HELP BOTNET WAARSCHUWING

ricardo

04-04-2012 06:14

geachte lezers van het forum
ik krijg nu van mijn provider voor de 2e keer een waarschuwing dat ik onderdeel van een botnet server ben??
heb nu voor de 2e keer op de knop gedrukt om weer internet te krijgen
en dat kan 5 keer en dan word ik definitief geblokt
ik ben nu bezig alles te scannen en het stappen plan uit te voeren en alles up te daten
aangezien ik mbam wel al op de comp had staan en ook c cleaner en windows securety essentials
snap ik niet waarom ik besmet ben
de 1e keer had ik ook mijn comp voledig laten scannen door mbam ccleaner en mijn virus scanner maar hij vind gewoon niets
als ik klaar ben plaats ik mijn logje wie kan mij hiermee helpen
en eventueel iets instaleren waardoor mijn comp hiervoor beter beveiligd is
groetjes ricardo
ricardo

04-04-2012 07:22

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:42:38, on 4-2-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe” /hide
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: “C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 6493 bytes
hmmmm klikte ik op bekijken in plaats van plaatsen
nu is mijn mbam logje weg
ik heb windows 7 en microsoft security scanner
mbam had trouwens niets gevonden
als het moet plaats ik begin van de avond een nieuwe
groetjes ricardo
Ben

04-04-2012 09:30

Hallo ricardo,
Je heb een oud logje geplaats maak even een nieuwe!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:42:38, on 4-2-2012
.
Let op!!! Windows Vista & 7 gebruikers dienen HijackThis als administrator uit te voeren “Rechtermuisknop uitvoeren als”,
indien dit via de snelkoppeling niet lukt voert u HijackThis als administrator uit via: (C:\Program Files\Trend Micro\HiJackThis) klik met rechtermuisknop op HijackThis icoontje en kies voor uitvoeren als admin.
Plaats hierna het Mbam en een nieuw HijackThis logje.
Gr.Ben
Antivirusprikbord
Jos H

04-04-2012 11:43

Ricardo zet in het vervolg je Capslock uit, dit wordt ervaren als schreeuwen.
ricardo

04-04-2012 16:09

oke sorry
ricardo

04-04-2012 17:03

bij deze het nieuwe mbam logje
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Databaseversie: v2012.04.04.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ricardo :: RICARDO-PC
4-4-2012 16:12:16
mbam-log-2012-04-04 (16-12-16).txt
Scantype: Volledige scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 363821
Verstreken tijd: 49 minuut/minuten, 12 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
en het andere logje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:15, on 4-4-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Kingsoft\PCDoctor\KSafeTray.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe” /hide
O4 - HKLM\..\Run: “C:\Program files (x86)\Kingsoft\PCDoctor\KSafeTray.exe” -autorun
O4 - HKCU\..\Run: C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: “C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KSafe service (KSafeSvc) - Kingsoft Corporation - C:\Program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 8004 bytes
ik hoop dat jullie iets kunnen vinden
groetjes ricardo
Ben

04-04-2012 17:17

Hallo,
We gaan wat verder kijken:
Download ComboFix van >>Hier<<, tevens kunt u daar lezen hoe u Combofix dient te gebruiken.
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
1. Bij Windows XP gebruikers zal er indien nodig gevraagd worden om de "Recovery Console" te installeren, sta dit dan toe (hiervoor is een actieve internet verbinding vereist)
2. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* ( hier of hier staat een handleiding over hoe je deze kan uitschakelen)
3. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
4. Dubbelklik op "Combofix.exe" om de tool te starten.
5. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de ‘tool’ vastlopen.
* Noot !!! Als er een error wordt getoond met de melding “Illegal operation attempted on a registery key that has been marked for deletion.” herstart dan de computer.
6. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
Gr.Ben
Antivirusprikbord
ricardo

04-04-2012 20:21

hoi hoi
bij deze het logje van combofix
ComboFix 12-04-04.02 - Ricardo 04-04-2012 19:47:11.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.6074.4570
Gestart vanuit: c:\users\Ricardo\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-03-04 to 2012-04-04 ))))))))))))))))))))))))))))))
.
.
2012-04-04 17:51 . 2012-04-04 17:51 ——– d—–w- c:\users\Public\AppData\Local\temp
2012-04-04 17:51 . 2012-04-04 17:51 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-04-04 17:42 . 2012-04-04 17:44 ——– d—–w- c:\program files (x86)\WiseConvert
2012-04-04 15:21 . 2012-04-04 15:21 ——– d—–w- c:\program files (x86)\Conduit
2012-04-04 14:39 . 2012-03-14 03:27 8669240 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FCFB390A-E8B5-4F5D-90D5-F3E7D5A76F4F}\mpengine.dll
2012-04-04 04:04 . 2012-04-04 04:04 ——– d—–w- c:\program files (x86)\ESET
2012-04-03 03:59 . 2012-04-03 03:59 418464 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-29 22:31 . 2012-03-29 22:31 ——– d—–w- c:\users\Ricardo\AppData\Roaming\QuickScan
2012-03-29 21:53 . 2012-03-29 21:53 ——– d—–w- c:\users\Ricardo\AppData\Local\KSafe
2012-03-26 18:22 . 2011-03-03 15:59 29288 —-a-w- c:\windows\system32\nvhdap64.dll
2012-03-26 18:22 . 2011-03-03 15:59 174184 —-a-w- c:\windows\system32\drivers\nvhda64v.sys
2012-03-26 18:22 . 2011-03-03 15:59 1359976 —-a-w- c:\windows\system32\nvhdagenco642040.dll
2012-03-26 18:21 . 2012-03-26 18:21 ——– d—–w- c:\programdata\NVIDIA Corporation
2012-03-26 18:20 . 2011-03-10 13:00 8124520 —-a-w- c:\windows\system32\nvwgf2umx.dll
2012-03-26 18:20 . 2011-03-10 13:00 6042008 —-a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-03-26 18:20 . 2011-03-10 13:00 20487272 —-a-w- c:\windows\system32\nvoglv64.dll
2012-03-26 18:20 . 2011-03-10 13:00 15061400 —-a-w- c:\windows\SysWow64\nvoglv32.dll
2012-03-26 18:20 . 2011-03-10 13:00 13014040 —-a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-03-26 18:20 . 2011-03-10 13:00 12867992 —-a-w- c:\windows\system32\nvd3dumx.dll
2012-03-26 18:20 . 2011-03-10 13:00 10082712 —-a-w- c:\windows\SysWow64\nvd3dum.dll
2012-03-26 18:20 . 2011-03-10 13:00 2214296 —-a-w- c:\windows\system32\nvapi64.dll
2012-03-26 18:20 . 2011-03-10 13:00 1979288 —-a-w- c:\windows\SysWow64\nvapi.dll
2012-03-26 18:16 . 2012-03-26 18:16 ——– d—–w- c:\users\Ricardo\AppData\Roaming\KSafe
2012-03-26 18:16 . 2012-03-26 18:16 ——– d—–w- c:\programdata\KSafe
2012-03-26 18:10 . 2012-03-26 18:10 ——– d—–w- C:\KSafeRecycle
2012-03-26 18:10 . 2012-03-26 18:10 ——– d—–w- c:\users\Ricardo\AppData\Roaming\kingsoft
2012-03-26 18:10 . 2012-03-29 22:13 ——– d—–w- c:\programdata\Kingsoft
2012-03-26 18:10 . 2012-03-26 18:10 ——– d—–w- c:\program files (x86)\Kingsoft
2012-03-26 17:30 . 2012-03-26 17:30 ——– d—–w- c:\program files (x86)\NVIDIA Corporation
2012-03-26 17:28 . 2011-03-10 13:00 1612184 —-a-w- c:\windows\system32\nvdispco642090.dll
2012-03-26 17:28 . 2011-03-10 13:00 1357720 —-a-w- c:\windows\system32\nvgenco642040.dll
2012-03-26 17:28 . 2011-03-10 13:00 67176 —-a-w- c:\windows\system32\OpenCL.dll
2012-03-26 17:28 . 2011-03-10 13:00 55704 —-a-w- c:\windows\SysWow64\OpenCL.dll
2012-03-26 17:28 . 2011-03-10 13:00 2895256 —-a-w- c:\windows\SysWow64\nvcuvid.dll
2012-03-26 17:28 . 2011-03-10 13:00 3113576 —-a-w- c:\windows\system32\nvcuvid.dll
2012-03-26 17:28 . 2011-03-10 13:00 2482280 —-a-w- c:\windows\system32\nvcuvenc.dll
2012-03-26 17:28 . 2011-03-10 13:00 4941720 —-a-w- c:\windows\SysWow64\nvcuda.dll
2012-03-26 17:28 . 2011-03-10 13:00 2252904 —-a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-03-26 17:28 . 2011-03-10 13:00 6607976 —-a-w- c:\windows\system32\nvcuda.dll
2012-03-26 17:27 . 2011-03-10 13:00 13011560 —-a-w- c:\windows\SysWow64\nvcompiler.dll
2012-03-26 17:27 . 2011-03-10 13:00 18577816 —-a-w- c:\windows\system32\nvcompiler.dll
2012-03-26 17:27 . 2011-03-10 13:00 8984 —-a-w- c:\windows\system32\drivers\nvBridge.kmd
2012-03-18 20:07 . 2012-03-18 20:07 ——– d—–w- c:\program files (x86)\InstallShield Installation Information
2012-03-18 20:07 . 2012-03-18 20:07 ——– d—–w- c:\program files (x86)\My Company Name
2012-03-14 06:14 . 2011-11-19 15:20 5559152 —-a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 06:14 . 2011-11-19 14:50 3968368 —-a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 06:14 . 2011-11-19 14:50 3913584 —-a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 05:58 . 2012-02-03 04:34 3145728 —-a-w- c:\windows\system32\win32k.sys
2012-03-14 05:57 . 2012-02-10 06:36 1544192 —-a-w- c:\windows\system32\DWrite.dll
2012-03-14 05:57 . 2012-02-10 05:38 1077248 —-a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 05:57 . 2012-01-25 06:38 77312 —-a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 05:57 . 2012-01-25 06:38 149504 —-a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 05:57 . 2012-01-25 06:33 9216 —-a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 05:57 . 2012-02-17 06:38 1112064 —-a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 05:57 . 2012-02-17 06:38 1031680 —-a-w- c:\windows\system32\rdpcore.dll
2012-03-14 05:57 . 2012-02-17 05:34 826880 —-a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 05:57 . 2012-02-17 04:58 210944 —-a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 05:57 . 2012-02-17 04:57 23552 —-a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-06 22:40 . 2012-03-06 22:40 162664 —-a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-03 03:59 . 2011-06-21 20:39 70304 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-14 03:27 . 2011-06-22 20:30 8669240 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-28 15:23 . 2011-09-17 14:13 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-10 06:25 . 2012-02-10 06:27 927800 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{819A1657-856E-4B73-961C-4B64A4402053}\gapaengine.dll
2012-02-05 12:05 . 2012-02-05 12:05 61440 —-a-w- c:\windows\SysWow64\drivers\jbna.sys
2012-02-05 11:58 . 2012-02-05 11:58 61440 —-a-w- c:\windows\SysWow64\drivers\muudei.sys
2012-02-05 11:47 . 2012-02-05 11:47 61440 —-a-w- c:\windows\SysWow64\drivers\ttkkco.sys
2012-01-31 15:48 . 2012-01-31 15:48 129024 —-a-w- c:\windows\RegBootClean64.exe
2012-01-31 12:44 . 2011-06-20 20:10 279656 ——w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}”= “c:\program files (x86)\WiseConvert\prxtbWis0.dll”
.
.
2011-05-09 08:49 176936 —-a-w- c:\program files (x86)\WiseConvert\prxtbWis0.dll
.
“{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}”= “c:\program files (x86)\WiseConvert\prxtbWis0.dll”
.
.
“IncrediMail”=“c:\program files (x86)\IncrediMail\bin\IncMail.exe”
“Messenger (Yahoo!)”=“c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe”
.
“LogitechQuickCamRibbon”=“c:\program files\Logitech\Logitech WebCam Software\LWS.exe”
“KSafeTray”=“c:\program files (x86)\Kingsoft\PCDoctor\KSafeTray.exe”
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
@=“Service”
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys
R3 MSICDSetup;MSICDSetup;F:\CDriver64.sys
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 KSafeSvc;KSafe service;c:\program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys
S3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys
.
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
2012-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1910047367-3864795175-840720451-1000Core.job
- c:\users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe
.
2012-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1910047367-3864795175-840720451-1000UA.job
- c:\users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
——— x86-64 ———–
.
.
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe”
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3196716
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.115.192.100 62.238.255.69
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.11”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
———————— Andere Aktieve Processen ————————
.
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
.
**************************************************************************
.
Voltooingstijd: 2012-04-04 19:56:46 - machine werd herstart
ComboFix-quarantined-files.txt 2012-04-04 17:56
ComboFix2.txt 2012-02-04 14:35
.
Pre-Run: 325.794.299.904 bytes beschikbaar
Post-Run: 325.394.956.288 bytes beschikbaar
.
- - End Of File - - ED6AA705264C589661E9C40F531AD533
Ben

04-04-2012 21:17

Hallo ricardo,
Recent iets van logitech geinstalleerd ? Want die staat op de verkeerde plaats c:\windows\TEMP\logishrd\LVPrcInj01.dll
Komt dit je bekent voor KSafeRecycle
1. Download TDSSKiller en sla het op je Bureaublad op.
• Pak de bestanden in tdsskiller.zip uit.
• Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Windows 7 en Windows Vista gebruikers:
Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.
Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.
• Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op je Bureaublad op.
• Start TDSSkiller opnieuw.
• Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
•
• Klik op de knop "Start Scan" en volg de instructies.
Note!
Als er "Threats" gevonden worden volgt er automatisch een vervolgscherm na de scan.
Bij een "Fail signature" melding hoef je geen actie te ondernemen.( Gebruik Skip.)
Standaard wordt bij een "Suspicious object" Skip ingevuld. Laat deze actie zo staan. Eventueel zeggen we later wat je hiermee moet doen.
Bij een "Malicious object" wordt er automatisch de actie Cure of Delete ingevuld.
Kies hierbij altijd voor Cure. Wanneer dit niet mogelijk is, selecteer dan Skip.
Alleen bij een "TDSS File System" kies je voor Delete als Cure niet mogelijk is.
Als je niet weet wat in te vullen, gebruik dan Skip en wacht even op wat we adviseren, voordat je iets Delete.
Klik nu op Continue om verder te gaan.
• Wanneer de scan klaar is klik je op de knop "Report".
• Er opent een kladblokbestand. Post de inhoud van dit bestand.
Herstart de pc als TDSSKiller die optie geeft. (Reboot now)
Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.___log.txt
2. Doe hierna een nieuwe scan met Combofix.
3. Plaats nu de logjes van:
TDSS
Combofix
En de antwoorden op mijn vragen
Gr.Ben
Antivirusprikbord
ricardo

04-04-2012 22:02

hoi ben
dat van logitec is van mijn webcam maar die staat er al heel lang op en is dus niet recent geinstaleerd
dat van ksaferecycle ?? dat ken ik dus ook niet
verder geeft hij ook aan dat er een probleem is met 1 of ander stuurprogrammma
hid non user input data filter
mijn videokaart had het begeven en er zit nu ook een nieuwe in
21:28:04.0085 4324 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
21:28:04.0242 4324 ============================================================
21:28:04.0242 4324 Current date / time: 2012/04/04 21:28:04.0242
21:28:04.0242 4324 SystemInfo:
21:28:04.0242 4324
21:28:04.0242 4324 OS Version: 6.1.7601 ServicePack: 1.0
21:28:04.0242 4324 Product type: Workstation
21:28:04.0242 4324 ComputerName: RICARDO-PC
21:28:04.0242 4324 UserName: Ricardo
21:28:04.0242 4324 Windows directory: C:\Windows
21:28:04.0242 4324 System windows directory: C:\Windows
21:28:04.0242 4324 Running under WOW64
21:28:04.0242 4324 Processor architecture: Intel x64
21:28:04.0242 4324 Number of processors: 4
21:28:04.0242 4324 Page size: 0x1000
21:28:04.0242 4324 Boot type: Normal boot
21:28:04.0242 4324 ============================================================
21:28:05.0023 4324 Drive \Device\Harddisk0\DR0 - Size: 0x1315740000 (76.34 Gb), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
21:28:05.0023 4324 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
21:28:05.0039 4324 \Device\Harddisk0\DR0:
21:28:05.0039 4324 MBR used
21:28:05.0039 4324 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x154BBAF
21:28:05.0039 4324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x154BC2D, BlocksNum 0x44AED84
21:28:05.0039 4324 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x59FA9F0, BlocksNum 0x3EAD5FC
21:28:05.0039 4324 \Device\Harddisk1\DR1:
21:28:05.0039 4324 MBR used
21:28:05.0039 4324 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E59AFF0
21:28:05.0039 4324 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x2E59B800, BlocksNum 0x147F2FF8
21:28:05.0039 4324 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x42D8E800, BlocksNum 0x147B6800
21:28:05.0117 4324 Initialize success
21:28:05.0117 4324 ============================================================
21:29:24.0648 5320 ============================================================
21:29:24.0648 5320 Scan started
21:29:24.0648 5320 Mode: Manual; SigCheck; TDLFS;
21:29:24.0648 5320 ============================================================
21:29:25.0085 5320 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:29:25.0179 5320 1394ohci - ok
21:29:25.0195 5320 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:29:25.0226 5320 ACPI - ok
21:29:25.0242 5320 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:29:25.0304 5320 AcpiPmi - ok
21:29:25.0367 5320 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:29:25.0414 5320 AdobeARMservice - ok
21:29:25.0523 5320 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:29:25.0617 5320 AdobeFlashPlayerUpdateSvc - ok
21:29:25.0648 5320 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:29:25.0679 5320 adp94xx - ok
21:29:25.0695 5320 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:29:25.0726 5320 adpahci - ok
21:29:25.0726 5320 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:29:25.0757 5320 adpu320 - ok
21:29:25.0773 5320 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:29:25.0898 5320 AeLookupSvc - ok
21:29:25.0945 5320 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:29:26.0007 5320 AFD - ok
21:29:26.0039 5320 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:29:26.0054 5320 agp440 - ok
21:29:26.0070 5320 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:29:26.0148 5320 ALG - ok
21:29:26.0148 5320 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:29:26.0179 5320 aliide - ok
21:29:26.0195 5320 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:29:26.0210 5320 amdide - ok
21:29:26.0226 5320 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:29:26.0273 5320 AmdK8 - ok
21:29:26.0273 5320 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:29:26.0320 5320 AmdPPM - ok
21:29:26.0351 5320 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:29:26.0367 5320 amdsata - ok
21:29:26.0367 5320 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:29:26.0398 5320 amdsbs - ok
21:29:26.0414 5320 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:29:26.0429 5320 amdxata - ok
21:29:26.0460 5320 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:29:26.0523 5320 AppID - ok
21:29:26.0539 5320 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:29:26.0601 5320 AppIDSvc - ok
21:29:26.0632 5320 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:29:26.0695 5320 Appinfo - ok
21:29:26.0726 5320 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
21:29:26.0773 5320 AppMgmt - ok
21:29:26.0804 5320 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:29:26.0820 5320 arc - ok
21:29:26.0835 5320 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:29:26.0851 5320 arcsas - ok
21:29:26.0882 5320 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:29:26.0929 5320 AsyncMac - ok
21:29:26.0960 5320 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:29:26.0976 5320 atapi - ok
21:29:27.0007 5320 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:29:27.0070 5320 AudioEndpointBuilder - ok
21:29:27.0085 5320 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:29:27.0132 5320 AudioSrv - ok
21:29:27.0164 5320 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:29:27.0242 5320 AxInstSV - ok
21:29:27.0257 5320 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:29:27.0304 5320 b06bdrv - ok
21:29:27.0320 5320 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:29:27.0367 5320 b57nd60a - ok
21:29:27.0398 5320 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:29:27.0445 5320 BDESVC - ok
21:29:27.0476 5320 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:29:27.0523 5320 Beep - ok
21:29:27.0554 5320 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:29:27.0632 5320 BFE - ok
21:29:27.0679 5320 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
21:29:27.0757 5320 BITS - ok
21:29:27.0789 5320 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:29:27.0820 5320 blbdrive - ok
21:29:27.0851 5320 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:29:27.0882 5320 bowser - ok
21:29:27.0898 5320 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:29:27.0945 5320 BrFiltLo - ok
21:29:27.0960 5320 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:29:27.0976 5320 BrFiltUp - ok
21:29:27.0992 5320 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
21:29:28.0039 5320 BridgeMP - ok
21:29:28.0070 5320 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:29:28.0117 5320 Browser - ok
21:29:28.0148 5320 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:29:28.0257 5320 Brserid - ok
21:29:28.0335 5320 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:29:28.0382 5320 BrSerWdm - ok
21:29:28.0398 5320 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:29:28.0414 5320 BrUsbMdm - ok
21:29:28.0414 5320 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:29:28.0445 5320 BrUsbSer - ok
21:29:28.0445 5320 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:29:28.0476 5320 BTHMODEM - ok
21:29:28.0507 5320 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:29:28.0570 5320 bthserv - ok
21:29:28.0570 5320 catchme - ok
21:29:28.0585 5320 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:29:28.0617 5320 cdfs - ok
21:29:28.0648 5320 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:29:28.0679 5320 cdrom - ok
21:29:28.0710 5320 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:29:28.0789 5320 CertPropSvc - ok
21:29:28.0804 5320 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:29:28.0835 5320 circlass - ok
21:29:28.0882 5320 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:29:28.0914 5320 CLFS - ok
21:29:28.0960 5320 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:29:29.0023 5320 clr_optimization_v2.0.50727_32 - ok
21:29:29.0070 5320 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:29:29.0101 5320 clr_optimization_v2.0.50727_64 - ok
21:29:29.0132 5320 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:29:29.0164 5320 clr_optimization_v4.0.30319_32 - ok
21:29:29.0164 5320 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:29:29.0195 5320 clr_optimization_v4.0.30319_64 - ok
21:29:29.0210 5320 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:29:29.0226 5320 CmBatt - ok
21:29:29.0257 5320 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:29:29.0273 5320 cmdide - ok
21:29:29.0304 5320 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:29:29.0351 5320 CNG - ok
21:29:29.0382 5320 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:29:29.0398 5320 Compbatt - ok
21:29:29.0414 5320 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:29:29.0429 5320 CompositeBus - ok
21:29:29.0445 5320 COMSysApp - ok
21:29:29.0460 5320 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:29:29.0476 5320 crcdisk - ok
21:29:29.0507 5320 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:29:29.0570 5320 CryptSvc - ok
21:29:29.0617 5320 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
21:29:29.0664 5320 CSC - ok
21:29:29.0710 5320 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
21:29:29.0757 5320 CscService - ok
21:29:29.0804 5320 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:29:29.0882 5320 DcomLaunch - ok
21:29:29.0914 5320 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:29:29.0960 5320 defragsvc - ok
21:29:30.0007 5320 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:29:30.0054 5320 DfsC - ok
21:29:30.0085 5320 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:29:30.0148 5320 Dhcp - ok
21:29:30.0164 5320 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:29:30.0226 5320 discache - ok
21:29:30.0257 5320 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:29:30.0289 5320 Disk - ok
21:29:30.0320 5320 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:29:30.0351 5320 Dnscache - ok
21:29:30.0382 5320 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:29:30.0445 5320 dot3svc - ok
21:29:30.0492 5320 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:29:30.0554 5320 DPS - ok
21:29:30.0585 5320 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:29:30.0632 5320 drmkaud - ok
21:29:30.0679 5320 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:29:30.0726 5320 DXGKrnl - ok
21:29:30.0757 5320 e1express (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
21:29:30.0789 5320 e1express - ok
21:29:30.0804 5320 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:29:30.0867 5320 EapHost - ok
21:29:30.0945 5320 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:29:31.0023 5320 ebdrv - ok
21:29:31.0054 5320 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:29:31.0117 5320 EFS - ok
21:29:31.0179 5320 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:29:31.0242 5320 ehRecvr - ok
21:29:31.0257 5320 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:29:31.0304 5320 ehSched - ok
21:29:31.0335 5320 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:29:31.0367 5320 elxstor - ok
21:29:31.0398 5320 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:29:31.0429 5320 ErrDev - ok
21:29:31.0476 5320 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:29:31.0539 5320 EventSystem - ok
21:29:31.0554 5320 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:29:31.0601 5320 exfat - ok
21:29:31.0648 5320 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:29:31.0710 5320 fastfat - ok
21:29:31.0742 5320 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:29:31.0882 5320 Fax - ok
21:29:31.0882 5320 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:29:31.0914 5320 fdc - ok
21:29:31.0929 5320 fdejq - ok
21:29:31.0945 5320 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:29:32.0023 5320 fdPHost - ok
21:29:32.0039 5320 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:29:32.0085 5320 FDResPub - ok
21:29:32.0101 5320 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:29:32.0117 5320 FileInfo - ok
21:29:32.0132 5320 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:29:32.0179 5320 Filetrace - ok
21:29:32.0179 5320 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:29:32.0195 5320 flpydisk - ok
21:29:32.0226 5320 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:29:32.0242 5320 FltMgr - ok
21:29:32.0289 5320 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:29:32.0351 5320 FontCache - ok
21:29:32.0429 5320 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:29:32.0445 5320 FontCache3.0.0.0 - ok
21:29:32.0476 5320 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:29:32.0492 5320 FsDepends - ok
21:29:32.0523 5320 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:29:32.0539 5320 Fs_Rec - ok
21:29:32.0570 5320 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:29:32.0601 5320 fvevol - ok
21:29:32.0632 5320 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:29:32.0648 5320 gagp30kx - ok
21:29:32.0695 5320 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:29:32.0773 5320 gpsvc - ok
21:29:32.0789 5320 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:29:32.0835 5320 hcw85cir - ok
21:29:32.0882 5320 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:29:32.0914 5320 HdAudAddService - ok
21:29:32.0960 5320 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:29:32.0992 5320 HDAudBus - ok
21:29:33.0007 5320 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:29:33.0054 5320 HidBatt - ok
21:29:33.0054 5320 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:29:33.0085 5320 HidBth - ok
21:29:33.0101 5320 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:29:33.0132 5320 HidIr - ok
21:29:33.0164 5320 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
21:29:33.0226 5320 hidserv - ok
21:29:33.0242 5320 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:29:33.0273 5320 HidUsb - ok
21:29:33.0304 5320 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:29:33.0351 5320 hkmsvc - ok
21:29:33.0367 5320 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:29:33.0445 5320 HomeGroupListener - ok
21:29:33.0476 5320 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:29:33.0507 5320 HomeGroupProvider - ok
21:29:33.0539 5320 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:29:33.0554 5320 HpSAMD - ok
21:29:33.0585 5320 hqkzp - ok
21:29:33.0648 5320 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:29:33.0742 5320 HTTP - ok
21:29:33.0773 5320 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:29:33.0804 5320 hwpolicy - ok
21:29:33.0835 5320 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:29:33.0851 5320 i8042prt - ok
21:29:33.0898 5320 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:29:33.0929 5320 iaStorV - ok
21:29:33.0976 5320 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:29:34.0007 5320 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:29:34.0007 5320 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:29:34.0085 5320 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:29:34.0148 5320 idsvc - ok
21:29:34.0179 5320 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:29:34.0210 5320 iirsp - ok
21:29:34.0242 5320 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:29:34.0320 5320 IKEEXT - ok
21:29:34.0335 5320 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:29:34.0351 5320 intelide - ok
21:29:34.0367 5320 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:29:34.0398 5320 intelppm - ok
21:29:34.0429 5320 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:29:34.0507 5320 IPBusEnum - ok
21:29:34.0523 5320 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:29:34.0585 5320 IpFilterDriver - ok
21:29:34.0632 5320 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:29:34.0695 5320 iphlpsvc - ok
21:29:34.0726 5320 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:29:34.0757 5320 IPMIDRV - ok
21:29:34.0773 5320 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:29:34.0820 5320 IPNAT - ok
21:29:34.0851 5320 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:29:34.0898 5320 IRENUM - ok
21:29:34.0914 5320 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:29:34.0945 5320 isapnp - ok
21:29:34.0976 5320 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:29:34.0992 5320 iScsiPrt - ok
21:29:35.0023 5320 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:29:35.0039 5320 kbdclass - ok
21:29:35.0054 5320 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:29:35.0085 5320 kbdhid - ok
21:29:35.0117 5320 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:29:35.0148 5320 KeyIso - ok
21:29:35.0210 5320 KSafeSvc (75faeb831cfb7bc9398ac96fe219ee45) C:\Program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
21:29:35.0382 5320 KSafeSvc - ok
21:29:35.0414 5320 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:29:35.0445 5320 KSecDD - ok
21:29:35.0492 5320 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:29:35.0507 5320 KSecPkg - ok
21:29:35.0539 5320 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:29:35.0585 5320 ksthunk - ok
21:29:35.0632 5320 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:29:35.0695 5320 KtmRm - ok
21:29:35.0726 5320 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
21:29:35.0789 5320 LanmanServer - ok
21:29:35.0835 5320 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:29:35.0898 5320 LanmanWorkstation - ok
21:29:35.0929 5320 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:29:35.0976 5320 lltdio - ok
21:29:36.0007 5320 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:29:36.0054 5320 lltdsvc - ok
21:29:36.0070 5320 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:29:36.0117 5320 lmhosts - ok
21:29:36.0132 5320 loboiv - ok
21:29:36.0148 5320 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:29:36.0179 5320 LSI_FC - ok
21:29:36.0179 5320 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:29:36.0195 5320 LSI_SAS - ok
21:29:36.0210 5320 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:29:36.0226 5320 LSI_SAS2 - ok
21:29:36.0226 5320 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:29:36.0242 5320 LSI_SCSI - ok
21:29:36.0273 5320 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:29:36.0320 5320 luafv - ok
21:29:36.0367 5320 lvpopf64 (ce6e5146039d248feb991fbc9e2b6a7b) C:\Windows\system32\DRIVERS\lvpopf64.sys
21:29:36.0445 5320 lvpopf64 - ok
21:29:36.0460 5320 LVPr2M64 (7717a2cb550267860d3933f3fba0216f) C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:29:36.0492 5320 LVPr2M64 - ok
21:29:36.0492 5320 LVPr2Mon (7717a2cb550267860d3933f3fba0216f) C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:29:36.0523 5320 LVPr2Mon - ok
21:29:36.0570 5320 LVPrcS64 (8ebeb7e7a0c3d295ca6bbcfa942c6aa8) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
21:29:36.0695 5320 LVPrcS64 - ok
21:29:36.0710 5320 LVUSBS64 (6d5ea90f86f9b28cd44af6ba9be03bf9) C:\Windows\system32\drivers\LVUSBS64.sys
21:29:36.0726 5320 LVUSBS64 - ok
21:29:36.0820 5320 LVUVC64 (eb12688842ede30c843a123fa6855858) C:\Windows\system32\DRIVERS\lvuvc64.sys
21:29:36.0898 5320 LVUVC64 - ok
21:29:36.0929 5320 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:29:36.0976 5320 Mcx2Svc - ok
21:29:37.0007 5320 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:29:37.0023 5320 megasas - ok
21:29:37.0039 5320 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:29:37.0070 5320 MegaSR - ok
21:29:37.0101 5320 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:29:37.0148 5320 MMCSS - ok
21:29:37.0164 5320 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:29:37.0210 5320 Modem - ok
21:29:37.0226 5320 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:29:37.0273 5320 monitor - ok
21:29:37.0304 5320 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:29:37.0320 5320 mouclass - ok
21:29:37.0335 5320 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:29:37.0367 5320 mouhid - ok
21:29:37.0429 5320 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:29:37.0460 5320 mountmgr - ok
21:29:37.0507 5320 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
21:29:37.0539 5320 MpFilter - ok
21:29:37.0554 5320 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:29:37.0570 5320 mpio - ok
21:29:37.0601 5320 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:29:37.0617 5320 MpNWMon - ok
21:29:37.0617 5320 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:29:37.0679 5320 mpsdrv - ok
21:29:37.0726 5320 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:29:37.0804 5320 MpsSvc - ok
21:29:37.0835 5320 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:29:37.0867 5320 MRxDAV - ok
21:29:37.0898 5320 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:29:37.0960 5320 mrxsmb - ok
21:29:37.0992 5320 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:29:38.0023 5320 mrxsmb10 - ok
21:29:38.0039 5320 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:29:38.0070 5320 mrxsmb20 - ok
21:29:38.0085 5320 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:29:38.0101 5320 msahci - ok
21:29:38.0117 5320 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:29:38.0148 5320 msdsm - ok
21:29:38.0164 5320 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:29:38.0210 5320 MSDTC - ok
21:29:38.0242 5320 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:29:38.0273 5320 Msfs - ok
21:29:38.0289 5320 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:29:38.0335 5320 mshidkmdf - ok
21:29:38.0335 5320 MSICDSetup - ok
21:29:38.0429 5320 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:29:38.0492 5320 msisadrv - ok
21:29:38.0585 5320 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:29:38.0648 5320 MSiSCSI - ok
21:29:38.0648 5320 msiserver - ok
21:29:38.0664 5320 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:29:38.0710 5320 MSKSSRV - ok
21:29:38.0804 5320 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
21:29:38.0820 5320 MsMpSvc - ok
21:29:38.0835 5320 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:29:38.0867 5320 MSPCLOCK - ok
21:29:38.0882 5320 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:29:38.0929 5320 MSPQM - ok
21:29:38.0960 5320 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:29:38.0992 5320 MsRPC - ok
21:29:39.0007 5320 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:29:39.0039 5320 mssmbios - ok
21:29:39.0039 5320 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:29:39.0085 5320 MSTEE - ok
21:29:39.0101 5320 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:29:39.0117 5320 MTConfig - ok
21:29:39.0148 5320 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:29:39.0164 5320 Mup - ok
21:29:39.0210 5320 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:29:39.0273 5320 napagent - ok
21:29:39.0304 5320 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:29:39.0351 5320 NativeWifiP - ok
21:29:39.0382 5320 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:29:39.0429 5320 NDIS - ok
21:29:39.0445 5320 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:29:39.0492 5320 NdisCap - ok
21:29:39.0507 5320 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:29:39.0570 5320 NdisTapi - ok
21:29:39.0601 5320 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:29:39.0648 5320 Ndisuio - ok
21:29:39.0695 5320 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:29:39.0742 5320 NdisWan - ok
21:29:39.0789 5320 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:29:39.0820 5320 NDProxy - ok
21:29:39.0835 5320 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:29:39.0882 5320 NetBIOS - ok
21:29:39.0898 5320 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:29:39.0945 5320 NetBT - ok
21:29:39.0976 5320 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:29:40.0007 5320 Netlogon - ok
21:29:40.0039 5320 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:29:40.0085 5320 Netman - ok
21:29:40.0117 5320 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:29:40.0164 5320 netprofm - ok
21:29:40.0242 5320 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:29:40.0273 5320 NetTcpPortSharing - ok
21:29:40.0289 5320 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:29:40.0320 5320 nfrd960 - ok
21:29:40.0367 5320 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:29:40.0382 5320 NisDrv - ok
21:29:40.0476 5320 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
21:29:40.0523 5320 NisSrv - ok
21:29:40.0539 5320 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:29:40.0585 5320 NlaSvc - ok
21:29:40.0601 5320 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:29:40.0648 5320 Npfs - ok
21:29:40.0679 5320 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:29:40.0742 5320 nsi - ok
21:29:40.0757 5320 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:29:40.0804 5320 nsiproxy - ok
21:29:40.0867 5320 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:29:40.0929 5320 Ntfs - ok
21:29:40.0976 5320 NuidFltr (d1a29d9a01bb90091847a802793576d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
21:29:40.0992 5320 NuidFltr - ok
21:29:41.0023 5320 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:29:41.0085 5320 Null - ok
21:29:41.0117 5320 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
21:29:41.0148 5320 NVHDA - ok
21:29:41.0398 5320 nvlddmkm (9ce8977440293d56641e17b0a3f0c2eb) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:29:42.0273 5320 nvlddmkm - ok
21:29:42.0320 5320 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:29:42.0335 5320 nvraid - ok
21:29:42.0367 5320 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:29:42.0382 5320 nvstor - ok
21:29:42.0476 5320 NVSvc (03af3264e58c6e3402fba2a5d470a6b5) C:\Windows\system32\nvvsvc.exe
21:29:42.0679 5320 NVSvc ( UnsignedFile.Multi.Generic ) - warning
21:29:42.0679 5320 NVSvc - detected UnsignedFile.Multi.Generic (1)
21:29:42.0742 5320 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:29:42.0757 5320 nv_agp - ok
21:29:42.0835 5320 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:29:42.0914 5320 odserv - ok
21:29:42.0945 5320 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:29:42.0992 5320 ohci1394 - ok
21:29:43.0007 5320 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:29:43.0054 5320 ose - ok
21:29:43.0085 5320 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:29:43.0132 5320 p2pimsvc - ok
21:29:43.0164 5320 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:29:43.0195 5320 p2psvc - ok
21:29:43.0242 5320 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:29:43.0257 5320 Parport - ok
21:29:43.0289 5320 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:29:43.0304 5320 partmgr - ok
21:29:43.0335 5320 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:29:43.0382 5320 PcaSvc - ok
21:29:43.0414 5320 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:29:43.0445 5320 pci - ok
21:29:43.0460 5320 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:29:43.0476 5320 pciide - ok
21:29:43.0507 5320 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:29:43.0523 5320 pcmcia - ok
21:29:43.0554 5320 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:29:43.0570 5320 pcw - ok
21:29:43.0632 5320 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:29:43.0757 5320 PEAUTH - ok
21:29:43.0820 5320 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
21:29:43.0898 5320 PeerDistSvc - ok
21:29:43.0945 5320 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:29:43.0992 5320 PerfHost - ok
21:29:44.0054 5320 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:29:44.0117 5320 pla - ok
21:29:44.0164 5320 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:29:44.0210 5320 PlugPlay - ok
21:29:44.0226 5320 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:29:44.0257 5320 PNRPAutoReg - ok
21:29:44.0273 5320 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:29:44.0304 5320 PNRPsvc - ok
21:29:44.0335 5320 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:29:44.0398 5320 PolicyAgent - ok
21:29:44.0445 5320 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:29:44.0523 5320 Power - ok
21:29:44.0554 5320 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:29:44.0585 5320 PptpMiniport - ok
21:29:44.0617 5320 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:29:44.0648 5320 Processor - ok
21:29:44.0679 5320 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:29:44.0742 5320 ProfSvc - ok
21:29:44.0773 5320 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:29:44.0789 5320 ProtectedStorage - ok
21:29:44.0820 5320 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:29:44.0882 5320 Psched - ok
21:29:44.0914 5320 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:29:44.0976 5320 ql2300 - ok
21:29:44.0976 5320 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:29:45.0007 5320 ql40xx - ok
21:29:45.0023 5320 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:29:45.0054 5320 QWAVE - ok
21:29:45.0070 5320 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:29:45.0117 5320 QWAVEdrv - ok
21:29:45.0132 5320 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:29:45.0179 5320 RasAcd - ok
21:29:45.0195 5320 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:29:45.0257 5320 RasAgileVpn - ok
21:29:45.0257 5320 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:29:45.0304 5320 RasAuto - ok
21:29:45.0335 5320 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:29:45.0398 5320 Rasl2tp - ok
21:29:45.0445 5320 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:29:45.0507 5320 RasMan - ok
21:29:45.0523 5320 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:29:45.0554 5320 RasPppoe - ok
21:29:45.0570 5320 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:29:45.0601 5320 RasSstp - ok
21:29:45.0617 5320 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:29:45.0679 5320 rdbss - ok
21:29:45.0695 5320 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:29:45.0726 5320 rdpbus - ok
21:29:45.0742 5320 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:29:45.0789 5320 RDPCDD - ok
21:29:45.0820 5320 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
21:29:45.0867 5320 RDPDR - ok
21:29:45.0882 5320 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:29:45.0929 5320 RDPENCDD - ok
21:29:45.0960 5320 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:29:45.0992 5320 RDPREFMP - ok
21:29:46.0023 5320 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
21:29:46.0070 5320 RdpVideoMiniport - ok
21:29:46.0101 5320 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:29:46.0164 5320 RDPWD - ok
21:29:46.0195 5320 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:29:46.0226 5320 rdyboost - ok
21:29:46.0257 5320 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:29:46.0335 5320 RemoteAccess - ok
21:29:46.0367 5320 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:29:46.0414 5320 RemoteRegistry - ok
21:29:46.0429 5320 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:29:46.0476 5320 RpcEptMapper - ok
21:29:46.0492 5320 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:29:46.0523 5320 RpcLocator - ok
21:29:46.0570 5320 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:29:46.0632 5320 RpcSs - ok
21:29:46.0664 5320 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:29:46.0710 5320 rspndr - ok
21:29:46.0742 5320 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
21:29:46.0789 5320 s3cap - ok
21:29:46.0820 5320 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:29:46.0851 5320 SamSs - ok
21:29:46.0867 5320 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:29:46.0898 5320 sbp2port - ok
21:29:46.0914 5320 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:29:46.0976 5320 SCardSvr - ok
21:29:47.0007 5320 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:29:47.0054 5320 scfilter - ok
21:29:47.0117 5320 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:29:47.0195 5320 Schedule - ok
21:29:47.0242 5320 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:29:47.0304 5320 SCPolicySvc - ok
21:29:47.0335 5320 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:29:47.0398 5320 SDRSVC - ok
21:29:47.0414 5320 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:29:47.0476 5320 secdrv - ok
21:29:47.0523 5320 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:29:47.0570 5320 seclogon - ok
21:29:47.0601 5320 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
21:29:47.0679 5320 SENS - ok
21:29:47.0695 5320 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:29:47.0726 5320 SensrSvc - ok
21:29:47.0757 5320 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:29:47.0773 5320 Serenum - ok
21:29:47.0789 5320 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:29:47.0804 5320 Serial - ok
21:29:47.0835 5320 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:29:47.0851 5320 sermouse - ok
21:29:47.0898 5320 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:29:47.0945 5320 SessionEnv - ok
21:29:47.0992 5320 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:29:48.0023 5320 sffdisk - ok
21:29:48.0054 5320 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:29:48.0085 5320 sffp_mmc - ok
21:29:48.0117 5320 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:29:48.0148 5320 sffp_sd - ok
21:29:48.0164 5320 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:29:48.0195 5320 sfloppy - ok
21:29:48.0242 5320 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:29:48.0289 5320 SharedAccess - ok
21:29:48.0335 5320 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:29:48.0414 5320 ShellHWDetection - ok
21:29:48.0429 5320 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:29:48.0445 5320 SiSRaid2 - ok
21:29:48.0460 5320 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:29:48.0492 5320 SiSRaid4 - ok
21:29:48.0507 5320 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:29:48.0554 5320 Smb - ok
21:29:48.0570 5320 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:29:48.0617 5320 SNMPTRAP - ok
21:29:48.0632 5320 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:29:48.0648 5320 spldr - ok
21:29:48.0695 5320 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:29:48.0789 5320 Spooler - ok
21:29:48.0914 5320 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:29:49.0023 5320 sppsvc - ok
21:29:49.0039 5320 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:29:49.0101 5320 sppuinotify - ok
21:29:49.0132 5320 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:29:49.0210 5320 srv - ok
21:29:49.0226 5320 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:29:49.0273 5320 srv2 - ok
21:29:49.0304 5320 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:29:49.0335 5320 srvnet - ok
21:29:49.0367 5320 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:29:49.0429 5320 SSDPSRV - ok
21:29:49.0460 5320 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:29:49.0507 5320 SstpSvc - ok
21:29:49.0601 5320 Stereo Service (34b0167b9ac3f39b6977a2e2c30cacc1) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:29:49.0695 5320 Stereo Service - ok
21:29:49.0726 5320 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:29:49.0742 5320 stexstor - ok
21:29:49.0789 5320 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:29:49.0851 5320 stisvc - ok
21:29:49.0898 5320 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
21:29:49.0914 5320 storflt - ok
21:29:49.0945 5320 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
21:29:49.0960 5320 storvsc - ok
21:29:49.0976 5320 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:29:50.0007 5320 swenum - ok
21:29:50.0054 5320 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:29:50.0132 5320 swprv - ok
21:29:50.0148 5320 Synth3dVsc - ok
21:29:50.0195 5320 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:29:50.0273 5320 SysMain - ok
21:29:50.0304 5320 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:29:50.0335 5320 TabletInputService - ok
21:29:50.0351 5320 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:29:50.0429 5320 TapiSrv - ok
21:29:50.0445 5320 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:29:50.0507 5320 TBS - ok
21:29:50.0585 5320 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:29:50.0648 5320 Tcpip - ok
21:29:50.0679 5320 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:29:50.0726 5320 TCPIP6 - ok
21:29:50.0773 5320 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:29:50.0804 5320 tcpipreg - ok
21:29:50.0835 5320 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:29:50.0867 5320 TDPIPE - ok
21:29:50.0882 5320 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:29:50.0914 5320 TDTCP - ok
21:29:50.0945 5320 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:29:51.0007 5320 tdx - ok
21:29:51.0023 5320 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:29:51.0054 5320 TermDD - ok
21:29:51.0085 5320 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:29:51.0132 5320 TermService - ok
21:29:51.0164 5320 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:29:51.0210 5320 Themes - ok
21:29:51.0242 5320 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:29:51.0273 5320 THREADORDER - ok
21:29:51.0289 5320 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:29:51.0335 5320 TrkWks - ok
21:29:51.0382 5320 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:29:51.0476 5320 TrustedInstaller - ok
21:29:51.0507 5320 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:29:51.0539 5320 tssecsrv - ok
21:29:51.0570 5320 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:29:51.0601 5320 TsUsbFlt - ok
21:29:51.0617 5320 tsusbhub - ok
21:29:51.0648 5320 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:29:51.0726 5320 tunnel - ok
21:29:51.0757 5320 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:29:51.0789 5320 uagp35 - ok
21:29:51.0804 5320 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:29:51.0867 5320 udfs - ok
21:29:51.0882 5320 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:29:51.0914 5320 UI0Detect - ok
21:29:51.0945 5320 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:29:51.0976 5320 uliagpkx - ok
21:29:51.0992 5320 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:29:52.0023 5320 umbus - ok
21:29:52.0054 5320 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:29:52.0070 5320 UmPass - ok
21:29:52.0085 5320 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
21:29:52.0148 5320 UmRdpService - ok
21:29:52.0179 5320 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:29:52.0257 5320 upnphost - ok
21:29:52.0289 5320 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:29:52.0335 5320 usbaudio - ok
21:29:52.0367 5320 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:29:52.0398 5320 usbccgp - ok
21:29:52.0445 5320 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:29:52.0460 5320 usbcir - ok
21:29:52.0492 5320 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:29:52.0507 5320 usbehci - ok
21:29:52.0539 5320 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:29:52.0585 5320 usbhub - ok
21:29:52.0617 5320 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:29:52.0648 5320 usbohci - ok
21:29:52.0664 5320 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:29:52.0695 5320 usbprint - ok
21:29:52.0726 5320 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:29:52.0773 5320 USBSTOR - ok
21:29:52.0789 5320 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
21:29:52.0804 5320 usbuhci - ok
21:29:52.0820 5320 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:29:52.0882 5320 UxSms - ok
21:29:52.0914 5320 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:29:52.0945 5320 VaultSvc - ok
21:29:52.0960 5320 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:29:52.0976 5320 vdrvroot - ok
21:29:53.0023 5320 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:29:53.0085 5320 vds - ok
21:29:53.0101 5320 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:29:53.0117 5320 vga - ok
21:29:53.0132 5320 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:29:53.0179 5320 VgaSave - ok
21:29:53.0195 5320 VGPU - ok
21:29:53.0210 5320 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:29:53.0226 5320 vhdmp - ok
21:29:53.0257 5320 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:29:53.0273 5320 viaide - ok
21:29:53.0289 5320 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
21:29:53.0304 5320 vmbus - ok
21:29:53.0320 5320 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
21:29:53.0351 5320 VMBusHID - ok
21:29:53.0382 5320 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:29:53.0398 5320 volmgr - ok
21:29:53.0429 5320 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:29:53.0460 5320 volmgrx - ok
21:29:53.0476 5320 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:29:53.0507 5320 volsnap - ok
21:29:53.0523 5320 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:29:53.0539 5320 vsmraid - ok
21:29:53.0601 5320 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:29:53.0695 5320 VSS - ok
21:29:53.0710 5320 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:29:53.0742 5320 vwifibus - ok
21:29:53.0757 5320 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:29:53.0820 5320 W32Time - ok
21:29:53.0835 5320 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:29:53.0851 5320 WacomPen - ok
21:29:53.0867 5320 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:29:53.0914 5320 WANARP - ok
21:29:53.0914 5320 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:29:53.0945 5320 Wanarpv6 - ok
21:29:54.0007 5320 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:29:54.0289 5320 WatAdminSvc - ok
21:29:54.0335 5320 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:29:54.0476 5320 wbengine - ok
21:29:54.0492 5320 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:29:54.0523 5320 WbioSrvc - ok
21:29:54.0554 5320 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:29:54.0601 5320 wcncsvc - ok
21:29:54.0617 5320 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:29:54.0664 5320 WcsPlugInService - ok
21:29:54.0679 5320 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:29:54.0695 5320 Wd - ok
21:29:54.0726 5320 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:29:54.0742 5320 Wdf01000 - ok
21:29:54.0773 5320 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:29:54.0851 5320 WdiServiceHost - ok
21:29:54.0867 5320 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:29:54.0898 5320 WdiSystemHost - ok
21:29:54.0914 5320 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:29:54.0960 5320 WebClient - ok
21:29:54.0976 5320 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:29:55.0039 5320 Wecsvc - ok
21:29:55.0054 5320 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:29:55.0101 5320 wercplsupport - ok
21:29:55.0117 5320 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:29:55.0179 5320 WerSvc - ok
21:29:55.0195 5320 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:29:55.0242 5320 WfpLwf - ok
21:29:55.0257 5320 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:29:55.0273 5320 WIMMount - ok
21:29:55.0289 5320 WinDefend - ok
21:29:55.0304 5320 WinHttpAutoProxySvc - ok
21:29:55.0351 5320 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:29:55.0414 5320 Winmgmt - ok
21:29:55.0460 5320 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:29:55.0570 5320 WinRM - ok
21:29:55.0617 5320 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:29:55.0695 5320 Wlansvc - ok
21:29:55.0804 5320 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:29:55.0929 5320 wlidsvc - ok
21:29:55.0960 5320 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:29:55.0992 5320 WmiAcpi - ok
21:29:56.0023 5320 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:29:56.0070 5320 wmiApSrv - ok
21:29:56.0070 5320 WMPNetworkSvc - ok
21:29:56.0101 5320 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:29:56.0148 5320 WPCSvc - ok
21:29:56.0179 5320 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:29:56.0210 5320 WPDBusEnum - ok
21:29:56.0226 5320 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:29:56.0273 5320 ws2ifsl - ok
21:29:56.0304 5320 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
21:29:56.0351 5320 wscsvc - ok
21:29:56.0351 5320 WSearch - ok
21:29:56.0429 5320 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:29:56.0539 5320 wuauserv - ok
21:29:56.0570 5320 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:29:56.0632 5320 WudfPf - ok
21:29:56.0648 5320 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:29:56.0695 5320 WUDFRd - ok
21:29:56.0726 5320 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:29:56.0789 5320 wudfsvc - ok
21:29:56.0820 5320 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:29:56.0851 5320 WwanSvc - ok
21:29:56.0867 5320 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:29:57.0148 5320 \Device\Harddisk0\DR0 - ok
21:29:57.0179 5320 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
21:29:57.0257 5320 \Device\Harddisk1\DR1 - ok
21:29:57.0273 5320 Boot (0x1200) (6f4ad77c2e46e18ddcc5fb68ec2b5585) \Device\Harddisk0\DR0\Partition0
21:29:57.0273 5320 \Device\Harddisk0\DR0\Partition0 - ok
21:29:57.0289 5320 Boot (0x1200) (a0a42c8f6caac2aba088a06bbbb42afe) \Device\Harddisk0\DR0\Partition1
21:29:57.0289 5320 \Device\Harddisk0\DR0\Partition1 - ok
21:29:57.0304 5320 Boot (0x1200) (9a357c714d434175e76ef026c3a9312b) \Device\Harddisk0\DR0\Partition2
21:29:57.0304 5320 \Device\Harddisk0\DR0\Partition2 - ok
21:29:57.0304 5320 Boot (0x1200) (548bf68f5240d01bf46683fde18d880a) \Device\Harddisk1\DR1\Partition0
21:29:57.0320 5320 \Device\Harddisk1\DR1\Partition0 - ok
21:29:57.0351 5320 Boot (0x1200) (3f6fffb12cdb62488ba654f4bc413890) \Device\Harddisk1\DR1\Partition1
21:29:57.0351 5320 \Device\Harddisk1\DR1\Partition1 - ok
21:29:57.0367 5320 Boot (0x1200) (64155b8f8242a1fc5573dd94d3801b97) \Device\Harddisk1\DR1\Partition2
21:29:57.0367 5320 \Device\Harddisk1\DR1\Partition2 - ok
21:29:57.0367 5320 ============================================================
21:29:57.0367 5320 Scan finished
21:29:57.0367 5320 ============================================================
21:29:57.0367 4008 Detected object count: 2
21:29:57.0367 4008 Actual detected object count: 2
21:31:39.0320 4008 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:39.0320 4008 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:39.0320 4008 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:39.0320 4008 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:01.0188 3360 Deinitialize success

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

HELP BOTNET WAARSCHUWING

ricardo

ricardo

Ben

Jos H

ricardo

ricardo

Ben

ricardo

Ben

ricardo