PC Virusvrij maken

[scveld]

Hallo,

Ik wil mijn PC helemaal schoon maken zonder dat ik Windows helemaal opnieuw hoef te installeren (plus alle programma's die ik erna op heb gezet zoals MS Office, Itunes enz).

Heb nu Avast geïnstalleerd, CCleaner en wat kan ik nu het beste doen?

Groeten,

Stephan

[Asus]

Kan je het onderstaande uitvoeren ?...

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.

---

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

---

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

[scveld]

Ben nu bezig volledige systemscan te doen met Avast, daarna CCleaner, MBAM en Hijackthis. Van MBAM en Hijackthis een log plaatsen?

[kape]

Van MBAM en Hijackthis een log plaatsen?

Inderdaad ... hang beide logjes in een volgende bericht !

[scveld]

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.07.11.05

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Gebruiker :: GEBRUIK-6OK978D [administrator]

Bescherming: Ingeschakeld

11-7-2013 21:04:21

mbam-log-2013-07-11 (21-04-21).txt

Scan type: Volledige scan (C:\|D:\|E:\|F:\|G:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 404058

Verstreken tijd: 1 uur/uren, 33 minuut/minuten, 45 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

- - - Updated - - -

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 22:39:08, on 11-7-2013

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 8120 bytes

[kape]

Dit ziet er behoorlijk netjes uit.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht, samen met een nieuw logje van HijackThis.

[scveld]

# AdwCleaner v2.305 - Verslag gemaakt op 12/07/2013 om 17:00:07

# Geactualiseerd op 11/07/2013 door Xplode

# Besturingssysteem : Windows 7 Ultimate (64 bits)

# Gebruiker : Gebruiker - GEBRUIK-6OK978D

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Gebruiker\Desktop\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Verwijderd : C:\Program Files (x86)\Conduit

Map Verwijderd : C:\Users\Gebruiker\AppData\Local\APN

Map Verwijderd : C:\Users\Gebruiker\AppData\Local\Conduit

Map Verwijderd : C:\Users\Gebruiker\AppData\LocalLow\Conduit

Map Verwijderd : C:\Users\Gebruiker\AppData\LocalLow\PriceGong

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar

Sleutel Verwijderd : HKCU\Software\Conduit

Sleutel Verwijderd : HKLM\Software\Conduit

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v28.0.1500.71

File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [1505 octets] - [12/07/2013 17:00:07]

########## EOF - C:\AdwCleaner[s1].txt - [1565 octets] ##########

- - - Updated - - -

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 17:03:40, on 12-7-2013

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\Desktop\HijackThis.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 7656 bytes

- - - Updated - - -

Volgens mijn provider zou mijn computer "het gevaarlijke virus Torpig" bevatten..

- - - Updated - - -

En ik wil graag weer mijn bankzaken kunnen doen op mijn PC

[kape]

Is Ziggo toevallig je provider ? Zo ja, doe dan eens het volgende:

Download TDSSKiller en plaats het op je bureaublad.

• Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.
  
  • Klik hier voor de handleiding van Kaspersky TDSSKiller
    

  [*] Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).

  [*] Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"

  [*] Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.

  [*] Start nu TDSSkiller opnieuw.

  [*] Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

  

  [*] Klik op de knop "Start Scan" en volg de instructies.

  • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
    
  • Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt
    
  • Voeg dit log-bestand als bijlage toe aan het volgende bericht.
    

[scveld]

Een duitse provider gezien ik in Kranenburg zit, '1und1'..

[scveld]

15:38:07.0426 3204 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

15:38:08.0802 3204 ============================================================

15:38:08.0802 3204 Current date / time: 2013/07/15 15:38:08.0802

15:38:08.0802 3204 SystemInfo:

15:38:08.0802 3204

15:38:08.0802 3204 OS Version: 6.1.7600 ServicePack: 0.0

15:38:08.0802 3204 Product type: Workstation

15:38:08.0803 3204 ComputerName: GEBRUIK-6OK978D

15:38:08.0803 3204 UserName: Gebruiker

15:38:08.0803 3204 Windows directory: C:\Windows

15:38:08.0803 3204 System windows directory: C:\Windows

15:38:08.0803 3204 Running under WOW64

15:38:08.0803 3204 Processor architecture: Intel x64

15:38:08.0803 3204 Number of processors: 2

15:38:08.0803 3204 Page size: 0x1000

15:38:08.0803 3204 Boot type: Normal boot

15:38:08.0803 3204 ============================================================

15:38:10.0192 3204 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:38:12.0226 3204 Drive \Device\Harddisk1\DR2 - Size: 0xAEA8C00000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

15:38:12.0896 3204 Drive \Device\Harddisk2\DR3 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

15:38:13.0243 3204 Drive \Device\Harddisk3\DR4 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

15:38:13.0261 3204 ============================================================

15:38:13.0261 3204 \Device\Harddisk0\DR0:

15:38:13.0261 3204 MBR partitions:

15:38:13.0261 3204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

15:38:13.0262 3204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800

15:38:13.0262 3204 \Device\Harddisk1\DR2:

15:38:13.0282 3204 MBR partitions:

15:38:13.0282 3204 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544B01

15:38:13.0282 3204 \Device\Harddisk2\DR3:

15:38:13.0294 3204 MBR partitions:

15:38:13.0294 3204 \Device\Harddisk2\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41

15:38:13.0294 3204 \Device\Harddisk3\DR4:

15:38:13.0294 3204 MBR partitions:

15:38:13.0294 3204 \Device\Harddisk3\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000

15:38:13.0294 3204 ============================================================

15:38:13.0316 3204 C: <-> \Device\Harddisk0\DR0\Partition2

15:38:13.0371 3204 E: <-> \Device\Harddisk2\DR3\Partition1

15:38:13.0423 3204 F: <-> \Device\Harddisk1\DR2\Partition1

15:38:13.0475 3204 G: <-> \Device\Harddisk3\DR4\Partition1

15:38:13.0475 3204 ============================================================

15:38:13.0476 3204 Initialize success

15:38:13.0476 3204 ============================================================

15:40:41.0732 3860 ============================================================

15:40:41.0732 3860 Scan started

15:40:41.0732 3860 Mode: Manual; SigCheck; TDLFS;

15:40:41.0732 3860 ============================================================

15:40:42.0796 3860 ================ Scan system memory ========================

15:40:42.0796 3860 System memory - ok

15:40:42.0797 3860 ================ Scan services =============================

15:40:42.0947 3860 [ 82CF5050B936A1F24276192BEC6C7162 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys

15:40:43.0206 3860 1394ohci - ok

15:40:43.0237 3860 [ A65C2611BC652DB25F56E28AE1CF417D ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys

15:40:43.0297 3860 ACPI - ok

15:40:43.0314 3860 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys

15:40:43.0385 3860 AcpiPmi - ok

15:40:43.0501 3860 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

15:40:43.0546 3860 AdobeARMservice - ok

15:40:43.0642 3860 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:40:43.0687 3860 AdobeFlashPlayerUpdateSvc - ok

15:40:43.0735 3860 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

15:40:43.0801 3860 adp94xx - ok

15:40:43.0849 3860 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

15:40:43.0906 3860 adpahci - ok

15:40:43.0931 3860 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

15:40:43.0980 3860 adpu320 - ok

15:40:44.0018 3860 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

15:40:44.0090 3860 AeLookupSvc - ok

15:40:44.0140 3860 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys

15:40:44.0205 3860 AFD - ok

15:40:44.0228 3860 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys

15:40:44.0275 3860 agp440 - ok

15:40:44.0286 3860 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

15:40:44.0367 3860 ALG - ok

15:40:44.0405 3860 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys

15:40:44.0449 3860 aliide - ok

15:40:44.0468 3860 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys

15:40:44.0513 3860 amdide - ok

15:40:44.0536 3860 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

15:40:44.0607 3860 AmdK8 - ok

15:40:44.0632 3860 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

15:40:44.0697 3860 AmdPPM - ok

15:40:44.0735 3860 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys

15:40:44.0783 3860 amdsata - ok

15:40:44.0811 3860 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

15:40:44.0862 3860 amdsbs - ok

15:40:44.0882 3860 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys

15:40:44.0926 3860 amdxata - ok

15:40:44.0960 3860 [ 308A886677FB0BD87F495DC95ACD8C54 ] AppID C:\Windows\system32\drivers\appid.sys

15:40:45.0030 3860 AppID - ok

15:40:45.0051 3860 [ C0FA6F414410F70417016632DB6FEAF7 ] AppIDSvc C:\Windows\System32\appidsvc.dll

15:40:45.0107 3860 AppIDSvc - ok

15:40:45.0147 3860 [ D6F0947000BC35FA0F6FAC21D2BAEE9B ] Appinfo C:\Windows\System32\appinfo.dll

15:40:45.0209 3860 Appinfo - ok

15:40:45.0327 3860 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:40:45.0372 3860 Apple Mobile Device - ok

15:40:45.0404 3860 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

15:40:45.0466 3860 AppMgmt - ok

15:40:45.0497 3860 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

15:40:45.0545 3860 arc - ok

15:40:45.0564 3860 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

15:40:45.0610 3860 arcsas - ok

15:40:45.0663 3860 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

15:40:45.0723 3860 aswFsBlk - ok

15:40:45.0774 3860 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

15:40:45.0818 3860 aswMonFlt - ok

15:40:45.0841 3860 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

15:40:45.0882 3860 aswRdr - ok

15:40:45.0917 3860 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys

15:40:45.0957 3860 aswRvrt - ok

15:40:46.0017 3860 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

15:40:46.0109 3860 aswSnx - ok

15:40:46.0140 3860 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys

15:40:46.0195 3860 aswSP - ok

15:40:46.0210 3860 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

15:40:46.0251 3860 aswTdi - ok

15:40:46.0293 3860 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys

15:40:46.0341 3860 aswVmm - ok

15:40:46.0366 3860 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

15:40:46.0493 3860 AsyncMac - ok

15:40:46.0513 3860 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys

15:40:46.0556 3860 atapi - ok

15:40:46.0601 3860 [ 4E7F607A185B2FFDCD0A60F9673C42A8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

15:40:46.0688 3860 AudioEndpointBuilder - ok

15:40:46.0711 3860 [ 4E7F607A185B2FFDCD0A60F9673C42A8 ] AudioSrv C:\Windows\System32\Audiosrv.dll

15:40:46.0773 3860 AudioSrv - ok

15:40:46.0907 3860 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

15:40:46.0945 3860 avast! Antivirus - ok

15:40:46.0972 3860 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll

15:40:47.0048 3860 AxInstSV - ok

15:40:47.0094 3860 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

15:40:47.0165 3860 b06bdrv - ok

15:40:47.0204 3860 [ AF72E87555F00772611C32B7C7194755 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

15:40:47.0253 3860 b57nd60a - ok

15:40:47.0276 3860 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

15:40:47.0342 3860 BDESVC - ok

15:40:47.0366 3860 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

15:40:47.0490 3860 Beep - ok

15:40:47.0525 3860 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll

15:40:47.0613 3860 BFE - ok

15:40:47.0659 3860 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll

15:40:47.0821 3860 BITS - ok

15:40:47.0839 3860 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

15:40:47.0900 3860 blbdrive - ok

15:40:47.0994 3860 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

15:40:48.0048 3860 Bonjour Service - ok

15:40:48.0096 3860 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

15:40:48.0170 3860 bowser - ok

15:40:48.0189 3860 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:40:48.0272 3860 BrFiltLo - ok

15:40:48.0288 3860 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:40:48.0344 3860 BrFiltUp - ok

15:40:48.0381 3860 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll

15:40:48.0439 3860 Browser - ok

15:40:48.0464 3860 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

15:40:48.0535 3860 Brserid - ok

15:40:48.0553 3860 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

15:40:48.0620 3860 BrSerWdm - ok

15:40:48.0631 3860 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

15:40:48.0686 3860 BrUsbMdm - ok

15:40:48.0695 3860 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

15:40:48.0743 3860 BrUsbSer - ok

15:40:48.0768 3860 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

15:40:48.0824 3860 BTHMODEM - ok

15:40:48.0863 3860 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

15:40:48.0982 3860 bthserv - ok

15:40:49.0009 3860 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

15:40:49.0120 3860 cdfs - ok

15:40:49.0144 3860 [ D31F9B6C218F64C15D10FFE71C2EF842 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

15:40:49.0200 3860 cdrom - ok

15:40:49.0225 3860 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll

15:40:49.0354 3860 CertPropSvc - ok

15:40:49.0379 3860 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

15:40:49.0434 3860 circlass - ok

15:40:49.0466 3860 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

15:40:49.0525 3860 CLFS - ok

15:40:49.0595 3860 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:40:49.0639 3860 clr_optimization_v2.0.50727_32 - ok

15:40:49.0677 3860 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:40:49.0719 3860 clr_optimization_v2.0.50727_64 - ok

15:40:49.0810 3860 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:40:49.0874 3860 clr_optimization_v4.0.30319_32 - ok

15:40:49.0933 3860 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:40:49.0974 3860 clr_optimization_v4.0.30319_64 - ok

15:40:50.0005 3860 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

15:40:50.0067 3860 CmBatt - ok

15:40:50.0083 3860 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys

15:40:50.0127 3860 cmdide - ok

15:40:50.0180 3860 [ 7EDC0DA6196B0F4CE14076A0E32D83CE ] CNG C:\Windows\system32\Drivers\cng.sys

15:40:50.0264 3860 CNG - ok

15:40:50.0302 3860 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

15:40:50.0348 3860 Compbatt - ok

15:40:50.0370 3860 [ 624252B323794238565356BADB094295 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

15:40:50.0425 3860 CompositeBus - ok

15:40:50.0434 3860 COMSysApp - ok

15:40:50.0460 3860 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

15:40:50.0504 3860 crcdisk - ok

15:40:50.0548 3860 [ 456107D69D4EE850A559434F19EFEE65 ] CryptSvc C:\Windows\system32\cryptsvc.dll

15:40:50.0608 3860 CryptSvc - ok

15:40:50.0647 3860 [ 615F807AD2304D82D11EC11AFCC48963 ] CSC C:\Windows\system32\drivers\csc.sys

15:40:50.0710 3860 CSC - ok

15:40:50.0760 3860 [ 5137AF832C5FB8CC35D2535650DD003D ] CscService C:\Windows\System32\cscsvc.dll

15:40:50.0843 3860 CscService - ok

15:40:50.0892 3860 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll

15:40:51.0025 3860 DcomLaunch - ok

15:40:51.0059 3860 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

15:40:51.0183 3860 defragsvc - ok

15:40:51.0220 3860 [ 59E1C75E5DDBB70BF5A9C6A34D31B4AC ] DfsC C:\Windows\system32\Drivers\dfsc.sys

15:40:51.0269 3860 DfsC - ok

15:40:51.0290 3860 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll

15:40:51.0373 3860 Dhcp - ok

15:40:51.0403 3860 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

15:40:51.0519 3860 discache - ok

15:40:51.0542 3860 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

15:40:51.0588 3860 Disk - ok

15:40:51.0631 3860 [ D8065FA366D28746EE3D75F08ED6B2FE ] Dnscache C:\Windows\System32\dnsrslvr.dll

15:40:51.0699 3860 Dnscache - ok

15:40:51.0721 3860 [ 8F526F946E2BA208307DB492B2642D02 ] dot3svc C:\Windows\System32\dot3svc.dll

15:40:51.0792 3860 dot3svc - ok

15:40:51.0805 3860 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll

15:40:51.0920 3860 DPS - ok

15:40:51.0956 3860 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

15:40:52.0010 3860 drmkaud - ok

15:40:52.0080 3860 [ 601E731BF8E3F22906CE7D4D724B0439 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

15:40:52.0168 3860 DXGKrnl - ok

15:40:52.0193 3860 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

15:40:52.0318 3860 EapHost - ok

15:40:52.0448 3860 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

15:40:52.0653 3860 ebdrv - ok

15:40:52.0690 3860 [ BF63CE11A25F3509129888710D5111FC ] EFS C:\Windows\System32\lsass.exe

15:40:52.0755 3860 EFS - ok

15:40:52.0797 3860 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

15:40:52.0862 3860 elxstor - ok

15:40:52.0879 3860 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys

15:40:52.0954 3860 ErrDev - ok

15:40:53.0010 3860 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

15:40:53.0131 3860 EventSystem - ok

15:40:53.0162 3860 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

15:40:53.0278 3860 exfat - ok

15:40:53.0308 3860 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

15:40:53.0437 3860 fastfat - ok

15:40:53.0477 3860 [ E650F37CBC81985E52B22BA6C9C0B039 ] Fax C:\Windows\system32\fxssvc.exe

15:40:53.0564 3860 Fax - ok

15:40:53.0584 3860 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

15:40:53.0633 3860 fdc - ok

15:40:53.0652 3860 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

15:40:53.0763 3860 fdPHost - ok

15:40:53.0784 3860 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

15:40:53.0903 3860 FDResPub - ok

15:40:53.0926 3860 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

15:40:53.0972 3860 FileInfo - ok

15:40:53.0984 3860 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

15:40:54.0093 3860 Filetrace - ok

15:40:54.0116 3860 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

15:40:54.0165 3860 flpydisk - ok

15:40:54.0195 3860 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

15:40:54.0250 3860 FltMgr - ok

15:40:54.0321 3860 [ 037DF207489DFFF2527FF81A769C233F ] FontCache C:\Windows\system32\FntCache.dll

15:40:54.0433 3860 FontCache - ok

15:40:54.0494 3860 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:40:54.0533 3860 FontCache3.0.0.0 - ok

15:40:54.0557 3860 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

15:40:54.0602 3860 FsDepends - ok

15:40:54.0640 3860 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

15:40:54.0685 3860 Fs_Rec - ok

15:40:54.0726 3860 [ C3C73C4DA994015E056BEECA2D5BD7FD ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

15:40:54.0788 3860 fvevol - ok

15:40:54.0805 3860 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

15:40:54.0851 3860 gagp30kx - ok

15:40:54.0899 3860 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

15:40:54.0936 3860 GEARAspiWDM - ok

15:40:54.0987 3860 [ 5D9754D79B9A18C86CDCFBCFC99EBD61 ] gpsvc C:\Windows\System32\gpsvc.dll

15:40:55.0060 3860 gpsvc - ok

15:40:55.0137 3860 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:40:55.0174 3860 gupdate - ok

15:40:55.0185 3860 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:40:55.0222 3860 gupdatem - ok

15:40:55.0242 3860 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

15:40:55.0300 3860 hcw85cir - ok

15:40:55.0349 3860 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

15:40:55.0438 3860 HdAudAddService - ok

15:40:55.0470 3860 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

15:40:55.0534 3860 HDAudBus - ok

15:40:55.0546 3860 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

15:40:55.0594 3860 HidBatt - ok

15:40:55.0614 3860 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

15:40:55.0681 3860 HidBth - ok

15:40:55.0701 3860 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

15:40:55.0770 3860 HidIr - ok

15:40:55.0800 3860 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

15:40:55.0922 3860 hidserv - ok

15:40:55.0940 3860 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

15:40:55.0997 3860 HidUsb - ok

15:40:56.0031 3860 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll

15:40:56.0163 3860 hkmsvc - ok

15:40:56.0191 3860 [ 804A733CEF95C00B0891D714C0BA7CC3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

15:40:56.0248 3860 HomeGroupListener - ok

15:40:56.0289 3860 [ F6538F753A9378848960DB431D03BFA1 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

15:40:56.0345 3860 HomeGroupProvider - ok

15:40:56.0371 3860 [ 4CAF6C9E2120DBC64FDF57BE92E076F5 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys

15:40:56.0417 3860 HpSAMD - ok

15:40:56.0456 3860 [ 63CC664DB619B05E13A7608FFC2B3A81 ] HTTP C:\Windows\system32\drivers\HTTP.sys

15:40:56.0534 3860 HTTP - ok

15:40:56.0569 3860 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

15:40:56.0612 3860 hwpolicy - ok

15:40:56.0634 3860 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

15:40:56.0683 3860 i8042prt - ok

15:40:56.0704 3860 [ 87A72502C8AC5E89B5A46FF6E874F5C5 ] IAMTVE C:\Windows\system32\DRIVERS\IAMTVE.sys

15:40:56.0746 3860 IAMTVE - ok

15:40:56.0765 3860 [ 5516F8E518A2F6A8755498F3E73957CF ] IAMTXPE C:\Windows\system32\DRIVERS\IAMTXPE.sys

15:40:56.0803 3860 IAMTXPE - ok

15:40:56.0850 3860 [ BFDC9D75698800CFE4D1698BF2750EA2 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

15:40:56.0910 3860 iaStorV - ok

15:40:56.0980 3860 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:40:57.0054 3860 idsvc - ok

15:40:57.0277 3860 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

15:40:57.0597 3860 igfx - ok

15:40:57.0625 3860 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

15:40:57.0669 3860 iirsp - ok

15:40:57.0717 3860 [ CA0D3E6B0F3C3A1142E9D53400A9BA23 ] IKEEXT C:\Windows\System32\ikeext.dll

15:40:57.0801 3860 IKEEXT - ok

15:40:57.0828 3860 [ 9BE7A594918BEBAF342A78007CD6C646 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys

15:40:57.0887 3860 IntcHdmiAddService - ok

15:40:57.0904 3860 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys

15:40:57.0948 3860 intelide - ok

15:40:57.0973 3860 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

15:40:58.0033 3860 intelppm - ok

15:40:58.0072 3860 [ 3DB35C88389E3A21ADEB4A6CFC4075F9 ] ioatdma C:\Windows\System32\Drivers\qd260x64.sys

15:40:58.0108 3860 ioatdma - ok

15:40:58.0143 3860 [ 127F0A7586ACEC7B83131BFF2B4394C1 ] ioatdma1 C:\Windows\System32\Drivers\qd162x64.sys

15:40:58.0180 3860 ioatdma1 - ok

15:40:58.0199 3860 [ 70CC19B5C076F8497CAB4A77D6500E8A ] ioatdma2 C:\Windows\System32\Drivers\qd262x64.sys

15:40:58.0236 3860 ioatdma2 - ok

15:40:58.0271 3860 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

15:40:58.0397 3860 IPBusEnum - ok

15:40:58.0433 3860 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:40:58.0545 3860 IpFilterDriver - ok

15:40:58.0583 3860 [ A6EF9717E95F7A2E5E62CE2F78398E14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

15:40:58.0658 3860 iphlpsvc - ok

15:40:58.0685 3860 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys

15:40:58.0745 3860 IPMIDRV - ok

15:40:58.0764 3860 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

15:40:58.0888 3860 IPNAT - ok

15:40:58.0972 3860 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

15:40:59.0030 3860 iPod Service - ok

15:40:59.0053 3860 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

15:40:59.0111 3860 IRENUM - ok

15:40:59.0135 3860 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys

15:40:59.0179 3860 isapnp - ok

15:40:59.0201 3860 [ D6EAC63155EE311CA0608063838F41FB ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

15:40:59.0255 3860 iScsiPrt - ok

15:40:59.0282 3860 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

15:40:59.0328 3860 kbdclass - ok

15:40:59.0341 3860 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

15:40:59.0391 3860 kbdhid - ok

15:40:59.0405 3860 [ BF63CE11A25F3509129888710D5111FC ] KeyIso C:\Windows\system32\lsass.exe

15:40:59.0454 3860 KeyIso - ok

15:40:59.0488 3860 [ 01FE2267ACA17A4C689C3D103757EC17 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

15:40:59.0534 3860 KSecDD - ok

15:40:59.0551 3860 [ 7283F7F6C4F78BE105DD741DA4C9F09B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

15:40:59.0600 3860 KSecPkg - ok

15:40:59.0617 3860 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

15:40:59.0735 3860 ksthunk - ok

15:40:59.0770 3860 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

15:40:59.0902 3860 KtmRm - ok

15:40:59.0962 3860 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll

15:41:00.0034 3860 LanmanServer - ok

15:41:00.0071 3860 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

15:41:00.0190 3860 LanmanWorkstation - ok

15:41:00.0215 3860 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

15:41:00.0332 3860 lltdio - ok

15:41:00.0372 3860 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

15:41:00.0508 3860 lltdsvc - ok

15:41:00.0522 3860 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

15:41:00.0573 3860 lmhosts - ok

15:41:00.0614 3860 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

15:41:00.0662 3860 LSI_FC - ok

15:41:00.0681 3860 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

15:41:00.0730 3860 LSI_SAS - ok

15:41:00.0749 3860 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:41:00.0804 3860 LSI_SAS2 - ok

15:41:00.0837 3860 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:41:00.0884 3860 LSI_SCSI - ok

15:41:00.0910 3860 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

15:41:01.0033 3860 luafv - ok

15:41:01.0080 3860 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

15:41:01.0123 3860 MBAMProtector - ok

15:41:01.0195 3860 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

15:41:01.0245 3860 MBAMScheduler - ok

15:41:01.0286 3860 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

15:41:01.0351 3860 MBAMService - ok

15:41:01.0370 3860 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

15:41:01.0414 3860 megasas - ok

15:41:01.0448 3860 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

15:41:01.0502 3860 MegaSR - ok

15:41:01.0591 3860 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

15:41:01.0630 3860 Microsoft Office Groove Audit Service - ok

15:41:01.0660 3860 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

15:41:01.0773 3860 MMCSS - ok

15:41:01.0792 3860 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

15:41:01.0908 3860 Modem - ok

15:41:01.0929 3860 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

15:41:01.0992 3860 monitor - ok

15:41:02.0013 3860 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

15:41:02.0058 3860 mouclass - ok

15:41:02.0076 3860 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

15:41:02.0133 3860 mouhid - ok

15:41:02.0155 3860 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

15:41:02.0201 3860 mountmgr - ok

15:41:02.0231 3860 [ 36672D5AAE1CB386166E4AD7E6532881 ] mpio C:\Windows\system32\DRIVERS\mpio.sys

15:41:02.0279 3860 mpio - ok

15:41:02.0300 3860 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

15:41:02.0409 3860 mpsdrv - ok

15:41:02.0452 3860 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll

15:41:02.0590 3860 MpsSvc - ok

15:41:02.0612 3860 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

15:41:02.0685 3860 MRxDAV - ok

15:41:02.0725 3860 [ 629086CABFDFBE0AF7253CB6A494E35A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

15:41:02.0785 3860 mrxsmb - ok

15:41:02.0813 3860 [ 274F3D9A686A5C62BE62BF736D93FEA2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:41:02.0875 3860 mrxsmb10 - ok

15:41:02.0894 3860 [ A2B72CE0E5A6F639F6CAEBB2FC8E7070 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:41:02.0951 3860 mrxsmb20 - ok

15:41:02.0965 3860 [ F5DDA605D8B662357A5FA70A6B13F04A ] msahci C:\Windows\system32\DRIVERS\msahci.sys

15:41:03.0009 3860 msahci - ok

15:41:03.0031 3860 [ 9C69F0C2926805E3F2754220A0AA342F ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys

15:41:03.0079 3860 msdsm - ok

15:41:03.0112 3860 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

15:41:03.0169 3860 MSDTC - ok

15:41:03.0209 3860 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

15:41:03.0316 3860 Msfs - ok

15:41:03.0332 3860 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

15:41:03.0457 3860 mshidkmdf - ok

15:41:03.0478 3860 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys

15:41:03.0523 3860 msisadrv - ok

15:41:03.0554 3860 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

15:41:03.0681 3860 MSiSCSI - ok

15:41:03.0690 3860 msiserver - ok

15:41:03.0723 3860 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

15:41:03.0842 3860 MSKSSRV - ok

15:41:03.0865 3860 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

15:41:03.0988 3860 MSPCLOCK - ok

15:41:04.0010 3860 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

15:41:04.0131 3860 MSPQM - ok

15:41:04.0157 3860 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

15:41:04.0216 3860 MsRPC - ok

15:41:04.0239 3860 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

15:41:04.0282 3860 mssmbios - ok

15:41:04.0305 3860 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

15:41:04.0415 3860 MSTEE - ok

15:41:04.0430 3860 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

15:41:04.0478 3860 MTConfig - ok

15:41:04.0501 3860 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

15:41:04.0546 3860 Mup - ok

15:41:04.0590 3860 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll

15:41:04.0719 3860 napagent - ok

15:41:04.0742 3860 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

15:41:04.0823 3860 NativeWifiP - ok

15:41:04.0864 3860 [ 1A1FB615AA7345304F950E1A63B44E09 ] NDIS C:\Windows\system32\drivers\ndis.sys

15:41:04.0946 3860 NDIS - ok

15:41:04.0966 3860 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

15:41:05.0083 3860 NdisCap - ok

15:41:05.0100 3860 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

15:41:05.0160 3860 NdisTapi - ok

15:41:05.0175 3860 [ B8D7F5A7E5970635888F451058F152AC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

15:41:05.0237 3860 Ndisuio - ok

15:41:05.0265 3860 [ ACC086C9590A3C32982DD73E2C494F5B ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

15:41:05.0314 3860 NdisWan - ok

15:41:05.0328 3860 [ 2C8BE980BD3C94E631CEFAADCB58EBA9 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

15:41:05.0375 3860 NDProxy - ok

15:41:05.0394 3860 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

15:41:05.0440 3860 NetBIOS - ok

15:41:05.0457 3860 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

15:41:05.0585 3860 NetBT - ok

15:41:05.0604 3860 [ BF63CE11A25F3509129888710D5111FC ] Netlogon C:\Windows\system32\lsass.exe

15:41:05.0653 3860 Netlogon - ok

15:41:05.0686 3860 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

15:41:05.0819 3860 Netman - ok

15:41:05.0854 3860 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

15:41:05.0991 3860 netprofm - ok

15:41:06.0030 3860 [ A86CCDC27CDB60D21066622DC775DEB0 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:41:06.0079 3860 NetTcpPortSharing - ok

15:41:06.0271 3860 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys

15:41:06.0548 3860 netw5v64 - ok

15:41:06.0580 3860 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

15:41:06.0626 3860 nfrd960 - ok

15:41:06.0654 3860 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll

15:41:06.0785 3860 NlaSvc - ok

15:41:06.0801 3860 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

15:41:06.0926 3860 Npfs - ok

15:41:06.0960 3860 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

15:41:07.0080 3860 nsi - ok

15:41:07.0099 3860 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

15:41:07.0217 3860 nsiproxy - ok

15:41:07.0307 3860 [ 91127EC56F7BA2182EA1340DC00F98E5 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

15:41:07.0440 3860 Ntfs - ok

15:41:07.0462 3860 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

15:41:07.0570 3860 Null - ok

15:41:07.0600 3860 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys

15:41:07.0648 3860 nvraid - ok

15:41:07.0685 3860 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys

15:41:07.0735 3860 nvstor - ok

15:41:07.0758 3860 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys

15:41:07.0806 3860 nv_agp - ok

15:41:07.0910 3860 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

15:41:07.0966 3860 odserv - ok

15:41:07.0992 3860 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

15:41:08.0046 3860 ohci1394 - ok

15:41:08.0097 3860 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:41:08.0139 3860 ose - ok

15:41:08.0190 3860 [ 4C6267006D291F341947087E92389A4C ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

15:41:08.0267 3860 p2pimsvc - ok

15:41:08.0308 3860 [ 18784ED3A218DCA746FF4B00A04FAA1F ] p2psvc C:\Windows\system32\p2psvc.dll

15:41:08.0392 3860 p2psvc - ok

15:41:08.0424 3860 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

15:41:08.0474 3860 Parport - ok

15:41:08.0508 3860 [ 8ECE8BE80B47BCB0F40109976D357C7A ] partmgr C:\Windows\system32\drivers\partmgr.sys

15:41:08.0554 3860 partmgr - ok

15:41:08.0582 3860 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

15:41:08.0656 3860 PcaSvc - ok

15:41:08.0681 3860 [ 2EF89EF0557BB354F140A963111E7E43 ] pci C:\Windows\system32\DRIVERS\pci.sys

15:41:08.0732 3860 pci - ok

15:41:08.0752 3860 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys

15:41:08.0797 3860 pciide - ok

15:41:08.0823 3860 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

15:41:08.0875 3860 pcmcia - ok

15:41:08.0899 3860 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

15:41:08.0944 3860 pcw - ok

15:41:08.0981 3860 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

15:41:09.0110 3860 PEAUTH - ok

15:41:09.0162 3860 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

15:41:09.0284 3860 PeerDistSvc - ok

15:41:09.0353 3860 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

15:41:09.0413 3860 PerfHost - ok

15:41:09.0492 3860 [ DD1A15A55DF66C104922C95501836046 ] pla C:\Windows\system32\pla.dll

15:41:09.0604 3860 pla - ok

15:41:09.0666 3860 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

15:41:09.0745 3860 PlugPlay - ok

15:41:09.0767 3860 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

15:41:09.0832 3860 PNRPAutoReg - ok

15:41:09.0856 3860 [ 4C6267006D291F341947087E92389A4C ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

15:41:09.0913 3860 PNRPsvc - ok

15:41:09.0956 3860 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

15:41:10.0083 3860 PolicyAgent - ok

15:41:10.0121 3860 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

15:41:10.0252 3860 Power - ok

15:41:10.0288 3860 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

15:41:10.0400 3860 PptpMiniport - ok

15:41:10.0419 3860 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

15:41:10.0482 3860 Processor - ok

15:41:10.0537 3860 [ C87C42374EC444D28871C56DDC5EF0DA ] ProfSvc C:\Windows\system32\profsvc.dll

15:41:10.0610 3860 ProfSvc - ok

15:41:10.0627 3860 [ BF63CE11A25F3509129888710D5111FC ] ProtectedStorage C:\Windows\system32\lsass.exe

15:41:10.0676 3860 ProtectedStorage - ok

15:41:10.0698 3860 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

15:41:10.0810 3860 Psched - ok

15:41:10.0875 3860 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

15:41:11.0004 3860 ql2300 - ok

15:41:11.0041 3860 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

15:41:11.0089 3860 ql40xx - ok

15:41:11.0122 3860 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

15:41:11.0194 3860 QWAVE - ok

15:41:11.0213 3860 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

15:41:11.0282 3860 QWAVEdrv - ok

15:41:11.0298 3860 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

15:41:11.0417 3860 RasAcd - ok

15:41:11.0448 3860 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

15:41:11.0495 3860 RasAgileVpn - ok

15:41:11.0536 3860 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

15:41:11.0663 3860 RasAuto - ok

15:41:11.0686 3860 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

15:41:11.0799 3860 Rasl2tp - ok

15:41:11.0824 3860 [ 98545AD4876E37117BAC48813FF17715 ] RasMan C:\Windows\System32\rasmans.dll

15:41:11.0899 3860 RasMan - ok

15:41:11.0923 3860 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

15:41:12.0035 3860 RasPppoe - ok

15:41:12.0057 3860 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

15:41:12.0114 3860 RasSstp - ok

15:41:12.0138 3860 [ FE08C9E2A0DF9357E386F6C6C976A303 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

15:41:12.0201 3860 rdbss - ok

15:41:12.0217 3860 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

15:41:12.0284 3860 rdpbus - ok

15:41:12.0302 3860 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

15:41:12.0425 3860 RDPCDD - ok

15:41:12.0463 3860 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

15:41:12.0526 3860 RDPDR - ok

15:41:12.0546 3860 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

15:41:12.0664 3860 RDPENCDD - ok

15:41:12.0688 3860 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

15:41:12.0796 3860 RDPREFMP - ok

15:41:12.0839 3860 [ 4AB6A3B0C3D94B0D3DBC1C2C847A02EF ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

15:41:12.0902 3860 RDPWD - ok

15:41:12.0932 3860 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

15:41:12.0984 3860 rdyboost - ok

15:41:13.0066 3860 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

15:41:13.0107 3860 RealNetworks Downloader Resolver Service - ok

15:41:13.0150 3860 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

15:41:13.0207 3860 RemoteAccess - ok

15:41:13.0239 3860 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

15:41:13.0388 3860 RemoteRegistry - ok

15:41:13.0498 3860 [ E31960692CBB3A8BCDF300BC1D889E1F ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys

15:41:13.0550 3860 rimmptsk - ok

15:41:13.0611 3860 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

15:41:13.0730 3860 RpcEptMapper - ok

15:41:13.0773 3860 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

15:41:13.0838 3860 RpcLocator - ok

15:41:13.0888 3860 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll

15:41:14.0017 3860 RpcSs - ok

15:41:14.0051 3860 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

15:41:14.0168 3860 rspndr - ok

15:41:14.0243 3860 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys

15:41:14.0313 3860 s3cap - ok

15:41:14.0335 3860 [ BF63CE11A25F3509129888710D5111FC ] SamSs C:\Windows\system32\lsass.exe

15:41:14.0401 3860 SamSs - ok

15:41:14.0741 3860 [ 9F0439389FBD5B5F900966C5C66BCFAB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys

15:41:14.0805 3860 sbp2port - ok

15:41:14.0880 3860 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

15:41:15.0012 3860 SCardSvr - ok

15:41:15.0035 3860 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

15:41:15.0163 3860 scfilter - ok

15:41:15.0254 3860 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll

15:41:15.0381 3860 Schedule - ok

15:41:15.0419 3860 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll

15:41:15.0533 3860 SCPolicySvc - ok

15:41:15.0576 3860 [ E92B9819D4DC34EB9F4AFC4079139612 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

15:41:15.0646 3860 sdbus - ok

15:41:15.0844 3860 [ CD2AF5374FFBB720C20409574BED8015 ] SDRSVC C:\Windows\System32\SDRSVC.dll

15:41:15.0936 3860 SDRSVC - ok

15:41:15.0995 3860 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

15:41:16.0130 3860 secdrv - ok

15:41:16.0171 3860 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll

15:41:16.0329 3860 seclogon - ok

15:41:16.0369 3860 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

15:41:16.0509 3860 SENS - ok

15:41:16.0535 3860 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

15:41:16.0593 3860 SensrSvc - ok

15:41:16.0638 3860 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

15:41:16.0694 3860 Serenum - ok

15:41:16.0729 3860 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

15:41:16.0793 3860 Serial - ok

15:41:16.0809 3860 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

15:41:16.0865 3860 sermouse - ok

15:41:16.0901 3860 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll

15:41:17.0023 3860 SessionEnv - ok

15:41:17.0049 3860 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

15:41:17.0124 3860 sffdisk - ok

15:41:17.0171 3860 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys

15:41:17.0225 3860 sffp_mmc - ok

15:41:17.0251 3860 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

15:41:17.0314 3860 sffp_sd - ok

15:41:17.0335 3860 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

15:41:17.0383 3860 sfloppy - ok

15:41:17.0431 3860 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

15:41:17.0561 3860 SharedAccess - ok

15:41:17.0605 3860 [ 6F3F852D7E41496409D596161FCD2BDA ] ShellHWDetection C:\Windows\System32\shsvcs.dll

15:41:17.0676 3860 ShellHWDetection - ok

15:41:17.0699 3860 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:41:17.0745 3860 SiSRaid2 - ok

15:41:17.0767 3860 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

15:41:17.0815 3860 SiSRaid4 - ok

15:41:17.0895 3860 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

15:41:17.0937 3860 SkypeUpdate - ok

15:41:17.0957 3860 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

15:41:18.0067 3860 Smb - ok

15:41:18.0095 3860 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

15:41:18.0166 3860 SNMPTRAP - ok

15:41:18.0190 3860 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

15:41:18.0234 3860 spldr - ok

15:41:18.0278 3860 [ 807B5B0E287027F72AC37B0CDA9512DA ] Spooler C:\Windows\System32\spoolsv.exe

15:41:18.0366 3860 Spooler - ok

15:41:18.0481 3860 [ C96D1743BE6A7C64EDBD997A3EC721E3 ] sppsvc C:\Windows\system32\sppsvc.exe

15:41:18.0691 3860 sppsvc - ok

15:41:18.0716 3860 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

15:41:18.0833 3860 sppuinotify - ok

15:41:18.0886 3860 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys

15:41:18.0887 3860 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB

15:41:18.0891 3860 sptd ( LockedFile.Multi.Generic ) - warning

15:41:18.0892 3860 sptd - detected LockedFile.Multi.Generic (1)

15:41:18.0941 3860 [ CF6EFAEB9EB9823A0D27EDE6D1AF662D ] srv C:\Windows\system32\DRIVERS\srv.sys

15:41:19.0001 3860 srv - ok

15:41:19.0049 3860 [ 930113266636C1889B56470A84D8756F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

15:41:19.0118 3860 srv2 - ok

15:41:19.0137 3860 [ 19E0B9883EE4DB831CD5DD781CBD6498 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

15:41:19.0189 3860 srvnet - ok

15:41:19.0216 3860 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

15:41:19.0347 3860 SSDPSRV - ok

15:41:19.0366 3860 [ 3668CE07393EEC68525FF79BBEC9A38C ] SstpSvc C:\Windows\system32\sstpsvc.dll

15:41:19.0424 3860 SstpSvc - ok

15:41:19.0452 3860 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

15:41:19.0497 3860 stexstor - ok

15:41:19.0602 3860 [ 9335791B7724D1B02BAD9FDBEE289245 ] stisvc C:\Windows\System32\wiaservc.dll

15:41:19.0687 3860 stisvc - ok

15:41:19.0721 3860 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys

15:41:19.0767 3860 storflt - ok

15:41:19.0807 3860 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys

15:41:19.0852 3860 storvsc - ok

15:41:19.0875 3860 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

15:41:19.0920 3860 swenum - ok

15:41:19.0953 3860 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

15:41:20.0099 3860 swprv - ok

15:41:20.0164 3860 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll

15:41:20.0319 3860 SysMain - ok

15:41:20.0343 3860 [ 9BF4C9200C48642D1B09EEFD2E03213B ] TabletInputService C:\Windows\System32\TabSvc.dll

15:41:20.0410 3860 TabletInputService - ok

15:41:20.0451 3860 [ 35C49F7BB1958119F1A21EAC8B649E1B ] TapiSrv C:\Windows\System32\tapisrv.dll

15:41:20.0527 3860 TapiSrv - ok

15:41:20.0549 3860 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

15:41:20.0672 3860 TBS - ok

15:41:20.0760 3860 [ 692969AB90BDA19F56E27BF89A9260E2 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

15:41:20.0907 3860 Tcpip - ok

15:41:20.0977 3860 [ 692969AB90BDA19F56E27BF89A9260E2 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

15:41:21.0088 3860 TCPIP6 - ok

15:41:21.0129 3860 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

15:41:21.0239 3860 tcpipreg - ok

15:41:21.0267 3860 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

15:41:21.0314 3860 TDPIPE - ok

15:41:21.0351 3860 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

15:41:21.0408 3860 TDTCP - ok

15:41:21.0427 3860 [ 1C4475503CAE0202DF38FF7C1B5A4019 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

15:41:21.0479 3860 tdx - ok

15:41:21.0503 3860 [ E6AA5FC33C5B4B1C5D414318D60C9D84 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

15:41:21.0548 3860 TermDD - ok

15:41:21.0586 3860 [ E2B60720A14A0238CA5665AF2F68AE76 ] TermService C:\Windows\System32\termsrv.dll

15:41:21.0670 3860 TermService - ok

15:41:21.0688 3860 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll

15:41:21.0726 3860 Themes ( UnsignedFile.Multi.Generic ) - warning

15:41:21.0726 3860 Themes - detected UnsignedFile.Multi.Generic (1)

15:41:21.0747 3860 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

15:41:21.0859 3860 THREADORDER - ok

15:41:21.0876 3860 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

15:41:22.0007 3860 TrkWks - ok

15:41:22.0057 3860 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

15:41:22.0118 3860 TrustedInstaller - ok

15:41:22.0156 3860 [ E089825D9F264F4910955040A72F9571 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

15:41:22.0202 3860 tssecsrv - ok

15:41:22.0220 3860 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

15:41:22.0341 3860 tunnel - ok

15:41:22.0364 3860 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

15:41:22.0410 3860 uagp35 - ok

15:41:22.0442 3860 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys

15:41:22.0506 3860 udfs - ok

15:41:22.0543 3860 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

15:41:22.0599 3860 UI0Detect - ok

15:41:22.0625 3860 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys

15:41:22.0672 3860 uliagpkx - ok

15:41:22.0689 3860 [ 66D3A0C00A2B5E173D3EE8707B9983EB ] umbus C:\Windows\system32\DRIVERS\umbus.sys

15:41:22.0752 3860 umbus - ok

15:41:22.0768 3860 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

15:41:22.0824 3860 UmPass - ok

15:41:22.0850 3860 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll

15:41:22.0907 3860 UmRdpService - ok

15:41:22.0952 3860 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

15:41:23.0093 3860 upnphost - ok

15:41:23.0138 3860 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

15:41:23.0192 3860 USBAAPL64 - ok

15:41:23.0235 3860 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys

15:41:23.0289 3860 usbccgp - ok

15:41:23.0310 3860 [ C3D1D402FD39EE517E2CEEE0A937FCBA ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys

15:41:23.0370 3860 usbcir - ok

15:41:23.0391 3860 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

15:41:23.0449 3860 usbehci - ok

15:41:23.0479 3860 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

15:41:23.0545 3860 usbhub - ok

15:41:23.0570 3860 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\drivers\usbohci.sys

15:41:23.0618 3860 usbohci - ok

15:41:23.0651 3860 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

15:41:23.0720 3860 usbprint - ok

15:41:23.0741 3860 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS

15:41:23.0790 3860 USBSTOR - ok

15:41:23.0806 3860 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

15:41:23.0853 3860 usbuhci - ok

15:41:23.0890 3860 [ 5D6000BAB0FB6B86188A278C895885B5 ] UxSms C:\Windows\System32\uxsms.dll

15:41:23.0956 3860 UxSms - ok

15:41:23.0974 3860 [ BF63CE11A25F3509129888710D5111FC ] VaultSvc C:\Windows\system32\lsass.exe

15:41:24.0024 3860 VaultSvc - ok

15:41:24.0052 3860 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys

15:41:24.0097 3860 vdrvroot - ok

15:41:24.0132 3860 [ 155706D57A07CA9C9DCAC08C4A27C805 ] vds C:\Windows\System32\vds.exe

15:41:24.0216 3860 vds - ok

15:41:24.0242 3860 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

15:41:24.0297 3860 vga - ok

15:41:24.0322 3860 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

15:41:24.0433 3860 VgaSave - ok

15:41:24.0460 3860 [ E43DE92903A870CC9A02AD37F2CCE175 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys

15:41:24.0513 3860 vhdmp - ok

15:41:24.0540 3860 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys

15:41:24.0584 3860 viaide - ok

15:41:24.0615 3860 [ BFD8BEDB46D5244545D91D1073EDE8F0 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys

15:41:24.0667 3860 vmbus - ok

15:41:24.0692 3860 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys

15:41:24.0750 3860 VMBusHID - ok

15:41:24.0776 3860 [ 9B3882611979EFF7FA6F51BDB6F7D572 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys

15:41:24.0823 3860 volmgr - ok

15:41:24.0855 3860 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

15:41:24.0914 3860 volmgrx - ok

15:41:24.0955 3860 [ 523E3C704BEE5326A502BA235D0938D6 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys

15:41:25.0010 3860 volsnap - ok

15:41:25.0037 3860 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

15:41:25.0088 3860 vsmraid - ok

15:41:25.0155 3860 [ 02DB685919D4F41F7CFD64C9071BB09B ] VSS C:\Windows\system32\vssvc.exe

15:41:25.0293 3860 VSS - ok

15:41:25.0316 3860 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

15:41:25.0370 3860 vwifibus - ok

15:41:25.0389 3860 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

15:41:25.0517 3860 W32Time - ok

15:41:25.0546 3860 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

15:41:25.0604 3860 WacomPen - ok

15:41:25.0628 3860 [ FE08E74DDB7C390751DFAA22E7D07953 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

15:41:25.0687 3860 WANARP - ok

15:41:25.0696 3860 [ FE08E74DDB7C390751DFAA22E7D07953 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

15:41:25.0742 3860 Wanarpv6 - ok

15:41:25.0828 3860 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

15:41:25.0945 3860 WatAdminSvc - ok

15:41:26.0002 3860 [ 07F294B90DA3AD2E59BC930E8D575DF9 ] wbengine C:\Windows\system32\wbengine.exe

15:41:26.0134 3860 wbengine - ok

15:41:26.0165 3860 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

15:41:26.0235 3860 WbioSrvc - ok

15:41:26.0283 3860 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll

15:41:26.0349 3860 wcncsvc - ok

15:41:26.0373 3860 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

15:41:26.0438 3860 WcsPlugInService - ok

15:41:26.0471 3860 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

15:41:26.0516 3860 Wd - ok

15:41:26.0561 3860 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

15:41:26.0643 3860 Wdf01000 - ok

15:41:26.0668 3860 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

15:41:26.0749 3860 WdiServiceHost - ok

15:41:26.0758 3860 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

15:41:26.0827 3860 WdiSystemHost - ok

15:41:26.0878 3860 [ 473EC712A893D20864122B8EDAF59FF8 ] WebClient C:\Windows\System32\webclnt.dll

15:41:26.0948 3860 WebClient - ok

15:41:26.0976 3860 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

15:41:27.0111 3860 Wecsvc - ok

15:41:27.0136 3860 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

15:41:27.0268 3860 wercplsupport - ok

15:41:27.0290 3860 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

15:41:27.0409 3860 WerSvc - ok

15:41:27.0444 3860 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

15:41:27.0562 3860 WfpLwf - ok

15:41:27.0580 3860 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

15:41:27.0633 3860 WIMMount - ok

15:41:27.0658 3860 WinDefend - ok

15:41:27.0672 3860 WinHttpAutoProxySvc - ok

15:41:27.0735 3860 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

15:41:27.0809 3860 Winmgmt - ok

15:41:27.0878 3860 [ C28EE1037F9FD609601757E2D672A724 ] WinRM C:\Windows\system32\WsmSvc.dll

15:41:28.0046 3860 WinRM - ok

15:41:28.0093 3860 [ 4D52C872018AF7E18D078978DCC3F6F2 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

15:41:28.0155 3860 WinUsb - ok

15:41:28.0199 3860 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

15:41:28.0308 3860 Wlansvc - ok

15:41:28.0348 3860 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

15:41:28.0394 3860 WmiAcpi - ok

15:41:28.0438 3860 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

15:41:28.0503 3860 wmiApSrv - ok

15:41:28.0526 3860 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

15:41:28.0581 3860 WPCSvc - ok

15:41:28.0602 3860 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

15:41:28.0680 3860 WPDBusEnum - ok

15:41:28.0698 3860 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

15:41:28.0814 3860 ws2ifsl - ok

15:41:28.0860 3860 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll

15:41:28.0930 3860 wscsvc - ok

15:41:28.0940 3860 WSearch - ok

15:41:29.0055 3860 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

15:41:29.0238 3860 wuauserv - ok

15:41:29.0282 3860 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

15:41:29.0331 3860 WudfPf - ok

15:41:29.0348 3860 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

15:41:29.0402 3860 WUDFRd - ok

15:41:29.0439 3860 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

15:41:29.0507 3860 wudfsvc - ok

15:41:29.0538 3860 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

15:41:29.0599 3860 WwanSvc - ok

15:41:29.0636 3860 ================ Scan global ===============================

15:41:29.0674 3860 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

15:41:29.0715 3860 [ 7BAEFACB8C5048465B7E3D354554DA70 ] C:\Windows\system32\winsrv.dll

15:41:29.0739 3860 [ 7BAEFACB8C5048465B7E3D354554DA70 ] C:\Windows\system32\winsrv.dll

15:41:29.0782 3860 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

15:41:29.0823 3860 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

15:41:29.0839 3860 [Global] - ok

15:41:29.0840 3860 ================ Scan MBR ==================================

15:41:29.0856 3860 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

15:41:30.0218 3860 \Device\Harddisk0\DR0 - ok

15:41:30.0229 3860 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2

15:41:30.0783 3860 \Device\Harddisk1\DR2 - ok

15:41:30.0791 3860 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR3

15:41:31.0381 3860 \Device\Harddisk2\DR3 - ok

15:41:31.0389 3860 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR4

15:41:31.0989 3860 \Device\Harddisk3\DR4 - ok

15:41:31.0990 3860 ================ Scan VBR ==================================

15:41:32.0048 3860 [ 619D735A9452EF289C08B728BA0C9585 ] \Device\Harddisk0\DR0\Partition1

15:41:32.0052 3860 \Device\Harddisk0\DR0\Partition1 - ok

15:41:32.0079 3860 [ 0AE38A571BC3F568AB07A15D85CC14A7 ] \Device\Harddisk0\DR0\Partition2

15:41:32.0084 3860 \Device\Harddisk0\DR0\Partition2 - ok

15:41:32.0100 3860 [ E399F17168ADF01E0866E7077608C107 ] \Device\Harddisk1\DR2\Partition1

15:41:32.0104 3860 \Device\Harddisk1\DR2\Partition1 - ok

15:41:32.0114 3860 [ D549C03AA4CB70FA1774C53D40B39784 ] \Device\Harddisk2\DR3\Partition1

15:41:32.0119 3860 \Device\Harddisk2\DR3\Partition1 - ok

15:41:32.0126 3860 [ 643810D9269E455878219568E46D5D54 ] \Device\Harddisk3\DR4\Partition1

15:41:32.0132 3860 \Device\Harddisk3\DR4\Partition1 - ok

15:41:32.0133 3860 ============================================================

15:41:32.0133 3860 Scan finished

15:41:32.0133 3860 ============================================================

15:41:32.0217 2808 Detected object count: 2

15:41:32.0218 2808 Actual detected object count: 2

15:50:24.0306 2808 sptd ( LockedFile.Multi.Generic ) - skipped by user

15:50:24.0306 2808 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

15:50:24.0307 2808 Themes ( UnsignedFile.Multi.Generic ) - skipped by user

15:50:24.0307 2808 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip