Trojaans paard verwijderen

Javer · 16 juli 2012

De temp-map kan niet volledig leeg gemaakt worden. De volgende twee mappen kunnen niet verwijderd worden en ook de afzonderlijk bestanden niet. Ook na opnieuw opstarten kunnen ze niet verwijderd worden (melding toegang geweigerd omdat de bestanden misschien in gebruik zijn). In de mappen zitten allemaal random- bestanden van 14 juli 20.34u en 20.47u.

C:\Documents and Settings\Jack Verhoeven\Local Settings\temp\540A78DB-863C29B9-12C4A2DB-89DF9F15

C:\Documents and Settings\Jack Verhoeven\Local Settings\temp\697328BF-456ABC57-4933C4A4-4F0B27CD

Het scannen met AVG geeft hetzelfde resultaat als aan het begin van ons project. Dus alle besmettingen zijn nog aanwezig:

"";"C:\WINDOWS\system32\winlogon.exe (1248)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (2728)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (1628)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (1508)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\explorer.exe (844)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\winlogon.exe (1248):\memory_012b0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (2728):\memory_00c70000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (1628):\memory_016e0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (1508):\memory_00ac0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\explorer.exe (844):\memory_01aa0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

kape · 16 juli 2012

Download AdwCleaner by Xplode naar je Bureaublad.

Sluit alle openstaande vensters
Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
Klik vervolgens op Delete
Klik bij AdwCleaner – Information op OK
Klik bij AdwCleaner – Restart Required op OK

Alle icoontjes verdwijnen van het Bureaublad, Dit is normaal

Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt ) post de inhoud hier in een volgende bericht.

Javer · 16 juli 2012

Beste kape,

Of de aktie goed heeft gewerkt weet ik niet. Ik kon alleen kiezen voor scan en niet voor scannen als Administrator. Vevolgens bij de "delete"-aktie onderbrak AVG de operatie en is adwcleaner.exe in quarantaine geplaatst. Opnieuw downloaden lukte niet. Na opstarten van de pc lukte dat wel. Opnieuw instructies uitgevoerd en AVG geen bestanden in quarantaine laten zetten. De logfile volgt hieronder. In de temp-map zitten nog steeds mappen die niet verwijderd of geleegd kunnen worden. Volgens mij komen er steeds meer bestanden in mijn computer die ik niet kan openen of verwijderen. Verder vertelt een AVG-scan dat het aantal trojaanse paarden is toegenomen van 10 naar 12. Hieronder volgt de info:

# AdwCleaner v1.702 - Logfile created 07/16/2012 at 21:02:10

# Updated 13/07/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : Jack Verhoeven - JACOBUS

# Running from : C:\Documents and Settings\Jack Verhoeven\Bureaublad\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Registre - GUID] *****

***** [internet Browsers] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.11 (nl)

Profile name : default

File : C:\Documents and Settings\Jack Verhoeven\Application Data\Mozilla\Firefox\Profiles\qvxjrmah.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R3].txt - [890 octets] - [16/07/2012 21:01:49]

AdwCleaner[s2].txt - [822 octets] - [16/07/2012 21:02:10]

########## EOF - C:\AdwCleaner[s2].txt - [949 octets] ##########

=================================================================

AVG-scan:

"";"C:\WINDOWS\system32\winlogon.exe (1252)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (2684)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (1632)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (1520)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\explorer.exe (128)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\Program Files\Internet Explorer\iexplore.exe (3728)";"Trojaans paard PSW.Agent.ARJV";"Verwijderd"

"";"C:\WINDOWS\system32\winlogon.exe (1252):\memory_013c0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (2684):\memory_00c70000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (1632):\memory_01760000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (1520):\memory_00ac0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\explorer.exe (128):\memory_02030000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\Program Files\Internet Explorer\iexplore.exe (3728):\memory_03b60000";"Trojaans paard PSW.Agent.ARJV";"Geïnfecteerd"

kape · 17 juli 2012

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Javer · 17 juli 2012

10:42:05.0817 3096 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11

10:42:06.0020 3096 ============================================================

10:42:06.0020 3096 Current date / time: 2012/07/17 10:42:06.0020

10:42:06.0020 3096 SystemInfo:

10:42:06.0020 3096

10:42:06.0020 3096 OS Version: 5.1.2600 ServicePack: 3.0

10:42:06.0020 3096 Product type: Workstation

10:42:06.0020 3096 ComputerName: JACOBUS

10:42:06.0020 3096 UserName: Jack Verhoeven

10:42:06.0020 3096 Windows directory: C:\WINDOWS

10:42:06.0020 3096 System windows directory: C:\WINDOWS

10:42:06.0020 3096 Processor architecture: Intel x86

10:42:06.0020 3096 Number of processors: 2

10:42:06.0020 3096 Page size: 0x1000

10:42:06.0020 3096 Boot type: Normal boot

10:42:06.0020 3096 ============================================================

10:42:08.0239 3096 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

10:42:08.0239 3096 ============================================================

10:42:08.0239 3096 \Device\Harddisk0\DR0:

10:42:08.0239 3096 MBR partitions:

10:42:08.0239 3096 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x143B000, BlocksNum 0x23FF3000

10:42:08.0239 3096 ============================================================

10:42:08.0270 3096 C: <-> \Device\Harddisk0\DR0\Partition0

10:42:08.0270 3096 ============================================================

10:42:08.0270 3096 Initialize success

10:42:08.0270 3096 ============================================================

10:42:41.0624 3312 ============================================================

10:42:41.0624 3312 Scan started

10:42:41.0624 3312 Mode: Manual;

10:42:41.0624 3312 ============================================================

10:42:42.0405 3312 6to4 (31637cf039dd52468238de4a06630d90) C:\WINDOWS\System32\6to4svc.dll

10:42:42.0405 3312 6to4 - ok

10:42:42.0546 3312 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Documents and Settings\Jack Verhoeven\Bureaublad\EmsisoftEmergencyKit\Run\a2ddax86.sys

10:42:42.0546 3312 A2DDA - ok

10:42:42.0562 3312 Abiosdsk - ok

10:42:42.0593 3312 abp480n5 - ok

10:42:42.0640 3312 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

10:42:42.0640 3312 ACPI - ok

10:42:42.0671 3312 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

10:42:42.0671 3312 ACPIEC - ok

10:42:42.0702 3312 adpu160m - ok

10:42:42.0765 3312 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

10:42:42.0765 3312 aec - ok

10:42:42.0827 3312 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

10:42:42.0843 3312 AFD - ok

10:42:42.0905 3312 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys

10:42:42.0905 3312 AFS2K - ok

10:42:42.0921 3312 Aha154x - ok

10:42:42.0952 3312 aic78u2 - ok

10:42:42.0968 3312 aic78xx - ok

10:42:43.0030 3312 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll

10:42:43.0030 3312 Alerter - ok

10:42:43.0077 3312 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe

10:42:43.0077 3312 ALG - ok

10:42:43.0093 3312 AliIde - ok

10:42:43.0124 3312 amsint - ok

10:42:43.0171 3312 AppMgmt (434a70fa278eb3c42140e3755c2fa4f8) C:\WINDOWS\System32\appmgmts.dll

10:42:43.0187 3312 AppMgmt - ok

10:42:43.0218 3312 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

10:42:43.0233 3312 Arp1394 - ok

10:42:43.0249 3312 asc - ok

10:42:43.0265 3312 asc3350p - ok

10:42:43.0296 3312 asc3550 - ok

10:42:43.0468 3312 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

10:42:43.0468 3312 aspnet_state - ok

10:42:43.0515 3312 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

10:42:43.0515 3312 AsyncMac - ok

10:42:43.0546 3312 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

10:42:43.0546 3312 atapi - ok

10:42:43.0562 3312 Atdisk - ok

10:42:43.0624 3312 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

10:42:43.0624 3312 Atmarpc - ok

10:42:43.0671 3312 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll

10:42:43.0671 3312 AudioSrv - ok

10:42:43.0702 3312 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

10:42:43.0702 3312 audstub - ok

10:42:44.0124 3312 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

10:42:44.0202 3312 AVGIDSAgent - ok

10:42:44.0327 3312 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

10:42:44.0327 3312 AVGIDSDriver - ok

10:42:44.0343 3312 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

10:42:44.0358 3312 AVGIDSEH - ok

10:42:44.0390 3312 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

10:42:44.0390 3312 AVGIDSFilter - ok

10:42:44.0405 3312 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

10:42:44.0421 3312 AVGIDSShim - ok

10:42:44.0468 3312 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

10:42:44.0468 3312 Avgldx86 - ok

10:42:44.0499 3312 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

10:42:44.0499 3312 Avgmfx86 - ok

10:42:44.0530 3312 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

10:42:44.0530 3312 Avgrkx86 - ok

10:42:44.0593 3312 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

10:42:44.0608 3312 Avgtdix - ok

10:42:44.0827 3312 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

10:42:44.0827 3312 avgwd - ok

10:42:44.0999 3312 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

10:42:45.0030 3312 BCM43XX - ok

10:42:45.0077 3312 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

10:42:45.0077 3312 Beep - ok

10:42:45.0171 3312 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll

10:42:45.0171 3312 BITS - ok

10:42:45.0233 3312 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll

10:42:45.0233 3312 Browser - ok

10:42:45.0264 3312 catchme - ok

10:42:45.0358 3312 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

10:42:45.0358 3312 cbidf2k - ok

10:42:45.0421 3312 cd20xrnt - ok

10:42:45.0452 3312 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

10:42:45.0452 3312 Cdaudio - ok

10:42:45.0483 3312 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

10:42:45.0483 3312 Cdfs - ok

10:42:45.0530 3312 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

10:42:45.0530 3312 Cdrom - ok

10:42:45.0546 3312 Changer - ok

10:42:45.0593 3312 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe

10:42:45.0593 3312 CiSvc - ok

10:42:45.0608 3312 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe

10:42:45.0624 3312 ClipSrv - ok

10:42:45.0702 3312 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:42:45.0702 3312 clr_optimization_v2.0.50727_32 - ok

10:42:45.0749 3312 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

10:42:45.0764 3312 CmBatt - ok

10:42:45.0780 3312 CmdIde - ok

10:42:45.0796 3312 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

10:42:45.0796 3312 Compbatt - ok

10:42:45.0827 3312 COMSysApp - ok

10:42:45.0889 3312 Cpqarray - ok

10:42:45.0936 3312 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll

10:42:45.0936 3312 CryptSvc - ok

10:42:45.0952 3312 dac2w2k - ok

10:42:45.0983 3312 dac960nt - ok

10:42:46.0061 3312 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

10:42:46.0077 3312 DcomLaunch - ok

10:42:46.0092 3312 DgiVecp - ok

10:42:46.0155 3312 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll

10:42:46.0155 3312 Dhcp - ok

10:42:46.0171 3312 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

10:42:46.0171 3312 Disk - ok

10:42:46.0202 3312 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS

10:42:46.0202 3312 DLABMFSM - ok

10:42:46.0233 3312 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS

10:42:46.0233 3312 DLABOIOM - ok

10:42:46.0264 3312 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

10:42:46.0264 3312 DLACDBHM - ok

10:42:46.0296 3312 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS

10:42:46.0296 3312 DLADResM - ok

10:42:46.0327 3312 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS

10:42:46.0327 3312 DLAIFS_M - ok

10:42:46.0342 3312 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS

10:42:46.0358 3312 DLAOPIOM - ok

10:42:46.0374 3312 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS

10:42:46.0374 3312 DLAPoolM - ok

10:42:46.0405 3312 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

10:42:46.0405 3312 DLARTL_M - ok

10:42:46.0452 3312 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS

10:42:46.0452 3312 DLAUDFAM - ok

10:42:46.0467 3312 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS

10:42:46.0483 3312 DLAUDF_M - ok

10:42:46.0499 3312 dmadmin - ok

10:42:46.0608 3312 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys

10:42:46.0624 3312 dmboot - ok

10:42:46.0639 3312 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys

10:42:46.0639 3312 dmio - ok

10:42:46.0671 3312 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

10:42:46.0671 3312 dmload - ok

10:42:46.0717 3312 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll

10:42:46.0717 3312 dmserver - ok

10:42:46.0764 3312 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

10:42:46.0764 3312 DMusic - ok

10:42:46.0811 3312 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll

10:42:46.0811 3312 Dnscache - ok

10:42:46.0858 3312 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll

10:42:46.0858 3312 Dot3svc - ok

10:42:46.0874 3312 dpti2o - ok

10:42:46.0905 3312 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

10:42:46.0905 3312 drmkaud - ok

10:42:46.0952 3312 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

10:42:46.0952 3312 DRVMCDB - ok

10:42:46.0983 3312 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

10:42:46.0983 3312 DRVNDDM - ok

10:42:47.0014 3312 DwProt (6c5abe3c6d8adc67a988a0c3f68fac24) C:\WINDOWS\system32\drivers\dwprot.sys

10:42:47.0014 3312 DwProt - ok

10:42:47.0045 3312 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll

10:42:47.0045 3312 EapHost - ok

10:42:47.0092 3312 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll

10:42:47.0092 3312 ERSvc - ok

10:42:47.0155 3312 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

10:42:47.0155 3312 Eventlog - ok

10:42:47.0217 3312 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll

10:42:47.0217 3312 EventSystem - ok

10:42:47.0249 3312 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

10:42:47.0249 3312 Fastfat - ok

10:42:47.0295 3312 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

10:42:47.0295 3312 FastUserSwitchingCompatibility - ok

10:42:47.0311 3312 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

10:42:47.0327 3312 Fdc - ok

10:42:47.0342 3312 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys

10:42:47.0358 3312 Fips - ok

10:42:47.0374 3312 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

10:42:47.0374 3312 Flpydisk - ok

10:42:47.0436 3312 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

10:42:47.0436 3312 FltMgr - ok

10:42:47.0577 3312 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

10:42:47.0577 3312 FontCache3.0.0.0 - ok

10:42:47.0608 3312 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

10:42:47.0624 3312 Fs_Rec - ok

10:42:47.0670 3312 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

10:42:47.0670 3312 Ftdisk - ok

10:42:47.0717 3312 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

10:42:47.0733 3312 Gpc - ok

10:42:47.0780 3312 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

10:42:47.0780 3312 HDAudBus - ok

10:42:47.0858 3312 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

10:42:47.0858 3312 helpsvc - ok

10:42:47.0873 3312 HidServ - ok

10:42:47.0936 3312 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

10:42:47.0936 3312 hidusb - ok

10:42:47.0967 3312 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll

10:42:47.0983 3312 hkmsvc - ok

10:42:47.0998 3312 hpn - ok

10:42:48.0077 3312 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

10:42:48.0077 3312 HTTP - ok

10:42:48.0139 3312 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll

10:42:48.0139 3312 HTTPFilter - ok

10:42:48.0155 3312 i2omgmt - ok

10:42:48.0202 3312 i2omp - ok

10:42:48.0248 3312 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

10:42:48.0248 3312 i8042prt - ok

10:42:48.0358 3312 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

10:42:48.0358 3312 IDriverT - ok

10:42:48.0483 3312 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

10:42:48.0483 3312 idsvc - ok

10:42:48.0577 3312 IISADMIN (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe

10:42:48.0577 3312 IISADMIN - ok

10:42:48.0623 3312 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

10:42:48.0623 3312 Imapi - ok

10:42:48.0686 3312 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe

10:42:48.0686 3312 ImapiService - ok

10:42:48.0733 3312 ini910u - ok

10:42:49.0139 3312 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys

10:42:49.0233 3312 IntcAzAudAddService - ok

10:42:49.0311 3312 IntelIde - ok

10:42:49.0405 3312 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys

10:42:49.0405 3312 intelppm - ok

10:42:49.0467 3312 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

10:42:49.0467 3312 Ip6Fw - ok

10:42:49.0530 3312 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

10:42:49.0530 3312 IpFilterDriver - ok

10:42:49.0561 3312 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

10:42:49.0561 3312 IpInIp - ok

10:42:49.0608 3312 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

10:42:49.0623 3312 IpNat - ok

10:42:49.0670 3312 Iprip (fe06330a5659b692b616a5f8c9c493a0) C:\WINDOWS\System32\iprip.dll

10:42:49.0670 3312 Iprip - ok

10:42:49.0701 3312 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

10:42:49.0701 3312 IPSec - ok

10:42:49.0717 3312 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

10:42:49.0717 3312 IRENUM - ok

10:42:49.0795 3312 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys

10:42:49.0795 3312 isapnp - ok

10:42:49.0889 3312 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe

10:42:49.0889 3312 JavaQuickStarterService - ok

10:42:49.0920 3312 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

10:42:49.0920 3312 Kbdclass - ok

10:42:49.0983 3312 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

10:42:49.0983 3312 kmixer - ok

10:42:50.0014 3312 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

10:42:50.0014 3312 KSecDD - ok

10:42:50.0076 3312 LanmanServer (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll

10:42:50.0076 3312 LanmanServer - ok

10:42:50.0154 3312 LanmanWorkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll

10:42:50.0154 3312 LanmanWorkstation - ok

10:42:50.0170 3312 lbrtfdc - ok

10:42:50.0264 3312 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll

10:42:50.0264 3312 LmHosts - ok

10:42:50.0311 3312 LPDSVC (46d8aad86cf13a292900e4b2efa7aafa) C:\WINDOWS\system32\tcpsvcs.exe

10:42:50.0311 3312 LPDSVC - ok

10:42:50.0358 3312 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll

10:42:50.0358 3312 Messenger - ok

10:42:50.0389 3312 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

10:42:50.0404 3312 mnmdd - ok

10:42:50.0436 3312 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe

10:42:50.0436 3312 mnmsrvc - ok

10:42:50.0483 3312 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys

10:42:50.0483 3312 Modem - ok

10:42:50.0529 3312 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys

10:42:50.0529 3312 Mouclass - ok

10:42:50.0545 3312 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

10:42:50.0545 3312 mouhid - ok

10:42:50.0576 3312 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

10:42:50.0576 3312 MountMgr - ok

10:42:50.0592 3312 mraid35x - ok

10:42:50.0670 3312 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

10:42:50.0670 3312 MRxDAV - ok

10:42:50.0732 3312 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

10:42:50.0732 3312 MRxSmb - ok

10:42:50.0779 3312 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe

10:42:50.0779 3312 MSDTC - ok

10:42:50.0811 3312 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

10:42:50.0811 3312 Msfs - ok

10:42:50.0842 3312 MSIServer - ok

10:42:50.0889 3312 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

10:42:50.0889 3312 MSKSSRV - ok

10:42:50.0904 3312 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

10:42:50.0904 3312 MSPCLOCK - ok

10:42:50.0936 3312 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

10:42:50.0936 3312 MSPQM - ok

10:42:50.0982 3312 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

10:42:50.0982 3312 mssmbios - ok

10:42:51.0014 3312 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

10:42:51.0029 3312 Mup - ok

10:42:51.0076 3312 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll

10:42:51.0092 3312 napagent - ok

10:42:51.0123 3312 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

10:42:51.0139 3312 NDIS - ok

10:42:51.0186 3312 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

10:42:51.0186 3312 NdisTapi - ok

10:42:51.0217 3312 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

10:42:51.0217 3312 Ndisuio - ok

10:42:51.0232 3312 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

10:42:51.0232 3312 NdisWan - ok

10:42:51.0264 3312 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

10:42:51.0295 3312 NDProxy - ok

10:42:51.0311 3312 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

10:42:51.0311 3312 NetBIOS - ok

10:42:51.0373 3312 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

10:42:51.0389 3312 NetBT - ok

10:42:51.0420 3312 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

10:42:51.0420 3312 NetDDE - ok

10:42:51.0436 3312 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

10:42:51.0436 3312 NetDDEdsdm - ok

10:42:51.0482 3312 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:42:51.0482 3312 Netlogon - ok

10:42:51.0529 3312 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll

10:42:51.0529 3312 Netman - ok

10:42:51.0639 3312 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:42:51.0639 3312 NetTcpPortSharing - ok

10:42:51.0685 3312 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

10:42:51.0685 3312 NIC1394 - ok

10:42:51.0748 3312 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll

10:42:51.0748 3312 Nla - ok

10:42:51.0795 3312 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

10:42:51.0795 3312 Npfs - ok

10:42:51.0857 3312 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

10:42:51.0857 3312 Ntfs - ok

10:42:51.0889 3312 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:42:51.0904 3312 NtLmSsp - ok

10:42:51.0951 3312 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll

10:42:51.0951 3312 NtmsSvc - ok

10:42:51.0998 3312 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

10:42:51.0998 3312 Null - ok

10:42:52.0014 3312 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

10:42:52.0014 3312 NwlnkFlt - ok

10:42:52.0045 3312 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

10:42:52.0045 3312 NwlnkFwd - ok

10:42:52.0076 3312 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

10:42:52.0092 3312 ohci1394 - ok

10:42:52.0107 3312 OMCI - ok

10:42:52.0170 3312 p2pgasvc (d09e8b4fe927b55059e82d8b9a7780db) C:\WINDOWS\system32\p2pgasvc.dll

10:42:52.0170 3312 p2pgasvc - ok

10:42:52.0217 3312 p2pimsvc (a8a02a2d752ce14099fb06270adb954b) C:\WINDOWS\system32\p2psvc.dll

10:42:52.0232 3312 p2pimsvc - ok

10:42:52.0248 3312 p2psvc (a8a02a2d752ce14099fb06270adb954b) C:\WINDOWS\system32\p2psvc.dll

10:42:52.0248 3312 p2psvc - ok

10:42:52.0310 3312 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\drivers\Parport.sys

10:42:52.0310 3312 Parport - ok

10:42:52.0326 3312 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

10:42:52.0326 3312 PartMgr - ok

10:42:52.0388 3312 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

10:42:52.0388 3312 ParVdm - ok

10:42:52.0404 3312 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys

10:42:52.0404 3312 PCI - ok

10:42:52.0435 3312 PCIDump - ok

10:42:52.0467 3312 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

10:42:52.0467 3312 PCIIde - ok

10:42:52.0513 3312 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys

10:42:52.0513 3312 Pcmcia - ok

10:42:52.0529 3312 PDCOMP - ok

10:42:52.0560 3312 PDFRAME - ok

10:42:52.0592 3312 PDRELI - ok

10:42:52.0623 3312 PDRFRAME - ok

10:42:52.0654 3312 perc2 - ok

10:42:52.0685 3312 perc2hib - ok

10:42:52.0795 3312 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

10:42:52.0795 3312 PlugPlay - ok

10:42:52.0810 3312 PNRPSvc (a8a02a2d752ce14099fb06270adb954b) C:\WINDOWS\system32\p2psvc.dll

10:42:52.0826 3312 PNRPSvc - ok

10:42:52.0842 3312 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:42:52.0857 3312 PolicyAgent - ok

10:42:52.0920 3312 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

10:42:52.0920 3312 PptpMiniport - ok

10:42:52.0935 3312 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:42:52.0935 3312 ProtectedStorage - ok

10:42:52.0967 3312 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

10:42:52.0967 3312 PSched - ok

10:42:52.0998 3312 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

10:42:52.0998 3312 Ptilink - ok

10:42:53.0029 3312 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys

10:42:53.0029 3312 PxHelp20 - ok

10:42:53.0060 3312 ql1080 - ok

10:42:53.0092 3312 Ql10wnt - ok

10:42:53.0107 3312 ql12160 - ok

10:42:53.0138 3312 ql1240 - ok

10:42:53.0170 3312 ql1280 - ok

10:42:53.0217 3312 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

10:42:53.0217 3312 RasAcd - ok

10:42:53.0263 3312 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll

10:42:53.0263 3312 RasAuto - ok

10:42:53.0279 3312 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

10:42:53.0279 3312 Rasl2tp - ok

10:42:53.0326 3312 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll

10:42:53.0341 3312 RasMan - ok

10:42:53.0357 3312 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

10:42:53.0357 3312 RasPppoe - ok

10:42:53.0388 3312 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

10:42:53.0388 3312 Raspti - ok

10:42:53.0451 3312 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

10:42:53.0451 3312 Rdbss - ok

10:42:53.0466 3312 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

10:42:53.0466 3312 RDPCDD - ok

10:42:53.0529 3312 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

10:42:53.0529 3312 rdpdr - ok

10:42:53.0591 3312 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

10:42:53.0607 3312 RDPWD - ok

10:42:53.0670 3312 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe

10:42:53.0670 3312 RDSessMgr - ok

10:42:53.0701 3312 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys

10:42:53.0701 3312 redbook - ok

10:42:53.0748 3312 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll

10:42:53.0748 3312 RemoteAccess - ok

10:42:53.0779 3312 RemoteRegistry (2fd5b89bf9289c774c5c730dea96cd91) C:\WINDOWS\system32\regsvc.dll

10:42:53.0795 3312 RemoteRegistry - ok

10:42:53.0826 3312 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe

10:42:53.0826 3312 RpcLocator - ok

10:42:53.0888 3312 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\System32\rpcss.dll

10:42:53.0888 3312 RpcSs - ok

10:42:53.0935 3312 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe

10:42:53.0935 3312 RSVP - ok

10:42:53.0982 3312 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

10:42:53.0982 3312 RTLE8023xp - ok

10:42:54.0013 3312 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:42:54.0013 3312 SamSs - ok

10:42:54.0060 3312 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe

10:42:54.0060 3312 SCardSvr - ok

10:42:54.0123 3312 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll

10:42:54.0138 3312 Schedule - ok

10:42:54.0154 3312 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

10:42:54.0154 3312 sdbus - ok

10:42:54.0201 3312 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

10:42:54.0201 3312 Secdrv - ok

10:42:54.0232 3312 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll

10:42:54.0248 3312 seclogon - ok

10:42:54.0263 3312 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll

10:42:54.0279 3312 SENS - ok

10:42:54.0310 3312 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys

10:42:54.0310 3312 Serial - ok

10:42:54.0373 3312 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys

10:42:54.0388 3312 sffdisk - ok

10:42:54.0404 3312 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys

10:42:54.0404 3312 sffp_sd - ok

10:42:54.0435 3312 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

10:42:54.0435 3312 Sfloppy - ok

10:42:54.0513 3312 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll

10:42:54.0513 3312 SharedAccess - ok

10:42:54.0576 3312 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

10:42:54.0576 3312 ShellHWDetection - ok

10:42:54.0591 3312 Simbad - ok

10:42:54.0638 3312 SimpTcp (46d8aad86cf13a292900e4b2efa7aafa) C:\WINDOWS\system32\tcpsvcs.exe

10:42:54.0638 3312 SimpTcp - ok

10:42:54.0748 3312 SMTPSVC (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe

10:42:54.0748 3312 SMTPSVC - ok

10:42:54.0794 3312 SNMP (395baf8ea14e8c14a2a9eedd13fc8ba0) C:\WINDOWS\System32\snmp.exe

10:42:54.0794 3312 SNMP - ok

10:42:54.0826 3312 SNMPTRAP (f2927de8adc20282835347c22ac31d8a) C:\WINDOWS\System32\snmptrap.exe

10:42:54.0826 3312 SNMPTRAP - ok

10:42:54.0841 3312 Sparrow - ok

10:42:54.0888 3312 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

10:42:54.0888 3312 splitter - ok

10:42:54.0935 3312 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

10:42:54.0951 3312 Spooler - ok

10:42:54.0982 3312 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys

10:42:54.0998 3312 sr - ok

10:42:55.0029 3312 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll

10:42:55.0029 3312 srservice - ok

10:42:55.0076 3312 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

10:42:55.0091 3312 Srv - ok

10:42:55.0123 3312 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll

10:42:55.0123 3312 SSDPSRV - ok

10:42:55.0138 3312 SSPORT - ok

10:42:55.0216 3312 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll

10:42:55.0216 3312 stisvc - ok

10:42:55.0357 3312 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

10:42:55.0357 3312 stllssvr - ok

10:42:55.0404 3312 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

10:42:55.0404 3312 swenum - ok

10:42:55.0451 3312 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

10:42:55.0451 3312 swmidi - ok

10:42:55.0466 3312 SwPrv - ok

10:42:55.0497 3312 symc810 - ok

10:42:55.0529 3312 symc8xx - ok

10:42:55.0560 3312 sym_hi - ok

10:42:55.0591 3312 sym_u3 - ok

10:42:55.0638 3312 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

10:42:55.0638 3312 sysaudio - ok

10:42:55.0685 3312 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe

10:42:55.0685 3312 SysmonLog - ok

10:42:55.0716 3312 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll

10:42:55.0732 3312 TapiSrv - ok

10:42:55.0794 3312 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

10:42:55.0794 3312 Tcpip - ok

10:42:55.0841 3312 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys

10:42:55.0841 3312 Tcpip6 - ok

10:42:55.0888 3312 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

10:42:55.0888 3312 TDPIPE - ok

10:42:55.0935 3312 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

10:42:55.0935 3312 TDTCP - ok

10:42:55.0951 3312 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

10:42:55.0951 3312 TermDD - ok

10:42:55.0997 3312 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll

10:42:56.0013 3312 TermService - ok

10:42:56.0060 3312 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

10:42:56.0060 3312 Themes - ok

10:42:56.0091 3312 TlntSvr (78a2fe13662a119875f10e9ffcb49a8f) C:\WINDOWS\system32\tlntsvr.exe

10:42:56.0107 3312 TlntSvr - ok

10:42:56.0122 3312 TosIde - ok

10:42:56.0200 3312 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll

10:42:56.0200 3312 TrkWks - ok

10:42:56.0247 3312 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys

10:42:56.0247 3312 tunmp - ok

10:42:56.0279 3312 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

10:42:56.0279 3312 Udfs - ok

10:42:56.0294 3312 ultra - ok

10:42:56.0372 3312 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

10:42:56.0388 3312 Update - ok

10:42:56.0450 3312 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll

10:42:56.0450 3312 upnphost - ok

10:42:56.0513 3312 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe

10:42:56.0513 3312 UPS - ok

10:42:56.0544 3312 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

10:42:56.0544 3312 usbccgp - ok

10:42:56.0575 3312 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

10:42:56.0575 3312 usbehci - ok

10:42:56.0591 3312 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

10:42:56.0607 3312 usbhub - ok

10:42:56.0638 3312 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

10:42:56.0638 3312 usbprint - ok

10:42:56.0654 3312 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

10:42:56.0669 3312 usbscan - ok

10:42:56.0716 3312 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

10:42:56.0716 3312 USBSTOR - ok

10:42:56.0763 3312 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

10:42:56.0763 3312 usbuhci - ok

10:42:56.0779 3312 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

10:42:56.0779 3312 VgaSave - ok

10:42:56.0810 3312 ViaIde - ok

10:42:56.0841 3312 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys

10:42:56.0841 3312 VolSnap - ok

10:42:56.0919 3312 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe

10:42:56.0919 3312 VSS - ok

10:42:56.0966 3312 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll

10:42:56.0966 3312 W32Time - ok

10:42:57.0122 3312 W3SVC (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe

10:42:57.0122 3312 W3SVC - ok

10:42:57.0138 3312 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

10:42:57.0153 3312 Wanarp - ok

10:42:57.0169 3312 WDICA - ok

10:42:57.0310 3312 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

10:42:57.0310 3312 wdmaud - ok

10:42:57.0403 3312 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll

10:42:57.0419 3312 WebClient - ok

10:42:57.0794 3312 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll

10:42:57.0794 3312 winmgmt - ok

10:42:57.0857 3312 wltrysvc - ok

10:42:57.0888 3312 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll

10:42:57.0888 3312 WmdmPmSN - ok

10:42:57.0981 3312 Wmi (93f8eb8c7cd4e325ec92edbfc545103d) C:\WINDOWS\System32\advapi32.dll

10:42:57.0997 3312 Wmi - ok

10:42:58.0044 3312 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

10:42:58.0044 3312 WmiAcpi - ok

10:42:58.0106 3312 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe

10:42:58.0122 3312 WmiApSrv - ok

10:42:58.0294 3312 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe

10:42:58.0325 3312 WMPNetworkSvc - ok

10:42:58.0356 3312 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

10:42:58.0356 3312 WS2IFSL - ok

10:42:58.0419 3312 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll

10:42:58.0419 3312 wscsvc - ok

10:42:58.0466 3312 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll

10:42:58.0466 3312 wuauserv - ok

10:42:58.0497 3312 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

10:42:58.0497 3312 WudfPf - ok

10:42:58.0528 3312 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

10:42:58.0528 3312 WudfRd - ok

10:42:58.0560 3312 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

10:42:58.0575 3312 WudfSvc - ok

10:42:58.0638 3312 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll

10:42:58.0653 3312 WZCSVC - ok

10:42:58.0669 3312 xcpip - ok

10:42:58.0716 3312 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll

10:42:58.0731 3312 xmlprov - ok

10:42:58.0747 3312 xpsec - ok

10:42:58.0872 3312 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0

10:42:58.0872 3312 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

10:42:58.0872 3312 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

10:42:58.0903 3312 Boot (0x1200) (9d718fc77fb037147da2b240fbcd7b41) \Device\Harddisk0\DR0\Partition0

10:42:58.0903 3312 \Device\Harddisk0\DR0\Partition0 - ok

10:42:58.0903 3312 ============================================================

10:42:58.0903 3312 Scan finished

10:42:58.0903 3312 ============================================================

10:42:58.0950 3240 Detected object count: 1

10:42:58.0950 3240 Actual detected object count: 1

10:44:45.0670 3240 \Device\Harddisk0\DR0\# - copied to quarantine

10:44:45.0670 3240 \Device\Harddisk0\DR0 - copied to quarantine

10:44:45.0670 3240 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Quarantine

10:44:59.0325 3440 ============================================================

10:44:59.0325 3440 Scan started

10:44:59.0325 3440 Mode: Manual;

10:44:59.0325 3440 ============================================================

10:45:00.0012 3440 6to4 (31637cf039dd52468238de4a06630d90) C:\WINDOWS\System32\6to4svc.dll

10:45:00.0012 3440 6to4 - ok

10:45:00.0074 3440 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Documents and Settings\Jack Verhoeven\Bureaublad\EmsisoftEmergencyKit\Run\a2ddax86.sys

10:45:00.0074 3440 A2DDA - ok

10:45:00.0090 3440 Abiosdsk - ok

10:45:00.0121 3440 abp480n5 - ok

10:45:00.0184 3440 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

10:45:00.0184 3440 ACPI - ok

10:45:00.0199 3440 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

10:45:00.0199 3440 ACPIEC - ok

10:45:00.0231 3440 adpu160m - ok

10:45:00.0293 3440 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

10:45:00.0293 3440 aec - ok

10:45:00.0356 3440 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

10:45:00.0356 3440 AFD - ok

10:45:00.0403 3440 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys

10:45:00.0403 3440 AFS2K - ok

10:45:00.0418 3440 Aha154x - ok

10:45:00.0449 3440 aic78u2 - ok

10:45:00.0465 3440 aic78xx - ok

10:45:00.0512 3440 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll

10:45:00.0512 3440 Alerter - ok

10:45:00.0559 3440 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe

10:45:00.0559 3440 ALG - ok

10:45:00.0574 3440 AliIde - ok

10:45:00.0606 3440 amsint - ok

10:45:00.0668 3440 AppMgmt (434a70fa278eb3c42140e3755c2fa4f8) C:\WINDOWS\System32\appmgmts.dll

10:45:00.0668 3440 AppMgmt - ok

10:45:00.0699 3440 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

10:45:00.0699 3440 Arp1394 - ok

10:45:00.0715 3440 asc - ok

10:45:00.0746 3440 asc3350p - ok

10:45:00.0777 3440 asc3550 - ok

10:45:00.0934 3440 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

10:45:00.0934 3440 aspnet_state - ok

10:45:00.0981 3440 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

10:45:00.0981 3440 AsyncMac - ok

10:45:01.0012 3440 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

10:45:01.0012 3440 atapi - ok

10:45:01.0027 3440 Atdisk - ok

10:45:01.0090 3440 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

10:45:01.0090 3440 Atmarpc - ok

10:45:01.0137 3440 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll

10:45:01.0137 3440 AudioSrv - ok

10:45:01.0168 3440 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

10:45:01.0168 3440 audstub - ok

10:45:01.0590 3440 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

10:45:01.0621 3440 AVGIDSAgent - ok

10:45:01.0746 3440 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

10:45:01.0746 3440 AVGIDSDriver - ok

10:45:01.0793 3440 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

10:45:01.0793 3440 AVGIDSEH - ok

10:45:01.0840 3440 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

10:45:01.0840 3440 AVGIDSFilter - ok

10:45:01.0871 3440 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

10:45:01.0871 3440 AVGIDSShim - ok

10:45:01.0934 3440 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

10:45:01.0934 3440 Avgldx86 - ok

10:45:01.0949 3440 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

10:45:01.0949 3440 Avgmfx86 - ok

10:45:01.0980 3440 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

10:45:01.0980 3440 Avgrkx86 - ok

10:45:02.0043 3440 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

10:45:02.0043 3440 Avgtdix - ok

10:45:02.0137 3440 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

10:45:02.0137 3440 avgwd - ok

10:45:02.0293 3440 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

10:45:02.0309 3440 BCM43XX - ok

10:45:02.0355 3440 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

10:45:02.0355 3440 Beep - ok

10:45:02.0434 3440 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll

10:45:02.0434 3440 BITS - ok

10:45:02.0480 3440 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll

10:45:02.0480 3440 Browser - ok

10:45:02.0496 3440 catchme - ok

10:45:02.0574 3440 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

10:45:02.0574 3440 cbidf2k - ok

10:45:02.0590 3440 cd20xrnt - ok

10:45:02.0621 3440 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

10:45:02.0621 3440 Cdaudio - ok

10:45:02.0668 3440 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

10:45:02.0668 3440 Cdfs - ok

10:45:02.0699 3440 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

10:45:02.0699 3440 Cdrom - ok

10:45:02.0715 3440 Changer - ok

10:45:02.0762 3440 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe

10:45:02.0762 3440 CiSvc - ok

10:45:02.0793 3440 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe

10:45:02.0793 3440 ClipSrv - ok

10:45:02.0887 3440 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:45:02.0887 3440 clr_optimization_v2.0.50727_32 - ok

10:45:02.0933 3440 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

10:45:02.0933 3440 CmBatt - ok

10:45:02.0949 3440 CmdIde - ok

10:45:02.0980 3440 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

10:45:02.0980 3440 Compbatt - ok

10:45:03.0012 3440 COMSysApp - ok

10:45:03.0074 3440 Cpqarray - ok

10:45:03.0121 3440 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll

10:45:03.0121 3440 CryptSvc - ok

10:45:03.0137 3440 dac2w2k - ok

10:45:03.0168 3440 dac960nt - ok

10:45:03.0246 3440 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

10:45:03.0246 3440 DcomLaunch - ok

10:45:03.0262 3440 DgiVecp - ok

10:45:03.0308 3440 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll

10:45:03.0308 3440 Dhcp - ok

10:45:03.0340 3440 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

10:45:03.0340 3440 Disk - ok

10:45:03.0371 3440 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS

10:45:03.0371 3440 DLABMFSM - ok

10:45:03.0402 3440 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS

10:45:03.0402 3440 DLABOIOM - ok

10:45:03.0418 3440 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

10:45:03.0418 3440 DLACDBHM - ok

10:45:03.0449 3440 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS

10:45:03.0449 3440 DLADResM - ok

10:45:03.0496 3440 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS

10:45:03.0496 3440 DLAIFS_M - ok

10:45:03.0511 3440 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS

10:45:03.0511 3440 DLAOPIOM - ok

10:45:03.0543 3440 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS

10:45:03.0543 3440 DLAPoolM - ok

10:45:03.0574 3440 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

10:45:03.0574 3440 DLARTL_M - ok

10:45:03.0605 3440 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS

10:45:03.0605 3440 DLAUDFAM - ok

10:45:03.0636 3440 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS

10:45:03.0636 3440 DLAUDF_M - ok

10:45:03.0668 3440 dmadmin - ok

10:45:03.0777 3440 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys

10:45:03.0777 3440 dmboot - ok

10:45:03.0808 3440 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys

10:45:03.0808 3440 dmio - ok

10:45:03.0840 3440 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

10:45:03.0840 3440 dmload - ok

10:45:03.0886 3440 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll

10:45:03.0886 3440 dmserver - ok

10:45:03.0933 3440 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

10:45:03.0933 3440 DMusic - ok

10:45:03.0980 3440 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll

10:45:03.0980 3440 Dnscache - ok

10:45:04.0027 3440 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll

10:45:04.0027 3440 Dot3svc - ok

10:45:04.0043 3440 dpti2o - ok

10:45:04.0074 3440 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

10:45:04.0074 3440 drmkaud - ok

10:45:04.0121 3440 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

10:45:04.0121 3440 DRVMCDB - ok

10:45:04.0152 3440 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

10:45:04.0152 3440 DRVNDDM - ok

10:45:04.0183 3440 DwProt (6c5abe3c6d8adc67a988a0c3f68fac24) C:\WINDOWS\system32\drivers\dwprot.sys

10:45:04.0183 3440 DwProt - ok

10:45:04.0215 3440 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll

10:45:04.0215 3440 EapHost - ok

10:45:04.0261 3440 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll

10:45:04.0261 3440 ERSvc - ok

10:45:04.0308 3440 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

10:45:04.0324 3440 Eventlog - ok

10:45:04.0371 3440 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll

10:45:04.0386 3440 EventSystem - ok

10:45:04.0418 3440 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

10:45:04.0418 3440 Fastfat - ok

10:45:04.0464 3440 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

10:45:04.0464 3440 FastUserSwitchingCompatibility - ok

10:45:04.0496 3440 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

10:45:04.0496 3440 Fdc - ok

10:45:04.0527 3440 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys

10:45:04.0527 3440 Fips - ok

10:45:04.0543 3440 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

10:45:04.0543 3440 Flpydisk - ok

10:45:04.0605 3440 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

10:45:04.0621 3440 FltMgr - ok

10:45:04.0839 3440 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

10:45:04.0839 3440 FontCache3.0.0.0 - ok

10:45:04.0855 3440 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

10:45:04.0855 3440 Fs_Rec - ok

10:45:04.0918 3440 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

10:45:04.0918 3440 Ftdisk - ok

10:45:04.0949 3440 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

10:45:04.0964 3440 Gpc - ok

10:45:05.0011 3440 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

10:45:05.0011 3440 HDAudBus - ok

10:45:05.0089 3440 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

10:45:05.0089 3440 helpsvc - ok

10:45:05.0105 3440 HidServ - ok

10:45:05.0152 3440 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

10:45:05.0152 3440 hidusb - ok

10:45:05.0199 3440 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll

10:45:05.0199 3440 hkmsvc - ok

10:45:05.0214 3440 hpn - ok

10:45:05.0277 3440 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

10:45:05.0277 3440 HTTP - ok

10:45:05.0324 3440 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll

10:45:05.0324 3440 HTTPFilter - ok

10:45:05.0339 3440 i2omgmt - ok

10:45:05.0371 3440 i2omp - ok

10:45:05.0417 3440 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

10:45:05.0417 3440 i8042prt - ok

10:45:05.0511 3440 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

10:45:05.0527 3440 IDriverT - ok

10:45:05.0636 3440 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

10:45:05.0652 3440 idsvc - ok

10:45:05.0730 3440 IISADMIN (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe

10:45:05.0730 3440 IISADMIN - ok

10:45:05.0777 3440 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

10:45:05.0777 3440 Imapi - ok

10:45:05.0839 3440 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe

10:45:05.0839 3440 ImapiService - ok

10:45:05.0886 3440 ini910u - ok

10:45:06.0261 3440 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys

10:45:06.0308 3440 IntcAzAudAddService - ok

10:45:06.0370 3440 IntelIde - ok

10:45:06.0433 3440 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys

10:45:06.0433 3440 intelppm - ok

10:45:06.0464 3440 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

10:45:06.0480 3440 Ip6Fw - ok

10:45:06.0558 3440 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

10:45:06.0558 3440 IpFilterDriver - ok

10:45:06.0605 3440 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

10:45:06.0605 3440 IpInIp - ok

10:45:06.0652 3440 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

10:45:06.0652 3440 IpNat - ok

10:45:06.0699 3440 Iprip (fe06330a5659b692b616a5f8c9c493a0) C:\WINDOWS\System32\iprip.dll

10:45:06.0699 3440 Iprip - ok

10:45:06.0730 3440 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

10:45:06.0730 3440 IPSec - ok

10:45:06.0745 3440 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

10:45:06.0745 3440 IRENUM - ok

10:45:06.0824 3440 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys

10:45:06.0839 3440 isapnp - ok

10:45:06.0917 3440 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe

10:45:06.0917 3440 JavaQuickStarterService - ok

10:45:06.0949 3440 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

10:45:06.0949 3440 Kbdclass - ok

10:45:07.0011 3440 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

10:45:07.0011 3440 kmixer - ok

10:45:07.0058 3440 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

10:45:07.0058 3440 KSecDD - ok

10:45:07.0105 3440 LanmanServer (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll

10:45:07.0105 3440 LanmanServer - ok

10:45:07.0167 3440 LanmanWorkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll

10:45:07.0183 3440 LanmanWorkstation - ok

10:45:07.0199 3440 lbrtfdc - ok

10:45:07.0261 3440 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll

10:45:07.0261 3440 LmHosts - ok

10:45:07.0323 3440 LPDSVC (46d8aad86cf13a292900e4b2efa7aafa) C:\WINDOWS\system32\tcpsvcs.exe

10:45:07.0323 3440 LPDSVC - ok

10:45:07.0370 3440 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll

10:45:07.0370 3440 Messenger - ok

10:45:07.0402 3440 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

10:45:07.0402 3440 mnmdd - ok

10:45:07.0433 3440 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe

10:45:07.0433 3440 mnmsrvc - ok

10:45:07.0480 3440 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys

10:45:07.0480 3440 Modem - ok

10:45:07.0511 3440 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys

10:45:07.0511 3440 Mouclass - ok

10:45:07.0542 3440 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

10:45:07.0542 3440 mouhid - ok

10:45:07.0573 3440 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

10:45:07.0573 3440 MountMgr - ok

10:45:07.0589 3440 mraid35x - ok

10:45:07.0652 3440 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

10:45:07.0652 3440 MRxDAV - ok

10:45:07.0714 3440 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

10:45:07.0714 3440 MRxSmb - ok

10:45:07.0745 3440 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe

10:45:07.0745 3440 MSDTC - ok

10:45:07.0777 3440 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

10:45:07.0777 3440 Msfs - ok

10:45:07.0808 3440 MSIServer - ok

10:45:07.0855 3440 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

10:45:07.0855 3440 MSKSSRV - ok

10:45:07.0870 3440 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

10:45:07.0870 3440 MSPCLOCK - ok

10:45:07.0902 3440 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

10:45:07.0917 3440 MSPQM - ok

10:45:07.0948 3440 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

10:45:07.0948 3440 mssmbios - ok

10:45:07.0995 3440 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

10:45:07.0995 3440 Mup - ok

10:45:08.0042 3440 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll

10:45:08.0042 3440 napagent - ok

10:45:08.0105 3440 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

10:45:08.0105 3440 NDIS - ok

10:45:08.0151 3440 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

10:45:08.0167 3440 NdisTapi - ok

10:45:08.0183 3440 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

10:45:08.0183 3440 Ndisuio - ok

10:45:08.0214 3440 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

10:45:08.0214 3440 NdisWan - ok

10:45:08.0245 3440 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

10:45:08.0245 3440 NDProxy - ok

10:45:08.0276 3440 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

10:45:08.0276 3440 NetBIOS - ok

10:45:08.0323 3440 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

10:45:08.0323 3440 NetBT - ok

10:45:08.0370 3440 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

10:45:08.0370 3440 NetDDE - ok

10:45:08.0386 3440 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

10:45:08.0386 3440 NetDDEdsdm - ok

10:45:08.0433 3440 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:45:08.0433 3440 Netlogon - ok

10:45:08.0480 3440 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll

10:45:08.0480 3440 Netman - ok

10:45:08.0589 3440 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:45:08.0589 3440 NetTcpPortSharing - ok

10:45:08.0620 3440 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

10:45:08.0620 3440 NIC1394 - ok

10:45:08.0683 3440 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll

10:45:08.0683 3440 Nla - ok

10:45:08.0714 3440 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

10:45:08.0714 3440 Npfs - ok

10:45:08.0776 3440 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

10:45:08.0776 3440 Ntfs - ok

10:45:08.0808 3440 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:45:08.0823 3440 NtLmSsp - ok

10:45:08.0870 3440 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll

10:45:08.0870 3440 NtmsSvc - ok

10:45:08.0917 3440 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

10:45:08.0917 3440 Null - ok

10:45:08.0948 3440 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

10:45:08.0948 3440 NwlnkFlt - ok

10:45:08.0964 3440 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

10:45:08.0964 3440 NwlnkFwd - ok

10:45:08.0995 3440 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

10:45:08.0995 3440 ohci1394 - ok

10:45:09.0026 3440 OMCI - ok

10:45:09.0089 3440 p2pgasvc (d09e8b4fe927b55059e82d8b9a7780db) C:\WINDOWS\system32\p2pgasvc.dll

10:45:09.0089 3440 p2pgasvc - ok

10:45:09.0136 3440 p2pimsvc (a8a02a2d752ce14099fb06270adb954b) C:\WINDOWS\system32\p2psvc.dll

10:45:09.0151 3440 p2pimsvc - ok

10:45:09.0167 3440 p2psvc (a8a02a2d752ce14099fb06270adb954b) C:\WINDOWS\system32\p2psvc.dll

10:45:09.0167 3440 p2psvc - ok

10:45:09.0229 3440 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\drivers\Parport.sys

10:45:09.0229 3440 Parport - ok

10:45:09.0245 3440 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

10:45:09.0245 3440 PartMgr - ok

10:45:09.0292 3440 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

10:45:09.0292 3440 ParVdm - ok

10:45:09.0323 3440 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys

10:45:09.0323 3440 PCI - ok

10:45:09.0339 3440 PCIDump - ok

10:45:09.0370 3440 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

10:45:09.0386 3440 PCIIde - ok

10:45:09.0433 3440 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys

10:45:09.0433 3440 Pcmcia - ok

10:45:09.0448 3440 PDCOMP - ok

10:45:09.0479 3440 PDFRAME - ok

10:45:09.0511 3440 PDRELI - ok

10:45:09.0542 3440 PDRFRAME - ok

10:45:09.0573 3440 perc2 - ok

10:45:09.0589 3440 perc2hib - ok

10:45:09.0698 3440 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

10:45:09.0714 3440 PlugPlay - ok

10:45:09.0729 3440 PNRPSvc (a8a02a2d752ce14099fb06270adb954b) C:\WINDOWS\system32\p2psvc.dll

10:45:09.0729 3440 PNRPSvc - ok

10:45:09.0761 3440 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:45:09.0761 3440 PolicyAgent - ok

10:45:09.0823 3440 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

10:45:09.0823 3440 PptpMiniport - ok

10:45:09.0839 3440 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:45:09.0854 3440 ProtectedStorage - ok

10:45:09.0886 3440 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

10:45:09.0886 3440 PSched - ok

10:45:09.0901 3440 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

10:45:09.0917 3440 Ptilink - ok

10:45:09.0948 3440 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys

10:45:09.0948 3440 PxHelp20 - ok

10:45:09.0964 3440 ql1080 - ok

10:45:09.0995 3440 Ql10wnt - ok

10:45:10.0026 3440 ql12160 - ok

10:45:10.0057 3440 ql1240 - ok

10:45:10.0089 3440 ql1280 - ok

10:45:10.0136 3440 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

10:45:10.0136 3440 RasAcd - ok

10:45:10.0167 3440 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll

10:45:10.0167 3440 RasAuto - ok

10:45:10.0198 3440 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

10:45:10.0198 3440 Rasl2tp - ok

10:45:10.0245 3440 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll

10:45:10.0245 3440 RasMan - ok

10:45:10.0261 3440 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

10:45:10.0261 3440 RasPppoe - ok

10:45:10.0292 3440 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

10:45:10.0292 3440 Raspti - ok

10:45:10.0354 3440 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

10:45:10.0354 3440 Rdbss - ok

10:45:10.0370 3440 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

10:45:10.0370 3440 RDPCDD - ok

10:45:10.0432 3440 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

10:45:10.0432 3440 rdpdr - ok

10:45:10.0495 3440 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

10:45:10.0495 3440 RDPWD - ok

10:45:10.0542 3440 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe

10:45:10.0542 3440 RDSessMgr - ok

10:45:10.0589 3440 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys

10:45:10.0589 3440 redbook - ok

10:45:10.0620 3440 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll

10:45:10.0620 3440 RemoteAccess - ok

10:45:10.0667 3440 RemoteRegistry (2fd5b89bf9289c774c5c730dea96cd91) C:\WINDOWS\system32\regsvc.dll

10:45:10.0667 3440 RemoteRegistry - ok

10:45:10.0698 3440 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe

10:45:10.0698 3440 RpcLocator - ok

10:45:10.0761 3440 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\System32\rpcss.dll

10:45:10.0776 3440 RpcSs - ok

10:45:10.0823 3440 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe

10:45:10.0823 3440 RSVP - ok

10:45:10.0870 3440 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

10:45:10.0870 3440 RTLE8023xp - ok

10:45:10.0901 3440 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

10:45:10.0901 3440 SamSs - ok

10:45:10.0932 3440 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe

10:45:10.0948 3440 SCardSvr - ok

10:45:10.0995 3440 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll

10:45:10.0995 3440 Schedule - ok

10:45:11.0010 3440 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

10:45:11.0026 3440 sdbus - ok

10:45:11.0073 3440 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

10:45:11.0073 3440 Secdrv - ok

10:45:11.0104 3440 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll

10:45:11.0104 3440 seclogon - ok

10:45:11.0167 3440 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll

10:45:11.0167 3440 SENS - ok

10:45:11.0198 3440 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys

10:45:11.0198 3440 Serial - ok

10:45:11.0276 3440 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys

10:45:11.0276 3440 sffdisk - ok

10:45:11.0307 3440 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys

10:45:11.0307 3440 sffp_sd - ok

10:45:11.0354 3440 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

10:45:11.0354 3440 Sfloppy - ok

10:45:11.0432 3440 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll

10:45:11.0432 3440 SharedAccess - ok

10:45:11.0479 3440 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

10:45:11.0479 3440 ShellHWDetection - ok

10:45:11.0495 3440 Simbad - ok

10:45:11.0573 3440 SimpTcp (46d8aad86cf13a292900e4b2efa7aafa) C:\WINDOWS\system32\tcpsvcs.exe

10:45:11.0573 3440 SimpTcp - ok

10:45:11.0667 3440 SMTPSVC (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe

10:45:11.0667 3440 SMTPSVC - ok

10:45:11.0714 3440 SNMP (395baf8ea14e8c14a2a9eedd13fc8ba0) C:\WINDOWS\System32\snmp.exe

10:45:11.0714 3440 SNMP - ok

10:45:11.0745 3440 SNMPTRAP (f2927de8adc20282835347c22ac31d8a) C:\WINDOWS\System32\snmptrap.exe

10:45:11.0760 3440 SNMPTRAP - ok

10:45:11.0776 3440 Sparrow - ok

10:45:11.0823 3440 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

10:45:11.0823 3440 splitter - ok

10:45:11.0870 3440 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

10:45:11.0870 3440 Spooler - ok

10:45:11.0917 3440 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys

10:45:11.0917 3440 sr - ok

10:45:11.0963 3440 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll

10:45:11.0963 3440 srservice - ok

10:45:12.0010 3440 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

10:45:12.0010 3440 Srv - ok

10:45:12.0042 3440 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll

10:45:12.0057 3440 SSDPSRV - ok

10:45:12.0073 3440 SSPORT - ok

10:45:12.0135 3440 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll

10:45:12.0135 3440 stisvc - ok

10:45:12.0245 3440 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

10:45:12.0245 3440 stllssvr - ok

10:45:12.0276 3440 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

10:45:12.0276 3440 swenum - ok

10:45:12.0338 3440 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

10:45:12.0338 3440 swmidi - ok

10:45:12.0354 3440 SwPrv - ok

10:45:12.0385 3440 symc810 - ok

10:45:12.0401 3440 symc8xx - ok

10:45:12.0432 3440 sym_hi - ok

10:45:12.0463 3440 sym_u3 - ok

10:45:12.0510 3440 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

10:45:12.0510 3440 sysaudio - ok

10:45:12.0557 3440 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe

10:45:12.0557 3440 SysmonLog - ok

10:45:12.0604 3440 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll

10:45:12.0604 3440 TapiSrv - ok

10:45:12.0667 3440 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

10:45:12.0682 3440 Tcpip - ok

10:45:12.0713 3440 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys

10:45:12.0713 3440 Tcpip6 - ok

10:45:12.0745 3440 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

10:45:12.0745 3440 TDPIPE - ok

10:45:12.0792 3440 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

10:45:12.0792 3440 TDTCP - ok

10:45:12.0838 3440 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

10:45:12.0838 3440 TermDD - ok

10:45:12.0901 3440 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll

10:45:12.0901 3440 TermService - ok

10:45:12.0948 3440 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

10:45:12.0948 3440 Themes - ok

10:45:12.0979 3440 TlntSvr (78a2fe13662a119875f10e9ffcb49a8f) C:\WINDOWS\system32\tlntsvr.exe

10:45:12.0995 3440 TlntSvr - ok

10:45:13.0010 3440 TosIde - ok

10:45:13.0057 3440 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll

10:45:13.0073 3440 TrkWks - ok

10:45:13.0104 3440 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys

10:45:13.0104 3440 tunmp - ok

10:45:13.0151 3440 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

10:45:13.0151 3440 Udfs - ok

10:45:13.0166 3440 ultra - ok

10:45:13.0245 3440 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

10:45:13.0245 3440 Update - ok

10:45:13.0291 3440 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll

10:45:13.0307 3440 upnphost - ok

10:45:13.0338 3440 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe

10:45:13.0338 3440 UPS - ok

10:45:13.0385 3440 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

10:45:13.0385 3440 usbccgp - ok

10:45:13.0416 3440 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

10:45:13.0416 3440 usbehci - ok

10:45:13.0432 3440 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

10:45:13.0432 3440 usbhub - ok

10:45:13.0479 3440 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

10:45:13.0479 3440 usbprint - ok

10:45:13.0495 3440 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

10:45:13.0495 3440 usbscan - ok

10:45:13.0557 3440 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

10:45:13.0557 3440 USBSTOR - ok

10:45:13.0573 3440 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

10:45:13.0573 3440 usbuhci - ok

10:45:13.0604 3440 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

10:45:13.0604 3440 VgaSave - ok

10:45:13.0635 3440 ViaIde - ok

10:45:13.0698 3440 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys

10:45:13.0698 3440 VolSnap - ok

10:45:13.0744 3440 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe

10:45:13.0744 3440 VSS - ok

10:45:13.0791 3440 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll

10:45:13.0791 3440 W32Time - ok

10:45:13.0869 3440 W3SVC (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe

10:45:13.0869 3440 W3SVC - ok

10:45:13.0901 3440 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

10:45:13.0901 3440 Wanarp - ok

10:45:13.0916 3440 WDICA - ok

10:45:13.0979 3440 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

10:45:13.0979 3440 wdmaud - ok

10:45:14.0026 3440 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll

10:45:14.0026 3440 WebClient - ok

10:45:14.0119 3440 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll

10:45:14.0119 3440 winmgmt - ok

10:45:14.0166 3440 wltrysvc - ok

10:45:14.0213 3440 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll

10:45:14.0213 3440 WmdmPmSN - ok

10:45:14.0307 3440 Wmi (93f8eb8c7cd4e325ec92edbfc545103d) C:\WINDOWS\System32\advapi32.dll

10:45:14.0307 3440 Wmi - ok

10:45:14.0323 3440 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

10:45:14.0323 3440 WmiAcpi - ok

10:45:14.0385 3440 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe

10:45:14.0385 3440 WmiApSrv - ok

10:45:14.0573 3440 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe

10:45:14.0573 3440 WMPNetworkSvc - ok

10:45:14.0619 3440 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

10:45:14.0619 3440 WS2IFSL - ok

10:45:14.0682 3440 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll

10:45:14.0682 3440 wscsvc - ok

10:45:14.0729 3440 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll

10:45:14.0729 3440 wuauserv - ok

10:45:14.0760 3440 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

10:45:14.0760 3440 WudfPf - ok

10:45:14.0791 3440 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

10:45:14.0791 3440 WudfRd - ok

10:45:14.0822 3440 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

10:45:14.0838 3440 WudfSvc - ok

10:45:14.0901 3440 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll

10:45:14.0901 3440 WZCSVC - ok

10:45:14.0916 3440 xcpip - ok

10:45:14.0979 3440 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll

10:45:14.0979 3440 xmlprov - ok

10:45:14.0994 3440 xpsec - ok

10:45:15.0119 3440 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0

10:45:15.0119 3440 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

10:45:15.0119 3440 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

10:45:15.0151 3440 Boot (0x1200) (9d718fc77fb037147da2b240fbcd7b41) \Device\Harddisk0\DR0\Partition0

10:45:15.0151 3440 \Device\Harddisk0\DR0\Partition0 - ok

10:45:15.0151 3440 ============================================================

10:45:15.0151 3440 Scan finished

10:45:15.0151 3440 ============================================================

10:45:15.0197 2196 Detected object count: 1

10:45:15.0197 2196 Actual detected object count: 1

10:45:29.0383 2196 \Device\Harddisk0\DR0\# - copied to quarantine

10:45:29.0383 2196 \Device\Harddisk0\DR0 - copied to quarantine

10:45:29.0383 2196 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Quarantine

kape · 17 juli 2012

TDSS Killer heeft weer wat gevangen ... nu maar weer AVG om te zien of dat volstaat ?

Javer · 17 juli 2012

Beste kape,

Ik heb AVG laten scannen direct na TDSS Killer. Er waren 26 (!) potentiele bedreigingen waarvan uiteindelijk de besmettingen overbleven waarmee we begonnen zijn. Er is dus nog niets veranderd aan de 5 (10) trojaanse paarden.

kape · 17 juli 2012

Ga nu eens terug naar Emsisoft. En laat dat scannen in de "veilige modus".

Javer · 17 juli 2012

Beste kape,

Een klein succesje: Emsisoft draait in de veilige modus! Er zijn besmettingen gevonden waarvan er 1 (trojaans paard) niet verwijderd kon worden. Daarna is de computer opnieuw opgestart. Vervolgens een AVG-scan gemaakt. Hieruit blijkt dat de 5 (10) trojaanse paarden alle nog aanwezig zijn. Hieronder volgt:

1. de slotopmerking van Emsisoft in een venster

2. het log bestand van Emsisoft

3. de niet verwijderde trojaanse paarden na een AVG scan

1.

========================================

\\.\PhysicalDrive0 - Rootkits worden niet automatisch verwijderd. Raadpleeg aub de experts op het Emsisoft forum voor hulp bij het handmatig verwijderen van deze malware: Emsisoft Support Forum

========================================

2.

========================================

Emsisoft Emergency Kit - Versie 2.0

Laatste Update: 14-7-2012 12:11:35

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\

Scan archieven: Aan

ADS Scan: Aan

Scan gestart: 17-7-2012 15:12:02

\\.\PhysicalDrive0 Ontdekt: Trojan.DOS.Sinowal!E2

C:\Documents and Settings\Jack Verhoeven\Application Data\Sun\Java\Deployment\cache\6.0\63\330ed57f-3e86a4b1 -> ehsa\ehsc.class Ontdekt: Exploit.Java.Blacole!E2

C:\Documents and Settings\Jack Verhoeven\Application Data\Sun\Java\Deployment\cache\6.0\63\330ed57f-3e86a4b1 -> ehsa\ter.class Ontdekt: Java.CVE!E2

C:\Documents and Settings\Jack Verhoeven\Application Data\Sun\Java\Deployment\cache\6.0\63\330ed57f-3e86a4b1 -> ehsa\ehsb.class Ontdekt: Exploit.Java.CVE-2012-0507!E2

Gescand 473918

Gevonden 4

Scan geëindigd: 17-7-2012 16:29:15

Scantijd: 1:17:13

C:\Documents and Settings\Jack Verhoeven\Application Data\Sun\Java\Deployment\cache\6.0\63\330ed57f-3e86a4b1 -> ehsa\ehsb.class Verwijderd Exploit.Java.CVE-2012-0507!E2

Verwijderd 1

In quarantaine 0

=========================================

3.

=========================================

"";"C:\WINDOWS\system32\winlogon.exe (1248)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (684)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (1620)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\svchost.exe (1508)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\explorer.exe (1832)";"Trojaans paard PSW.Agent.AUET";"Verwijderd"

"";"C:\WINDOWS\system32\winlogon.exe (1248):\memory_01140000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (684):\memory_00c70000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (1620):\memory_02360000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\system32\svchost.exe (1508):\memory_00ff0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

"";"C:\WINDOWS\explorer.exe (1832):\memory_00c10000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd"

kape · 18 juli 2012

Laat dit bestand (bij wijze van test) C:\WINDOWS\system32\svchost.exe (684) eens scannen bij Jotti

Inloggen

Trojaans paard verwijderen

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie