Ga naar inhoud

Trojan horse niet weg te krijgen?!

sunsu
 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Link naar reactie
Delen op andere sites
sunsu Leerling

sunsu

Geplaatst:
  • Auteur
Geplaatst:

Ok.. De vorige zijn weg blijkbaar, maar als ik nu terug antimalware opstart krijg ik opnieuw 3 nieuwe

Ik heb opnieuw TDSSKILLER opgestart maar nu was er niks te vinden terwijl antimalware wel iets vind

Hieronder vindt u de vorige log ( van de 3 files die ik niet kon vinden ) & de nieuwe antimalware log

TDSSkiller log:

21:16:37.0119 2496 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47

21:16:37.0207 2496 ============================================================

21:16:37.0207 2496 Current date / time: 2012/10/18 21:16:37.0207

21:16:37.0207 2496 SystemInfo:

21:16:37.0207 2496

21:16:37.0207 2496 OS Version: 6.1.7601 ServicePack: 1.0

21:16:37.0208 2496 Product type: Workstation

21:16:37.0208 2496 ComputerName: VANELVEN-PC

21:16:37.0208 2496 UserName: Van Elven

21:16:37.0208 2496 Windows directory: C:\Windows

21:16:37.0208 2496 System windows directory: C:\Windows

21:16:37.0208 2496 Running under WOW64

21:16:37.0208 2496 Processor architecture: Intel x64

21:16:37.0208 2496 Number of processors: 4

21:16:37.0208 2496 Page size: 0x1000

21:16:37.0208 2496 Boot type: Normal boot

21:16:37.0208 2496 ============================================================

21:16:41.0774 2496 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:16:41.0837 2496 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:16:41.0849 2496 ============================================================

21:16:41.0849 2496 \Device\Harddisk0\DR0:

21:16:41.0850 2496 MBR partitions:

21:16:41.0850 2496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000

21:16:41.0850 2496 \Device\Harddisk1\DR1:

21:16:41.0850 2496 MBR partitions:

21:16:41.0850 2496 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000

21:16:41.0850 2496 ============================================================

21:16:41.0856 2496 C: <-> \Device\Harddisk1\DR1\Partition1

21:16:41.0891 2496 F: <-> \Device\Harddisk0\DR0\Partition1

21:16:41.0892 2496 ============================================================

21:16:41.0892 2496 Initialize success

21:16:41.0892 2496 ============================================================

21:17:05.0202 5404 ============================================================

21:17:05.0202 5404 Scan started

21:17:05.0202 5404 Mode: Manual;

21:17:05.0202 5404 ============================================================

21:17:09.0192 5404 ================ Scan system memory ========================

21:17:09.0192 5404 System memory - ok

21:17:09.0193 5404 ================ Scan services =============================

21:17:09.0349 5404 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

21:17:09.0356 5404 1394ohci - ok

21:17:09.0421 5404 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

21:17:09.0429 5404 ACPI - ok

21:17:09.0449 5404 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

21:17:09.0454 5404 AcpiPmi - ok

21:17:09.0570 5404 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

21:17:09.0623 5404 AdobeFlashPlayerUpdateSvc - ok

21:17:09.0674 5404 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

21:17:09.0684 5404 adp94xx - ok

21:17:09.0728 5404 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

21:17:09.0737 5404 adpahci - ok

21:17:09.0763 5404 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

21:17:09.0770 5404 adpu320 - ok

21:17:09.0791 5404 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

21:17:09.0797 5404 AeLookupSvc - ok

21:17:09.0835 5404 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

21:17:09.0845 5404 AFD - ok

21:17:09.0888 5404 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

21:17:09.0894 5404 agp440 - ok

21:17:09.0935 5404 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

21:17:09.0941 5404 ALG - ok

21:17:09.0995 5404 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

21:17:10.0000 5404 aliide - ok

21:17:10.0042 5404 [ 833D43CFBAC21365D36CF797377457D9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

21:17:10.0049 5404 AMD External Events Utility - ok

21:17:10.0101 5404 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

21:17:10.0106 5404 amdide - ok

21:17:10.0134 5404 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

21:17:10.0139 5404 AmdK8 - ok

21:17:10.0383 5404 [ FAD670B417ADCCD9C99BC3AA3D754958 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

21:17:10.0639 5404 amdkmdag - ok

21:17:10.0717 5404 [ F0B63DEAD17F760DBC85CCD7BF978C05 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

21:17:10.0723 5404 amdkmdap - ok

21:17:10.0740 5404 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

21:17:10.0745 5404 AmdPPM - ok

21:17:10.0795 5404 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

21:17:10.0801 5404 amdsata - ok

21:17:10.0825 5404 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

21:17:10.0832 5404 amdsbs - ok

21:17:10.0860 5404 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

21:17:10.0865 5404 amdxata - ok

21:17:10.0894 5404 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys

21:17:10.0896 5404 amd_sata - ok

21:17:10.0902 5404 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys

21:17:10.0906 5404 amd_xata - ok

21:17:10.0948 5404 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

21:17:10.0954 5404 AppID - ok

21:17:10.0973 5404 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

21:17:10.0978 5404 AppIDSvc - ok

21:17:11.0015 5404 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

21:17:11.0020 5404 Appinfo - ok

21:17:11.0099 5404 [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:17:11.0118 5404 Apple Mobile Device - ok

21:17:11.0183 5404 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

21:17:11.0188 5404 arc - ok

21:17:11.0207 5404 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

21:17:11.0213 5404 arcsas - ok

21:17:11.0254 5404 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

21:17:11.0258 5404 AsyncMac - ok

21:17:11.0316 5404 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

21:17:11.0320 5404 atapi - ok

21:17:11.0359 5404 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

21:17:11.0364 5404 AtiHDAudioService - ok

21:17:11.0423 5404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:17:11.0435 5404 AudioEndpointBuilder - ok

21:17:11.0447 5404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

21:17:11.0454 5404 AudioSrv - ok

21:17:11.0489 5404 AVFSFilter - ok

21:17:11.0547 5404 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

21:17:11.0552 5404 AxInstSV - ok

21:17:11.0598 5404 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

21:17:11.0608 5404 b06bdrv - ok

21:17:11.0651 5404 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

21:17:11.0658 5404 b57nd60a - ok

21:17:11.0788 5404 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

21:17:11.0830 5404 BCM43XX - ok

21:17:11.0878 5404 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

21:17:11.0883 5404 BDESVC - ok

21:17:11.0916 5404 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

21:17:11.0920 5404 Beep - ok

21:17:11.0987 5404 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

21:17:11.0992 5404 blbdrive - ok

21:17:12.0067 5404 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe

21:17:12.0156 5404 Bonjour Service - ok

21:17:12.0183 5404 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

21:17:12.0188 5404 bowser - ok

21:17:12.0209 5404 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:17:12.0214 5404 BrFiltLo - ok

21:17:12.0226 5404 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:17:12.0231 5404 BrFiltUp - ok

21:17:12.0268 5404 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

21:17:12.0274 5404 Browser - ok

21:17:12.0309 5404 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

21:17:12.0318 5404 Brserid - ok

21:17:12.0339 5404 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

21:17:12.0345 5404 BrSerWdm - ok

21:17:12.0360 5404 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

21:17:12.0364 5404 BrUsbMdm - ok

21:17:12.0371 5404 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

21:17:12.0377 5404 BrUsbSer - ok

21:17:12.0446 5404 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

21:17:12.0451 5404 BthEnum - ok

21:17:12.0476 5404 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

21:17:12.0481 5404 BTHMODEM - ok

21:17:12.0518 5404 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

21:17:12.0523 5404 BthPan - ok

21:17:12.0592 5404 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

21:17:12.0603 5404 BTHPORT - ok

21:17:12.0647 5404 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

21:17:12.0652 5404 bthserv - ok

21:17:12.0696 5404 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

21:17:12.0701 5404 BTHUSB - ok

21:17:12.0742 5404 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

21:17:12.0748 5404 cdfs - ok

21:17:12.0796 5404 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

21:17:12.0803 5404 cdrom - ok

21:17:12.0841 5404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

21:17:12.0846 5404 CertPropSvc - ok

21:17:12.0880 5404 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

21:17:12.0886 5404 circlass - ok

21:17:12.0916 5404 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

21:17:12.0926 5404 CLFS - ok

21:17:12.0993 5404 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:17:13.0017 5404 clr_optimization_v2.0.50727_32 - ok

21:17:13.0089 5404 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:17:13.0096 5404 clr_optimization_v2.0.50727_64 - ok

21:17:13.0192 5404 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:17:13.0289 5404 clr_optimization_v4.0.30319_32 - ok

21:17:13.0348 5404 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:17:13.0355 5404 clr_optimization_v4.0.30319_64 - ok

21:17:13.0418 5404 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

21:17:13.0418 5404 CmBatt - ok

21:17:13.0458 5404 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

21:17:13.0468 5404 cmdide - ok

21:17:13.0528 5404 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

21:17:13.0538 5404 CNG - ok

21:17:13.0649 5404 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

21:17:13.0649 5404 Compbatt - ok

21:17:13.0669 5404 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

21:17:13.0679 5404 CompositeBus - ok

21:17:13.0699 5404 COMSysApp - ok

21:17:13.0739 5404 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

21:17:13.0739 5404 crcdisk - ok

21:17:13.0799 5404 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

21:17:13.0809 5404 CryptSvc - ok

21:17:13.0909 5404 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

21:17:13.0949 5404 cvhsvc - ok

21:17:14.0009 5404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

21:17:14.0019 5404 DcomLaunch - ok

21:17:14.0049 5404 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

21:17:14.0059 5404 defragsvc - ok

21:17:14.0109 5404 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

21:17:14.0109 5404 DfsC - ok

21:17:14.0159 5404 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

21:17:14.0169 5404 Dhcp - ok

21:17:14.0189 5404 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

21:17:14.0189 5404 discache - ok

21:17:14.0199 5404 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

21:17:14.0209 5404 Disk - ok

21:17:14.0229 5404 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

21:17:14.0239 5404 Dnscache - ok

21:17:14.0269 5404 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

21:17:14.0279 5404 dot3svc - ok

21:17:14.0319 5404 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

21:17:14.0329 5404 DPS - ok

21:17:14.0359 5404 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

21:17:14.0369 5404 drmkaud - ok

21:17:14.0419 5404 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

21:17:14.0429 5404 DXGKrnl - ok

21:17:14.0459 5404 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

21:17:14.0469 5404 EapHost - ok

21:17:14.0539 5404 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

21:17:14.0629 5404 ebdrv - ok

21:17:14.0649 5404 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

21:17:14.0659 5404 EFS - ok

21:17:14.0739 5404 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

21:17:14.0749 5404 ehRecvr - ok

21:17:14.0789 5404 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

21:17:14.0799 5404 ehSched - ok

21:17:14.0889 5404 [ 7C806706FACC0B6413CA2E529F995629 ] eLoggerSvc6 C:\Program Files\Norman\Npm\Bin\elogsvc.exe

21:17:14.0919 5404 eLoggerSvc6 - ok

21:17:14.0959 5404 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

21:17:14.0969 5404 elxstor - ok

21:17:14.0989 5404 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

21:17:14.0989 5404 ErrDev - ok

21:17:15.0049 5404 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

21:17:15.0049 5404 EventSystem - ok

21:17:15.0069 5404 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

21:17:15.0079 5404 exfat - ok

21:17:15.0099 5404 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

21:17:15.0109 5404 fastfat - ok

21:17:15.0159 5404 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

21:17:15.0169 5404 Fax - ok

21:17:15.0209 5404 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

21:17:15.0219 5404 fdc - ok

21:17:15.0279 5404 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

21:17:15.0289 5404 fdPHost - ok

21:17:15.0319 5404 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

21:17:15.0319 5404 FDResPub - ok

21:17:15.0369 5404 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

21:17:15.0369 5404 FileInfo - ok

21:17:15.0399 5404 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

21:17:15.0399 5404 Filetrace - ok

21:17:15.0439 5404 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

21:17:15.0449 5404 flpydisk - ok

21:17:15.0529 5404 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

21:17:15.0539 5404 FltMgr - ok

21:17:15.0599 5404 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

21:17:15.0629 5404 FontCache - ok

21:17:15.0679 5404 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:17:15.0699 5404 FontCache3.0.0.0 - ok

21:17:15.0719 5404 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

21:17:15.0729 5404 FsDepends - ok

21:17:15.0759 5404 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

21:17:15.0759 5404 Fs_Rec - ok

21:17:15.0809 5404 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

21:17:15.0819 5404 fvevol - ok

21:17:15.0859 5404 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

21:17:15.0869 5404 gagp30kx - ok

21:17:15.0909 5404 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:17:15.0909 5404 GEARAspiWDM - ok

21:17:15.0949 5404 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

21:17:15.0969 5404 gpsvc - ok

21:17:16.0089 5404 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:17:16.0089 5404 gupdate - ok

21:17:16.0099 5404 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:17:16.0099 5404 gupdatem - ok

21:17:16.0159 5404 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

21:17:16.0199 5404 gusvc - ok

21:17:16.0249 5404 [ ADB4348DA1345877B04E22203AFC8993 ] hcmon C:\Windows\system32\drivers\hcmon.sys

21:17:16.0249 5404 hcmon - ok

21:17:16.0279 5404 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

21:17:16.0279 5404 hcw85cir - ok

21:17:16.0329 5404 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

21:17:16.0329 5404 HdAudAddService - ok

21:17:16.0359 5404 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

21:17:16.0369 5404 HDAudBus - ok

21:17:16.0369 5404 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

21:17:16.0379 5404 HidBatt - ok

21:17:16.0389 5404 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

21:17:16.0389 5404 HidBth - ok

21:17:16.0409 5404 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

21:17:16.0419 5404 HidIr - ok

21:17:16.0439 5404 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

21:17:16.0439 5404 hidserv - ok

21:17:16.0499 5404 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

21:17:16.0499 5404 HidUsb - ok

21:17:16.0549 5404 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

21:17:16.0549 5404 hkmsvc - ok

21:17:16.0589 5404 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

21:17:16.0609 5404 HomeGroupListener - ok

21:17:16.0649 5404 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

21:17:16.0659 5404 HomeGroupProvider - ok

21:17:16.0689 5404 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

21:17:16.0699 5404 HpSAMD - ok

21:17:16.0749 5404 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

21:17:16.0769 5404 HTTP - ok

21:17:16.0809 5404 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

21:17:16.0809 5404 hwpolicy - ok

21:17:16.0859 5404 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

21:17:16.0859 5404 i8042prt - ok

21:17:16.0889 5404 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

21:17:16.0899 5404 iaStorV - ok

21:17:16.0949 5404 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:17:16.0969 5404 idsvc - ok

21:17:17.0009 5404 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

21:17:17.0009 5404 iirsp - ok

21:17:17.0069 5404 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

21:17:17.0079 5404 IKEEXT - ok

21:17:17.0189 5404 [ 59B0BBA422F04467E8C89B7CE6AE95E1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

21:17:17.0209 5404 IntcAzAudAddService - ok

21:17:17.0229 5404 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

21:17:17.0239 5404 intelide - ok

21:17:17.0279 5404 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

21:17:17.0279 5404 intelppm - ok

21:17:17.0339 5404 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

21:17:17.0349 5404 IPBusEnum - ok

21:17:17.0429 5404 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:17:17.0439 5404 IpFilterDriver - ok

21:17:17.0479 5404 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

21:17:17.0489 5404 IPMIDRV - ok

21:17:17.0519 5404 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

21:17:17.0529 5404 IPNAT - ok

21:17:17.0569 5404 [ 3D62FE4FEFE9C67DAFEC52B534DFA1FB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

21:17:17.0579 5404 iPod Service - ok

21:17:17.0629 5404 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

21:17:17.0629 5404 IRENUM - ok

21:17:17.0689 5404 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

21:17:17.0689 5404 isapnp - ok

21:17:17.0719 5404 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

21:17:17.0719 5404 iScsiPrt - ok

21:17:17.0749 5404 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

21:17:17.0749 5404 kbdclass - ok

21:17:17.0789 5404 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

21:17:17.0799 5404 kbdhid - ok

21:17:17.0809 5404 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

21:17:17.0809 5404 KeyIso - ok

21:17:17.0839 5404 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

21:17:17.0849 5404 KSecDD - ok

21:17:17.0889 5404 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

21:17:17.0889 5404 KSecPkg - ok

21:17:17.0929 5404 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

21:17:17.0929 5404 ksthunk - ok

21:17:17.0969 5404 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

21:17:17.0979 5404 KtmRm - ok

21:17:18.0019 5404 [ 173666119D217E3739205C169E2BF0E5 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys

21:17:18.0029 5404 L1C - ok

21:17:18.0109 5404 [ 850605760E2EEB8A3F430A560AD46886 ] LaCieDesktopManagerService C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe

21:17:18.0139 5404 LaCieDesktopManagerService - ok

21:17:18.0199 5404 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

21:17:18.0209 5404 LanmanServer - ok

21:17:18.0249 5404 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:17:18.0259 5404 LanmanWorkstation - ok

21:17:18.0289 5404 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

21:17:18.0299 5404 lltdio - ok

21:17:18.0319 5404 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

21:17:18.0329 5404 lltdsvc - ok

21:17:18.0349 5404 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

21:17:18.0359 5404 lmhosts - ok

21:17:18.0369 5404 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

21:17:18.0379 5404 LSI_FC - ok

21:17:18.0389 5404 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

21:17:18.0399 5404 LSI_SAS - ok

21:17:18.0409 5404 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:17:18.0419 5404 LSI_SAS2 - ok

21:17:18.0429 5404 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:17:18.0439 5404 LSI_SCSI - ok

21:17:18.0609 5404 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

21:17:18.0619 5404 luafv - ok

21:17:18.0689 5404 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

21:17:18.0699 5404 Mcx2Svc - ok

21:17:18.0719 5404 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

21:17:18.0729 5404 megasas - ok

21:17:18.0769 5404 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

21:17:18.0779 5404 MegaSR - ok

21:17:18.0809 5404 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

21:17:18.0819 5404 MMCSS - ok

21:17:18.0829 5404 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

21:17:18.0839 5404 Modem - ok

21:17:18.0879 5404 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

21:17:18.0889 5404 monitor - ok

21:17:18.0929 5404 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

21:17:18.0939 5404 mouclass - ok

21:17:18.0969 5404 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

21:17:18.0979 5404 mouhid - ok

21:17:19.0019 5404 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

21:17:19.0029 5404 mountmgr - ok

21:17:19.0089 5404 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

21:17:19.0149 5404 MozillaMaintenance - ok

21:17:19.0179 5404 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

21:17:19.0189 5404 mpio - ok

21:17:19.0219 5404 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

21:17:19.0219 5404 mpsdrv - ok

21:17:19.0259 5404 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

21:17:19.0259 5404 MRxDAV - ok

21:17:19.0289 5404 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

21:17:19.0299 5404 mrxsmb - ok

21:17:19.0309 5404 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:17:19.0319 5404 mrxsmb10 - ok

21:17:19.0329 5404 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:17:19.0339 5404 mrxsmb20 - ok

21:17:19.0379 5404 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

21:17:19.0389 5404 msahci - ok

21:17:19.0429 5404 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

21:17:19.0429 5404 msdsm - ok

21:17:19.0449 5404 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

21:17:19.0459 5404 MSDTC - ok

21:17:19.0489 5404 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

21:17:19.0489 5404 Msfs - ok

21:17:19.0509 5404 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

21:17:19.0519 5404 mshidkmdf - ok

21:17:19.0559 5404 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

21:17:19.0559 5404 msisadrv - ok

21:17:19.0599 5404 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

21:17:19.0609 5404 MSiSCSI - ok

21:17:19.0609 5404 msiserver - ok

21:17:19.0639 5404 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

21:17:19.0649 5404 MSKSSRV - ok

21:17:19.0649 5404 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

21:17:19.0659 5404 MSPCLOCK - ok

21:17:19.0669 5404 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

21:17:19.0679 5404 MSPQM - ok

21:17:19.0719 5404 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

21:17:19.0729 5404 MsRPC - ok

21:17:19.0769 5404 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

21:17:19.0779 5404 mssmbios - ok

21:17:19.0809 5404 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

21:17:19.0819 5404 MSTEE - ok

21:17:19.0819 5404 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

21:17:19.0829 5404 MTConfig - ok

21:17:19.0849 5404 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

21:17:19.0859 5404 Mup - ok

21:17:19.0899 5404 MySQL - ok

21:17:19.0939 5404 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

21:17:19.0949 5404 napagent - ok

21:17:19.0979 5404 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

21:17:19.0989 5404 NativeWifiP - ok

21:17:20.0049 5404 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

21:17:20.0059 5404 NDIS - ok

21:17:20.0079 5404 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

21:17:20.0089 5404 NdisCap - ok

21:17:20.0119 5404 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

21:17:20.0119 5404 NdisTapi - ok

21:17:20.0169 5404 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

21:17:20.0169 5404 Ndisuio - ok

21:17:20.0209 5404 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

21:17:20.0219 5404 NdisWan - ok

21:17:20.0269 5404 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

21:17:20.0269 5404 NDProxy - ok

21:17:20.0389 5404 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

21:17:20.0609 5404 Nero BackItUp Scheduler 3 - ok

21:17:20.0659 5404 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

21:17:20.0669 5404 NetBIOS - ok

21:17:20.0699 5404 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

21:17:20.0709 5404 NetBT - ok

21:17:20.0719 5404 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

21:17:20.0719 5404 Netlogon - ok

21:17:20.0759 5404 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

21:17:20.0769 5404 Netman - ok

21:17:20.0779 5404 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

21:17:20.0789 5404 netprofm - ok

21:17:20.0809 5404 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:17:20.0829 5404 NetTcpPortSharing - ok

21:17:20.0859 5404 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

21:17:20.0859 5404 nfrd960 - ok

21:17:20.0909 5404 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

21:17:20.0919 5404 NlaSvc - ok

21:17:20.0979 5404 [ 1BEF5464C06F4AF0C704378824C52ADB ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

21:17:21.0049 5404 NMIndexingService - ok

21:17:21.0099 5404 [ E4F0E28699CC2AD33D74B9B268475937 ] Norman NJeeves C:\Program Files\Norman\Npm\Bin\Njeeves.exe

21:17:21.0199 5404 Norman NJeeves - ok

21:17:21.0229 5404 [ 61C066F3CD34F45546B5405784FDA8BC ] Norman ZANDA C:\Program Files\Norman\Npm\Bin\Zanda.exe

21:17:21.0309 5404 Norman ZANDA - ok

21:17:21.0349 5404 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

21:17:21.0349 5404 Npfs - ok

21:17:21.0379 5404 npggsvc - ok

21:17:21.0449 5404 [ D2679E424A8F19BA6D0865C182FD73D8 ] nsesvc C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

21:17:21.0589 5404 nsesvc - ok

21:17:21.0609 5404 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

21:17:21.0619 5404 nsi - ok

21:17:21.0629 5404 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

21:17:21.0629 5404 nsiproxy - ok

21:17:21.0689 5404 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

21:17:21.0719 5404 Ntfs - ok

21:17:21.0749 5404 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

21:17:21.0749 5404 Null - ok

21:17:21.0799 5404 [ 39C45EFE8F5E3DBAF0756B3B9425971E ] NvcMFlt C:\Windows\system32\DRIVERS\nvcv64mf.sys

21:17:21.0799 5404 NvcMFlt - ok

21:17:21.0849 5404 [ A53CF930FAD80C762516B52D2C0CD18B ] nvcoas C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

21:17:21.0909 5404 nvcoas - ok

21:17:21.0919 5404 [ 24F599A3696F76A881386656CE43DA49 ] NVOY C:\Program Files\Norman\npm\bin\nvoy.exe

21:17:21.0949 5404 NVOY - ok

21:17:21.0959 5404 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

21:17:21.0969 5404 nvraid - ok

21:17:22.0009 5404 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

21:17:22.0009 5404 nvstor - ok

21:17:22.0049 5404 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

21:17:22.0049 5404 nv_agp - ok

21:17:22.0069 5404 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

21:17:22.0069 5404 ohci1394 - ok

21:17:22.0109 5404 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:17:22.0129 5404 ose - ok

21:17:22.0239 5404 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:17:22.0339 5404 osppsvc - ok

21:17:22.0399 5404 [ DAF5D6B1696D42140839CD557336EFC8 ] OXSDIDRV_x64 C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys

21:17:22.0409 5404 OXSDIDRV_x64 - ok

21:17:22.0429 5404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

21:17:22.0439 5404 p2pimsvc - ok

21:17:22.0459 5404 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

21:17:22.0469 5404 p2psvc - ok

21:17:22.0509 5404 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

21:17:22.0509 5404 Parport - ok

21:17:22.0549 5404 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

21:17:22.0549 5404 partmgr - ok

21:17:22.0589 5404 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

21:17:22.0599 5404 PcaSvc - ok

21:17:22.0639 5404 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

21:17:22.0649 5404 pci - ok

21:17:22.0679 5404 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

21:17:22.0689 5404 pciide - ok

21:17:22.0719 5404 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

21:17:22.0719 5404 pcmcia - ok

21:17:22.0749 5404 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

21:17:22.0749 5404 pcw - ok

21:17:22.0779 5404 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

21:17:22.0789 5404 PEAUTH - ok

21:17:22.0859 5404 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

21:17:22.0879 5404 PerfHost - ok

21:17:22.0939 5404 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

21:17:22.0969 5404 pla - ok

21:17:23.0009 5404 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

21:17:23.0019 5404 PlugPlay - ok

21:17:23.0039 5404 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

21:17:23.0049 5404 PNRPAutoReg - ok

21:17:23.0069 5404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

21:17:23.0069 5404 PNRPsvc - ok

21:17:23.0109 5404 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

21:17:23.0119 5404 PolicyAgent - ok

21:17:23.0159 5404 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

21:17:23.0169 5404 Power - ok

21:17:23.0229 5404 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

21:17:23.0239 5404 PptpMiniport - ok

21:17:23.0249 5404 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

21:17:23.0259 5404 Processor - ok

21:17:23.0309 5404 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

21:17:23.0319 5404 ProfSvc - ok

21:17:23.0329 5404 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

21:17:23.0329 5404 ProtectedStorage - ok

21:17:23.0389 5404 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

21:17:23.0399 5404 Psched - ok

21:17:23.0459 5404 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

21:17:23.0479 5404 ql2300 - ok

21:17:23.0495 5404 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

21:17:23.0510 5404 ql40xx - ok

21:17:23.0541 5404 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

21:17:23.0541 5404 QWAVE - ok

21:17:23.0557 5404 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

21:17:23.0573 5404 QWAVEdrv - ok

21:17:23.0604 5404 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

21:17:23.0604 5404 RasAcd - ok

21:17:23.0651 5404 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

21:17:23.0666 5404 RasAgileVpn - ok

21:17:23.0713 5404 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

21:17:23.0729 5404 RasAuto - ok

21:17:23.0760 5404 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

21:17:23.0775 5404 Rasl2tp - ok

21:17:23.0791 5404 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

21:17:23.0791 5404 RasMan - ok

21:17:23.0838 5404 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

21:17:23.0838 5404 RasPppoe - ok

21:17:23.0869 5404 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

21:17:23.0893 5404 RasSstp - ok

21:17:23.0950 5404 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

21:17:23.0958 5404 rdbss - ok

21:17:23.0993 5404 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

21:17:23.0998 5404 rdpbus - ok

21:17:24.0008 5404 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

21:17:24.0013 5404 RDPCDD - ok

21:17:24.0027 5404 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

21:17:24.0031 5404 RDPENCDD - ok

21:17:24.0040 5404 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

21:17:24.0044 5404 RDPREFMP - ok

21:17:24.0071 5404 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

21:17:24.0078 5404 RDPWD - ok

21:17:24.0120 5404 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

21:17:24.0127 5404 rdyboost - ok

21:17:24.0167 5404 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

21:17:24.0173 5404 RemoteAccess - ok

21:17:24.0204 5404 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

21:17:24.0212 5404 RemoteRegistry - ok

21:17:24.0251 5404 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

21:17:24.0257 5404 RFCOMM - ok

21:17:24.0294 5404 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

21:17:24.0300 5404 RpcEptMapper - ok

21:17:24.0330 5404 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

21:17:24.0335 5404 RpcLocator - ok

21:17:24.0377 5404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

21:17:24.0377 5404 RpcSs - ok

21:17:24.0408 5404 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

21:17:24.0424 5404 rspndr - ok

21:17:24.0470 5404 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

21:17:24.0470 5404 RSUSBSTOR - ok

21:17:24.0486 5404 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

21:17:24.0486 5404 SamSs - ok

21:17:24.0533 5404 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

21:17:24.0533 5404 sbp2port - ok

21:17:24.0564 5404 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

21:17:24.0564 5404 SCardSvr - ok

21:17:24.0595 5404 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

21:17:24.0611 5404 scfilter - ok

21:17:24.0658 5404 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

21:17:24.0673 5404 Schedule - ok

21:17:24.0736 5404 [ F67943EC04413C48CC44D37D86D354E2 ] Scheduler C:\Program Files\Norman\Npm\Bin\scheduler.exe

21:17:24.0736 5404 Scheduler - ok

21:17:24.0767 5404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

21:17:24.0767 5404 SCPolicySvc - ok

21:17:24.0798 5404 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

21:17:24.0814 5404 SDRSVC - ok

21:17:24.0845 5404 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

21:17:24.0845 5404 secdrv - ok

21:17:24.0860 5404 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

21:17:24.0876 5404 seclogon - ok

21:17:24.0892 5404 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

21:17:24.0892 5404 SENS - ok

21:17:24.0923 5404 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

21:17:24.0923 5404 SensrSvc - ok

21:17:24.0954 5404 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

21:17:24.0954 5404 Serenum - ok

21:17:24.0970 5404 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

21:17:24.0985 5404 Serial - ok

21:17:25.0016 5404 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

21:17:25.0016 5404 sermouse - ok

21:17:25.0063 5404 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

21:17:25.0063 5404 SessionEnv - ok

21:17:25.0094 5404 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

21:17:25.0110 5404 sffdisk - ok

21:17:25.0126 5404 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

21:17:25.0141 5404 sffp_mmc - ok

21:17:25.0172 5404 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

21:17:25.0188 5404 sffp_sd - ok

21:17:25.0250 5404 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

21:17:25.0250 5404 sfloppy - ok

21:17:25.0344 5404 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

21:17:25.0360 5404 Sftfs - ok

21:17:25.0453 5404 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

21:17:25.0531 5404 sftlist - ok

21:17:25.0547 5404 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

21:17:25.0547 5404 Sftplay - ok

21:17:25.0562 5404 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

21:17:25.0578 5404 Sftredir - ok

21:17:25.0609 5404 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

21:17:25.0609 5404 Sftvol - ok

21:17:25.0640 5404 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

21:17:25.0718 5404 sftvsa - ok

21:17:25.0765 5404 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:17:25.0781 5404 ShellHWDetection - ok

21:17:25.0796 5404 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:17:25.0796 5404 SiSRaid2 - ok

21:17:25.0828 5404 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

21:17:25.0828 5404 SiSRaid4 - ok

21:17:25.0859 5404 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

21:17:25.0859 5404 Smb - ok

21:17:25.0890 5404 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

21:17:25.0906 5404 SNMPTRAP - ok

21:17:25.0921 5404 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

21:17:25.0921 5404 spldr - ok

21:17:25.0968 5404 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

21:17:25.0984 5404 Spooler - ok

21:17:26.0077 5404 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

21:17:26.0186 5404 sppsvc - ok

21:17:26.0218 5404 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

21:17:26.0233 5404 sppuinotify - ok

21:17:26.0249 5404 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

21:17:26.0264 5404 srv - ok

21:17:26.0280 5404 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

21:17:26.0296 5404 srv2 - ok

21:17:26.0311 5404 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

21:17:26.0327 5404 srvnet - ok

21:17:26.0342 5404 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

21:17:26.0358 5404 SSDPSRV - ok

21:17:26.0374 5404 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

21:17:26.0374 5404 SstpSvc - ok

21:17:26.0405 5404 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

21:17:26.0405 5404 stexstor - ok

21:17:26.0452 5404 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

21:17:26.0467 5404 stisvc - ok

21:17:26.0498 5404 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

21:17:26.0498 5404 swenum - ok

21:17:26.0592 5404 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

21:17:26.0592 5404 SwitchBoard - ok

21:17:26.0623 5404 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

21:17:26.0639 5404 swprv - ok

21:17:26.0717 5404 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

21:17:26.0732 5404 SysMain - ok

21:17:26.0764 5404 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:17:26.0779 5404 TabletInputService - ok

21:17:26.0795 5404 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

21:17:26.0795 5404 TapiSrv - ok

21:17:26.0826 5404 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

21:17:26.0842 5404 TBS - ok

21:17:26.0904 5404 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

21:17:26.0935 5404 Tcpip - ok

21:17:26.0982 5404 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

21:17:26.0998 5404 TCPIP6 - ok

21:17:27.0029 5404 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

21:17:27.0044 5404 tcpipreg - ok

21:17:27.0076 5404 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

21:17:27.0091 5404 TDPIPE - ok

21:17:27.0107 5404 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

21:17:27.0122 5404 TDTCP - ok

21:17:27.0169 5404 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

21:17:27.0185 5404 tdx - ok

21:17:27.0232 5404 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

21:17:27.0232 5404 TermDD - ok

21:17:27.0278 5404 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

21:17:27.0294 5404 TermService - ok

21:17:27.0341 5404 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

21:17:27.0356 5404 Themes - ok

21:17:27.0419 5404 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

21:17:27.0419 5404 THREADORDER - ok

21:17:27.0434 5404 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

21:17:27.0450 5404 TrkWks - ok

21:17:27.0512 5404 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:17:27.0528 5404 TrustedInstaller - ok

21:17:27.0559 5404 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

21:17:27.0575 5404 tssecsrv - ok

21:17:27.0622 5404 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

21:17:27.0637 5404 TsUsbFlt - ok

21:17:27.0684 5404 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

21:17:27.0700 5404 tunnel - ok

21:17:27.0731 5404 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

21:17:27.0746 5404 uagp35 - ok

21:17:27.0793 5404 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

21:17:27.0809 5404 udfs - ok

21:17:27.0840 5404 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

21:17:27.0856 5404 UI0Detect - ok

21:17:27.0887 5404 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

21:17:27.0887 5404 uliagpkx - ok

21:17:27.0934 5404 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

21:17:27.0949 5404 umbus - ok

21:17:27.0980 5404 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

21:17:27.0980 5404 UmPass - ok

21:17:28.0027 5404 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

21:17:28.0043 5404 upnphost - ok

21:17:28.0090 5404 [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

21:17:28.0090 5404 USBAAPL64 - ok

21:17:28.0136 5404 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

21:17:28.0152 5404 usbccgp - ok

21:17:28.0168 5404 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

21:17:28.0168 5404 usbcir - ok

21:17:28.0199 5404 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

21:17:28.0214 5404 usbehci - ok

21:17:28.0246 5404 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

21:17:28.0246 5404 usbfilter - ok

21:17:28.0261 5404 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

21:17:28.0261 5404 usbhub - ok

21:17:28.0308 5404 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

21:17:28.0308 5404 usbohci - ok

21:17:28.0339 5404 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

21:17:28.0339 5404 usbprint - ok

21:17:28.0370 5404 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:17:28.0370 5404 USBSTOR - ok

21:17:28.0402 5404 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

21:17:28.0402 5404 usbuhci - ok

21:17:28.0433 5404 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

21:17:28.0448 5404 usbvideo - ok

21:17:28.0480 5404 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

21:17:28.0480 5404 UxSms - ok

21:17:28.0511 5404 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

21:17:28.0511 5404 VaultSvc - ok

21:17:28.0526 5404 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

21:17:28.0526 5404 vdrvroot - ok

21:17:28.0573 5404 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

21:17:28.0589 5404 vds - ok

21:17:28.0620 5404 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

21:17:28.0620 5404 vga - ok

21:17:28.0651 5404 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

21:17:28.0651 5404 VgaSave - ok

21:17:28.0698 5404 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

21:17:28.0714 5404 vhdmp - ok

21:17:28.0854 5404 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

21:17:28.0870 5404 viaide - ok

21:17:28.0963 5404 [ 94CF2D157C8FD9089AFA5DA78AA64C65 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

21:17:29.0010 5404 VMAuthdService - ok

21:17:29.0041 5404 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\Windows\system32\DRIVERS\vmci.sys

21:17:29.0041 5404 vmci - ok

21:17:29.0072 5404 [ 0B13268268B3D2C99BA5021593D0F767 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys

21:17:29.0072 5404 vmkbd - ok

21:17:29.0104 5404 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys

21:17:29.0104 5404 VMnetAdapter - ok

21:17:29.0119 5404 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys

21:17:29.0119 5404 VMnetBridge - ok

21:17:29.0135 5404 VMnetDHCP - ok

21:17:29.0166 5404 [ 518D188F04BC4C6BA0581775B9A5EA90 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys

21:17:29.0166 5404 VMnetuserif - ok

21:17:29.0244 5404 [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

21:17:29.0275 5404 VMUSBArbService - ok

21:17:29.0306 5404 VMware NAT Service - ok

21:17:29.0369 5404 [ BAF28A75B00B79DC92702AF7ACFFD3E5 ] vmx86 C:\Windows\system32\drivers\vmx86.sys

21:17:29.0369 5404 vmx86 - ok

21:17:29.0400 5404 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

21:17:29.0416 5404 volmgr - ok

21:17:29.0447 5404 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

21:17:29.0462 5404 volmgrx - ok

21:17:29.0525 5404 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

21:17:29.0540 5404 volsnap - ok

21:17:29.0572 5404 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

21:17:29.0587 5404 vsmraid - ok

21:17:29.0665 5404 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

21:17:29.0696 5404 VSS - ok

21:17:29.0712 5404 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

21:17:29.0712 5404 vwifibus - ok

21:17:29.0728 5404 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

21:17:29.0743 5404 vwififlt - ok

21:17:29.0774 5404 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

21:17:29.0774 5404 W32Time - ok

21:17:29.0790 5404 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

21:17:29.0806 5404 WacomPen - ok

21:17:29.0930 5404 [ 788FE050FF7601088783C95C83313E56 ] wampapache c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe

21:17:29.0946 5404 wampapache - ok

21:17:29.0993 5404 wampmysqld - ok

21:17:30.0040 5404 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

21:17:30.0040 5404 WANARP - ok

21:17:30.0055 5404 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

21:17:30.0055 5404 Wanarpv6 - ok

21:17:30.0133 5404 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

21:17:30.0149 5404 WatAdminSvc - ok

21:17:30.0227 5404 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

21:17:30.0258 5404 wbengine - ok

21:17:30.0289 5404 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

21:17:30.0305 5404 WbioSrvc - ok

21:17:30.0336 5404 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

21:17:30.0352 5404 wcncsvc - ok

21:17:30.0352 5404 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:17:30.0367 5404 WcsPlugInService - ok

21:17:30.0398 5404 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

21:17:30.0398 5404 Wd - ok

21:17:30.0430 5404 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

21:17:30.0430 5404 Wdf01000 - ok

21:17:30.0445 5404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

21:17:30.0461 5404 WdiServiceHost - ok

21:17:30.0461 5404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

21:17:30.0461 5404 WdiSystemHost - ok

21:17:30.0508 5404 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

21:17:30.0523 5404 WebClient - ok

21:17:30.0570 5404 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

21:17:30.0586 5404 Wecsvc - ok

21:17:30.0601 5404 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

21:17:30.0601 5404 wercplsupport - ok

21:17:30.0648 5404 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

21:17:30.0648 5404 WerSvc - ok

21:17:30.0695 5404 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

21:17:30.0695 5404 WfpLwf - ok

21:17:30.0710 5404 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

21:17:30.0726 5404 WIMMount - ok

21:17:30.0742 5404 WinHttpAutoProxySvc - ok

21:17:30.0820 5404 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

21:17:30.0820 5404 Winmgmt - ok

21:17:30.0944 5404 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

21:17:31.0007 5404 WinRM - ok

21:17:31.0085 5404 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

21:17:31.0085 5404 WinUsb - ok

21:17:31.0147 5404 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

21:17:31.0163 5404 Wlansvc - ok

21:17:31.0381 5404 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:17:31.0444 5404 wlidsvc - ok

21:17:31.0506 5404 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

21:17:31.0522 5404 WmiAcpi - ok

21:17:31.0553 5404 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

21:17:31.0568 5404 wmiApSrv - ok

21:17:31.0600 5404 WMPNetworkSvc - ok

21:17:31.0631 5404 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

21:17:31.0631 5404 WPCSvc - ok

21:17:31.0678 5404 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

21:17:31.0693 5404 WPDBusEnum - ok

21:17:31.0709 5404 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

21:17:31.0724 5404 ws2ifsl - ok

21:17:31.0724 5404 WSearch - ok

21:17:31.0756 5404 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

21:17:31.0756 5404 WudfPf - ok

21:17:31.0818 5404 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

21:17:31.0818 5404 WUDFRd - ok

21:17:31.0865 5404 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

21:17:31.0865 5404 wudfsvc - ok

21:17:31.0912 5404 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

21:17:31.0927 5404 WwanSvc - ok

21:17:31.0974 5404 XAMPP - ok

21:17:32.0021 5404 ================ Scan global ===============================

21:17:32.0052 5404 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

21:17:32.0083 5404 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:17:32.0114 5404 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:17:32.0130 5404 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

21:17:32.0177 5404 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe

21:17:32.0177 5404 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected

21:17:32.0177 5404 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)

21:17:32.0177 5404 ================ Scan MBR ==================================

21:17:35.0827 5404 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

21:17:36.0482 5404 \Device\Harddisk0\DR0 - ok

21:17:36.0529 5404 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

21:17:36.0529 5404 \Device\Harddisk1\DR1 - ok

21:17:36.0529 5404 ================ Scan VBR ==================================

21:17:36.0529 5404 [ 482FF53140A39A12AE928546E033246A ] \Device\Harddisk0\DR0\Partition1

21:17:36.0545 5404 \Device\Harddisk0\DR0\Partition1 - ok

21:17:36.0545 5404 [ CE1592E24BEAEBB524A70059EF0C7D3E ] \Device\Harddisk1\DR1\Partition1

21:17:36.0545 5404 \Device\Harddisk1\DR1\Partition1 - ok

21:17:36.0545 5404 ============================================================

21:17:36.0545 5404 Scan finished

21:17:36.0545 5404 ============================================================

21:17:36.0576 5284 Detected object count: 1

21:17:36.0576 5284 Actual detected object count: 1

21:17:49.0103 5284 C:\Windows\system32\services.exe - copied to quarantine

21:17:50.0117 5284 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine

21:17:50.0132 5284 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine

21:17:50.0195 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\@ - copied to quarantine

21:17:50.0195 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\L\00000004.@ - copied to quarantine

21:17:50.0210 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\L\201d3dde - copied to quarantine

21:17:50.0210 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000004.@ - copied to quarantine

21:17:50.0226 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000008.@ - copied to quarantine

21:17:50.0226 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\000000cb.@ - copied to quarantine

21:17:50.0242 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000000.@ - copied to quarantine

21:17:50.0242 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000032.@ - copied to quarantine

21:17:50.0242 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000064.@ - copied to quarantine

21:17:50.0741 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\@ - copied to quarantine

21:17:50.0756 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\L\00000004.@ - copied to quarantine

21:17:50.0788 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000004.@ - copied to quarantine

21:17:50.0803 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000008.@ - copied to quarantine

21:17:50.0834 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\000000cb.@ - copied to quarantine

21:17:50.0850 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000000.@ - copied to quarantine

21:17:50.0881 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000032.@ - copied to quarantine

21:17:50.0912 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000064.@ - copied to quarantine

21:18:22.0440 5284 Backup copy found, using it..

21:18:22.0518 5284 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot

21:18:22.0518 5284 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot

21:18:22.0518 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\@ - will be deleted on reboot

21:18:22.0534 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000004.@ - will be deleted on reboot

21:18:22.0534 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000008.@ - will be deleted on reboot

21:18:22.0534 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\000000cb.@ - will be deleted on reboot

21:18:22.0534 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000000.@ - will be deleted on reboot

21:18:22.0534 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000032.@ - will be deleted on reboot

21:18:22.0534 5284 C:\Windows\installer\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000064.@ - will be deleted on reboot

21:18:22.0565 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\@ - will be deleted on reboot

21:18:22.0565 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000004.@ - will be deleted on reboot

21:18:22.0565 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\00000008.@ - will be deleted on reboot

21:18:22.0565 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\000000cb.@ - will be deleted on reboot

21:18:22.0565 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000000.@ - will be deleted on reboot

21:18:22.0565 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000032.@ - will be deleted on reboot

21:18:22.0565 5284 C:\Users\Van Elven\AppData\Local\{2fc1d07a-cf36-edae-14b2-56bce890afab}\U\80000064.@ - will be deleted on reboot

21:18:22.0596 5284 C:\Windows\system32\services.exe - will be cured on reboot

21:18:22.0596 5284 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure

21:18:31.0472 4548 Deinitialize success

anti-malware log:

Malwarebytes Anti-Malware 1.65.1.1000

Malwarebytes : Free anti-malware download

Databaseversie: v2012.10.18.07

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Van Elven :: VANELVEN-PC [administrator]

18/10/2012 21:26:02

mbam-log-2012-10-18 (21-56-13).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 248494

Verstreken tijd: 25 minuut/minuten, 31 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 3

C:\ProgramData\hvatckgm.exe (Trojan.Winlock) -> Geen actie ondernomen.

C:\Windows\hvatckgm.exe (Trojan.Winlock) -> Geen actie ondernomen.

C:\Windows\System32\config\systemprofile\ms.exe (Trojan.Agent) -> Geen actie ondernomen.

(einde)

Ik weet niet wat die HVAtchgm is en wat die MS.exe is?

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dat zijn de bestanden die voor de besmetting zorgen. Maar "geen actie ondernomen" bij Malwarebytes, zou er op kunnen wijzen dat je niet gekozen hebt om deze te verwijderen. Wil je Malwarebytes nog eens opnieuw laten scannen en dan wél kiezen voor "verwijderen". Sluit daarna de PC af, start opnieuw op ... en laat Malwarebytes opnieuw scannen om te bekijken of die dan nog iets te melden heeft ?

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Vergeet niet de restjes van de besmetting en de gebruikte tools nog te verwijderen.

Verwijder TDSS Killer manueel.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In Windows 7

  • via Start -> Configuratiescherm -> Systeem & Beveiliging -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  • Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  • Klik op "Toepassen" en "OK".
  • Herstart nu de PC.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.