-47d3-a79e-d1442749c4d9.zip
2013-12-05 07:43:39 76236CD6BC2498F101E6D0379B6DD291 345641 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\1d2c1ba9-5389-47d3-a79e-d1442749c4d9.zip
2013-12-04 15:25:11 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmaTel StacMon"="C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe"
"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24-11-2013 09:14]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-07-2013 12:24]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-07-2013 12:24]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Ad-Aware Update (Weekly)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\{E60714D8-CEB4-4BCF-89C8-532FFD6C8AB0}" [C:\Users\veronica\Downloads\it222enu.exe]

==== Folders in C:\ProgramData 0-6 Months Old ======================

2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Bureaublad
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Documenten
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Favorieten
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Menu Start
2013-07-19 11:10:52 -------- d-sh--we C:\ProgramData\Sjablonen
2013-07-19 12:52:38 -------- d-----w- C:\ProgramData\IM
2013-07-19 14:26:46 -------- d-----w- C:\ProgramData\IncrediMail
2013-07-19 14:28:00 -------- d-----w- C:\ProgramData\Photo Notifier and Animation Creator
2013-07-19 15:25:03 -------- d-----w- C:\ProgramData\MFAData
2013-07-19 15:25:23 -------- d--h--w- C:\ProgramData\Common Files
2013-07-19 15:30:59 -------- d-----w- C:\ProgramData\AVG2012
2013-07-22 07:35:31 -------- d-----w- C:\ProgramData\Lavasoft
2013-07-23 11:24:31 -------- d-----w- C:\ProgramData\DriverGenius
2013-07-24 07:02:41 -------- d-----w- C:\ProgramData\Sun
2013-07-26 18:10:41 -------- d--h--w- C:\ProgramData\CanonBJ
2013-07-27 23:51:41 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-29 22:10:35 -------- d-----w- C:\ProgramData\Adobe
2013-07-29 22:11:36 -------- d-----w- C:\ProgramData\Google
2013-08-15 22:58:17 -------- d-----w- C:\ProgramData\AVG2013
2013-09-01 20:05:33 -------- d--h--w- C:\ProgramData\CanonIJScan
2013-09-07 17:29:05 -------- d-----w- C:\ProgramData\Auslogics
2013-09-07 18:41:39 -------- d-----w- C:\ProgramData\WinZip
2013-10-18 18:10:11 -------- d-----w- C:\ProgramData\CanonIJPLM
2013-10-18 18:10:30 -------- d--h--w- C:\ProgramData\CanonIJMyPrinter
2013-10-18 18:11:03 -------- d--h--w- C:\ProgramData\CanonIJEPPEX
2013-10-18 18:23:47 -------- d--h--w- C:\ProgramData\CanonIJSolutionMenu
2013-10-18 18:31:55 -------- d--h--w- C:\ProgramData\CanonIJEGV
2013-10-18 18:36:27 -------- d-----w- C:\ProgramData\CanonIJ

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\0C33954C22E80A548861507D218A7799 deleted successfully

==== HijackThis Entries ======================

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SmartLinkService (SLService) - - C:\Windows\SYSTEM32\slserv.exe

==== Empty IE Cache ======================

C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J9GL9GRX will be deleted at reboot
C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K7BS6J0O will be deleted at reboot
C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3E7A0SF will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\veronica\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Reset WMI ======================

De Windows Management Instrumentation-service is niet gestart.

Typ NET HELPMSG 3521 voor meer hulp.

C:\Windows\system32\wbem\repository renamed to repository.old

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\leo van der stelt\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\veronica\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\veronica\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J9GL9GRX" not found
"C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K7BS6J0O" not found
"C:\Users\veronica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3E7A0SF" not found

==== EOF on vr 06-12-2013 at 22:31:12,65 ======================





Ook met deze scan hetzelfde probleem met dat dll bestand
 

abbs

Heeft veel posts
#8
Hallo,

Download
ComboFix van n van de onderstaande locaties naar het bureaublad.
Bleeping Computer
Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe
(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is genstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u n van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.
 

leootje

Enthousiast
#9
ComboFix 13-12-06.01 - veronica 06-12-2013 23:01:31.8.1 - x86
Gestart vanuit: c:\users\veronica\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Voorgaande Run -------
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-11-06 to 2013-12-06 ))))))))))))))))))))))))))))))
.
.
2013-12-06 22:17 . 2013-12-06 22:22 -------- d-----w- c:\users\veronica\AppData\Local\temp
2013-12-06 21:51 . 2013-12-06 21:51 -------- d-----w- c:\programdata\Yahoo!
2013-12-06 21:51 . 2013-12-06 21:59 -------- d-----w- c:\programdata\Yahoo! Companion
2013-12-06 21:51 . 2013-12-06 21:51 -------- d-----w- c:\program files\Yahoo!
2013-12-06 21:51 . 2013-12-06 21:51 -------- d-----w- c:\users\veronica\AppData\Roaming\Yahoo!
2013-12-06 21:24 . 2013-12-06 20:54 24064 ----a-w- c:\windows\zoek-delete.exe
2013-12-06 20:54 . 2013-12-06 21:09 -------- d-----w- C:\zoek_backup
2013-12-05 08:31 . 2013-12-05 08:31 -------- d-----w- c:\program files\Auslogics
2013-12-04 15:25 . 2013-12-04 15:25 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-11-19 15:06 . 2013-11-19 15:06 81920 ------w- c:\windows\bwUnin-6.1.4.36-8876480L.exe
2013-11-19 15:05 . 2002-11-23 11:15 322832 ----a-w- c:\windows\system32\MFC30.DLL
2013-11-17 09:47 . 2013-11-17 09:47 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-17 09:47 . 2013-11-17 09:47 37888 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2013-11-17 09:47 . 2013-11-17 09:47 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-17 09:47 . 2013-11-17 09:47 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-17 09:47 . 2013-11-17 09:47 4240384 ----a-w- c:\windows\system32\jscript9.dll
2013-11-17 09:47 . 2013-11-17 09:47 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-17 09:17 . 2013-09-04 01:14 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-17 09:17 . 2013-09-04 01:14 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-17 09:17 . 2013-09-04 01:15 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-17 09:17 . 2013-09-04 01:14 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-17 09:17 . 2013-09-04 01:14 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-17 09:17 . 2013-09-04 01:14 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-17 09:17 . 2013-09-04 01:14 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-16 08:50 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\system32\authui.dll
2013-11-16 08:50 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-16 08:50 . 2013-10-04 01:56 168960 ----a-w- c:\windows\system32\credui.dll
2013-11-16 08:48 . 2013-08-28 01:04 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-11-16 08:43 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-11-16 08:42 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-24 08:14 . 2013-07-19 14:47 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-24 08:14 . 2013-07-19 14:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-09 23:34 . 2013-09-09 23:34 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmaTel StacMon"="c:\program files\SigmaTel\C-Major Audio\stacmon.exe" [2003-03-26 45056]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-09-23 4411952]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 cpuz135;cpuz135;c:\program files\CPUID\PC Wizard 2012\pcwiz_x32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-17 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 24064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-07-22 1343400]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-07-19 60216]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-07-19 246072]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-09-04 39224]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-07-19 208184]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-09-09 22328]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-07-19 171320]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-03-21 182072]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-07-19 37664]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [2013-09-04 1432080]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 06:18 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-19 08:14]
.
2013-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-19 11:24]
.
2013-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-19 11:24]
.
.
------- Bijkomende Scan -------
.
uStart Page = https://www.google.nl/
uInternet Settings,ProxyOverride = localhost
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\progra~1\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\slserv.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\taskhost.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\System32\rundll32.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\LogonUI.exe
c:\windows\system32\rdpclip.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Voltooingstijd: 2013-12-06 23:30:17 - machine werd herstart
ComboFix-quarantined-files.txt 2013-12-06 22:30
ComboFix2.txt 2013-09-19 18:06
ComboFix3.txt 2013-09-09 22:07
.
Pre-Run: 16.221.757.440 bytes beschikbaar
Post-Run: 16.188.444.672 bytes beschikbaar
.
- - End Of File - - CC2CC6D7621EE55CC18E5836AF483E43
A36C5E4F47E84449FF07ED3517B43A31
 

leootje

Enthousiast
#11
Even een vraagje , avg staat er al op ,wat is daar de reden van om hem te verwijderen en weer opnieuw te instaleren .

---------- Bericht toegevoegd op 09:11 ---------- Vorige bericht was op 09:05 ----------

Ik kan ook geen gegevends laten verzamelen bij systeeminformatie .
 

abbs

Heeft veel posts
#12
Even een vraagje , avg staat er al op ,wat is daar de reden van om hem te verwijderen en weer opnieuw te instaleren .

---------- Bericht toegevoegd op 09:11 ---------- Vorige bericht was op 09:05 ----------

Ik kan ook geen gegevends laten verzamelen bij systeeminformatie .
Hallo,

Avg kan met die melding te maken hebben.
Dat van systeeminformatie is dat al lang?
 

abbs

Heeft veel posts
#14
Hallo,

Doe eens;

Download TDSSKiller en plaats het op je bureaublad.
  • Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.
  • Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).
  • Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
  • Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
  • Start nu TDSSkiller opnieuw.
  • Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
  • Klik op de knop "Start Scan" en volg de instructies.
    • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
    • Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
    • Voeg dit log-bestand als bijlage toe aan het volgende bericht.
 

leootje

Enthousiast
#15
09:42:19.0045 6044 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:42:21.0092 6044 ============================================================
09:42:21.0092 6044 Current date / time: 2013/12/07 09:42:21.0092
09:42:21.0092 6044 SystemInfo:
09:42:21.0092 6044
09:42:21.0092 6044 OS Version: 6.1.7601 ServicePack: 1.0
09:42:21.0092 6044 Product type: Workstation
09:42:21.0092 6044 ComputerName: VERONICA-PC
09:42:21.0092 6044 UserName: veronica
09:42:21.0092 6044 Windows directory: C:\Windows
09:42:21.0092 6044 System windows directory: C:\Windows
09:42:21.0092 6044 Processor architecture: Intel x86
09:42:21.0092 6044 Number of processors: 1
09:42:21.0092 6044 Page size: 0x1000
09:42:21.0092 6044 Boot type: Normal boot
09:42:21.0092 6044 ============================================================
09:42:28.0092 6044 Drive \Device\Harddisk0\DR0 - Size: 0x1315740000 (76.34 Gb), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:42:28.0264 6044 ============================================================
09:42:28.0264 6044 \Device\Harddisk0\DR0:
09:42:28.0280 6044 MBR partitions:
09:42:28.0280 6044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x98AA51F
09:42:28.0280 6044 ============================================================
09:42:28.0795 6044 C: <-> \Device\Harddisk0\DR0\Partition1
09:42:28.0842 6044 ============================================================
09:42:28.0842 6044 Initialize success
09:42:28.0842 6044 ============================================================
09:43:47.0369 4740 ============================================================
09:43:47.0369 4740 Scan started
09:43:47.0369 4740 Mode: Manual; SigCheck; TDLFS;
09:43:47.0369 4740 ============================================================
09:43:49.0416 4740 ================ Scan system memory ========================
09:43:49.0416 4740 System memory - ok
09:43:49.0431 4740 ================ Scan services =============================
09:43:49.0759 4740 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:43:50.0025 4740 1394ohci - ok
09:43:50.0087 4740 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:43:50.0150 4740 ACPI - ok
09:43:50.0259 4740 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:43:50.0369 4740 AcpiPmi - ok
09:43:50.0556 4740 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:43:50.0587 4740 AdobeARMservice - ok
09:43:50.0744 4740 [ 438F31336B3DC248ABC632F1C8F34A24 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:43:50.0806 4740 AdobeFlashPlayerUpdateSvc - ok
09:43:50.0916 4740 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:43:50.0994 4740 adp94xx - ok
09:43:51.0150 4740 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:43:51.0228 4740 adpahci - ok
09:43:51.0322 4740 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:43:51.0400 4740 adpu320 - ok
09:43:51.0478 4740 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:43:51.0853 4740 AeLookupSvc - ok
09:43:51.0978 4740 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
09:43:52.0087 4740 AFD - ok
09:43:52.0166 4740 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:43:52.0197 4740 agp440 - ok
09:43:52.0291 4740 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:43:52.0322 4740 aic78xx - ok
09:43:52.0462 4740 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
09:43:52.0556 4740 ALG - ok
09:43:52.0650 4740 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
09:43:52.0681 4740 aliide - ok
09:43:52.0775 4740 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:43:52.0806 4740 amdagp - ok
09:43:52.0837 4740 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
09:43:52.0869 4740 amdide - ok
09:43:52.0978 4740 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:43:53.0056 4740 AmdK8 - ok
09:43:53.0166 4740 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:43:53.0244 4740 AmdPPM - ok
09:43:53.0369 4740 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:43:53.0400 4740 amdsata - ok
09:43:53.0494 4740 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:43:53.0525 4740 amdsbs - ok
09:43:53.0587 4740 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:43:53.0634 4740 amdxata - ok
09:43:53.0712 4740 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
09:43:53.0822 4740 AppID - ok
09:43:53.0900 4740 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:43:54.0009 4740 AppIDSvc - ok
09:43:54.0103 4740 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
09:43:54.0212 4740 Appinfo - ok
09:43:54.0306 4740 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
09:43:54.0416 4740 AppMgmt - ok
09:43:54.0478 4740 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
09:43:54.0509 4740 arc - ok
09:43:54.0603 4740 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:43:54.0634 4740 arcsas - ok
09:43:54.0697 4740 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:43:54.0869 4740 AsyncMac - ok
09:43:54.0947 4740 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
09:43:54.0978 4740 atapi - ok
09:43:55.0087 4740 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\Windows\system32\Ati2evxx.exe
09:43:55.0212 4740 Ati HotKey Poller - ok
09:43:55.0353 4740 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\Windows\system32\DRIVERS\ati2mtag.sys
09:43:55.0494 4740 ati2mtag - ok
09:43:55.0650 4740 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:43:55.0759 4740 AudioEndpointBuilder - ok
09:43:55.0837 4740 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:43:55.0900 4740 Audiosrv - ok
09:43:56.0009 4740 [ 0FE7773CD592DAE0CA994BA987F44E85 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
09:43:56.0072 4740 Avgfwfd - ok
09:43:56.0275 4740 [ 51782A3D230D0337853B43D0810D0193 ] avgfws C:\Program Files\AVG\AVG2013\avgfws.exe
09:43:56.0400 4740 avgfws - ok
09:43:56.0697 4740 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
09:43:56.0994 4740 AVGIDSAgent - ok
09:43:57.0166 4740 [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:43:57.0228 4740 AVGIDSDriver - ok
09:43:57.0259 4740 [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
09:43:57.0291 4740 AVGIDSHX - ok
09:43:57.0384 4740 [ 2717EBC35166B8793DBFFB4390B8F2E7 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:43:57.0416 4740 AVGIDSShim - ok
09:43:57.0478 4740 [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
09:43:57.0525 4740 Avgldx86 - ok
09:43:57.0619 4740 [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
09:43:57.0666 4740 Avglogx - ok
09:43:57.0712 4740 [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
09:43:57.0759 4740 Avgmfx86 - ok
09:43:57.0822 4740 [ CBCE8ED318DB8EA431F9D25AC9B7FF41 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
09:43:57.0853 4740 Avgrkx86 - ok
09:43:57.0900 4740 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
09:43:57.0947 4740 Avgtdix - ok
09:43:58.0041 4740 [ C6C470CD49FE9DBA0F082540D7AF7642 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
09:43:58.0072 4740 avgtp - ok
09:43:58.0166 4740 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
09:43:58.0212 4740 avgwd - ok
09:43:58.0306 4740 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:43:58.0462 4740 AxInstSV - ok
09:43:58.0587 4740 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
09:43:58.0728 4740 b06bdrv - ok
09:43:58.0837 4740 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:43:58.0916 4740 b57nd60x - ok
09:43:59.0041 4740 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
09:43:59.0150 4740 BDESVC - ok
09:43:59.0228 4740 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
09:43:59.0337 4740 Beep - ok
09:43:59.0447 4740 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
09:43:59.0556 4740 BFE - ok
09:43:59.0650 4740 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
09:43:59.0869 4740 BITS - ok
09:43:59.0916 4740 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:43:59.0978 4740 blbdrive - ok
09:44:00.0056 4740 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:44:00.0150 4740 bowser - ok
09:44:00.0212 4740 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:44:00.0291 4740 BrFiltLo - ok
09:44:00.0353 4740 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:44:00.0447 4740 BrFiltUp - ok
09:44:00.0572 4740 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:44:00.0681 4740 BridgeMP - ok
09:44:00.0759 4740 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
09:44:00.0869 4740 Browser - ok
09:44:00.0931 4740 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:44:01.0041 4740 Brserid - ok
09:44:01.0119 4740 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:44:01.0181 4740 BrSerWdm - ok
09:44:01.0244 4740 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:44:01.0322 4740 BrUsbMdm - ok
09:44:01.0400 4740 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:44:01.0462 4740 BrUsbSer - ok
09:44:01.0525 4740 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:44:01.0587 4740 BTHMODEM - ok
09:44:01.0728 4740 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
09:44:01.0806 4740 bthserv - ok
09:44:02.0009 4740 catchme - ok
09:44:02.0072 4740 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:44:02.0181 4740 cdfs - ok
09:44:02.0291 4740 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:44:02.0369 4740 cdrom - ok
09:44:02.0478 4740 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
09:44:02.0572 4740 CertPropSvc - ok
09:44:02.0634 4740 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
09:44:02.0712 4740 circlass - ok
09:44:02.0791 4740 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
09:44:02.0837 4740 CLFS - ok
09:44:03.0025 4740 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:03.0197 4740 clr_optimization_v2.0.50727_32 - ok
09:44:03.0353 4740 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:03.0478 4740 clr_optimization_v4.0.30319_32 - ok
09:44:03.0556 4740 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:44:03.0822 4740 CmBatt - ok
09:44:03.0916 4740 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:44:03.0978 4740 cmdide - ok
09:44:04.0072 4740 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
09:44:04.0166 4740 CNG - ok
09:44:04.0244 4740 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:44:04.0275 4740 Compbatt - ok
09:44:04.0337 4740 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:44:04.0400 4740 CompositeBus - ok
09:44:04.0462 4740 COMSysApp - ok
09:44:04.0525 4740 cpuz135 - ok
09:44:04.0603 4740 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:44:04.0650 4740 crcdisk - ok
09:44:04.0775 4740 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:44:04.0884 4740 CryptSvc - ok
09:44:04.0962 4740 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
09:44:05.0087 4740 CSC - ok
09:44:05.0181 4740 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
09:44:05.0259 4740 CscService - ok
09:44:05.0369 4740 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:44:05.0494 4740 DcomLaunch - ok
09:44:05.0572 4740 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
09:44:05.0666 4740 defragsvc - ok
09:44:05.0759 4740 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:44:05.0869 4740 DfsC - ok
09:44:05.0994 4740 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:44:06.0103 4740 Dhcp - ok
09:44:06.0181 4740 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
09:44:06.0275 4740 discache - ok
09:44:06.0353 4740 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
09:44:06.0384 4740 Disk - ok
09:44:06.0462 4740 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:44:06.0572 4740 dmvsc - ok
09:44:06.0650 4740 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:44:06.0759 4740 Dnscache - ok
09:44:06.0837 4740 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
09:44:06.0962 4740 dot3svc - ok
09:44:07.0025 4740 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
09:44:07.0134 4740 DPS - ok
09:44:07.0244 4740 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:44:07.0322 4740 drmkaud - ok
09:44:07.0431 4740 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:44:07.0541 4740 DXGKrnl - ok
09:44:07.0619 4740 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
09:44:07.0712 4740 EapHost - ok
09:44:07.0962 4740 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
09:44:08.0212 4740 ebdrv - ok
09:44:08.0291 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
09:44:08.0400 4740 EFS - ok
09:44:08.0525 4740 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:44:08.0634 4740 ehRecvr - ok
09:44:08.0712 4740 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
09:44:08.0791 4740 ehSched - ok
09:44:08.0916 4740 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:44:08.0978 4740 elxstor - ok
09:44:09.0025 4740 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:44:09.0103 4740 ErrDev - ok
09:44:09.0244 4740 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
09:44:09.0369 4740 EventSystem - ok
09:44:09.0416 4740 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
09:44:09.0525 4740 exfat - ok
09:44:09.0587 4740 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:44:09.0697 4740 fastfat - ok
09:44:09.0822 4740 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
09:44:09.0947 4740 Fax - ok
09:44:10.0041 4740 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:44:10.0103 4740 fdc - ok
09:44:10.0181 4740 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
09:44:10.0275 4740 fdPHost - ok
09:44:10.0353 4740 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
09:44:10.0431 4740 FDResPub - ok
09:44:10.0494 4740 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:44:10.0525 4740 FileInfo - ok
09:44:10.0603 4740 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:44:10.0712 4740 Filetrace - ok
09:44:10.0775 4740 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:44:10.0853 4740 flpydisk - ok
09:44:10.0994 4740 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:44:11.0025 4740 FltMgr - ok
09:44:11.0166 4740 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
09:44:11.0306 4740 FontCache - ok
09:44:11.0447 4740 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:44:11.0462 4740 FontCache3.0.0.0 - ok
09:44:11.0541 4740 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:44:11.0572 4740 FsDepends - ok
09:44:11.0666 4740 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:44:11.0697 4740 Fs_Rec - ok
09:44:11.0837 4740 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:44:11.0916 4740 fvevol - ok
09:44:12.0009 4740 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:44:12.0025 4740 gagp30kx - ok
09:44:12.0134 4740 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
09:44:12.0259 4740 gpsvc - ok
09:44:12.0400 4740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:12.0431 4740 gupdate - ok
09:44:12.0462 4740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:12.0478 4740 gupdatem - ok
09:44:12.0603 4740 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:44:12.0634 4740 gusvc - ok
09:44:12.0712 4740 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:44:12.0869 4740 hcw85cir - ok
09:44:12.0947 4740 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:44:13.0025 4740 HDAudBus - ok
09:44:13.0087 4740 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:44:13.0166 4740 HidBatt - ok
09:44:13.0228 4740 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:44:13.0322 4740 HidBth - ok
09:44:13.0384 4740 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:44:13.0494 4740 HidIr - ok
09:44:13.0556 4740 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
09:44:13.0650 4740 hidserv - ok
09:44:13.0791 4740 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:44:13.0994 4740 HidUsb - ok
09:44:14.0072 4740 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:44:14.0166 4740 hkmsvc - ok
09:44:14.0228 4740 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:44:14.0353 4740 HomeGroupListener - ok
09:44:14.0447 4740 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:44:14.0556 4740 HomeGroupProvider - ok
09:44:14.0666 4740 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:44:14.0681 4740 HpSAMD - ok
09:44:14.0759 4740 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:44:14.0900 4740 HTTP - ok
09:44:14.0978 4740 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:44:14.0994 4740 hwpolicy - ok
09:44:15.0072 4740 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:44:15.0150 4740 i8042prt - ok
09:44:15.0244 4740 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:44:15.0291 4740 iaStorV - ok
09:44:15.0416 4740 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:44:15.0494 4740 idsvc - ok
09:44:15.0556 4740 IEEtwCollectorService - ok
09:44:15.0650 4740 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:44:15.0681 4740 iirsp - ok
09:44:15.0837 4740 [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
09:44:15.0869 4740 IJPLMSVC - ok
09:44:15.0978 4740 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
09:44:16.0087 4740 IKEEXT - ok
09:44:16.0197 4740 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
09:44:16.0228 4740 intelide - ok
09:44:16.0337 4740 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:44:16.0416 4740 intelppm - ok
09:44:16.0494 4740 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:44:16.0603 4740 IPBusEnum - ok
09:44:16.0681 4740 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:16.0806 4740 IpFilterDriver - ok
09:44:16.0916 4740 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:44:17.0072 4740 iphlpsvc - ok
09:44:17.0134 4740 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:44:17.0181 4740 IPMIDRV - ok
09:44:17.0259 4740 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:44:17.0353 4740 IPNAT - ok
09:44:17.0462 4740 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:44:17.0572 4740 IRENUM - ok
09:44:17.0634 4740 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:44:17.0666 4740 isapnp - ok
09:44:17.0744 4740 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:44:17.0791 4740 iScsiPrt - ok
09:44:17.0853 4740 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:44:17.0884 4740 kbdclass - ok
09:44:17.0994 4740 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:44:18.0087 4740 kbdhid - ok
09:44:18.0150 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
09:44:18.0197 4740 KeyIso - ok
09:44:18.0291 4740 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:44:18.0322 4740 KSecDD - ok
09:44:18.0369 4740 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:44:18.0416 4740 KSecPkg - ok
09:44:18.0509 4740 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
09:44:18.0603 4740 KtmRm - ok
09:44:18.0697 4740 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
09:44:18.0822 4740 LanmanServer - ok
09:44:18.0900 4740 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:44:19.0025 4740 LanmanWorkstation - ok
09:44:19.0150 4740 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:44:19.0259 4740 lltdio - ok
09:44:19.0322 4740 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:44:19.0431 4740 lltdsvc - ok
09:44:19.0494 4740 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
09:44:19.0603 4740 lmhosts - ok
09:44:19.0728 4740 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:44:19.0759 4740 LSI_FC - ok
09:44:19.0837 4740 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:44:19.0869 4740 LSI_SAS - ok
09:44:19.0962 4740 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:44:20.0025 4740 LSI_SAS2 - ok
09:44:20.0072 4740 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:44:20.0103 4740 LSI_SCSI - ok
09:44:20.0181 4740 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
09:44:20.0306 4740 luafv - ok
09:44:20.0384 4740 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:44:20.0462 4740 Mcx2Svc - ok
09:44:20.0525 4740 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
09:44:20.0556 4740 megasas - ok
09:44:20.0634 4740 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:44:20.0666 4740 MegaSR - ok
09:44:20.0744 4740 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
09:44:20.0869 4740 MMCSS - ok
09:44:20.0916 4740 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
09:44:21.0041 4740 Modem - ok
09:44:21.0150 4740 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:44:21.0259 4740 monitor - ok
09:44:21.0384 4740 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:44:21.0416 4740 mouclass - ok
09:44:21.0556 4740 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:44:21.0650 4740 mouhid - ok
09:44:21.0712 4740 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:44:21.0791 4740 mountmgr - ok
09:44:21.0869 4740 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
09:44:21.0916 4740 mpio - ok
09:44:21.0947 4740 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:44:22.0087 4740 mpsdrv - ok
09:44:22.0181 4740 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:44:22.0337 4740 MpsSvc - ok
09:44:22.0416 4740 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:44:22.0634 4740 MRxDAV - ok
09:44:22.0697 4740 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:22.0822 4740 mrxsmb - ok
09:44:22.0900 4740 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:22.0994 4740 mrxsmb10 - ok
09:44:23.0072 4740 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:23.0166 4740 mrxsmb20 - ok
09:44:23.0228 4740 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
09:44:23.0259 4740 msahci - ok
09:44:23.0369 4740 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:44:23.0416 4740 msdsm - ok
09:44:23.0478 4740 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
09:44:23.0572 4740 MSDTC - ok
09:44:23.0681 4740 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:44:23.0791 4740 Msfs - ok
09:44:23.0853 4740 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:44:23.0962 4740 mshidkmdf - ok
09:44:24.0025 4740 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:44:24.0087 4740 msisadrv - ok
09:44:24.0197 4740 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:44:24.0306 4740 MSiSCSI - ok
09:44:24.0337 4740 msiserver - ok
09:44:24.0416 4740 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:44:24.0509 4740 MSKSSRV - ok
09:44:24.0572 4740 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:24.0681 4740 MSPCLOCK - ok
09:44:24.0728 4740 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:44:24.0837 4740 MSPQM - ok
09:44:24.0916 4740 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:44:24.0962 4740 MsRPC - ok
09:44:25.0025 4740 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:44:25.0072 4740 mssmbios - ok
09:44:25.0119 4740 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:44:25.0228 4740 MSTEE - ok
09:44:25.0291 4740 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:44:25.0384 4740 MTConfig - ok
09:44:25.0494 4740 [ 33F438BD66F2877BBB5567E49208A346 ] Mtlmnt5 C:\Windows\system32\DRIVERS\Mtlmnt5.sys
09:44:25.0775 4740 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - warning
09:44:25.0775 4740 Mtlmnt5 - detected UnsignedFile.Multi.Generic (1)
09:44:25.0947 4740 [ 4D98402AE75097E362CC8ED94079D94C ] Mtlstrm C:\Windows\system32\DRIVERS\Mtlstrm.sys
09:44:26.0291 4740 Mtlstrm ( UnsignedFile.Multi.Generic ) - warning
09:44:26.0291 4740 Mtlstrm - detected UnsignedFile.Multi.Generic (1)
09:44:26.0369 4740 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
09:44:26.0400 4740 Mup - ok
09:44:26.0494 4740 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
09:44:26.0619 4740 napagent - ok
09:44:26.0744 4740 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:44:26.0837 4740 NativeWifiP - ok
09:44:26.0962 4740 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:44:27.0025 4740 NDIS - ok
09:44:27.0150 4740 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:44:27.0275 4740 NdisCap - ok
09:44:27.0353 4740 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:27.0478 4740 NdisTapi - ok
09:44:27.0541 4740 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:27.0619 4740 Ndisuio - ok
09:44:27.0697 4740 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:27.0837 4740 NdisWan - ok
09:44:27.0900 4740 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:44:28.0025 4740 NDProxy - ok
09:44:28.0134 4740 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:44:28.0259 4740 NetBIOS - ok
09:44:28.0322 4740 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:44:28.0447 4740 NetBT - ok
09:44:28.0509 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon C:\Windows\system32\lsass.exe
09:44:28.0572 4740 Netlogon - ok
09:44:28.0681 4740 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
09:44:28.0775 4740 Netman - ok
09:44:28.0837 4740 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
09:44:28.0962 4740 netprofm - ok
09:44:29.0041 4740 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:44:29.0072 4740 NetTcpPortSharing - ok
09:44:29.0181 4740 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:44:29.0212 4740 nfrd960 - ok
09:44:29.0291 4740 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:44:29.0416 4740 NlaSvc - ok
09:44:29.0494 4740 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:44:29.0572 4740 Npfs - ok
09:44:29.0666 4740 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
09:44:29.0775 4740 nsi - ok
09:44:29.0837 4740 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:44:29.0962 4740 nsiproxy - ok
09:44:30.0103 4740 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:44:30.0197 4740 Ntfs - ok
09:44:30.0291 4740 [ 6AF0557BBFFDDE15B985F2C1B82D43E0 ] NtMtlFax C:\Windows\system32\DRIVERS\NtMtlFax.sys
09:44:30.0494 4740 NtMtlFax ( UnsignedFile.Multi.Generic ) - warning
09:44:30.0494 4740 NtMtlFax - detected UnsignedFile.Multi.Generic (1)
09:44:30.0556 4740 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
09:44:30.0681 4740 Null - ok
09:44:30.0759 4740 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:44:30.0791 4740 nvraid - ok
09:44:30.0884 4740 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:44:30.0931 4740 nvstor - ok
09:44:30.0994 4740 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:44:31.0056 4740 nv_agp - ok
09:44:31.0150 4740 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:44:31.0259 4740 ohci1394 - ok
09:44:31.0337 4740 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:44:31.0494 4740 p2pimsvc - ok
09:44:31.0587 4740 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
09:44:31.0697 4740 p2psvc - ok
09:44:31.0791 4740 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:44:31.0900 4740 Parport - ok
09:44:31.0978 4740 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:44:31.0994 4740 partmgr - ok
09:44:32.0087 4740 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:44:32.0150 4740 Parvdm - ok
09:44:32.0228 4740 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:44:32.0337 4740 PcaSvc - ok
09:44:32.0400 4740 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
09:44:32.0494 4740 pci - ok
09:44:32.0572 4740 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
09:44:32.0603 4740 pciide - ok
09:44:32.0681 4740 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:44:32.0728 4740 pcmcia - ok
09:44:32.0791 4740 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
09:44:32.0837 4740 pcw - ok
09:44:32.0900 4740 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:44:33.0087 4740 PEAUTH - ok
09:44:33.0197 4740 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:44:33.0384 4740 PeerDistSvc - ok
09:44:33.0587 4740 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
09:44:33.0791 4740 pla - ok
09:44:33.0900 4740 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:44:34.0025 4740 PlugPlay - ok
09:44:34.0150 4740 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:44:34.0306 4740 PNRPAutoReg - ok
09:44:34.0369 4740 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:44:34.0447 4740 PNRPsvc - ok
09:44:34.0541 4740 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:44:34.0650 4740 PolicyAgent - ok
09:44:34.0759 4740 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
09:44:34.0869 4740 Power - ok
09:44:34.0978 4740 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:44:35.0119 4740 PptpMiniport - ok
09:44:35.0166 4740 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
09:44:35.0259 4740 Processor - ok
09:44:35.0369 4740 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
09:44:35.0494 4740 ProfSvc - ok
09:44:35.0541 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:44:35.0619 4740 ProtectedStorage - ok
09:44:35.0681 4740 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:44:35.0806 4740 Psched - ok
09:44:35.0916 4740 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:44:36.0009 4740 ql2300 - ok
09:44:36.0072 4740 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:44:36.0119 4740 ql40xx - ok
09:44:36.0212 4740 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
09:44:36.0337 4740 QWAVE - ok
09:44:36.0384 4740 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:44:36.0494 4740 QWAVEdrv - ok
09:44:36.0556 4740 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:44:36.0697 4740 RasAcd - ok
09:44:36.0806 4740 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:44:36.0916 4740 RasAgileVpn - ok
09:44:36.0994 4740 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
09:44:37.0103 4740 RasAuto - ok
09:44:37.0212 4740 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:37.0337 4740 Rasl2tp - ok
09:44:37.0462 4740 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
09:44:37.0572 4740 RasMan - ok
09:44:37.0634 4740 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:37.0775 4740 RasPppoe - ok
09:44:37.0837 4740 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:44:37.0947 4740 RasSstp - ok
09:44:38.0041 4740 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:44:38.0166 4740 rdbss - ok
09:44:38.0228 4740 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:44:38.0337 4740 rdpbus - ok
09:44:38.0416 4740 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:44:38.0541 4740 RDPCDD - ok
09:44:38.0634 4740 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:44:38.0775 4740 RDPDR - ok
09:44:38.0822 4740 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:44:38.0962 4740 RDPENCDD - ok
09:44:39.0041 4740 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:44:39.0166 4740 RDPREFMP - ok
09:44:39.0244 4740 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:44:39.0384 4740 RdpVideoMiniport - ok
09:44:39.0462 4740 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:44:39.0587 4740 RDPWD - ok
09:44:39.0681 4740 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:44:39.0728 4740 rdyboost - ok
09:44:39.0822 4740 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
09:44:39.0947 4740 RemoteAccess - ok
09:44:40.0025 4740 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:44:40.0166 4740 RemoteRegistry - ok
09:44:40.0275 4740 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:44:40.0400 4740 RpcEptMapper - ok
09:44:40.0478 4740 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
09:44:40.0572 4740 RpcLocator - ok
09:44:40.0650 4740 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
09:44:40.0775 4740 RpcSs - ok
09:44:40.0869 4740 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:44:40.0994 4740 rspndr - ok
09:44:41.0103 4740 [ 4E20765744BFBC16F6D6E5BD5598786B ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
09:44:41.0197 4740 RTL8023xp - ok
09:44:41.0275 4740 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:44:41.0384 4740 s3cap - ok
09:44:41.0447 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs C:\Windows\system32\lsass.exe
09:44:41.0525 4740 SamSs - ok
09:44:41.0603 4740 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:44:41.0634 4740 sbp2port - ok
09:44:41.0728 4740 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:44:41.0869 4740 SCardSvr - ok
09:44:41.0931 4740 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:44:42.0056 4740 scfilter - ok
09:44:42.0166 4740 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
09:44:42.0337 4740 Schedule - ok
09:44:42.0400 4740 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:44:42.0494 4740 SCPolicySvc - ok
09:44:42.0587 4740 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:44:42.0681 4740 SDRSVC - ok
09:44:42.0775 4740 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:44:42.0947 4740 secdrv - ok
09:44:43.0025 4740 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
09:44:43.0166 4740 seclogon - ok
09:44:43.0275 4740 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
09:44:43.0400 4740 SENS - ok
09:44:43.0494 4740 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:44:43.0587 4740 SensrSvc - ok
09:44:43.0681 4740 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:44:43.0775 4740 Serenum - ok
09:44:43.0837 4740 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:44:43.0947 4740 Serial - ok
09:44:44.0009 4740 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:44:44.0087 4740 sermouse - ok
09:44:44.0244 4740 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
09:44:44.0369 4740 SessionEnv - ok
09:44:44.0431 4740 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:44:44.0666 4740 sffdisk - ok
09:44:44.0837 4740 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:44:44.0947 4740 sffp_mmc - ok
09:44:44.0994 4740 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:44:45.0103 4740 sffp_sd - ok
09:44:45.0181 4740 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:44:45.0275 4740 sfloppy - ok
09:44:45.0353 4740 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:44:45.0509 4740 SharedAccess - ok
09:44:45.0603 4740 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:44:45.0744 4740 ShellHWDetection - ok
09:44:45.0806 4740 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
09:44:45.0837 4740 sisagp - ok
09:44:45.0931 4740 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:44:45.0947 4740 SiSRaid2 - ok
09:44:46.0009 4740 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:44:46.0119 4740 SiSRaid4 - ok
09:44:46.0259 4740 [ 769D8F1C7BBDB5C0C1EB157575DAD0BA ] Slntamr C:\Windows\system32\DRIVERS\slntamr.sys
09:44:46.0541 4740 Slntamr ( UnsignedFile.Multi.Generic ) - warning
09:44:46.0541 4740 Slntamr - detected UnsignedFile.Multi.Generic (1)
09:44:46.0587 4740 [ EDD0BCB2B8548A95B2633C249BFAEEC7 ] SlNtHal C:\Windows\system32\DRIVERS\Slnthal.sys
09:44:46.0837 4740 SlNtHal ( UnsignedFile.Multi.Generic ) - warning
09:44:46.0837 4740 SlNtHal - detected UnsignedFile.Multi.Generic (1)
09:44:46.0869 4740 SLService - ok
09:44:46.0978 4740 [ 3B4A3B282F62FE5D75127D22B26909ED ] SlWdmSup C:\Windows\system32\DRIVERS\SlWdmSup.sys
09:44:47.0134 4740 SlWdmSup ( UnsignedFile.Multi.Generic ) - warning
09:44:47.0134 4740 SlWdmSup - detected UnsignedFile.Multi.Generic (1)
09:44:47.0228 4740 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:44:47.0337 4740 Smb - ok
09:44:47.0478 4740 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:44:47.0603 4740 SNMPTRAP - ok
09:44:47.0681 4740 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
09:44:47.0712 4740 spldr - ok
09:44:47.0791 4740 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
09:44:47.0931 4740 Spooler - ok
09:44:48.0150 4740 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
09:44:48.0447 4740 sppsvc - ok
09:44:48.0525 4740 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:44:48.0650 4740 sppuinotify - ok
09:44:48.0744 4740 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:44:48.0900 4740 srv - ok
09:44:48.0962 4740 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:44:49.0087 4740 srv2 - ok
09:44:49.0181 4740 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:44:49.0291 4740 srvnet - ok
09:44:49.0369 4740 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:44:49.0478 4740 SSDPSRV - ok
09:44:49.0509 4740 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:44:49.0634 4740 SstpSvc - ok
09:44:49.0712 4740 [ 2D138621D3522D38032D45C896C5209A ] STAC97 C:\Windows\system32\drivers\STAC97.sys
09:44:49.0884 4740 STAC97 - ok
09:44:49.0962 4740 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:44:49.0978 4740 stexstor - ok
09:44:50.0119 4740 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
09:44:50.0275 4740 StiSvc - ok
09:44:50.0353 4740 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:44:50.0384 4740 storflt - ok
09:44:50.0509 4740 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:44:50.0525 4740 storvsc - ok
09:44:50.0603 4740 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:44:50.0650 4740 swenum - ok
09:44:50.0744 4740 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
09:44:50.0837 4740 swprv - ok
09:44:50.0916 4740 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
09:44:50.0947 4740 Synth3dVsc - ok
09:44:51.0103 4740 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
09:44:51.0275 4740 SysMain - ok
09:44:51.0353 4740 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:44:51.0478 4740 TabletInputService - ok
09:44:51.0556 4740 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
09:44:51.0697 4740 TapiSrv - ok
09:44:51.0759 4740 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
09:44:51.0884 4740 TBS - ok
09:44:52.0025 4740 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:44:52.0119 4740 Tcpip - ok
09:44:52.0228 4740 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:44:52.0337 4740 TCPIP6 - ok
09:44:52.0431 4740 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:44:52.0525 4740 tcpipreg - ok
09:44:52.0619 4740 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:44:52.0744 4740 TDPIPE - ok
09:44:52.0806 4740 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:44:52.0900 4740 TDTCP - ok
09:44:52.0994 4740 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:44:53.0103 4740 tdx - ok
09:44:53.0166 4740 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:44:53.0197 4740 TermDD - ok
09:44:53.0275 4740 [ E951866BAC5A23403F62A349EDBB6EEB ] terminpt C:\Windows\system32\drivers\terminpt.sys
09:44:53.0353 4740 terminpt - ok
09:44:53.0447 4740 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
09:44:53.0572 4740 TermService - ok
09:44:53.0619 4740 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
09:44:53.0681 4740 Themes - ok
09:44:53.0728 4740 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
09:44:53.0822 4740 THREADORDER - ok
09:44:53.0916 4740 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
09:44:54.0025 4740 TrkWks - ok
09:44:54.0150 4740 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:44:54.0259 4740 TrustedInstaller - ok
09:44:54.0353 4740 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:44:54.0478 4740 tssecsrv - ok
09:44:54.0556 4740 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:44:54.0681 4740 TsUsbFlt - ok
09:44:54.0759 4740 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:44:54.0853 4740 TsUsbGD - ok
09:44:54.0916 4740 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
09:44:55.0041 4740 tsusbhub - ok
09:44:55.0166 4740 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:44:55.0244 4740 tunnel - ok
09:44:55.0291 4740 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:44:55.0322 4740 uagp35 - ok
09:44:55.0416 4740 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:44:55.0509 4740 udfs - ok
09:44:55.0634 4740 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:44:55.0728 4740 UI0Detect - ok
09:44:55.0791 4740 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:44:55.0806 4740 uliagpkx - ok
09:44:55.0916 4740 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:44:56.0025 4740 umbus - ok
09:44:56.0072 4740 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
09:44:56.0166 4740 UmPass - ok
09:44:56.0244 4740 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
09:44:56.0322 4740 UmRdpService - ok
09:44:56.0416 4740 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
09:44:56.0525 4740 upnphost - ok
09:44:56.0587 4740 [ 71D97F1A3CC47A56728F7A400A3F8295 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:44:56.0697 4740 usbccgp - ok
09:44:56.0775 4740 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:44:56.0994 4740 usbcir - ok
09:44:57.0072 4740 [ C4FB8E7ADEA9B5CEEA885A1B504B7E40 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:44:57.0275 4740 usbehci - ok
09:44:57.0337 4740 [ 86AA95ACB611001E26CD2C0145F2225A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:44:57.0525 4740 usbhub - ok
09:44:57.0603 4740 [ DCDF9855145A14DFCA0AB32308871961 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:44:57.0775 4740 usbohci - ok
09:44:57.0900 4740 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:44:57.0994 4740 usbprint - ok
09:44:58.0087 4740 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\Windows\system32\drivers\usbscan.sys
09:44:58.0197 4740 usbscan - ok
09:44:58.0275 4740 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:44:58.0384 4740 USBSTOR - ok
09:44:58.0447 4740 [ 8E51D04175BAA14C4F79AA5F6D248770 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:44:58.0634 4740 usbuhci - ok
09:44:58.0712 4740 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
09:44:58.0837 4740 UxSms - ok
09:44:58.0900 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc C:\Windows\system32\lsass.exe
09:44:58.0962 4740 VaultSvc - ok
09:44:59.0072 4740 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:44:59.0087 4740 vdrvroot - ok
09:44:59.0197 4740 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
09:44:59.0337 4740 vds - ok
09:44:59.0447 4740 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:44:59.0509 4740 vga - ok
09:44:59.0556 4740 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:44:59.0681 4740 VgaSave - ok
09:44:59.0712 4740 VGPU - ok
09:44:59.0791 4740 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:44:59.0822 4740 vhdmp - ok
09:44:59.0884 4740 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:44:59.0947 4740 viaagp - ok
09:44:59.0978 4740 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:45:00.0087 4740 ViaC7 - ok
09:45:00.0166 4740 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
09:45:00.0181 4740 viaide - ok
09:45:00.0259 4740 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:45:00.0306 4740 vmbus - ok
09:45:00.0369 4740 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:45:00.0478 4740 VMBusHID - ok
09:45:00.0541 4740 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:45:00.0572 4740 volmgr - ok
09:45:00.0634 4740 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:45:00.0712 4740 volmgrx - ok
09:45:00.0759 4740 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:45:00.0822 4740 volsnap - ok
09:45:00.0884 4740 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:45:00.0931 4740 vsmraid - ok
09:45:01.0056 4740 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
09:45:01.0275 4740 VSS - ok
09:45:01.0337 4740 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:45:01.0478 4740 vwifibus - ok
09:45:01.0541 4740 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
09:45:01.0697 4740 W32Time - ok
09:45:01.0791 4740 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:45:01.0916 4740 WacomPen - ok
09:45:01.0994 4740 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:45:02.0134 4740 WANARP - ok
09:45:02.0166 4740 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:45:02.0291 4740 Wanarpv6 - ok
09:45:02.0416 4740 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:45:02.0572 4740 WatAdminSvc - ok
09:45:02.0697 4740 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
09:45:02.0869 4740 wbengine - ok
09:45:02.0916 4740 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:45:03.0072 4740 WbioSrvc - ok
09:45:03.0150 4740 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:45:03.0306 4740 wcncsvc - ok
09:45:03.0369 4740 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:45:03.0509 4740 WcsPlugInService - ok
09:45:03.0603 4740 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
09:45:03.0634 4740 Wd - ok
09:45:03.0744 4740 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:45:03.0837 4740 Wdf01000 - ok
09:45:03.0900 4740 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:45:04.0119 4740 WdiServiceHost - ok
09:45:04.0181 4740 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:45:04.0306 4740 WdiSystemHost - ok
09:45:04.0400 4740 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\Windows\System32\webclnt.dll
09:45:04.0525 4740 WebClient - ok
09:45:04.0619 4740 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:45:04.0744 4740 Wecsvc - ok
09:45:04.0806 4740 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:45:04.0916 4740 wercplsupport - ok
09:45:04.0978 4740 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
09:45:05.0134 4740 WerSvc - ok
09:45:05.0244 4740 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:45:05.0384 4740 WfpLwf - ok
09:45:05.0431 4740 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:45:05.0462 4740 WIMMount - ok
09:45:05.0603 4740 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:45:05.0791 4740 WinDefend - ok
09:45:05.0853 4740 WinHttpAutoProxySvc - ok
09:45:05.0994 4740 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:45:06.0134 4740 Winmgmt - ok
09:45:06.0259 4740 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
09:45:06.0478 4740 WinRM - ok
09:45:06.0666 4740 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:45:06.0837 4740 Wlansvc - ok
09:45:06.0916 4740 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:45:07.0025 4740 WmiAcpi - ok
09:45:07.0134 4740 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:45:07.0259 4740 wmiApSrv - ok
09:45:07.0462 4740 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:45:07.0666 4740 WMPNetworkSvc - ok
09:45:07.0744 4740 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:45:07.0884 4740 WPCSvc - ok
09:45:07.0931 4740 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:45:08.0103 4740 WPDBusEnum - ok
09:45:08.0181 4740 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:45:08.0337 4740 ws2ifsl - ok
09:45:08.0462 4740 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
09:45:08.0603 4740 wscsvc - ok
09:45:08.0634 4740 WSearch - ok
09:45:08.0869 4740 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:45:09.0009 4740 wuauserv - ok
09:45:09.0087 4740 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:45:09.0212 4740 WudfPf - ok
09:45:09.0337 4740 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:45:09.0447 4740 WUDFRd - ok
09:45:09.0541 4740 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:45:09.0666 4740 wudfsvc - ok
09:45:09.0759 4740 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:45:10.0025 4740 WwanSvc - ok
09:45:10.0212 4740 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:45:10.0384 4740 YahooAUService - ok
09:45:10.0462 4740 ================ Scan global ===============================
09:45:10.0541 4740 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:45:10.0634 4740 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
09:45:10.0666 4740 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
09:45:10.0744 4740 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:45:10.0822 4740 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:45:10.0837 4740 [Global] - ok
09:45:10.0853 4740 ================ Scan MBR ==================================
09:45:10.0884 4740 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:45:11.0478 4740 \Device\Harddisk0\DR0 - ok
09:45:11.0494 4740 ================ Scan VBR ==================================
09:45:11.0509 4740 [ 1041588475B109FDFA54914757160908 ] \Device\Harddisk0\DR0\Partition1
09:45:11.0509 4740 \Device\Harddisk0\DR0\Partition1 - ok
09:45:11.0525 4740 ============================================================
09:45:11.0525 4740 Scan finished
09:45:11.0525 4740 ============================================================
09:45:11.0556 4968 Detected object count: 6
09:45:11.0556 4968 Actual detected object count: 6
09:48:26.0398 4968 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0398 4968 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0398 4968 Mtlstrm ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0414 4968 Mtlstrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0414 4968 NtMtlFax ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0414 4968 NtMtlFax ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0429 4968 Slntamr ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0429 4968 Slntamr ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0445 4968 SlNtHal ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0445 4968 SlNtHal ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0460 4968 SlWdmSup ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0460 4968 SlWdmSup ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:55:16.0148 4972 Deinitialize success





Hij heeft er 6 gevonden volgends mij .

---------- Bericht toegevoegd op 09:59 ---------- Vorige bericht was op 09:59 ----------

09:42:19.0045 6044 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:42:21.0092 6044 ============================================================
09:42:21.0092 6044 Current date / time: 2013/12/07 09:42:21.0092
09:42:21.0092 6044 SystemInfo:
09:42:21.0092 6044
09:42:21.0092 6044 OS Version: 6.1.7601 ServicePack: 1.0
09:42:21.0092 6044 Product type: Workstation
09:42:21.0092 6044 ComputerName: VERONICA-PC
09:42:21.0092 6044 UserName: veronica
09:42:21.0092 6044 Windows directory: C:\Windows
09:42:21.0092 6044 System windows directory: C:\Windows
09:42:21.0092 6044 Processor architecture: Intel x86
09:42:21.0092 6044 Number of processors: 1
09:42:21.0092 6044 Page size: 0x1000
09:42:21.0092 6044 Boot type: Normal boot
09:42:21.0092 6044 ============================================================
09:42:28.0092 6044 Drive \Device\Harddisk0\DR0 - Size: 0x1315740000 (76.34 Gb), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:42:28.0264 6044 ============================================================
09:42:28.0264 6044 \Device\Harddisk0\DR0:
09:42:28.0280 6044 MBR partitions:
09:42:28.0280 6044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x98AA51F
09:42:28.0280 6044 ============================================================
09:42:28.0795 6044 C: <-> \Device\Harddisk0\DR0\Partition1
09:42:28.0842 6044 ============================================================
09:42:28.0842 6044 Initialize success
09:42:28.0842 6044 ============================================================
09:43:47.0369 4740 ============================================================
09:43:47.0369 4740 Scan started
09:43:47.0369 4740 Mode: Manual; SigCheck; TDLFS;
09:43:47.0369 4740 ============================================================
09:43:49.0416 4740 ================ Scan system memory ========================
09:43:49.0416 4740 System memory - ok
09:43:49.0431 4740 ================ Scan services =============================
09:43:49.0759 4740 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:43:50.0025 4740 1394ohci - ok
09:43:50.0087 4740 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:43:50.0150 4740 ACPI - ok
09:43:50.0259 4740 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:43:50.0369 4740 AcpiPmi - ok
09:43:50.0556 4740 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:43:50.0587 4740 AdobeARMservice - ok
09:43:50.0744 4740 [ 438F31336B3DC248ABC632F1C8F34A24 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:43:50.0806 4740 AdobeFlashPlayerUpdateSvc - ok
09:43:50.0916 4740 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:43:50.0994 4740 adp94xx - ok
09:43:51.0150 4740 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:43:51.0228 4740 adpahci - ok
09:43:51.0322 4740 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:43:51.0400 4740 adpu320 - ok
09:43:51.0478 4740 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:43:51.0853 4740 AeLookupSvc - ok
09:43:51.0978 4740 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
09:43:52.0087 4740 AFD - ok
09:43:52.0166 4740 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:43:52.0197 4740 agp440 - ok
09:43:52.0291 4740 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:43:52.0322 4740 aic78xx - ok
09:43:52.0462 4740 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
09:43:52.0556 4740 ALG - ok
09:43:52.0650 4740 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
09:43:52.0681 4740 aliide - ok
09:43:52.0775 4740 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:43:52.0806 4740 amdagp - ok
09:43:52.0837 4740 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
09:43:52.0869 4740 amdide - ok
09:43:52.0978 4740 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:43:53.0056 4740 AmdK8 - ok
09:43:53.0166 4740 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:43:53.0244 4740 AmdPPM - ok
09:43:53.0369 4740 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:43:53.0400 4740 amdsata - ok
09:43:53.0494 4740 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:43:53.0525 4740 amdsbs - ok
09:43:53.0587 4740 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:43:53.0634 4740 amdxata - ok
09:43:53.0712 4740 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
09:43:53.0822 4740 AppID - ok
09:43:53.0900 4740 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:43:54.0009 4740 AppIDSvc - ok
09:43:54.0103 4740 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
09:43:54.0212 4740 Appinfo - ok
09:43:54.0306 4740 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
09:43:54.0416 4740 AppMgmt - ok
09:43:54.0478 4740 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
09:43:54.0509 4740 arc - ok
09:43:54.0603 4740 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:43:54.0634 4740 arcsas - ok
09:43:54.0697 4740 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:43:54.0869 4740 AsyncMac - ok
09:43:54.0947 4740 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
09:43:54.0978 4740 atapi - ok
09:43:55.0087 4740 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\Windows\system32\Ati2evxx.exe
09:43:55.0212 4740 Ati HotKey Poller - ok
09:43:55.0353 4740 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\Windows\system32\DRIVERS\ati2mtag.sys
09:43:55.0494 4740 ati2mtag - ok
09:43:55.0650 4740 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:43:55.0759 4740 AudioEndpointBuilder - ok
09:43:55.0837 4740 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:43:55.0900 4740 Audiosrv - ok
09:43:56.0009 4740 [ 0FE7773CD592DAE0CA994BA987F44E85 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
09:43:56.0072 4740 Avgfwfd - ok
09:43:56.0275 4740 [ 51782A3D230D0337853B43D0810D0193 ] avgfws C:\Program Files\AVG\AVG2013\avgfws.exe
09:43:56.0400 4740 avgfws - ok
09:43:56.0697 4740 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
09:43:56.0994 4740 AVGIDSAgent - ok
09:43:57.0166 4740 [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:43:57.0228 4740 AVGIDSDriver - ok
09:43:57.0259 4740 [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
09:43:57.0291 4740 AVGIDSHX - ok
09:43:57.0384 4740 [ 2717EBC35166B8793DBFFB4390B8F2E7 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:43:57.0416 4740 AVGIDSShim - ok
09:43:57.0478 4740 [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
09:43:57.0525 4740 Avgldx86 - ok
09:43:57.0619 4740 [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
09:43:57.0666 4740 Avglogx - ok
09:43:57.0712 4740 [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
09:43:57.0759 4740 Avgmfx86 - ok
09:43:57.0822 4740 [ CBCE8ED318DB8EA431F9D25AC9B7FF41 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
09:43:57.0853 4740 Avgrkx86 - ok
09:43:57.0900 4740 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
09:43:57.0947 4740 Avgtdix - ok
09:43:58.0041 4740 [ C6C470CD49FE9DBA0F082540D7AF7642 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
09:43:58.0072 4740 avgtp - ok
09:43:58.0166 4740 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
09:43:58.0212 4740 avgwd - ok
09:43:58.0306 4740 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:43:58.0462 4740 AxInstSV - ok
09:43:58.0587 4740 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
09:43:58.0728 4740 b06bdrv - ok
09:43:58.0837 4740 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:43:58.0916 4740 b57nd60x - ok
09:43:59.0041 4740 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
09:43:59.0150 4740 BDESVC - ok
09:43:59.0228 4740 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
09:43:59.0337 4740 Beep - ok
09:43:59.0447 4740 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
09:43:59.0556 4740 BFE - ok
09:43:59.0650 4740 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
09:43:59.0869 4740 BITS - ok
09:43:59.0916 4740 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:43:59.0978 4740 blbdrive - ok
09:44:00.0056 4740 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:44:00.0150 4740 bowser - ok
09:44:00.0212 4740 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:44:00.0291 4740 BrFiltLo - ok
09:44:00.0353 4740 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:44:00.0447 4740 BrFiltUp - ok
09:44:00.0572 4740 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:44:00.0681 4740 BridgeMP - ok
09:44:00.0759 4740 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
09:44:00.0869 4740 Browser - ok
09:44:00.0931 4740 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:44:01.0041 4740 Brserid - ok
09:44:01.0119 4740 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:44:01.0181 4740 BrSerWdm - ok
09:44:01.0244 4740 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:44:01.0322 4740 BrUsbMdm - ok
09:44:01.0400 4740 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:44:01.0462 4740 BrUsbSer - ok
09:44:01.0525 4740 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:44:01.0587 4740 BTHMODEM - ok
09:44:01.0728 4740 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
09:44:01.0806 4740 bthserv - ok
09:44:02.0009 4740 catchme - ok
09:44:02.0072 4740 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:44:02.0181 4740 cdfs - ok
09:44:02.0291 4740 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:44:02.0369 4740 cdrom - ok
09:44:02.0478 4740 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
09:44:02.0572 4740 CertPropSvc - ok
09:44:02.0634 4740 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
09:44:02.0712 4740 circlass - ok
09:44:02.0791 4740 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
09:44:02.0837 4740 CLFS - ok
09:44:03.0025 4740 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:03.0197 4740 clr_optimization_v2.0.50727_32 - ok
09:44:03.0353 4740 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:03.0478 4740 clr_optimization_v4.0.30319_32 - ok
09:44:03.0556 4740 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:44:03.0822 4740 CmBatt - ok
09:44:03.0916 4740 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:44:03.0978 4740 cmdide - ok
09:44:04.0072 4740 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
09:44:04.0166 4740 CNG - ok
09:44:04.0244 4740 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:44:04.0275 4740 Compbatt - ok
09:44:04.0337 4740 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:44:04.0400 4740 CompositeBus - ok
09:44:04.0462 4740 COMSysApp - ok
09:44:04.0525 4740 cpuz135 - ok
09:44:04.0603 4740 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:44:04.0650 4740 crcdisk - ok
09:44:04.0775 4740 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:44:04.0884 4740 CryptSvc - ok
09:44:04.0962 4740 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
09:44:05.0087 4740 CSC - ok
09:44:05.0181 4740 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
09:44:05.0259 4740 CscService - ok
09:44:05.0369 4740 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:44:05.0494 4740 DcomLaunch - ok
09:44:05.0572 4740 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
09:44:05.0666 4740 defragsvc - ok
09:44:05.0759 4740 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:44:05.0869 4740 DfsC - ok
09:44:05.0994 4740 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:44:06.0103 4740 Dhcp - ok
09:44:06.0181 4740 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
09:44:06.0275 4740 discache - ok
09:44:06.0353 4740 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
09:44:06.0384 4740 Disk - ok
09:44:06.0462 4740 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:44:06.0572 4740 dmvsc - ok
09:44:06.0650 4740 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:44:06.0759 4740 Dnscache - ok
09:44:06.0837 4740 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
09:44:06.0962 4740 dot3svc - ok
09:44:07.0025 4740 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
09:44:07.0134 4740 DPS - ok
09:44:07.0244 4740 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:44:07.0322 4740 drmkaud - ok
09:44:07.0431 4740 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:44:07.0541 4740 DXGKrnl - ok
09:44:07.0619 4740 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
09:44:07.0712 4740 EapHost - ok
09:44:07.0962 4740 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
09:44:08.0212 4740 ebdrv - ok
09:44:08.0291 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
09:44:08.0400 4740 EFS - ok
09:44:08.0525 4740 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:44:08.0634 4740 ehRecvr - ok
09:44:08.0712 4740 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
09:44:08.0791 4740 ehSched - ok
09:44:08.0916 4740 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:44:08.0978 4740 elxstor - ok
09:44:09.0025 4740 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:44:09.0103 4740 ErrDev - ok
09:44:09.0244 4740 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
09:44:09.0369 4740 EventSystem - ok
09:44:09.0416 4740 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
09:44:09.0525 4740 exfat - ok
09:44:09.0587 4740 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:44:09.0697 4740 fastfat - ok
09:44:09.0822 4740 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
09:44:09.0947 4740 Fax - ok
09:44:10.0041 4740 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:44:10.0103 4740 fdc - ok
09:44:10.0181 4740 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
09:44:10.0275 4740 fdPHost - ok
09:44:10.0353 4740 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
09:44:10.0431 4740 FDResPub - ok
09:44:10.0494 4740 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:44:10.0525 4740 FileInfo - ok
09:44:10.0603 4740 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:44:10.0712 4740 Filetrace - ok
09:44:10.0775 4740 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:44:10.0853 4740 flpydisk - ok
09:44:10.0994 4740 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:44:11.0025 4740 FltMgr - ok
09:44:11.0166 4740 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
09:44:11.0306 4740 FontCache - ok
09:44:11.0447 4740 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:44:11.0462 4740 FontCache3.0.0.0 - ok
09:44:11.0541 4740 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:44:11.0572 4740 FsDepends - ok
09:44:11.0666 4740 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:44:11.0697 4740 Fs_Rec - ok
09:44:11.0837 4740 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:44:11.0916 4740 fvevol - ok
09:44:12.0009 4740 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:44:12.0025 4740 gagp30kx - ok
09:44:12.0134 4740 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
09:44:12.0259 4740 gpsvc - ok
09:44:12.0400 4740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:12.0431 4740 gupdate - ok
09:44:12.0462 4740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:12.0478 4740 gupdatem - ok
09:44:12.0603 4740 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:44:12.0634 4740 gusvc - ok
09:44:12.0712 4740 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:44:12.0869 4740 hcw85cir - ok
09:44:12.0947 4740 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:44:13.0025 4740 HDAudBus - ok
09:44:13.0087 4740 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:44:13.0166 4740 HidBatt - ok
09:44:13.0228 4740 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:44:13.0322 4740 HidBth - ok
09:44:13.0384 4740 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:44:13.0494 4740 HidIr - ok
09:44:13.0556 4740 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
09:44:13.0650 4740 hidserv - ok
09:44:13.0791 4740 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:44:13.0994 4740 HidUsb - ok
09:44:14.0072 4740 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:44:14.0166 4740 hkmsvc - ok
09:44:14.0228 4740 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:44:14.0353 4740 HomeGroupListener - ok
09:44:14.0447 4740 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:44:14.0556 4740 HomeGroupProvider - ok
09:44:14.0666 4740 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:44:14.0681 4740 HpSAMD - ok
09:44:14.0759 4740 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:44:14.0900 4740 HTTP - ok
09:44:14.0978 4740 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:44:14.0994 4740 hwpolicy - ok
09:44:15.0072 4740 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:44:15.0150 4740 i8042prt - ok
09:44:15.0244 4740 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:44:15.0291 4740 iaStorV - ok
09:44:15.0416 4740 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:44:15.0494 4740 idsvc - ok
09:44:15.0556 4740 IEEtwCollectorService - ok
09:44:15.0650 4740 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:44:15.0681 4740 iirsp - ok
09:44:15.0837 4740 [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
09:44:15.0869 4740 IJPLMSVC - ok
09:44:15.0978 4740 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
09:44:16.0087 4740 IKEEXT - ok
09:44:16.0197 4740 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
09:44:16.0228 4740 intelide - ok
09:44:16.0337 4740 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:44:16.0416 4740 intelppm - ok
09:44:16.0494 4740 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:44:16.0603 4740 IPBusEnum - ok
09:44:16.0681 4740 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:16.0806 4740 IpFilterDriver - ok
09:44:16.0916 4740 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:44:17.0072 4740 iphlpsvc - ok
09:44:17.0134 4740 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:44:17.0181 4740 IPMIDRV - ok
09:44:17.0259 4740 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:44:17.0353 4740 IPNAT - ok
09:44:17.0462 4740 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:44:17.0572 4740 IRENUM - ok
09:44:17.0634 4740 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:44:17.0666 4740 isapnp - ok
09:44:17.0744 4740 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:44:17.0791 4740 iScsiPrt - ok
09:44:17.0853 4740 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:44:17.0884 4740 kbdclass - ok
09:44:17.0994 4740 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:44:18.0087 4740 kbdhid - ok
09:44:18.0150 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
09:44:18.0197 4740 KeyIso - ok
09:44:18.0291 4740 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:44:18.0322 4740 KSecDD - ok
09:44:18.0369 4740 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:44:18.0416 4740 KSecPkg - ok
09:44:18.0509 4740 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
09:44:18.0603 4740 KtmRm - ok
09:44:18.0697 4740 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
09:44:18.0822 4740 LanmanServer - ok
09:44:18.0900 4740 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:44:19.0025 4740 LanmanWorkstation - ok
09:44:19.0150 4740 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:44:19.0259 4740 lltdio - ok
09:44:19.0322 4740 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:44:19.0431 4740 lltdsvc - ok
09:44:19.0494 4740 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
09:44:19.0603 4740 lmhosts - ok
09:44:19.0728 4740 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:44:19.0759 4740 LSI_FC - ok
09:44:19.0837 4740 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:44:19.0869 4740 LSI_SAS - ok
09:44:19.0962 4740 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:44:20.0025 4740 LSI_SAS2 - ok
09:44:20.0072 4740 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:44:20.0103 4740 LSI_SCSI - ok
09:44:20.0181 4740 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
09:44:20.0306 4740 luafv - ok
09:44:20.0384 4740 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:44:20.0462 4740 Mcx2Svc - ok
09:44:20.0525 4740 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
09:44:20.0556 4740 megasas - ok
09:44:20.0634 4740 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:44:20.0666 4740 MegaSR - ok
09:44:20.0744 4740 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
09:44:20.0869 4740 MMCSS - ok
09:44:20.0916 4740 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
09:44:21.0041 4740 Modem - ok
09:44:21.0150 4740 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:44:21.0259 4740 monitor - ok
09:44:21.0384 4740 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:44:21.0416 4740 mouclass - ok
09:44:21.0556 4740 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:44:21.0650 4740 mouhid - ok
09:44:21.0712 4740 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:44:21.0791 4740 mountmgr - ok
09:44:21.0869 4740 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
09:44:21.0916 4740 mpio - ok
09:44:21.0947 4740 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:44:22.0087 4740 mpsdrv - ok
09:44:22.0181 4740 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:44:22.0337 4740 MpsSvc - ok
09:44:22.0416 4740 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:44:22.0634 4740 MRxDAV - ok
09:44:22.0697 4740 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:22.0822 4740 mrxsmb - ok
09:44:22.0900 4740 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:22.0994 4740 mrxsmb10 - ok
09:44:23.0072 4740 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:23.0166 4740 mrxsmb20 - ok
09:44:23.0228 4740 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
09:44:23.0259 4740 msahci - ok
09:44:23.0369 4740 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:44:23.0416 4740 msdsm - ok
09:44:23.0478 4740 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
09:44:23.0572 4740 MSDTC - ok
09:44:23.0681 4740 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:44:23.0791 4740 Msfs - ok
09:44:23.0853 4740 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:44:23.0962 4740 mshidkmdf - ok
09:44:24.0025 4740 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:44:24.0087 4740 msisadrv - ok
09:44:24.0197 4740 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:44:24.0306 4740 MSiSCSI - ok
09:44:24.0337 4740 msiserver - ok
09:44:24.0416 4740 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:44:24.0509 4740 MSKSSRV - ok
09:44:24.0572 4740 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:24.0681 4740 MSPCLOCK - ok
09:44:24.0728 4740 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:44:24.0837 4740 MSPQM - ok
09:44:24.0916 4740 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:44:24.0962 4740 MsRPC - ok
09:44:25.0025 4740 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:44:25.0072 4740 mssmbios - ok
09:44:25.0119 4740 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:44:25.0228 4740 MSTEE - ok
09:44:25.0291 4740 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:44:25.0384 4740 MTConfig - ok
09:44:25.0494 4740 [ 33F438BD66F2877BBB5567E49208A346 ] Mtlmnt5 C:\Windows\system32\DRIVERS\Mtlmnt5.sys
09:44:25.0775 4740 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - warning
09:44:25.0775 4740 Mtlmnt5 - detected UnsignedFile.Multi.Generic (1)
09:44:25.0947 4740 [ 4D98402AE75097E362CC8ED94079D94C ] Mtlstrm C:\Windows\system32\DRIVERS\Mtlstrm.sys
09:44:26.0291 4740 Mtlstrm ( UnsignedFile.Multi.Generic ) - warning
09:44:26.0291 4740 Mtlstrm - detected UnsignedFile.Multi.Generic (1)
09:44:26.0369 4740 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
09:44:26.0400 4740 Mup - ok
09:44:26.0494 4740 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
09:44:26.0619 4740 napagent - ok
09:44:26.0744 4740 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:44:26.0837 4740 NativeWifiP - ok
09:44:26.0962 4740 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:44:27.0025 4740 NDIS - ok
09:44:27.0150 4740 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:44:27.0275 4740 NdisCap - ok
09:44:27.0353 4740 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:27.0478 4740 NdisTapi - ok
09:44:27.0541 4740 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:27.0619 4740 Ndisuio - ok
09:44:27.0697 4740 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:27.0837 4740 NdisWan - ok
09:44:27.0900 4740 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:44:28.0025 4740 NDProxy - ok
09:44:28.0134 4740 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:44:28.0259 4740 NetBIOS - ok
09:44:28.0322 4740 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:44:28.0447 4740 NetBT - ok
09:44:28.0509 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon C:\Windows\system32\lsass.exe
09:44:28.0572 4740 Netlogon - ok
09:44:28.0681 4740 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
09:44:28.0775 4740 Netman - ok
09:44:28.0837 4740 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
09:44:28.0962 4740 netprofm - ok
09:44:29.0041 4740 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:44:29.0072 4740 NetTcpPortSharing - ok
09:44:29.0181 4740 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:44:29.0212 4740 nfrd960 - ok
09:44:29.0291 4740 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:44:29.0416 4740 NlaSvc - ok
09:44:29.0494 4740 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:44:29.0572 4740 Npfs - ok
09:44:29.0666 4740 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
09:44:29.0775 4740 nsi - ok
09:44:29.0837 4740 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:44:29.0962 4740 nsiproxy - ok
09:44:30.0103 4740 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:44:30.0197 4740 Ntfs - ok
09:44:30.0291 4740 [ 6AF0557BBFFDDE15B985F2C1B82D43E0 ] NtMtlFax C:\Windows\system32\DRIVERS\NtMtlFax.sys
09:44:30.0494 4740 NtMtlFax ( UnsignedFile.Multi.Generic ) - warning
09:44:30.0494 4740 NtMtlFax - detected UnsignedFile.Multi.Generic (1)
09:44:30.0556 4740 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
09:44:30.0681 4740 Null - ok
09:44:30.0759 4740 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:44:30.0791 4740 nvraid - ok
09:44:30.0884 4740 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:44:30.0931 4740 nvstor - ok
09:44:30.0994 4740 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:44:31.0056 4740 nv_agp - ok
09:44:31.0150 4740 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:44:31.0259 4740 ohci1394 - ok
09:44:31.0337 4740 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:44:31.0494 4740 p2pimsvc - ok
09:44:31.0587 4740 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
09:44:31.0697 4740 p2psvc - ok
09:44:31.0791 4740 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:44:31.0900 4740 Parport - ok
09:44:31.0978 4740 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:44:31.0994 4740 partmgr - ok
09:44:32.0087 4740 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:44:32.0150 4740 Parvdm - ok
09:44:32.0228 4740 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:44:32.0337 4740 PcaSvc - ok
09:44:32.0400 4740 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
09:44:32.0494 4740 pci - ok
09:44:32.0572 4740 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
09:44:32.0603 4740 pciide - ok
09:44:32.0681 4740 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:44:32.0728 4740 pcmcia - ok
09:44:32.0791 4740 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
09:44:32.0837 4740 pcw - ok
09:44:32.0900 4740 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:44:33.0087 4740 PEAUTH - ok
09:44:33.0197 4740 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:44:33.0384 4740 PeerDistSvc - ok
09:44:33.0587 4740 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
09:44:33.0791 4740 pla - ok
09:44:33.0900 4740 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:44:34.0025 4740 PlugPlay - ok
09:44:34.0150 4740 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:44:34.0306 4740 PNRPAutoReg - ok
09:44:34.0369 4740 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:44:34.0447 4740 PNRPsvc - ok
09:44:34.0541 4740 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:44:34.0650 4740 PolicyAgent - ok
09:44:34.0759 4740 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
09:44:34.0869 4740 Power - ok
09:44:34.0978 4740 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:44:35.0119 4740 PptpMiniport - ok
09:44:35.0166 4740 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
09:44:35.0259 4740 Processor - ok
09:44:35.0369 4740 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
09:44:35.0494 4740 ProfSvc - ok
09:44:35.0541 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:44:35.0619 4740 ProtectedStorage - ok
09:44:35.0681 4740 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:44:35.0806 4740 Psched - ok
09:44:35.0916 4740 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:44:36.0009 4740 ql2300 - ok
09:44:36.0072 4740 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:44:36.0119 4740 ql40xx - ok
09:44:36.0212 4740 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
09:44:36.0337 4740 QWAVE - ok
09:44:36.0384 4740 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:44:36.0494 4740 QWAVEdrv - ok
09:44:36.0556 4740 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:44:36.0697 4740 RasAcd - ok
09:44:36.0806 4740 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:44:36.0916 4740 RasAgileVpn - ok
09:44:36.0994 4740 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
09:44:37.0103 4740 RasAuto - ok
09:44:37.0212 4740 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:37.0337 4740 Rasl2tp - ok
09:44:37.0462 4740 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
09:44:37.0572 4740 RasMan - ok
09:44:37.0634 4740 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:37.0775 4740 RasPppoe - ok
09:44:37.0837 4740 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:44:37.0947 4740 RasSstp - ok
09:44:38.0041 4740 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:44:38.0166 4740 rdbss - ok
09:44:38.0228 4740 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:44:38.0337 4740 rdpbus - ok
09:44:38.0416 4740 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:44:38.0541 4740 RDPCDD - ok
09:44:38.0634 4740 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:44:38.0775 4740 RDPDR - ok
09:44:38.0822 4740 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:44:38.0962 4740 RDPENCDD - ok
09:44:39.0041 4740 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:44:39.0166 4740 RDPREFMP - ok
09:44:39.0244 4740 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:44:39.0384 4740 RdpVideoMiniport - ok
09:44:39.0462 4740 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:44:39.0587 4740 RDPWD - ok
09:44:39.0681 4740 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:44:39.0728 4740 rdyboost - ok
09:44:39.0822 4740 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
09:44:39.0947 4740 RemoteAccess - ok
09:44:40.0025 4740 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:44:40.0166 4740 RemoteRegistry - ok
09:44:40.0275 4740 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:44:40.0400 4740 RpcEptMapper - ok
09:44:40.0478 4740 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
09:44:40.0572 4740 RpcLocator - ok
09:44:40.0650 4740 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
09:44:40.0775 4740 RpcSs - ok
09:44:40.0869 4740 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:44:40.0994 4740 rspndr - ok
09:44:41.0103 4740 [ 4E20765744BFBC16F6D6E5BD5598786B ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
09:44:41.0197 4740 RTL8023xp - ok
09:44:41.0275 4740 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:44:41.0384 4740 s3cap - ok
09:44:41.0447 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs C:\Windows\system32\lsass.exe
09:44:41.0525 4740 SamSs - ok
09:44:41.0603 4740 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:44:41.0634 4740 sbp2port - ok
09:44:41.0728 4740 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:44:41.0869 4740 SCardSvr - ok
09:44:41.0931 4740 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:44:42.0056 4740 scfilter - ok
09:44:42.0166 4740 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
09:44:42.0337 4740 Schedule - ok
09:44:42.0400 4740 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:44:42.0494 4740 SCPolicySvc - ok
09:44:42.0587 4740 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:44:42.0681 4740 SDRSVC - ok
09:44:42.0775 4740 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:44:42.0947 4740 secdrv - ok
09:44:43.0025 4740 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
09:44:43.0166 4740 seclogon - ok
09:44:43.0275 4740 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
09:44:43.0400 4740 SENS - ok
09:44:43.0494 4740 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:44:43.0587 4740 SensrSvc - ok
09:44:43.0681 4740 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:44:43.0775 4740 Serenum - ok
09:44:43.0837 4740 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:44:43.0947 4740 Serial - ok
09:44:44.0009 4740 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:44:44.0087 4740 sermouse - ok
09:44:44.0244 4740 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
09:44:44.0369 4740 SessionEnv - ok
09:44:44.0431 4740 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:44:44.0666 4740 sffdisk - ok
09:44:44.0837 4740 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:44:44.0947 4740 sffp_mmc - ok
09:44:44.0994 4740 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:44:45.0103 4740 sffp_sd - ok
09:44:45.0181 4740 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:44:45.0275 4740 sfloppy - ok
09:44:45.0353 4740 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:44:45.0509 4740 SharedAccess - ok
09:44:45.0603 4740 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:44:45.0744 4740 ShellHWDetection - ok
09:44:45.0806 4740 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
09:44:45.0837 4740 sisagp - ok
09:44:45.0931 4740 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:44:45.0947 4740 SiSRaid2 - ok
09:44:46.0009 4740 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:44:46.0119 4740 SiSRaid4 - ok
09:44:46.0259 4740 [ 769D8F1C7BBDB5C0C1EB157575DAD0BA ] Slntamr C:\Windows\system32\DRIVERS\slntamr.sys
09:44:46.0541 4740 Slntamr ( UnsignedFile.Multi.Generic ) - warning
09:44:46.0541 4740 Slntamr - detected UnsignedFile.Multi.Generic (1)
09:44:46.0587 4740 [ EDD0BCB2B8548A95B2633C249BFAEEC7 ] SlNtHal C:\Windows\system32\DRIVERS\Slnthal.sys
09:44:46.0837 4740 SlNtHal ( UnsignedFile.Multi.Generic ) - warning
09:44:46.0837 4740 SlNtHal - detected UnsignedFile.Multi.Generic (1)
09:44:46.0869 4740 SLService - ok
09:44:46.0978 4740 [ 3B4A3B282F62FE5D75127D22B26909ED ] SlWdmSup C:\Windows\system32\DRIVERS\SlWdmSup.sys
09:44:47.0134 4740 SlWdmSup ( UnsignedFile.Multi.Generic ) - warning
09:44:47.0134 4740 SlWdmSup - detected UnsignedFile.Multi.Generic (1)
09:44:47.0228 4740 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:44:47.0337 4740 Smb - ok
09:44:47.0478 4740 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:44:47.0603 4740 SNMPTRAP - ok
09:44:47.0681 4740 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
09:44:47.0712 4740 spldr - ok
09:44:47.0791 4740 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
09:44:47.0931 4740 Spooler - ok
09:44:48.0150 4740 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
09:44:48.0447 4740 sppsvc - ok
09:44:48.0525 4740 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:44:48.0650 4740 sppuinotify - ok
09:44:48.0744 4740 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:44:48.0900 4740 srv - ok
09:44:48.0962 4740 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:44:49.0087 4740 srv2 - ok
09:44:49.0181 4740 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:44:49.0291 4740 srvnet - ok
09:44:49.0369 4740 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:44:49.0478 4740 SSDPSRV - ok
09:44:49.0509 4740 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:44:49.0634 4740 SstpSvc - ok
09:44:49.0712 4740 [ 2D138621D3522D38032D45C896C5209A ] STAC97 C:\Windows\system32\drivers\STAC97.sys
09:44:49.0884 4740 STAC97 - ok
09:44:49.0962 4740 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:44:49.0978 4740 stexstor - ok
09:44:50.0119 4740 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
09:44:50.0275 4740 StiSvc - ok
09:44:50.0353 4740 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:44:50.0384 4740 storflt - ok
09:44:50.0509 4740 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:44:50.0525 4740 storvsc - ok
09:44:50.0603 4740 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:44:50.0650 4740 swenum - ok
09:44:50.0744 4740 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
09:44:50.0837 4740 swprv - ok
09:44:50.0916 4740 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
09:44:50.0947 4740 Synth3dVsc - ok
09:44:51.0103 4740 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
09:44:51.0275 4740 SysMain - ok
09:44:51.0353 4740 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:44:51.0478 4740 TabletInputService - ok
09:44:51.0556 4740 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
09:44:51.0697 4740 TapiSrv - ok
09:44:51.0759 4740 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
09:44:51.0884 4740 TBS - ok
09:44:52.0025 4740 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:44:52.0119 4740 Tcpip - ok
09:44:52.0228 4740 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:44:52.0337 4740 TCPIP6 - ok
09:44:52.0431 4740 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:44:52.0525 4740 tcpipreg - ok
09:44:52.0619 4740 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:44:52.0744 4740 TDPIPE - ok
09:44:52.0806 4740 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:44:52.0900 4740 TDTCP - ok
09:44:52.0994 4740 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:44:53.0103 4740 tdx - ok
09:44:53.0166 4740 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:44:53.0197 4740 TermDD - ok
09:44:53.0275 4740 [ E951866BAC5A23403F62A349EDBB6EEB ] terminpt C:\Windows\system32\drivers\terminpt.sys
09:44:53.0353 4740 terminpt - ok
09:44:53.0447 4740 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
09:44:53.0572 4740 TermService - ok
09:44:53.0619 4740 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
09:44:53.0681 4740 Themes - ok
09:44:53.0728 4740 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
09:44:53.0822 4740 THREADORDER - ok
09:44:53.0916 4740 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
09:44:54.0025 4740 TrkWks - ok
09:44:54.0150 4740 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:44:54.0259 4740 TrustedInstaller - ok
09:44:54.0353 4740 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:44:54.0478 4740 tssecsrv - ok
09:44:54.0556 4740 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:44:54.0681 4740 TsUsbFlt - ok
09:44:54.0759 4740 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:44:54.0853 4740 TsUsbGD - ok
09:44:54.0916 4740 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
09:44:55.0041 4740 tsusbhub - ok
09:44:55.0166 4740 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:44:55.0244 4740 tunnel - ok
09:44:55.0291 4740 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:44:55.0322 4740 uagp35 - ok
09:44:55.0416 4740 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:44:55.0509 4740 udfs - ok
09:44:55.0634 4740 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:44:55.0728 4740 UI0Detect - ok
09:44:55.0791 4740 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:44:55.0806 4740 uliagpkx - ok
09:44:55.0916 4740 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:44:56.0025 4740 umbus - ok
09:44:56.0072 4740 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
09:44:56.0166 4740 UmPass - ok
09:44:56.0244 4740 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
09:44:56.0322 4740 UmRdpService - ok
09:44:56.0416 4740 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
09:44:56.0525 4740 upnphost - ok
09:44:56.0587 4740 [ 71D97F1A3CC47A56728F7A400A3F8295 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:44:56.0697 4740 usbccgp - ok
09:44:56.0775 4740 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:44:56.0994 4740 usbcir - ok
09:44:57.0072 4740 [ C4FB8E7ADEA9B5CEEA885A1B504B7E40 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:44:57.0275 4740 usbehci - ok
09:44:57.0337 4740 [ 86AA95ACB611001E26CD2C0145F2225A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:44:57.0525 4740 usbhub - ok
09:44:57.0603 4740 [ DCDF9855145A14DFCA0AB32308871961 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:44:57.0775 4740 usbohci - ok
09:44:57.0900 4740 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:44:57.0994 4740 usbprint - ok
09:44:58.0087 4740 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\Windows\system32\drivers\usbscan.sys
09:44:58.0197 4740 usbscan - ok
09:44:58.0275 4740 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:44:58.0384 4740 USBSTOR - ok
09:44:58.0447 4740 [ 8E51D04175BAA14C4F79AA5F6D248770 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:44:58.0634 4740 usbuhci - ok
09:44:58.0712 4740 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
09:44:58.0837 4740 UxSms - ok
09:44:58.0900 4740 [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc C:\Windows\system32\lsass.exe
09:44:58.0962 4740 VaultSvc - ok
09:44:59.0072 4740 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:44:59.0087 4740 vdrvroot - ok
09:44:59.0197 4740 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
09:44:59.0337 4740 vds - ok
09:44:59.0447 4740 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:44:59.0509 4740 vga - ok
09:44:59.0556 4740 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:44:59.0681 4740 VgaSave - ok
09:44:59.0712 4740 VGPU - ok
09:44:59.0791 4740 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:44:59.0822 4740 vhdmp - ok
09:44:59.0884 4740 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:44:59.0947 4740 viaagp - ok
09:44:59.0978 4740 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:45:00.0087 4740 ViaC7 - ok
09:45:00.0166 4740 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
09:45:00.0181 4740 viaide - ok
09:45:00.0259 4740 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:45:00.0306 4740 vmbus - ok
09:45:00.0369 4740 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:45:00.0478 4740 VMBusHID - ok
09:45:00.0541 4740 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:45:00.0572 4740 volmgr - ok
09:45:00.0634 4740 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:45:00.0712 4740 volmgrx - ok
09:45:00.0759 4740 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:45:00.0822 4740 volsnap - ok
09:45:00.0884 4740 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:45:00.0931 4740 vsmraid - ok
09:45:01.0056 4740 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
09:45:01.0275 4740 VSS - ok
09:45:01.0337 4740 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:45:01.0478 4740 vwifibus - ok
09:45:01.0541 4740 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
09:45:01.0697 4740 W32Time - ok
09:45:01.0791 4740 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:45:01.0916 4740 WacomPen - ok
09:45:01.0994 4740 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:45:02.0134 4740 WANARP - ok
09:45:02.0166 4740 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:45:02.0291 4740 Wanarpv6 - ok
09:45:02.0416 4740 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:45:02.0572 4740 WatAdminSvc - ok
09:45:02.0697 4740 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
09:45:02.0869 4740 wbengine - ok
09:45:02.0916 4740 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:45:03.0072 4740 WbioSrvc - ok
09:45:03.0150 4740 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:45:03.0306 4740 wcncsvc - ok
09:45:03.0369 4740 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:45:03.0509 4740 WcsPlugInService - ok
09:45:03.0603 4740 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
09:45:03.0634 4740 Wd - ok
09:45:03.0744 4740 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:45:03.0837 4740 Wdf01000 - ok
09:45:03.0900 4740 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:45:04.0119 4740 WdiServiceHost - ok
09:45:04.0181 4740 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:45:04.0306 4740 WdiSystemHost - ok
09:45:04.0400 4740 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\Windows\System32\webclnt.dll
09:45:04.0525 4740 WebClient - ok
09:45:04.0619 4740 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:45:04.0744 4740 Wecsvc - ok
09:45:04.0806 4740 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:45:04.0916 4740 wercplsupport - ok
09:45:04.0978 4740 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
09:45:05.0134 4740 WerSvc - ok
09:45:05.0244 4740 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:45:05.0384 4740 WfpLwf - ok
09:45:05.0431 4740 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:45:05.0462 4740 WIMMount - ok
09:45:05.0603 4740 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:45:05.0791 4740 WinDefend - ok
09:45:05.0853 4740 WinHttpAutoProxySvc - ok
09:45:05.0994 4740 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:45:06.0134 4740 Winmgmt - ok
09:45:06.0259 4740 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
09:45:06.0478 4740 WinRM - ok
09:45:06.0666 4740 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:45:06.0837 4740 Wlansvc - ok
09:45:06.0916 4740 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:45:07.0025 4740 WmiAcpi - ok
09:45:07.0134 4740 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:45:07.0259 4740 wmiApSrv - ok
09:45:07.0462 4740 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:45:07.0666 4740 WMPNetworkSvc - ok
09:45:07.0744 4740 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:45:07.0884 4740 WPCSvc - ok
09:45:07.0931 4740 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:45:08.0103 4740 WPDBusEnum - ok
09:45:08.0181 4740 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:45:08.0337 4740 ws2ifsl - ok
09:45:08.0462 4740 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
09:45:08.0603 4740 wscsvc - ok
09:45:08.0634 4740 WSearch - ok
09:45:08.0869 4740 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:45:09.0009 4740 wuauserv - ok
09:45:09.0087 4740 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:45:09.0212 4740 WudfPf - ok
09:45:09.0337 4740 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:45:09.0447 4740 WUDFRd - ok
09:45:09.0541 4740 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:45:09.0666 4740 wudfsvc - ok
09:45:09.0759 4740 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:45:10.0025 4740 WwanSvc - ok
09:45:10.0212 4740 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:45:10.0384 4740 YahooAUService - ok
09:45:10.0462 4740 ================ Scan global ===============================
09:45:10.0541 4740 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:45:10.0634 4740 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
09:45:10.0666 4740 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
09:45:10.0744 4740 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:45:10.0822 4740 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:45:10.0837 4740 [Global] - ok
09:45:10.0853 4740 ================ Scan MBR ==================================
09:45:10.0884 4740 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:45:11.0478 4740 \Device\Harddisk0\DR0 - ok
09:45:11.0494 4740 ================ Scan VBR ==================================
09:45:11.0509 4740 [ 1041588475B109FDFA54914757160908 ] \Device\Harddisk0\DR0\Partition1
09:45:11.0509 4740 \Device\Harddisk0\DR0\Partition1 - ok
09:45:11.0525 4740 ============================================================
09:45:11.0525 4740 Scan finished
09:45:11.0525 4740 ============================================================
09:45:11.0556 4968 Detected object count: 6
09:45:11.0556 4968 Actual detected object count: 6
09:48:26.0398 4968 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0398 4968 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0398 4968 Mtlstrm ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0414 4968 Mtlstrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0414 4968 NtMtlFax ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0414 4968 NtMtlFax ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0429 4968 Slntamr ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0429 4968 Slntamr ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0445 4968 SlNtHal ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0445 4968 SlNtHal ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:48:26.0460 4968 SlWdmSup ( UnsignedFile.Multi.Generic ) - skipped by user
09:48:26.0460 4968 SlWdmSup ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:55:16.0148 4972 Deinitialize success





Hij heeft er 6 gevonden volgends mij .
 

abbs

Heeft veel posts
#16
Hallo ,

Nee dit zijn goede bestanden maar die herkent TDSS als onbekend.

Doe het volgende:

Download Windows Repair All in One.

Lees deze lange handleiding A.U.B. helemaal door voordat u begint.
Notabene: sluit voordat Windows Repair All in One de fix gaat doen, eerst alle andere openstaande vensters!

  • Dubbelklik op "tweaking.com_windows_repair_aio_setup.exe" om de installatie daarvan te starten.
  • Windows Vista, 7 & 8: rechtsklik op de setup.exe en dan kiezen voor Als Administrator uitvoeren.
  • Klik in het scherm dat verschijnt op "Next" om het programma op de computer te installeren.
  • Volg de verder instructies van de installatie op, wanneer de installatie gereed is klikt u op "Next" en daarna op "Finish"
  • Hierna wordt het programma automatisch opgestart.
  • Indien wordt aangegeven, dat er een update beschikbaar is, klikt u op JA om hier mee akkoord te gaan.
    • Indien u niet beschikt over een werkende internetverbinding, dan kiest u de optie "NEE".
  • In het scherm wat nu verschijnt klik u op "Next" zoals op de onderstaande afbeelding.
  • Klik in het vervolg scherm / tabblad Step1 wederom op "Next"
  • Klik in het volgende scherm Step2 wederom op "Next"
  • Bij het volgende scherm Step3 klikt u op "Do it" om de System File Checker uit te voeren zoals u kunt zien op de onderstaande afbeelding.
  • Er zal nu automatisch een CMD / DOS achtig scherm openen, druk hier op een toets om door te gaan.
  • Als deze scan gereed is klikt u wederom op "Next"
  • Klik in het volgende scherm Step4 wederom op "Next"
  • Klik hierna onder het tabblad Start repairs op de knop Start zoals op de onderstaande afbeelding.
  • Er zal nu een melding verschijnen met de mededeling om een herstelpunt en register back-up aan te maken, klik hier op JA.
  • Hierna verschijnt het volgende scherm.
  • Voer nu verder niets uit op de computer, laat het programma zijn werk doen.
  • Als het bovenstaande scherm is gesloten druk dan nogmaals op Start.
  • Standaard staan nu alle items aangevinkt, laat deze zo staan en klik op de knop start zoals u kunt zien op de onderstaande afbeelding.
  • Laat het programma nu zijn werk doen en doe verder niets op het systeem, er zullen nu van allerlei CMD schermen verschijnen klik deze dan ook nooit weg.
  • Ik het rode kader op de onderstaande afbeelding ziet u de voorgang van de tool.
  • Als het erop lijkt alsof de tool niets meer doet, laat het systeem dan nog steeds met rust en wacht af tot het volgende scherm verschijnt.
  • Wanneer in een volgende scherm daarom gevraagd wordt, klikt u op "JA"
  • De computer wordt nu vanzelf na 30 seconden opnieuw opgestart.
 

leootje

Enthousiast
#17
In het laatste deel van deze scan op punt nummer 4 kon hij WMI niet of niet volledig repareren kreeg oneindig veel meldingen van dat bewuste dll bestand .
Het schijnt nogal een probleem te zijn .
 

abbs

Heeft veel posts
#18
In het laatste deel van deze scan op punt nummer 4 kon hij WMI niet of niet volledig repareren kreeg oneindig veel meldingen van dat bewuste dll bestand .
Het schijnt nogal een probleem te zijn .
Wanneer is dit probleem ontstaan?
Toevallig na het gebruik van een REG cleaner?




Ga naar Start en typ in de zoekregel cmd - bovenaan in het startmenu zie je nu de betreffende snelkoppeling.
Klik deze snelkoppeling met rechts aan en kies voor Als administrator uitvoeren.

In het zwarte venster typ je nu sfc /scannow gevolgd door indrukken van de Entertoets.
Denk wel aan de spatie na 'sfc'.
In het zwarte venster zie je vervolgens de voortgang van de scan.

Is de scan klaar, typ je Exit gevolgd door indrukken van de Entertoets.


Doe hierna het volgende;

Open een kladblokbestand.
Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

@echo off
sc config winmgmt start= disabled
net stop winmgmt /y
%systemdrive%
cd %windir%\system32\wbem
for /f %%s in ('dir /b *.dll') do regsvr32 /s %%s
wmiprvse /regserver
winmgmt /regserver
sc config winmgmt start= auto
net start winmgmt
for /f %%s in ('dir /s /b *.mof *.mfl') do mofcomp %%s


Ga naar Bestand - Opslaan als.
Bij "Opslaan in" kies je: Bureaublad
Bij "Bestandsnaam" zet je: fix.bat
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan.
Rechtsklik fix.bat en kies voor "Uitvoeren als administrator".
Je zal een cmd-venster zien dat snel weer sluit.


Herstart je pc en kijk of dit heeft geholpen.
 

leootje

Enthousiast
#19
Ik krijg de afbeelding op geen enkele mogelijkheid geplaatst.
Ondanks dat het een JPG bestand is word deze niet gepload.
Hoe kan ik een afbeelding plaatsen hier?
 

Bijlagen

Laatst bewerkt door een moderator:

abbs

Heeft veel posts
#20
Hallo,

Ik kan de jpg niet zien?

---------- Bericht toegevoegd op 21:39 ---------- Vorige bericht was op 21:32 ----------

Hallo,

printscreen plaatsen met img dumper
Maak een screenprint van je melding door op de toets Print Screen / PrtScr te drukken ..
Plak nu via CTRL+V de gemaakte afbeelding in paint
en sla deze op als .jpg op je bureaublad of in de map afbeeldingen .

Ga vervolgens naar http://www.imgdumper.nl/
Klik daar eerst op de knop Bladeren -
je navigeert dan naar het bureaublad of naar de map afbeeldingen
en je dubbel klikt vervolgens op de afbeelding.
Klik vervolgens op de knop Upload -
even later kom je op een nieuwe pagina en kopieer dan de bovenste link
en plak die in je volgende bericht.
 
Status
Niet open voor verdere reacties.

Nieuwste berichten