esjeha
-
Items
16 -
Registratiedatum
-
Laatst bezocht
esjeha's prestaties
-
Oke, ga ik doen. Bedankt voor de hulp.
-
Heb VIPRE geinstalleerd en daarbij de bestaande virusscanner eerst gedeinstalleerd (MSE). VIPRE gaf geen bijzonderheden. Daarna MSE getracht opnieuw te installeren. Lukt niet en krijg melding "installatie van security Essentials kan niet worden voltooid foutcode 0x80070645". Heb nu Immunet 3.0 als virusscanner. Geen bijzonderheden.
-
Inderdaad erg vreemd. Elke keer na opstarten en daarna met tussenpozen komt er een POPUP van MSE met deze waarschuwing. Is er nu nog iets wat we kunnen doen, of is opnieuw installeren van Windows nu aan de orde?
-
Geen van bovenstaande termen aangetroffen. Alleen in het register kwam ik 2 maal een map tegen met Install.exe nl onder App Paths en onder Applications
-
20:37:08.0855 4812 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 20:37:09.0326 4812 ============================================================ 20:37:09.0326 4812 Current date / time: 2012/12/17 20:37:09.0326 20:37:09.0326 4812 SystemInfo: 20:37:09.0326 4812 20:37:09.0326 4812 OS Version: 6.1.7601 ServicePack: 1.0 20:37:09.0326 4812 Product type: Workstation 20:37:09.0326 4812 ComputerName: SIEM-TVPC 20:37:09.0328 4812 UserName: Siem 20:37:09.0328 4812 Windows directory: C:\Windows 20:37:09.0328 4812 System windows directory: C:\Windows 20:37:09.0328 4812 Running under WOW64 20:37:09.0328 4812 Processor architecture: Intel x64 20:37:09.0328 4812 Number of processors: 2 20:37:09.0328 4812 Page size: 0x1000 20:37:09.0328 4812 Boot type: Normal boot 20:37:09.0328 4812 ============================================================ 20:37:20.0597 4812 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:37:20.0885 4812 ============================================================ 20:37:20.0885 4812 \Device\Harddisk0\DR0: 20:37:20.0905 4812 MBR partitions: 20:37:20.0906 4812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800 20:37:20.0906 4812 ============================================================ 20:37:20.0926 4812 C: <-> \Device\Harddisk0\DR0\Partition1 20:37:20.0926 4812 ============================================================ 20:37:20.0927 4812 Initialize success 20:37:20.0927 4812 ============================================================ 20:37:57.0723 4704 ============================================================ 20:37:57.0723 4704 Scan started 20:37:57.0723 4704 Mode: Manual; 20:37:57.0723 4704 ============================================================ 20:38:00.0500 4704 ================ Scan system memory ======================== 20:38:00.0500 4704 System memory - ok 20:38:00.0500 4704 ================ Scan services ============================= 20:38:00.0671 4704 [ FEF046400B75C4495AEC3D8A8CCE6014 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 20:38:00.0687 4704 1394ohci - ok 20:38:00.0734 4704 [ F84676C7D6684E86D3F05B2C5E9019B1 ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:38:00.0734 4704 ACPI - ok 20:38:00.0749 4704 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 20:38:00.0765 4704 AcpiPmi - ok 20:38:00.0843 4704 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:38:00.0843 4704 AdobeARMservice - ok 20:38:01.0108 4704 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:38:01.0139 4704 AdobeFlashPlayerUpdateSvc - ok 20:38:01.0186 4704 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 20:38:01.0217 4704 adp94xx - ok 20:38:01.0280 4704 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 20:38:01.0311 4704 adpahci - ok 20:38:01.0327 4704 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 20:38:01.0342 4704 adpu320 - ok 20:38:01.0451 4704 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe 20:38:01.0451 4704 AdvancedSystemCareService6 - ok 20:38:01.0483 4704 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:38:01.0498 4704 AeLookupSvc - ok 20:38:01.0545 4704 [ 36A14FD1A23F57046361733B792CA8DB ] AFD C:\Windows\system32\drivers\afd.sys 20:38:01.0561 4704 AFD - ok 20:38:01.0592 4704 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 20:38:01.0607 4704 agp440 - ok 20:38:01.0654 4704 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 20:38:01.0670 4704 ALG - ok 20:38:01.0685 4704 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 20:38:01.0701 4704 aliide - ok 20:38:01.0717 4704 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 20:38:01.0732 4704 amdide - ok 20:38:01.0748 4704 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 20:38:01.0763 4704 AmdK8 - ok 20:38:01.0763 4704 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 20:38:01.0779 4704 AmdPPM - ok 20:38:01.0810 4704 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:38:01.0826 4704 amdsata - ok 20:38:01.0857 4704 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 20:38:01.0919 4704 amdsbs - ok 20:38:01.0951 4704 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:38:01.0951 4704 amdxata - ok 20:38:01.0966 4704 [ 35AB3204BEC02DD3BC087124B2372F14 ] AppID C:\Windows\system32\drivers\appid.sys 20:38:01.0966 4704 AppID - ok 20:38:02.0013 4704 [ 2F527C8E85699188E746381DA2F0323D ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:38:02.0029 4704 AppIDSvc - ok 20:38:02.0138 4704 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 20:38:02.0169 4704 Appinfo - ok 20:38:02.0185 4704 [ 7A6A43EFE857532B1B92F510179AE7BB ] AppMgmt C:\Windows\System32\appmgmts.dll 20:38:02.0200 4704 AppMgmt - ok 20:38:02.0247 4704 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 20:38:02.0247 4704 arc - ok 20:38:02.0263 4704 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:38:02.0263 4704 arcsas - ok 20:38:02.0372 4704 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:38:02.0419 4704 aspnet_state - ok 20:38:02.0434 4704 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 20:38:02.0434 4704 aswFsBlk - ok 20:38:02.0497 4704 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 20:38:02.0497 4704 aswMonFlt - ok 20:38:02.0668 4704 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 20:38:02.0715 4704 aswSnx - ok 20:38:02.0731 4704 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys 20:38:02.0762 4704 aswSP - ok 20:38:02.0809 4704 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:38:02.0809 4704 AsyncMac - ok 20:38:02.0840 4704 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 20:38:02.0840 4704 atapi - ok 20:38:02.0902 4704 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:38:02.0902 4704 AudioEndpointBuilder - ok 20:38:02.0965 4704 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 20:38:02.0980 4704 AudioSrv - ok 20:38:03.0417 4704 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe 20:38:03.0557 4704 AVGIDSAgent - ok 20:38:03.0604 4704 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 20:38:03.0635 4704 AVGIDSDriver - ok 20:38:03.0651 4704 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 20:38:03.0667 4704 AVGIDSHA - ok 20:38:03.0698 4704 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 20:38:03.0713 4704 Avgldx64 - ok 20:38:03.0745 4704 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys 20:38:03.0760 4704 Avgloga - ok 20:38:03.0776 4704 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 20:38:03.0776 4704 Avgmfx64 - ok 20:38:03.0807 4704 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 20:38:03.0807 4704 Avgrkx64 - ok 20:38:03.0838 4704 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 20:38:03.0838 4704 Avgtdia - ok 20:38:03.0901 4704 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe 20:38:03.0901 4704 avgwd - ok 20:38:03.0932 4704 [ 3EF6DE560CD2441FC0A149C83C5A5C65 ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:38:03.0932 4704 AxInstSV - ok 20:38:03.0994 4704 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 20:38:04.0010 4704 b06bdrv - ok 20:38:04.0025 4704 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 20:38:04.0057 4704 b57nd60a - ok 20:38:04.0103 4704 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 20:38:04.0119 4704 BDESVC - ok 20:38:04.0135 4704 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 20:38:04.0150 4704 Beep - ok 20:38:04.0228 4704 [ CD5F2506D814F812BC4996D081D1BF03 ] BFE C:\Windows\System32\bfe.dll 20:38:04.0228 4704 BFE - ok 20:38:04.0275 4704 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 20:38:04.0306 4704 BITS - ok 20:38:04.0322 4704 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 20:38:04.0322 4704 blbdrive - ok 20:38:04.0353 4704 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:38:04.0353 4704 bowser - ok 20:38:04.0369 4704 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 20:38:04.0384 4704 BrFiltLo - ok 20:38:04.0384 4704 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 20:38:04.0400 4704 BrFiltUp - ok 20:38:04.0431 4704 [ 2DAF3AA72B540FE9FEDFDCF1DECD82F1 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 20:38:04.0431 4704 BridgeMP - ok 20:38:04.0478 4704 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 20:38:04.0478 4704 Browser - ok 20:38:04.0540 4704 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:38:04.0571 4704 Brserid - ok 20:38:04.0571 4704 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:38:04.0587 4704 BrSerWdm - ok 20:38:04.0603 4704 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:38:04.0618 4704 BrUsbMdm - ok 20:38:04.0634 4704 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:38:04.0634 4704 BrUsbSer - ok 20:38:04.0649 4704 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 20:38:04.0649 4704 BTHMODEM - ok 20:38:04.0696 4704 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 20:38:04.0696 4704 bthserv - ok 20:38:04.0743 4704 catchme - ok 20:38:04.0759 4704 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:38:04.0759 4704 cdfs - ok 20:38:04.0790 4704 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:38:04.0790 4704 cdrom - ok 20:38:04.0821 4704 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 20:38:04.0821 4704 CertPropSvc - ok 20:38:04.0837 4704 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 20:38:04.0852 4704 circlass - ok 20:38:04.0883 4704 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 20:38:04.0915 4704 CLFS - ok 20:38:04.0977 4704 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:38:04.0993 4704 clr_optimization_v2.0.50727_32 - ok 20:38:05.0024 4704 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:38:05.0039 4704 clr_optimization_v2.0.50727_64 - ok 20:38:05.0086 4704 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:38:05.0180 4704 clr_optimization_v4.0.30319_32 - ok 20:38:05.0211 4704 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:38:05.0242 4704 clr_optimization_v4.0.30319_64 - ok 20:38:05.0289 4704 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 20:38:05.0289 4704 CmBatt - ok 20:38:05.0320 4704 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:38:05.0320 4704 cmdide - ok 20:38:05.0351 4704 [ D50B14C87DDD0068BFF6F103A7A0FFEE ] CNG C:\Windows\system32\Drivers\cng.sys 20:38:05.0367 4704 CNG - ok 20:38:05.0398 4704 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 20:38:05.0398 4704 Compbatt - ok 20:38:05.0414 4704 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 20:38:05.0429 4704 CompositeBus - ok 20:38:05.0445 4704 COMSysApp - ok 20:38:05.0476 4704 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 20:38:05.0476 4704 crcdisk - ok 20:38:05.0507 4704 [ 7E7D2DACF65D750D466F36BD3D09AE20 ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:38:05.0507 4704 CryptSvc - ok 20:38:05.0539 4704 [ 8353725EEE456A3C0EFDEB3010976D95 ] CSC C:\Windows\system32\drivers\csc.sys 20:38:05.0570 4704 CSC - ok 20:38:05.0617 4704 [ 6ACCF84234CCBD1A38BB272DDFE0D376 ] CscService C:\Windows\System32\cscsvc.dll 20:38:05.0679 4704 CscService - ok 20:38:05.0710 4704 [ 225EFEE8960E554F3AB9A4A91790C039 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:38:05.0710 4704 DcomLaunch - ok 20:38:05.0741 4704 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 20:38:05.0757 4704 defragsvc - ok 20:38:05.0773 4704 [ 1BFA143A375669B75D83BDF2054A893D ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:38:05.0773 4704 DfsC - ok 20:38:05.0804 4704 [ 3F221A7E3123773EE8F1DB200CDDB39E ] Dhcp C:\Windows\system32\dhcpcore.dll 20:38:05.0819 4704 Dhcp - ok 20:38:05.0851 4704 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 20:38:05.0882 4704 discache - ok 20:38:05.0897 4704 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 20:38:05.0897 4704 Disk - ok 20:38:05.0929 4704 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 20:38:05.0929 4704 dmvsc - ok 20:38:05.0960 4704 [ A06098E823EE2E63D42691C0D7BCDE46 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:38:05.0960 4704 Dnscache - ok 20:38:05.0991 4704 [ DD5038774EDF647E0D9F4220B1ADE6FC ] dot3svc C:\Windows\System32\dot3svc.dll 20:38:06.0007 4704 dot3svc - ok 20:38:06.0022 4704 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 20:38:06.0022 4704 DPS - ok 20:38:06.0053 4704 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:38:06.0053 4704 drmkaud - ok 20:38:06.0116 4704 [ ED5DE02656654EF1270908C5456A110B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:38:06.0147 4704 DXGKrnl - ok 20:38:06.0178 4704 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 20:38:06.0194 4704 E1G60 - ok 20:38:06.0209 4704 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 20:38:06.0225 4704 EapHost - ok 20:38:06.0319 4704 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 20:38:06.0397 4704 ebdrv - ok 20:38:06.0428 4704 [ 77119F1F9B492B260030C34F9BE327FA ] EFS C:\Windows\System32\lsass.exe 20:38:06.0428 4704 EFS - ok 20:38:06.0490 4704 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:38:06.0506 4704 ehRecvr - ok 20:38:06.0553 4704 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 20:38:06.0553 4704 ehSched - ok 20:38:06.0631 4704 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 20:38:06.0662 4704 elxstor - ok 20:38:06.0677 4704 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:38:06.0677 4704 ErrDev - ok 20:38:06.0740 4704 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 20:38:06.0755 4704 EventSystem - ok 20:38:06.0771 4704 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 20:38:06.0771 4704 exfat - ok 20:38:06.0787 4704 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:38:06.0802 4704 fastfat - ok 20:38:06.0833 4704 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 20:38:06.0865 4704 Fax - ok 20:38:06.0880 4704 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 20:38:06.0880 4704 fdc - ok 20:38:06.0896 4704 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 20:38:06.0896 4704 fdPHost - ok 20:38:06.0927 4704 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 20:38:06.0927 4704 FDResPub - ok 20:38:06.0943 4704 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:38:06.0943 4704 FileInfo - ok 20:38:06.0974 4704 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:38:06.0989 4704 Filetrace - ok 20:38:06.0989 4704 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 20:38:07.0005 4704 flpydisk - ok 20:38:07.0036 4704 [ CF145A57AEBA71B82B1C6F103461F6FA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:38:07.0036 4704 FltMgr - ok 20:38:07.0099 4704 [ 01B7AD61A48CD5A4563FDA6AD4608E95 ] FontCache C:\Windows\system32\FntCache.dll 20:38:07.0145 4704 FontCache - ok 20:38:07.0192 4704 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:38:07.0192 4704 FontCache3.0.0.0 - ok 20:38:07.0208 4704 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:38:07.0208 4704 FsDepends - ok 20:38:07.0255 4704 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:38:07.0255 4704 Fs_Rec - ok 20:38:07.0270 4704 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:38:07.0270 4704 fvevol - ok 20:38:07.0301 4704 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 20:38:07.0301 4704 gagp30kx - ok 20:38:07.0348 4704 [ 0D4D07D7F7D231518D7576CA81CC12D8 ] gpsvc C:\Windows\System32\gpsvc.dll 20:38:07.0364 4704 gpsvc - ok 20:38:07.0457 4704 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:38:07.0457 4704 gupdate - ok 20:38:07.0473 4704 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:38:07.0473 4704 gupdatem - ok 20:38:07.0520 4704 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 20:38:07.0520 4704 gusvc - ok 20:38:07.0551 4704 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:38:07.0551 4704 hcw85cir - ok 20:38:07.0598 4704 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:38:07.0629 4704 HdAudAddService - ok 20:38:07.0676 4704 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 20:38:07.0676 4704 HDAudBus - ok 20:38:07.0676 4704 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 20:38:07.0691 4704 HidBatt - ok 20:38:07.0691 4704 [ FDF5EAD19FD8B2D0C50A9CCDD7836F9E ] HidBth C:\Windows\system32\drivers\hidbth.sys 20:38:07.0707 4704 HidBth - ok 20:38:07.0723 4704 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 20:38:07.0723 4704 HidIr - ok 20:38:07.0754 4704 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 20:38:07.0754 4704 hidserv - ok 20:38:07.0769 4704 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:38:07.0769 4704 HidUsb - ok 20:38:07.0801 4704 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:38:07.0801 4704 hkmsvc - ok 20:38:07.0832 4704 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:38:07.0832 4704 HomeGroupListener - ok 20:38:07.0879 4704 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:38:07.0879 4704 HomeGroupProvider - ok 20:38:07.0910 4704 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:38:07.0910 4704 HpSAMD - ok 20:38:07.0925 4704 [ 9DAC3D5D0FEF086AF576453EC4735128 ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:38:07.0941 4704 HTTP - ok 20:38:07.0957 4704 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:38:07.0972 4704 hwpolicy - ok 20:38:07.0972 4704 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 20:38:07.0988 4704 i8042prt - ok 20:38:08.0019 4704 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:38:08.0035 4704 iaStorV - ok 20:38:08.0097 4704 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:38:08.0144 4704 idsvc - ok 20:38:08.0191 4704 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:38:08.0191 4704 iirsp - ok 20:38:08.0237 4704 [ C4FD43E3B0EE832CBE664652A95326B2 ] IKEEXT C:\Windows\System32\ikeext.dll 20:38:08.0269 4704 IKEEXT - ok 20:38:08.0300 4704 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 20:38:08.0300 4704 intelide - ok 20:38:08.0315 4704 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:38:08.0315 4704 intelppm - ok 20:38:08.0331 4704 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:38:08.0347 4704 IPBusEnum - ok 20:38:08.0409 4704 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:38:08.0409 4704 IpFilterDriver - ok 20:38:08.0456 4704 [ 4261F21A202746AC207CA9AA863D9FD4 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:38:08.0456 4704 iphlpsvc - ok 20:38:08.0503 4704 [ E277572E61604D174CFBCFCCEAFA9591 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:38:08.0503 4704 IPMIDRV - ok 20:38:08.0518 4704 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:38:08.0518 4704 IPNAT - ok 20:38:08.0549 4704 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:38:08.0549 4704 IRENUM - ok 20:38:08.0565 4704 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:38:08.0565 4704 isapnp - ok 20:38:08.0627 4704 [ C18F0ABE572719013CFFFCF7506E0394 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:38:08.0690 4704 iScsiPrt - ok 20:38:08.0705 4704 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 20:38:08.0705 4704 kbdclass - ok 20:38:08.0752 4704 [ 3985332405FA64D8E679A1DB24901596 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:38:08.0752 4704 kbdhid - ok 20:38:08.0768 4704 [ 77119F1F9B492B260030C34F9BE327FA ] KeyIso C:\Windows\system32\lsass.exe 20:38:08.0768 4704 KeyIso - ok 20:38:08.0799 4704 [ E2A74E21F4362A36C5610CAE4FA0B3F7 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:38:08.0799 4704 KSecDD - ok 20:38:08.0815 4704 [ 2D466699839F92FD5B5BFF734A391291 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:38:08.0830 4704 KSecPkg - ok 20:38:08.0846 4704 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:38:08.0846 4704 ksthunk - ok 20:38:08.0908 4704 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 20:38:08.0924 4704 KtmRm - ok 20:38:09.0017 4704 [ BB1F14C43241F880D23B1A8BB0B76DD0 ] LanmanServer C:\Windows\System32\srvsvc.dll 20:38:09.0017 4704 LanmanServer - ok 20:38:09.0049 4704 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:38:09.0064 4704 LanmanWorkstation - ok 20:38:09.0080 4704 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:38:09.0080 4704 lltdio - ok 20:38:09.0127 4704 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:38:09.0158 4704 lltdsvc - ok 20:38:09.0173 4704 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:38:09.0173 4704 lmhosts - ok 20:38:09.0220 4704 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 20:38:09.0236 4704 LSI_FC - ok 20:38:09.0267 4704 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:38:09.0283 4704 LSI_SAS - ok 20:38:09.0298 4704 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 20:38:09.0298 4704 LSI_SAS2 - ok 20:38:09.0314 4704 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:38:09.0329 4704 LSI_SCSI - ok 20:38:09.0345 4704 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 20:38:09.0345 4704 luafv - ok 20:38:09.0376 4704 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:38:09.0376 4704 Mcx2Svc - ok 20:38:09.0423 4704 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 20:38:09.0423 4704 megasas - ok 20:38:09.0470 4704 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 20:38:09.0485 4704 MegaSR - ok 20:38:09.0501 4704 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 20:38:09.0501 4704 MMCSS - ok 20:38:09.0517 4704 [ BFFB0C93D9FB43CA42EF11C9240BFF7F ] Modem C:\Windows\system32\drivers\modem.sys 20:38:09.0517 4704 Modem - ok 20:38:09.0548 4704 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:38:09.0548 4704 monitor - ok 20:38:09.0563 4704 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 20:38:09.0563 4704 mouclass - ok 20:38:09.0595 4704 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:38:09.0595 4704 mouhid - ok 20:38:09.0610 4704 [ B3F55C20008956239A2190DBD7CC4C31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:38:09.0626 4704 mountmgr - ok 20:38:09.0657 4704 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 20:38:09.0673 4704 MpFilter - ok 20:38:09.0688 4704 [ 0EDF7F93213CA293D0C549F6905422C4 ] mpio C:\Windows\system32\drivers\mpio.sys 20:38:09.0704 4704 mpio - ok 20:38:09.0735 4704 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:38:09.0735 4704 mpsdrv - ok 20:38:09.0782 4704 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:38:09.0782 4704 MpsSvc - ok 20:38:09.0797 4704 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:38:09.0813 4704 MRxDAV - ok 20:38:09.0829 4704 [ 73F488BC627CB0AC91840AA9FAC30104 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:38:09.0829 4704 mrxsmb - ok 20:38:09.0844 4704 [ 311B774EC01B8BE17C9508049EA77875 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:38:09.0844 4704 mrxsmb10 - ok 20:38:09.0875 4704 [ 953F769F8D2AB6F854BEE5A5C7AACA6C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:38:09.0875 4704 mrxsmb20 - ok 20:38:09.0891 4704 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 20:38:09.0907 4704 msahci - ok 20:38:09.0969 4704 [ 4F42C9CE2BD3444B1B98593A2DFBC547 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:38:10.0016 4704 msdsm - ok 20:38:10.0047 4704 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 20:38:10.0094 4704 MSDTC - ok 20:38:10.0234 4704 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:38:10.0234 4704 Msfs - ok 20:38:10.0312 4704 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:38:10.0328 4704 mshidkmdf - ok 20:38:10.0390 4704 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:38:10.0390 4704 msisadrv - ok 20:38:10.0437 4704 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:38:10.0484 4704 MSiSCSI - ok 20:38:10.0484 4704 msiserver - ok 20:38:10.0515 4704 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:38:10.0515 4704 MSKSSRV - ok 20:38:10.0562 4704 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 20:38:10.0562 4704 MsMpSvc - ok 20:38:10.0577 4704 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:38:10.0577 4704 MSPCLOCK - ok 20:38:10.0593 4704 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:38:10.0609 4704 MSPQM - ok 20:38:10.0655 4704 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:38:10.0655 4704 MsRPC - ok 20:38:10.0702 4704 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 20:38:10.0702 4704 mssmbios - ok 20:38:10.0702 4704 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:38:10.0718 4704 MSTEE - ok 20:38:10.0749 4704 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 20:38:10.0749 4704 MTConfig - ok 20:38:10.0765 4704 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 20:38:10.0765 4704 Mup - ok 20:38:10.0827 4704 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 20:38:10.0858 4704 napagent - ok 20:38:10.0905 4704 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:38:10.0921 4704 NativeWifiP - ok 20:38:10.0999 4704 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:38:11.0014 4704 NDIS - ok 20:38:11.0045 4704 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:38:11.0045 4704 NdisCap - ok 20:38:11.0061 4704 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:38:11.0061 4704 NdisTapi - ok 20:38:11.0092 4704 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:38:11.0108 4704 Ndisuio - ok 20:38:11.0123 4704 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:38:11.0139 4704 NdisWan - ok 20:38:11.0155 4704 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:38:11.0170 4704 NDProxy - ok 20:38:11.0186 4704 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:38:11.0186 4704 NetBIOS - ok 20:38:11.0201 4704 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:38:11.0217 4704 NetBT - ok 20:38:11.0248 4704 [ 77119F1F9B492B260030C34F9BE327FA ] Netlogon C:\Windows\system32\lsass.exe 20:38:11.0248 4704 Netlogon - ok 20:38:11.0279 4704 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 20:38:11.0295 4704 Netman - ok 20:38:11.0326 4704 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:11.0342 4704 NetMsmqActivator - ok 20:38:11.0357 4704 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:11.0357 4704 NetPipeActivator - ok 20:38:11.0389 4704 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 20:38:11.0389 4704 netprofm - ok 20:38:11.0404 4704 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:11.0404 4704 NetTcpActivator - ok 20:38:11.0420 4704 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:11.0420 4704 NetTcpPortSharing - ok 20:38:11.0467 4704 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:38:11.0467 4704 nfrd960 - ok 20:38:11.0498 4704 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 20:38:11.0498 4704 NisDrv - ok 20:38:11.0529 4704 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 20:38:11.0545 4704 NisSrv - ok 20:38:11.0591 4704 [ 2BF56772E15F53B0565175940E65E356 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:38:11.0591 4704 NlaSvc - ok 20:38:11.0654 4704 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:38:11.0669 4704 Npfs - ok 20:38:11.0701 4704 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 20:38:11.0701 4704 nsi - ok 20:38:11.0716 4704 [ 436EE51D8F206B79DF7B9CBB057299C0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:38:11.0716 4704 nsiproxy - ok 20:38:11.0857 4704 [ B2746D84DDF68D09B41B72DF745CCBA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:38:11.0888 4704 Ntfs - ok 20:38:11.0903 4704 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 20:38:11.0903 4704 Null - ok 20:38:12.0371 4704 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:38:12.0683 4704 nvlddmkm - ok 20:38:12.0730 4704 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:38:12.0746 4704 nvraid - ok 20:38:12.0761 4704 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:38:12.0777 4704 nvstor - ok 20:38:12.0808 4704 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe 20:38:12.0824 4704 nvsvc - ok 20:38:12.0839 4704 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:38:12.0839 4704 nv_agp - ok 20:38:12.0855 4704 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:38:12.0871 4704 ohci1394 - ok 20:38:12.0902 4704 [ 8830D42427D05B15B032108EBBDBD289 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:38:12.0917 4704 p2pimsvc - ok 20:38:12.0964 4704 [ 5B7BADED6943AA6F4B6C1ABA5FCCB25F ] p2psvc C:\Windows\system32\p2psvc.dll 20:38:12.0995 4704 p2psvc - ok 20:38:13.0011 4704 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 20:38:13.0011 4704 Parport - ok 20:38:13.0042 4704 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:38:13.0058 4704 partmgr - ok 20:38:13.0073 4704 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:38:13.0073 4704 PcaSvc - ok 20:38:13.0105 4704 [ B9F2F6AACE16DC38EAA7AFD537854DF4 ] pci C:\Windows\system32\drivers\pci.sys 20:38:13.0105 4704 pci - ok 20:38:13.0136 4704 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 20:38:13.0136 4704 pciide - ok 20:38:13.0151 4704 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 20:38:13.0214 4704 pcmcia - ok 20:38:13.0229 4704 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 20:38:13.0245 4704 pcw - ok 20:38:13.0276 4704 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:38:13.0276 4704 PEAUTH - ok 20:38:13.0323 4704 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 20:38:13.0401 4704 PeerDistSvc - ok 20:38:13.0510 4704 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:38:13.0510 4704 PerfHost - ok 20:38:13.0619 4704 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 20:38:13.0682 4704 pla - ok 20:38:13.0729 4704 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:38:13.0729 4704 PlugPlay - ok 20:38:13.0744 4704 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:38:13.0760 4704 PNRPAutoReg - ok 20:38:13.0791 4704 [ 8830D42427D05B15B032108EBBDBD289 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:38:13.0807 4704 PNRPsvc - ok 20:38:13.0838 4704 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:38:13.0869 4704 PolicyAgent - ok 20:38:13.0885 4704 [ 12B96E339A35F56807D4D788439FF484 ] Power C:\Windows\system32\umpo.dll 20:38:13.0885 4704 Power - ok 20:38:13.0916 4704 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:38:13.0916 4704 PptpMiniport - ok 20:38:13.0947 4704 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 20:38:13.0947 4704 Processor - ok 20:38:14.0041 4704 [ 5CBC20E15923025997C2253A7DD5193F ] ProfSvc C:\Windows\system32\profsvc.dll 20:38:14.0041 4704 ProfSvc - ok 20:38:14.0072 4704 [ 77119F1F9B492B260030C34F9BE327FA ] ProtectedStorage C:\Windows\system32\lsass.exe 20:38:14.0072 4704 ProtectedStorage - ok 20:38:14.0165 4704 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:38:14.0181 4704 Psched - ok 20:38:14.0290 4704 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 20:38:14.0337 4704 ql2300 - ok 20:38:14.0353 4704 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 20:38:14.0353 4704 ql40xx - ok 20:38:14.0384 4704 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 20:38:14.0415 4704 QWAVE - ok 20:38:14.0431 4704 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:38:14.0431 4704 QWAVEdrv - ok 20:38:14.0446 4704 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:38:14.0462 4704 RasAcd - ok 20:38:14.0509 4704 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:38:14.0509 4704 RasAgileVpn - ok 20:38:14.0524 4704 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 20:38:14.0524 4704 RasAuto - ok 20:38:14.0555 4704 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:38:14.0555 4704 Rasl2tp - ok 20:38:14.0571 4704 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 20:38:14.0587 4704 RasMan - ok 20:38:14.0602 4704 [ 77682DE44B334E6AAFCD0ED61FB7404F ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:38:14.0618 4704 RasPppoe - ok 20:38:14.0649 4704 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:38:14.0649 4704 RasSstp - ok 20:38:14.0696 4704 [ 80C23729C4E807A0A0832B8A17A8EF18 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:38:14.0711 4704 rdbss - ok 20:38:14.0727 4704 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:38:14.0727 4704 rdpbus - ok 20:38:14.0758 4704 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:38:14.0758 4704 RDPCDD - ok 20:38:14.0774 4704 [ 9E53D41BD99BEB981180978C4AE0BDEB ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 20:38:14.0805 4704 RDPDR - ok 20:38:14.0821 4704 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:38:14.0836 4704 RDPENCDD - ok 20:38:14.0852 4704 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:38:14.0852 4704 RDPREFMP - ok 20:38:14.0899 4704 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 20:38:14.0899 4704 RdpVideoMiniport - ok 20:38:14.0945 4704 [ 1FE9863C6C5CC71E8E7E70F9EFBD30E1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:38:14.0977 4704 RDPWD - ok 20:38:15.0008 4704 [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:38:15.0008 4704 rdyboost - ok 20:38:15.0039 4704 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:38:15.0055 4704 RemoteAccess - ok 20:38:15.0101 4704 [ E27F4D24D28E52F81A9223826939276B ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:38:15.0133 4704 RemoteRegistry - ok 20:38:15.0148 4704 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:38:15.0148 4704 RpcEptMapper - ok 20:38:15.0195 4704 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 20:38:15.0211 4704 RpcLocator - ok 20:38:15.0289 4704 [ 225EFEE8960E554F3AB9A4A91790C039 ] RpcSs C:\Windows\system32\rpcss.dll 20:38:15.0289 4704 RpcSs - ok 20:38:15.0320 4704 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:38:15.0335 4704 rspndr - ok 20:38:15.0382 4704 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 20:38:15.0398 4704 RTL8167 - ok 20:38:15.0429 4704 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 20:38:15.0460 4704 s3cap - ok 20:38:15.0491 4704 [ 77119F1F9B492B260030C34F9BE327FA ] SamSs C:\Windows\system32\lsass.exe 20:38:15.0491 4704 SamSs - ok 20:38:15.0507 4704 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:38:15.0523 4704 sbp2port - ok 20:38:15.0538 4704 [ 38224FF66A734F973D10E1465AD4CB07 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:38:15.0554 4704 SCardSvr - ok 20:38:15.0585 4704 [ CDF622EFC748F82EA9571138406871EA ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:38:15.0585 4704 scfilter - ok 20:38:15.0663 4704 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 20:38:15.0710 4704 Schedule - ok 20:38:15.0741 4704 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 20:38:15.0741 4704 SCPolicySvc - ok 20:38:15.0772 4704 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:38:15.0803 4704 SDRSVC - ok 20:38:15.0819 4704 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:38:15.0819 4704 secdrv - ok 20:38:15.0850 4704 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 20:38:15.0850 4704 seclogon - ok 20:38:15.0881 4704 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 20:38:15.0881 4704 SENS - ok 20:38:15.0897 4704 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:38:15.0897 4704 SensrSvc - ok 20:38:15.0928 4704 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 20:38:15.0928 4704 Serenum - ok 20:38:15.0944 4704 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 20:38:15.0944 4704 Serial - ok 20:38:15.0959 4704 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 20:38:15.0975 4704 sermouse - ok 20:38:16.0022 4704 [ 69DF54A0519587E8040E17EF0BA4B069 ] SessionEnv C:\Windows\system32\sessenv.dll 20:38:16.0022 4704 SessionEnv - ok 20:38:16.0037 4704 [ C3D57658C34C68DB5D8970A1CF96284E ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:38:16.0037 4704 sffdisk - ok 20:38:16.0053 4704 [ 21EACBEFFFB0FB4999D3D10245CF10A5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:38:16.0069 4704 sffp_mmc - ok 20:38:16.0084 4704 [ AF660EA3039E8FE3C2051D7224C82F34 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:38:16.0084 4704 sffp_sd - ok 20:38:16.0100 4704 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 20:38:16.0100 4704 sfloppy - ok 20:38:16.0147 4704 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:38:16.0178 4704 SharedAccess - ok 20:38:16.0225 4704 [ EA9092F3DB26EDC7199AB64C9EF0D2D7 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:38:16.0240 4704 ShellHWDetection - ok 20:38:16.0256 4704 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 20:38:16.0256 4704 SiSRaid2 - ok 20:38:16.0271 4704 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:38:16.0287 4704 SiSRaid4 - ok 20:38:16.0303 4704 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:38:16.0318 4704 Smb - ok 20:38:16.0381 4704 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:38:16.0381 4704 SNMPTRAP - ok 20:38:16.0396 4704 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 20:38:16.0396 4704 spldr - ok 20:38:16.0443 4704 [ B9D7A4858CF32A6A15D2763F1DE47E0E ] Spooler C:\Windows\System32\spoolsv.exe 20:38:16.0459 4704 Spooler - ok 20:38:16.0552 4704 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 20:38:16.0661 4704 sppsvc - ok 20:38:16.0693 4704 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:38:16.0693 4704 sppuinotify - ok 20:38:16.0724 4704 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 20:38:16.0724 4704 srv - ok 20:38:16.0755 4704 [ 9F50BF7E8BA1D13BB6BB51F932707A84 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:38:16.0755 4704 srv2 - ok 20:38:16.0771 4704 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:38:16.0771 4704 srvnet - ok 20:38:17.0005 4704 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:38:17.0020 4704 SSDPSRV - ok 20:38:17.0036 4704 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:38:17.0036 4704 SstpSvc - ok 20:38:17.0067 4704 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 20:38:17.0067 4704 stexstor - ok 20:38:17.0114 4704 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 20:38:17.0129 4704 stisvc - ok 20:38:17.0161 4704 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 20:38:17.0161 4704 storflt - ok 20:38:17.0192 4704 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 20:38:17.0207 4704 storvsc - ok 20:38:17.0223 4704 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 20:38:17.0223 4704 swenum - ok 20:38:17.0254 4704 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 20:38:17.0270 4704 swprv - ok 20:38:17.0301 4704 [ 96E6D1CDA59FD9FF53C3C474CFFF4A55 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys 20:38:17.0301 4704 Synth3dVsc - ok 20:38:17.0363 4704 [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain C:\Windows\system32\sysmain.dll 20:38:17.0410 4704 SysMain - ok 20:38:17.0426 4704 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:38:17.0426 4704 TabletInputService - ok 20:38:17.0457 4704 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:38:17.0457 4704 TapiSrv - ok 20:38:17.0473 4704 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 20:38:17.0488 4704 TBS - ok 20:38:17.0551 4704 [ D5707FC2300AA5B04B7BFE86D40C0133 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:38:17.0597 4704 Tcpip - ok 20:38:17.0753 4704 [ D5707FC2300AA5B04B7BFE86D40C0133 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:38:17.0753 4704 TCPIP6 - ok 20:38:17.0831 4704 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:38:17.0831 4704 tcpipreg - ok 20:38:17.0878 4704 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:38:17.0878 4704 TDPIPE - ok 20:38:17.0941 4704 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:38:17.0941 4704 TDTCP - ok 20:38:17.0956 4704 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:38:17.0972 4704 tdx - ok 20:38:17.0987 4704 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 20:38:17.0987 4704 TermDD - ok 20:38:18.0019 4704 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys 20:38:18.0019 4704 terminpt - ok 20:38:18.0065 4704 [ 5ADFC101F47A366302018371DE4353EA ] TermService C:\Windows\System32\termsrv.dll 20:38:18.0097 4704 TermService - ok 20:38:18.0112 4704 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll 20:38:18.0190 4704 Themes - ok 20:38:18.0221 4704 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 20:38:18.0221 4704 THREADORDER - ok 20:38:18.0237 4704 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 20:38:18.0253 4704 TrkWks - ok 20:38:18.0315 4704 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:38:18.0346 4704 TrustedInstaller - ok 20:38:18.0377 4704 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:38:18.0377 4704 tssecsrv - ok 20:38:18.0409 4704 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:38:18.0409 4704 TsUsbFlt - ok 20:38:18.0440 4704 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 20:38:18.0455 4704 TsUsbGD - ok 20:38:18.0502 4704 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys 20:38:18.0518 4704 tsusbhub - ok 20:38:18.0596 4704 [ 5AF0E7D020F6CA55AC57CD89AE089673 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:38:18.0596 4704 tunnel - ok 20:38:18.0658 4704 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:38:18.0674 4704 uagp35 - ok 20:38:18.0689 4704 [ 194BB13D4AE26BE3431E50D19F4245AD ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:38:18.0705 4704 udfs - ok 20:38:18.0736 4704 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:38:18.0752 4704 UI0Detect - ok 20:38:18.0783 4704 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:38:18.0783 4704 uliagpkx - ok 20:38:18.0799 4704 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:38:18.0830 4704 umbus - ok 20:38:18.0830 4704 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 20:38:18.0845 4704 UmPass - ok 20:38:19.0001 4704 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 20:38:19.0111 4704 UmRdpService - ok 20:38:19.0157 4704 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 20:38:19.0173 4704 upnphost - ok 20:38:19.0220 4704 [ EBF228A52517042DE4F38A40285BC8D9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:38:19.0220 4704 usbccgp - ok 20:38:19.0251 4704 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:38:19.0251 4704 usbcir - ok 20:38:19.0298 4704 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 20:38:19.0313 4704 usbehci - ok 20:38:19.0329 4704 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:38:19.0345 4704 usbhub - ok 20:38:20.0171 4704 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 20:38:20.0171 4704 usbohci - ok 20:38:20.0203 4704 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 20:38:20.0218 4704 usbprint - ok 20:38:20.0218 4704 [ 73B84C8CE467E81A94D4194F8009F2A0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:38:20.0234 4704 USBSTOR - ok 20:38:20.0249 4704 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:38:20.0249 4704 usbuhci - ok 20:38:20.0281 4704 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 20:38:20.0296 4704 UxSms - ok 20:38:20.0312 4704 [ 77119F1F9B492B260030C34F9BE327FA ] VaultSvc C:\Windows\system32\lsass.exe 20:38:20.0312 4704 VaultSvc - ok 20:38:20.0343 4704 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:38:20.0343 4704 vdrvroot - ok 20:38:20.0390 4704 [ 44082C4A89ABDAC0C4B08AA8834270B4 ] vds C:\Windows\System32\vds.exe 20:38:20.0452 4704 vds - ok 20:38:20.0499 4704 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:38:20.0499 4704 vga - ok 20:38:20.0515 4704 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 20:38:20.0515 4704 VgaSave - ok 20:38:20.0530 4704 VGPU - ok 20:38:20.0546 4704 [ 39B842DE7862033E7A5F2BDDE7DECEB5 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:38:20.0561 4704 vhdmp - ok 20:38:20.0608 4704 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 20:38:20.0624 4704 viaide - ok 20:38:20.0686 4704 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 20:38:20.0702 4704 vmbus - ok 20:38:20.0717 4704 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 20:38:20.0733 4704 VMBusHID - ok 20:38:20.0749 4704 [ F6151F63A8E9C92A9AE8181DDDFF3A9A ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:38:20.0749 4704 volmgr - ok 20:38:20.0780 4704 [ 0904EF550B3D3FEB326638A4BAD9937E ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:38:20.0780 4704 volmgrx - ok 20:38:20.0811 4704 [ 33A1623EE5977F09F5DDF6DF288CD6AF ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:38:20.0811 4704 volsnap - ok 20:38:20.0905 4704 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:38:20.0920 4704 vsmraid - ok 20:38:21.0107 4704 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 20:38:21.0170 4704 VSS - ok 20:38:21.0201 4704 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 20:38:21.0217 4704 vwifibus - ok 20:38:21.0248 4704 [ C7B83BD98BA3560374569C0C13EA3685 ] W32Time C:\Windows\system32\w32time.dll 20:38:21.0263 4704 W32Time - ok 20:38:21.0341 4704 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 20:38:21.0373 4704 WacomPen - ok 20:38:21.0404 4704 [ 226028D956C43CE4D8DDFFA89873E890 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:38:21.0419 4704 WANARP - ok 20:38:21.0435 4704 [ 226028D956C43CE4D8DDFFA89873E890 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:38:21.0435 4704 Wanarpv6 - ok 20:38:21.0622 4704 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 20:38:21.0747 4704 WatAdminSvc - ok 20:38:21.0809 4704 [ E3AED78575601B7106B87A0A1BF93017 ] wbengine C:\Windows\system32\wbengine.exe 20:38:21.0919 4704 wbengine - ok 20:38:21.0934 4704 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:38:21.0997 4704 WbioSrvc - ok 20:38:22.0075 4704 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:38:22.0090 4704 wcncsvc - ok 20:38:22.0262 4704 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:38:22.0262 4704 WcsPlugInService - ok 20:38:22.0309 4704 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 20:38:22.0324 4704 Wd - ok 20:38:22.0433 4704 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:38:22.0433 4704 Wdf01000 - ok 20:38:22.0480 4704 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:38:22.0496 4704 WdiServiceHost - ok 20:38:22.0511 4704 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:38:22.0511 4704 WdiSystemHost - ok 20:38:22.0543 4704 [ 904E6B97EE970A7EB45BDE63EF07E685 ] WebClient C:\Windows\System32\webclnt.dll 20:38:22.0589 4704 WebClient - ok 20:38:22.0667 4704 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:38:22.0683 4704 Wecsvc - ok 20:38:22.0699 4704 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:38:22.0714 4704 wercplsupport - ok 20:38:22.0714 4704 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 20:38:22.0730 4704 WerSvc - ok 20:38:22.0761 4704 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:38:22.0761 4704 WfpLwf - ok 20:38:22.0777 4704 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:38:22.0792 4704 WIMMount - ok 20:38:22.0901 4704 WinDefend - ok 20:38:22.0901 4704 WinHttpAutoProxySvc - ok 20:38:23.0011 4704 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:38:23.0011 4704 Winmgmt - ok 20:38:23.0135 4704 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll 20:38:23.0245 4704 WinRM - ok 20:38:23.0323 4704 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 20:38:23.0385 4704 Wlansvc - ok 20:38:23.0572 4704 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:38:23.0635 4704 wlidsvc - ok 20:38:23.0713 4704 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 20:38:23.0713 4704 WmiAcpi - ok 20:38:23.0759 4704 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:38:23.0791 4704 wmiApSrv - ok 20:38:23.0806 4704 WMPNetworkSvc - ok 20:38:23.0837 4704 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:38:23.0837 4704 WPCSvc - ok 20:38:23.0869 4704 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:38:23.0884 4704 WPDBusEnum - ok 20:38:23.0900 4704 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:38:23.0900 4704 ws2ifsl - ok 20:38:23.0962 4704 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 20:38:23.0962 4704 wscsvc - ok 20:38:23.0978 4704 WSearch - ok 20:38:24.0134 4704 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 20:38:24.0259 4704 wuauserv - ok 20:38:24.0290 4704 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:38:24.0305 4704 WudfPf - ok 20:38:24.0321 4704 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:38:24.0352 4704 WUDFRd - ok 20:38:24.0383 4704 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:38:24.0383 4704 wudfsvc - ok 20:38:24.0415 4704 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll 20:38:24.0508 4704 WwanSvc - ok 20:38:24.0524 4704 ================ Scan global =============================== 20:38:24.0571 4704 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 20:38:24.0633 4704 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll 20:38:24.0851 4704 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll 20:38:24.0883 4704 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 20:38:24.0961 4704 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 20:38:24.0961 4704 [Global] - ok 20:38:24.0961 4704 ================ Scan MBR ================================== 20:38:24.0976 4704 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 20:38:27.0644 4704 \Device\Harddisk0\DR0 - ok 20:38:27.0644 4704 ================ Scan VBR ================================== 20:38:27.0659 4704 [ 1656F2BD423A6C6D9106112ABA3CDFE4 ] \Device\Harddisk0\DR0\Partition1 20:38:27.0675 4704 \Device\Harddisk0\DR0\Partition1 - ok 20:38:27.0675 4704 ============================================================ 20:38:27.0675 4704 Scan finished 20:38:27.0675 4704 ============================================================ 20:38:27.0691 3880 Detected object count: 0 20:38:27.0691 3880 Actual detected object count: 0 20:38:33.0931 0224 ============================================================ 20:38:33.0931 0224 Scan started 20:38:33.0931 0224 Mode: Manual; 20:38:33.0931 0224 ============================================================ 20:38:35.0803 0224 ================ Scan system memory ======================== 20:38:35.0803 0224 System memory - ok 20:38:35.0803 0224 ================ Scan services ============================= 20:38:36.0068 0224 [ FEF046400B75C4495AEC3D8A8CCE6014 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 20:38:36.0083 0224 1394ohci - ok 20:38:36.0115 0224 [ F84676C7D6684E86D3F05B2C5E9019B1 ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:38:36.0115 0224 ACPI - ok 20:38:36.0130 0224 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 20:38:36.0130 0224 AcpiPmi - ok 20:38:36.0193 0224 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:38:36.0193 0224 AdobeARMservice - ok 20:38:36.0785 0224 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:38:36.0785 0224 AdobeFlashPlayerUpdateSvc - ok 20:38:36.0832 0224 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 20:38:36.0832 0224 adp94xx - ok 20:38:36.0988 0224 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 20:38:36.0988 0224 adpahci - ok 20:38:37.0004 0224 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 20:38:37.0004 0224 adpu320 - ok 20:38:37.0113 0224 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe 20:38:37.0113 0224 AdvancedSystemCareService6 - ok 20:38:37.0160 0224 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:38:37.0160 0224 AeLookupSvc - ok 20:38:37.0222 0224 [ 36A14FD1A23F57046361733B792CA8DB ] AFD C:\Windows\system32\drivers\afd.sys 20:38:37.0222 0224 AFD - ok 20:38:37.0269 0224 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 20:38:37.0269 0224 agp440 - ok 20:38:37.0300 0224 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 20:38:37.0300 0224 ALG - ok 20:38:37.0331 0224 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 20:38:37.0331 0224 aliide - ok 20:38:37.0363 0224 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 20:38:37.0363 0224 amdide - ok 20:38:37.0378 0224 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 20:38:37.0378 0224 AmdK8 - ok 20:38:37.0394 0224 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 20:38:37.0394 0224 AmdPPM - ok 20:38:37.0425 0224 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:38:37.0425 0224 amdsata - ok 20:38:37.0472 0224 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 20:38:37.0472 0224 amdsbs - ok 20:38:37.0487 0224 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:38:37.0487 0224 amdxata - ok 20:38:37.0519 0224 [ 35AB3204BEC02DD3BC087124B2372F14 ] AppID C:\Windows\system32\drivers\appid.sys 20:38:37.0519 0224 AppID - ok 20:38:37.0534 0224 [ 2F527C8E85699188E746381DA2F0323D ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:38:37.0534 0224 AppIDSvc - ok 20:38:37.0565 0224 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 20:38:37.0565 0224 Appinfo - ok 20:38:37.0597 0224 [ 7A6A43EFE857532B1B92F510179AE7BB ] AppMgmt C:\Windows\System32\appmgmts.dll 20:38:37.0597 0224 AppMgmt - ok 20:38:37.0628 0224 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 20:38:37.0628 0224 arc - ok 20:38:37.0690 0224 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:38:37.0690 0224 arcsas - ok 20:38:37.0846 0224 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:38:37.0846 0224 aspnet_state - ok 20:38:37.0862 0224 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 20:38:37.0862 0224 aswFsBlk - ok 20:38:37.0909 0224 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 20:38:37.0909 0224 aswMonFlt - ok 20:38:38.0018 0224 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 20:38:38.0018 0224 aswSnx - ok 20:38:38.0080 0224 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys 20:38:38.0080 0224 aswSP - ok 20:38:38.0111 0224 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:38:38.0111 0224 AsyncMac - ok 20:38:38.0143 0224 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 20:38:38.0143 0224 atapi - ok 20:38:38.0205 0224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:38:38.0205 0224 AudioEndpointBuilder - ok 20:38:38.0236 0224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 20:38:38.0252 0224 AudioSrv - ok 20:38:38.0579 0224 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe 20:38:38.0626 0224 AVGIDSAgent - ok 20:38:38.0704 0224 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 20:38:38.0704 0224 AVGIDSDriver - ok 20:38:38.0735 0224 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 20:38:38.0751 0224 AVGIDSHA - ok 20:38:38.0782 0224 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 20:38:38.0782 0224 Avgldx64 - ok 20:38:38.0829 0224 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys 20:38:38.0829 0224 Avgloga - ok 20:38:38.0860 0224 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 20:38:38.0876 0224 Avgmfx64 - ok 20:38:38.0891 0224 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 20:38:38.0891 0224 Avgrkx64 - ok 20:38:38.0923 0224 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 20:38:38.0938 0224 Avgtdia - ok 20:38:39.0047 0224 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe 20:38:39.0047 0224 avgwd - ok 20:38:39.0079 0224 [ 3EF6DE560CD2441FC0A149C83C5A5C65 ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:38:39.0079 0224 AxInstSV - ok 20:38:39.0188 0224 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 20:38:39.0203 0224 b06bdrv - ok 20:38:39.0235 0224 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 20:38:39.0235 0224 b57nd60a - ok 20:38:39.0297 0224 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 20:38:39.0297 0224 BDESVC - ok 20:38:39.0359 0224 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 20:38:39.0359 0224 Beep - ok 20:38:39.0391 0224 [ CD5F2506D814F812BC4996D081D1BF03 ] BFE C:\Windows\System32\bfe.dll 20:38:39.0391 0224 BFE - ok 20:38:39.0469 0224 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 20:38:39.0484 0224 BITS - ok 20:38:39.0500 0224 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 20:38:39.0500 0224 blbdrive - ok 20:38:39.0531 0224 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:38:39.0547 0224 bowser - ok 20:38:39.0547 0224 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 20:38:39.0547 0224 BrFiltLo - ok 20:38:39.0562 0224 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 20:38:39.0562 0224 BrFiltUp - ok 20:38:39.0593 0224 [ 2DAF3AA72B540FE9FEDFDCF1DECD82F1 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 20:38:39.0593 0224 BridgeMP - ok 20:38:39.0703 0224 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 20:38:39.0703 0224 Browser - ok 20:38:39.0749 0224 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:38:39.0749 0224 Brserid - ok 20:38:39.0765 0224 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:38:39.0765 0224 BrSerWdm - ok 20:38:39.0781 0224 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:38:39.0781 0224 BrUsbMdm - ok 20:38:39.0796 0224 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:38:39.0812 0224 BrUsbSer - ok 20:38:39.0859 0224 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 20:38:39.0859 0224 BTHMODEM - ok 20:38:39.0905 0224 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 20:38:39.0905 0224 bthserv - ok 20:38:39.0905 0224 catchme - ok 20:38:40.0077 0224 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:38:40.0077 0224 cdfs - ok 20:38:40.0108 0224 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:38:40.0108 0224 cdrom - ok 20:38:40.0155 0224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 20:38:40.0155 0224 CertPropSvc - ok 20:38:40.0186 0224 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 20:38:40.0186 0224 circlass - ok 20:38:40.0249 0224 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 20:38:40.0249 0224 CLFS - ok 20:38:40.0327 0224 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:38:40.0327 0224 clr_optimization_v2.0.50727_32 - ok 20:38:40.0389 0224 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:38:40.0389 0224 clr_optimization_v2.0.50727_64 - ok 20:38:40.0514 0224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:38:40.0514 0224 clr_optimization_v4.0.30319_32 - ok 20:38:40.0529 0224 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:38:40.0529 0224 clr_optimization_v4.0.30319_64 - ok 20:38:40.0576 0224 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 20:38:40.0576 0224 CmBatt - ok 20:38:40.0592 0224 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:38:40.0592 0224 cmdide - ok 20:38:40.0701 0224 [ D50B14C87DDD0068BFF6F103A7A0FFEE ] CNG C:\Windows\system32\Drivers\cng.sys 20:38:40.0701 0224 CNG - ok 20:38:40.0717 0224 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 20:38:40.0717 0224 Compbatt - ok 20:38:40.0748 0224 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 20:38:40.0748 0224 CompositeBus - ok 20:38:40.0763 0224 COMSysApp - ok 20:38:40.0795 0224 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 20:38:40.0795 0224 crcdisk - ok 20:38:40.0841 0224 [ 7E7D2DACF65D750D466F36BD3D09AE20 ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:38:40.0841 0224 CryptSvc - ok 20:38:40.0888 0224 [ 8353725EEE456A3C0EFDEB3010976D95 ] CSC C:\Windows\system32\drivers\csc.sys 20:38:40.0888 0224 CSC - ok 20:38:40.0951 0224 [ 6ACCF84234CCBD1A38BB272DDFE0D376 ] CscService C:\Windows\System32\cscsvc.dll 20:38:40.0966 0224 CscService - ok 20:38:40.0997 0224 [ 225EFEE8960E554F3AB9A4A91790C039 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:38:41.0013 0224 DcomLaunch - ok 20:38:41.0060 0224 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 20:38:41.0075 0224 defragsvc - ok 20:38:41.0075 0224 [ 1BFA143A375669B75D83BDF2054A893D ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:38:41.0075 0224 DfsC - ok 20:38:41.0122 0224 [ 3F221A7E3123773EE8F1DB200CDDB39E ] Dhcp C:\Windows\system32\dhcpcore.dll 20:38:41.0122 0224 Dhcp - ok 20:38:41.0153 0224 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 20:38:41.0153 0224 discache - ok 20:38:41.0169 0224 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 20:38:41.0169 0224 Disk - ok 20:38:41.0185 0224 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 20:38:41.0185 0224 dmvsc - ok 20:38:41.0231 0224 [ A06098E823EE2E63D42691C0D7BCDE46 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:38:41.0231 0224 Dnscache - ok 20:38:41.0263 0224 [ DD5038774EDF647E0D9F4220B1ADE6FC ] dot3svc C:\Windows\System32\dot3svc.dll 20:38:41.0278 0224 dot3svc - ok 20:38:41.0309 0224 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 20:38:41.0309 0224 DPS - ok 20:38:41.0341 0224 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:38:41.0341 0224 drmkaud - ok 20:38:41.0419 0224 [ ED5DE02656654EF1270908C5456A110B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:38:41.0434 0224 DXGKrnl - ok 20:38:41.0450 0224 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 20:38:41.0450 0224 E1G60 - ok 20:38:41.0481 0224 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 20:38:41.0481 0224 EapHost - ok 20:38:41.0668 0224 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 20:38:41.0684 0224 ebdrv - ok 20:38:41.0746 0224 [ 77119F1F9B492B260030C34F9BE327FA ] EFS C:\Windows\System32\lsass.exe 20:38:41.0746 0224 EFS - ok 20:38:41.0840 0224 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:38:41.0840 0224 ehRecvr - ok 20:38:41.0855 0224 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 20:38:41.0871 0224 ehSched - ok 20:38:41.0902 0224 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 20:38:41.0902 0224 elxstor - ok 20:38:41.0918 0224 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:38:41.0918 0224 ErrDev - ok 20:38:41.0996 0224 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 20:38:42.0011 0224 EventSystem - ok 20:38:42.0027 0224 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 20:38:42.0027 0224 exfat - ok 20:38:42.0043 0224 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:38:42.0043 0224 fastfat - ok 20:38:42.0136 0224 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 20:38:42.0136 0224 Fax - ok 20:38:42.0152 0224 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 20:38:42.0152 0224 fdc - ok 20:38:42.0183 0224 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 20:38:42.0183 0224 fdPHost - ok 20:38:42.0245 0224 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 20:38:42.0245 0224 FDResPub - ok 20:38:42.0261 0224 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:38:42.0261 0224 FileInfo - ok 20:38:42.0292 0224 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:38:42.0292 0224 Filetrace - ok 20:38:42.0323 0224 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 20:38:42.0323 0224 flpydisk - ok 20:38:42.0386 0224 [ CF145A57AEBA71B82B1C6F103461F6FA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:38:42.0386 0224 FltMgr - ok 20:38:42.0511 0224 [ 01B7AD61A48CD5A4563FDA6AD4608E95 ] FontCache C:\Windows\system32\FntCache.dll 20:38:42.0511 0224 FontCache - ok 20:38:42.0589 0224 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:38:42.0589 0224 FontCache3.0.0.0 - ok 20:38:42.0604 0224 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:38:42.0620 0224 FsDepends - ok 20:38:42.0682 0224 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:38:42.0682 0224 Fs_Rec - ok 20:38:42.0729 0224 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:38:42.0729 0224 fvevol - ok 20:38:42.0745 0224 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 20:38:42.0745 0224 gagp30kx - ok 20:38:42.0885 0224 [ 0D4D07D7F7D231518D7576CA81CC12D8 ] gpsvc C:\Windows\System32\gpsvc.dll 20:38:42.0885 0224 gpsvc - ok 20:38:42.0947 0224 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:38:42.0963 0224 gupdate - ok 20:38:42.0994 0224 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:38:42.0994 0224 gupdatem - ok 20:38:43.0025 0224 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 20:38:43.0041 0224 gusvc - ok 20:38:43.0057 0224 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:38:43.0057 0224 hcw85cir - ok 20:38:43.0119 0224 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:38:43.0119 0224 HdAudAddService - ok 20:38:43.0135 0224 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 20:38:43.0135 0224 HDAudBus - ok 20:38:43.0166 0224 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 20:38:43.0166 0224 HidBatt - ok 20:38:43.0181 0224 [ FDF5EAD19FD8B2D0C50A9CCDD7836F9E ] HidBth C:\Windows\system32\drivers\hidbth.sys 20:38:43.0181 0224 HidBth - ok 20:38:43.0197 0224 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 20:38:43.0197 0224 HidIr - ok 20:38:43.0213 0224 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 20:38:43.0228 0224 hidserv - ok 20:38:43.0244 0224 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:38:43.0244 0224 HidUsb - ok 20:38:43.0291 0224 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:38:43.0291 0224 hkmsvc - ok 20:38:43.0322 0224 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:38:43.0322 0224 HomeGroupListener - ok 20:38:43.0369 0224 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:38:43.0384 0224 HomeGroupProvider - ok 20:38:43.0400 0224 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:38:43.0400 0224 HpSAMD - ok 20:38:43.0493 0224 [ 9DAC3D5D0FEF086AF576453EC4735128 ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:38:43.0509 0224 HTTP - ok 20:38:43.0525 0224 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:38:43.0525 0224 hwpolicy - ok 20:38:43.0540 0224 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 20:38:43.0540 0224 i8042prt - ok 20:38:43.0571 0224 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:38:43.0571 0224 iaStorV - ok 20:38:43.0665 0224 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:38:43.0681 0224 idsvc - ok 20:38:43.0696 0224 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:38:43.0696 0224 iirsp - ok 20:38:43.0743 0224 [ C4FD43E3B0EE832CBE664652A95326B2 ] IKEEXT C:\Windows\System32\ikeext.dll 20:38:43.0759 0224 IKEEXT - ok 20:38:43.0805 0224 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 20:38:43.0805 0224 intelide - ok 20:38:43.0837 0224 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:38:43.0837 0224 intelppm - ok 20:38:43.0868 0224 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:38:43.0883 0224 IPBusEnum - ok 20:38:43.0899 0224 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:38:43.0899 0224 IpFilterDriver - ok 20:38:43.0946 0224 [ 4261F21A202746AC207CA9AA863D9FD4 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:38:43.0961 0224 iphlpsvc - ok 20:38:43.0977 0224 [ E277572E61604D174CFBCFCCEAFA9591 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:38:43.0977 0224 IPMIDRV - ok 20:38:44.0039 0224 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:38:44.0039 0224 IPNAT - ok 20:38:44.0055 0224 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:38:44.0071 0224 IRENUM - ok 20:38:44.0071 0224 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:38:44.0071 0224 isapnp - ok 20:38:44.0133 0224 [ C18F0ABE572719013CFFFCF7506E0394 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:38:44.0133 0224 iScsiPrt - ok 20:38:44.0149 0224 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 20:38:44.0149 0224 kbdclass - ok 20:38:44.0164 0224 [ 3985332405FA64D8E679A1DB24901596 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:38:44.0164 0224 kbdhid - ok 20:38:44.0195 0224 [ 77119F1F9B492B260030C34F9BE327FA ] KeyIso C:\Windows\system32\lsass.exe 20:38:44.0195 0224 KeyIso - ok 20:38:44.0227 0224 [ E2A74E21F4362A36C5610CAE4FA0B3F7 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:38:44.0227 0224 KSecDD - ok 20:38:44.0258 0224 [ 2D466699839F92FD5B5BFF734A391291 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:38:44.0258 0224 KSecPkg - ok 20:38:44.0305 0224 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:38:44.0305 0224 ksthunk - ok 20:38:44.0414 0224 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 20:38:44.0429 0224 KtmRm - ok 20:38:44.0461 0224 [ BB1F14C43241F880D23B1A8BB0B76DD0 ] LanmanServer C:\Windows\System32\srvsvc.dll 20:38:44.0461 0224 LanmanServer - ok 20:38:44.0492 0224 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:38:44.0492 0224 LanmanWorkstation - ok 20:38:44.0539 0224 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:38:44.0539 0224 lltdio - ok 20:38:44.0585 0224 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:38:44.0601 0224 lltdsvc - ok 20:38:44.0617 0224 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:38:44.0617 0224 lmhosts - ok 20:38:44.0679 0224 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 20:38:44.0679 0224 LSI_FC - ok 20:38:44.0695 0224 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:38:44.0695 0224 LSI_SAS - ok 20:38:44.0726 0224 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 20:38:44.0726 0224 LSI_SAS2 - ok 20:38:44.0741 0224 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:38:44.0741 0224 LSI_SCSI - ok 20:38:44.0773 0224 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 20:38:44.0773 0224 luafv - ok 20:38:44.0804 0224 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:38:44.0804 0224 Mcx2Svc - ok 20:38:44.0851 0224 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 20:38:44.0851 0224 megasas - ok 20:38:44.0929 0224 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 20:38:44.0929 0224 MegaSR - ok 20:38:44.0944 0224 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 20:38:44.0960 0224 MMCSS - ok 20:38:44.0975 0224 [ BFFB0C93D9FB43CA42EF11C9240BFF7F ] Modem C:\Windows\system32\drivers\modem.sys 20:38:44.0991 0224 Modem - ok 20:38:45.0007 0224 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:38:45.0007 0224 monitor - ok 20:38:45.0022 0224 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 20:38:45.0022 0224 mouclass - ok 20:38:45.0038 0224 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:38:45.0038 0224 mouhid - ok 20:38:45.0053 0224 [ B3F55C20008956239A2190DBD7CC4C31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:38:45.0053 0224 mountmgr - ok 20:38:45.0100 0224 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 20:38:45.0116 0224 MpFilter - ok 20:38:45.0147 0224 [ 0EDF7F93213CA293D0C549F6905422C4 ] mpio C:\Windows\system32\drivers\mpio.sys 20:38:45.0147 0224 mpio - ok 20:38:45.0163 0224 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:38:45.0163 0224 mpsdrv - ok 20:38:45.0256 0224 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:38:45.0272 0224 MpsSvc - ok 20:38:45.0303 0224 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:38:45.0303 0224 MRxDAV - ok 20:38:45.0334 0224 [ 73F488BC627CB0AC91840AA9FAC30104 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:38:45.0334 0224 mrxsmb - ok 20:38:45.0350 0224 [ 311B774EC01B8BE17C9508049EA77875 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:38:45.0365 0224 mrxsmb10 - ok 20:38:45.0381 0224 [ 953F769F8D2AB6F854BEE5A5C7AACA6C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:38:45.0397 0224 mrxsmb20 - ok 20:38:45.0428 0224 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 20:38:45.0428 0224 msahci - ok 20:38:45.0459 0224 [ 4F42C9CE2BD3444B1B98593A2DFBC547 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:38:45.0459 0224 msdsm - ok 20:38:45.0475 0224 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 20:38:45.0490 0224 MSDTC - ok 20:38:45.0537 0224 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:38:45.0537 0224 Msfs - ok 20:38:45.0553 0224 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:38:45.0553 0224 mshidkmdf - ok 20:38:45.0568 0224 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:38:45.0568 0224 msisadrv - ok 20:38:45.0615 0224 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:38:45.0631 0224 MSiSCSI - ok 20:38:45.0646 0224 msiserver - ok 20:38:45.0662 0224 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:38:45.0662 0224 MSKSSRV - ok 20:38:45.0771 0224 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 20:38:45.0771 0224 MsMpSvc - ok 20:38:45.0787 0224 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:38:45.0787 0224 MSPCLOCK - ok 20:38:45.0818 0224 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:38:45.0818 0224 MSPQM - ok 20:38:45.0849 0224 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:38:45.0865 0224 MsRPC - ok 20:38:45.0896 0224 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 20:38:45.0896 0224 mssmbios - ok 20:38:45.0911 0224 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:38:45.0911 0224 MSTEE - ok 20:38:45.0943 0224 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 20:38:45.0943 0224 MTConfig - ok 20:38:45.0958 0224 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 20:38:45.0974 0224 Mup - ok 20:38:46.0005 0224 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 20:38:46.0005 0224 napagent - ok 20:38:46.0067 0224 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:38:46.0067 0224 NativeWifiP - ok 20:38:46.0130 0224 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:38:46.0145 0224 NDIS - ok 20:38:46.0161 0224 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:38:46.0161 0224 NdisCap - ok 20:38:46.0192 0224 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:38:46.0192 0224 NdisTapi - ok 20:38:46.0208 0224 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:38:46.0208 0224 Ndisuio - ok 20:38:46.0255 0224 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:38:46.0255 0224 NdisWan - ok 20:38:46.0286 0224 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:38:46.0286 0224 NDProxy - ok 20:38:46.0317 0224 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:38:46.0317 0224 NetBIOS - ok 20:38:46.0333 0224 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:38:46.0333 0224 NetBT - ok 20:38:46.0395 0224 [ 77119F1F9B492B260030C34F9BE327FA ] Netlogon C:\Windows\system32\lsass.exe 20:38:46.0395 0224 Netlogon - ok 20:38:46.0426 0224 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 20:38:46.0426 0224 Netman - ok 20:38:46.0457 0224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:46.0457 0224 NetMsmqActivator - ok 20:38:46.0457 0224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:46.0473 0224 NetPipeActivator - ok 20:38:46.0489 0224 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 20:38:46.0504 0224 netprofm - ok 20:38:46.0520 0224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:46.0520 0224 NetTcpActivator - ok 20:38:46.0535 0224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:38:46.0535 0224 NetTcpPortSharing - ok 20:38:46.0567 0224 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:38:46.0567 0224 nfrd960 - ok 20:38:46.0598 0224 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 20:38:46.0598 0224 NisDrv - ok 20:38:46.0629 0224 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 20:38:46.0629 0224 NisSrv - ok 20:38:46.0691 0224 [ 2BF56772E15F53B0565175940E65E356 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:38:46.0691 0224 NlaSvc - ok 20:38:46.0707 0224 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:38:46.0723 0224 Npfs - ok 20:38:46.0723 0224 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 20:38:46.0738 0224 nsi - ok 20:38:46.0754 0224 [ 436EE51D8F206B79DF7B9CBB057299C0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:38:46.0754 0224 nsiproxy - ok 20:38:46.0832 0224 [ B2746D84DDF68D09B41B72DF745CCBA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:38:46.0847 0224 Ntfs - ok 20:38:46.0863 0224 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 20:38:46.0863 0224 Null - ok 20:38:47.0378 0224 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:38:47.0471 0224 nvlddmkm - ok 20:38:47.0534 0224 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:38:47.0549 0224 nvraid - ok 20:38:47.0581 0224 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:38:47.0581 0224 nvstor - ok 20:38:47.0627 0224 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe 20:38:47.0627 0224 nvsvc - ok 20:38:47.0674 0224 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:38:47.0674 0224 nv_agp - ok 20:38:47.0705 0224 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:38:47.0705 0224 ohci1394 - ok 20:38:47.0752 0224 [ 8830D42427D05B15B032108EBBDBD289 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:38:47.0752 0224 p2pimsvc - ok 20:38:47.0815 0224 [ 5B7BADED6943AA6F4B6C1ABA5FCCB25F ] p2psvc C:\Windows\system32\p2psvc.dll 20:38:47.0815 0224 p2psvc - ok 20:38:47.0830 0224 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 20:38:47.0830 0224 Parport - ok 20:38:47.0893 0224 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:38:47.0893 0224 partmgr - ok 20:38:47.0908 0224 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:38:47.0924 0224 PcaSvc - ok 20:38:47.0971 0224 [ B9F2F6AACE16DC38EAA7AFD537854DF4 ] pci C:\Windows\system32\drivers\pci.sys 20:38:47.0971 0224 pci - ok 20:38:47.0986 0224 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 20:38:47.0986 0224 pciide - ok 20:38:48.0017 0224 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 20:38:48.0033 0224 pcmcia - ok 20:38:48.0049 0224 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 20:38:48.0064 0224 pcw - ok 20:38:48.0189 0224 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:38:48.0189 0224 PEAUTH - ok 20:38:48.0283 0224 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 20:38:48.0298 0224 PeerDistSvc - ok 20:38:48.0361 0224 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:38:48.0361 0224 PerfHost - ok 20:38:48.0454 0224 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 20:38:48.0470 0224 pla - ok 20:38:48.0517 0224 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:38:48.0517 0224 PlugPlay - ok 20:38:48.0548 0224 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:38:48.0548 0224 PNRPAutoReg - ok 20:38:48.0579 0224 [ 8830D42427D05B15B032108EBBDBD289 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:38:48.0579 0224 PNRPsvc - ok 20:38:48.0657 0224 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:38:48.0657 0224 PolicyAgent - ok 20:38:48.0673 0224 [ 12B96E339A35F56807D4D788439FF484 ] Power C:\Windows\system32\umpo.dll 20:38:48.0688 0224 Power - ok 20:38:48.0719 0224 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:38:48.0719 0224 PptpMiniport - ok 20:38:48.0751 0224 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 20:38:48.0751 0224 Processor - ok 20:38:48.0782 0224 [ 5CBC20E15923025997C2253A7DD5193F ] ProfSvc C:\Windows\system32\profsvc.dll 20:38:48.0797 0224 ProfSvc - ok 20:38:48.0813 0224 [ 77119F1F9B492B260030C34F9BE327FA ] ProtectedStorage C:\Windows\system32\lsass.exe 20:38:48.0813 0224 ProtectedStorage - ok 20:38:48.0844 0224 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:38:48.0844 0224 Psched - ok 20:38:48.0953 0224 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 20:38:48.0953 0224 ql2300 - ok 20:38:49.0000 0224 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 20:38:49.0000 0224 ql40xx - ok 20:38:49.0031 0224 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 20:38:49.0047 0224 QWAVE - ok 20:38:49.0063 0224 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:38:49.0063 0224 QWAVEdrv - ok 20:38:49.0078 0224 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:38:49.0078 0224 RasAcd - ok 20:38:49.0141 0224 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:38:49.0141 0224 RasAgileVpn - ok 20:38:49.0156 0224 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 20:38:49.0172 0224 RasAuto - ok 20:38:49.0187 0224 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:38:49.0187 0224 Rasl2tp - ok 20:38:49.0219 0224 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 20:38:49.0219 0224 RasMan - ok 20:38:49.0234 0224 [ 77682DE44B334E6AAFCD0ED61FB7404F ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:38:49.0234 0224 RasPppoe - ok 20:38:49.0297 0224 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:38:49.0312 0224 RasSstp - ok 20:38:49.0328 0224 [ 80C23729C4E807A0A0832B8A17A8EF18 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:38:49.0328 0224 rdbss - ok 20:38:49.0343 0224 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:38:49.0343 0224 rdpbus - ok 20:38:49.0359 0224 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:38:49.0359 0224 RDPCDD - ok 20:38:49.0406 0224 [ 9E53D41BD99BEB981180978C4AE0BDEB ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 20:38:49.0406 0224 RDPDR - ok 20:38:49.0453 0224 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:38:49.0453 0224 RDPENCDD - ok 20:38:49.0468 0224 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:38:49.0468 0224 RDPREFMP - ok 20:38:49.0499 0224 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 20:38:49.0499 0224 RdpVideoMiniport - ok 20:38:49.0546 0224 [ 1FE9863C6C5CC71E8E7E70F9EFBD30E1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:38:49.0546 0224 RDPWD - ok 20:38:49.0562 0224 [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:38:49.0562 0224 rdyboost - ok 20:38:49.0609 0224 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:38:49.0609 0224 RemoteAccess - ok 20:38:49.0640 0224 [ E27F4D24D28E52F81A9223826939276B ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:38:49.0640 0224 RemoteRegistry - ok 20:38:49.0687 0224 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:38:49.0687 0224 RpcEptMapper - ok 20:38:49.0765 0224 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 20:38:49.0765 0224 RpcLocator - ok 20:38:49.0780 0224 [ 225EFEE8960E554F3AB9A4A91790C039 ] RpcSs C:\Windows\system32\rpcss.dll 20:38:49.0796 0224 RpcSs - ok 20:38:49.0827 0224 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:38:49.0827 0224 rspndr - ok 20:38:49.0874 0224 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 20:38:49.0874 0224 RTL8167 - ok 20:38:49.0905 0224 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 20:38:49.0905 0224 s3cap - ok 20:38:49.0936 0224 [ 77119F1F9B492B260030C34F9BE327FA ] SamSs C:\Windows\system32\lsass.exe 20:38:49.0936 0224 SamSs - ok 20:38:49.0952 0224 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:38:49.0952 0224 sbp2port - ok 20:38:49.0967 0224 [ 38224FF66A734F973D10E1465AD4CB07 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:38:49.0983 0224 SCardSvr - ok 20:38:50.0014 0224 [ CDF622EFC748F82EA9571138406871EA ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:38:50.0014 0224 scfilter - ok 20:38:50.0092 0224 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 20:38:50.0092 0224 Schedule - ok 20:38:50.0123 0224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 20:38:50.0123 0224 SCPolicySvc - ok 20:38:50.0155 0224 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:38:50.0170 0224 SDRSVC - ok 20:38:50.0186 0224 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:38:50.0186 0224 secdrv - ok 20:38:50.0233 0224 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 20:38:50.0233 0224 seclogon - ok 20:38:50.0248 0224 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 20:38:50.0248 0224 SENS - ok 20:38:50.0279 0224 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:38:50.0279 0224 SensrSvc - ok 20:38:50.0311 0224 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 20:38:50.0311 0224 Serenum - ok 20:38:50.0326 0224 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 20:38:50.0326 0224 Serial - ok 20:38:50.0342 0224 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 20:38:50.0342 0224 sermouse - ok 20:38:50.0389 0224 [ 69DF54A0519587E8040E17EF0BA4B069 ] SessionEnv C:\Windows\system32\sessenv.dll 20:38:50.0404 0224 SessionEnv - ok 20:38:50.0420 0224 [ C3D57658C34C68DB5D8970A1CF96284E ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:38:50.0420 0224 sffdisk - ok 20:38:50.0420 0224 [ 21EACBEFFFB0FB4999D3D10245CF10A5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:38:50.0420 0224 sffp_mmc - ok 20:38:50.0451 0224 [ AF660EA3039E8FE3C2051D7224C82F34 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:38:50.0451 0224 sffp_sd - ok 20:38:50.0467 0224 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 20:38:50.0467 0224 sfloppy - ok 20:38:50.0513 0224 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:38:50.0513 0224 SharedAccess - ok 20:38:50.0545 0224 [ EA9092F3DB26EDC7199AB64C9EF0D2D7 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:38:50.0560 0224 ShellHWDetection - ok 20:38:50.0576 0224 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 20:38:50.0576 0224 SiSRaid2 - ok 20:38:50.0591 0224 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:38:50.0607 0224 SiSRaid4 - ok 20:38:50.0654 0224 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:38:50.0654 0224 Smb - ok 20:38:50.0669 0224 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:38:50.0685 0224 SNMPTRAP - ok 20:38:50.0701 0224 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 20:38:50.0701 0224 spldr - ok 20:38:50.0747 0224 [ B9D7A4858CF32A6A15D2763F1DE47E0E ] Spooler C:\Windows\System32\spoolsv.exe 20:38:50.0763 0224 Spooler - ok 20:38:50.0919 0224 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 20:38:50.0950 0224 sppsvc - ok 20:38:50.0981 0224 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:38:50.0981 0224 sppuinotify - ok 20:38:51.0013 0224 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 20:38:51.0013 0224 srv - ok 20:38:51.0044 0224 [ 9F50BF7E8BA1D13BB6BB51F932707A84 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:38:51.0044 0224 srv2 - ok 20:38:51.0059 0224 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:38:51.0059 0224 srvnet - ok 20:38:51.0075 0224 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:38:51.0091 0224 SSDPSRV - ok 20:38:51.0106 0224 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:38:51.0106 0224 SstpSvc - ok 20:38:51.0137 0224 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 20:38:51.0153 0224 stexstor - ok 20:38:51.0200 0224 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 20:38:51.0200 0224 stisvc - ok 20:38:51.0231 0224 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 20:38:51.0231 0224 storflt - ok 20:38:51.0262 0224 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 20:38:51.0262 0224 storvsc - ok 20:38:51.0278 0224 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 20:38:51.0278 0224 swenum - ok 20:38:51.0371 0224 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 20:38:51.0371 0224 swprv - ok 20:38:51.0403 0224 [ 96E6D1CDA59FD9FF53C3C474CFFF4A55 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys 20:38:51.0403 0224 Synth3dVsc - ok 20:38:51.0481 0224 [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain C:\Windows\system32\sysmain.dll 20:38:51.0496 0224 SysMain - ok 20:38:51.0512 0224 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:38:51.0512 0224 TabletInputService - ok 20:38:51.0527 0224 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:38:51.0543 0224 TapiSrv - ok 20:38:51.0559 0224 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 20:38:51.0559 0224 TBS - ok 20:38:51.0715 0224 [ D5707FC2300AA5B04B7BFE86D40C0133 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:38:51.0730 0224 Tcpip - ok 20:38:51.0777 0224 [ D5707FC2300AA5B04B7BFE86D40C0133 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:38:51.0793 0224 TCPIP6 - ok 20:38:51.0855 0224 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:38:51.0855 0224 tcpipreg - ok 20:38:51.0886 0224 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:38:51.0886 0224 TDPIPE - ok 20:38:51.0902 0224 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:38:51.0902 0224 TDTCP - ok 20:38:51.0933 0224 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:38:51.0933 0224 tdx - ok 20:38:51.0949 0224 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 20:38:51.0949 0224 TermDD - ok 20:38:51.0980 0224 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys 20:38:51.0980 0224 terminpt - ok 20:38:52.0027 0224 [ 5ADFC101F47A366302018371DE4353EA ] TermService C:\Windows\System32\termsrv.dll 20:38:52.0027 0224 TermService - ok 20:38:52.0073 0224 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll 20:38:52.0073 0224 Themes - ok 20:38:52.0105 0224 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 20:38:52.0105 0224 THREADORDER - ok 20:38:52.0167 0224 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 20:38:52.0167 0224 TrkWks - ok 20:38:52.0245 0224 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:38:52.0245 0224 TrustedInstaller - ok 20:38:52.0276 0224 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:38:52.0292 0224 tssecsrv - ok 20:38:52.0307 0224 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:38:52.0307 0224 TsUsbFlt - ok 20:38:52.0354 0224 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 20:38:52.0354 0224 TsUsbGD - ok 20:38:52.0417 0224 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys 20:38:52.0432 0224 tsusbhub - ok 20:38:52.0432 0224 [ 5AF0E7D020F6CA55AC57CD89AE089673 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:38:52.0432 0224 tunnel - ok 20:38:52.0448 0224 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:38:52.0463 0224 uagp35 - ok 20:38:52.0510 0224 [ 194BB13D4AE26BE3431E50D19F4245AD ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:38:52.0526 0224 udfs - ok 20:38:52.0573 0224 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:38:52.0588 0224 UI0Detect - ok 20:38:52.0604 0224 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:38:52.0604 0224 uliagpkx - ok 20:38:52.0651 0224 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:38:52.0651 0224 umbus - ok 20:38:52.0651 0224 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 20:38:52.0666 0224 UmPass - ok 20:38:52.0697 0224 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 20:38:52.0697 0224 UmRdpService - ok 20:38:52.0713 0224 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 20:38:52.0729 0224 upnphost - ok 20:38:52.0744 0224 [ EBF228A52517042DE4F38A40285BC8D9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:38:52.0760 0224 usbccgp - ok 20:38:52.0760 0224 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:38:52.0760 0224 usbcir - ok 20:38:52.0791 0224 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 20:38:52.0791 0224 usbehci - ok 20:38:52.0822 0224 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:38:52.0822 0224 usbhub - ok 20:38:52.0916 0224 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 20:38:52.0916 0224 usbohci - ok 20:38:52.0947 0224 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 20:38:52.0947 0224 usbprint - ok 20:38:52.0963 0224 [ 73B84C8CE467E81A94D4194F8009F2A0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:38:52.0963 0224 USBSTOR - ok 20:38:52.0978 0224 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:38:52.0978 0224 usbuhci - ok 20:38:53.0025 0224 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 20:38:53.0025 0224 UxSms - ok 20:38:53.0041 0224 [ 77119F1F9B492B260030C34F9BE327FA ] VaultSvc C:\Windows\system32\lsass.exe 20:38:53.0041 0224 VaultSvc - ok 20:38:53.0056 0224 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:38:53.0056 0224 vdrvroot - ok 20:38:53.0087 0224 [ 44082C4A89ABDAC0C4B08AA8834270B4 ] vds C:\Windows\System32\vds.exe 20:38:53.0103 0224 vds - ok 20:38:53.0134 0224 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:38:53.0134 0224 vga - ok 20:38:53.0181 0224 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 20:38:53.0181 0224 VgaSave - ok 20:38:53.0197 0224 VGPU - ok 20:38:53.0212 0224 [ 39B842DE7862033E7A5F2BDDE7DECEB5 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:38:53.0212 0224 vhdmp - ok 20:38:53.0228 0224 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 20:38:53.0243 0224 viaide - ok 20:38:53.0275 0224 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 20:38:53.0275 0224 vmbus - ok 20:38:53.0290 0224 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 20:38:53.0290 0224 VMBusHID - ok 20:38:53.0321 0224 [ F6151F63A8E9C92A9AE8181DDDFF3A9A ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:38:53.0321 0224 volmgr - ok 20:38:53.0353 0224 [ 0904EF550B3D3FEB326638A4BAD9937E ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:38:53.0353 0224 volmgrx - ok 20:38:53.0384 0224 [ 33A1623EE5977F09F5DDF6DF288CD6AF ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:38:53.0399 0224 volsnap - ok 20:38:53.0431 0224 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:38:53.0431 0224 vsmraid - ok 20:38:53.0711 0224 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 20:38:53.0774 0224 VSS - ok 20:38:53.0805 0224 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 20:38:53.0805 0224 vwifibus - ok 20:38:53.0867 0224 [ C7B83BD98BA3560374569C0C13EA3685 ] W32Time C:\Windows\system32\w32time.dll 20:38:53.0883 0224 W32Time - ok 20:38:53.0961 0224 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 20:38:53.0961 0224 WacomPen - ok 20:38:53.0992 0224 [ 226028D956C43CE4D8DDFFA89873E890 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:38:53.0992 0224 WANARP - ok 20:38:54.0008 0224 [ 226028D956C43CE4D8DDFFA89873E890 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:38:54.0008 0224 Wanarpv6 - ok 20:38:54.0133 0224 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 20:38:54.0148 0224 WatAdminSvc - ok 20:38:54.0242 0224 [ E3AED78575601B7106B87A0A1BF93017 ] wbengine C:\Windows\system32\wbengine.exe 20:38:54.0257 0224 wbengine - ok 20:38:54.0273 0224 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:38:54.0289 0224 WbioSrvc - ok 20:38:54.0335 0224 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:38:54.0335 0224 wcncsvc - ok 20:38:54.0367 0224 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:38:54.0367 0224 WcsPlugInService - ok 20:38:54.0398 0224 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 20:38:54.0398 0224 Wd - ok 20:38:54.0429 0224 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:38:54.0445 0224 Wdf01000 - ok 20:38:54.0460 0224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:38:54.0460 0224 WdiServiceHost - ok 20:38:54.0476 0224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:38:54.0476 0224 WdiSystemHost - ok 20:38:54.0507 0224 [ 904E6B97EE970A7EB45BDE63EF07E685 ] WebClient C:\Windows\System32\webclnt.dll 20:38:54.0507 0224 WebClient - ok 20:38:54.0569 0224 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:38:54.0569 0224 Wecsvc - ok 20:38:54.0585 0224 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:38:54.0585 0224 wercplsupport - ok 20:38:54.0601 0224 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 20:38:54.0601 0224 WerSvc - ok 20:38:54.0694 0224 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:38:54.0694 0224 WfpLwf - ok 20:38:54.0694 0224 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:38:54.0710 0224 WIMMount - ok 20:38:54.0757 0224 WinDefend - ok 20:38:54.0772 0224 WinHttpAutoProxySvc - ok 20:38:54.0835 0224 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:38:54.0835 0224 Winmgmt - ok 20:38:54.0959 0224 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll 20:38:54.0991 0224 WinRM - ok 20:38:55.0053 0224 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 20:38:55.0069 0224 Wlansvc - ok 20:38:55.0178 0224 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:38:55.0193 0224 wlidsvc - ok 20:38:55.0209 0224 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 20:38:55.0209 0224 WmiAcpi - ok 20:38:55.0256 0224 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:38:55.0256 0224 wmiApSrv - ok 20:38:55.0271 0224 WMPNetworkSvc - ok 20:38:55.0318 0224 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:38:55.0318 0224 WPCSvc - ok 20:38:55.0365 0224 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:38:55.0365 0224 WPDBusEnum - ok 20:38:55.0396 0224 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:38:55.0412 0224 ws2ifsl - ok 20:38:55.0443 0224 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 20:38:55.0459 0224 wscsvc - ok 20:38:55.0459 0224 WSearch - ok 20:38:55.0552 0224 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 20:38:55.0583 0224 wuauserv - ok 20:38:55.0661 0224 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:38:55.0661 0224 WudfPf - ok 20:38:55.0693 0224 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:38:55.0693 0224 WUDFRd - ok 20:38:55.0724 0224 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:38:55.0724 0224 wudfsvc - ok 20:38:55.0755 0224 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll 20:38:55.0755 0224 WwanSvc - ok 20:38:55.0786 0224 ================ Scan global =============================== 20:38:55.0849 0224 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 20:38:55.0895 0224 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll 20:38:55.0927 0224 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll 20:38:55.0958 0224 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 20:38:56.0036 0224 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 20:38:56.0036 0224 [Global] - ok 20:38:56.0036 0224 ================ Scan MBR ================================== 20:38:56.0051 0224 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 20:38:56.0644 0224 \Device\Harddisk0\DR0 - ok 20:38:56.0644 0224 ================ Scan VBR ================================== 20:38:56.0675 0224 [ 1656F2BD423A6C6D9106112ABA3CDFE4 ] \Device\Harddisk0\DR0\Partition1 20:38:56.0675 0224 \Device\Harddisk0\DR0\Partition1 - ok 20:38:56.0675 0224 ============================================================ 20:38:56.0675 0224 Scan finished 20:38:56.0675 0224 ============================================================ 20:38:56.0707 4456 Detected object count: 0 20:38:56.0707 4456 Actual detected object count: 0
-
Volgens MSE hackTool:win32/keygen nog steeds aanwezig
-
C:\Users\Siem\Downloads\DownloadAcceleratorSetup.exe a variant of Win32/InstallCore.AZ application cleaned by deleting - quarantined C:\Users\Siem\Downloads\SoftonicDownloader_voor_advanced-systemcare.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined
-
Jotti 2 maal uitgeprobeerd. na ca 2 uur uploaden wordt de status "geen bestanden ontvangen" wellicht is bestand install.wim (3,9 GB) te groot voor Jotti
-
Emsisoft Emergency Kit - Versie 3.0 Laatste Update: 15-12-2012 22:10:29 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\ Detecteer riskware: Uit Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 15-12-2012 22:13:14 Gescand 422053 Gevonden 0 Scan geëindigd: 15-12-2012 23:19:39 Scantijd: 1:06:25
-
Hacktool geeft containerfile:C:\Windows\ConfigSetRoot\sources\install.wim file:C:\Windows\ConfigSetRoot\sources\install.wim->\Windows\Setup\scripts\Install\Loader.exe exploit:Java geeft containerfile:\users\Siem\AppData\locallow\Sun\Java\Deployment\cache\6.0\6\592f206-68a4f6fa fileC:\users\Siem\AppData\locallow\Sun\Java\Deployment\cache\6.0\6\592f206-68a4f6fa->interyrtyrtd.class
-
MSE komt met hacktool:win32/keygen en exploit:java/CVE-2012-1723.ZUC tijdens het scannen bovendien een POPUP met mogelijke dreiging gevonden
-
ComboFix 12-12-14.01 - Siem 14-12-2012 21:19:53.2.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2815.1790 [GMT 1:00] Gestart vanuit: c:\users\Siem\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Siem\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Babylon c:\users\Siem\AppData\Roaming\Babylon c:\users\Siem\AppData\Roaming\Babylon\log_file.txt c:\windows\SysWow64\Extensions c:\windows\SysWow64\searchplugins . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-14 to 2012-12-14 )))))))))))))))))))))))))))))) . . 2012-12-14 20:27 . 2012-12-14 20:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-14 20:07 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5F7A05F-3711-4CD4-BD80-3EBE0287F5D7}\mpengine.dll 2012-12-13 08:22 . 2012-12-13 08:22 -------- d-----w- c:\windows\Migration 2012-12-13 08:17 . 2012-08-21 14:20 46080 ----a-w- c:\windows\SysWow64\ncobjapi.dll 2012-12-13 08:17 . 2012-08-21 13:49 58368 ----a-w- c:\windows\system32\ncobjapi.dll 2012-12-13 08:17 . 2012-08-21 13:12 74240 ----a-w- c:\windows\system32\wbem\NCProv.dll 2012-12-13 08:15 . 2012-08-21 14:10 283136 ----a-w- c:\windows\SysWow64\wbem\esscli.dll 2012-12-12 21:33 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-12-12 21:32 . 2012-11-14 06:01 548864 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2012-12-12 20:40 . 2012-12-12 20:40 388096 ----a-r- c:\users\Siem\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-12-12 20:40 . 2012-12-12 20:40 -------- d-----w- c:\program files (x86)\Trend Micro 2012-12-12 20:14 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 20:14 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 20:14 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-12-12 20:14 . 2012-11-05 17:20 100864 ----a-w- c:\windows\system32\fontsub.dll 2012-12-12 20:14 . 2012-11-05 17:18 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-12 20:14 . 2012-11-05 15:26 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2012-12-12 20:14 . 2012-11-05 14:01 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-12 20:14 . 2012-11-05 13:42 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-12 20:14 . 2012-11-05 13:42 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-12 20:06 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-12-09 20:36 . 2012-12-09 20:36 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software 2012-11-29 20:03 . 2012-11-29 20:08 1652 ----a-w- c:\windows\system32\ASOROSet.bin 2012-11-29 19:49 . 2012-11-29 20:20 -------- d-----w- c:\users\Siem\AppData\Roaming\PerformerSoft 2012-11-29 19:48 . 2012-11-29 19:58 -------- d-----w- c:\users\Siem\AppData\Roaming\Systweak 2012-11-29 19:48 . 2012-03-14 14:47 19000 ----a-w- c:\windows\system32\roboot64.exe 2012-11-28 08:32 . 2012-11-28 08:29 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5DB1EB38-9A7F-4A1E-852A-99761485496C}\gapaengine.dll 2012-11-27 20:42 . 2012-11-27 20:42 -------- d-----w- c:\users\Siem\AppData\Roaming\JDownloaderDownloadAcceleratorPackages 2012-11-26 21:25 . 2012-11-28 08:40 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-11-25 20:13 . 2012-11-29 20:13 -------- d-----w- c:\program files (x86)\Panda Security 2012-11-24 17:52 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2012-11-22 08:22 . 2012-11-28 21:15 -------- d-----w- c:\users\Heijndijk 2012-11-21 20:20 . 2012-11-21 20:20 -------- d-----w- c:\users\Siem\AppData\Roaming\AVG2013 2012-11-21 20:18 . 2012-11-21 20:18 -------- d-----w- c:\users\Siem\AppData\Roaming\TuneUp Software 2012-11-21 20:18 . 2012-11-21 20:18 -------- d-----w- C:\$AVG 2012-11-21 20:17 . 2012-11-21 20:48 -------- d-----w- c:\programdata\AVG2013 2012-11-21 20:17 . 2012-11-21 20:17 -------- d-----w- c:\program files (x86)\AVG 2012-11-21 20:14 . 2012-12-14 20:01 -------- d-----w- c:\programdata\MFAData 2012-11-21 20:14 . 2012-11-21 20:22 -------- d-----w- c:\users\Siem\AppData\Local\Avg2013 2012-11-21 20:14 . 2012-11-21 20:14 -------- d--h--w- c:\programdata\Common Files 2012-11-21 20:14 . 2012-11-21 20:14 -------- d-----w- c:\users\Siem\AppData\Local\MFAData 2012-11-21 19:52 . 2012-11-21 20:02 -------- d-----w- c:\users\Siem\AppData\Local\NPE 2012-11-21 19:52 . 2012-11-21 19:52 -------- d-----w- c:\programdata\Norton 2012-11-21 15:51 . 2012-11-21 15:51 -------- d-----w- c:\users\Default\AppData\Roaming\IObit 2012-11-15 08:58 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui 2012-11-15 08:58 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-15 08:58 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-15 08:58 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-15 08:47 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-15 08:47 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-15 08:47 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-15 08:47 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-15 08:47 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-15 08:47 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-15 08:47 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-13 08:03 . 2012-11-08 07:03 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-13 08:03 . 2011-11-18 19:54 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-12 21:35 . 2011-11-18 18:14 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-10-30 22:51 . 2012-11-11 20:16 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 22:51 . 2012-11-11 20:16 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 22:51 . 2012-11-11 19:27 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-30 22:51 . 2012-11-11 20:16 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 22:51 . 2012-11-11 19:26 41224 ------w- c:\windows\avastSS.scr 2012-10-30 22:50 . 2012-11-11 19:26 227648 ------w- c:\windows\SysWow64\aswBoot.exe 2012-10-30 22:50 . 2012-10-24 20:27 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2012-10-16 08:38 . 2012-11-28 08:31 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-28 08:31 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-28 08:31 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-10-12 17:09 . 2012-09-01 17:04 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2012-10-04 16:29 . 2012-12-12 20:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-10-02 19:05 . 2012-08-22 12:30 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-09-29 17:54 . 2012-10-23 18:34 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-21 02:46 . 2012-09-21 02:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-09-21 02:46 . 2012-09-21 02:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-11-18 88960] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-18 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032] S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] . . Inhoud van de 'Gedeelde Taken' map . 2012-12-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 08:03] . 2012-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 20:28] . 2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 20:28] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.nu.nl/ mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 . - - - - ORPHANS VERWIJDERD - - - - . ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:00,46,72,60,1a,b2,cd,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,54,5e,92,49,db,34,4a,4e,a2,28,f0,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,54,5e,92,49,db,34,4a,4e,a2,28,f0,\ . [HKEY_USERS\S-1-5-21-3622012837-1904278003-822444512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3622012837-1904278003-822444512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-14 21:37:36 ComboFix-quarantined-files.txt 2012-12-14 20:37 ComboFix2.txt 2012-12-13 09:51 . Pre-Run: 224.552.681.472 bytes beschikbaar Post-Run: 224.797.343.744 bytes beschikbaar . - - End Of File - - 1A0B4B77AD49E9DC441793A704BFC1BC
-
ComboFix 12-12-12.01 - Siem 13-12-2012 9:52.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2815.1494 [GMT 1:00] Gestart vanuit: c:\users\Siem\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\dsgsdgdsgdsgw.pad . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-13 to 2012-12-13 )))))))))))))))))))))))))))))) . . 2012-12-13 08:22 . 2012-12-13 08:22 -------- d-----w- c:\windows\Migration 2012-12-13 08:17 . 2012-08-21 14:20 46080 ----a-w- c:\windows\SysWow64\ncobjapi.dll 2012-12-13 08:17 . 2012-08-21 13:49 58368 ----a-w- c:\windows\system32\ncobjapi.dll 2012-12-13 08:17 . 2012-08-21 13:12 74240 ----a-w- c:\windows\system32\wbem\NCProv.dll 2012-12-13 08:15 . 2012-08-21 14:10 283136 ----a-w- c:\windows\SysWow64\wbem\esscli.dll 2012-12-12 21:33 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-12-12 21:32 . 2012-11-14 06:01 548864 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2012-12-12 20:40 . 2012-12-12 20:40 388096 ----a-r- c:\users\Siem\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-12-12 20:40 . 2012-12-12 20:40 -------- d-----w- c:\program files (x86)\Trend Micro 2012-12-12 20:14 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 20:14 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 20:14 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-12-12 20:14 . 2012-11-05 17:20 100864 ----a-w- c:\windows\system32\fontsub.dll 2012-12-12 20:14 . 2012-11-05 17:18 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-12 20:14 . 2012-11-05 15:26 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2012-12-12 20:14 . 2012-11-05 14:01 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-12 20:14 . 2012-11-05 13:42 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-12 20:14 . 2012-11-05 13:42 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-12 20:06 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{19D4A1DF-ACD7-4ED2-9CAF-20E182F7108E}\mpengine.dll 2012-12-11 08:35 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-12-09 20:36 . 2012-12-09 20:36 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software 2012-11-29 20:03 . 2012-11-29 20:08 1652 ----a-w- c:\windows\system32\ASOROSet.bin 2012-11-29 19:50 . 2012-11-29 19:50 -------- d-----w- c:\windows\SysWow64\Extensions 2012-11-29 19:50 . 2012-11-29 19:50 -------- d-----w- c:\windows\SysWow64\searchplugins 2012-11-29 19:49 . 2012-11-29 20:20 -------- d-----w- c:\users\Siem\AppData\Roaming\PerformerSoft 2012-11-29 19:48 . 2012-11-29 19:48 -------- d-----w- c:\users\Siem\AppData\Roaming\Babylon 2012-11-29 19:48 . 2012-11-29 19:48 -------- d-----w- c:\programdata\Babylon 2012-11-29 19:48 . 2012-11-29 19:58 -------- d-----w- c:\users\Siem\AppData\Roaming\Systweak 2012-11-29 19:48 . 2012-03-14 14:47 19000 ----a-w- c:\windows\system32\roboot64.exe 2012-11-28 08:32 . 2012-11-28 08:29 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5DB1EB38-9A7F-4A1E-852A-99761485496C}\gapaengine.dll 2012-11-27 20:42 . 2012-11-27 20:42 -------- d-----w- c:\users\Siem\AppData\Roaming\JDownloaderDownloadAcceleratorPackages 2012-11-26 21:25 . 2012-11-28 08:40 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-11-25 20:13 . 2012-11-29 20:13 -------- d-----w- c:\program files (x86)\Panda Security 2012-11-24 17:52 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2012-11-22 08:22 . 2012-11-28 21:15 -------- d-----w- c:\users\Heijndijk 2012-11-21 20:20 . 2012-11-21 20:20 -------- d-----w- c:\users\Siem\AppData\Roaming\AVG2013 2012-11-21 20:18 . 2012-11-21 20:18 -------- d-----w- c:\users\Siem\AppData\Roaming\TuneUp Software 2012-11-21 20:18 . 2012-11-21 20:18 -------- d-----w- C:\$AVG 2012-11-21 20:17 . 2012-11-21 20:48 -------- d-----w- c:\programdata\AVG2013 2012-11-21 20:17 . 2012-11-21 20:17 -------- d-----w- c:\program files (x86)\AVG 2012-11-21 20:14 . 2012-12-13 08:09 -------- d-----w- c:\programdata\MFAData 2012-11-21 20:14 . 2012-11-21 20:22 -------- d-----w- c:\users\Siem\AppData\Local\Avg2013 2012-11-21 20:14 . 2012-11-21 20:14 -------- d--h--w- c:\programdata\Common Files 2012-11-21 20:14 . 2012-11-21 20:14 -------- d-----w- c:\users\Siem\AppData\Local\MFAData 2012-11-21 19:52 . 2012-11-21 20:02 -------- d-----w- c:\users\Siem\AppData\Local\NPE 2012-11-21 19:52 . 2012-11-21 19:52 -------- d-----w- c:\programdata\Norton 2012-11-21 15:51 . 2012-11-21 15:51 -------- d-----w- c:\users\Default\AppData\Roaming\IObit 2012-11-15 08:58 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui 2012-11-15 08:58 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-15 08:58 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-15 08:58 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-15 08:47 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-15 08:47 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-15 08:47 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-15 08:47 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-15 08:47 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-15 08:47 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-15 08:47 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-13 09:42 . 2012-12-13 09:42 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{19D4A1DF-ACD7-4ED2-9CAF-20E182F7108E}\offreg.dll 2012-12-13 08:03 . 2012-11-08 07:03 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-13 08:03 . 2011-11-18 19:54 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-12 21:35 . 2011-11-18 18:14 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-10-30 22:51 . 2012-11-11 20:16 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 22:51 . 2012-11-11 20:16 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 22:51 . 2012-11-11 19:27 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-30 22:51 . 2012-11-11 20:16 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 22:51 . 2012-11-11 19:26 41224 ------w- c:\windows\avastSS.scr 2012-10-30 22:50 . 2012-11-11 19:26 227648 ------w- c:\windows\SysWow64\aswBoot.exe 2012-10-30 22:50 . 2012-10-24 20:27 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2012-10-16 08:38 . 2012-11-28 08:31 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-28 08:31 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-28 08:31 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-10-12 17:09 . 2012-09-01 17:04 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2012-10-04 16:29 . 2012-12-12 20:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-10-02 19:05 . 2012-08-22 12:30 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-09-29 17:54 . 2012-10-23 18:34 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-21 02:46 . 2012-09-21 02:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-09-21 02:46 . 2012-09-21 02:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-11-18 88960] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-18 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032] S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 08:03] . 2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 20:28] . 2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 20:28] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.nu.nl/ mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 . - - - - ORPHANS VERWIJDERD - - - - . ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:00,46,72,60,1a,b2,cd,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,54,5e,92,49,db,34,4a,4e,a2,28,f0,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,54,5e,92,49,db,34,4a,4e,a2,28,f0,\ . [HKEY_USERS\S-1-5-21-3622012837-1904278003-822444512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3622012837-1904278003-822444512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe . ************************************************************************** . Voltooingstijd: 2012-12-13 10:51:23 - machine werd herstart ComboFix-quarantined-files.txt 2012-12-13 09:51 . Pre-Run: 227.122.532.352 bytes beschikbaar Post-Run: 226.592.239.616 bytes beschikbaar . - - End Of File - - D4EE91DCDAF7106D87B6A6040BC80F02
-
ComboFix 12-12-12.01 - Siem 13-12-2012 9:52.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2815.1494 [GMT 1:00] Gestart vanuit: c:\users\Siem\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\dsgsdgdsgdsgw.pad . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-13 to 2012-12-13 )))))))))))))))))))))))))))))) . . 2012-12-13 08:22 . 2012-12-13 08:22 -------- d-----w- c:\windows\Migration 2012-12-13 08:17 . 2012-08-21 14:20 46080 ----a-w- c:\windows\SysWow64\ncobjapi.dll 2012-12-13 08:17 . 2012-08-21 13:49 58368 ----a-w- c:\windows\system32\ncobjapi.dll 2012-12-13 08:17 . 2012-08-21 13:12 74240 ----a-w- c:\windows\system32\wbem\NCProv.dll 2012-12-13 08:15 . 2012-08-21 14:10 283136 ----a-w- c:\windows\SysWow64\wbem\esscli.dll 2012-12-12 21:33 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-12-12 21:32 . 2012-11-14 06:01 548864 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2012-12-12 20:40 . 2012-12-12 20:40 388096 ----a-r- c:\users\Siem\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-12-12 20:40 . 2012-12-12 20:40 -------- d-----w- c:\program files (x86)\Trend Micro 2012-12-12 20:14 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 20:14 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 20:14 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-12-12 20:14 . 2012-11-05 17:20 100864 ----a-w- c:\windows\system32\fontsub.dll 2012-12-12 20:14 . 2012-11-05 17:18 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-12 20:14 . 2012-11-05 15:26 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2012-12-12 20:14 . 2012-11-05 14:01 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-12 20:14 . 2012-11-05 13:42 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-12 20:14 . 2012-11-05 13:42 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-12 20:06 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{19D4A1DF-ACD7-4ED2-9CAF-20E182F7108E}\mpengine.dll 2012-12-11 08:35 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-12-09 20:36 . 2012-12-09 20:36 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software 2012-11-29 20:03 . 2012-11-29 20:08 1652 ----a-w- c:\windows\system32\ASOROSet.bin 2012-11-29 19:50 . 2012-11-29 19:50 -------- d-----w- c:\windows\SysWow64\Extensions 2012-11-29 19:50 . 2012-11-29 19:50 -------- d-----w- c:\windows\SysWow64\searchplugins 2012-11-29 19:49 . 2012-11-29 20:20 -------- d-----w- c:\users\Siem\AppData\Roaming\PerformerSoft 2012-11-29 19:48 . 2012-11-29 19:48 -------- d-----w- c:\users\Siem\AppData\Roaming\Babylon 2012-11-29 19:48 . 2012-11-29 19:48 -------- d-----w- c:\programdata\Babylon 2012-11-29 19:48 . 2012-11-29 19:58 -------- d-----w- c:\users\Siem\AppData\Roaming\Systweak 2012-11-29 19:48 . 2012-03-14 14:47 19000 ----a-w- c:\windows\system32\roboot64.exe 2012-11-28 08:32 . 2012-11-28 08:29 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5DB1EB38-9A7F-4A1E-852A-99761485496C}\gapaengine.dll 2012-11-27 20:42 . 2012-11-27 20:42 -------- d-----w- c:\users\Siem\AppData\Roaming\JDownloaderDownloadAcceleratorPackages 2012-11-26 21:25 . 2012-11-28 08:40 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-11-25 20:13 . 2012-11-29 20:13 -------- d-----w- c:\program files (x86)\Panda Security 2012-11-24 17:52 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2012-11-22 08:22 . 2012-11-28 21:15 -------- d-----w- c:\users\Heijndijk 2012-11-21 20:20 . 2012-11-21 20:20 -------- d-----w- c:\users\Siem\AppData\Roaming\AVG2013 2012-11-21 20:18 . 2012-11-21 20:18 -------- d-----w- c:\users\Siem\AppData\Roaming\TuneUp Software 2012-11-21 20:18 . 2012-11-21 20:18 -------- d-----w- C:\$AVG 2012-11-21 20:17 . 2012-11-21 20:48 -------- d-----w- c:\programdata\AVG2013 2012-11-21 20:17 . 2012-11-21 20:17 -------- d-----w- c:\program files (x86)\AVG 2012-11-21 20:14 . 2012-12-13 08:09 -------- d-----w- c:\programdata\MFAData 2012-11-21 20:14 . 2012-11-21 20:22 -------- d-----w- c:\users\Siem\AppData\Local\Avg2013 2012-11-21 20:14 . 2012-11-21 20:14 -------- d--h--w- c:\programdata\Common Files 2012-11-21 20:14 . 2012-11-21 20:14 -------- d-----w- c:\users\Siem\AppData\Local\MFAData 2012-11-21 19:52 . 2012-11-21 20:02 -------- d-----w- c:\users\Siem\AppData\Local\NPE 2012-11-21 19:52 . 2012-11-21 19:52 -------- d-----w- c:\programdata\Norton 2012-11-21 15:51 . 2012-11-21 15:51 -------- d-----w- c:\users\Default\AppData\Roaming\IObit 2012-11-15 08:58 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui 2012-11-15 08:58 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-15 08:58 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-15 08:58 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-15 08:47 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-15 08:47 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-15 08:47 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-15 08:47 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-15 08:47 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-15 08:47 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-15 08:47 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-13 09:42 . 2012-12-13 09:42 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{19D4A1DF-ACD7-4ED2-9CAF-20E182F7108E}\offreg.dll 2012-12-13 08:03 . 2012-11-08 07:03 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-13 08:03 . 2011-11-18 19:54 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-12 21:35 . 2011-11-18 18:14 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-10-30 22:51 . 2012-11-11 20:16 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 22:51 . 2012-11-11 20:16 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 22:51 . 2012-11-11 19:27 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-30 22:51 . 2012-11-11 20:16 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 22:51 . 2012-11-11 19:26 41224 ------w- c:\windows\avastSS.scr 2012-10-30 22:50 . 2012-11-11 19:26 227648 ------w- c:\windows\SysWow64\aswBoot.exe 2012-10-30 22:50 . 2012-10-24 20:27 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2012-10-16 08:38 . 2012-11-28 08:31 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-28 08:31 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-28 08:31 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-10-12 17:09 . 2012-09-01 17:04 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2012-10-04 16:29 . 2012-12-12 20:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-10-02 19:05 . 2012-08-22 12:30 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-09-29 17:54 . 2012-10-23 18:34 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-21 02:46 . 2012-09-21 02:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-09-21 02:46 . 2012-09-21 02:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-11-18 88960] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-18 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032] S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 08:03] . 2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 20:28] . 2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 20:28] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.nu.nl/ mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 . - - - - ORPHANS VERWIJDERD - - - - . ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:00,46,72,60,1a,b2,cd,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,54,5e,92,49,db,34,4a,4e,a2,28,f0,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,54,5e,92,49,db,34,4a,4e,a2,28,f0,\ . [HKEY_USERS\S-1-5-21-3622012837-1904278003-822444512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3622012837-1904278003-822444512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe . ************************************************************************** . Voltooingstijd: 2012-12-13 10:51:23 - machine werd herstart ComboFix-quarantined-files.txt 2012-12-13 09:51 . Pre-Run: 227.122.532.352 bytes beschikbaar Post-Run: 226.592.239.616 bytes beschikbaar . - - End Of File - - D4EE91DCDAF7106D87B6A6040BC80F02
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:47:12, on 12-12-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\RocketDock\RocketDock.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user') O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\25911~1.18\{c16c1~1\mngr.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7442 bytes
