Laptop zeer traag: HijackThis.

[kape]

Eentje is er nog ontsnapt :

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

Mag je nog fixen met HijackThis.

Daarna mag je dit doen :

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[mia]

Ik heb combofix geïnstalleerd, en uitgevoerd. hieronder het logje

ComboFix 12-08-25.04 - Oruç 26-08-2012 15:55:48.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3003.1435 [GMT 2:00]

Gestart vanuit: c:\users\Oruç\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\DealPly

c:\program files (x86)\DealPly\DealPly.crx

c:\program files (x86)\DealPly\DealPlyTune.dll

c:\program files (x86)\DealPly\DealPlyUpdate.exe

c:\program files (x86)\DealPly\DealPlyUpdate.log

c:\program files (x86)\DealPly\DealPlyUpdateRun.exe

c:\program files (x86)\DealPly\icon.ico

c:\program files (x86)\DealPly\sqlite3.dll

c:\program files (x86)\DealPly\uninst.exe

c:\program files (x86)\Vid-Saver

c:\program files (x86)\Vid-Saver\Uninstall.exe

c:\program files (x86)\Vid-Saver\Vid-Saver.exe

c:\program files (x86)\Vid-Saver\Vid-Saver.ico

c:\program files (x86)\Vid-Saver\Vid-Saver.ini

c:\program files (x86)\Vid-Saver\Vid-SaverGui.exe

c:\program files (x86)\Vid-Saver\Vid-SaverInstaller.log

c:\windows\SysWow64\URTTemp

c:\windows\SysWow64\URTTemp\regtlib.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-26 to 2012-08-26 ))))))))))))))))))))))))))))))

.

.

2012-08-26 14:07 . 2012-08-26 14:07 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-25 21:54 . 2012-08-25 21:54 388096 ----a-r- c:\users\Oruç\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-25 21:54 . 2012-08-25 21:54 -------- d-----w- c:\program files (x86)\Trend Micro

2012-08-24 18:06 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7C2E83D-535B-4919-8D49-7DC9ED6754A3}\mpengine.dll

2012-08-17 22:45 . 2012-06-29 00:08 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-08-16 20:43 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll

2012-08-16 20:43 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2012-08-16 20:43 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll

2012-08-16 20:43 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-16 20:43 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll

2012-08-16 20:43 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe

2012-08-16 20:43 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll

2012-08-16 20:43 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll

2012-08-16 20:43 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-08-16 20:43 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-08-16 20:43 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-08-16 20:43 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-08 15:13 . 2012-08-08 15:13 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-25 21:54 . 2012-08-25 21:54 388096 ----a-r- c:\users\Oruç\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-25 21:54 . 2012-08-25 21:54 388096 ----a-r- c:\users\Oruç\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-21 21:56 . 2012-05-20 11:03 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-21 21:56 . 2011-07-05 10:57 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-17 22:39 . 2011-07-06 10:26 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-07-14 17:27 . 2012-07-14 17:27 0 ----a-w- c:\windows\SysWow64\sho7F5C.tmp

2012-07-08 11:52 . 2012-07-08 11:52 0 ----a-w- c:\windows\SysWow64\shoBA1B.tmp

2012-07-08 11:01 . 2012-07-08 11:01 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2012-07-08 11:01 . 2012-07-08 11:01 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-07-03 11:46 . 2012-07-07 21:43 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-09 05:43 . 2012-07-14 17:00 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-14 17:00 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-14 17:00 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-14 16:59 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-14 17:00 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-14 17:00 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-14 17:00 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-22 21:34 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-22 21:35 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-22 21:35 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-22 21:35 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-22 21:34 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-22 21:35 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-22 21:34 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-22 21:34 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-22 21:34 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-14 17:00 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-14 17:00 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:48 . 2012-07-14 17:00 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:45 . 2012-07-14 17:00 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-14 17:00 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-14 17:00 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-14 17:00 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-14 17:00 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-14 17:00 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 10:25 . 2010-10-19 09:23 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-08-08 15:13 2045024 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll" [2012-08-08 2045024]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-02-22 2363392]

"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]

"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-19 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]

"BtTray"="c:\program files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [2009-08-07 315478]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 1226608]

"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]

"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-04-20 2327552]

"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-08-08 1162848]

"Smart File Advisor"="c:\program files (x86)\Smart File Advisor\sfa.exe" [2011-04-04 280824]

"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]

"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-08-08 1020512]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 250056]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-20 1255736]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-06-17 24968]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-08-08 31080]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]

S2 BsMobileCS;BsMobileCS;c:\program files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-08-07 143467]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]

S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-02 2673064]

S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-04-20 9216]

S2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-08-08 927840]

S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-06-17 34440]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-05 144896]

S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-06-17 30344]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-23 225280]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2011-09-08 1225832]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-02-22 09:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-26 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 21:56]

.

2012-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 09:20]

.

2012-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 09:20]

.

2012-08-26 c:\windows\Tasks\HPCeeScheduleForOruç.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]

.

2012-08-23 c:\windows\Tasks\Norton Security Scan for Oruç.job

- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-24 13:59]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-01-29 6160928]

"RtkOSD"="c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [2010-01-13 995840]

"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-27 172032]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.54.40.25 212.54.35.25

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D2AB2732-A124-4FB2-8DA5-4A6A9E379331} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe

AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe

AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

AddRemove-YourFileDownloader - c:\program files (x86)\YourFileDownloader\uninstall.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE

.

**************************************************************************

.

Voltooingstijd: 2012-08-26 16:16:07 - machine werd herstart

ComboFix-quarantined-files.txt 2012-08-26 14:16

.

Pre-Run: 390.940.561.408 bytes beschikbaar

Post-Run: 391.211.323.392 bytes beschikbaar

.

- - End Of File - - AC400CBF16DB79CC69270512B3E61822

26 augustus 2012 aangepast door mia

[kape]

En hoe staat het nu met de snelheid (of de traagheid) van de PC ?

[mia]

Het is wel iets sneller geworden maar nog steeds problemen, zoals openen van sites en filmpjes..

[kape]

Download AdwCleaner by Xplode naar je Bureaublad.

• Sluit alle openstaande vensters
  
• Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  
• Klik vervolgens op Delete
  
• Klik bij AdwCleaner – Information op OK
  
• Klik bij AdwCleaner – Restart Required op OK
  

Alle icoontjes verdwijnen van het Bureaublad, Dit is normaal

Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt ) post de inhoud hier in een volgende bericht.

[mia]

Hai Kape,

Ik heb adwcleaner geinstalleerd en uitgevoerd. Mijn icoontjes verdwenen niet maar hij startte wel opnieuw op. hieronder het logje.

# AdwCleaner v1.801 - Logfile created 08/26/2012 at 19:44:06

# Updated 14/08/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Oruç - ORUÇ-PC

# Boot Mode : Normal

# Running from : C:\Users\Oruç\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Users\Oruç\AppData\LocalLow\boost_interprocess

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Registry] *****

***** [Registre - GUID] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Oruç\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [25858 octets] - [26/08/2012 19:39:43]

AdwCleaner[s1].txt - [20023 octets] - [26/08/2012 19:39:57]

AdwCleaner[s2].txt - [952 octets] - [26/08/2012 19:44:06]

########## EOF - C:\AdwCleaner[s2].txt - [1079 octets] ##########

[kape]

Dit levert ook niet veel extra winst op. Nog eentje dan om malware volledig uit te kunnen sluiten als oorzaak van de traagheid :

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

• Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
  
• Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"
  
  
• Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
  
• Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  
• Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  
• Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  
• Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"
  
  
• Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  
• Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  
• Herstart nu de computer.
  

[mia]

Hoi,

Het duurde wel lang maar nu dan het logje. en nog iets hij kon eentje niet verwijderen. BHO.Win32.zwangi!E2.

Emsisoft Emergency Kit - Versie 2.0

Laatste Update: 27-8-2012 20:48:50

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, D:\, E:\, Q:\

Scan archieven: Aan

ADS Scan: Aan

Scan gestart: 27-8-2012 20:50:47

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\upgrade[1].cab -> upgrade.exe -> $0\questscan.exe Ontdekt: BHO.Win32.Zwangi!E2

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\upgrade[1].cab -> upgrade.exe Ontdekt: BHO.Win32.Zwangi!E2

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\upgrade[1].cab -> upgrade.exe -> $0\questscan.exe Ontdekt: BHO.Win32.Zwangi!E2

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\upgrade[1].cab -> upgrade.exe Ontdekt: BHO.Win32.Zwangi!E2

C:\Users\Oruç\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\58b94b82-69748290 -> Polat.class Ontdekt: Trojan-Downloader.Java.OpenConnection!E2

C:\Program Files (x86)\shoemaster_install_map\CRACK\run\program_WINDOWS\emulator.dll Ontdekt: Trojan.SuspectCRC!E2

C:\Program Files (x86)\1ClickDownload\ocmainpack.exe Ontdekt: Adware.Win32.1ClickDownload.AMN!E1

C:\HP\Bin\EndProcess.exe Ontdekt: Riskware.Win32.KillApp!E1

Gescand 657519

Gevonden 8

Scan geëindigd: 28-8-2012 12:58:40

Scantijd: 16:07:53

C:\HP\Bin\EndProcess.exe Verwijderd Riskware.Win32.KillApp!E1

C:\Program Files (x86)\1ClickDownload\ocmainpack.exe Verwijderd Adware.Win32.1ClickDownload.AMN!E1

C:\Program Files (x86)\shoemaster_install_map\CRACK\run\program_WINDOWS\emulator.dll Verwijderd Trojan.SuspectCRC!E2

C:\Users\Oruç\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\58b94b82-69748290 -> Polat.class Verwijderd Trojan-Downloader.Java.OpenConnection!E2

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\upgrade[1].cab -> upgrade.exe -> $0\questscan.exe Verwijderd BHO.Win32.Zwangi!E2

Verwijderd 5

[kape]

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

[mia]

Hoi,

Hierbij het logje

16:51:39.0226 4576 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

16:51:39.0390 4576 ============================================================

16:51:39.0390 4576 Current date / time: 2012/08/28 16:51:39.0390

16:51:39.0390 4576 SystemInfo:

16:51:39.0390 4576

16:51:39.0390 4576 OS Version: 6.1.7601 ServicePack: 1.0

16:51:39.0390 4576 Product type: Workstation

16:51:39.0391 4576 ComputerName: ORUÇ-PC

16:51:39.0391 4576 UserName: Oruç

16:51:39.0391 4576 Windows directory: C:\Windows

16:51:39.0391 4576 System windows directory: C:\Windows

16:51:39.0391 4576 Running under WOW64

16:51:39.0391 4576 Processor architecture: Intel x64

16:51:39.0391 4576 Number of processors: 2

16:51:39.0391 4576 Page size: 0x1000

16:51:39.0391 4576 Boot type: Normal boot

16:51:39.0391 4576 ============================================================

16:51:40.0966 4576 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:51:45.0329 4576 Drive \Device\Harddisk1\DR1 - Size: 0x3B5980000 (14.84 Gb), SectorSize: 0x200, Cylinders: 0x790, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

16:51:45.0334 4576 ============================================================

16:51:45.0334 4576 \Device\Harddisk0\DR0:

16:51:45.0366 4576 MBR partitions:

16:51:45.0366 4576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

16:51:45.0366 4576 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38626000

16:51:45.0366 4576 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3868A000, BlocksNum 0x1CC8000

16:51:45.0366 4576 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830

16:51:45.0366 4576 \Device\Harddisk1\DR1:

16:51:45.0367 4576 MBR partitions:

16:51:45.0367 4576 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x200D, BlocksNum 0x1DAABF3

16:51:45.0367 4576 ============================================================

16:51:45.0383 4576 C: <-> \Device\Harddisk0\DR0\Partition2

16:51:45.0416 4576 D: <-> \Device\Harddisk0\DR0\Partition3

16:51:45.0434 4576 E: <-> \Device\Harddisk0\DR0\Partition4

16:51:45.0435 4576 ============================================================

16:51:45.0435 4576 Initialize success

16:51:45.0435 4576 ============================================================

16:52:12.0192 4808 ============================================================

16:52:12.0192 4808 Scan started

16:52:12.0192 4808 Mode: Manual;

16:52:12.0192 4808 ============================================================

16:52:12.0382 4808 ================ Scan system memory ========================

16:52:12.0382 4808 System memory - ok

16:52:12.0383 4808 ================ Scan services =============================

16:52:12.0551 4808 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

16:52:12.0557 4808 1394ohci - ok

16:52:12.0662 4808 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Users\Oruç\Desktop\Run\a2ddax64.sys

16:52:12.0664 4808 A2DDA - ok

16:52:12.0725 4808 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

16:52:12.0731 4808 ACPI - ok

16:52:12.0780 4808 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

16:52:12.0782 4808 AcpiPmi - ok

16:52:12.0937 4808 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:52:12.0940 4808 AdobeARMservice - ok

16:52:13.0073 4808 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:52:13.0078 4808 AdobeFlashPlayerUpdateSvc - ok

16:52:13.0133 4808 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

16:52:13.0141 4808 adp94xx - ok

16:52:13.0179 4808 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

16:52:13.0186 4808 adpahci - ok

16:52:13.0219 4808 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

16:52:13.0223 4808 adpu320 - ok

16:52:13.0246 4808 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

16:52:13.0248 4808 AeLookupSvc - ok

16:52:13.0314 4808 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

16:52:13.0317 4808 AERTFilters - ok

16:52:13.0365 4808 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

16:52:13.0373 4808 AFD - ok

16:52:13.0405 4808 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

16:52:13.0408 4808 agp440 - ok

16:52:13.0429 4808 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

16:52:13.0432 4808 ALG - ok

16:52:13.0462 4808 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

16:52:13.0464 4808 aliide - ok

16:52:13.0479 4808 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

16:52:13.0481 4808 amdide - ok

16:52:13.0515 4808 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

16:52:13.0518 4808 AmdK8 - ok

16:52:13.0535 4808 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

16:52:13.0538 4808 AmdPPM - ok

16:52:13.0579 4808 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

16:52:13.0583 4808 amdsata - ok

16:52:13.0609 4808 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

16:52:13.0616 4808 amdsbs - ok

16:52:13.0634 4808 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

16:52:13.0637 4808 amdxata - ok

16:52:13.0679 4808 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

16:52:13.0681 4808 AppID - ok

16:52:13.0708 4808 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

16:52:13.0710 4808 AppIDSvc - ok

16:52:13.0756 4808 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

16:52:13.0758 4808 Appinfo - ok

16:52:13.0807 4808 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:52:13.0810 4808 Apple Mobile Device - ok

16:52:13.0859 4808 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

16:52:13.0862 4808 arc - ok

16:52:13.0889 4808 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

16:52:13.0892 4808 arcsas - ok

16:52:13.0936 4808 aspnet_state - ok

16:52:13.0965 4808 [ CE6D8BCC4787704EA4FEEB92B0D0CAF8 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

16:52:13.0967 4808 aswFsBlk - ok

16:52:14.0004 4808 [ 0DEBEB2E3FBD0BF5343125CCE617F105 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

16:52:14.0006 4808 aswMonFlt - ok

16:52:14.0016 4808 [ 952EDC2E81F85D1781958D4128BF59F8 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys

16:52:14.0018 4808 aswRdr - ok

16:52:14.0080 4808 [ DD383E2AC941C545A85AB72503DA6C12 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

16:52:14.0089 4808 aswSnx - ok

16:52:14.0114 4808 [ EF5403FB8B2DCB791EC365FDF6040A4A ] aswSP C:\Windows\system32\drivers\aswSP.sys

16:52:14.0119 4808 aswSP - ok

16:52:14.0147 4808 [ 34165DA5C6B30C0F9D61246BF8A28040 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

16:52:14.0149 4808 aswTdi - ok

16:52:14.0176 4808 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

16:52:14.0178 4808 AsyncMac - ok

16:52:14.0212 4808 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

16:52:14.0215 4808 atapi - ok

16:52:14.0260 4808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

16:52:14.0271 4808 AudioEndpointBuilder - ok

16:52:14.0320 4808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

16:52:14.0328 4808 AudioSrv - ok

16:52:14.0404 4808 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

16:52:14.0406 4808 avast! Antivirus - ok

16:52:14.0429 4808 [ E964EA70249DDE1343C8F694B52575EE ] avgtp C:\Windows\system32\drivers\avgtpx64.sys

16:52:14.0431 4808 avgtp - ok

16:52:14.0473 4808 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

16:52:14.0477 4808 AxInstSV - ok

16:52:14.0517 4808 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

16:52:14.0525 4808 b06bdrv - ok

16:52:14.0566 4808 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

16:52:14.0571 4808 b57nd60a - ok

16:52:14.0654 4808 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

16:52:14.0658 4808 BBSvc - ok

16:52:14.0690 4808 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

16:52:14.0694 4808 BDESVC - ok

16:52:14.0709 4808 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

16:52:14.0711 4808 Beep - ok

16:52:14.0772 4808 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

16:52:14.0783 4808 BFE - ok

16:52:14.0820 4808 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

16:52:14.0837 4808 BITS - ok

16:52:14.0874 4808 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

16:52:14.0877 4808 blbdrive - ok

16:52:14.0941 4808 [ 2E985F8082120C0661B62B8D2D9824BE ] BlueSoleilCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

16:52:14.0953 4808 BlueSoleilCS - ok

16:52:15.0003 4808 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:52:15.0011 4808 Bonjour Service - ok

16:52:15.0042 4808 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

16:52:15.0045 4808 bowser - ok

16:52:15.0061 4808 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:52:15.0063 4808 BrFiltLo - ok

16:52:15.0076 4808 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:52:15.0078 4808 BrFiltUp - ok

16:52:15.0111 4808 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

16:52:15.0115 4808 BridgeMP - ok

16:52:15.0146 4808 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

16:52:15.0150 4808 Browser - ok

16:52:15.0178 4808 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

16:52:15.0184 4808 Brserid - ok

16:52:15.0206 4808 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

16:52:15.0208 4808 BrSerWdm - ok

16:52:15.0222 4808 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

16:52:15.0224 4808 BrUsbMdm - ok

16:52:15.0239 4808 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

16:52:15.0241 4808 BrUsbSer - ok

16:52:15.0272 4808 [ B6FA1F4EF227812FF98F1401E4DBCA10 ] BsHelpCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe

16:52:15.0276 4808 BsHelpCS - ok

16:52:15.0303 4808 [ 7135AF330649DB0EA1E968E42D5CA5AB ] BsMobileCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe

16:52:15.0306 4808 BsMobileCS - ok

16:52:15.0335 4808 [ EA05E37130B94670E8AA3379EAFAE22E ] BT C:\Windows\system32\DRIVERS\btnetdrv.sys

16:52:15.0337 4808 BT - ok

16:52:15.0387 4808 [ B2FD180ED01C31800FAE65E63052DFE7 ] Btcsrusb C:\Windows\system32\Drivers\btcusb.sys

16:52:15.0389 4808 Btcsrusb - ok

16:52:15.0411 4808 [ 901F25FE9D0B0E9A693968D0556AA6DA ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys

16:52:15.0413 4808 BtHidBus - ok

16:52:15.0430 4808 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

16:52:15.0432 4808 BTHMODEM - ok

16:52:15.0468 4808 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

16:52:15.0472 4808 bthserv - ok

16:52:15.0486 4808 [ 809B63EB22CA285FC22AE2238DF65EFD ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys

16:52:15.0488 4808 btnetBUs - ok

16:52:15.0517 4808 catchme - ok

16:52:15.0552 4808 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

16:52:15.0555 4808 cdfs - ok

16:52:15.0601 4808 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

16:52:15.0605 4808 cdrom - ok

16:52:15.0644 4808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

16:52:15.0647 4808 CertPropSvc - ok

16:52:15.0670 4808 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

16:52:15.0672 4808 circlass - ok

16:52:15.0691 4808 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

16:52:15.0699 4808 CLFS - ok

16:52:15.0723 4808 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:52:15.0726 4808 clr_optimization_v2.0.50727_32 - ok

16:52:15.0773 4808 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:52:15.0776 4808 clr_optimization_v2.0.50727_64 - ok

16:52:15.0844 4808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:52:15.0848 4808 clr_optimization_v4.0.30319_32 - ok

16:52:15.0886 4808 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:52:15.0889 4808 clr_optimization_v4.0.30319_64 - ok

16:52:15.0922 4808 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

16:52:15.0924 4808 CmBatt - ok

16:52:15.0950 4808 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

16:52:15.0952 4808 cmdide - ok

16:52:16.0006 4808 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

16:52:16.0014 4808 CNG - ok

16:52:16.0050 4808 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

16:52:16.0052 4808 Compbatt - ok

16:52:16.0078 4808 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

16:52:16.0080 4808 CompositeBus - ok

16:52:16.0096 4808 COMSysApp - ok

16:52:16.0122 4808 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

16:52:16.0124 4808 crcdisk - ok

16:52:16.0164 4808 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

16:52:16.0169 4808 CryptSvc - ok

16:52:16.0255 4808 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

16:52:16.0264 4808 cvhsvc - ok

16:52:16.0344 4808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

16:52:16.0358 4808 DcomLaunch - ok

16:52:16.0400 4808 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

16:52:16.0407 4808 defragsvc - ok

16:52:16.0442 4808 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

16:52:16.0445 4808 DfsC - ok

16:52:16.0473 4808 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

16:52:16.0480 4808 Dhcp - ok

16:52:16.0511 4808 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

16:52:16.0513 4808 discache - ok

16:52:16.0560 4808 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

16:52:16.0563 4808 Disk - ok

16:52:16.0589 4808 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

16:52:16.0594 4808 Dnscache - ok

16:52:16.0625 4808 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

16:52:16.0631 4808 dot3svc - ok

16:52:16.0665 4808 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

16:52:16.0671 4808 DPS - ok

16:52:16.0697 4808 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

16:52:16.0698 4808 drmkaud - ok

16:52:16.0760 4808 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

16:52:16.0774 4808 DXGKrnl - ok

16:52:16.0819 4808 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

16:52:16.0824 4808 EapHost - ok

16:52:16.0903 4808 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

16:52:16.0949 4808 ebdrv - ok

16:52:16.0988 4808 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

16:52:16.0993 4808 EFS - ok

16:52:17.0047 4808 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

16:52:17.0058 4808 ehRecvr - ok

16:52:17.0083 4808 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

16:52:17.0086 4808 ehSched - ok

16:52:17.0125 4808 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

16:52:17.0133 4808 elxstor - ok

16:52:17.0159 4808 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

16:52:17.0161 4808 ErrDev - ok

16:52:17.0206 4808 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

16:52:17.0215 4808 EventSystem - ok

16:52:17.0237 4808 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

16:52:17.0241 4808 exfat - ok

16:52:17.0265 4808 ezSharedSvc - ok

16:52:17.0289 4808 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

16:52:17.0294 4808 fastfat - ok

16:52:17.0343 4808 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

16:52:17.0355 4808 Fax - ok

16:52:17.0379 4808 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

16:52:17.0381 4808 fdc - ok

16:52:17.0403 4808 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

16:52:17.0406 4808 fdPHost - ok

16:52:17.0416 4808 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

16:52:17.0420 4808 FDResPub - ok

16:52:17.0432 4808 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

16:52:17.0434 4808 FileInfo - ok

16:52:17.0445 4808 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

16:52:17.0448 4808 Filetrace - ok

16:52:17.0464 4808 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

16:52:17.0466 4808 flpydisk - ok

16:52:17.0494 4808 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

16:52:17.0502 4808 FltMgr - ok

16:52:17.0548 4808 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

16:52:17.0567 4808 FontCache - ok

16:52:17.0615 4808 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:52:17.0617 4808 FontCache3.0.0.0 - ok

16:52:17.0635 4808 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

16:52:17.0638 4808 FsDepends - ok

16:52:17.0708 4808 [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

16:52:17.0710 4808 fssfltr - ok

16:52:17.0810 4808 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

16:52:17.0822 4808 fsssvc - ok

16:52:17.0853 4808 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

16:52:17.0855 4808 Fs_Rec - ok

16:52:17.0896 4808 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

16:52:17.0902 4808 fvevol - ok

16:52:17.0923 4808 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

16:52:17.0926 4808 gagp30kx - ok

16:52:17.0971 4808 [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

16:52:17.0976 4808 GameConsoleService - ok

16:52:18.0029 4808 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:52:18.0031 4808 GEARAspiWDM - ok

16:52:18.0076 4808 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

16:52:18.0090 4808 gpsvc - ok

16:52:18.0145 4808 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:52:18.0148 4808 gupdate - ok

16:52:18.0165 4808 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:52:18.0167 4808 gupdatem - ok

16:52:18.0189 4808 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

16:52:18.0192 4808 gusvc - ok

16:52:18.0199 4808 Hardlock - ok

16:52:18.0226 4808 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

16:52:18.0228 4808 hcw85cir - ok

16:52:18.0263 4808 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

16:52:18.0270 4808 HdAudAddService - ok

16:52:18.0300 4808 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

16:52:18.0303 4808 HDAudBus - ok

16:52:18.0341 4808 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

16:52:18.0343 4808 HidBatt - ok

16:52:18.0363 4808 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

16:52:18.0366 4808 HidBth - ok

16:52:18.0386 4808 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

16:52:18.0388 4808 HidIr - ok

16:52:18.0406 4808 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

16:52:18.0410 4808 hidserv - ok

16:52:18.0432 4808 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

16:52:18.0434 4808 HidUsb - ok

16:52:18.0462 4808 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

16:52:18.0468 4808 hkmsvc - ok

16:52:18.0505 4808 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

16:52:18.0513 4808 HomeGroupListener - ok

16:52:18.0551 4808 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

16:52:18.0560 4808 HomeGroupProvider - ok

16:52:18.0619 4808 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

16:52:18.0621 4808 HP Support Assistant Service - ok

16:52:18.0670 4808 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

16:52:18.0672 4808 HPDrvMntSvc.exe - ok

16:52:18.0711 4808 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

16:52:18.0723 4808 hpqwmiex - ok

16:52:18.0756 4808 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

16:52:18.0758 4808 HpSAMD - ok

16:52:18.0811 4808 [ B6492D01712A22FF3FEA25A999DBD321 ] HPWMISVC C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

16:52:18.0812 4808 HPWMISVC - ok

16:52:18.0866 4808 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

16:52:18.0878 4808 HTTP - ok

16:52:18.0914 4808 [ 4B5C07DB91A0099272FAAE732E1152BD ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys

16:52:18.0918 4808 hwdatacard - ok

16:52:18.0949 4808 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

16:52:18.0952 4808 hwpolicy - ok

16:52:19.0001 4808 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

16:52:19.0004 4808 i8042prt - ok

16:52:19.0042 4808 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

16:52:19.0047 4808 iaStor - ok

16:52:19.0090 4808 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

16:52:19.0097 4808 iaStorV - ok

16:52:19.0146 4808 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:52:19.0159 4808 idsvc - ok

16:52:19.0391 4808 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

16:52:19.0572 4808 igfx - ok

16:52:19.0606 4808 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

16:52:19.0609 4808 iirsp - ok

16:52:19.0660 4808 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

16:52:19.0675 4808 IKEEXT - ok

16:52:19.0738 4808 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

16:52:19.0766 4808 IntcAzAudAddService - ok

16:52:19.0798 4808 [ CFC68CA36A63637E8CA69669EE3693DA ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys

16:52:19.0801 4808 IntcHdmiAddService - ok

16:52:19.0815 4808 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

16:52:19.0817 4808 intelide - ok

16:52:19.0842 4808 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

16:52:19.0844 4808 intelppm - ok

16:52:19.0867 4808 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

16:52:19.0872 4808 IPBusEnum - ok

16:52:19.0902 4808 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:52:19.0904 4808 IpFilterDriver - ok

16:52:19.0944 4808 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

16:52:19.0954 4808 iphlpsvc - ok

16:52:19.0983 4808 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

16:52:19.0985 4808 IPMIDRV - ok

16:52:20.0012 4808 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

16:52:20.0015 4808 IPNAT - ok

16:52:20.0064 4808 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

16:52:20.0076 4808 iPod Service - ok

16:52:20.0095 4808 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

16:52:20.0097 4808 IRENUM - ok

16:52:20.0122 4808 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

16:52:20.0124 4808 isapnp - ok

16:52:20.0146 4808 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

16:52:20.0152 4808 iScsiPrt - ok

16:52:20.0187 4808 [ 51FC0BE21618B57AF581CD29CF8D9636 ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys

16:52:20.0189 4808 IvtBtBUs - ok

16:52:20.0213 4808 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

16:52:20.0215 4808 kbdclass - ok

16:52:20.0244 4808 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

16:52:20.0246 4808 kbdhid - ok

16:52:20.0255 4808 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

16:52:20.0259 4808 KeyIso - ok

16:52:20.0309 4808 [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys

16:52:20.0310 4808 KMWDFILTER - ok

16:52:20.0344 4808 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

16:52:20.0347 4808 KSecDD - ok

16:52:20.0393 4808 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

16:52:20.0397 4808 KSecPkg - ok

16:52:20.0423 4808 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

16:52:20.0426 4808 ksthunk - ok

16:52:20.0458 4808 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

16:52:20.0469 4808 KtmRm - ok

16:52:20.0516 4808 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

16:52:20.0526 4808 LanmanServer - ok

16:52:20.0560 4808 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

16:52:20.0569 4808 LanmanWorkstation - ok

16:52:20.0621 4808 [ 47269F0DE1E5089C6F23BC1EC48CFC31 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

16:52:20.0624 4808 LightScribeService - ok

16:52:20.0655 4808 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

16:52:20.0658 4808 lltdio - ok

16:52:20.0682 4808 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

16:52:20.0692 4808 lltdsvc - ok

16:52:20.0711 4808 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

16:52:20.0716 4808 lmhosts - ok

16:52:20.0765 4808 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

16:52:20.0768 4808 LSI_FC - ok

16:52:20.0785 4808 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

16:52:20.0789 4808 LSI_SAS - ok

16:52:20.0811 4808 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:52:20.0814 4808 LSI_SAS2 - ok

16:52:20.0833 4808 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:52:20.0837 4808 LSI_SCSI - ok

16:52:20.0867 4808 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

16:52:20.0870 4808 luafv - ok

16:52:20.0922 4808 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

16:52:20.0927 4808 McComponentHostService - ok

16:52:20.0956 4808 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

16:52:20.0962 4808 Mcx2Svc - ok

16:52:20.0987 4808 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

16:52:20.0990 4808 megasas - ok

16:52:21.0012 4808 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

16:52:21.0019 4808 MegaSR - ok

16:52:21.0045 4808 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

16:52:21.0051 4808 MMCSS - ok

16:52:21.0063 4808 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

16:52:21.0065 4808 Modem - ok

16:52:21.0093 4808 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

16:52:21.0095 4808 monitor - ok

16:52:21.0121 4808 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

16:52:21.0123 4808 mouclass - ok

16:52:21.0139 4808 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

16:52:21.0141 4808 mouhid - ok

16:52:21.0179 4808 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

16:52:21.0182 4808 mountmgr - ok

16:52:21.0199 4808 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

16:52:21.0204 4808 mpio - ok

16:52:21.0237 4808 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

16:52:21.0240 4808 mpsdrv - ok

16:52:21.0289 4808 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

16:52:21.0306 4808 MpsSvc - ok

16:52:21.0338 4808 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

16:52:21.0342 4808 MRxDAV - ok

16:52:21.0371 4808 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

16:52:21.0375 4808 mrxsmb - ok

16:52:21.0411 4808 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:52:21.0417 4808 mrxsmb10 - ok

16:52:21.0451 4808 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:52:21.0455 4808 mrxsmb20 - ok

16:52:21.0474 4808 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

16:52:21.0477 4808 msahci - ok

16:52:21.0514 4808 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

16:52:21.0518 4808 msdsm - ok

16:52:21.0554 4808 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

16:52:21.0561 4808 MSDTC - ok

16:52:21.0589 4808 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

16:52:21.0592 4808 Msfs - ok

16:52:21.0604 4808 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

16:52:21.0606 4808 mshidkmdf - ok

16:52:21.0636 4808 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

16:52:21.0639 4808 msisadrv - ok

16:52:21.0676 4808 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

16:52:21.0682 4808 MSiSCSI - ok

16:52:21.0688 4808 msiserver - ok

16:52:21.0723 4808 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

16:52:21.0725 4808 MSKSSRV - ok

16:52:21.0743 4808 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

16:52:21.0745 4808 MSPCLOCK - ok

16:52:21.0753 4808 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

16:52:21.0755 4808 MSPQM - ok

16:52:21.0795 4808 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

16:52:21.0800 4808 MsRPC - ok

16:52:21.0828 4808 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

16:52:21.0830 4808 mssmbios - ok

16:52:21.0846 4808 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

16:52:21.0848 4808 MSTEE - ok

16:52:21.0858 4808 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

16:52:21.0860 4808 MTConfig - ok

16:52:21.0880 4808 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

16:52:21.0883 4808 Mup - ok

16:52:21.0928 4808 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

16:52:21.0939 4808 napagent - ok

16:52:21.0976 4808 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

16:52:21.0982 4808 NativeWifiP - ok

16:52:22.0020 4808 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

16:52:22.0033 4808 NDIS - ok

16:52:22.0057 4808 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

16:52:22.0059 4808 NdisCap - ok

16:52:22.0090 4808 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

16:52:22.0092 4808 NdisTapi - ok

16:52:22.0125 4808 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

16:52:22.0127 4808 Ndisuio - ok

16:52:22.0164 4808 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

16:52:22.0166 4808 NdisWan - ok

16:52:22.0200 4808 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

16:52:22.0202 4808 NDProxy - ok

16:52:22.0218 4808 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

16:52:22.0220 4808 NetBIOS - ok

16:52:22.0256 4808 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

16:52:22.0261 4808 NetBT - ok

16:52:22.0272 4808 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

16:52:22.0277 4808 Netlogon - ok

16:52:22.0339 4808 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

16:52:22.0350 4808 Netman - ok

16:52:22.0377 4808 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

16:52:22.0388 4808 netprofm - ok

16:52:22.0414 4808 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:52:22.0417 4808 NetTcpPortSharing - ok

16:52:22.0555 4808 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys

16:52:22.0643 4808 netw5v64 - ok

16:52:22.0670 4808 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

16:52:22.0673 4808 nfrd960 - ok

16:52:22.0713 4808 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

16:52:22.0722 4808 NlaSvc - ok

16:52:22.0753 4808 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

16:52:22.0755 4808 Npfs - ok

16:52:22.0787 4808 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

16:52:22.0793 4808 nsi - ok

16:52:22.0809 4808 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

16:52:22.0811 4808 nsiproxy - ok

16:52:22.0889 4808 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

16:52:22.0916 4808 Ntfs - ok

16:52:22.0934 4808 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

16:52:22.0936 4808 Null - ok

16:52:22.0971 4808 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

16:52:22.0975 4808 nvraid - ok

16:52:22.0992 4808 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

16:52:22.0997 4808 nvstor - ok

16:52:23.0026 4808 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

16:52:23.0029 4808 nv_agp - ok

16:52:23.0057 4808 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

16:52:23.0061 4808 ohci1394 - ok

16:52:23.0087 4808 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:52:23.0091 4808 ose - ok

16:52:23.0231 4808 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:52:23.0311 4808 osppsvc - ok

16:52:23.0340 4808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

16:52:23.0350 4808 p2pimsvc - ok

16:52:23.0371 4808 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

16:52:23.0383 4808 p2psvc - ok

16:52:23.0415 4808 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

16:52:23.0418 4808 Parport - ok

16:52:23.0456 4808 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

16:52:23.0459 4808 partmgr - ok

16:52:23.0473 4808 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

16:52:23.0482 4808 PcaSvc - ok

16:52:23.0513 4808 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

16:52:23.0515 4808 pccsmcfd - ok

16:52:23.0549 4808 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

16:52:23.0553 4808 pci - ok

16:52:23.0574 4808 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

16:52:23.0576 4808 pciide - ok

16:52:23.0612 4808 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

16:52:23.0617 4808 pcmcia - ok

16:52:23.0635 4808 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

16:52:23.0638 4808 pcw - ok

16:52:23.0664 4808 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

16:52:23.0673 4808 PEAUTH - ok

16:52:23.0754 4808 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

16:52:23.0759 4808 PerfHost - ok

16:52:23.0832 4808 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

16:52:23.0853 4808 pla - ok

16:52:23.0883 4808 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

16:52:23.0893 4808 PlugPlay - ok

16:52:23.0911 4808 PnkBstrA - ok

16:52:23.0933 4808 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

16:52:23.0938 4808 PNRPAutoReg - ok

16:52:23.0956 4808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

16:52:23.0963 4808 PNRPsvc - ok

16:52:23.0987 4808 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

16:52:23.0995 4808 PolicyAgent - ok

16:52:24.0026 4808 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

16:52:24.0033 4808 Power - ok

16:52:24.0076 4808 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

16:52:24.0079 4808 PptpMiniport - ok

16:52:24.0101 4808 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

16:52:24.0104 4808 Processor - ok

16:52:24.0138 4808 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

16:52:24.0145 4808 ProfSvc - ok

16:52:24.0163 4808 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

16:52:24.0167 4808 ProtectedStorage - ok

16:52:24.0204 4808 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

16:52:24.0207 4808 Psched - ok

16:52:24.0259 4808 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

16:52:24.0283 4808 ql2300 - ok

16:52:24.0309 4808 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

16:52:24.0313 4808 ql40xx - ok

16:52:24.0342 4808 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

16:52:24.0352 4808 QWAVE - ok

16:52:24.0368 4808 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

16:52:24.0370 4808 QWAVEdrv - ok

16:52:24.0390 4808 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

16:52:24.0392 4808 RasAcd - ok

16:52:24.0414 4808 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

16:52:24.0417 4808 RasAgileVpn - ok

16:52:24.0431 4808 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

16:52:24.0439 4808 RasAuto - ok

16:52:24.0470 4808 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

16:52:24.0474 4808 Rasl2tp - ok

16:52:24.0523 4808 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

16:52:24.0534 4808 RasMan - ok

16:52:24.0553 4808 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

16:52:24.0557 4808 RasPppoe - ok

16:52:24.0570 4808 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

16:52:24.0573 4808 RasSstp - ok

16:52:24.0613 4808 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

16:52:24.0620 4808 rdbss - ok

16:52:24.0636 4808 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

16:52:24.0639 4808 rdpbus - ok

16:52:24.0675 4808 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

16:52:24.0677 4808 RDPCDD - ok

16:52:24.0706 4808 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

16:52:24.0708 4808 RDPENCDD - ok

16:52:24.0722 4808 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

16:52:24.0724 4808 RDPREFMP - ok

16:52:24.0753 4808 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

16:52:24.0758 4808 RDPWD - ok

16:52:24.0800 4808 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

16:52:24.0806 4808 rdyboost - ok

16:52:24.0836 4808 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

16:52:24.0842 4808 RemoteAccess - ok

16:52:24.0868 4808 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

16:52:24.0877 4808 RemoteRegistry - ok

16:52:24.0931 4808 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

16:52:24.0935 4808 RichVideo - ok

16:52:24.0951 4808 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

16:52:24.0959 4808 RpcEptMapper - ok

16:52:24.0978 4808 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

16:52:24.0983 4808 RpcLocator - ok

16:52:25.0027 4808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

16:52:25.0039 4808 RpcSs - ok

16:52:25.0065 4808 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

16:52:25.0069 4808 rspndr - ok

16:52:25.0113 4808 [ 483DF0B58CA532E5240E59DC41F30AA2 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

16:52:25.0118 4808 RSUSBSTOR - ok

16:52:25.0155 4808 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

16:52:25.0164 4808 RTL8167 - ok

16:52:25.0214 4808 [ CE594045B2969F5FC3F77B824629AC7F ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys

16:52:25.0232 4808 rtl8192se - ok

16:52:25.0247 4808 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

16:52:25.0251 4808 SamSs - ok

16:52:25.0272 4808 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

16:52:25.0276 4808 sbp2port - ok

16:52:25.0304 4808 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

16:52:25.0314 4808 SCardSvr - ok

16:52:25.0345 4808 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

16:52:25.0348 4808 scfilter - ok

16:52:25.0401 4808 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

16:52:25.0422 4808 Schedule - ok

16:52:25.0452 4808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

16:52:25.0455 4808 SCPolicySvc - ok

16:52:25.0500 4808 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

16:52:25.0504 4808 sdbus - ok

16:52:25.0546 4808 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

16:52:25.0556 4808 SDRSVC - ok

16:52:25.0620 4808 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

16:52:25.0625 4808 SeaPort - ok

16:52:25.0652 4808 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

16:52:25.0654 4808 secdrv - ok

16:52:25.0689 4808 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

16:52:25.0696 4808 seclogon - ok

16:52:25.0724 4808 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

16:52:25.0732 4808 SENS - ok

16:52:25.0752 4808 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

16:52:25.0761 4808 SensrSvc - ok

16:52:25.0815 4808 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys

16:52:25.0820 4808 Sentinel64 - ok

16:52:25.0839 4808 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

16:52:25.0842 4808 Serenum - ok

16:52:25.0873 4808 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

16:52:25.0876 4808 Serial - ok

16:52:25.0908 4808 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

16:52:25.0910 4808 sermouse - ok

16:52:25.0961 4808 [ 3334DE016FDCDE5C98E30A405A72DD8D ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

16:52:25.0970 4808 ServiceLayer - ok

16:52:26.0020 4808 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

16:52:26.0028 4808 SessionEnv - ok

16:52:26.0055 4808 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

16:52:26.0057 4808 sffdisk - ok

16:52:26.0066 4808 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

16:52:26.0069 4808 sffp_mmc - ok

16:52:26.0084 4808 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

16:52:26.0087 4808 sffp_sd - ok

16:52:26.0100 4808 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

16:52:26.0102 4808 sfloppy - ok

16:52:26.0155 4808 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

16:52:26.0167 4808 Sftfs - ok

16:52:26.0228 4808 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

16:52:26.0236 4808 sftlist - ok

16:52:26.0256 4808 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

16:52:26.0261 4808 Sftplay - ok

16:52:26.0280 4808 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

16:52:26.0282 4808 Sftredir - ok

16:52:26.0317 4808 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

16:52:26.0319 4808 Sftvol - ok

16:52:26.0332 4808 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

16:52:26.0336 4808 sftvsa - ok

16:52:26.0369 4808 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

16:52:26.0378 4808 SharedAccess - ok

16:52:26.0418 4808 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

16:52:26.0429 4808 ShellHWDetection - ok

16:52:26.0458 4808 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:52:26.0461 4808 SiSRaid2 - ok

16:52:26.0487 4808 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

16:52:26.0490 4808 SiSRaid4 - ok

16:52:26.0530 4808 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

16:52:26.0533 4808 Smb - ok

16:52:26.0580 4808 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

16:52:26.0587 4808 SNMPTRAP - ok

16:52:26.0600 4808 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

16:52:26.0602 4808 spldr - ok

16:52:26.0644 4808 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

16:52:26.0658 4808 Spooler - ok

16:52:26.0758 4808 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

16:52:26.0812 4808 sppsvc - ok

16:52:26.0831 4808 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

16:52:26.0840 4808 sppuinotify - ok

16:52:26.0871 4808 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

16:52:26.0879 4808 srv - ok

16:52:26.0911 4808 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

16:52:26.0919 4808 srv2 - ok

16:52:26.0962 4808 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

16:52:26.0968 4808 SrvHsfHDA - ok

16:52:27.0006 4808 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

16:52:27.0027 4808 SrvHsfV92 - ok

16:52:27.0055 4808 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

16:52:27.0066 4808 SrvHsfWinac - ok

16:52:27.0088 4808 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

16:52:27.0092 4808 srvnet - ok

16:52:27.0121 4808 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

16:52:27.0131 4808 SSDPSRV - ok

16:52:27.0147 4808 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

16:52:27.0154 4808 SstpSvc - ok

16:52:27.0181 4808 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

16:52:27.0184 4808 stexstor - ok

16:52:27.0240 4808 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

16:52:27.0255 4808 stisvc - ok

16:52:27.0278 4808 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

16:52:27.0281 4808 swenum - ok

16:52:27.0304 4808 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

16:52:27.0318 4808 swprv - ok

16:52:27.0371 4808 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

16:52:27.0378 4808 SynTP - ok

16:52:27.0450 4808 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

16:52:27.0481 4808 SysMain - ok

16:52:27.0517 4808 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

16:52:27.0526 4808 TabletInputService - ok

16:52:27.0545 4808 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

16:52:27.0556 4808 TapiSrv - ok

16:52:27.0582 4808 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

16:52:27.0591 4808 TBS - ok

16:52:27.0668 4808 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

16:52:27.0692 4808 Tcpip - ok

16:52:27.0735 4808 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

16:52:27.0750 4808 TCPIP6 - ok

16:52:27.0782 4808 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

16:52:27.0784 4808 tcpipreg - ok

16:52:27.0815 4808 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

16:52:27.0817 4808 TDPIPE - ok

16:52:27.0850 4808 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

16:52:27.0853 4808 TDTCP - ok

16:52:27.0883 4808 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

16:52:27.0887 4808 tdx - ok

16:52:28.0096 4808 [ 4A84526076717F87F3E1AD24AB28FB5A ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

16:52:28.0133 4808 TeamViewer7 - ok

16:52:28.0160 4808 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

16:52:28.0163 4808 TermDD - ok

16:52:28.0209 4808 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

16:52:28.0225 4808 TermService - ok

16:52:28.0240 4808 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

16:52:28.0248 4808 Themes - ok

16:52:28.0278 4808 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

16:52:28.0284 4808 THREADORDER - ok

16:52:28.0301 4808 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

16:52:28.0310 4808 TrkWks - ok

16:52:28.0353 4808 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

16:52:28.0357 4808 TrustedInstaller - ok

16:52:28.0390 4808 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

16:52:28.0393 4808 tssecsrv - ok

16:52:28.0448 4808 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

16:52:28.0451 4808 TsUsbFlt - ok

16:52:28.0500 4808 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

16:52:28.0503 4808 tunnel - ok

16:52:28.0523 4808 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

16:52:28.0526 4808 uagp35 - ok

16:52:28.0571 4808 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

16:52:28.0577 4808 udfs - ok

16:52:28.0607 4808 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

16:52:28.0615 4808 UI0Detect - ok

16:52:28.0633 4808 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

16:52:28.0636 4808 uliagpkx - ok

16:52:28.0668 4808 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

16:52:28.0671 4808 umbus - ok

16:52:28.0692 4808 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

16:52:28.0695 4808 UmPass - ok

16:52:28.0731 4808 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

16:52:28.0743 4808 upnphost - ok

16:52:28.0778 4808 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

16:52:28.0781 4808 USBAAPL64 - ok

16:52:28.0799 4808 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

16:52:28.0803 4808 usbccgp - ok

16:52:28.0834 4808 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

16:52:28.0838 4808 usbcir - ok

16:52:28.0869 4808 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

16:52:28.0871 4808 usbehci - ok

16:52:28.0896 4808 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

16:52:28.0902 4808 usbhub - ok

16:52:28.0924 4808 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

16:52:28.0927 4808 usbohci - ok

16:52:28.0960 4808 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

16:52:28.0962 4808 usbprint - ok

16:52:28.0985 4808 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:52:28.0989 4808 USBSTOR - ok

16:52:29.0016 4808 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

16:52:29.0018 4808 usbuhci - ok

16:52:29.0034 4808 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

16:52:29.0042 4808 UxSms - ok

16:52:29.0055 4808 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

16:52:29.0060 4808 VaultSvc - ok

16:52:29.0097 4808 [ 0F1A9DC0B9CE1547BE8AB996543DFA4F ] VComm C:\Windows\system32\DRIVERS\VComm.sys

16:52:29.0100 4808 VComm - ok

16:52:29.0121 4808 [ 7FBAA98966BABB4901DEB47C2F84848A ] VcommMgr C:\Windows\system32\Drivers\VcommMgr.sys

16:52:29.0124 4808 VcommMgr - ok

16:52:29.0147 4808 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

16:52:29.0150 4808 vdrvroot - ok

16:52:29.0192 4808 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

16:52:29.0207 4808 vds - ok

16:52:29.0239 4808 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

16:52:29.0241 4808 vga - ok

16:52:29.0262 4808 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

16:52:29.0264 4808 VgaSave - ok

16:52:29.0301 4808 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

16:52:29.0306 4808 vhdmp - ok

16:52:29.0337 4808 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

16:52:29.0340 4808 viaide - ok

16:52:29.0386 4808 [ C6E18C3B43378AE3FCECDFF0F0BB7BE7 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

16:52:29.0388 4808 VMCService - ok

16:52:29.0410 4808 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

16:52:29.0414 4808 volmgr - ok

16:52:29.0449 4808 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

16:52:29.0456 4808 volmgrx - ok

16:52:29.0483 4808 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

16:52:29.0489 4808 volsnap - ok

16:52:29.0507 4808 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

16:52:29.0511 4808 vsmraid - ok

16:52:29.0572 4808 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

16:52:29.0602 4808 VSS - ok

16:52:29.0728 4808 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe

16:52:29.0742 4808 vToolbarUpdater12.2.0 - ok

16:52:29.0778 4808 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

16:52:29.0781 4808 vwifibus - ok

16:52:29.0810 4808 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

16:52:29.0813 4808 vwififlt - ok

16:52:29.0847 4808 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

16:52:29.0853 4808 vwifimp - ok

16:52:29.0879 4808 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

16:52:29.0891 4808 W32Time - ok

16:52:29.0917 4808 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

16:52:29.0919 4808 WacomPen - ok

16:52:29.0965 4808 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

16:52:29.0969 4808 WANARP - ok

16:52:29.0976 4808 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

16:52:29.0979 4808 Wanarpv6 - ok

16:52:30.0038 4808 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

16:52:30.0057 4808 WatAdminSvc - ok

16:52:30.0122 4808 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

16:52:30.0151 4808 wbengine - ok

16:52:30.0175 4808 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

16:52:30.0186 4808 WbioSrvc - ok

16:52:30.0224 4808 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

16:52:30.0237 4808 wcncsvc - ok

16:52:30.0268 4808 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

16:52:30.0277 4808 WcsPlugInService - ok

16:52:30.0302 4808 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

16:52:30.0304 4808 Wd - ok

16:52:30.0334 4808 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

16:52:30.0346 4808 Wdf01000 - ok

16:52:30.0366 4808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

16:52:30.0376 4808 WdiServiceHost - ok

16:52:30.0383 4808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

16:52:30.0391 4808 WdiSystemHost - ok

16:52:30.0427 4808 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

16:52:30.0438 4808 WebClient - ok

16:52:30.0456 4808 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

16:52:30.0467 4808 Wecsvc - ok

16:52:30.0486 4808 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

16:52:30.0495 4808 wercplsupport - ok

16:52:30.0520 4808 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

16:52:30.0529 4808 WerSvc - ok

16:52:30.0548 4808 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

16:52:30.0551 4808 WfpLwf - ok

16:52:30.0569 4808 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

16:52:30.0572 4808 WIMMount - ok

16:52:30.0600 4808 WinDefend - ok

16:52:30.0611 4808 WinHttpAutoProxySvc - ok

16:52:30.0656 4808 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

16:52:30.0661 4808 Winmgmt - ok

16:52:30.0733 4808 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

16:52:30.0769 4808 WinRM - ok

16:52:30.0816 4808 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

16:52:30.0819 4808 WinUsb - ok

16:52:30.0862 4808 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

16:52:30.0882 4808 Wlansvc - ok

16:52:30.0908 4808 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

16:52:30.0911 4808 WmiAcpi - ok

16:52:30.0935 4808 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

16:52:30.0940 4808 wmiApSrv - ok

16:52:30.0962 4808 WMPNetworkSvc - ok

16:52:30.0973 4808 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

16:52:30.0982 4808 WPCSvc - ok

16:52:31.0015 4808 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

16:52:31.0025 4808 WPDBusEnum - ok

16:52:31.0056 4808 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

16:52:31.0059 4808 ws2ifsl - ok

16:52:31.0079 4808 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

16:52:31.0088 4808 wscsvc - ok

16:52:31.0096 4808 WSearch - ok

16:52:31.0197 4808 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

16:52:31.0239 4808 wuauserv - ok

16:52:31.0271 4808 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

16:52:31.0275 4808 WudfPf - ok

16:52:31.0298 4808 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

16:52:31.0303 4808 WUDFRd - ok

16:52:31.0334 4808 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

16:52:31.0343 4808 wudfsvc - ok

16:52:31.0379 4808 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

16:52:31.0391 4808 WwanSvc - ok

16:52:31.0433 4808 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

16:52:31.0440 4808 yukonw7 - ok

16:52:31.0470 4808 ================ Scan global ===============================

16:52:31.0492 4808 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

16:52:31.0529 4808 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

16:52:31.0548 4808 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

16:52:31.0584 4808 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

16:52:31.0623 4808 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

16:52:31.0635 4808 [Global] - ok

16:52:31.0636 4808 ================ Scan MBR ==================================

16:52:31.0652 4808 [ 67E5DE8F1C8EA73507CD97D9559F6BEB ] \Device\Harddisk0\DR0

16:52:31.0826 4808 \Device\Harddisk0\DR0 - ok

16:52:31.0835 4808 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1

16:52:31.0845 4808 \Device\Harddisk1\DR1 - ok

16:52:31.0845 4808 ================ Scan VBR ==================================

16:52:31.0852 4808 [ 68D730BE363200DFBA41732AB5EFF34F ] \Device\Harddisk0\DR0\Partition1

16:52:31.0854 4808 \Device\Harddisk0\DR0\Partition1 - ok

16:52:31.0872 4808 [ 0687F773E885705CD119CBFD9EA4AB0C ] \Device\Harddisk0\DR0\Partition2

16:52:31.0874 4808 \Device\Harddisk0\DR0\Partition2 - ok

16:52:31.0906 4808 [ 6D6E2FFE8EEE5E72E457F29ACEC5E967 ] \Device\Harddisk0\DR0\Partition3

16:52:31.0908 4808 \Device\Harddisk0\DR0\Partition3 - ok

16:52:31.0930 4808 [ 5D166D7E24A9157A9A95525E4EB7E9E0 ] \Device\Harddisk0\DR0\Partition4

16:52:31.0931 4808 \Device\Harddisk0\DR0\Partition4 - ok

16:52:31.0943 4808 [ 99FC30CCE9D91C2A7AC0D4534D73E976 ] \Device\Harddisk1\DR1\Partition1

16:52:31.0945 4808 \Device\Harddisk1\DR1\Partition1 - ok

16:52:31.0946 4808 ============================================================

16:52:31.0946 4808 Scan finished

16:52:31.0946 4808 ============================================================

16:52:31.0967 2572 Detected object count: 0

16:52:31.0967 2572 Actual detected object count: 0