virus

[rob1984]

Het lijkt er op dat ik een virus heb.Na wat googlen komt het erg overeen met text enhance, maar dan bij al mijn browsers ipv 1hierbij mijn hijackthis logje:Logfile of Trend Micro HijackThis v2.0.5Scan saved at 0:43:37, on 26-6-2013Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v9.00 (9.00.8112.16490)FIREFOX: 21.0 (nl)Boot mode: NormalRunning processes:C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\windows\system32\Dwm.exeC:\windows\Explorer.EXEC:\windows\system32\taskeng.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\PDF Complete\pdfsty.exeC:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\HP\HP Software Update\hpwuschd2.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exeC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files\Samsung\Kies\Kies.exeC:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXEC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exeC:\windows\system32\wbem\unsecapp.exeC:\Program Files\Hewlett-Packard\Shared\hpqToaster.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\windows\system32\conime.exeC:\Program Files\Opera\opera.exeC:\Users\Rob\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exeC:\Users\Rob\Desktop\hijackthis\HijackThis.exeC:\windows\system32\DllHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - United States | Laptop Computers, Desktops , Printers, Servers and more - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Torrent Search Engine - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - United States | Laptop Computers, Desktops , Printers, Servers and more - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP - United States | Laptop Computers, Desktops , Printers, Servers and more - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)O1 - Hosts: ::1 localhostO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Increase performance and video formats for your HTML5 - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /StartO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exeO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exeO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimizedO4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /minO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [tyntn] C:\windows\system32\dt6ty7yy.exeO4 - HKCU\..\Run: [inytii] C:\windows\system32\yti6ddntd.exeO4 - HKCU\..\Run: [llff5l] C:\windows\system32\avvava7alv.exeO4 - HKCU\..\Run: [avqff1l] C:\windows\system32\l6avllaqq3.exeO4 - HKCU\..\Run: [qvqv7] C:\windows\system32\afaaf41lf.exeO4 - HKCU\..\Run: [qqf9a] C:\windows\system32\falvqllvfav.exeO4 - HKCU\..\Run: [laavaa] C:\windows\system32\qv7alvvqq.exeO4 - HKCU\..\Run: [lfaqqf] C:\windows\system32\vvava7alvvq.exeO4 - HKCU\..\Run: [vqvfqqv] C:\windows\system32\alf6qqf1vlq.exeO4 - HKCU\..\Run: [ynint] C:\windows\system32\niityidyyit.exeO4 - HKCU\..\Run: [diiynn] C:\windows\system32\inyitdnn.exeO4 - HKCU\..\Run: [gvllg] C:\windows\system32\vqggaavllg.exeO4 - HKCU\..\Run: [vvvfaq] C:\windows\system32\fvf4vaqaa6f.exeO4 - HKCU\..\Run: [kffafaq] C:\windows\system32\avafkqakva.exeO4 - HKCU\..\Run: [fqqfvv0] C:\windows\system32\vf4vaqaa6f.exeO4 - HKCU\..\Run: [llggbb] C:\windows\system32\6qqg1vb.exeO4 - HKCU\..\Run: [lgbbvb] C:\windows\system32\ggqv1a2lglv.exeO4 - HKCU\..\Run: [gglgb9] C:\windows\system32\qgga6qlb1gq.exeO4 - HKCU\..\Run: [vlaav] C:\windows\system32\a2qlaa1llg.exeO4 - HKCU\..\Run: [aqql1g] C:\windows\system32\v2qlaa1llg.exeO4 - HKCU\..\Run: [qqllg] C:\windows\system32\g21vqggaavl.exeO4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /runO4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeO4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preloadO4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrunO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exeO4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dllO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXEO23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exeO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exeO23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.ExeO23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exeO23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exeO23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exeO23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe--End of file - 12413 bytes

25 juni 2013 aangepast door rob1984

[kape]

Zou je dit logje in zijn normale vorm kunnen posten (met alle lijntjes onder elkaar) ? Want zo werkt het niet overzichtelijk

[rob1984]

ik weet ook niet waarom dat verkeerd is gegaan, maar hierbij de herkansing:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 0:43:37, on 26-6-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16490)

FIREFOX: 21.0 (nl)

Boot mode: Normal

Running processes:

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskeng.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\PDF Complete\pdfsty.exe

C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe

C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\windows\system32\conime.exe

C:\Program Files\Opera\opera.exe

C:\Users\Rob\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exe

C:\Users\Rob\Desktop\hijackthis\HijackThis.exe

C:\windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.torrentz.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"

O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized

O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [tyntn] C:\windows\system32\dt6ty7yy.exe

O4 - HKCU\..\Run: [inytii] C:\windows\system32\yti6ddntd.exe

O4 - HKCU\..\Run: [llff5l] C:\windows\system32\avvava7alv.exe

O4 - HKCU\..\Run: [avqff1l] C:\windows\system32\l6avllaqq3.exe

O4 - HKCU\..\Run: [qvqv7] C:\windows\system32\afaaf41lf.exe

O4 - HKCU\..\Run: [qqf9a] C:\windows\system32\falvqllvfav.exe

O4 - HKCU\..\Run: [laavaa] C:\windows\system32\qv7alvvqq.exe

O4 - HKCU\..\Run: [lfaqqf] C:\windows\system32\vvava7alvvq.exe

O4 - HKCU\..\Run: [vqvfqqv] C:\windows\system32\alf6qqf1vlq.exe

O4 - HKCU\..\Run: [ynint] C:\windows\system32\niityidyyit.exe

O4 - HKCU\..\Run: [diiynn] C:\windows\system32\inyitdnn.exe

O4 - HKCU\..\Run: [gvllg] C:\windows\system32\vqggaavllg.exe

O4 - HKCU\..\Run: [vvvfaq] C:\windows\system32\fvf4vaqaa6f.exe

O4 - HKCU\..\Run: [kffafaq] C:\windows\system32\avafkqakva.exe

O4 - HKCU\..\Run: [fqqfvv0] C:\windows\system32\vf4vaqaa6f.exe

O4 - HKCU\..\Run: [llggbb] C:\windows\system32\6qqg1vb.exe

O4 - HKCU\..\Run: [lgbbvb] C:\windows\system32\ggqv1a2lglv.exe

O4 - HKCU\..\Run: [gglgb9] C:\windows\system32\qgga6qlb1gq.exe

O4 - HKCU\..\Run: [vlaav] C:\windows\system32\a2qlaa1llg.exe

O4 - HKCU\..\Run: [aqql1g] C:\windows\system32\v2qlaa1llg.exe

O4 - HKCU\..\Run: [qqllg] C:\windows\system32\g21vqggaavl.exe

O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe

O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--

End of file - 12413 bytes

26 juni 2013 aangepast door rob1984

[kweezie wabbit]

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)

O4 - HKCU\..\Run: [tyntn] C:\windows\system32\dt6ty7yy.exe

O4 - HKCU\..\Run: [inytii] C:\windows\system32\yti6ddntd.exe

O4 - HKCU\..\Run: [llff5l] C:\windows\system32\avvava7alv.exe

O4 - HKCU\..\Run: [avqff1l] C:\windows\system32\l6avllaqq3.exe

O4 - HKCU\..\Run: [qvqv7] C:\windows\system32\afaaf41lf.exe

O4 - HKCU\..\Run: [qqf9a] C:\windows\system32\falvqllvfav.exe

O4 - HKCU\..\Run: [laavaa] C:\windows\system32\qv7alvvqq.exe

O4 - HKCU\..\Run: [lfaqqf] C:\windows\system32\vvava7alvvq.exe

O4 - HKCU\..\Run: [vqvfqqv] C:\windows\system32\alf6qqf1vlq.exe

O4 - HKCU\..\Run: [ynint] C:\windows\system32\niityidyyit.exe

O4 - HKCU\..\Run: [diiynn] C:\windows\system32\inyitdnn.exe

O4 - HKCU\..\Run: [gvllg] C:\windows\system32\vqggaavllg.exe

O4 - HKCU\..\Run: [vvvfaq] C:\windows\system32\fvf4vaqaa6f.exe

O4 - HKCU\..\Run: [kffafaq] C:\windows\system32\avafkqakva.exe

O4 - HKCU\..\Run: [fqqfvv0] C:\windows\system32\vf4vaqaa6f.exe

O4 - HKCU\..\Run: [llggbb] C:\windows\system32\6qqg1vb.exe

O4 - HKCU\..\Run: [lgbbvb] C:\windows\system32\ggqv1a2lglv.exe

O4 - HKCU\..\Run: [gglgb9] C:\windows\system32\qgga6qlb1gq.exe

O4 - HKCU\..\Run: [vlaav] C:\windows\system32\a2qlaa1llg.exe

O4 - HKCU\..\Run: [aqql1g] C:\windows\system32\v2qlaa1llg.exe

O4 - HKCU\..\Run: [qqllg] C:\windows\system32\g21vqggaavl.exe

O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

• Malwarebytes' Anti-Malware Chameleon
  
• Problemen bij het installeren van Malwarebytes' Anti-Malware
  
• Problemen bij het updaten van Malwarebytes' Anti-Malware
  
• Problemen bij het starten van Malwarebytes' Anti-Malware
  

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht, samen met een nieuw logje van hijackthis.
  

[rob1984]

malwarebytes vindt niks, en hoeft dus ook niet opnieuw op te starten, het is wel duidelijk dat ik nog niet van de malware af ben..

hier het malwarebytes logje:

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.06.26.03

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Rob :: PC_VAN_ROB [administrator]

Bescherming: Uitgeschakeld

26-6-2013 15:38:24

mbam-log-2013-06-26 (15-38-24).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM | P2P

Uitgeschakelde scan opties:

Objecten gescand: 232174

Verstreken tijd: 14 minuut/minuten, 6 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

en die van hijackthis:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 15:59:23, on 26-6-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16490)

FIREFOX: 21.0 (nl)

Boot mode: Normal

Running processes:

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskeng.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\PDF Complete\pdfsty.exe

C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe

C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\windows\system32\conime.exe

C:\Users\Rob\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exe

C:\Users\Rob\Desktop\hijackthis\HijackThis.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Opera\opera.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\windows\system32\NOTEPAD.EXE

C:\windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Lavasoft

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"

O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized

O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f

O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f

O4 - HKCU\..\RunOnce: [adawarebp_DATA_FOLDER] cmd.exe /c rmdir "C:\ProgramData\Ad-Aware Browsing Protection" /s /q

O4 - HKCU\..\RunOnce: [adawarebp_INSTALL_FOLDER] cmd.exe /c rmdir "C:\Users\Rob\AppData\Local\adawarebp" /s /q

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe

O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--

End of file - 11435 bytes

[kweezie wabbit]

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  
• Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  
• Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  
• Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  
• Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  
• Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  
• Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  
• Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  
• Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
  

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

• Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  
• Illegal operation attempted on a registry key that has been marked for deletion.
  

[rob1984]

Er lijkt iets fout te gaan tijdens de installatie van combofix, als het programma bijna klaar is met installeren krijg ik een geluidsignaal en verdwijnt het venster. halverwege de installatie krijg ik een foutmelding:

fout bij schrijven naar bestand

C:\32788R22FWJFW\swxcacls.3XE

met drie keuzemogelijkheden: afbreken, opnieuw, negeren.

afbreken stopt de installatie, opnieuw geeft dezelfde foutmelding en negeren maakt de installatie af tot bijna aan het einde en stopt dan dus.

[rob1984]

combofix werkt inmiddels, maar elke keer moet ik opnieuw opstarten en daarna combofix nogmaals draaien.. dit inmiddels al 5 keer is dit normaal? ik krijg inderdaad een melding een rootkit.

logbestand van combofix kan ik niet vinden, hierbij wel nogmaals die van hijackthis:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 22:16:09, on 26-6-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16490)

FIREFOX: 21.0 (nl)

Boot mode: Normal

Running processes:

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskeng.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\PDF Complete\pdfsty.exe

C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\windows\system32\conime.exe

C:\Program Files\Opera\opera.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Rob\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Lavasoft

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=all&pf=cmnb

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"

O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized

O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: BFE - Unknown owner - C:\windows\.

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe

O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--

End of file - 10265 bytes

[kweezie wabbit]

Het logbestand van combofix vind je normaal op C:\ComboFix.txt

Download TDSSKiller en plaats het op je bureaublad.

• Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.
  
  • Klik hier voor de handleiding van Kaspersky TDSSKiller
    

  [*] Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).

  [*] Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"

  [*] Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.

  [*] Start nu TDSSkiller opnieuw.

  [*] Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

  

  [*] Klik op de knop "Start Scan" en volg de instructies.

  • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
    
  • Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt
    
  • Voeg dit log-bestand als bijlage toe aan het volgende bericht.
    

[rob1984]

12:18:37.0082 1772 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

12:18:37.0348 1772 ============================================================

12:18:37.0348 1772 Current date / time: 2013/06/27 12:18:37.0348

12:18:37.0348 1772 SystemInfo:

12:18:37.0348 1772

12:18:37.0348 1772 OS Version: 6.0.6002 ServicePack: 2.0

12:18:37.0348 1772 Product type: Workstation

12:18:37.0348 1772 ComputerName: PC_VAN_ROB

12:18:37.0348 1772 UserName: Rob

12:18:37.0348 1772 Windows directory: C:\windows

12:18:37.0348 1772 System windows directory: C:\windows

12:18:37.0348 1772 Processor architecture: Intel x86

12:18:37.0348 1772 Number of processors: 1

12:18:37.0348 1772 Page size: 0x1000

12:18:37.0348 1772 Boot type: Normal boot

12:18:37.0348 1772 ============================================================

12:18:37.0800 1772 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

12:18:37.0800 1772 ============================================================

12:18:37.0800 1772 \Device\Harddisk0\DR0:

12:18:37.0800 1772 MBR partitions:

12:18:37.0800 1772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11818E71

12:18:37.0800 1772 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11818EB0, BlocksNum 0x1201000

12:18:37.0800 1772 ============================================================

12:18:37.0831 1772 C: <-> \Device\Harddisk0\DR0\Partition1

12:18:37.0878 1772 D: <-> \Device\Harddisk0\DR0\Partition2

12:18:37.0878 1772 ============================================================

12:18:37.0878 1772 Initialize success

12:18:37.0878 1772 ============================================================

12:20:17.0431 4196 ============================================================

12:20:17.0431 4196 Scan started

12:20:17.0431 4196 Mode: Manual; SigCheck; TDLFS;

12:20:17.0431 4196 ============================================================

12:20:17.0867 4196 ================ Scan system memory ========================

12:20:17.0867 4196 System memory - ok

12:20:17.0867 4196 ================ Scan services =============================

12:20:19.0022 4196 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\windows\system32\drivers\acpi.sys

12:20:19.0162 4196 ACPI - ok

12:20:19.0209 4196 [ FB9ECE3F7B8A03E474E611031AD4CD23 ] ADIHdAudAddService C:\windows\system32\drivers\ADIHdAud.sys

12:20:19.0303 4196 ADIHdAudAddService - ok

12:20:19.0427 4196 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

12:20:19.0490 4196 AdobeFlashPlayerUpdateSvc - ok

12:20:19.0552 4196 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\windows\system32\drivers\adp94xx.sys

12:20:19.0583 4196 adp94xx - ok

12:20:19.0615 4196 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\windows\system32\drivers\adpahci.sys

12:20:19.0630 4196 adpahci - ok

12:20:19.0661 4196 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\windows\system32\drivers\adpu160m.sys

12:20:19.0677 4196 adpu160m - ok

12:20:19.0739 4196 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\windows\system32\drivers\adpu320.sys

12:20:19.0786 4196 adpu320 - ok

12:20:19.0849 4196 [ 12D23758621B00B8D3134095EC3325FD ] AEADIFilters C:\windows\system32\AEADISRV.EXE

12:20:19.0895 4196 AEADIFilters - ok

12:20:19.0911 4196 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\windows\System32\aelupsvc.dll

12:20:20.0005 4196 AeLookupSvc - ok

12:20:20.0067 4196 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\windows\system32\drivers\afd.sys

12:20:20.0145 4196 AFD - ok

12:20:20.0192 4196 [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe

12:20:20.0223 4196 AgereModemAudio - ok

12:20:20.0613 4196 [ 3712986CC3ABF0DC656B43525B9D1279 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys

12:20:20.0707 4196 AgereSoftModem - ok

12:20:20.0769 4196 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\windows\system32\drivers\agp440.sys

12:20:20.0785 4196 agp440 - ok

12:20:20.0816 4196 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\windows\system32\drivers\djsvs.sys

12:20:20.0863 4196 aic78xx - ok

12:20:20.0894 4196 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\windows\System32\alg.exe

12:20:21.0050 4196 ALG - ok

12:20:21.0097 4196 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\windows\system32\drivers\aliide.sys

12:20:21.0128 4196 aliide - ok

12:20:21.0206 4196 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\windows\system32\drivers\amdagp.sys

12:20:21.0221 4196 amdagp - ok

12:20:21.0237 4196 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\windows\system32\drivers\amdide.sys

12:20:21.0253 4196 amdide - ok

12:20:21.0284 4196 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\windows\system32\drivers\amdk7.sys

12:20:21.0315 4196 AmdK7 - ok

12:20:21.0331 4196 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys

12:20:21.0377 4196 AmdK8 - ok

12:20:21.0923 4196 [ 075DE33661971DE058854C526BDBBF0D ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe

12:20:21.0939 4196 AntiVirSchedulerService - ok

12:20:22.0017 4196 [ 826ADD8689FA33632CF98A0EAC89F156 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe

12:20:22.0017 4196 AntiVirService - ok

12:20:22.0111 4196 [ DFAE18C675D71FD06D57DC69D2913975 ] AppHostSvc C:\windows\system32\inetsrv\apphostsvc.dll

12:20:22.0189 4196 AppHostSvc - ok

12:20:22.0235 4196 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\windows\System32\appinfo.dll

12:20:22.0267 4196 Appinfo - ok

12:20:22.0313 4196 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\windows\system32\drivers\arc.sys

12:20:22.0329 4196 arc - ok

12:20:22.0360 4196 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\windows\system32\drivers\arcsas.sys

12:20:22.0376 4196 arcsas - ok

12:20:22.0735 4196 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

12:20:22.0766 4196 aspnet_state - ok

12:20:22.0797 4196 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

12:20:22.0844 4196 AsyncMac - ok

12:20:22.0875 4196 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\windows\system32\drivers\atapi.sys

12:20:22.0891 4196 atapi - ok

12:20:22.0953 4196 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

12:20:23.0000 4196 AudioEndpointBuilder - ok

12:20:23.0031 4196 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\windows\System32\Audiosrv.dll

12:20:23.0062 4196 Audiosrv - ok

12:20:23.0125 4196 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys

12:20:23.0140 4196 avgntflt - ok

12:20:23.0187 4196 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\windows\system32\DRIVERS\avipbb.sys

12:20:23.0218 4196 avipbb - ok

12:20:23.0265 4196 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys

12:20:23.0281 4196 avkmgr - ok

12:20:23.0343 4196 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys

12:20:23.0390 4196 b57nd60x - ok

12:20:23.0468 4196 [ 3F5E7621CDF6867D3D8417D13A098277 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys

12:20:23.0530 4196 BCM43XX - ok

12:20:23.0624 4196 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\windows\system32\drivers\Beep.sys

12:20:23.0671 4196 Beep - ok

12:20:23.0702 4196 BFE - ok

12:20:23.0873 4196 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\windows\System32\qmgr.dll

12:20:23.0936 4196 BITS - ok

12:20:23.0983 4196 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\windows\system32\drivers\blbdrive.sys

12:20:24.0029 4196 blbdrive - ok

12:20:24.0092 4196 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\windows\system32\DRIVERS\bowser.sys

12:20:24.0154 4196 bowser - ok

12:20:24.0217 4196 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\brfiltlo.sys

12:20:24.0248 4196 BrFiltLo - ok

12:20:24.0263 4196 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\brfiltup.sys

12:20:24.0310 4196 BrFiltUp - ok

12:20:24.0341 4196 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\windows\System32\browser.dll

12:20:24.0404 4196 Browser - ok

12:20:24.0451 4196 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\windows\system32\drivers\brserid.sys

12:20:24.0591 4196 Brserid - ok

12:20:24.0607 4196 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\system32\drivers\brserwdm.sys

12:20:24.0685 4196 BrSerWdm - ok

12:20:24.0747 4196 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\system32\drivers\brusbmdm.sys

12:20:24.0825 4196 BrUsbMdm - ok

12:20:24.0856 4196 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\system32\drivers\brusbser.sys

12:20:24.0903 4196 BrUsbSer - ok

12:20:24.0965 4196 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys

12:20:25.0012 4196 BTHMODEM - ok

12:20:25.0168 4196 catchme - ok

12:20:25.0215 4196 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

12:20:25.0277 4196 cdfs - ok

12:20:25.0309 4196 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

12:20:25.0340 4196 cdrom - ok

12:20:25.0402 4196 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\windows\System32\certprop.dll

12:20:25.0480 4196 CertPropSvc - ok

12:20:25.0511 4196 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\windows\system32\drivers\circlass.sys

12:20:25.0543 4196 circlass - ok

12:20:25.0574 4196 [ 745D20B75B3BDDA545022625ED5DBB1B ] CISVC C:\windows\system32\CISVC.EXE

12:20:25.0605 4196 CISVC - ok

12:20:25.0683 4196 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\windows\system32\CLFS.sys

12:20:25.0730 4196 CLFS - ok

12:20:25.0777 4196 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:20:25.0777 4196 clr_optimization_v2.0.50727_32 - ok

12:20:25.0839 4196 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

12:20:25.0886 4196 CmBatt - ok

12:20:25.0901 4196 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\windows\system32\drivers\cmdide.sys

12:20:25.0917 4196 cmdide - ok

12:20:26.0120 4196 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

12:20:26.0135 4196 Com4QLBEx - ok

12:20:26.0182 4196 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys

12:20:26.0229 4196 Compbatt - ok

12:20:26.0245 4196 COMSysApp - ok

12:20:26.0276 4196 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\windows\system32\drivers\crcdisk.sys

12:20:26.0291 4196 crcdisk - ok

12:20:26.0323 4196 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\windows\system32\drivers\crusoe.sys

12:20:26.0354 4196 Crusoe - ok

12:20:26.0447 4196 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\windows\system32\cryptsvc.dll

12:20:26.0494 4196 CryptSvc - ok

12:20:26.0557 4196 [ 5D5984255A4BFAA4262FB750DF7CD537 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv.sys

12:20:26.0603 4196 DAMDrv ( UnsignedFile.Multi.Generic ) - warning

12:20:26.0603 4196 DAMDrv - detected UnsignedFile.Multi.Generic (1)

12:20:26.0806 4196 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\windows\system32\rpcss.dll

12:20:26.0869 4196 DcomLaunch - ok

12:20:26.0900 4196 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\windows\system32\Drivers\dfsc.sys

12:20:26.0947 4196 DfsC - ok

12:20:27.0181 4196 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\windows\system32\DFSR.exe

12:20:27.0352 4196 DFSR - ok

12:20:27.0415 4196 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\windows\System32\dhcpcsvc.dll

12:20:27.0477 4196 Dhcp - ok

12:20:27.0524 4196 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\windows\system32\drivers\disk.sys

12:20:27.0539 4196 disk - ok

12:20:27.0602 4196 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\windows\System32\dnsrslvr.dll

12:20:27.0664 4196 Dnscache - ok

12:20:27.0711 4196 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\windows\System32\dot3svc.dll

12:20:27.0742 4196 dot3svc - ok

12:20:27.0820 4196 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\windows\system32\dps.dll

12:20:27.0851 4196 DPS - ok

12:20:27.0914 4196 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

12:20:27.0945 4196 drmkaud - ok

12:20:28.0007 4196 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

12:20:28.0070 4196 DXGKrnl - ok

12:20:28.0148 4196 [ 476D9F2F0789CDE89ACEE2A2FB21EC5A ] e1express C:\windows\system32\DRIVERS\e1e6032.sys

12:20:28.0163 4196 e1express - ok

12:20:28.0195 4196 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\windows\system32\DRIVERS\E1G60I32.sys

12:20:28.0226 4196 E1G60 - ok

12:20:28.0288 4196 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\windows\System32\eapsvc.dll

12:20:28.0319 4196 EapHost - ok

12:20:28.0366 4196 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\windows\system32\drivers\ecache.sys

12:20:28.0382 4196 Ecache - ok

12:20:28.0444 4196 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\windows\system32\drivers\elxstor.sys

12:20:28.0475 4196 elxstor - ok

12:20:28.0725 4196 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\windows\system32\emdmgmt.dll

12:20:28.0803 4196 EMDMgmt - ok

12:20:28.0897 4196 [ EDC243EF33F8DA2A1A499331891D9472 ] EngineServer C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE

12:20:28.0912 4196 EngineServer - ok

12:20:28.0928 4196 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\windows\system32\drivers\errdev.sys

12:20:28.0975 4196 ErrDev - ok

12:20:29.0037 4196 esgiguard - ok

12:20:29.0099 4196 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\windows\system32\es.dll

12:20:29.0131 4196 EventSystem - ok

12:20:29.0255 4196 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\windows\system32\drivers\exfat.sys

12:20:29.0349 4196 exfat - ok

12:20:29.0443 4196 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\windows\system32\drivers\fastfat.sys

12:20:29.0521 4196 fastfat - ok

12:20:29.0567 4196 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\windows\system32\DRIVERS\fdc.sys

12:20:29.0614 4196 fdc - ok

12:20:29.0723 4196 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\windows\system32\fdPHost.dll

12:20:29.0755 4196 fdPHost - ok

12:20:29.0786 4196 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\windows\system32\fdrespub.dll

12:20:29.0879 4196 FDResPub - ok

12:20:29.0942 4196 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\windows\system32\drivers\fileinfo.sys

12:20:29.0973 4196 FileInfo - ok

12:20:30.0020 4196 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\windows\system32\drivers\filetrace.sys

12:20:30.0082 4196 Filetrace - ok

12:20:30.0176 4196 [ 224138E0CCDF7CE3281298473F6FD1D2 ] FLCDLOCK C:\Windows\system32\flcdlock.exe

12:20:30.0207 4196 FLCDLOCK ( UnsignedFile.Multi.Generic ) - warning

12:20:30.0207 4196 FLCDLOCK - detected UnsignedFile.Multi.Generic (1)

12:20:30.0254 4196 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys

12:20:30.0301 4196 flpydisk - ok

12:20:30.0363 4196 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

12:20:30.0394 4196 FltMgr - ok

12:20:30.0550 4196 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\windows\system32\FntCache.dll

12:20:30.0628 4196 FontCache - ok

12:20:30.0800 4196 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

12:20:30.0815 4196 FontCache3.0.0.0 - ok

12:20:30.0909 4196 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\windows\system32\FsUsbExDisk.SYS

12:20:30.0925 4196 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning

12:20:30.0925 4196 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)

12:20:30.0956 4196 [ 0796C1E47ADB9825269E64B9DAB4E741 ] FsUsbExService C:\windows\system32\FsUsbExService.Exe

12:20:30.0987 4196 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning

12:20:30.0987 4196 FsUsbExService - detected UnsignedFile.Multi.Generic (1)

12:20:31.0018 4196 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

12:20:31.0049 4196 Fs_Rec - ok

12:20:31.0127 4196 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

12:20:31.0159 4196 gagp30kx - ok

12:20:31.0205 4196 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\windows\system32\drivers\gfibto.sys

12:20:31.0221 4196 gfibto - ok

12:20:31.0424 4196 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\windows\System32\gpsvc.dll

12:20:31.0517 4196 gpsvc - ok

12:20:31.0689 4196 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

12:20:31.0689 4196 gupdate - ok

12:20:31.0736 4196 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

12:20:31.0751 4196 gupdatem - ok

12:20:31.0814 4196 [ 93AEE3434935FC2F805FEFD8DC5ED1B4 ] HBtnKey C:\windows\system32\DRIVERS\cpqbttn.sys

12:20:31.0814 4196 HBtnKey - ok

12:20:31.0876 4196 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

12:20:31.0939 4196 HdAudAddService - ok

12:20:32.0219 4196 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

12:20:32.0313 4196 HDAudBus - ok

12:20:32.0407 4196 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\windows\system32\drivers\hidbth.sys

12:20:32.0469 4196 HidBth - ok

12:20:32.0500 4196 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\windows\system32\drivers\hidir.sys

12:20:32.0547 4196 HidIr - ok

12:20:32.0594 4196 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\windows\System32\hidserv.dll

12:20:32.0625 4196 hidserv - ok

12:20:32.0656 4196 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

12:20:32.0703 4196 HidUsb - ok

12:20:32.0734 4196 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\windows\system32\kmsvc.dll

12:20:32.0812 4196 hkmsvc - ok

12:20:32.0875 4196 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

12:20:32.0890 4196 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

12:20:32.0890 4196 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

12:20:32.0937 4196 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\windows\system32\drivers\hpcisss.sys

12:20:32.0953 4196 HpCISSs - ok

12:20:33.0015 4196 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys

12:20:33.0031 4196 HpqKbFiltr - ok

12:20:33.0171 4196 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

12:20:33.0187 4196 hpqwmiex - ok

12:20:33.0405 4196 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\windows\system32\drivers\HTTP.sys

12:20:33.0514 4196 HTTP - ok

12:20:33.0545 4196 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\windows\system32\drivers\i2omp.sys

12:20:33.0561 4196 i2omp - ok

12:20:33.0608 4196 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

12:20:33.0639 4196 i8042prt - ok

12:20:34.0091 4196 [ 3AD7614C487C948ADD435662265750FB ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

12:20:34.0107 4196 IAANTMON - ok

12:20:34.0294 4196 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\windows\system32\drivers\iastor.sys

12:20:34.0310 4196 iaStor - ok

12:20:34.0435 4196 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\windows\system32\drivers\iastorv.sys

12:20:34.0481 4196 iaStorV - ok

12:20:34.0575 4196 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

12:20:34.0637 4196 IDriverT ( UnsignedFile.Multi.Generic ) - warning

12:20:34.0637 4196 IDriverT - detected UnsignedFile.Multi.Generic (1)

12:20:34.0934 4196 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

12:20:35.0027 4196 idsvc - ok

12:20:35.0870 4196 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys

12:20:36.0057 4196 igfx - ok

12:20:36.0151 4196 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\windows\system32\drivers\iirsp.sys

12:20:36.0182 4196 iirsp - ok

12:20:36.0229 4196 [ DAE181C2FDB0D02159C56185A469E10B ] IISADMIN C:\windows\system32\inetsrv\inetinfo.exe

12:20:36.0291 4196 IISADMIN - ok

12:20:36.0525 4196 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\windows\System32\ikeext.dll

12:20:36.0587 4196 IKEEXT - ok

12:20:36.0634 4196 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\windows\system32\drivers\intelide.sys

12:20:36.0650 4196 intelide - ok

12:20:36.0697 4196 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

12:20:36.0775 4196 intelppm - ok

12:20:36.0806 4196 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\windows\system32\ipbusenum.dll

12:20:36.0884 4196 IPBusEnum - ok

12:20:36.0899 4196 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

12:20:36.0946 4196 IpFilterDriver - ok

12:20:36.0962 4196 IpInIp - ok

12:20:37.0055 4196 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\windows\system32\drivers\ipmidrv.sys

12:20:37.0133 4196 IPMIDRV - ok

12:20:37.0165 4196 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\windows\system32\DRIVERS\ipnat.sys

12:20:37.0211 4196 IPNAT - ok

12:20:37.0243 4196 [ 03D54E7BCF9B77CEAF34DC0057420352 ] iprip C:\windows\System32\iprip.dll

12:20:37.0321 4196 iprip - ok

12:20:37.0352 4196 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\windows\system32\drivers\irenum.sys

12:20:37.0399 4196 IRENUM - ok

12:20:37.0430 4196 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\windows\system32\drivers\isapnp.sys

12:20:37.0477 4196 isapnp - ok

12:20:37.0523 4196 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys

12:20:37.0539 4196 iScsiPrt - ok

12:20:37.0570 4196 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\windows\system32\drivers\iteatapi.sys

12:20:37.0586 4196 iteatapi - ok

12:20:37.0664 4196 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\windows\system32\drivers\iteraid.sys

12:20:37.0695 4196 iteraid - ok

12:20:37.0773 4196 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

12:20:37.0804 4196 IviRegMgr - ok

12:20:37.0835 4196 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

12:20:37.0851 4196 kbdclass - ok

12:20:37.0898 4196 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

12:20:37.0945 4196 kbdhid - ok

12:20:37.0991 4196 [ A3E186B4B935905B829219502557314E ] KeyIso C:\windows\system32\lsass.exe

12:20:38.0038 4196 KeyIso - ok

12:20:38.0257 4196 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

12:20:38.0350 4196 KSecDD - ok

12:20:38.0413 4196 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\windows\system32\msdtckrm.dll

12:20:38.0475 4196 KtmRm - ok

12:20:38.0522 4196 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\windows\System32\srvsvc.dll

12:20:38.0569 4196 LanmanServer - ok

12:20:38.0615 4196 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\windows\System32\wkssvc.dll

12:20:38.0662 4196 LanmanWorkstation - ok

12:20:38.0678 4196 LgBttPort - ok

12:20:38.0709 4196 lgbusenum - ok

12:20:38.0725 4196 LGVMODEM - ok

12:20:38.0771 4196 [ C215E09622118383B236DD56C2065183 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

12:20:38.0787 4196 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

12:20:38.0787 4196 LightScribeService - detected UnsignedFile.Multi.Generic (1)

12:20:38.0849 4196 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

12:20:38.0865 4196 LinksysUpdater ( UnsignedFile.Multi.Generic ) - warning

12:20:38.0865 4196 LinksysUpdater - detected UnsignedFile.Multi.Generic (1)

12:20:38.0896 4196 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

12:20:38.0927 4196 lltdio - ok

12:20:38.0974 4196 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\windows\System32\lltdsvc.dll

12:20:39.0021 4196 lltdsvc - ok

12:20:39.0037 4196 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\windows\System32\lmhsvc.dll

12:20:39.0083 4196 lmhosts - ok

12:20:39.0161 4196 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys

12:20:39.0177 4196 LSI_FC - ok

12:20:39.0208 4196 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

12:20:39.0224 4196 LSI_SAS - ok

12:20:39.0255 4196 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

12:20:39.0286 4196 LSI_SCSI - ok

12:20:39.0317 4196 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\windows\system32\drivers\luafv.sys

12:20:39.0349 4196 luafv - ok

12:20:39.0395 4196 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\windows\system32\drivers\mbam.sys

12:20:39.0411 4196 MBAMProtector - ok

12:20:39.0567 4196 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

12:20:39.0629 4196 MBAMScheduler - ok

12:20:39.0676 4196 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

12:20:39.0739 4196 MBAMService - ok

12:20:39.0910 4196 [ 38BCCF016B694A745E1CDBC0B080A59C ] McAfee HackerWatch Service C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

12:20:39.0957 4196 McAfee HackerWatch Service - ok

12:20:40.0051 4196 [ B177A24AAD92A838B22A685BED1CB4A6 ] McShield C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe

12:20:40.0066 4196 McShield - ok

12:20:40.0113 4196 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\windows\system32\drivers\megasas.sys

12:20:40.0129 4196 megasas - ok

12:20:40.0160 4196 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\windows\system32\drivers\megasr.sys

12:20:40.0191 4196 MegaSR - ok

12:20:40.0238 4196 [ 4A802C0D6F1AE9A11CC778E7D3378FE0 ] MfeAVFK C:\windows\system32\drivers\MfeAVFK.sys

12:20:40.0253 4196 MfeAVFK - ok

12:20:40.0269 4196 [ F8DEDC7B973E7311458FA52774242D19 ] MfeBOPK C:\windows\system32\drivers\MfeBOPK.sys

12:20:40.0300 4196 MfeBOPK - ok

12:20:40.0347 4196 [ 04E66896EBB00E94F1A51358D32E24AF ] mfehidk C:\windows\system32\drivers\mfehidk.sys

12:20:40.0363 4196 mfehidk - ok

12:20:40.0378 4196 [ 459330ECF667872821FA1E56A2A37D24 ] MfeRKDK C:\windows\system32\drivers\MfeRKDK.sys

12:20:40.0394 4196 MfeRKDK - ok

12:20:40.0409 4196 [ 74A22591E2AFE1091E949952BDBF7C20 ] mfetdik C:\windows\system32\drivers\mfetdik.sys

12:20:40.0441 4196 mfetdik - ok

12:20:40.0472 4196 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\windows\system32\mmcss.dll

12:20:40.0503 4196 MMCSS - ok

12:20:40.0534 4196 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\windows\system32\drivers\modem.sys

12:20:40.0565 4196 Modem - ok

12:20:40.0612 4196 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\windows\system32\DRIVERS\monitor.sys

12:20:40.0659 4196 monitor - ok

12:20:40.0690 4196 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

12:20:40.0706 4196 mouclass - ok

12:20:40.0768 4196 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

12:20:40.0799 4196 mouhid - ok

12:20:40.0831 4196 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\windows\system32\drivers\mountmgr.sys

12:20:40.0862 4196 MountMgr - ok

12:20:40.0955 4196 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

12:20:40.0971 4196 MozillaMaintenance - ok

12:20:41.0049 4196 [ E320F922BEAD67774D84A1F2FEBF01F9 ] MPFP C:\windows\system32\Drivers\Mpfp.sys

12:20:41.0080 4196 MPFP - ok

12:20:41.0267 4196 [ 7869AE9E3533D5A6F006E7B97F5FB991 ] MpfService C:\Program Files\McAfee\MPF\MPFSrv.exe

12:20:41.0314 4196 MpfService - ok

12:20:41.0377 4196 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\windows\system32\drivers\mpio.sys

12:20:41.0392 4196 mpio - ok

12:20:41.0423 4196 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

12:20:41.0470 4196 mpsdrv - ok

12:20:41.0501 4196 [ 4116CDE6C8C97E2F4492F2755810019F ] MQAC C:\windows\system32\drivers\mqac.sys

12:20:41.0548 4196 MQAC - ok

12:20:41.0579 4196 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\windows\system32\drivers\mraid35x.sys

12:20:41.0595 4196 Mraid35x - ok

12:20:41.0657 4196 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

12:20:41.0704 4196 MRxDAV - ok

12:20:41.0782 4196 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

12:20:41.0829 4196 mrxsmb - ok

12:20:41.0923 4196 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

12:20:41.0985 4196 mrxsmb10 - ok

12:20:42.0032 4196 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

12:20:42.0063 4196 mrxsmb20 - ok

12:20:42.0110 4196 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\windows\system32\drivers\msahci.sys

12:20:42.0141 4196 msahci - ok

12:20:42.0157 4196 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\windows\system32\drivers\msdsm.sys

12:20:42.0172 4196 msdsm - ok

12:20:42.0203 4196 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\windows\System32\msdtc.exe

12:20:42.0235 4196 MSDTC - ok

12:20:42.0266 4196 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\windows\system32\drivers\Msfs.sys

12:20:42.0313 4196 Msfs - ok

12:20:42.0328 4196 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\windows\system32\drivers\msisadrv.sys

12:20:42.0344 4196 msisadrv - ok

12:20:42.0406 4196 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\windows\system32\iscsiexe.dll

12:20:42.0437 4196 MSiSCSI - ok

12:20:42.0453 4196 msiserver - ok

12:20:42.0500 4196 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

12:20:42.0531 4196 MSKSSRV - ok

12:20:42.0578 4196 [ AABD2BC9DADA61AD5EB4223BAAC4486D ] MSMQ C:\windows\system32\mqsvc.exe

12:20:42.0593 4196 MSMQ - ok

12:20:42.0656 4196 [ FA3849C021B463E383BF188A9F0C8ED5 ] MSMQTriggers C:\windows\system32\mqtgsvc.exe

12:20:42.0703 4196 MSMQTriggers - ok

12:20:42.0734 4196 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

12:20:42.0765 4196 MSPCLOCK - ok

12:20:42.0812 4196 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\windows\system32\drivers\MSPQM.sys

12:20:42.0843 4196 MSPQM - ok

12:20:42.0874 4196 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\windows\system32\drivers\MsRPC.sys

12:20:42.0890 4196 MsRPC - ok

12:20:42.0937 4196 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

12:20:42.0952 4196 mssmbios - ok

12:20:42.0983 4196 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\windows\system32\drivers\MSTEE.sys

12:20:43.0030 4196 MSTEE - ok

12:20:43.0077 4196 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\windows\system32\Drivers\mup.sys

12:20:43.0108 4196 Mup - ok

12:20:43.0139 4196 myAgtSvc - ok

12:20:43.0233 4196 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\windows\system32\qagentRT.dll

12:20:43.0280 4196 napagent - ok

12:20:43.0373 4196 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

12:20:43.0405 4196 NativeWifiP - ok

12:20:43.0436 4196 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\windows\system32\drivers\ndis.sys

12:20:43.0467 4196 NDIS - ok

12:20:43.0498 4196 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

12:20:43.0529 4196 NdisTapi - ok

12:20:43.0561 4196 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

12:20:43.0607 4196 Ndisuio - ok

12:20:43.0639 4196 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

12:20:43.0670 4196 NdisWan - ok

12:20:43.0701 4196 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

12:20:43.0748 4196 NDProxy - ok

12:20:43.0810 4196 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll

12:20:43.0826 4196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

12:20:43.0826 4196 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

12:20:43.0873 4196 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

12:20:43.0888 4196 NetBIOS - ok

12:20:43.0982 4196 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\windows\system32\DRIVERS\netbt.sys

12:20:44.0013 4196 netbt - ok

12:20:44.0044 4196 [ A3E186B4B935905B829219502557314E ] Netlogon C:\windows\system32\lsass.exe

12:20:44.0060 4196 Netlogon - ok

12:20:44.0122 4196 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\windows\System32\netman.dll

12:20:44.0169 4196 Netman - ok

12:20:44.0200 4196 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\windows\System32\netprofm.dll

12:20:44.0231 4196 netprofm - ok

12:20:44.0294 4196 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:20:44.0309 4196 NetTcpPortSharing - ok

12:20:44.0341 4196 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

12:20:44.0356 4196 nfrd960 - ok

12:20:44.0403 4196 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\windows\System32\nlasvc.dll

12:20:44.0434 4196 NlaSvc - ok

12:20:44.0621 4196 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

12:20:44.0653 4196 nmservice - ok

12:20:44.0715 4196 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\windows\system32\drivers\Npfs.sys

12:20:44.0762 4196 Npfs - ok

12:20:44.0793 4196 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\windows\system32\nsisvc.dll

12:20:44.0840 4196 nsi - ok

12:20:44.0887 4196 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

12:20:44.0949 4196 nsiproxy - ok

12:20:45.0261 4196 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

12:20:45.0355 4196 Ntfs - ok

12:20:45.0417 4196 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\windows\system32\drivers\ntrigdigi.sys

12:20:45.0495 4196 ntrigdigi - ok

12:20:45.0511 4196 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\windows\system32\drivers\Null.sys

12:20:45.0557 4196 Null - ok

12:20:45.0589 4196 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\windows\system32\drivers\nvraid.sys

12:20:45.0604 4196 nvraid - ok

12:20:45.0635 4196 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\windows\system32\drivers\nvstor.sys

12:20:45.0651 4196 nvstor - ok

12:20:45.0682 4196 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\windows\system32\drivers\nv_agp.sys

12:20:45.0698 4196 nv_agp - ok

12:20:45.0713 4196 NwlnkFlt - ok

12:20:45.0729 4196 NwlnkFwd - ok

12:20:45.0776 4196 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys

12:20:45.0807 4196 ohci1394 - ok

12:20:45.0869 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\windows\system32\p2psvc.dll

12:20:45.0947 4196 p2pimsvc - ok

12:20:45.0979 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\windows\system32\p2psvc.dll

12:20:46.0025 4196 p2psvc - ok

12:20:46.0103 4196 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\windows\system32\DRIVERS\parport.sys

12:20:46.0150 4196 Parport - ok

12:20:46.0213 4196 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\windows\system32\drivers\partmgr.sys

12:20:46.0228 4196 partmgr - ok

12:20:46.0259 4196 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys

12:20:46.0291 4196 Parvdm - ok

12:20:46.0337 4196 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\windows\System32\pcasvc.dll

12:20:46.0384 4196 PcaSvc - ok

12:20:46.0400 4196 pccsmcfd - ok

12:20:46.0447 4196 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\windows\system32\drivers\pci.sys

12:20:46.0462 4196 pci - ok

12:20:46.0509 4196 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\windows\system32\DRIVERS\pciide.sys

12:20:46.0525 4196 pciide - ok

12:20:46.0571 4196 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys

12:20:46.0587 4196 pcmcia - ok

12:20:46.0634 4196 pdfcDispatcher - ok

12:20:46.0696 4196 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\windows\system32\drivers\peauth.sys

12:20:46.0774 4196 PEAUTH - ok

12:20:47.0086 4196 [ B1689DF169143F57053F795390C99DB3 ] pla C:\windows\system32\pla.dll

12:20:47.0195 4196 pla - ok

12:20:47.0258 4196 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\windows\system32\umpnpmgr.dll

12:20:47.0305 4196 PlugPlay - ok

12:20:47.0367 4196 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll

12:20:47.0383 4196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

12:20:47.0383 4196 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

12:20:47.0429 4196 [ B63A3AE87ED0AC525B3AA88B39608BFC ] pnarp C:\windows\system32\DRIVERS\pnarp.sys

12:20:47.0429 4196 pnarp - ok

12:20:47.0476 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\windows\system32\p2psvc.dll

12:20:47.0492 4196 PNRPAutoReg - ok

12:20:47.0539 4196 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\windows\system32\p2psvc.dll

12:20:47.0570 4196 PNRPsvc - ok

12:20:47.0648 4196 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

12:20:47.0710 4196 PolicyAgent - ok

12:20:47.0757 4196 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

12:20:47.0788 4196 PptpMiniport - ok

12:20:47.0819 4196 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\windows\system32\drivers\processr.sys

12:20:47.0851 4196 Processor - ok

12:20:47.0897 4196 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\windows\system32\profsvc.dll

12:20:47.0944 4196 ProfSvc - ok

12:20:47.0960 4196 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\windows\system32\lsass.exe

12:20:47.0991 4196 ProtectedStorage - ok

12:20:48.0022 4196 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\windows\system32\DRIVERS\pacer.sys

12:20:48.0053 4196 PSched - ok

12:20:48.0085 4196 [ 633CC728D6493C4263368A86928B0BFD ] purendis C:\windows\system32\DRIVERS\purendis.sys

12:20:48.0100 4196 purendis - ok

12:20:48.0147 4196 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys

12:20:48.0147 4196 PxHelp20 - ok

12:20:48.0381 4196 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\windows\system32\drivers\ql2300.sys

12:20:48.0459 4196 ql2300 - ok

12:20:48.0490 4196 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\windows\system32\drivers\ql40xx.sys

12:20:48.0506 4196 ql40xx - ok

12:20:48.0553 4196 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\windows\system32\qwave.dll

12:20:48.0584 4196 QWAVE - ok

12:20:48.0615 4196 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

12:20:48.0646 4196 QWAVEdrv - ok

12:20:48.0662 4196 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

12:20:48.0709 4196 RasAcd - ok

12:20:48.0755 4196 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\windows\System32\rasauto.dll

12:20:48.0802 4196 RasAuto - ok

12:20:48.0849 4196 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

12:20:48.0880 4196 Rasl2tp - ok

12:20:48.0958 4196 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\windows\System32\rasmans.dll

12:20:48.0989 4196 RasMan - ok

12:20:49.0036 4196 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

12:20:49.0083 4196 RasPppoe - ok

12:20:49.0130 4196 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

12:20:49.0161 4196 RasSstp - ok

12:20:49.0223 4196 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

12:20:49.0270 4196 rdbss - ok

12:20:49.0301 4196 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

12:20:49.0348 4196 RDPCDD - ok

12:20:49.0457 4196 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\windows\system32\drivers\rdpdr.sys

12:20:49.0504 4196 rdpdr - ok

12:20:49.0535 4196 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

12:20:49.0582 4196 RDPENCDD - ok

12:20:49.0629 4196 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\windows\system32\drivers\RDPWD.sys

12:20:49.0691 4196 RDPWD - ok

12:20:49.0723 4196 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\windows\System32\mprdim.dll

12:20:49.0785 4196 RemoteAccess - ok

12:20:49.0832 4196 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\windows\system32\regsvc.dll

12:20:49.0863 4196 RemoteRegistry - ok

12:20:49.0910 4196 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\windows\system32\DRIVERS\RMCAST.sys

12:20:49.0925 4196 RMCAST - ok

12:20:50.0284 4196 [ 5C13017FC008F8492D03143634A479CE ] RoxMediaDB10 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

12:20:50.0347 4196 RoxMediaDB10 - ok

12:20:50.0393 4196 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\windows\system32\locator.exe

12:20:50.0425 4196 RpcLocator - ok

12:20:50.0518 4196 [ 6684437F3628EF237C354F77D33426D1 ] rpcnet C:\windows\system32\rpcnet.exe

12:20:50.0534 4196 rpcnet - ok

12:20:50.0565 4196 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\windows\system32\rpcss.dll

12:20:50.0612 4196 RpcSs - ok

12:20:50.0643 4196 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

12:20:50.0674 4196 rspndr - ok

12:20:50.0705 4196 [ A3E186B4B935905B829219502557314E ] SamSs C:\windows\system32\lsass.exe

12:20:50.0721 4196 SamSs - ok

12:20:50.0737 4196 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\windows\system32\drivers\sbp2port.sys

12:20:50.0768 4196 sbp2port - ok

12:20:50.0830 4196 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\windows\System32\SCardSvr.dll

12:20:50.0861 4196 SCardSvr - ok

12:20:50.0924 4196 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\windows\system32\schedsvc.dll

12:20:51.0017 4196 Schedule - ok

12:20:51.0033 4196 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\windows\System32\certprop.dll

12:20:51.0064 4196 SCPolicySvc - ok

12:20:51.0127 4196 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\windows\System32\SDRSVC.dll

12:20:51.0173 4196 SDRSVC - ok

12:20:51.0236 4196 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys

12:20:51.0283 4196 secdrv - ok

12:20:51.0329 4196 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\windows\system32\seclogon.dll

12:20:51.0376 4196 seclogon - ok

12:20:51.0423 4196 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\windows\System32\sens.dll

12:20:51.0470 4196 SENS - ok

12:20:51.0517 4196 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\windows\system32\drivers\serenum.sys

12:20:51.0579 4196 Serenum - ok

12:20:51.0610 4196 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\windows\system32\drivers\serial.sys

12:20:51.0657 4196 Serial - ok

12:20:51.0704 4196 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\windows\system32\drivers\sermouse.sys

12:20:51.0751 4196 sermouse - ok

12:20:51.0797 4196 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\windows\system32\sessenv.dll

12:20:51.0829 4196 SessionEnv - ok

12:20:51.0875 4196 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\windows\system32\drivers\sffdisk.sys

12:20:51.0907 4196 sffdisk - ok

12:20:51.0938 4196 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

12:20:51.0969 4196 sffp_mmc - ok

12:20:52.0000 4196 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

12:20:52.0047 4196 sffp_sd - ok

12:20:52.0078 4196 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\windows\system32\drivers\sfloppy.sys

12:20:52.0141 4196 sfloppy - ok

12:20:52.0187 4196 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\windows\System32\shsvcs.dll

12:20:52.0234 4196 ShellHWDetection - ok

12:20:52.0265 4196 [ A275FBB7C99458C12E088DFF3E58EB4D ] simptcp C:\windows\System32\tcpsvcs.exe

12:20:52.0297 4196 simptcp - ok

12:20:52.0343 4196 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\windows\system32\drivers\sisagp.sys

12:20:52.0359 4196 sisagp - ok

12:20:52.0390 4196 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\windows\system32\drivers\sisraid2.sys

12:20:52.0406 4196 SiSRaid2 - ok

12:20:52.0437 4196 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

12:20:52.0453 4196 SiSRaid4 - ok

12:20:52.0515 4196 [ 875B04A71869D34A415CC8B4D4673EC4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

12:20:52.0531 4196 SkypeUpdate - ok

12:20:53.0326 4196 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\windows\system32\SLsvc.exe

12:20:53.0560 4196 slsvc - ok

12:20:53.0607 4196 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\windows\system32\SLUINotify.dll

12:20:53.0669 4196 SLUINotify - ok

12:20:53.0716 4196 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\windows\system32\DRIVERS\smb.sys

12:20:53.0747 4196 Smb - ok

12:20:53.0779 4196 [ 26BA81BA48C3D9FB292B4B60FDE849F2 ] SNMP C:\windows\System32\snmp.exe

12:20:53.0825 4196 SNMP - ok

12:20:53.0857 4196 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\windows\System32\snmptrap.exe

12:20:53.0872 4196 SNMPTRAP - ok

12:20:53.0903 4196 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\windows\system32\drivers\spldr.sys

12:20:53.0919 4196 spldr - ok

12:20:53.0950 4196 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\windows\System32\spoolsv.exe

12:20:53.0981 4196 Spooler - ok

12:20:54.0028 4196 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\windows\system32\DRIVERS\srv.sys

12:20:54.0075 4196 srv - ok

12:20:54.0122 4196 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\windows\system32\DRIVERS\srv2.sys

12:20:54.0169 4196 srv2 - ok

12:20:54.0184 4196 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

12:20:54.0215 4196 srvnet - ok

12:20:54.0278 4196 [ BB6EDB0257860083193CC1581AC7D485 ] ssadbus C:\windows\system32\DRIVERS\ssadbus.sys

12:20:54.0293 4196 ssadbus - ok

12:20:54.0325 4196 [ 5BCB68F7B62159C07789D3F405750623 ] ssadmdfl C:\windows\system32\DRIVERS\ssadmdfl.sys

12:20:54.0340 4196 ssadmdfl - ok

12:20:54.0418 4196 [ 1588A89F9CD9E68DE9FCC9F60FDB5C08 ] ssadmdm C:\windows\system32\DRIVERS\ssadmdm.sys

12:20:54.0449 4196 ssadmdm - ok

12:20:54.0527 4196 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

12:20:54.0590 4196 SSDPSRV - ok

12:20:54.0637 4196 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys

12:20:54.0668 4196 ssmdrv - ok

12:20:54.0683 4196 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\windows\system32\sstpsvc.dll

12:20:54.0699 4196 SstpSvc - ok

12:20:54.0824 4196 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\windows\System32\wiaservc.dll

12:20:54.0902 4196 stisvc - ok

12:20:54.0964 4196 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

12:20:54.0995 4196 stllssvr - ok

12:20:55.0027 4196 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\windows\system32\DRIVERS\swenum.sys

12:20:55.0042 4196 swenum - ok

12:20:55.0151 4196 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\windows\System32\swprv.dll

12:20:55.0214 4196 swprv - ok

12:20:55.0229 4196 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\windows\system32\drivers\symc8xx.sys

12:20:55.0245 4196 Symc8xx - ok

12:20:55.0276 4196 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\windows\system32\drivers\sym_hi.sys

12:20:55.0292 4196 Sym_hi - ok

12:20:55.0323 4196 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\windows\system32\drivers\sym_u3.sys

12:20:55.0339 4196 Sym_u3 - ok

12:20:55.0385 4196 [ F5D926807BD9BC0AF68F9376144DE425 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

12:20:55.0417 4196 SynTP - ok

12:20:55.0510 4196 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\windows\system32\sysmain.dll

12:20:55.0573 4196 SysMain - ok

12:20:55.0619 4196 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\windows\System32\TabSvc.dll

12:20:55.0651 4196 TabletInputService - ok

12:20:55.0697 4196 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\windows\System32\tapisrv.dll

12:20:55.0744 4196 TapiSrv - ok

12:20:55.0775 4196 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\windows\System32\tbssvc.dll

12:20:55.0822 4196 TBS - ok

12:20:55.0963 4196 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\windows\system32\drivers\tcpip.sys

12:20:56.0056 4196 Tcpip - ok

12:20:56.0337 4196 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\windows\system32\DRIVERS\tcpip.sys

12:20:56.0399 4196 Tcpip6 - ok

12:20:56.0462 4196 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

12:20:56.0509 4196 tcpipreg - ok

12:20:56.0587 4196 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

12:20:56.0665 4196 TDPIPE - ok

12:20:56.0696 4196 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

12:20:56.0711 4196 TDTCP - ok

12:20:56.0774 4196 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\windows\system32\DRIVERS\tdx.sys

12:20:56.0821 4196 tdx - ok

12:20:56.0852 4196 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

12:20:56.0867 4196 TermDD - ok

12:20:56.0992 4196 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\windows\System32\termsrv.dll

12:20:57.0039 4196 TermService - ok

12:20:57.0086 4196 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\windows\system32\shsvcs.dll

12:20:57.0117 4196 Themes - ok

12:20:57.0148 4196 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\windows\system32\mmcss.dll

12:20:57.0179 4196 THREADORDER - ok

12:20:57.0211 4196 [ CB258C2F726F1BE73C507022BE33EBB3 ] TPM C:\windows\system32\drivers\tpm.sys

12:20:57.0242 4196 TPM - ok

12:20:57.0273 4196 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\windows\System32\trkwks.dll

12:20:57.0320 4196 TrkWks - ok

12:20:57.0398 4196 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

12:20:57.0445 4196 TrustedInstaller - ok

12:20:57.0460 4196 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

12:20:57.0507 4196 tssecsrv - ok

12:20:57.0538 4196 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\windows\system32\DRIVERS\tunmp.sys

12:20:57.0554 4196 tunmp - ok

12:20:57.0601 4196 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

12:20:57.0616 4196 tunnel - ok

12:20:57.0647 4196 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\windows\system32\drivers\uagp35.sys

12:20:57.0663 4196 uagp35 - ok

12:20:57.0757 4196 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\windows\system32\DRIVERS\udfs.sys

12:20:57.0788 4196 udfs - ok

12:20:57.0835 4196 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\windows\system32\UI0Detect.exe

12:20:57.0881 4196 UI0Detect - ok

12:20:57.0913 4196 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

12:20:57.0944 4196 uliagpkx - ok

12:20:57.0975 4196 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\windows\system32\drivers\uliahci.sys

12:20:57.0991 4196 uliahci - ok

12:20:58.0022 4196 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\windows\system32\drivers\ulsata.sys

12:20:58.0037 4196 UlSata - ok

12:20:58.0100 4196 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\windows\system32\drivers\ulsata2.sys

12:20:58.0100 4196 ulsata2 - ok

12:20:58.0147 4196 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\windows\system32\DRIVERS\umbus.sys

12:20:58.0178 4196 umbus - ok

12:20:58.0240 4196 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\windows\System32\upnphost.dll

12:20:58.0287 4196 upnphost - ok

12:20:58.0318 4196 upperdev - ok

12:20:58.0349 4196 usbbus - ok

12:20:58.0381 4196 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

12:20:58.0412 4196 usbccgp - ok

12:20:58.0427 4196 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\windows\system32\drivers\usbcir.sys

12:20:58.0505 4196 usbcir - ok

12:20:58.0521 4196 UsbDiag - ok

12:20:58.0552 4196 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

12:20:58.0583 4196 usbehci - ok

12:20:58.0677 4196 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

12:20:58.0755 4196 usbhub - ok

12:20:58.0771 4196 USBModem - ok

12:20:58.0849 4196 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys

12:20:58.0911 4196 usbohci - ok

12:20:58.0927 4196 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\windows\system32\drivers\usbprint.sys

12:20:58.0989 4196 usbprint - ok

12:20:59.0036 4196 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

12:20:59.0083 4196 USBSTOR - ok

12:20:59.0145 4196 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys

12:20:59.0192 4196 usbuhci - ok

12:20:59.0223 4196 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\windows\System32\uxsms.dll

12:20:59.0254 4196 UxSms - ok

12:20:59.0363 4196 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\windows\System32\vds.exe

12:20:59.0410 4196 vds - ok

12:20:59.0457 4196 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\windows\system32\DRIVERS\vgapnp.sys

12:20:59.0488 4196 vga - ok

12:20:59.0519 4196 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\windows\System32\drivers\vga.sys

12:20:59.0535 4196 VgaSave - ok

12:20:59.0566 4196 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\windows\system32\drivers\viaagp.sys

12:20:59.0597 4196 viaagp - ok

12:20:59.0629 4196 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\windows\system32\drivers\viac7.sys

12:20:59.0675 4196 ViaC7 - ok

12:20:59.0707 4196 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\windows\system32\drivers\viaide.sys

12:20:59.0738 4196 viaide - ok

12:20:59.0769 4196 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\windows\system32\drivers\volmgr.sys

12:20:59.0785 4196 volmgr - ok

12:20:59.0894 4196 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\windows\system32\drivers\volmgrx.sys

12:20:59.0941 4196 volmgrx - ok

12:21:00.0019 4196 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\windows\system32\drivers\volsnap.sys

12:21:00.0034 4196 volsnap - ok

12:21:00.0081 4196 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

12:21:00.0097 4196 vsmraid - ok

12:21:00.0143 4196 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\windows\system32\vssvc.exe

12:21:00.0237 4196 VSS - ok

12:21:00.0284 4196 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\windows\system32\w32time.dll

12:21:00.0331 4196 W32Time - ok

12:21:00.0393 4196 [ F22CA75C05204F76D06E6C530529455C ] W3SVC C:\windows\system32\inetsrv\iisw3adm.dll

12:21:00.0440 4196 W3SVC - ok

12:21:00.0471 4196 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\windows\system32\drivers\wacompen.sys

12:21:00.0518 4196 WacomPen - ok

12:21:00.0549 4196 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys

12:21:00.0580 4196 Wanarp - ok

12:21:00.0596 4196 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

12:21:00.0627 4196 Wanarpv6 - ok

12:21:00.0658 4196 [ F22CA75C05204F76D06E6C530529455C ] WAS C:\windows\system32\inetsrv\iisw3adm.dll

12:21:00.0705 4196 WAS - ok

12:21:00.0752 4196 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\windows\System32\wcncsvc.dll

12:21:00.0783 4196 wcncsvc - ok

12:21:00.0814 4196 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

12:21:00.0861 4196 WcsPlugInService - ok

12:21:00.0892 4196 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\windows\system32\drivers\wd.sys

12:21:00.0908 4196 Wd - ok

12:21:00.0939 4196 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

12:21:00.0986 4196 Wdf01000 - ok

12:21:01.0017 4196 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\windows\system32\wdi.dll

12:21:01.0079 4196 WdiServiceHost - ok

12:21:01.0095 4196 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\windows\system32\wdi.dll

12:21:01.0126 4196 WdiSystemHost - ok

12:21:01.0189 4196 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\windows\System32\webclnt.dll

12:21:01.0204 4196 WebClient - ok

12:21:01.0251 4196 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\windows\system32\wecsvc.dll

12:21:01.0298 4196 Wecsvc - ok

12:21:01.0329 4196 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\windows\System32\wercplsupport.dll

12:21:01.0360 4196 wercplsupport - ok

12:21:01.0407 4196 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\windows\System32\WerSvc.dll

12:21:01.0423 4196 WerSvc - ok

12:21:01.0469 4196 WinDefend - ok

12:21:01.0485 4196 WinHttpAutoProxySvc - ok

12:21:01.0547 4196 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

12:21:01.0579 4196 Winmgmt - ok

12:21:01.0657 4196 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\windows\system32\WsmSvc.dll

12:21:01.0781 4196 WinRM - ok

12:21:01.0844 4196 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\windows\System32\wlansvc.dll

12:21:01.0891 4196 Wlansvc - ok

12:21:02.0031 4196 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

12:21:02.0156 4196 wlidsvc - ok

12:21:02.0187 4196 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys

12:21:02.0234 4196 WmiAcpi - ok

12:21:02.0281 4196 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

12:21:02.0312 4196 wmiApSrv - ok

12:21:02.0390 4196 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

12:21:02.0421 4196 WMPNetworkSvc - ok

12:21:02.0483 4196 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\windows\System32\wpcsvc.dll

12:21:02.0530 4196 WPCSvc - ok

12:21:02.0593 4196 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

12:21:02.0624 4196 WPDBusEnum - ok

12:21:02.0671 4196 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\windows\system32\DRIVERS\wpdusb.sys

12:21:02.0702 4196 WpdUsb - ok

12:21:02.0733 4196 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

12:21:02.0749 4196 ws2ifsl - ok

12:21:02.0795 4196 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\windows\system32\wscsvc.dll

12:21:02.0827 4196 wscsvc - ok

12:21:02.0889 4196 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys

12:21:02.0905 4196 WSDPrintDevice - ok

12:21:02.0920 4196 WSearch - ok

12:21:03.0045 4196 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll

12:21:03.0123 4196 wuauserv - ok

12:21:03.0170 4196 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

12:21:03.0201 4196 WUDFRd - ok

12:21:03.0263 4196 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\windows\System32\WUDFSvc.dll

12:21:03.0310 4196 wudfsvc - ok

12:21:03.0341 4196 ================ Scan global ===============================

12:21:03.0373 4196 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\windows\system32\basesrv.dll

12:21:03.0451 4196 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\windows\system32\winsrv.dll

12:21:03.0466 4196 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\windows\system32\winsrv.dll

12:21:03.0529 4196 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\windows\system32\services.exe

12:21:03.0529 4196 [Global] - ok

12:21:03.0529 4196 ================ Scan MBR ==================================

12:21:03.0544 4196 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

12:21:03.0950 4196 \Device\Harddisk0\DR0 - ok

12:21:03.0950 4196 ================ Scan VBR ==================================

12:21:03.0950 4196 [ 6C4FA8002DF4DAC3808508E59C57F95A ] \Device\Harddisk0\DR0\Partition1

12:21:03.0950 4196 \Device\Harddisk0\DR0\Partition1 - ok

12:21:03.0981 4196 [ 4C49EFD08F9AF39B49272610341042E3 ] \Device\Harddisk0\DR0\Partition2

12:21:03.0981 4196 \Device\Harddisk0\DR0\Partition2 - ok

12:21:03.0981 4196 ============================================================

12:21:03.0981 4196 Scan finished

12:21:03.0981 4196 ============================================================

12:21:03.0997 5876 Detected object count: 10

12:21:03.0997 5876 Actual detected object count: 10

12:22:36.0011 5876 DAMDrv ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0011 5876 DAMDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0011 5876 FLCDLOCK ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0011 5876 FLCDLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0011 5876 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0011 5876 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0011 5876 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0011 5876 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0011 5876 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0011 5876 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0011 5876 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0011 5876 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0011 5876 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0011 5876 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0027 5876 LinksysUpdater ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0027 5876 LinksysUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0027 5876 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0027 5876 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:22:36.0027 5876 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

12:22:36.0027 5876 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip