UPDATE : Foutmelding 80070641

[marfra10]

Hallo,
Gisteren 10-07-2013 grote update van Microsoft (18 stuks)
Foutmelding bij de laatste update : Code 80070641

Update KB2687309 - Beveiligingsupdate voor MS Office 2007

Verschillende malen opnieuw geprobeerd maar lukt niet!
Installer Service staat op Automatisch
Meerdere keren opnieuw gestart

Ik heb geen idee wat ik zou moeten doen.
Alvast dank voor uw goede raad!
Frank

MS WINDOWS VISTA HOME PREMIUM 64-BIT SP2
INTEL CORE2 QUAD CPU Q9450 @ 2,66GHZ, 4,0GB RAM
NVIDIA GEFORCE 9600 GS

 

[swake]

Start HijackThis en voer uit als administrator
Kies voor Do a system scan only
Vink na de scan volgend item aan.

O4 - HKCU\..\Run: [Windows Media Player] C:\Program Files (x86)\Windows Media Player\wmplayer.exe

klik op Fix Checked om de items te verwijderen.
Sluit hijackThis af en herstart de computer.

Download TDSSkiller naar je bureaublad.


Als er door TDSSkiller een melding verschijnt dat er een update wordt gevonden klikt dan op Load update.

Een nieuwere versie van TDDSkiller zal gedownload worden , en sla deze op het bureaublad op.
Start opnieuw TDSKiller na de update.
Klik op Change parameters en zorg ervoor dat onderstaande opties allemaal aangevinkt zijn.

- Services and drivers
- Boot sectors
- Verify drivers digital signatures
-Detect TDLFS file system
Klik op OK

Klik op Start Scan en volg de instructies.
Als de scan klaar is klik je op Report.
Selecteer de inhoud (log) en plaats deze in een nieuw antwoord.

Wanneer TDSSKiller een mededeling geeft om het bestand te herstellen (Cure),dan sta je dit toe. In dit geval zal gevraagd worden om de computer opnieuw te herstarten. Herstart dan onmiddelijk de computer !!!
De unsigned files skip je.
Rootkit.Boot.SST.b en en of andere zoals Sinowal, ZeroAccess of Whistler laat je herstellen Cure.
Na opnieuw herstarten van de computer vind je het logbestand terug op deze locatie C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
Voeg het logbestand bij een nieuw antwoord + nieuw HijackThis log

 

[marfra10]

Hallo Swake,

Anti-Virus ESET NOD32 loopt nochtans normaal, wordt frekwent geupdated en geeft meldingen waar nodig.

HiJack-This : item 04 HKCU (Windows Media Player) verwijderd en opnieuw gestart.

Instructies TDSSkiller opgevolgd. Geen melding om bestanden te herstellen. Geen unsigned files.

Logbestand hierna :

16:28:50.0284 5460 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:28:50.0528 5460 ============================================================
16:28:50.0528 5460 Current date / time: 2013/07/25 16:28:50.0528
16:28:50.0528 5460 SystemInfo:
16:28:50.0528 5460
16:28:50.0528 5460 OS Version: 6.0.6002 ServicePack: 2.0
16:28:50.0528 5460 Product type: Workstation
16:28:50.0528 5460 ComputerName: HP_DESKTOP
16:28:50.0528 5460 UserName: Frank
16:28:50.0528 5460 Windows directory: C:\Windows
16:28:50.0528 5460 System windows directory: C:\Windows
16:28:50.0528 5460 Running under WOW64
16:28:50.0528 5460 Processor architecture: Intel x64
16:28:50.0528 5460 Number of processors: 4
16:28:50.0528 5460 Page size: 0x1000
16:28:50.0528 5460 Boot type: Normal boot
16:28:50.0528 5460 ============================================================
16:28:50.0910 5460 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:28:50.0975 5460 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:28:51.0001 5460 ============================================================
16:28:51.0001 5460 \Device\Harddisk0\DR0:
16:28:51.0002 5460 MBR partitions:
16:28:51.0002 5460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38B9E3EA
16:28:51.0002 5460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B9E429, BlocksNum 0x17E6818
16:28:51.0002 5460 \Device\Harddisk1\DR1:
16:28:51.0002 5460 MBR partitions:
16:28:51.0002 5460 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C2000
16:28:51.0002 5460 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1D1C2800, BlocksNum 0x1D1C2800
16:28:51.0002 5460 ============================================================
16:28:51.0046 5460 C: <-> \Device\Harddisk0\DR0\Partition1
16:28:51.0104 5460 D: <-> \Device\Harddisk0\DR0\Partition2
16:28:51.0139 5460 E: <-> \Device\Harddisk1\DR1\Partition1
16:28:51.0179 5460 K: <-> \Device\Harddisk1\DR1\Partition2
16:28:51.0179 5460 ============================================================
16:28:51.0179 5460 Initialize success
16:28:51.0179 5460 ============================================================
16:30:29.0272 4888 ============================================================
16:30:29.0272 4888 Scan started
16:30:29.0272 4888 Mode: Manual; SigCheck; TDLFS;
16:30:29.0272 4888 ============================================================
16:30:31.0397 4888 ================ Scan system memory ========================
16:30:31.0397 4888 System memory - ok
16:30:31.0397 4888 ================ Scan services =============================
16:30:31.0609 4888 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:30:31.0729 4888 ACDaemon - ok
16:30:32.0708 4888 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:30:32.0793 4888 ACPI - ok
16:30:32.0840 4888 [ 198D2EC47401B7EF8A68E763D1A1DC19 ] ACSSCR C:\Windows\system32\DRIVERS\a38usb.sys
16:30:32.0919 4888 ACSSCR - ok
16:30:32.0954 4888 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
16:30:32.0973 4888 adfs - ok
16:30:33.0178 4888 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:30:33.0199 4888 AdobeARMservice - ok
16:30:33.0914 4888 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:30:33.0925 4888 AdobeFlashPlayerUpdateSvc - ok
16:30:34.0005 4888 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:30:34.0061 4888 adp94xx - ok
16:30:34.0115 4888 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:30:34.0151 4888 adpahci - ok
16:30:34.0171 4888 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:30:34.0195 4888 adpu160m - ok
16:30:34.0230 4888 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:30:34.0267 4888 adpu320 - ok
16:30:34.0290 4888 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:30:34.0758 4888 AeLookupSvc - ok
16:30:34.0808 4888 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
16:30:34.0818 4888 Afc - ok
16:30:34.0886 4888 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
16:30:34.0970 4888 AFD - ok
16:30:34.0999 4888 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:30:35.0022 4888 agp440 - ok
16:30:35.0052 4888 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:30:35.0069 4888 aic78xx - ok
16:30:35.0093 4888 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
16:30:35.0860 4888 ALG - ok
16:30:35.0925 4888 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
16:30:35.0949 4888 aliide - ok
16:30:35.0965 4888 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
16:30:35.0984 4888 amdide - ok
16:30:36.0002 4888 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:30:36.0061 4888 AmdK8 - ok
16:30:36.0095 4888 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
16:30:36.0153 4888 Appinfo - ok
16:30:36.0319 4888 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:30:36.0341 4888 Apple Mobile Device - ok
16:30:36.0362 4888 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
16:30:36.0382 4888 arc - ok
16:30:36.0406 4888 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:30:36.0424 4888 arcsas - ok
16:30:36.0442 4888 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:30:36.0550 4888 AsyncMac - ok
16:30:36.0614 4888 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
16:30:36.0673 4888 atapi - ok
16:30:36.0749 4888 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:30:36.0887 4888 AudioEndpointBuilder - ok
16:30:36.0923 4888 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:30:36.0954 4888 AudioSrv - ok
16:30:37.0010 4888 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
16:30:37.0116 4888 BFE - ok
16:30:37.0251 4888 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
16:30:37.0639 4888 BITS - ok
16:30:37.0674 4888 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:30:37.0707 4888 blbdrive - ok
16:30:37.0798 4888 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:30:37.0819 4888 Bonjour Service - ok
16:30:37.0841 4888 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:30:37.0896 4888 bowser - ok
16:30:37.0917 4888 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:30:37.0971 4888 BrFiltLo - ok
16:30:37.0981 4888 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:30:38.0006 4888 BrFiltUp - ok
16:30:38.0034 4888 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
16:30:38.0088 4888 Browser - ok
16:30:38.0104 4888 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
16:30:38.0585 4888 Brserid - ok
16:30:38.0616 4888 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:30:38.0680 4888 BrSerWdm - ok
16:30:38.0699 4888 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:30:38.0768 4888 BrUsbMdm - ok
16:30:38.0800 4888 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:30:38.0862 4888 BrUsbSer - ok
16:30:38.0879 4888 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:30:38.0945 4888 BTHMODEM - ok
16:30:38.0960 4888 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:30:39.0011 4888 cdfs - ok
16:30:39.0035 4888 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:30:39.0066 4888 cdrom - ok
16:30:39.0100 4888 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
16:30:39.0135 4888 CertPropSvc - ok
16:30:39.0159 4888 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:30:39.0219 4888 circlass - ok
16:30:39.0287 4888 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
16:30:39.0337 4888 CLFS - ok
16:30:39.0483 4888 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:30:39.0493 4888 clr_optimization_v2.0.50727_32 - ok
16:30:39.0658 4888 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:30:39.0667 4888 clr_optimization_v2.0.50727_64 - ok
16:30:39.0834 4888 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:30:39.0844 4888 clr_optimization_v4.0.30319_32 - ok
16:30:39.0988 4888 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:30:39.0997 4888 clr_optimization_v4.0.30319_64 - ok
16:30:40.0022 4888 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:30:40.0039 4888 cmdide - ok
16:30:40.0050 4888 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:30:40.0067 4888 Compbatt - ok
16:30:40.0070 4888 COMSysApp - ok
16:30:40.0085 4888 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:30:40.0103 4888 crcdisk - ok
16:30:40.0157 4888 [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:30:40.0223 4888 CryptSvc - ok
16:30:40.0279 4888 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:30:40.0377 4888 DcomLaunch - ok
16:30:40.0408 4888 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:30:40.0472 4888 DfsC - ok
16:30:40.0824 4888 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
16:30:41.0593 4888 DFSR - ok
16:30:41.0691 4888 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:30:41.0792 4888 Dhcp - ok
16:30:41.0817 4888 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
16:30:41.0841 4888 disk - ok
16:30:42.0194 4888 [ 2E279CABD74C2BD983E40210EA80B702 ] Diskeeper C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
16:30:42.0303 4888 Diskeeper - ok
16:30:42.0335 4888 [ 87DF6F629C01B91AD24D64BCA6C04DD5 ] DKDFM C:\Windows\system32\drivers\DKDFM.sys
16:30:42.0354 4888 DKDFM - ok
16:30:42.0384 4888 [ 2F396041C93C45153F075D709F34C801 ] DKRtWrt C:\Windows\system32\DRIVERS\DKRtWrt.sys
16:30:42.0408 4888 DKRtWrt - ok
16:30:42.0468 4888 [ 15BFCEBC1E7D9C165CBEFB4D98D96262 ] DKTLFSMF C:\Windows\system32\drivers\DKTLFSMF.sys
16:30:42.0490 4888 DKTLFSMF - ok
16:30:42.0514 4888 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:30:42.0584 4888 Dnscache - ok
16:30:42.0628 4888 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
16:30:42.0677 4888 dot3svc - ok
16:30:42.0718 4888 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:30:42.0783 4888 Dot4 - ok
16:30:42.0812 4888 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:30:42.0875 4888 Dot4Print - ok
16:30:42.0894 4888 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:30:42.0952 4888 dot4usb - ok
16:30:42.0986 4888 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
16:30:43.0047 4888 DPS - ok
16:30:43.0087 4888 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:30:43.0191 4888 drmkaud - ok
16:30:43.0318 4888 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:30:43.0414 4888 DXGKrnl - ok
16:30:43.0451 4888 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
16:30:43.0522 4888 E1G60 - ok
16:30:43.0606 4888 [ 398904F1FBF13CEF0FCB822E9CA5F2D5 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
16:30:43.0633 4888 eamonm - ok
16:30:43.0662 4888 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
16:30:43.0714 4888 EapHost - ok
16:30:43.0760 4888 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:30:43.0789 4888 Ecache - ok
16:30:43.0850 4888 [ 9E39134330C18CBAC0F24C1283701D7E ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
16:30:43.0876 4888 ehdrv - ok
16:30:43.0997 4888 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:30:44.0049 4888 ehRecvr - ok
16:30:44.0104 4888 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
16:30:44.0134 4888 ehSched - ok
16:30:44.0180 4888 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
16:30:44.0231 4888 ehstart - ok
16:30:44.0510 4888 [ 7FE34FD5652C54BDA8D2DF8AC92E833A ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
16:30:44.0590 4888 ekrn - ok
16:30:44.0672 4888 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:30:44.0723 4888 elxstor - ok
16:30:44.0859 4888 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:30:45.0172 4888 EMDMgmt - ok
16:30:45.0201 4888 [ B4E8DC817963B256537B1EC09AF0647E ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
16:30:45.0236 4888 epfwwfpr - ok
16:30:45.0280 4888 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:30:45.0321 4888 ErrDev - ok
16:30:45.0389 4888 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
16:30:45.0464 4888 EventSystem - ok
16:30:45.0527 4888 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
16:30:45.0604 4888 exfat - ok
16:30:45.0607 4888 ezSharedSvc - ok
16:30:45.0642 4888 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:30:45.0711 4888 fastfat - ok
16:30:45.0748 4888 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:30:45.0786 4888 fdc - ok
16:30:45.0812 4888 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
16:30:45.0847 4888 fdPHost - ok
16:30:45.0871 4888 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
16:30:45.0932 4888 FDResPub - ok
16:30:45.0972 4888 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:30:45.0993 4888 FileInfo - ok
16:30:46.0029 4888 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:30:46.0091 4888 Filetrace - ok
16:30:46.0186 4888 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:30:46.0231 4888 FLEXnet Licensing Service - ok
16:30:46.0305 4888 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:30:46.0349 4888 flpydisk - ok
16:30:46.0408 4888 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:30:46.0448 4888 FltMgr - ok
16:30:46.0528 4888 [ F20A97F51C104DD0A163251325460747 ] FontCache C:\Windows\system32\FntCache.dll
16:30:46.0683 4888 FontCache - ok
16:30:46.0743 4888 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:30:46.0751 4888 FontCache3.0.0.0 - ok
16:30:46.0784 4888 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:30:46.0847 4888 Fs_Rec - ok
16:30:46.0883 4888 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:30:46.0917 4888 gagp30kx - ok
16:30:47.0056 4888 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:30:47.0066 4888 GamesAppService - ok
16:30:47.0219 4888 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
16:30:47.0304 4888 gpsvc - ok
16:30:47.0408 4888 gupdate - ok
16:30:47.0425 4888 gupdatem - ok
16:30:47.0452 4888 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:30:47.0462 4888 gusvc - ok
16:30:47.0776 4888 [ EBCCAF7D68E7878048D1F44A6325FB58 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
16:30:47.0964 4888 HCW85BDA - ok
16:30:48.0035 4888 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:30:48.0125 4888 HDAudBus - ok
16:30:48.0157 4888 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:30:48.0255 4888 HidBth - ok
16:30:48.0286 4888 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:30:48.0339 4888 HidIr - ok
16:30:48.0401 4888 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
16:30:48.0472 4888 hidserv - ok
16:30:48.0497 4888 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:30:48.0551 4888 HidUsb - ok
16:30:48.0595 4888 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
16:30:48.0635 4888 hkmsvc - ok
16:30:48.0735 4888 [ CB383AB0B8BA871D893B86D3C9A3ED9F ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
16:30:48.0769 4888 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
16:30:48.0769 4888 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
16:30:48.0923 4888 [ DEB82AF183F1CD06813D91ED104C645C ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe
16:30:48.0933 4888 HPBtnSrv - ok
16:30:48.0982 4888 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:30:49.0004 4888 HpCISSs - ok
16:30:49.0390 4888 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:30:49.0414 4888 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:30:49.0414 4888 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:30:49.0477 4888 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:30:49.0500 4888 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:30:49.0500 4888 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:30:49.0652 4888 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:30:49.0760 4888 HTTP - ok
16:30:49.0804 4888 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:30:49.0815 4888 i2omp - ok
16:30:49.0842 4888 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:30:49.0908 4888 i8042prt - ok
16:30:49.0991 4888 [ 1117AF8C53AA278A4C5B7EF1B00E08F4 ] IAANTMON C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
16:30:50.0018 4888 IAANTMON - ok
16:30:50.0093 4888 [ 8EACF469269FB1509561961A3188F670 ] iaStor C:\Windows\system32\drivers\iastor.sys
16:30:50.0113 4888 iaStor - ok
16:30:50.0166 4888 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:30:50.0195 4888 iaStorV - ok
16:30:50.0297 4888 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:30:50.0324 4888 idsvc - ok
16:30:50.0354 4888 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:30:50.0365 4888 iirsp - ok
16:30:50.0424 4888 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
16:30:50.0501 4888 IKEEXT - ok
16:30:50.0647 4888 [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:30:50.0731 4888 IntcAzAudAddService - ok
16:30:50.0801 4888 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
16:30:50.0812 4888 intelide - ok
16:30:50.0837 4888 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:30:50.0890 4888 intelppm - ok
16:30:50.0913 4888 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:30:51.0014 4888 IPBusEnum - ok
16:30:51.0147 4888 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:30:51.0189 4888 IpFilterDriver - ok
16:30:51.0244 4888 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:30:51.0350 4888 iphlpsvc - ok
16:30:51.0353 4888 IpInIp - ok
16:30:51.0367 4888 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:30:51.0424 4888 IPMIDRV - ok
16:30:51.0443 4888 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:30:51.0490 4888 IPNAT - ok
16:30:51.0600 4888 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:30:51.0631 4888 iPod Service - ok
16:30:51.0661 4888 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:30:51.0719 4888 IRENUM - ok
16:30:51.0728 4888 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:30:51.0749 4888 isapnp - ok
16:30:51.0793 4888 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:30:51.0818 4888 iScsiPrt - ok
16:30:51.0834 4888 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:30:51.0852 4888 iteatapi - ok
16:30:51.0866 4888 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:30:51.0886 4888 iteraid - ok
16:30:51.0909 4888 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:30:51.0920 4888 kbdclass - ok
16:30:51.0961 4888 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:30:52.0001 4888 kbdhid - ok
16:30:52.0028 4888 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
16:30:52.0080 4888 KeyIso - ok
16:30:52.0142 4888 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:30:52.0183 4888 KSecDD - ok
16:30:52.0213 4888 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:30:52.0271 4888 ksthunk - ok
16:30:52.0319 4888 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
16:30:52.0464 4888 KtmRm - ok
16:30:52.0483 4888 [ 334B862086FA9976D41A58F199ABDC98 ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
16:30:52.0533 4888 L8042mou - ok
16:30:52.0586 4888 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:30:52.0637 4888 LanmanServer - ok
16:30:52.0692 4888 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:30:52.0755 4888 LanmanWorkstation - ok
16:30:52.0850 4888 [ 7CDB827D183C3A29EDAC9E62E399488A ] LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
16:30:52.0860 4888 LBTServ - ok
16:30:52.0890 4888 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
16:30:52.0913 4888 LGBusEnum - ok
16:30:52.0958 4888 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
16:30:52.0965 4888 LGVirHid - ok
16:30:53.0023 4888 [ 83E05435F4D2C0F0A1FD74C41DED44E5 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:30:53.0033 4888 LHidFilt - ok
16:30:53.0096 4888 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:30:53.0112 4888 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:30:53.0112 4888 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:30:53.0162 4888 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:30:53.0218 4888 lltdio - ok
16:30:53.0279 4888 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:30:53.0351 4888 lltdsvc - ok
16:30:53.0371 4888 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:30:53.0422 4888 lmhosts - ok
16:30:53.0473 4888 [ ABCBC7271C33567D686C91CF690CF2EB ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:30:53.0507 4888 LMouFilt - ok
16:30:53.0548 4888 [ 5C3ADFD8B967534AAE431EB70221B648 ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
16:30:53.0598 4888 LMouKE - ok
16:30:53.0618 4888 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:30:53.0651 4888 LSI_FC - ok
16:30:53.0712 4888 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:30:53.0736 4888 LSI_SAS - ok
16:30:53.0769 4888 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:30:53.0794 4888 LSI_SCSI - ok
16:30:53.0809 4888 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
16:30:53.0926 4888 luafv - ok
16:30:53.0978 4888 [ 80E635FFB320912179F40AB3A0307980 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:30:54.0013 4888 LUsbFilt - ok
16:30:54.0016 4888 LVcKap64 - ok
16:30:54.0148 4888 [ 70F452363EC50149697B0DF4FC3CF171 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
16:30:54.0195 4888 lvpopf64 - ok
16:30:54.0246 4888 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:30:54.0254 4888 LVPr2M64 - ok
16:30:54.0257 4888 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:30:54.0264 4888 LVPr2Mon - ok
16:30:54.0319 4888 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
16:30:54.0361 4888 LVRS64 - ok
16:30:54.0386 4888 [ 6562FCEE704F14C05F5338B147D67A16 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
16:30:54.0410 4888 LVUSBS64 - ok
16:30:54.0838 4888 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
16:30:55.0656 4888 LVUVC64 - ok
16:30:55.0660 4888 MagicTune - ok
16:30:55.0702 4888 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:30:55.0729 4888 MBAMProtector - ok
16:30:55.0829 4888 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:30:55.0878 4888 MBAMScheduler - ok
16:30:56.0026 4888 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:30:56.0047 4888 MBAMService - ok
16:30:56.0075 4888 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:30:56.0116 4888 Mcx2Svc - ok
16:30:56.0148 4888 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
16:30:56.0170 4888 megasas - ok
16:30:56.0207 4888 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
16:30:56.0257 4888 MegaSR - ok
16:30:56.0283 4888 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
16:30:56.0318 4888 MMCSS - ok
16:30:56.0351 4888 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
16:30:56.0423 4888 Modem - ok
16:30:56.0460 4888 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:30:56.0507 4888 monitor - ok
16:30:56.0566 4888 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:30:56.0583 4888 mouclass - ok
16:30:56.0607 4888 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:30:56.0660 4888 mouhid - ok
16:30:56.0687 4888 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:30:56.0711 4888 MountMgr - ok
16:30:56.0745 4888 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
16:30:56.0766 4888 mpio - ok
16:30:56.0805 4888 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:30:56.0847 4888 mpsdrv - ok
16:30:56.0985 4888 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
16:30:57.0081 4888 MpsSvc - ok
16:30:57.0111 4888 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:30:57.0134 4888 Mraid35x - ok
16:30:57.0172 4888 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:30:57.0205 4888 MRxDAV - ok
16:30:57.0235 4888 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:30:57.0309 4888 mrxsmb - ok
16:30:57.0354 4888 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:30:57.0468 4888 mrxsmb10 - ok
16:30:57.0495 4888 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:30:57.0540 4888 mrxsmb20 - ok
16:30:57.0568 4888 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
16:30:57.0579 4888 msahci - ok
16:30:57.0622 4888 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:30:57.0665 4888 msdsm - ok
16:30:57.0739 4888 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
16:30:57.0791 4888 MSDTC - ok
16:30:57.0815 4888 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:30:57.0867 4888 Msfs - ok
16:30:57.0940 4888 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:30:57.0963 4888 msisadrv - ok
16:30:58.0012 4888 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:30:58.0066 4888 MSiSCSI - ok
16:30:58.0069 4888 msiserver - ok
16:30:58.0183 4888 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:30:58.0240 4888 MSKSSRV - ok
16:30:58.0256 4888 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:30:58.0284 4888 MSPCLOCK - ok
16:30:58.0298 4888 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:30:58.0355 4888 MSPQM - ok
16:30:58.0396 4888 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:30:58.0437 4888 MsRPC - ok
16:30:58.0453 4888 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:30:58.0477 4888 mssmbios - ok
16:30:58.0499 4888 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:30:58.0567 4888 MSTEE - ok
16:30:58.0598 4888 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
16:30:58.0625 4888 Mup - ok
16:30:58.0686 4888 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
16:30:58.0749 4888 napagent - ok
16:30:58.0805 4888 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:30:58.0849 4888 NativeWifiP - ok
16:30:58.0957 4888 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:30:59.0044 4888 NDIS - ok
16:30:59.0085 4888 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:30:59.0125 4888 NdisTapi - ok
16:30:59.0150 4888 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:30:59.0213 4888 Ndisuio - ok
16:30:59.0258 4888 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:30:59.0304 4888 NdisWan - ok
16:30:59.0324 4888 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:30:59.0367 4888 NDProxy - ok
16:30:59.0397 4888 [ BD94210175C488F18ADD3E189EE9304C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:30:59.0428 4888 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:30:59.0428 4888 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:30:59.0446 4888 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:30:59.0499 4888 NetBIOS - ok
16:30:59.0544 4888 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:30:59.0599 4888 netbt - ok
16:30:59.0649 4888 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
16:30:59.0662 4888 Netlogon - ok
16:30:59.0743 4888 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
16:30:59.0842 4888 Netman - ok
16:30:59.0905 4888 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
16:31:00.0005 4888 netprofm - ok
16:31:00.0080 4888 [ 0E27AF88B9C2291D2FDE9FAAEBD2E9A3 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
16:31:00.0235 4888 netr7364 - ok
16:31:00.0266 4888 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:31:00.0276 4888 NetTcpPortSharing - ok
16:31:00.0303 4888 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:31:00.0324 4888 nfrd960 - ok
16:31:00.0364 4888 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
16:31:00.0412 4888 NlaSvc - ok
16:31:00.0451 4888 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:31:00.0506 4888 Npfs - ok
16:31:00.0540 4888 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
16:31:00.0594 4888 nsi - ok
16:31:00.0625 4888 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:31:00.0675 4888 nsiproxy - ok
16:31:00.0842 4888 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:31:01.0018 4888 Ntfs - ok
16:31:01.0063 4888 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
16:31:01.0125 4888 Null - ok
16:31:02.0493 4888 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:31:03.0482 4888 nvlddmkm - ok
16:31:03.0536 4888 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:31:03.0549 4888 nvraid - ok
16:31:03.0664 4888 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:31:03.0675 4888 nvstor - ok
16:31:03.0715 4888 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe
16:31:03.0746 4888 nvsvc - ok
16:31:03.0894 4888 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:31:03.0932 4888 nvUpdatusService - ok
16:31:03.0991 4888 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:31:04.0017 4888 nv_agp - ok
16:31:04.0020 4888 NwlnkFlt - ok
16:31:04.0024 4888 NwlnkFwd - ok
16:31:04.0039 4888 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:31:04.0093 4888 ohci1394 - ok
16:31:04.0212 4888 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:31:04.0222 4888 ose - ok
16:31:04.0778 4888 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:31:04.0962 4888 osppsvc - ok
16:31:04.0989 4888 [ 5F79934084DF6DC0635578864376CE54 ] OV550I C:\Windows\system32\Drivers\ov550ivx.sys
16:31:05.0067 4888 OV550I - ok
16:31:05.0144 4888 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:31:05.0279 4888 p2pimsvc - ok
16:31:05.0289 4888 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
16:31:05.0309 4888 p2psvc - ok
16:31:05.0445 4888 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
16:31:05.0508 4888 Parport - ok
16:31:05.0572 4888 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:31:05.0593 4888 partmgr - ok
16:31:05.0616 4888 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
16:31:05.0733 4888 PcaSvc - ok
16:31:05.0765 4888 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
16:31:05.0799 4888 pci - ok
16:31:05.0812 4888 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
16:31:05.0831 4888 pciide - ok
16:31:05.0880 4888 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:31:05.0917 4888 pcmcia - ok
16:31:06.0002 4888 [ 4678535614BD147D1ED6F0830EA0E540 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
16:31:06.0031 4888 PCToolsSSDMonitorSvc - ok
16:31:06.0067 4888 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:31:06.0196 4888 PEAUTH - ok
16:31:06.0674 4888 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:31:06.0725 4888 PerfHost - ok
16:31:06.0898 4888 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
16:31:07.0055 4888 pla - ok
16:31:07.0103 4888 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:31:07.0163 4888 PlugPlay - ok
16:31:07.0194 4888 [ 7FE2AFB17D91CF39843D6766EA31CFC7 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:31:07.0244 4888 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:31:07.0244 4888 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:31:07.0316 4888 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:31:07.0345 4888 PNRPAutoReg - ok
16:31:07.0441 4888 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:31:07.0497 4888 PNRPsvc - ok
16:31:07.0600 4888 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:31:07.0695 4888 PolicyAgent - ok
16:31:07.0719 4888 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:31:07.0771 4888 PptpMiniport - ok
16:31:07.0817 4888 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
16:31:07.0902 4888 Processor - ok
16:31:07.0932 4888 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
16:31:07.0974 4888 ProfSvc - ok
16:31:07.0992 4888 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:31:08.0026 4888 ProtectedStorage - ok
16:31:08.0048 4888 [ 1D0A3F565397D08707F3D75B88586645 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
16:31:08.0099 4888 Ps2 - ok
16:31:08.0149 4888 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:31:08.0175 4888 PSched - ok
16:31:08.0196 4888 [ 901DBA98359966A62A6548596988E931 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:31:08.0210 4888 PxHlpa64 - ok
16:31:08.0336 4888 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:31:08.0458 4888 ql2300 - ok
16:31:08.0500 4888 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:31:08.0524 4888 ql40xx - ok
16:31:08.0585 4888 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
16:31:08.0657 4888 QWAVE - ok
16:31:08.0715 4888 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:31:08.0742 4888 QWAVEdrv - ok
16:31:08.0823 4888 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:31:08.0855 4888 RasAcd - ok
16:31:08.0873 4888 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
16:31:08.0913 4888 RasAuto - ok
16:31:08.0946 4888 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:31:08.0996 4888 Rasl2tp - ok
16:31:09.0026 4888 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
16:31:09.0083 4888 RasMan - ok
16:31:09.0126 4888 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:31:09.0198 4888 RasPppoe - ok
16:31:09.0238 4888 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:31:09.0305 4888 RasSstp - ok
16:31:09.0350 4888 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:31:09.0414 4888 rdbss - ok
16:31:09.0436 4888 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:31:09.0472 4888 RDPCDD - ok
16:31:09.0511 4888 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:31:09.0556 4888 rdpdr - ok
16:31:09.0604 4888 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:31:09.0657 4888 RDPENCDD - ok
16:31:09.0712 4888 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:31:09.0778 4888 RDPWD - ok
16:31:09.0819 4888 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:31:09.0881 4888 RemoteAccess - ok
16:31:09.0906 4888 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:31:09.0947 4888 RemoteRegistry - ok
16:31:09.0975 4888 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
16:31:10.0062 4888 RpcLocator - ok
16:31:10.0175 4888 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
16:31:10.0280 4888 RpcSs - ok
16:31:10.0315 4888 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:31:10.0409 4888 rspndr - ok
16:31:10.0471 4888 [ B263B3AEBCDE2210D1CC25756601B8EA ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
16:31:10.0502 4888 RTL8169 - ok
16:31:10.0521 4888 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
16:31:10.0532 4888 SamSs - ok
16:31:10.0560 4888 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:31:10.0578 4888 sbp2port - ok
16:31:10.0714 4888 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:31:10.0767 4888 SBSDWSCService - ok
16:31:10.0821 4888 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:31:10.0879 4888 SCardSvr - ok
16:31:10.0964 4888 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
16:31:11.0187 4888 Schedule - ok
16:31:11.0218 4888 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:31:11.0252 4888 SCPolicySvc - ok
16:31:11.0276 4888 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:31:11.0339 4888 SDRSVC - ok
16:31:11.0379 4888 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:31:11.0459 4888 secdrv - ok
16:31:11.0485 4888 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
16:31:11.0539 4888 seclogon - ok
16:31:11.0596 4888 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
16:31:11.0666 4888 SENS - ok
16:31:11.0693 4888 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:31:11.0781 4888 Serenum - ok
16:31:11.0813 4888 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
16:31:11.0877 4888 Serial - ok
16:31:11.0999 4888 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:31:12.0060 4888 sermouse - ok
16:31:12.0100 4888 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
16:31:12.0158 4888 SessionEnv - ok
16:31:12.0174 4888 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:31:12.0212 4888 sffdisk - ok
16:31:12.0226 4888 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:31:12.0291 4888 sffp_mmc - ok
16:31:12.0312 4888 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:31:12.0370 4888 sffp_sd - ok
16:31:12.0398 4888 [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:31:12.0431 4888 sfloppy - ok
16:31:12.0491 4888 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:31:12.0570 4888 SharedAccess - ok
16:31:12.0670 4888 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:31:12.0714 4888 ShellHWDetection - ok
16:31:12.0736 4888 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:31:12.0758 4888 SiSRaid2 - ok
16:31:12.0775 4888 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:31:12.0797 4888 SiSRaid4 - ok
16:31:12.0859 4888 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:31:12.0870 4888 SkypeUpdate - ok
16:31:13.0167 4888 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
16:31:13.0321 4888 slsvc - ok
16:31:13.0381 4888 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:31:13.0432 4888 SLUINotify - ok
16:31:13.0462 4888 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:31:13.0512 4888 Smb - ok
16:31:13.0555 4888 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:31:13.0594 4888 SNMPTRAP - ok
16:31:13.0618 4888 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
16:31:13.0638 4888 spldr - ok
16:31:13.0674 4888 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
16:31:13.0733 4888 Spooler - ok
16:31:13.0783 4888 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
16:31:13.0855 4888 srv - ok
16:31:13.0885 4888 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:31:13.0930 4888 srv2 - ok
16:31:13.0965 4888 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:31:14.0015 4888 srvnet - ok
16:31:14.0046 4888 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:31:14.0087 4888 SSDPSRV - ok
16:31:14.0152 4888 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:31:14.0203 4888 SstpSvc - ok
16:31:14.0240 4888 [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:31:14.0262 4888 StillCam - ok
16:31:14.0359 4888 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
16:31:14.0429 4888 stisvc - ok
16:31:14.0455 4888 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:31:14.0480 4888 swenum - ok
16:31:14.0595 4888 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:31:14.0617 4888 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:31:14.0617 4888 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:31:14.0703 4888 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
16:31:14.0786 4888 swprv - ok
16:31:14.0837 4888 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:31:14.0855 4888 Symc8xx - ok
16:31:14.0882 4888 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:31:14.0907 4888 Sym_hi - ok
16:31:14.0923 4888 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:31:14.0934 4888 Sym_u3 - ok
16:31:15.0029 4888 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
16:31:15.0249 4888 SysMain - ok
16:31:15.0286 4888 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:31:15.0323 4888 TabletInputService - ok
16:31:15.0416 4888 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:31:15.0479 4888 TapiSrv - ok
16:31:15.0500 4888 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
16:31:15.0541 4888 TBS - ok
16:31:15.0674 4888 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:31:15.0919 4888 Tcpip - ok
16:31:16.0073 4888 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:31:16.0181 4888 Tcpip6 - ok
16:31:16.0235 4888 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:31:16.0281 4888 tcpipreg - ok
16:31:16.0322 4888 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:31:16.0379 4888 TDPIPE - ok
16:31:16.0446 4888 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:31:16.0505 4888 TDTCP - ok
16:31:16.0579 4888 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:31:16.0613 4888 tdx - ok
16:31:16.0638 4888 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:31:16.0657 4888 TermDD - ok
16:31:16.0760 4888 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
16:31:16.0962 4888 TermService - ok
16:31:16.0991 4888 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
16:31:17.0005 4888 Themes - ok
16:31:17.0023 4888 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
16:31:17.0061 4888 THREADORDER - ok
16:31:17.0093 4888 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
16:31:17.0153 4888 TrkWks - ok
16:31:17.0237 4888 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:31:17.0290 4888 TrustedInstaller - ok
16:31:17.0339 4888 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:31:17.0385 4888 tssecsrv - ok
16:31:17.0897 4888 [ 83F0F99C1A0C80141A255EF2109E688F ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
16:31:18.0031 4888 TuneUp.UtilitiesSvc - ok
16:31:18.0098 4888 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
16:31:18.0106 4888 TuneUpUtilitiesDrv - ok
16:31:18.0136 4888 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:31:18.0166 4888 tunmp - ok
16:31:18.0195 4888 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:31:18.0222 4888 tunnel - ok
16:31:18.0252 4888 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:31:18.0270 4888 uagp35 - ok
16:31:18.0342 4888 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:31:18.0402 4888 udfs - ok
16:31:18.0437 4888 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:31:18.0492 4888 UI0Detect - ok
16:31:18.0515 4888 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:31:18.0532 4888 uliagpkx - ok
16:31:18.0560 4888 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:31:18.0607 4888 uliahci - ok
16:31:18.0636 4888 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:31:18.0662 4888 UlSata - ok
16:31:18.0682 4888 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:31:18.0720 4888 ulsata2 - ok
16:31:18.0738 4888 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:31:18.0766 4888 umbus - ok
16:31:18.0925 4888 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:31:18.0950 4888 UMVPFSrv - ok
16:31:18.0989 4888 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
16:31:19.0079 4888 upnphost - ok
16:31:19.0144 4888 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:31:19.0169 4888 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
16:31:19.0170 4888 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
16:31:19.0197 4888 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:31:19.0253 4888 usbaudio - ok
16:31:19.0279 4888 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:31:19.0302 4888 usbccgp - ok
16:31:19.0387 4888 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:31:19.0449 4888 usbcir - ok
16:31:19.0529 4888 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:31:19.0551 4888 usbehci - ok
16:31:19.0574 4888 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:31:19.0642 4888 usbhub - ok
16:31:19.0678 4888 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:31:19.0720 4888 usbohci - ok
16:31:19.0746 4888 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:31:19.0774 4888 usbprint - ok
16:31:19.0863 4888 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:31:19.0910 4888 usbscan - ok
16:31:20.0027 4888 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:31:20.0079 4888 USBSTOR - ok
16:31:20.0095 4888 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:31:20.0117 4888 usbuhci - ok
16:31:20.0160 4888 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
16:31:20.0201 4888 UxSms - ok
16:31:20.0262 4888 [ 80AC76EEE67EB279F32FF95B19099F01 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
16:31:20.0271 4888 UxTuneUp - ok
16:31:20.0326 4888 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
16:31:20.0407 4888 vds - ok
16:31:20.0467 4888 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:31:20.0510 4888 vga - ok
16:31:20.0593 4888 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:31:20.0631 4888 VgaSave - ok
16:31:20.0690 4888 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
16:31:20.0700 4888 viaide - ok
16:31:20.0718 4888 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:31:21.0389 4888 volmgr - ok
16:31:21.0486 4888 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:31:21.0514 4888 volmgrx - ok
16:31:21.0586 4888 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:31:21.0635 4888 volsnap - ok
16:31:21.0708 4888 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:31:21.0723 4888 vsmraid - ok
16:31:21.0890 4888 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
16:31:22.0257 4888 VSS - ok
16:31:22.0341 4888 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
16:31:22.0465 4888 W32Time - ok
16:31:22.0485 4888 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:31:22.0559 4888 WacomPen - ok
16:31:22.0593 4888 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:31:22.0645 4888 Wanarp - ok
16:31:22.0667 4888 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:31:22.0688 4888 Wanarpv6 - ok
16:31:22.0756 4888 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:31:22.0882 4888 wcncsvc - ok
16:31:22.0912 4888 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:31:22.0972 4888 WcsPlugInService - ok
16:31:23.0004 4888 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
16:31:23.0020 4888 Wd - ok
16:31:23.0190 4888 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:31:23.0295 4888 Wdf01000 - ok
16:31:23.0326 4888 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:31:23.0388 4888 WdiServiceHost - ok
16:31:23.0396 4888 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:31:23.0424 4888 WdiSystemHost - ok
16:31:23.0454 4888 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
16:31:23.0513 4888 WebClient - ok
16:31:23.0558 4888 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:31:23.0604 4888 Wecsvc - ok
16:31:23.0652 4888 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:31:23.0712 4888 wercplsupport - ok
16:31:23.0736 4888 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
16:31:23.0778 4888 WerSvc - ok
16:31:23.0844 4888 WinDefend - ok
16:31:23.0847 4888 WinHttpAutoProxySvc - ok
16:31:23.0986 4888 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:31:24.0038 4888 Winmgmt - ok
16:31:24.0172 4888 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
16:31:24.0585 4888 WinRM - ok
16:31:24.0691 4888 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:31:24.0949 4888 Wlansvc - ok
16:31:25.0400 4888 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:31:25.0907 4888 wlidsvc - ok
16:31:25.0979 4888 [ 89F278FBC9FCDD63BDC0E7A27E6C8DA9 ] WLNdis50 C:\Windows\system32\DRIVERS\wlndis50.sys
16:31:26.0035 4888 WLNdis50 - ok
16:31:26.0073 4888 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:31:26.0111 4888 WmiAcpi - ok
16:31:26.0160 4888 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:31:26.0228 4888 wmiApSrv - ok
16:31:26.0262 4888 WMPNetworkSvc - ok
16:31:26.0316 4888 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:31:26.0472 4888 WPCSvc - ok
16:31:26.0497 4888 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:31:26.0571 4888 WPDBusEnum - ok
16:31:26.0622 4888 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:31:26.0678 4888 WpdUsb - ok
16:31:27.0247 4888 [ 8E344C1B4FE7EDE0E9055405B9987862 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:31:27.0282 4888 WPFFontCache_v0400 - ok
16:31:27.0349 4888 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:31:27.0402 4888 ws2ifsl - ok
16:31:27.0432 4888 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
16:31:27.0475 4888 wscsvc - ok
16:31:27.0478 4888 WSearch - ok
16:31:27.0671 4888 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:31:27.0795 4888 wuauserv - ok
16:31:27.0867 4888 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:31:27.0921 4888 WudfPf - ok
16:31:27.0950 4888 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:31:27.0990 4888 WUDFRd - ok
16:31:28.0013 4888 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:31:28.0067 4888 wudfsvc - ok
16:31:28.0191 4888 [ 177590B0D2F8BE513626BB8C8D6E6A08 ] {22D78859-9CE9-4B77-BF18-AC83E81A9263} C:\Program Files (x86)\HP\DVDPlay\000.fcl
16:31:28.0210 4888 {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
16:31:28.0213 4888 ================ Scan global ===============================
16:31:28.0238 4888 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
16:31:28.0294 4888 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:31:28.0322 4888 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:31:28.0383 4888 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
16:31:28.0396 4888 [Global] - ok
16:31:28.0396 4888 ================ Scan MBR ==================================
16:31:28.0416 4888 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
16:31:29.0910 4888 \Device\Harddisk0\DR0 - ok
16:31:29.0952 4888 [ 4606A12AED5E4CE105136C6C9C8EA568 ] \Device\Harddisk1\DR1
16:31:30.0674 4888 \Device\Harddisk1\DR1 - ok
16:31:30.0675 4888 ================ Scan VBR ==================================
16:31:30.0738 4888 [ 670851EFE550B724034E9DC89C2A22EC ] \Device\Harddisk0\DR0\Partition1
16:31:30.0752 4888 \Device\Harddisk0\DR0\Partition1 - ok
16:31:30.0786 4888 [ F85FE992A8FE7ECEB047377B0F9AD067 ] \Device\Harddisk0\DR0\Partition2
16:31:30.0809 4888 \Device\Harddisk0\DR0\Partition2 - ok
16:31:30.0860 4888 [ FF5F7A73F982013B25E75F437CEF2C0F ] \Device\Harddisk1\DR1\Partition1
16:31:30.0861 4888 \Device\Harddisk1\DR1\Partition1 - ok
16:31:30.0879 4888 [ A7503AEA56BFCEFB9AEED4BE65012A59 ] \Device\Harddisk1\DR1\Partition2
16:31:30.0880 4888 \Device\Harddisk1\DR1\Partition2 - ok
16:31:30.0880 4888 ============================================================
16:31:30.0880 4888 Scan finished
16:31:30.0880 4888 ============================================================
16:31:30.0886 4388 Detected object count: 8
16:31:30.0886 4388 Actual detected object count: 8
16:32:45.0024 4388 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0025 4388 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:45.0026 4388 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0026 4388 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:45.0027 4388 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0027 4388 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:45.0028 4388 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0028 4388 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:45.0028 4388 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0028 4388 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:45.0029 4388 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0029 4388 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:45.0030 4388 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0030 4388 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:45.0031 4388 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:45.0031 4388 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:34:49.0549 5600 ============================================================
16:34:49.0549 5600 Scan started
16:34:49.0549 5600 Mode: Manual; SigCheck; TDLFS;
16:34:49.0549 5600 ============================================================
16:34:50.0138 5600 ================ Scan system memory ========================
16:34:50.0138 5600 System memory - ok
16:34:50.0138 5600 ================ Scan services =============================
16:34:50.0618 5600 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:34:50.0635 5600 ACDaemon - ok
16:34:53.0707 5600 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:34:53.0723 5600 ACPI - ok
16:34:53.0765 5600 [ 198D2EC47401B7EF8A68E763D1A1DC19 ] ACSSCR C:\Windows\system32\DRIVERS\a38usb.sys
16:34:53.0776 5600 ACSSCR - ok
16:34:53.0829 5600 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
16:34:53.0837 5600 adfs - ok
16:34:54.0119 5600 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:34:54.0130 5600 AdobeARMservice - ok
16:34:55.0262 5600 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:34:55.0273 5600 AdobeFlashPlayerUpdateSvc - ok
16:34:55.0411 5600 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:34:55.0441 5600 adp94xx - ok
16:34:55.0536 5600 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:34:55.0559 5600 adpahci - ok
16:34:55.0593 5600 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:34:55.0604 5600 adpu160m - ok
16:34:55.0685 5600 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:34:55.0697 5600 adpu320 - ok
16:34:55.0745 5600 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:34:55.0766 5600 AeLookupSvc - ok
16:34:55.0898 5600 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
16:34:55.0907 5600 Afc - ok
16:34:56.0062 5600 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
16:34:56.0098 5600 AFD - ok
16:34:56.0156 5600 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:34:56.0166 5600 agp440 - ok
16:34:56.0234 5600 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:34:56.0245 5600 aic78xx - ok
16:34:56.0274 5600 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
16:34:56.0303 5600 ALG - ok
16:34:56.0377 5600 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
16:34:56.0387 5600 aliide - ok
16:34:56.0433 5600 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
16:34:56.0443 5600 amdide - ok
16:34:56.0511 5600 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:34:56.0538 5600 AmdK8 - ok
16:34:56.0605 5600 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
16:34:56.0617 5600 Appinfo - ok
16:34:56.0920 5600 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:34:56.0932 5600 Apple Mobile Device - ok
16:34:56.0996 5600 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
16:34:57.0008 5600 arc - ok
16:34:57.0057 5600 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:34:57.0068 5600 arcsas - ok
16:34:57.0101 5600 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:34:57.0128 5600 AsyncMac - ok
16:34:57.0182 5600 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
16:34:57.0192 5600 atapi - ok
16:34:57.0358 5600 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:34:57.0397 5600 AudioEndpointBuilder - ok
16:34:57.0515 5600 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:34:57.0557 5600 AudioSrv - ok
16:34:57.0719 5600 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
16:34:57.0755 5600 BFE - ok
16:34:58.0067 5600 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
16:34:58.0168 5600 BITS - ok
16:34:58.0233 5600 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:34:58.0281 5600 blbdrive - ok
16:34:58.0606 5600 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:34:58.0639 5600 Bonjour Service - ok
16:34:58.0707 5600 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:34:58.0734 5600 bowser - ok
16:34:58.0800 5600 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:34:58.0839 5600 BrFiltLo - ok
16:34:58.0897 5600 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:34:58.0930 5600 BrFiltUp - ok
16:34:58.0999 5600 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
16:34:59.0058 5600 Browser - ok
16:34:59.0136 5600 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
16:34:59.0242 5600 Brserid - ok
16:34:59.0325 5600 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:34:59.0376 5600 BrSerWdm - ok
16:34:59.0416 5600 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:34:59.0481 5600 BrUsbMdm - ok
16:34:59.0542 5600 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:34:59.0594 5600 BrUsbSer - ok
16:34:59.0662 5600 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:34:59.0712 5600 BTHMODEM - ok
16:34:59.0761 5600 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:34:59.0822 5600 cdfs - ok
16:34:59.0893 5600 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:34:59.0955 5600 cdrom - ok
16:35:00.0024 5600 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
16:35:00.0056 5600 CertPropSvc - ok
16:35:00.0092 5600 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:35:00.0143 5600 circlass - ok
16:35:00.0278 5600 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
16:35:00.0503 5600 CLFS - ok
16:35:00.0598 5600 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:35:00.0608 5600 clr_optimization_v2.0.50727_32 - ok
16:35:00.0964 5600 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:35:00.0973 5600 clr_optimization_v2.0.50727_64 - ok
16:35:01.0438 5600 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:35:01.0448 5600 clr_optimization_v4.0.30319_32 - ok
16:35:01.0910 5600 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:35:01.0920 5600 clr_optimization_v4.0.30319_64 - ok
16:35:01.0983 5600 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:35:02.0008 5600 cmdide - ok
16:35:02.0061 5600 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:35:02.0083 5600 Compbatt - ok
16:35:02.0086 5600 COMSysApp - ok
16:35:02.0129 5600 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:35:02.0156 5600 crcdisk - ok
16:35:02.0242 5600 [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:35:02.0319 5600 CryptSvc - ok
16:35:02.0547 5600 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:35:02.0731 5600 DcomLaunch - ok
16:35:02.0776 5600 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:35:02.0807 5600 DfsC - ok
16:35:03.0682 5600 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
16:35:04.0594 5600 DFSR - ok
16:35:04.0715 5600 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:35:04.0799 5600 Dhcp - ok
16:35:04.0848 5600 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
16:35:04.0890 5600 disk - ok
16:35:05.0671 5600 [ 2E279CABD74C2BD983E40210EA80B702 ] Diskeeper C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
16:35:05.0792 5600 Diskeeper - ok
16:35:05.0831 5600 [ 87DF6F629C01B91AD24D64BCA6C04DD5 ] DKDFM C:\Windows\system32\drivers\DKDFM.sys
16:35:05.0856 5600 DKDFM - ok
16:35:05.0896 5600 [ 2F396041C93C45153F075D709F34C801 ] DKRtWrt C:\Windows\system32\DRIVERS\DKRtWrt.sys
16:35:05.0915 5600 DKRtWrt - ok
16:35:05.0972 5600 [ 15BFCEBC1E7D9C165CBEFB4D98D96262 ] DKTLFSMF C:\Windows\system32\drivers\DKTLFSMF.sys
16:35:06.0024 5600 DKTLFSMF - ok
16:35:06.0084 5600 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:35:06.0137 5600 Dnscache - ok
16:35:06.0206 5600 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
16:35:06.0277 5600 dot3svc - ok
16:35:06.0358 5600 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:35:06.0408 5600 Dot4 - ok
16:35:06.0431 5600 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:35:06.0459 5600 Dot4Print - ok
16:35:06.0481 5600 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:35:06.0543 5600 dot4usb - ok
16:35:06.0617 5600 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
16:35:06.0687 5600 DPS - ok
16:35:06.0773 5600 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:35:06.0794 5600 drmkaud - ok
16:35:07.0045 5600 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:35:07.0204 5600 DXGKrnl - ok
16:35:07.0301 5600 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
16:35:07.0332 5600 E1G60 - ok
16:35:07.0491 5600 [ 398904F1FBF13CEF0FCB822E9CA5F2D5 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
16:35:07.0533 5600 eamonm - ok
16:35:07.0588 5600 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
16:35:07.0647 5600 EapHost - ok
16:35:07.0719 5600 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:35:07.0756 5600 Ecache - ok
16:35:07.0818 5600 [ 9E39134330C18CBAC0F24C1283701D7E ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
16:35:07.0848 5600 ehdrv - ok
16:35:07.0965 5600 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:35:07.0994 5600 ehRecvr - ok
16:35:08.0023 5600 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
16:35:08.0034 5600 ehSched - ok
16:35:08.0082 5600 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
16:35:08.0093 5600 ehstart - ok
16:35:08.0545 5600 [ 7FE34FD5652C54BDA8D2DF8AC92E833A ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
16:35:08.0694 5600 ekrn - ok
16:35:08.0806 5600 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:35:09.0001 5600 elxstor - ok
16:35:09.0150 5600 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:35:09.0215 5600 EMDMgmt - ok
16:35:09.0285 5600 [ B4E8DC817963B256537B1EC09AF0647E ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
16:35:09.0312 5600 epfwwfpr - ok
16:35:09.0381 5600 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:35:09.0408 5600 ErrDev - ok
16:35:09.0448 5600 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
16:35:09.0493 5600 EventSystem - ok
16:35:09.0570 5600 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
16:35:09.0602 5600 exfat - ok
16:35:09.0605 5600 ezSharedSvc - ok
16:35:09.0685 5600 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:35:09.0720 5600 fastfat - ok
16:35:09.0766 5600 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:35:09.0794 5600 fdc - ok
16:35:09.0838 5600 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
16:35:09.0866 5600 fdPHost - ok
16:35:09.0914 5600 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
16:35:09.0956 5600 FDResPub - ok
16:35:10.0023 5600 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:35:10.0047 5600 FileInfo - ok
16:35:10.0105 5600 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:35:10.0133 5600 Filetrace - ok
16:35:10.0237 5600 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:35:10.0264 5600 FLEXnet Licensing Service - ok
16:35:10.0289 5600 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:35:10.0317 5600 flpydisk - ok
16:35:10.0359 5600 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:35:10.0391 5600 FltMgr - ok
16:35:10.0454 5600 [ F20A97F51C104DD0A163251325460747 ] FontCache C:\Windows\system32\FntCache.dll
16:35:10.0577 5600 FontCache - ok
16:35:10.0628 5600 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:35:10.0636 5600 FontCache3.0.0.0 - ok
16:35:10.0685 5600 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:35:10.0732 5600 Fs_Rec - ok
16:35:10.0768 5600 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:35:10.0797 5600 gagp30kx - ok
16:35:10.0908 5600 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:35:10.0918 5600 GamesAppService - ok
16:35:11.0055 5600 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
16:35:11.0317 5600 gpsvc - ok
16:35:11.0409 5600 gupdate - ok
16:35:11.0426 5600 gupdatem - ok
16:35:11.0478 5600 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:35:11.0488 5600 gusvc - ok
16:35:11.0661 5600 [ EBCCAF7D68E7878048D1F44A6325FB58 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
16:35:11.0702 5600 HCW85BDA - ok
16:35:11.0862 5600 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:35:11.0902 5600 HDAudBus - ok
16:35:11.0934 5600 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:35:11.0988 5600 HidBth - ok
16:35:12.0047 5600 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:35:12.0070 5600 HidIr - ok
16:35:12.0095 5600 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
16:35:12.0117 5600 hidserv - ok
16:35:12.0142 5600 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:35:12.0163 5600 HidUsb - ok
16:35:12.0239 5600 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
16:35:12.0268 5600 hkmsvc - ok
16:35:12.0396 5600 [ CB383AB0B8BA871D893B86D3C9A3ED9F ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
16:35:12.0400 5600 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
16:35:12.0400 5600 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
16:35:12.0526 5600 [ DEB82AF183F1CD06813D91ED104C645C ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe
16:35:12.0536 5600 HPBtnSrv - ok
16:35:12.0585 5600 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:35:12.0596 5600 HpCISSs - ok
16:35:12.0836 5600 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:35:12.0841 5600 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:35:12.0841 5600 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:35:12.0881 5600 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:35:12.0885 5600 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:35:12.0886 5600 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:35:13.0023 5600 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:35:13.0104 5600 HTTP - ok
16:35:13.0183 5600 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:35:13.0203 5600 i2omp - ok
16:35:13.0254 5600 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:35:13.0275 5600 i8042prt - ok
16:35:13.0412 5600 [ 1117AF8C53AA278A4C5B7EF1B00E08F4 ] IAANTMON C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
16:35:13.0426 5600 IAANTMON - ok
16:35:13.0514 5600 [ 8EACF469269FB1509561961A3188F670 ] iaStor C:\Windows\system32\drivers\iastor.sys
16:35:13.0551 5600 iaStor - ok
16:35:13.0603 5600 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:35:14.0927 5600 iaStorV - ok
16:35:15.0069 5600 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:35:15.0101 5600 idsvc - ok
16:35:15.0151 5600 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:35:15.0162 5600 iirsp - ok
16:35:15.0230 5600 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
16:35:15.0277 5600 IKEEXT - ok
16:35:15.0394 5600 [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:35:15.0585 5600 IntcAzAudAddService - ok
16:35:15.0632 5600 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
16:35:15.0643 5600 intelide - ok
16:35:15.0676 5600 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:35:15.0704 5600 intelppm - ok
16:35:15.0744 5600 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:35:15.0785 5600 IPBusEnum - ok
16:35:15.0869 5600 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:35:15.0905 5600 IpFilterDriver - ok
16:35:15.0949 5600 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:35:15.0987 5600 iphlpsvc - ok
16:35:15.0991 5600 IpInIp - ok
16:35:16.0048 5600 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:35:16.0079 5600 IPMIDRV - ok
16:35:16.0108 5600 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:35:16.0154 5600 IPNAT - ok
16:35:16.0273 5600 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:35:16.0298 5600 iPod Service - ok
16:35:16.0367 5600 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:35:16.0395 5600 IRENUM - ok
16:35:16.0425 5600 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:35:16.0437 5600 isapnp - ok
16:35:16.0466 5600 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:35:16.0488 5600 iScsiPrt - ok
16:35:16.0507 5600 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:35:16.0517 5600 iteatapi - ok
16:35:16.0547 5600 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:35:16.0558 5600 iteraid - ok
16:35:16.0631 5600 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:35:16.0663 5600 kbdclass - ok
16:35:16.0692 5600 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:35:16.0714 5600 kbdhid - ok
16:35:16.0759 5600 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
16:35:16.0802 5600 KeyIso - ok
16:35:16.0882 5600 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:35:16.0939 5600 KSecDD - ok
16:35:16.0994 5600 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:35:17.0022 5600 ksthunk - ok
16:35:17.0102 5600 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
16:35:17.0166 5600 KtmRm - ok
16:35:17.0222 5600 [ 334B862086FA9976D41A58F199ABDC98 ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
16:35:17.0231 5600 L8042mou - ok
16:35:17.0259 5600 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:35:17.0326 5600 LanmanServer - ok
16:35:17.0365 5600 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:35:17.0402 5600 LanmanWorkstation - ok
16:35:17.0515 5600 [ 7CDB827D183C3A29EDAC9E62E399488A ] LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
16:35:17.0524 5600 LBTServ - ok
16:35:17.0555 5600 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
16:35:17.0564 5600 LGBusEnum - ok
16:35:17.0639 5600 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
16:35:17.0647 5600 LGVirHid - ok
16:35:17.0713 5600 [ 83E05435F4D2C0F0A1FD74C41DED44E5 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:35:17.0736 5600 LHidFilt - ok
16:35:17.0835 5600 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:35:17.0839 5600 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:35:17.0839 5600 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:35:17.0901 5600 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:35:17.0929 5600 lltdio - ok
16:35:17.0969 5600 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:35:18.0045 5600 lltdsvc - ok
16:35:18.0101 5600 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:35:18.0137 5600 lmhosts - ok
16:35:18.0163 5600 [ ABCBC7271C33567D686C91CF690CF2EB ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:35:18.0171 5600 LMouFilt - ok
16:35:18.0188 5600 [ 5C3ADFD8B967534AAE431EB70221B648 ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
16:35:18.0197 5600 LMouKE - ok
16:35:18.0224 5600 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:35:18.0237 5600 LSI_FC - ok
16:35:18.0277 5600 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:35:18.0305 5600 LSI_SAS - ok
16:35:18.0326 5600 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:35:18.0374 5600 LSI_SCSI - ok
16:35:18.0399 5600 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
16:35:18.0428 5600 luafv - ok
16:35:18.0469 5600 [ 80E635FFB320912179F40AB3A0307980 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:35:18.0477 5600 LUsbFilt - ok
16:35:18.0481 5600 LVcKap64 - ok
16:35:18.0680 5600 [ 70F452363EC50149697B0DF4FC3CF171 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
16:35:18.0771 5600 lvpopf64 - ok
16:35:18.0835 5600 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:35:18.0844 5600 LVPr2M64 - ok
16:35:18.0860 5600 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:35:18.0868 5600 LVPr2Mon - ok
16:35:18.0901 5600 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
16:35:18.0933 5600 LVRS64 - ok
16:35:18.0959 5600 [ 6562FCEE704F14C05F5338B147D67A16 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
16:35:18.0968 5600 LVUSBS64 - ok
16:35:19.0582 5600 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
16:35:19.0734 5600 LVUVC64 - ok
16:35:19.0738 5600 MagicTune - ok
16:35:19.0869 5600 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:35:19.0886 5600 MBAMProtector - ok
16:35:19.0971 5600 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:35:20.0009 5600 MBAMScheduler - ok
16:35:20.0077 5600 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:35:20.0108 5600 MBAMService - ok
16:35:20.0234 5600 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:35:20.0258 5600 Mcx2Svc - ok
16:35:20.0298 5600 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
16:35:20.0310 5600 megasas - ok
16:35:20.0341 5600 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
16:35:20.0395 5600 MegaSR - ok
16:35:20.0458 5600 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
16:35:20.0486 5600 MMCSS - ok
16:35:20.0518 5600 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
16:35:20.0546 5600 Modem - ok
16:35:20.0594 5600 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:35:20.0622 5600 monitor - ok
16:35:20.0650 5600 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:35:20.0661 5600 mouclass - ok
16:35:20.0740 5600 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:35:20.0789 5600 mouhid - ok
16:35:20.0812 5600 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:35:20.0824 5600 MountMgr - ok
16:35:20.0854 5600 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
16:35:20.0867 5600 mpio - ok
16:35:20.0905 5600 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:35:20.0945 5600 mpsdrv - ok
16:35:21.0020 5600 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
16:35:21.0077 5600 MpsSvc - ok
16:35:21.0121 5600 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:35:21.0131 5600 Mraid35x - ok
16:35:21.0157 5600 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:35:21.0172 5600 MRxDAV - ok
16:35:21.0203 5600 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:35:21.0247 5600 mrxsmb - ok
16:35:21.0293 5600 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:35:21.0327 5600 mrxsmb10 - ok
16:35:21.0355 5600 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:35:21.0369 5600 mrxsmb20 - ok
16:35:21.0445 5600 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
16:35:21.0456 5600 msahci - ok
16:35:21.0482 5600 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:35:21.0495 5600 msdsm - ok
16:35:21.0574 5600 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
16:35:21.0636 5600 MSDTC - ok
16:35:21.0667 5600 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:35:21.0695 5600 Msfs - ok
16:35:21.0725 5600 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:35:21.0736 5600 msisadrv - ok
16:35:21.0776 5600 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:35:21.0822 5600 MSiSCSI - ok
16:35:21.0825 5600 msiserver - ok
16:35:21.0861 5600 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:35:21.0891 5600 MSKSSRV - ok
16:35:21.0942 5600 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:35:21.0971 5600 MSPCLOCK - ok
16:35:21.0993 5600 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:35:22.0034 5600 MSPQM - ok
16:35:22.0066 5600 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:35:22.0099 5600 MsRPC - ok
16:35:22.0164 5600 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:35:22.0182 5600 mssmbios - ok
16:35:22.0193 5600 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:35:22.0222 5600 MSTEE - ok
16:35:22.0251 5600 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
16:35:22.0264 5600 Mup - ok
16:35:22.0314 5600 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
16:35:22.0359 5600 napagent - ok
16:35:22.0408 5600 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:35:22.0444 5600 NativeWifiP - ok
16:35:22.0519 5600 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:35:22.0559 5600 NDIS - ok
16:35:22.0597 5600 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:35:22.0620 5600 NdisTapi - ok
16:35:22.0686 5600 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:35:22.0725 5600 Ndisuio - ok
16:35:22.0753 5600 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:35:22.0791 5600 NdisWan - ok
16:35:22.0819 5600 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:35:22.0841 5600 NDProxy - ok
16:35:22.0901 5600 [ BD94210175C488F18ADD3E189EE9304C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:35:22.0925 5600 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:35:22.0925 5600 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:35:22.0957 5600 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:35:22.0986 5600 NetBIOS - ok
16:35:23.0048 5600 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:35:23.0108 5600 netbt - ok
16:35:23.0177 5600 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
16:35:23.0189 5600 Netlogon - ok
16:35:23.0239 5600 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
16:35:23.0281 5600 Netman - ok
16:35:23.0334 5600 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
16:35:23.0376 5600 netprofm - ok
16:35:23.0458 5600 [ 0E27AF88B9C2291D2FDE9FAAEBD2E9A3 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
16:35:23.0522 5600 netr7364 - ok
16:35:23.0579 5600 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:35:23.0588 5600 NetTcpPortSharing - ok
16:35:23.0616 5600 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:35:23.0627 5600 nfrd960 - ok
16:35:23.0669 5600 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
16:35:23.0730 5600 NlaSvc - ok
16:35:23.0764 5600 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:35:23.0785 5600 Npfs - ok
16:35:23.0869 5600 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
16:35:23.0898 5600 nsi - ok
16:35:23.0987 5600 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:35:24.0015 5600 nsiproxy - ok
16:35:24.0072 5600 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:35:26.0170 5600 Ntfs - ok
16:35:26.0250 5600 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
16:35:26.0279 5600 Null - ok
16:35:27.0398 5600 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:35:27.0860 5600 nvlddmkm - ok
16:35:28.0060 5600 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:35:28.0092 5600 nvraid - ok
16:35:28.0112 5600 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:35:28.0125 5600 nvstor - ok
16:35:28.0238 5600 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe
16:35:28.0314 5600 nvsvc - ok
16:35:28.0583 5600 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:35:28.0671 5600 nvUpdatusService - ok
16:35:28.0706 5600 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:35:28.0719 5600 nv_agp - ok
16:35:28.0722 5600 NwlnkFlt - ok
16:35:28.0725 5600 NwlnkFwd - ok
16:35:28.0845 5600 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:35:28.0880 5600 ohci1394 - ok
16:35:28.0934 5600 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:35:28.0944 5600 ose - ok
16:35:29.0725 5600 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:35:29.0828 5600 osppsvc - ok
16:35:29.0944 5600 [ 5F79934084DF6DC0635578864376CE54 ] OV550I C:\Windows\system32\Drivers\ov550ivx.sys
16:35:29.0959 5600 OV550I - ok
16:35:30.0202 5600 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:35:30.0258 5600 p2pimsvc - ok
16:35:30.0271 5600 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
16:35:30.0293 5600 p2psvc - ok
16:35:30.0350 5600 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
16:35:30.0415 5600 Parport - ok
16:35:30.0460 5600 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:35:30.0473 5600 partmgr - ok
16:35:30.0570 5600 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
16:35:30.0603 5600 PcaSvc - ok
16:35:30.0637 5600 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
16:35:30.0653 5600 pci - ok
16:35:30.0709 5600 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
16:35:30.0733 5600 pciide - ok
16:35:30.0761 5600 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:35:30.0776 5600 pcmcia - ok
16:35:31.0015 5600 [ 4678535614BD147D1ED6F0830EA0E540 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
16:35:31.0050 5600 PCToolsSSDMonitorSvc - ok
16:35:31.0080 5600 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:35:31.0136 5600 PEAUTH - ok
16:35:31.0446 5600 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:35:31.0474 5600 PerfHost - ok
16:35:31.0687 5600 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
16:35:31.0811 5600 pla - ok
16:35:31.0868 5600 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:35:31.0910 5600 PlugPlay - ok
16:35:31.0966 5600 [ 7FE2AFB17D91CF39843D6766EA31CFC7 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:35:31.0988 5600 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:35:31.0989 5600 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:35:32.0056 5600 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:35:32.0088 5600 PNRPAutoReg - ok
16:35:32.0100 5600 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:35:32.0148 5600 PNRPsvc - ok
16:35:32.0253 5600 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:35:32.0300 5600 PolicyAgent - ok
16:35:32.0350 5600 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:35:32.0393 5600 PptpMiniport - ok
16:35:32.0456 5600 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
16:35:32.0485 5600 Processor - ok
16:35:32.0580 5600 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
16:35:32.0620 5600 ProfSvc - ok
16:35:32.0689 5600 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:35:32.0701 5600 ProtectedStorage - ok
16:35:32.0729 5600 [ 1D0A3F565397D08707F3D75B88586645 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
16:35:32.0740 5600 Ps2 - ok
16:35:32.0764 5600 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:35:32.0786 5600 PSched - ok
16:35:32.0819 5600 [ 901DBA98359966A62A6548596988E931 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:35:32.0829 5600 PxHlpa64 - ok
16:35:32.0860 5600 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:35:32.0954 5600 ql2300 - ok
16:35:32.0998 5600 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:35:33.0027 5600 ql40xx - ok
16:35:33.0075 5600 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
16:35:33.0107 5600 QWAVE - ok
16:35:33.0156 5600 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:35:33.0169 5600 QWAVEdrv - ok
16:35:33.0205 5600 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:35:33.0233 5600 RasAcd - ok
16:35:33.0264 5600 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
16:35:33.0309 5600 RasAuto - ok
16:35:33.0337 5600 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:35:33.0376 5600 Rasl2tp - ok
16:35:33.0400 5600 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
16:35:33.0428 5600 RasMan - ok
16:35:33.0467 5600 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:35:33.0489 5600 RasPppoe - ok
16:35:33.0529 5600 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:35:33.0564 5600 RasSstp - ok
16:35:33.0650 5600 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:35:33.0685 5600 rdbss - ok
16:35:33.0719 5600 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:35:33.0747 5600 RDPCDD - ok
16:35:33.0803 5600 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:35:33.0845 5600 rdpdr - ok
16:35:33.0920 5600 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:35:33.0966 5600 RDPENCDD - ok
16:35:34.0003 5600 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:35:34.0039 5600 RDPWD - ok
16:35:34.0069 5600 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:35:34.0100 5600 RemoteAccess - ok
16:35:34.0139 5600 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:35:34.0178 5600 RemoteRegistry - ok
16:35:34.0241 5600 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
16:35:34.0255 5600 RpcLocator - ok
16:35:34.0317 5600 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
16:35:34.0363 5600 RpcSs - ok
16:35:34.0407 5600 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:35:34.0437 5600 rspndr - ok
16:35:34.0513 5600 [ B263B3AEBCDE2210D1CC25756601B8EA ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
16:35:34.0539 5600 RTL8169 - ok
16:35:34.0572 5600 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
16:35:34.0583 5600 SamSs - ok
16:35:34.0619 5600 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:35:34.0650 5600 sbp2port - ok
16:35:34.0757 5600 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:35:34.0786 5600 SBSDWSCService - ok
16:35:34.0856 5600 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:35:34.0899 5600 SCardSvr - ok
16:35:35.0032 5600 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
16:35:35.0163 5600 Schedule - ok
16:35:35.0194 5600 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:35:35.0216 5600 SCPolicySvc - ok
16:35:35.0261 5600 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:35:35.0296 5600 SDRSVC - ok
16:35:35.0322 5600 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:35:35.0364 5600 secdrv - ok
16:35:35.0387 5600 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
16:35:35.0416 5600 seclogon - ok
16:35:35.0431 5600 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
16:35:35.0479 5600 SENS - ok
16:35:35.0512 5600 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:35:35.0564 5600 Serenum - ok
16:35:35.0582 5600 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
16:35:35.0626 5600 Serial - ok
16:35:35.0651 5600 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:35:35.0679 5600 sermouse - ok
16:35:35.0745 5600 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
16:35:35.0794 5600 SessionEnv - ok
16:35:35.0868 5600 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:35:35.0896 5600 sffdisk - ok
16:35:35.0937 5600 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:35:35.0964 5600 sffp_mmc - ok
16:35:35.0998 5600 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:35:36.0026 5600 sffp_sd - ok
16:35:36.0051 5600 [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:35:36.0080 5600 sfloppy - ok
16:35:36.0185 5600 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:35:36.0230 5600 SharedAccess - ok
16:35:36.0298 5600 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:35:36.0358 5600 ShellHWDetection - ok
16:35:36.0414 5600 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:35:36.0425 5600 SiSRaid2 - ok
16:35:36.0445 5600 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:35:36.0457 5600 SiSRaid4 - ok
16:35:36.0570 5600 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:35:36.0617 5600 SkypeUpdate - ok
16:35:36.0878 5600 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
16:35:36.0988 5600 slsvc - ok
16:35:37.0084 5600 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:35:37.0122 5600 SLUINotify - ok
16:35:37.0156 5600 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:35:37.0178 5600 Smb - ok
16:35:37.0216 5600 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:35:37.0241 5600 SNMPTRAP - ok
16:35:37.0279 5600 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
16:35:37.0291 5600 spldr - ok
16:35:37.0335 5600 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
16:35:37.0381 5600 Spooler - ok
16:35:37.0419 5600 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
16:35:37.0457 5600 srv - ok
16:35:37.0546 5600 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:35:37.0576 5600 srv2 - ok
16:35:37.0626 5600 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:35:37.0672 5600 srvnet - ok
16:35:37.0698 5600 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:35:37.0745 5600 SSDPSRV - ok
16:35:37.0780 5600 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:35:37.0795 5600 SstpSvc - ok
16:35:37.0826 5600 [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:35:37.0847 5600 StillCam - ok
16:35:37.0937 5600 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
16:35:37.0999 5600 stisvc - ok
16:35:38.0075 5600 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:35:38.0085 5600 swenum - ok
16:35:38.0273 5600 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:35:38.0340 5600 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:35:38.0340 5600 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:35:38.0413 5600 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
16:35:38.0460 5600 swprv - ok
16:35:38.0481 5600 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:35:38.0492 5600 Symc8xx - ok
16:35:38.0510 5600 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:35:38.0521 5600 Sym_hi - ok
16:35:38.0543 5600 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:35:38.0555 5600 Sym_u3 - ok
16:35:38.0665 5600 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
16:35:38.0767 5600 SysMain - ok
16:35:38.0806 5600 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:35:38.0834 5600 TabletInputService - ok
16:35:38.0904 5600 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:35:40.0861 5600 TapiSrv - ok
16:35:40.0895 5600 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
16:35:40.0932 5600 TBS - ok
16:35:41.0259 5600 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:35:41.0321 5600 Tcpip - ok
16:35:41.0340 5600 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:35:41.0374 5600 Tcpip6 - ok
16:35:41.0422 5600 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:35:41.0458 5600 tcpipreg - ok
16:35:41.0476 5600 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:35:41.0504 5600 TDPIPE - ok
16:35:41.0542 5600 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:35:41.0583 5600 TDTCP - ok
16:35:41.0608 5600 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:35:41.0643 5600 tdx - ok
16:35:41.0659 5600 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:35:41.0680 5600 TermDD - ok
16:35:41.0715 5600 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
16:35:41.0746 5600 TermService - ok
16:35:41.0771 5600 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
16:35:41.0786 5600 Themes - ok
16:35:41.0795 5600 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
16:35:41.0823 5600 THREADORDER - ok
16:35:41.0874 5600 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
16:35:41.0906 5600 TrkWks - ok
16:35:41.0976 5600 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:35:42.0007 5600 TrustedInstaller - ok
16:35:42.0029 5600 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:35:42.0058 5600 tssecsrv - ok
16:35:42.0337 5600 [ 83F0F99C1A0C80141A255EF2109E688F ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
16:35:42.0423 5600 TuneUp.UtilitiesSvc - ok
16:35:42.0472 5600 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
16:35:42.0480 5600 TuneUpUtilitiesDrv - ok
16:35:42.0494 5600 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:35:42.0506 5600 tunmp - ok
16:35:42.0536 5600 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:35:42.0558 5600 tunnel - ok
16:35:42.0577 5600 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:35:42.0589 5600 uagp35 - ok
16:35:42.0609 5600 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:35:42.0646 5600 udfs - ok
16:35:42.0671 5600 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:35:42.0709 5600 UI0Detect - ok
16:35:42.0748 5600 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:35:42.0760 5600 uliagpkx - ok
16:35:42.0777 5600 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:35:42.0793 5600 uliahci - ok
16:35:42.0811 5600 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:35:42.0824 5600 UlSata - ok
16:35:42.0840 5600 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:35:42.0854 5600 ulsata2 - ok
16:35:42.0872 5600 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:35:42.0900 5600 umbus - ok
16:35:42.0984 5600 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:35:43.0003 5600 UMVPFSrv - ok
16:35:43.0023 5600 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
16:35:43.0059 5600 upnphost - ok
16:35:43.0103 5600 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:35:43.0108 5600 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
16:35:43.0108 5600 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
16:35:43.0132 5600 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:35:43.0154 5600 usbaudio - ok
16:35:43.0181 5600 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:35:43.0220 5600 usbccgp - ok
16:35:43.0255 5600 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:35:43.0315 5600 usbcir - ok
16:35:43.0381 5600 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:35:43.0428 5600 usbehci - ok
16:35:43.0483 5600 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:35:43.0554 5600 usbhub - ok
16:35:43.0605 5600 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:35:43.0665 5600 usbohci - ok
16:35:43.0730 5600 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:35:43.0767 5600 usbprint - ok
16:35:43.0823 5600 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:35:43.0863 5600 usbscan - ok
16:35:43.0895 5600 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:35:43.0917 5600 USBSTOR - ok
16:35:43.0930 5600 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:35:43.0951 5600 usbuhci - ok
16:35:43.0970 5600 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
16:35:44.0000 5600 UxSms - ok
16:35:44.0039 5600 [ 80AC76EEE67EB279F32FF95B19099F01 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
16:35:44.0048 5600 UxTuneUp - ok
16:35:44.0078 5600 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
16:35:44.0109 5600 vds - ok
16:35:44.0120 5600 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:35:44.0148 5600 vga - ok
16:35:44.0163 5600 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:35:44.0208 5600 VgaSave - ok
16:35:44.0226 5600 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
16:35:44.0237 5600 viaide - ok
16:35:44.0247 5600 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:35:44.0260 5600 volmgr - ok
16:35:44.0289 5600 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:35:44.0310 5600 volmgrx - ok
16:35:44.0330 5600 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:35:44.0346 5600 volsnap - ok
16:35:44.0361 5600 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:35:44.0393 5600 vsmraid - ok
16:35:44.0631 5600 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
16:35:44.0710 5600 VSS - ok
16:35:44.0783 5600 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
16:35:44.0837 5600 W32Time - ok
16:35:44.0861 5600 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:35:44.0903 5600 WacomPen - ok
16:35:44.0944 5600 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:35:44.0977 5600 Wanarp - ok
16:35:44.0980 5600 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:35:45.0001 5600 Wanarpv6 - ok
16:35:45.0150 5600 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:35:45.0204 5600 wcncsvc - ok
16:35:45.0246 5600 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:35:45.0281 5600 WcsPlugInService - ok
16:35:45.0296 5600 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
16:35:45.0307 5600 Wd - ok
16:35:45.0383 5600 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:35:45.0416 5600 Wdf01000 - ok
16:35:45.0445 5600 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:35:45.0495 5600 WdiServiceHost - ok
16:35:45.0498 5600 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:35:45.0526 5600 WdiSystemHost - ok
16:35:45.0547 5600 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
16:35:45.0579 5600 WebClient - ok
16:35:45.0611 5600 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:35:45.0639 5600 Wecsvc - ok
16:35:45.0654 5600 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:35:45.0677 5600 wercplsupport - ok
16:35:45.0689 5600 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
16:35:45.0712 5600 WerSvc - ok
16:35:45.0730 5600 WinDefend - ok
16:35:45.0733 5600 WinHttpAutoProxySvc - ok
16:35:45.0872 5600 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:35:45.0903 5600 Winmgmt - ok
16:35:46.0215 5600 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
16:35:46.0294 5600 WinRM - ok
16:35:46.0437 5600 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:35:46.0472 5600 Wlansvc - ok
16:35:46.0623 5600 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:35:46.0686 5600 wlidsvc - ok
16:35:46.0771 5600 [ 89F278FBC9FCDD63BDC0E7A27E6C8DA9 ] WLNdis50 C:\Windows\system32\DRIVERS\wlndis50.sys
16:35:46.0795 5600 WLNdis50 - ok
16:35:46.0832 5600 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:35:46.0853 5600 WmiAcpi - ok
16:35:46.0877 5600 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:35:46.0901 5600 wmiApSrv - ok
16:35:46.0921 5600 WMPNetworkSvc - ok
16:35:46.0983 5600 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:35:47.0010 5600 WPCSvc - ok
16:35:47.0040 5600 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:35:47.0068 5600 WPDBusEnum - ok
16:35:47.0107 5600 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:35:47.0119 5600 WpdUsb - ok
16:35:47.0409 5600 [ 8E344C1B4FE7EDE0E9055405B9987862 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:35:47.0456 5600 WPFFontCache_v0400 - ok
16:35:47.0502 5600 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:35:47.0532 5600 ws2ifsl - ok
16:35:47.0585 5600 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
16:35:47.0615 5600 wscsvc - ok
16:35:47.0619 5600 WSearch - ok
16:35:47.0899 5600 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:35:48.0022 5600 wuauserv - ok
16:35:48.0062 5600 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:35:48.0076 5600 WudfPf - ok
16:35:48.0169 5600 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:35:48.0184 5600 WUDFRd - ok
16:35:48.0274 5600 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:35:48.0306 5600 wudfsvc - ok
16:35:48.0510 5600 [ 177590B0D2F8BE513626BB8C8D6E6A08 ] {22D78859-9CE9-4B77-BF18-AC83E81A9263} C:\Program Files (x86)\HP\DVDPlay\000.fcl
16:35:48.0540 5600 {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
16:35:48.0544 5600 ================ Scan global ===============================
16:35:48.0598 5600 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
16:35:48.0630 5600 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:35:48.0644 5600 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:35:48.0677 5600 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
16:35:48.0683 5600 [Global] - ok
16:35:48.0684 5600 ================ Scan MBR ==================================
16:35:48.0693 5600 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
16:35:49.0792 5600 \Device\Harddisk0\DR0 - ok
16:35:49.0794 5600 [ 4606A12AED5E4CE105136C6C9C8EA568 ] \Device\Harddisk1\DR1
16:35:49.0834 5600 \Device\Harddisk1\DR1 - ok
16:35:49.0834 5600 ================ Scan VBR ==================================
16:35:49.0838 5600 [ 670851EFE550B724034E9DC89C2A22EC ] \Device\Harddisk0\DR0\Partition1
16:35:49.0844 5600 \Device\Harddisk0\DR0\Partition1 - ok
16:35:49.0862 5600 [ F85FE992A8FE7ECEB047377B0F9AD067 ] \Device\Harddisk0\DR0\Partition2
16:35:49.0872 5600 \Device\Harddisk0\DR0\Partition2 - ok
16:35:49.0874 5600 [ FF5F7A73F982013B25E75F437CEF2C0F ] \Device\Harddisk1\DR1\Partition1
16:35:49.0875 5600 \Device\Harddisk1\DR1\Partition1 - ok
16:35:49.0877 5600 [ A7503AEA56BFCEFB9AEED4BE65012A59 ] \Device\Harddisk1\DR1\Partition2
16:35:49.0878 5600 \Device\Harddisk1\DR1\Partition2 - ok
16:35:49.0879 5600 ============================================================
16:35:49.0879 5600 Scan finished
16:35:49.0879 5600 ============================================================
16:35:49.0883 5224 Detected object count: 8
16:35:49.0883 5224 Actual detected object count: 8
16:36:16.0163 5224 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0163 5224 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:36:16.0164 5224 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0164 5224 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:36:16.0165 5224 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0165 5224 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:36:16.0166 5224 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0166 5224 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:36:16.0167 5224 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0167 5224 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:36:16.0167 5224 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0167 5224 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:36:16.0168 5224 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0168 5224 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:36:16.0169 5224 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:16.0169 5224 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:40:36.0522 3380 Deinitialize success

Opnieuw gestart en logbestand ingeladen (was te groot voor deze topic).

HiJack-This als administrator uitgevoerd.

Nieuwe log hierbij :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:52:01, on 25/07/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Moffsoft FreeCalc\MoffFreeCalc.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\hp\kbd\kbd.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [SSDMonitor] "C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Moffsoft FreeCalc] C:\Program Files (x86)\Moffsoft FreeCalc\MoffFreeCalc.exe /tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://fortisbank.webex.com/client/T26L10NSP49EP30/webex/ieatgpc1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Diskeeper - Condusiv Technologies - C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13294 bytes

 

[Zer0Day]

Je hebt een HijackThis Log geplaatst met een verouderde versie.
Hoewel, HijackThis op zich is sowieso al verouderd. :-/

Die O4 regel is een WORM. TDSSkiller is een ROOTKITscanner.

Doe in afwachting tot Swake online is een volledige scan met Mbam (je hebt deze zo te zien al geïnstalleerd staan).
Niet vergeten te updaten voor je de scan start. ;-)

 

[marfra10]

Hallo Anthony,

HiJack-This is inderdaad nog een oudere versie. Ik zal ze straks updaten.

In afwachting alvast MalwareBytes geupdated en "Volledige Scan" laten lopen.

Geen bedreigingen gedetecteerd, zie logbestand hierna:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
Malwarebytes : Free anti-malware download

Databaseversie: v2013.07.25.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Frank :: HP_DESKTOP [administrator]

Bescherming: Ingeschakeld

25/07/2013 18:04:02
mbam-log-2013-07-25 (18-04-02).txt

Scan type: Volledige scan (C:\|K:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 562815
Verstreken tijd: 1 uur/uren, 51 minuut/minuten, 17 seconde

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

 

[swake]

Downlod hier of
hier ComboFix naar je bureaublad. Zeer belangrijk omdat ComboFix vanop het bureaublad moet uitgevoerd worden !!!

Lees hier hoe ComboFix te gebruiken.

Bij het gebruik van ComboFix schakel eerst je antivirus en antispyware software tijdelijk uit, daar deze conflicten kunnen veroorzaken
bij het gebruik van ComboFix.
Het kan gebeuren dat de computer meerdere malen opnieuw zal opstarten, dit is normaal.
Dubbelklik op Combofix.exe om de tool te starten.
Tijdens het gebruik van ComboFix mag er niets uitgevoerd worden met de computer. Ga ook nergens klikken met de muisknoppen, daar dit ComboFix kan laten vastlopen.


Noot !!! Als er een error verschijnt met de melding Illegal operation attempted on a registery key that has been marked for deletion. herstart dan de computer.

Als ComboFix klaar is , zal het het een logbestand maken. Voeg de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in een nieuw antwoord , alsook een nieuw aangemaakt HijackThis log.

 

[marfra10]

Hallo Swake,

Eerst alle lopende programma's gestopt
Combofix geïnstalleerd en laten lopen.
Na deel 47 : 1 bestand is verplaatst.
Na deel 50: verwijderen van 15 bestanden.
Nadien verwijderen van mappen.
Geen enkele foutmelding O.K.
Logbestand wordt gemaakt O.K. zie hierna:

ComboFix 13-07-25.02 - Frank 26/07/2013 17:06:23.1.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.4094.2010 [GMT 2:00]
Gestart vanuit: c:\users\Frank\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\EEA94C384B.sys
c:\users\Frank\2ktw.exe
c:\users\Frank\3ktw.exe
c:\users\Frank\4ktw.exe
c:\users\Frank\5ktw.exe
c:\users\Frank\6ktw.exe
c:\users\Frank\7ktw.exe
c:\users\Frank\9ktw.exe
c:\users\Frank\winrar-x64-390nl.exe
c:\windows\IsUn0413.exe
c:\windows\iun6002.exe
c:\windows\SysWow64\AutoRun.exe
c:\windows\SysWow64\X86
c:\windows\SysWow64\X86\License.rtf
c:\windows\SysWow64\X86\Readme.txt
c:\windows\SysWow64\X86\setup.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-06-26 to 2013-07-26 ))))))))))))))))))))))))))))))
.
.
2013-07-26 15:36 . 2013-07-26 15:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-26 15:36 . 2013-07-26 15:36 -------- d-----w- c:\users\Frank\AppData\Local\temp
2013-07-26 15:36 . 2013-07-26 15:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-26 15:36 . 2013-07-26 15:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-07-26 15:36 . 2013-07-26 15:36 -------- d-----w- c:\users\Administrator.HP_Desktop\AppData\Local\temp
2013-07-26 14:55 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04AAF3F9-625B-4138-B2FF-55F237E330C3}\mpengine.dll
2013-07-15 18:14 . 2013-07-15 18:14 -------- d-----w- c:\program files\Lang
2013-07-15 16:47 . 2013-07-15 16:47 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-07-15 15:20 . 2013-07-15 15:20 -------- d-----w- c:\windows\PCHEALTH
2013-07-15 15:17 . 2013-07-15 15:17 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-07-15 15:14 . 2013-07-15 15:14 -------- d-----r- C:\MSOCache
2013-07-10 13:05 . 2013-07-10 13:08 -------- d-----w- c:\windows\system32\MRT
2013-07-10 06:41 . 2013-05-29 05:43 2312704 ----a-w- c:\windows\system32\jscript9.dll
2013-07-10 06:39 . 2013-04-09 04:08 1815552 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 06:37 . 2013-06-04 02:03 2775040 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 06:24 . 2013-07-10 06:24 17617288 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-14 17:02 . 2012-03-30 08:23 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-14 17:02 . 2011-11-01 08:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-23 22:57 . 2006-11-02 12:35 78277128 ----a-w- c:\windows\system32\mrt.exe
2013-06-19 14:31 . 2013-06-19 14:31 150416 ----a-w- c:\program files\uninst.exe
2013-06-19 14:13 . 2013-06-19 14:13 6185240 ----a-w- c:\program files\CCleaner64.exe
2013-06-19 14:13 . 2013-06-19 14:13 3611416 ----a-w- c:\program files\CCleaner.exe
2013-06-12 19:48 . 2012-07-16 14:17 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-06-12 19:48 . 2010-04-26 09:50 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-20 07:00 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-15 07:13 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-08 04:50 . 2013-06-12 07:15 1423720 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-02 04:16 . 2013-06-12 07:15 686080 ----a-w- c:\windows\system32\win32spl.dll
2013-05-02 04:04 . 2013-06-12 07:15 443904 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-05-02 04:03 . 2013-06-12 07:15 37376 ----a-w- c:\windows\SysWow64\printcom.dll
2013-05-02 00:06 . 2009-10-16 08:44 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-02-20 11:35 . 2013-02-20 11:35 293192 ----a-w- c:\program files\iTunesOutlookAddIn.dll
2013-02-20 11:35 . 2013-02-20 11:35 152392 ----a-w- c:\program files\iTunesHelper.exe
2013-02-20 11:35 . 2013-02-20 11:35 412488 ----a-w- c:\program files\iTunesAdmin.dll
2013-02-20 11:35 . 2013-02-20 11:35 148808 ----a-w- c:\program files\iTunesHelper.dll
2013-02-20 11:35 . 2013-02-20 11:35 9789256 ----a-w- c:\program files\iTunes.exe
2013-02-20 11:35 . 2013-02-20 11:35 22970184 ----a-w- c:\program files\iTunes.dll
2012-12-12 12:57 . 2012-12-12 12:57 782840 ----a-w- c:\program files\gnsdk_sdkmanager.dll
2012-12-12 12:57 . 2012-12-12 12:57 3015160 ----a-w- c:\program files\gnsdk_dsp.dll
2012-12-12 12:57 . 2012-12-12 12:57 269304 ----a-w- c:\program files\gnsdk_submit.dll
2012-12-12 12:57 . 2012-12-12 12:57 226296 ----a-w- c:\program files\gnsdk_musicid.dll
2012-10-31 14:53 . 2012-10-31 14:53 112528 ----a-w- c:\program files\ITDetector.ocx
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Moffsoft FreeCalc"="c:\program files (x86)\Moffsoft FreeCalc\MoffFreeCalc.exe" [2004-08-28 791552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"beid"="c:\program files (x86)\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-08-21 105120]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2007-02-15 119296]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-13 1200144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunesHelper.exe"
.
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys;c:\windows\SYSNATIVE\DRIVERS\a38usb.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
ezSharedSvc
.
Inhoud van de 'Gedeelde Taken' map
.
2013-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:02]
.
2012-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-15 10:11]
.
2011-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-15 10:11]
.
2013-07-26 c:\windows\Tasks\RMAutoUpdate.job
- c:\program files (x86)\Registry Mechanic\SULauncher.exe [2012-11-08 13:44]
.
2013-07-25 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-12-06 13:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-07-03 6430208]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-11-03 182808]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 243216]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-03-21 6330568]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.be/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=83&bd=Pavilion&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=83&bd=Pavilion&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.2.1
.
.
------- Bestandsassociaties -------
.
.txt=
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0413.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}]
"ImagePath"="\??\c:\program files (x86)\HP\DVDPlay\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Voltooingstijd: 2013-07-26 17:40:52
ComboFix-quarantined-files.txt 2013-07-26 15:40
.
Pre-Run: 326.919.622.656 bytes beschikbaar
Post-Run: 325.895.077.888 bytes beschikbaar
.
- - End Of File - - C4F3EF0C2BCEAC720683134273AAEE48
81CD5EC01DB0CE57EDD853F82462EF27

Vervolgens HiJack This laten lopen (nieuwe versie)
Logbestand hierna :
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:51:43, on 26/07/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Moffsoft FreeCalc\MoffFreeCalc.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\hp\kbd\kbd.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
C:\Users\Frank\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [SSDMonitor] "C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Moffsoft FreeCalc] C:\Program Files (x86)\Moffsoft FreeCalc\MoffFreeCalc.exe /tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://fortisbank.webex.com/client/T26L10NSP49EP30/webex/ieatgpc1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Diskeeper - Condusiv Technologies - C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12741 bytes

 

[swake]

Goed gewerkt , combofix heeft nog wat opgeruimd.
Combofix mag je nu verwijderen van je computer.
Ga naar start en type in de zoekbalk Combofix /Uninstall
Let op de spatie tussen Combofix en /Uninstall
Druk daarna op Enter.
Hiermee zal Combofix en alle gerelateerde mappen en bestanden verwijderd worden.

Herstart daarna de computer.
Laat eens weten of er nu problemen zijn om de Updates te installeren.

 

[marfra10]

Hallo Swake,

Combofix verwijderd volgens uw instructies O.K.

PC opnieuw gestart en Windows Update laten lopen.
Update mislukt, 8 updates niet geïnstalleerd, fout 80070641 zoals voorheen.

Ik ben geen expert maar ik tracht mee te denken: waarom worden de updates aangeboden in 32-bits versie ?
Bij de installatie van MS Office 2010 heb ik gekozen voor locatie "Program Files". Dit is toch de 64-bits locatie ?

Dus verwacht ik ook de updates in 64-bits versie ? Of heb ik het verkeerd voor ?

Of zou het kunnen dat die 32-bits updates nog ergens in de wachtrij stonden, bestemd voor MS Office 2007 die toen geïnstalleerd was? Stel dat het zo is, hoe krijg ik ze dan weg?

 

[Qtex]

@ marfra10

ook ik had in de afgelopen week de fout code 80070641 bij het installeren van het sp2 voor de MS Office 2013 pro (x64 bit versie)
herhaaldelijk geprobeerd deze toch te installeen en inderdaad op het internet is niet echt een oplossing te vinden wat betreft de oorzaak hiervan ...
doch uiteindelijk is het me dan toch gelukt om het sp2 te installeren ....
de oorzaak dat dit telkens mis liep lag in het feit dat de Service " Office Open Source " uitgeschakeld stond in de lijst Services ..word vermeld op het net
deze heb ik op automatisch gezet ....en mijn systeem vervolgens herstart ...
nu trachte ik weer om het service pack 2 te installeren en weer ging het hier fout ...
daarop heb ik via programma's en software de Office aangeklikt en klik je op verwijderen maar let op de office geeft je de mogelijkheid om deze te herstellen ...
herstel deze dan ook , er zit een fout in de update functie en door op herstellen te klikken word ook deze functie hersteld.
daarna kwamen achterstallige losse update's binnen voor de Office 2010
deze diende ik eerst te installeren ...
weer diende ik mijn systeem te herstarten voordat ik ook het service pack 2 kon geinstalleert krijgen .






de dag er na kon ik echter moeiteloos het service pack2 installeren !

 

[navarro]

denk dat de tip van Qtex goed is heb ook eens probs gehad met office 2010 op win7 64bit!niks lukte wou office eraf gooien en trug istall doen maar zag ook herstel staan heb dit gedaan en sinds geen probs meer ben voor 95% zeker
grtjs
navarro

 

[DDragon80]

@qtex
Er is me wel één ding niet zo duidelijk. Je zegt volgende; "Het office service pack 2 installeren zonder dat al de updates ervoor werden geinstalleerd gaat niet..."
Ik denk toch dat dit andere oorzaken heeft. Hoe staat je Windows update ingesteld?
Alleen controlleren, Controlleren en downloaden, of automatisch downloaden en installeren?
Aan je verklaring vermoed ik op downloaden... Maw, die updates staan in de queue en moeten verwerkt worden.

Het zit zo, Service Pack 2 voor Microsoft Office 2010 is een volledige rollup update. Dit houd in dat er geen prerequisites aan verbonden zijn. Maw je hebt geen vorige updates of voorgaande service pack nodig om SP2 te kunnen installeren, die zijn aanwezig in dit SP. Tesamen met eventueel nieuwere updates.

@ marfra10
De keuze van installatie bepaald niet de versie van Office. Je hebt verschillende versies (32 of 64 bit) welke je kan installeren. Je folder keuze bepaald zeker je office versie niet!
De 64bit versie van Office 2010 bied eigenlijk niet echt voordeel tov de 32bit. Geeft in het slechtste geval zelfs addin problemen met 3th party software (indien aanwezig).

 

[marfra10]

@ Qtex
@ Navarro

Mappen zijn identiek zoals op bijlage van Qtex. Ook identiek op de PC van mijn ega. O.K.

MS Office 2010 hersteld via configuratiescherm > programma's en Onderdelen > wijzigen O.K.
Service "Office Open Source" ingeschakeld (gestart) O.K.
Anti-Virus en MalwareBytes uitgeschakeld O.K.
Windows Update laten lopen : 5 van de 8 updates werden correct geïnstalleerd. O.K.

PC opnieuw gestart, AV & MWB uitgezet. service "Office Open Source" opnieuw gestart O.K.
Windows Update opnieuw laten lopen. 3 van 3 Updates (waaronder Service Pack 1) mislukt . NIET O.K.

PC nogmaals opnieuw gestart, AV & MWB uitgezet. service "Office Open Source" gestart O.K.
Windows Update opnieuw laten lopen. Deze keer alléén met Service Pack 1 - mislukt . NIET O.K.
Probleem nog niet opgelost.

 

[swake]

Wat kan er eventueel nog geprobeerd worden.
Eens gaan controleren in de verborgen updates of er geen essentiële updates zitten.
Updates instellen dat ze gedownload worden, maar zelf bepalen of je ze wil installeren. Op deze wijze de updates één voor één installeren.
Updates eens proberen uit te voeren met het verborgen administrators account .
Als de updates dan nog steeds mislukken ben ik ook ten einde raad.
Het is me ook nog altijd opgevallen dat ik geen actieve virusscanner zie, enkel services van Eset Nod32 die op de achtergrond uitgevoerd worden.
Staat die in je beveiligingscentrum ingeschakeld?

 

[swake]

Windows Update opnieuw laten lopen. 3 van 3 Updates (waaronder Service Pack 1) mislukt . NIET O.K.

SP1 is een zeer zware update. Het beste kan je SP1 downloaden en het installatiebestand handmatig uitvoeren.

 

[marfra10]

Hallo Swake,

Ik zal volgende week de lijst met mogelijkheden nog proberen.

Alleen weet ik niet hoe het uitvoeren met "verborgen administratorsaccount" gaat ?

Hierbij bevestiging dat ESET NOD32 Anti-Virus zonder problemen loopt. Zie bijlage: