Gewoon een logfile ter controle

Ben

13-04-2012 09:10

Hallo Kevin,
Open een kladblok bestand. (Start>Alle programma’s>Bureau-accessoires>Kladblok),
kopieer en plak het volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster:
Folder::
c:\program files\Ask.com
Registry::
“{D4027C7F-154A-4066-A1AD-4243D8127440}”=-
Sla dit op op je Bureaublad als CFScript.txt.
Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :
Dit zal ComboFix doen herstarten.
Na het herstarten van je computer, (indien het vraagt om te herstarten),
kopieer en plak de inhoud van Combofix.txt in je volgende antwoord samen met een nieuw HijackThis logje.
Gr.Ben
Antivirusprikbord
Kevin

14-04-2012 03:17

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:16:02, on 14-4-2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=1&o=vp32&d=1208&m=aspire_x1700
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O4 - HKLM\..\Run: C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: “C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe” -s
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\Microsoft LifeCam\LifeExp.exe”
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU\..\Run: “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU\..\Run: C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Rainmeter (2).lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O16 - DPF: Yahoo! Word Racer - http://origin.games.yahoo.net/games/clients/y/wt1_x.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-us.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.13.0.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
–
End of file - 12291 bytes
ComboFix 12-04-12.03 - Jacky 14-04-2012 2:20.4.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.1581
Gestart vanuit: c:\users\Jacky\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Jacky\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: PC Tools Firewall Plus *Enabled* {7352CBFB-3EEC-25C5-276E-DC9378FC688F}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\TaskScheduler.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\users\Jacky\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-03-14 to 2012-04-14 ))))))))))))))))))))))))))))))
.
.
2012-04-14 00:25 . 2012-04-14 00:28 ——– d—–w- c:\users\Jacky\AppData\Local\temp
2012-04-14 00:25 . 2012-04-14 00:25 ——– d—–w- c:\users\Public\AppData\Local\temp
2012-04-14 00:25 . 2012-04-14 00:25 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-04-11 10:06 . 2012-04-11 10:06 ——– d—–w- c:\users\Jacky\AppData\Local\VS Revo Group
2012-04-11 10:06 . 2009-12-30 08:21 27192 —-a-w- c:\windows\system32\drivers\revoflt.sys
2012-04-11 10:06 . 2012-04-11 10:06 ——– d—–w- c:\program files\VS Revo Group
2012-04-05 22:51 . 2011-10-27 08:01 3550080 —-a-w- c:\windows\system32\ntoskrnl.exe
2012-04-05 22:47 . 2012-01-31 10:59 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-03-26 16:13 . 2012-03-26 16:13 9310 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(23)\TEXTBOX.JS
2012-03-26 15:41 . 2012-03-26 15:41 103864 —-a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-03-26 15:41 . 2012-03-26 15:41 103864 —-a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-21 08:15 . 2011-05-14 20:10 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-08 20:34 . 2011-11-08 20:34 4995584 —-a-w- c:\program files\PortableFotoSketcher.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
@=“{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}”
2008-07-29 16:52 121392 —-a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
“ehTray.exe”=“c:\windows\ehome\ehTray.exe”
“TomTomHOME.exe”=“c:\program files\TomTom HOME 2\TomTomHOMERunner.exe”
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe”
“KiesHelper”=“c:\program files\Samsung\Kies\KiesHelper.exe”
“KiesTrayAgent”=“c:\program files\Samsung\Kies\KiesTrayAgent.exe”
“KiesPDLR”=“c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe”
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe”
.
“Acer Empowering Technology Monitor”=“c:\program files\Acer\Empowering Technology\SysMonitor.exe”
“EmpoweringTechnology”=“c:\program files\Acer\Empowering Technology\Framework.Launcher.exe”
“eDataSecurity Loader”=“c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe”
“PCMMediaSharing”=“c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe”
“RtHDVCpl”=“RtHDVCpl.exe”
“WarReg_PopUp”=“c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe”
“00PCTFW”=“c:\program files\PC Tools Firewall Plus\FirewallGUI.exe”
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll”
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll”
“Windows Mobile-based device management”=“c:\windows\WindowsMobile\wmdSync.exe”
“NeroFilterCheck”=“c:\program files\Common Files\Ahead\Lib\NeroCheck.exe”
“KiesTrayAgent”=“c:\program files\Samsung\Kies\KiesTrayAgent.exe”
“AVG_TRAY”=“c:\program files\AVG\AVG10\avgtray.exe”
“PlusService”=“c:\program files\Yuna Software\Messenger Plus!\PlusService.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“LifeCam”=“c:\program files\Microsoft LifeCam\LifeExp.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
.
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
.
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
@=“Service”
.
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
2010-09-16 19:03 4425048 —-a-w- c:\program files\AIM\aim.exe
.
2009-10-08 11:01 107864 —-a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
.
2008-04-25 20:36 28672 —-a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
.
2005-12-22 15:55 2002432 —-a-w- c:\program files\Casema\casema.exe
.
2008-12-29 10:40 687560 —-a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
2009-03-19 12:38 5395288 —-a-w- c:\program files\DriverMax\devices.exe
.
2012-01-13 12:53 981680 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
2011-10-13 10:45 19550344 —-a-r- c:\program files\Skype\Phone\Skype.exe
.
“DisableMonitoring”=dword:00000001
.
“EnableNotificationsRef”=dword:00000006
“EnableNotifications”=dword:00000001
.
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - FSUSBEXDISK
.
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-04-14 c:\windows\Tasks\1-klik Onderhoud.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe
.
2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-213022234-2777563534-4171869386-1000Core.job
- c:\users\Jacky\AppData\Local\Google\Update\GoogleUpdate.exe
.
2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-213022234-2777563534-4171869386-1000UA.job
- c:\users\Jacky\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=1&o=vp32&d=1208&m=aspire_x1700
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: Yahoo! Word Racer - hxxp://origin.games.yahoo.net/games/clients/y/wt1_x.cab
FF - ProfilePath - c:\users\Jacky\AppData\Roaming\Mozilla\Firefox\Profiles\kvmxwwf3.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
FF - prefs.js: keyword.URL - hxxp://www.samenc.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=peBfhbuR&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\AVG\AVG10\Firefox
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - user.js: keyword.URL - hxxp://www.samenc.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=peBfhbuR&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-14 02:30
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Class=“Shell”
@Allowed: (Read) (RestrictedCode)
.
@Class=“Shell”
.
@Class=“Shell”
@Allowed: (Read) (RestrictedCode)
.
@Class=“Shell”
.
@Class=“Shell”
@Allowed: (Read) (RestrictedCode)
.
@Class=“Shell”
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
——————— DLLs Geladen Onder Lopende Processen ———————
.
- - - - - - - > ‘Explorer.exe’(5540)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
———————— Andere Aktieve Processen ————————
.
c:\progra~1\AVG\AVG10\avgchsvx.exe
c:\progra~1\AVG\AVG10\avgrsx.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\program files\Rainmeter\Rainmeter.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\windows\system32\FsUsbExService.Exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\tcpsvcs.exe
c:\program files\AVG\AVG10\avgnsx.exe
c:\program files\AVG\AVG10\avgemcx.exe
c:\program files\TomTom HOME 2\TomTomHOMEService.exe
c:\windows\System32\TUProgSt.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Voltooingstijd: 2012-04-14 02:33:50 - machine werd herstart
ComboFix-quarantined-files.txt 2012-04-14 00:33
ComboFix2.txt 2012-04-13 00:12
.
Pre-Run: 26.961.342.464 bytes beschikbaar
Post-Run: 26.670.559.232 bytes beschikbaar
.
- - End Of File - - E563C8678D21D1593DCEF7C951DBB2C6
Ben

14-04-2012 10:38

Hallo Kevin,
Zo ask is weg dus we gaan goed zo,
Het volgende programma kan ernstige schade toebrengen wanneer je hem niet goed gebruikt.
Lees daarom de instructies grondig door.
Download TDSSKiller en sla het op je Bureaublad op.
• Pak de bestanden in tdsskiller.zip uit.
• Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Windows 7 en Windows Vista gebruikers:
Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.
Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.
• Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op je Bureaublad op.
• Start TDSSkiller opnieuw.
• Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
•
• Klik op de knop "Start Scan" en volg de instructies.
Note!
Als er "Threats" gevonden worden volgt er automatisch een vervolgscherm na de scan.
Bij een "Fail signature" melding hoef je geen actie te ondernemen.( Gebruik Skip.)
Standaard wordt bij een "Suspicious object" Skip ingevuld. Laat deze actie zo staan. Eventueel zeggen we later wat je hiermee moet doen.
Bij een "Malicious object" wordt er automatisch de actie Cure of Delete ingevuld.
Kies hierbij altijd voor Cure. Wanneer dit niet mogelijk is, selecteer dan Skip.
Alleen bij een "TDSS File System" kies je voor Delete als Cure niet mogelijk is.
Als je niet weet wat in te vullen, gebruik dan Skip en wacht even op wat we adviseren, voordat je iets Delete.
Klik nu op Continue om verder te gaan.
• Wanneer de scan klaar is klik je op de knop "Report".
• Er opent een kladblokbestand. Post de inhoud van dit bestand.
Herstart de pc als TDSSKiller die optie geeft. (Reboot now)
Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.___log.txt
Plaat het TDSS logje in je volgende bericht.
Gr.Ben
Antivirusprikbord
Kevin

15-04-2012 01:26

Is dat echt nodig om pc schoon te maken, met Kasperky?
Anyway.. Ik kom hier nu niet verder
Zie geen Fail signature, skip, cure etc.
Kreeg gelijk zulke dingen te zien:
http://i42.tinypic.com/9pq4n8.jpg
Dacht ik wacht op jullie advies, vandaar
Kan ik gewoon op continue klikken, ook al staat alles op ‘skip’
Mvg,
Ben

15-04-2012 11:14

Hallo Kevin,
Kan ik gewoon op continue klikken, ook al staat alles op ‘skip’
Ja druk maar op continue, en plaats daarna het TDSS logje.
Gr.Ben
Antivirusprikbord
Kevin

15-04-2012 11:50

Hier het log
11:47:09.0418 5632 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
11:47:09.0528 5632 ============================================================
11:47:09.0528 5632 Current date / time: 2012/04/15 11:47:09.0528
11:47:09.0528 5632 SystemInfo:
11:47:09.0528 5632
11:47:09.0528 5632 OS Version: 6.0.6002 ServicePack: 2.0
11:47:09.0528 5632 Product type: Workstation
11:47:09.0528 5632 ComputerName: PC_VAN_J
11:47:09.0528 5632 UserName: J
11:47:09.0528 5632 Windows directory: C:\Windows
11:47:09.0528 5632 System windows directory: C:\Windows
11:47:09.0528 5632 Processor architecture: Intel x86
11:47:09.0528 5632 Number of processors: 4
11:47:09.0528 5632 Page size: 0x1000
11:47:09.0528 5632 Boot type: Normal boot
11:47:09.0528 5632 ============================================================
11:47:09.0840 5632 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000050
11:47:09.0840 5632 \Device\Harddisk0\DR0:
11:47:09.0840 5632 MBR used
11:47:09.0840 5632 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A47800, BlocksNum 0x24711800
11:47:09.0840 5632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x26159000, BlocksNum 0x246FE800
11:47:09.0886 5632 Initialize success
11:47:09.0886 5632 ============================================================
11:47:14.0348 0984 ============================================================
11:47:14.0348 0984 Scan started
11:47:14.0348 0984 Mode: Manual; SigCheck; TDLFS;
11:47:14.0348 0984 ============================================================
11:47:15.0050 0984 Acer HomeMedia Connect Service (517d30057c726c797764bfd70a55d82a) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
11:47:15.0206 0984 Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - warning
11:47:15.0206 0984 Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic (1)
11:47:15.0456 0984 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:47:15.0471 0984 ACPI - ok
11:47:15.0518 0984 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:47:15.0549 0984 adp94xx - ok
11:47:15.0580 0984 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:47:15.0596 0984 adpahci - ok
11:47:15.0612 0984 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:47:15.0627 0984 adpu160m - ok
11:47:15.0643 0984 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:47:15.0658 0984 adpu320 - ok
11:47:15.0690 0984 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:47:15.0752 0984 AeLookupSvc - ok
11:47:15.0783 0984 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:47:15.0846 0984 AFD - ok
11:47:15.0877 0984 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:47:15.0892 0984 agp440 - ok
11:47:15.0908 0984 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:47:15.0924 0984 aic78xx - ok
11:47:15.0939 0984 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:47:15.0970 0984 ALG - ok
11:47:15.0986 0984 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:47:16.0002 0984 aliide - ok
11:47:16.0033 0984 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:47:16.0033 0984 amdagp - ok
11:47:16.0064 0984 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:47:16.0080 0984 amdide - ok
11:47:16.0095 0984 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:47:16.0142 0984 AmdK7 - ok
11:47:16.0158 0984 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:47:16.0204 0984 AmdK8 - ok
11:47:16.0236 0984 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:47:16.0267 0984 Appinfo - ok
11:47:16.0314 0984 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:47:16.0329 0984 arc - ok
11:47:16.0360 0984 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:47:16.0376 0984 arcsas - ok
11:47:16.0407 0984 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:47:16.0454 0984 AsyncMac - ok
11:47:16.0501 0984 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:47:16.0516 0984 atapi - ok
11:47:16.0579 0984 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:47:16.0626 0984 AudioEndpointBuilder - ok
11:47:16.0641 0984 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:47:16.0672 0984 Audiosrv - ok
11:47:16.0891 0984 AVGIDSAgent (7a0f6a3e0e41425b9ba54616b482668a) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
11:47:17.0140 0984 AVGIDSAgent - ok
11:47:17.0172 0984 AVGIDSDriver (1c8d965bbcaa9ee5defdb54743437086) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
11:47:17.0203 0984 AVGIDSDriver - ok
11:47:17.0234 0984 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
11:47:17.0250 0984 AVGIDSEH - ok
11:47:17.0265 0984 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
11:47:17.0281 0984 AVGIDSFilter - ok
11:47:17.0312 0984 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
11:47:17.0328 0984 AVGIDSShim - ok
11:47:17.0374 0984 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
11:47:17.0390 0984 Avgldx86 - ok
11:47:17.0421 0984 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
11:47:17.0437 0984 Avgmfx86 - ok
11:47:17.0452 0984 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
11:47:17.0452 0984 Avgrkx86 - ok
11:47:17.0484 0984 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
11:47:17.0515 0984 Avgtdix - ok
11:47:17.0546 0984 avgwd (fc2bc51120a945f7c70376495e4e7737) C:\Program Files\AVG\AVG10\avgwdsvc.exe
11:47:17.0562 0984 avgwd - ok
11:47:17.0593 0984 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:47:17.0640 0984 Beep - ok
11:47:17.0686 0984 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:47:17.0733 0984 BFE - ok
11:47:17.0780 0984 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
11:47:17.0842 0984 BITS - ok
11:47:17.0858 0984 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:47:17.0905 0984 blbdrive - ok
11:47:17.0920 0984 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:47:17.0952 0984 bowser - ok
11:47:17.0967 0984 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:47:18.0014 0984 BrFiltLo - ok
11:47:18.0030 0984 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:47:18.0076 0984 BrFiltUp - ok
11:47:18.0076 0984 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:47:18.0123 0984 Browser - ok
11:47:18.0170 0984 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:47:18.0232 0984 Brserid - ok
11:47:18.0264 0984 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:47:18.0326 0984 BrSerWdm - ok
11:47:18.0342 0984 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:47:18.0404 0984 BrUsbMdm - ok
11:47:18.0404 0984 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:47:18.0451 0984 BrUsbSer - ok
11:47:18.0482 0984 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:47:18.0529 0984 BTHMODEM - ok
11:47:18.0591 0984 BUNAgentSvc (09e6affae6c0e9158bf05c7d08d0107a) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
11:47:18.0607 0984 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
11:47:18.0607 0984 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
11:47:18.0700 0984 catchme - ok
11:47:18.0732 0984 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:47:18.0763 0984 cdfs - ok
11:47:18.0794 0984 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:47:18.0825 0984 cdrom - ok
11:47:18.0872 0984 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:47:18.0903 0984 CertPropSvc - ok
11:47:18.0919 0984 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:47:18.0950 0984 circlass - ok
11:47:18.0981 0984 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:47:18.0997 0984 CLFS - ok
11:47:19.0059 0984 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:19.0059 0984 clr_optimization_v2.0.50727_32 - ok
11:47:19.0106 0984 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:19.0122 0984 clr_optimization_v4.0.30319_32 - ok
11:47:19.0137 0984 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:47:19.0137 0984 cmdide - ok
11:47:19.0153 0984 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
11:47:19.0168 0984 Compbatt - ok
11:47:19.0184 0984 COMSysApp - ok
11:47:19.0184 0984 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:47:19.0200 0984 crcdisk - ok
11:47:19.0215 0984 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:47:19.0231 0984 Crusoe - ok
11:47:19.0262 0984 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
11:47:19.0293 0984 CryptSvc - ok
11:47:19.0340 0984 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:47:19.0387 0984 DcomLaunch - ok
11:47:19.0418 0984 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:47:19.0465 0984 DfsC - ok
11:47:19.0527 0984 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:47:19.0636 0984 DFSR - ok
11:47:19.0699 0984 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\Windows\system32\drivers\dgderdrv.sys
11:47:19.0714 0984 dgderdrv - ok
11:47:19.0761 0984 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:47:19.0808 0984 Dhcp - ok
11:47:19.0839 0984 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:47:19.0855 0984 disk - ok
11:47:19.0902 0984 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:47:19.0933 0984 Dnscache - ok
11:47:19.0964 0984 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:47:19.0995 0984 dot3svc - ok
11:47:20.0026 0984 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:47:20.0073 0984 DPS - ok
11:47:20.0104 0984 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:47:20.0136 0984 drmkaud - ok
11:47:20.0198 0984 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:47:20.0229 0984 DXGKrnl - ok
11:47:20.0260 0984 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:47:20.0307 0984 E1G60 - ok
11:47:20.0338 0984 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:47:20.0370 0984 EapHost - ok
11:47:20.0416 0984 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:47:20.0432 0984 Ecache - ok
11:47:20.0526 0984 eDataSecurity Service (b1f2503e23425b386df0f3413b2596f3) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
11:47:20.0557 0984 eDataSecurity Service - ok
11:47:20.0619 0984 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:47:20.0697 0984 ehRecvr - ok
11:47:20.0713 0984 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:47:20.0744 0984 ehSched - ok
11:47:20.0760 0984 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:47:20.0775 0984 ehstart - ok
11:47:20.0853 0984 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:47:20.0869 0984 elxstor - ok
11:47:20.0931 0984 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:47:21.0025 0984 EMDMgmt - ok
11:47:21.0040 0984 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:47:21.0072 0984 ErrDev - ok
11:47:21.0118 0984 ETService (27d2754314d12eb27d81d462fd0d86c0) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
11:47:21.0134 0984 ETService ( UnsignedFile.Multi.Generic ) - warning
11:47:21.0134 0984 ETService - detected UnsignedFile.Multi.Generic (1)
11:47:21.0165 0984 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:47:21.0212 0984 EventSystem - ok
11:47:21.0243 0984 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:47:21.0306 0984 exfat - ok
11:47:21.0321 0984 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:47:21.0368 0984 fastfat - ok
11:47:21.0399 0984 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:47:21.0430 0984 fdc - ok
11:47:21.0462 0984 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:47:21.0508 0984 fdPHost - ok
11:47:21.0508 0984 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:47:21.0602 0984 FDResPub - ok
11:47:21.0618 0984 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:47:21.0633 0984 FileInfo - ok
11:47:21.0649 0984 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:47:21.0696 0984 Filetrace - ok
11:47:21.0711 0984 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:47:21.0774 0984 flpydisk - ok
11:47:21.0789 0984 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:47:21.0820 0984 FltMgr - ok
11:47:21.0852 0984 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:47:21.0930 0984 FontCache - ok
11:47:22.0008 0984 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:47:22.0023 0984 FontCache3.0.0.0 - ok
11:47:22.0070 0984 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
11:47:22.0086 0984 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
11:47:22.0086 0984 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
11:47:22.0117 0984 FsUsbExService (f96c429788350db4ba6771c3034dfd88) C:\Windows\system32\FsUsbExService.Exe
11:47:22.0132 0984 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
11:47:22.0132 0984 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
11:47:22.0164 0984 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:47:22.0195 0984 Fs_Rec - ok
11:47:22.0210 0984 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:47:22.0226 0984 gagp30kx - ok
11:47:22.0257 0984 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:47:22.0335 0984 gpsvc - ok
11:47:22.0476 0984 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:47:22.0491 0984 gusvc - ok
11:47:22.0585 0984 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:47:22.0663 0984 HdAudAddService - ok
11:47:22.0725 0984 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:47:22.0788 0984 HDAudBus - ok
11:47:22.0803 0984 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:47:22.0866 0984 HidBth - ok
11:47:22.0897 0984 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:47:22.0944 0984 HidIr - ok
11:47:22.0990 0984 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
11:47:23.0022 0984 hidserv - ok
11:47:23.0053 0984 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:47:23.0100 0984 HidUsb - ok
11:47:23.0115 0984 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:47:23.0162 0984 hkmsvc - ok
11:47:23.0178 0984 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:47:23.0193 0984 HpCISSs - ok
11:47:23.0240 0984 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:47:23.0302 0984 HTTP - ok
11:47:23.0334 0984 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:47:23.0349 0984 i2omp - ok
11:47:23.0380 0984 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:47:23.0396 0984 i8042prt - ok
11:47:23.0427 0984 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:47:23.0443 0984 iaStorV - ok
11:47:23.0521 0984 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:47:23.0568 0984 idsvc - ok
11:47:23.0583 0984 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:47:23.0599 0984 iirsp - ok
11:47:23.0646 0984 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:47:23.0692 0984 IKEEXT - ok
11:47:23.0724 0984 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
11:47:23.0739 0984 int15 - ok
11:47:23.0802 0984 IntcAzAudAddService (febdd0310fba3da13f56ede2e9f7b5dc) C:\Windows\system32\drivers\RTKVHDA.sys
11:47:23.0895 0984 IntcAzAudAddService - ok
11:47:23.0926 0984 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:47:23.0942 0984 intelide - ok
11:47:23.0958 0984 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:47:23.0989 0984 intelppm - ok
11:47:24.0020 0984 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:47:24.0051 0984 IPBusEnum - ok
11:47:24.0067 0984 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:47:24.0098 0984 IpFilterDriver - ok
11:47:24.0145 0984 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
11:47:24.0176 0984 iphlpsvc - ok
11:47:24.0192 0984 IpInIp - ok
11:47:24.0207 0984 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:47:24.0254 0984 IPMIDRV - ok
11:47:24.0270 0984 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:47:24.0316 0984 IPNAT - ok
11:47:24.0332 0984 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:47:24.0379 0984 IRENUM - ok
11:47:24.0394 0984 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:47:24.0410 0984 isapnp - ok
11:47:24.0441 0984 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:47:24.0457 0984 iScsiPrt - ok
11:47:24.0488 0984 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:47:24.0504 0984 iteatapi - ok
11:47:24.0504 0984 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:47:24.0519 0984 iteraid - ok
11:47:24.0535 0984 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:47:24.0550 0984 kbdclass - ok
11:47:24.0566 0984 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
11:47:24.0613 0984 kbdhid - ok
11:47:24.0628 0984 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:47:24.0675 0984 KeyIso - ok
11:47:24.0691 0984 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
11:47:24.0738 0984 KSecDD - ok
11:47:24.0769 0984 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:47:24.0816 0984 KtmRm - ok
11:47:24.0862 0984 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
11:47:24.0909 0984 LanmanServer - ok
11:47:24.0956 0984 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
11:47:25.0003 0984 LanmanWorkstation - ok
11:47:25.0034 0984 Lavasoft Ad-Aware Service - ok
11:47:25.0065 0984 Lbd (419590ebe7855215bb157ea0cf0d0531) C:\Windows\system32\DRIVERS\Lbd.sys
11:47:25.0081 0984 Lbd - ok
Kevin

15-04-2012 11:52

11:47:25.0128 0984 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:47:25.0143 0984 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:47:25.0143 0984 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:47:25.0159 0984 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:47:25.0190 0984 lltdio - ok
11:47:25.0221 0984 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:47:25.0252 0984 lltdsvc - ok
11:47:25.0268 0984 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:47:25.0315 0984 lmhosts - ok
11:47:25.0330 0984 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:47:25.0346 0984 LSI_FC - ok
11:47:25.0362 0984 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:47:25.0377 0984 LSI_SAS - ok
11:47:25.0393 0984 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:47:25.0393 0984 LSI_SCSI - ok
11:47:25.0440 0984 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:47:25.0471 0984 luafv - ok
11:47:25.0486 0984 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
11:47:25.0518 0984 Mcx2Svc - ok
11:47:25.0533 0984 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:47:25.0549 0984 megasas - ok
11:47:25.0564 0984 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:47:25.0596 0984 MegaSR - ok
11:47:25.0611 0984 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:47:25.0658 0984 MMCSS - ok
11:47:25.0674 0984 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:47:25.0705 0984 Modem - ok
11:47:25.0720 0984 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:47:25.0767 0984 monitor - ok
11:47:25.0783 0984 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:47:25.0798 0984 mouclass - ok
11:47:25.0814 0984 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
11:47:25.0845 0984 mouhid - ok
11:47:25.0861 0984 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:47:25.0876 0984 MountMgr - ok
11:47:25.0892 0984 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:47:25.0908 0984 mpio - ok
11:47:25.0923 0984 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:47:25.0954 0984 mpsdrv - ok
11:47:26.0001 0984 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
11:47:26.0048 0984 MpsSvc - ok
11:47:26.0064 0984 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:47:26.0079 0984 Mraid35x - ok
11:47:26.0110 0984 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:47:26.0126 0984 MRxDAV - ok
11:47:26.0157 0984 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:47:26.0204 0984 mrxsmb - ok
11:47:26.0220 0984 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:47:26.0251 0984 mrxsmb10 - ok
11:47:26.0266 0984 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:47:26.0298 0984 mrxsmb20 - ok
11:47:26.0313 0984 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
11:47:26.0313 0984 msahci - ok
11:47:26.0360 0984 MSCamSvc (b03e3f64b70f8031e65eb26da23de91a) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
11:47:26.0376 0984 MSCamSvc - ok
11:47:26.0391 0984 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:47:26.0407 0984 msdsm - ok
11:47:26.0438 0984 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:47:26.0469 0984 MSDTC - ok
11:47:26.0500 0984 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:47:26.0532 0984 Msfs - ok
11:47:26.0547 0984 MSHUSBVideo (7a0f9cbdbdb135113b9a3c138e20c85d) C:\Windows\system32\Drivers\nx6000.sys
11:47:26.0563 0984 MSHUSBVideo - ok
11:47:26.0594 0984 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:47:26.0594 0984 msisadrv - ok
11:47:26.0625 0984 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:47:26.0656 0984 MSiSCSI - ok
11:47:26.0672 0984 msiserver - ok
11:47:26.0703 0984 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:47:26.0734 0984 MSKSSRV - ok
11:47:26.0766 0984 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:47:26.0797 0984 MSPCLOCK - ok
11:47:26.0812 0984 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:47:26.0844 0984 MSPQM - ok
11:47:26.0875 0984 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:47:26.0890 0984 MsRPC - ok
11:47:26.0906 0984 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:47:26.0922 0984 mssmbios - ok
11:47:26.0922 0984 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:47:26.0953 0984 MSTEE - ok
11:47:26.0968 0984 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:47:26.0984 0984 Mup - ok
11:47:27.0031 0984 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
11:47:27.0062 0984 napagent - ok
11:47:27.0109 0984 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:47:27.0140 0984 NativeWifiP - ok
11:47:27.0280 0984 NBService (3bae2bfcb6d69e19c8373f635dd544dc) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
11:47:27.0327 0984 NBService - ok
11:47:27.0374 0984 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:47:27.0421 0984 NDIS - ok
11:47:27.0436 0984 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:47:27.0452 0984 NdisTapi - ok
11:47:27.0483 0984 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:47:27.0514 0984 Ndisuio - ok
11:47:27.0530 0984 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:47:27.0561 0984 NdisWan - ok
11:47:27.0577 0984 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:47:27.0608 0984 NDProxy - ok
11:47:27.0639 0984 Nero BackItUp Scheduler 4.0 - ok
11:47:27.0655 0984 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:47:27.0686 0984 NetBIOS - ok
11:47:27.0733 0984 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:47:27.0748 0984 netbt - ok
11:47:27.0780 0984 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:47:27.0795 0984 Netlogon - ok
11:47:27.0826 0984 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:47:27.0873 0984 Netman - ok
11:47:27.0889 0984 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:47:27.0936 0984 netprofm - ok
11:47:27.0998 0984 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:47:28.0014 0984 NetTcpPortSharing - ok
11:47:28.0029 0984 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:47:28.0045 0984 nfrd960 - ok
11:47:28.0076 0984 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:47:28.0107 0984 NlaSvc - ok
11:47:28.0201 0984 NMIndexingService (193fa51dddd0bffded1c340f0434999a) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
11:47:28.0232 0984 NMIndexingService - ok
11:47:28.0263 0984 nmwcd (c82f4cc10ad315b6d6bcb14d0a7cad66) C:\Windows\system32\drivers\ccdcmb.sys
11:47:28.0294 0984 nmwcd - ok
11:47:28.0310 0984 nmwcdc (60ef5f5621d7832f00a3f190a0c905e2) C:\Windows\system32\drivers\ccdcmbo.sys
11:47:28.0341 0984 nmwcdc - ok
11:47:28.0372 0984 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:47:28.0419 0984 Npfs - ok
11:47:28.0435 0984 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:47:28.0482 0984 nsi - ok
11:47:28.0497 0984 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:47:28.0528 0984 nsiproxy - ok
11:47:28.0591 0984 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:47:28.0684 0984 Ntfs - ok
11:47:28.0731 0984 NTIBackupSvc (a2b6583a5652a385dff5e4f49ad48761) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
11:47:28.0747 0984 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
11:47:28.0747 0984 NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
11:47:28.0778 0984 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
11:47:28.0794 0984 NTIDrvr - ok
11:47:28.0794 0984 NTISchedulerSvc (40b87fe8a1a9a5ac9e5a91d96f212bcd) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
11:47:28.0825 0984 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
11:47:28.0825 0984 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
11:47:28.0840 0984 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:47:28.0887 0984 ntrigdigi - ok
11:47:28.0918 0984 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:47:28.0965 0984 Null - ok
11:47:28.0996 0984 NVENETFD (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:47:29.0059 0984 NVENETFD - ok
11:47:29.0230 0984 nvlddmkm (484844c0d892b42ecc5e6b063d072a38) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:47:29.0464 0984 nvlddmkm - ok
11:47:29.0496 0984 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:47:29.0511 0984 nvraid - ok
11:47:29.0527 0984 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:47:29.0542 0984 nvstor - ok
11:47:29.0558 0984 nvstor32 (1a649b87a7b7c1220a2b16b121f2198e) C:\Windows\system32\DRIVERS\nvstor32.sys
11:47:29.0574 0984 nvstor32 - ok
11:47:29.0605 0984 nvsvc (1a78b86dc0903134050a846fc7291ff9) C:\Windows\system32\nvvsvc.exe
11:47:29.0636 0984 nvsvc - ok
11:47:29.0652 0984 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:47:29.0667 0984 nv_agp - ok
11:47:29.0683 0984 NwlnkFlt - ok
11:47:29.0683 0984 NwlnkFwd - ok
11:47:29.0792 0984 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:47:29.0823 0984 odserv - ok
11:47:29.0870 0984 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
11:47:29.0901 0984 ohci1394 - ok
11:47:29.0932 0984 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:47:29.0948 0984 ose - ok
11:47:30.0010 0984 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:47:30.0073 0984 p2pimsvc - ok
11:47:30.0073 0984 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:47:30.0104 0984 p2psvc - ok
11:47:30.0151 0984 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
11:47:30.0182 0984 Parport - ok
11:47:30.0213 0984 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:47:30.0244 0984 partmgr - ok
11:47:30.0260 0984 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
11:47:30.0307 0984 Parvdm - ok
11:47:30.0322 0984 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:47:30.0369 0984 PcaSvc - ok
11:47:30.0416 0984 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
11:47:30.0447 0984 pccsmcfd - ok
11:47:30.0478 0984 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:47:30.0494 0984 pci - ok
11:47:30.0525 0984 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
11:47:30.0541 0984 pciide - ok
11:47:30.0556 0984 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:47:30.0572 0984 pcmcia - ok
11:47:30.0603 0984 PCTAppEvent (3379e7a840de135fb7a829e03bc9cc25) C:\Windows\system32\drivers\PCTAppEvent.sys
11:47:30.0619 0984 PCTAppEvent - ok
11:47:30.0650 0984 pctgntdi (bf770a5817fa8fba1402b2286a7f394c) C:\Windows\System32\drivers\pctgntdi.sys
11:47:30.0666 0984 pctgntdi - ok
11:47:30.0697 0984 PCToolsFirewallPlus (d93108a20fa4b4317952234de106f199) C:\Program Files\PC Tools Firewall Plus\FWService.exe
11:47:30.0712 0984 PCToolsFirewallPlus - ok
11:47:30.0728 0984 pctplfw (0eec24affc5ab0a2bbe4a6a886230aa5) C:\Windows\System32\drivers\pctplfw.sys
11:47:30.0744 0984 pctplfw - ok
11:47:30.0775 0984 PD0620VID (4431f2fa27f56f4bc654b0af5810cc91) C:\Windows\system32\DRIVERS\P0620Vid.sys
11:47:30.0806 0984 PD0620VID - ok
11:47:30.0837 0984 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:47:30.0915 0984 PEAUTH - ok
11:47:30.0978 0984 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:47:31.0087 0984 pla - ok
11:47:31.0118 0984 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
11:47:31.0134 0984 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
11:47:31.0134 0984 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
11:47:31.0165 0984 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
11:47:31.0180 0984 PlugPlay - ok
11:47:31.0227 0984 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:47:31.0258 0984 PNRPAutoReg - ok
11:47:31.0274 0984 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:47:31.0305 0984 PNRPsvc - ok
11:47:31.0336 0984 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
11:47:31.0383 0984 PolicyAgent - ok
11:47:31.0414 0984 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:47:31.0430 0984 PptpMiniport - ok
11:47:31.0461 0984 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:47:31.0492 0984 Processor - ok
11:47:31.0524 0984 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
11:47:31.0555 0984 ProfSvc - ok
11:47:31.0570 0984 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:47:31.0586 0984 ProtectedStorage - ok
11:47:31.0617 0984 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:47:31.0648 0984 PSched - ok
11:47:31.0680 0984 PSDFilter (628321c8dd76ad369b362b202e655a68) C:\Windows\system32\DRIVERS\psdfilter.sys
11:47:31.0680 0984 PSDFilter - ok
11:47:31.0695 0984 PSDNServ (79d7117e62709c7690cf3dd55acead37) C:\Windows\system32\DRIVERS\PSDNServ.sys
11:47:31.0711 0984 PSDNServ - ok
11:47:31.0726 0984 psdvdisk (cae5e82827990cf4bd4a49576bde3a43) C:\Windows\system32\DRIVERS\PSDVdisk.sys
11:47:31.0742 0984 psdvdisk - ok
11:47:31.0789 0984 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:47:31.0836 0984 ql2300 - ok
11:47:31.0867 0984 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:47:31.0882 0984 ql40xx - ok
11:47:31.0914 0984 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:47:31.0945 0984 QWAVE - ok
11:47:31.0976 0984 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:47:31.0992 0984 QWAVEdrv - ok
11:47:32.0054 0984 RapiMgr (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
11:47:32.0085 0984 RapiMgr - ok
11:47:32.0101 0984 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:47:32.0132 0984 RasAcd - ok
11:47:32.0148 0984 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:47:32.0194 0984 RasAuto - ok
11:47:32.0210 0984 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:47:32.0226 0984 Rasl2tp - ok
11:47:32.0257 0984 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
11:47:32.0288 0984 RasMan - ok
11:47:32.0319 0984 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:47:32.0335 0984 RasPppoe - ok
11:47:32.0350 0984 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:47:32.0366 0984 RasSstp - ok
11:47:32.0397 0984 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:47:32.0428 0984 rdbss - ok
11:47:32.0428 0984 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:47:32.0475 0984 RDPCDD - ok
11:47:32.0491 0984 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:47:32.0522 0984 rdpdr - ok
11:47:32.0522 0984 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:47:32.0553 0984 RDPENCDD - ok
11:47:32.0600 0984 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
11:47:32.0631 0984 RDPWD - ok
11:47:32.0662 0984 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:47:32.0678 0984 RemoteAccess - ok
11:47:32.0725 0984 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
11:47:32.0756 0984 RemoteRegistry - ok
11:47:32.0803 0984 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
11:47:32.0803 0984 Revoflt - ok
11:47:32.0850 0984 RichVideo (a035a7bf5132682f53f1e7b955690ce7) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
11:47:32.0881 0984 RichVideo ( UnsignedFile.Multi.Generic ) - warning
11:47:32.0881 0984 RichVideo - detected UnsignedFile.Multi.Generic (1)
11:47:32.0912 0984 RMCAST (eec7ee5675294b03e88aa868540007c1) C:\Windows\system32\DRIVERS\RMCAST.sys
11:47:32.0943 0984 RMCAST - ok
11:47:32.0959 0984 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:47:32.0974 0984 RpcLocator - ok
11:47:33.0021 0984 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:47:33.0052 0984 RpcSs - ok
11:47:33.0084 0984 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:47:33.0115 0984 rspndr - ok
11:47:33.0146 0984 RTSTOR (4f31cfdebd0a5bc27d45e7ebfefaaf6f) C:\Windows\system32\drivers\RTSTOR.SYS
11:47:33.0162 0984 RTSTOR - ok
11:47:33.0177 0984 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:47:33.0208 0984 SamSs - ok
11:47:33.0224 0984 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:47:33.0240 0984 sbp2port - ok
11:47:33.0255 0984 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
11:47:33.0286 0984 SCardSvr - ok
11:47:33.0318 0984 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
11:47:33.0396 0984 Schedule - ok
11:47:33.0411 0984 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:47:33.0442 0984 SCPolicySvc - ok
11:47:33.0458 0984 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:47:33.0505 0984 SDRSVC - ok
11:47:33.0520 0984 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:47:33.0567 0984 secdrv - ok
11:47:33.0583 0984 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:47:33.0630 0984 seclogon - ok
11:47:33.0645 0984 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
11:47:33.0676 0984 SENS - ok
11:47:33.0692 0984 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
11:47:33.0723 0984 Serenum - ok
11:47:33.0739 0984 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
11:47:33.0770 0984 Serial - ok
11:47:33.0786 0984 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:47:33.0817 0984 sermouse - ok
11:47:33.0879 0984 ServiceLayer (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
11:47:33.0895 0984 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
11:47:33.0895 0984 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
11:47:33.0926 0984 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:47:33.0957 0984 SessionEnv - ok
11:47:33.0973 0984 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:47:34.0004 0984 sffdisk - ok
11:47:34.0035 0984 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:47:34.0051 0984 sffp_mmc - ok
11:47:34.0066 0984 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:47:34.0098 0984 sffp_sd - ok
11:47:34.0129 0984 SFilter (975f4e44fd48c36beed30c96a115b2b8) C:\Windows\system32\DRIVERS\pctfw.sys
11:47:34.0144 0984 SFilter - ok
11:47:34.0176 0984 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:47:34.0222 0984 sfloppy - ok
11:47:34.0254 0984 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:47:34.0285 0984 SharedAccess - ok
11:47:34.0316 0984 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
11:47:34.0363 0984 ShellHWDetection - ok
11:47:34.0394 0984 simptcp (a275fbb7c99458c12e088dff3e58eb4d) C:\Windows\System32\tcpsvcs.exe
11:47:34.0441 0984 simptcp - ok
Kevin

15-04-2012 11:52

11:47:34.0456 0984 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:47:34.0472 0984 sisagp - ok
11:47:34.0488 0984 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:47:34.0503 0984 SiSRaid2 - ok
11:47:34.0519 0984 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:47:34.0534 0984 SiSRaid4 - ok
11:47:34.0612 0984 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
11:47:34.0784 0984 slsvc - ok
11:47:34.0846 0984 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
11:47:34.0878 0984 SLUINotify - ok
11:47:34.0909 0984 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:47:34.0940 0984 Smb - ok
11:47:34.0971 0984 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:47:35.0002 0984 SNMPTRAP - ok
11:47:35.0018 0984 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:47:35.0034 0984 spldr - ok
11:47:35.0065 0984 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
11:47:35.0112 0984 Spooler - ok
11:47:35.0158 0984 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys
11:47:35.0158 0984 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
11:47:35.0158 0984 sptd ( LockedFile.Multi.Generic ) - warning
11:47:35.0158 0984 sptd - detected LockedFile.Multi.Generic (1)
11:47:35.0190 0984 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:47:35.0236 0984 srv - ok
11:47:35.0268 0984 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:47:35.0314 0984 srv2 - ok
11:47:35.0346 0984 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:47:35.0361 0984 srvnet - ok
11:47:35.0392 0984 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
11:47:35.0424 0984 ssadbus - ok
11:47:35.0439 0984 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:47:35.0486 0984 ssadmdfl - ok
11:47:35.0502 0984 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\Windows\system32\DRIVERS\ssadmdm.sys
11:47:35.0533 0984 ssadmdm - ok
11:47:35.0564 0984 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:47:35.0611 0984 SSDPSRV - ok
11:47:35.0626 0984 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:47:35.0673 0984 SstpSvc - ok
11:47:35.0720 0984 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
11:47:35.0782 0984 stisvc - ok
11:47:35.0814 0984 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:47:35.0829 0984 swenum - ok
11:47:35.0876 0984 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
11:47:35.0923 0984 swprv - ok
11:47:35.0938 0984 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:47:35.0954 0984 Symc8xx - ok
11:47:35.0970 0984 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:47:35.0985 0984 Sym_hi - ok
11:47:36.0001 0984 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:47:36.0032 0984 Sym_u3 - ok
11:47:36.0063 0984 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
11:47:36.0110 0984 SysMain - ok
11:47:36.0126 0984 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:47:36.0157 0984 TabletInputService - ok
11:47:36.0204 0984 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
11:47:36.0250 0984 TapiSrv - ok
11:47:36.0266 0984 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:47:36.0297 0984 TBS - ok
11:47:36.0360 0984 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
11:47:36.0406 0984 Tcpip - ok
11:47:36.0469 0984 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
11:47:36.0500 0984 Tcpip6 - ok
11:47:36.0547 0984 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:47:36.0578 0984 tcpipreg - ok
11:47:36.0609 0984 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:47:36.0656 0984 TDPIPE - ok
11:47:36.0672 0984 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:47:36.0703 0984 TDTCP - ok
11:47:36.0734 0984 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:47:36.0765 0984 tdx - ok
11:47:36.0812 0984 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:47:36.0828 0984 TermDD - ok
11:47:36.0874 0984 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
11:47:36.0968 0984 TermService - ok
11:47:37.0015 0984 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
11:47:37.0030 0984 Themes - ok
11:47:37.0062 0984 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:47:37.0093 0984 THREADORDER - ok
11:47:37.0171 0984 TomTomHOMEService (fbd16717fd68b206c4ce3bb3c9ee5cb3) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
11:47:37.0186 0984 TomTomHOMEService - ok
11:47:37.0218 0984 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:47:37.0264 0984 TrkWks - ok
11:47:37.0296 0984 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
11:47:37.0327 0984 TrustedInstaller - ok
11:47:37.0358 0984 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:47:37.0389 0984 tssecsrv - ok
11:47:37.0420 0984 TuneUp.Defrag (4196d7bc21786883201747dcc0dc84a0) C:\Windows\System32\TuneUpDefragService.exe
11:47:37.0452 0984 TuneUp.Defrag - ok
11:47:37.0498 0984 TuneUp.ProgramStatisticsSvc (02e5f68a55cd413c5bfb9f2df677dd01) C:\Windows\System32\TUProgSt.exe
11:47:37.0530 0984 TuneUp.ProgramStatisticsSvc - ok
11:47:37.0561 0984 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:47:37.0576 0984 tunmp - ok
11:47:37.0592 0984 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:47:37.0608 0984 tunnel - ok
11:47:37.0639 0984 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\tvicport.sys
11:47:37.0654 0984 tvicport ( UnsignedFile.Multi.Generic ) - warning
11:47:37.0654 0984 tvicport - detected UnsignedFile.Multi.Generic (1)
11:47:37.0670 0984 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:47:37.0670 0984 uagp35 - ok
11:47:37.0701 0984 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
11:47:37.0717 0984 UBHelper - ok
11:47:37.0748 0984 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:47:37.0779 0984 udfs - ok
11:47:37.0810 0984 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:47:37.0842 0984 UI0Detect - ok
11:47:37.0857 0984 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:47:37.0873 0984 uliagpkx - ok
11:47:37.0888 0984 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:47:37.0904 0984 uliahci - ok
11:47:37.0935 0984 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:47:37.0935 0984 UlSata - ok
11:47:37.0951 0984 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:47:37.0966 0984 ulsata2 - ok
11:47:37.0982 0984 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:47:38.0013 0984 umbus - ok
11:47:38.0029 0984 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:47:38.0076 0984 upnphost - ok
11:47:38.0122 0984 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
11:47:38.0138 0984 usbaudio - ok
11:47:38.0169 0984 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:47:38.0200 0984 usbccgp - ok
11:47:38.0216 0984 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:47:38.0263 0984 usbcir - ok
11:47:38.0310 0984 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:47:38.0341 0984 usbehci - ok
11:47:38.0356 0984 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:47:38.0403 0984 usbhub - ok
11:47:38.0419 0984 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
11:47:38.0450 0984 usbohci - ok
11:47:38.0466 0984 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
11:47:38.0512 0984 usbprint - ok
11:47:38.0528 0984 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:47:38.0559 0984 USBSTOR - ok
11:47:38.0575 0984 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:47:38.0606 0984 usbuhci - ok
11:47:38.0637 0984 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:47:38.0668 0984 usbvideo - ok
11:47:38.0684 0984 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
11:47:38.0700 0984 usb_rndisx - ok
11:47:38.0746 0984 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
11:47:38.0762 0984 UxSms - ok
11:47:38.0793 0984 UxTuneUp (4360d5653e885479fed75c378e9faab3) C:\Windows\System32\uxtuneup.dll
11:47:38.0809 0984 UxTuneUp - ok
11:47:38.0840 0984 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
11:47:38.0887 0984 vds - ok
11:47:38.0902 0984 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:47:38.0934 0984 vga - ok
11:47:38.0934 0984 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:47:38.0980 0984 VgaSave - ok
11:47:38.0996 0984 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:47:38.0996 0984 viaagp - ok
11:47:39.0012 0984 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:47:39.0043 0984 ViaC7 - ok
11:47:39.0074 0984 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:47:39.0074 0984 viaide - ok
11:47:39.0105 0984 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:47:39.0121 0984 volmgr - ok
11:47:39.0152 0984 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:47:39.0168 0984 volmgrx - ok
11:47:39.0214 0984 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:47:39.0230 0984 volsnap - ok
11:47:39.0261 0984 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:47:39.0277 0984 vsmraid - ok
11:47:39.0308 0984 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
11:47:39.0355 0984 VSS - ok
11:47:39.0386 0984 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
11:47:39.0433 0984 W32Time - ok
11:47:39.0448 0984 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:47:39.0495 0984 WacomPen - ok
11:47:39.0511 0984 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:39.0542 0984 Wanarp - ok
11:47:39.0542 0984 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:39.0573 0984 Wanarpv6 - ok
11:47:39.0620 0984 WcesComm (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
11:47:39.0667 0984 WcesComm - ok
11:47:39.0698 0984 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
11:47:39.0745 0984 wcncsvc - ok
11:47:39.0776 0984 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:47:39.0807 0984 WcsPlugInService - ok
11:47:39.0823 0984 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:47:39.0838 0984 Wd - ok
11:47:39.0854 0984 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:47:39.0885 0984 Wdf01000 - ok
11:47:39.0901 0984 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:47:39.0948 0984 WdiServiceHost - ok
11:47:39.0948 0984 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:47:39.0963 0984 WdiSystemHost - ok
11:47:40.0010 0984 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
11:47:40.0026 0984 WebClient - ok
11:47:40.0072 0984 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:47:40.0104 0984 Wecsvc - ok
11:47:40.0150 0984 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:47:40.0166 0984 wercplsupport - ok
11:47:40.0213 0984 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
11:47:40.0228 0984 WerSvc - ok
11:47:40.0260 0984 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:47:40.0291 0984 WinDefend - ok
11:47:40.0291 0984 WinHttpAutoProxySvc - ok
11:47:40.0353 0984 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
11:47:40.0369 0984 Winmgmt - ok
11:47:40.0431 0984 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:47:40.0509 0984 WinRM - ok
11:47:40.0556 0984 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
11:47:40.0618 0984 Wlansvc - ok
11:47:40.0728 0984 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:47:40.0790 0984 wlidsvc - ok
11:47:40.0821 0984 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:47:40.0852 0984 WmiAcpi - ok
11:47:40.0899 0984 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
11:47:40.0930 0984 wmiApSrv - ok
11:47:40.0977 0984 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:47:41.0055 0984 WMPNetworkSvc - ok
11:47:41.0086 0984 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
11:47:41.0118 0984 WPCSvc - ok
11:47:41.0149 0984 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
11:47:41.0196 0984 WPDBusEnum - ok
11:47:41.0242 0984 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:47:41.0274 0984 WpdUsb - ok
11:47:41.0352 0984 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:47:41.0383 0984 WPFFontCache_v0400 - ok
11:47:41.0398 0984 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:47:41.0430 0984 ws2ifsl - ok
11:47:41.0476 0984 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
11:47:41.0508 0984 wscsvc - ok
11:47:41.0523 0984 WSearch - ok
11:47:41.0601 0984 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
11:47:41.0679 0984 wuauserv - ok
11:47:41.0726 0984 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:47:41.0757 0984 WUDFRd - ok
11:47:41.0773 0984 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:47:41.0820 0984 wudfsvc - ok
11:47:41.0851 0984 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\Windows\system32\drivers\zntport.sys
11:47:41.0851 0984 zntport ( UnsignedFile.Multi.Generic ) - warning
11:47:41.0851 0984 zntport - detected UnsignedFile.Multi.Generic (1)
11:47:41.0866 0984 MBR (0x1B8) (4c1c466e0d9e7b73ad314f6e31c2964f) \Device\Harddisk0\DR0
11:47:44.0144 0984 \Device\Harddisk0\DR0 - ok
11:47:44.0175 0984 Boot (0x1200) (1c9beef75faaf0a3f901f734e949e5b8) \Device\Harddisk0\DR0\Partition0
11:47:44.0175 0984 \Device\Harddisk0\DR0\Partition0 - ok
11:47:44.0191 0984 Boot (0x1200) (bdf451fd8f293a3cd0c7a23977d7276e) \Device\Harddisk0\DR0\Partition1
11:47:44.0191 0984 \Device\Harddisk0\DR0\Partition1 - ok
11:47:44.0191 0984 ============================================================
11:47:44.0191 0984 Scan finished
11:47:44.0191 0984 ============================================================
11:47:44.0191 5636 Detected object count: 14
11:47:44.0191 5636 Actual detected object count: 14
11:47:47.0124 5636 Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0124 5636 Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0124 5636 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0124 5636 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0124 5636 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0124 5636 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0124 5636 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0124 5636 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0139 5636 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0139 5636 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0139 5636 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0139 5636 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0139 5636 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0139 5636 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0139 5636 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0139 5636 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0139 5636 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0139 5636 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0139 5636 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0139 5636 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0139 5636 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0139 5636 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0155 5636 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:47:47.0155 5636 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:47:47.0155 5636 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0155 5636 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:47.0155 5636 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
11:47:47.0155 5636 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ben

15-04-2012 12:06

Hallo Kevin,
TDSS zag er netjes uit doe alleen nog deze scan (kan wel even duren)
Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.
• Open de map "EmsisoftEmergencyKit“ en dubbelklik op ”Start.exe"
• Klik nu op "Emergency Kit Scanner“ u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op ”Ja"
• Als de update gereed is en de melding "Update process is succesvol afgerond“ verschijnt klikt u op ”menu“ en dan op ”Scan PC"
• Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
• Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
• Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
•
Opmerking:
Als u deze melding ziet.
C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK
Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor "Versturen als vals alarm (False Positive)".
• Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde“ u zal nu de volgende melding krijgen maar klik hier op ”Ja"
• Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
• Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
• Herstart nu de computer.
Plaats nu het ]Emergency en een nieuw HijackThis logje.
Gr.Ben
Antivirusprikbord
Kevin

16-04-2012 03:25

Het programma loopt halverwege vast bij mij..
2x geprobeerd en het duurde iid lang zeg

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Gewoon een logfile ter controle

Ben

Kevin

Ben

Kevin

Ben

Kevin

Kevin

Kevin

Ben

Kevin