BATMANWASHERE Nybegynder

06. juni 2012 - 19:58 Der er 35 kommentarer og
1 løsning

fejlkode 0x80070424

Hej,

For et par dage siden fik jeg en virus, ved at surfe rundt på nettet som jeg nu gør engang imellem.: "TrojanBitMiner" & "Trojan.Dropper.BCMiner" -
Jeg fandt ud af, kort tid efter at al min sikkerhed var deaktiveret, mit Antivirus var slået fra: "Microsoft Security Essentials", min Firewall og Windows Defender.
Jeg prøvede at aktivere mit Antivirus-program, men gav op da det var håbløst, så jeg valgte i stedet at geninstallerer det, hvilket fik det til at virke. Jeg kørte en fuld scan, og den fandt en Virus. For at være helt sikker installerede jeg "Malwarebytes Anti-Malware" som yderligere fandt de to ovenstående.
Jeg troede jeg havde fundet løsningen på problemet ved at fjerne truslerne, men... Jeg kunne stadig ikke aktivere min Firewall eller Windows Defender.

Firewall:
Opdater Firewallinstillingerne
Windows Firewall bruger ikke de anbefalede indstillinger til beskyttelse af computeren : Brug Anbefalede Indstillinger - Da jeg trykkede fik jeg en besked med: (fejlkode 0x80070424) /

Windows Defender:
Tjenesten er stoppet
Der opstod et problem, som fik programmets tjeneste til at stoppe. Klik på knappen start nu, eller genstart computeren for at starte tjenesten. - Da jeg trykkede fik jeg en besked: Den angivne tjeneste findes ikke som installeret tjeneste (fejlkode 0x80070424)

Jeg prøvede at genstarte men det havde en sucess, så jeg søgte på nettet og fandt og afprøvede følgende idéer til løsninger:
http://www.sevenforums.com/system-security/200214-window-7-firewall-error-code-0x80070424.html
http://support.microsoft.com/mats/windows_firewall_diagnostic/ (Får beskeden: "Vi beklager, men programmet fandt en fejl, og kan ikke fortsætte. Prøv igen senere."
http://answers.microsoft.com/en-us/windows/forum/windows_7-security/error-code-0x80070422-cant-turn-on-firewall/e5ee6823-98f8-4575-a254-00a038b17e34 - Der er forskellige løsninger, jeg har prøvet de følgende af: Shekhar S - på side 1 & narenxp - på side 4.

Efter at have brugt Shekhar S' løsning, prøvede jeg at aktivere min Firewall. Jeg fik IKKE længere (fejlkode 0x80070424), i stedet står den og loader/svarer ikke i et stykke tid, stopper den og der sker ikke yderligeret. (har prøvet at genstarte, men der sker stadig ingenting.)

narenxp' løsning var ikke helt mulig da det kun lykkedes mig at starte Base File Engine. Når jeg prøver at starte Windows Firewall får jeg følgende meddelsen: Windows kunne ikke starte Windows Firewall på Lokal computer. Du kan finde flere oplysninger i systemets logbog. Kontakt tjenesteudbyderen, hvid dette ikke er Microsoft-tjeneste og henvis til den tjenestespecifikke fejlkode. 5.

Logbog:
Lognavn: System
Kilde: Service Control Manager
Dato: 06-06-2012 19:49:21
Hændelses-id: 7024
Opgavekategori:Ingen
Niveau: Fejl
Nøgleord: Klassisk
Bruger: I/T
Computer:
Beskrivelse:
Tjenesten Windows Firewall blev afbrudt med den tjenestespecifikke fejl Adgang nægtet..
Hændelses-Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7024</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2012-06-06T17:49:21.438916700Z" />
<EventRecordID>35441</EventRecordID>
<Correlation />
<Execution ProcessID="664" ThreadID="14704" />
<Channel>System</Channel>
<Computer>SharkGaming-Pc</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Windows Firewall</Data>
<Data Name="param2">%%5</Data>
</EventData>
</Event>

Er der andre information i syntes i mangler, skal i blot sige til.

Alle idéer til løsninger, løsninger eller henvisninger til løsninger er MEGET velkommen.

På forhånd, tak.

Synes godt om

f-arn Guru

06. juni 2012 - 20:07 #1

Hent og gem Farbar Service Scanner på den "syge" PC.

Start den og sæt flueben i følgende.

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

Klik på Scan.

Den laver en log (FSS.txt). Kopier den herind i dit næste indlæg.

Synes godt om

BATMANWASHERE Nybegynder

06. juni 2012 - 20:43 #2

Tak for den hurtige respons, her er den log du bedte om:

Farbar Service Scanner Version: 05-06-2012
Ran by SharkGaming (administrator) on 06-06-2012 at 20:41:50
Running from "C:\Users\SharkGaming\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Synes godt om

f-arn Guru

06. juni 2012 - 21:26 #3

Hent og installer ERUNT: http://www.derfisch.de/lars/erunt-setup.exe

Start den og lad den lave en Backup af Registreringsdatabasen.

Du skal ikke la' den starte Automatisk !!!

------

Hent de to nedenstående reg filer.

wscsvc.reg

WinDefend.reg

Så Højreklikker du på dem, kører som Admin - og siger ja til at Flette.

Genstart, og send en ny log fra Farbar Service Scanner herind.

Fortæl også om du fortsat har problemer.

Synes godt om

BATMANWASHERE Nybegynder

06. juni 2012 - 22:31 #4

Hvad mener du med, at jeg ikke skal lade den starte automatisk?
Jeg bruger Firefox, og når den har hentet filen/erne, skal jeg selv klikke før de kan åbnes.

Jeg hentede de to filer, men havde ikke muligheden at åbn/kør som Admin. Jeg gik ud fra i det jeg klikker på filhentning er det, det samme som at kør/åbn. Derefter flettede jeg og genstartede.

Her er den log du bedte om:

Farbar Service Scanner Version: 05-06-2012
Ran by SharkGaming (administrator) on 06-06-2012 at 22:10:02
Running from "C:\Users\SharkGaming\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

PROBLEMER:

Windows Firewall - Det er fortsat det samme, når jeg klikker på "brug anbefalede instillinger" loader/svarer programmet ikke i et stykke tid og derefter sker der intet.

Windows Defender - Den havde nogle opdatering klar, som jeg lod den klarer. derefter kom den med en besked:
"Programmet er slået fra
Hvis du bruger et andet program, der kontrollere, om der er skadelige eller uønsket software, kan du bruge løsningscenter, til at kontrollere programmets status
Hvis du vil bruge dette program, kan du klikke her for at slå det til." - Når jeg gør det, sker det samme som med Windows Firewall, den står loader/svarer ikke.

I "løsningscenter" står Windows Defender og skifter mellem HVIS INSTILLINGER FOR ANTISPYW... & OPDATER NU. - Jeg klikkede på "instillinger for antispy..." og lod Microsoft Security Essentials" tage over i Windows Defenders sted?

Windows Firewall er stadig ikke slået til i "løsningscenter" og når jeg klikker på "SLÅ TIL NU" får jeg beskeden Windows Firewall kan ikke slås til af Løsningscenter" nedenunder er et link til at gøre det manuelt, som fører tilbage til siden med "brug anbefalede instillinger"

Synes godt om

f-arn Guru

07. juni 2012 - 05:37 #5

I stedet for at fortsætte med at erstatte reg nøgler, vil jeg gerne se hvad der sker på den PC ->

Hent og kør DDS

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af begge herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet.

Mht.: Vista og Windows 7 - højreklik på filen - Kør som Administrator.

Synes godt om

BATMANWASHERE Nybegynder

07. juni 2012 - 14:46 #6

DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by SharkGaming at 14:40:41 on 2012-06-07
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
mWinlogon: Userinit=userinit.exe,
BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\SHARKG~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
LSP: mswsock.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{6834E65A-7F9F-4DD9-99C8-554CBD1F3C1B} : DhcpNameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{B51D99C5-4F50-4A03-AD8F-988476EB2453} : DhcpNameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{C79EE60E-ECE6-47FC-8C47-987D38951497} : DhcpNameServer = 193.162.153.164 194.239.134.83
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\SharkGaming\AppData\Roaming\Mozilla\Firefox\Profiles\44xz14t6.default\
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Users\SharkGaming\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\SharkGaming\AppData\Roaming\Mozilla\Firefox\Profiles\44xz14t6.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-06-06 16:57:47 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{62639E17-F023-4F5E-B1F6-E4DBFA58B608}\mpengine.dll
2012-06-06 14:12:26 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 14:12:26 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 00:09:59 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-05 21:11:52 -------- d-----w- C:\Program Files (x86)\ESET
2012-06-02 23:51:54 -------- d-----w- C:\Users\SharkGaming\AppData\Roaming\Malwarebytes
2012-06-02 23:51:47 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-02 23:51:46 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-02 23:51:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-02 23:41:58 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2422CA51-F472-4A19-8EE0-0E637DFA145B}\gapaengine.dll
2012-06-02 23:39:50 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-06-02 23:39:48 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-05-31 00:50:09 -------- d-sh--w- C:\ProgramData\DSS
2012-05-30 09:34:02 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-05-30 09:33:58 -------- d-----w- C:\Users\SharkGaming\AppData\Roaming\DAEMON Tools Lite
2012-05-30 09:33:56 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2012-05-30 09:32:02 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2012-05-29 18:23:17 -------- d-----w- C:\Users\SharkGaming\AppData\Local\Google
2012-05-29 18:23:17 -------- d-----w- C:\Users\SharkGaming\AppData\Local\CRE
2012-05-29 18:23:13 -------- d-----w- C:\Program Files (x86)\BitTorrentBar
2012-05-25 17:44:20 447752 ----a-w- C:\Windows\SysWow64\vp6vfw.dll
2012-05-25 17:44:14 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2012-05-22 17:26:21 -------- d-----w- C:\Users\SharkGaming\AppData\Roaming\Awesomium
2012-05-15 14:55:13 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2012-05-15 14:55:13 -------- d-----w- C:\Program Files (x86)\Diablo III
2012-05-15 14:42:34 -------- d-----w- C:\ProgramData\Battle.net
2012-05-15 10:11:57 -------- d-----w- C:\Users\SharkGaming\Diablo-III-8370-enGB-Installer
2012-05-14 19:39:41 -------- d-----w- C:\Users\SharkGaming\Incomplete
2012-05-11 16:12:07 -------- d-----w- C:\Program Files (x86)\Diablo II
2012-05-11 15:32:34 -------- d-----w- C:\Users\SharkGaming\D2LOD-1.12A-enGB
2012-05-11 13:59:53 -------- d-----w- C:\Users\SharkGaming\D2-1.12A-enGB
2012-05-11 13:59:48 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-05-09 12:23:03 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-09 12:23:03 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-09 12:23:01 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-09 12:23:01 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-09 12:23:00 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-09 12:23:00 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-09 12:22:42 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-09 12:22:31 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-09 12:22:30 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 12:22:30 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-09 12:22:30 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-09 12:22:30 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 12:22:30 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-08 20:52:24 -------- d-----w- C:\Program Files (x86)\AMD
2012-05-08 20:52:23 -------- d-----w- C:\Users\SharkGaming\AppData\Local\Downloaded Installations
2012-05-08 20:50:31 -------- d-----w- C:\Windows\SysWow64\xlive
2012-05-08 20:50:27 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-05-08 12:43:10 -------- d-----w- C:\Users\SharkGaming\AppData\Roaming\.minecraft
.
==================== Find3M ====================
.
2012-06-06 14:48:02 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-06-06 14:48:02 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-06-05 20:32:15 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-06-04 17:50:20 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-05-05 12:35:56 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 12:35:56 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 12:35:47 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
.
============= FINISH: 14:40:59,38 ===============

Attatch.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe AIR
APB Reloaded
Batman: Arkham City™
BitTorrent
BitTorrentBar Toolbar
Borderlands
Brawl Busters
Champions Online: Free For All
Counter-Strike: Condition Zero
DAEMON Tools Lite
Dead Island
Deus Ex: Human Revolution
Diablo II
Diablo III
Dual-Core Optimizer
Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.17.01.801
EA Installer
EA Shared Game Component: Activation
ERUNT 1.1j
ESET Online Scanner v3
Forsaken World
Grand Theft Auto III
Intel(R) Management Engine Components
Java Auto Updater
Java(TM) 6 Update 29
JMicron JMB36X Driver
Kingdoms of Amalur: Reckoning Demo
League of Legends
Left 4 Dead 2
Malwarebytes Anti-Malware version 1.61.0.1400
marvell 91xx driver
Mass Effect
Mass Effect 2
Mass Effect™ 3
Microsoft .NET Framework 1.1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 4.0
Mount & Blade: Warband
Mozilla Firefox 13.0 (x86 da)
Mozilla Maintenance Service
MP3 Rocket
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
Origin
Pando Media Booster
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Skype™ 5.8
Steam
System Requirements Lab CYRI
Terraria
The Battle for Middle-earth (tm) II
The Lord of the Rings, The Rise of the Witch-king
The Sims Medieval
The Sims™ 3
The Sims™ 3 Verdenseventyr
The Witcher 2
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VC80CRTRedist - 8.0.50727.6195
Windows Media Player Firefox Plugin
.
==== End Of File ===========================

Synes godt om

f-arn Guru

07. juni 2012 - 15:00 #7

Drop fildeling ->
http://www.spywarefri.dk/artikel/farerne-ved-fildeling/
http://www.spywarefri.dk/forum/viewthread/40284/

------

Det lader til du har et ZeroAccess Rootkit, så jeg vil gerne advare dig.

Det er, en af de mest bøvlede infektioner at slippe af med, så det kan ta' sin tid at fjerne !!!

Det er samtidigt næsten umuligt at sikre, at et Rootkit ikke efterlader sårbarheder i Systemet.

Det synes jeg du skal vide, inden vi fortsætter !!!

Ønsker du vi skal fortsætte ???

Synes godt om

BATMANWASHERE Nybegynder

07. juni 2012 - 15:20 #8

Jeg vil gerne vide lidt mere om de sårbarheder jeg risikerer i mit system. Og kan de sårbarheder rettes op på igen, efter man har fjernet rootkit?
Jeg har givet 15.000 kr for min PC, så er ikke helt glad ved idéen. Er der muligvis andre løsninger, som er mere sikre, såsom at starte fra Firma-instillingerne?

Synes godt om

f-arn Guru

07. juni 2012 - 15:51 #9

Hvis du kan gendanne til Fabriks Indstillinger, er det klart det mest sikre.

Hvilke sårbarheder du risikerer, hvis du ikke gør det, er det reelt umuligt at svare på.

Hvis jeg kunne det, kunne de jo også rettes ;-)

Synes godt om

BATMANWASHERE Nybegynder

07. juni 2012 - 20:01 #10

De her sårbarheder, kan det være permanente skader i mit system?

Anyways,
Jeg tager chancen og håber på det bedste, føler jeg er i gode hænder.

Ja, jeg vil gerne fortsætte.

Synes godt om

f-arn Guru

07. juni 2012 - 20:26 #11

De her sårbarheder, kan det være permanente skader i mit system?

Ja - det kan det godt, men det er for tidtigt at sige.

------

Deaktiver din Antivirus, mes du kører disse !!!

Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe.

Start TDSSKiller.exe.

Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator.

Under "Change parameters" sætter du flueben ved "Detect TDLFS file system"

Klik på "Start Scan"

Hvis en inficeret fil bliver fundet, vil "Default action" være Cure, klik på Continue
Hvis den finder TDLFS file system, klikker du på Delete.
Hvis en mistænkelig fil opdages, vil "Default action" være Skip, klik på Continue
Hvis den ikke spørger om "Reboot" (genstart) så klik på "Report", kopier den tekst herind i tråden.

Genstart hvis den kræver det.

Hvis den genstarter kan du finde logfilen her :
C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt.

Kopier den tekst herind I denne tråd. (Den skal nok deles i to)

------

Hent og gem aswMBR på dit Skrivebord.

Start aswMBR og klik på "Scan"

Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator.

Hvis den spørger efter "Avast virus definitioner" klikker du "Yes"

Når den er færdig med at scanne, klikker du på "SAVE LOG" og sender loggen herind.

------

PS Vil du godt gøre det, i den rækkefølge jeg anfører !!!

Synes godt om

BATMANWASHERE Nybegynder

07. juni 2012 - 20:47 #12

20:43:31.0985 6940 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
20:43:32.0254 6940 ============================================================
20:43:32.0254 6940 Current date / time: 2012/06/07 20:43:32.0254
20:43:32.0254 6940 SystemInfo:
20:43:32.0254 6940
20:43:32.0254 6940 OS Version: 6.1.7601 ServicePack: 1.0
20:43:32.0254 6940 Product type: Workstation
20:43:32.0255 6940 ComputerName: SHARKGAMING-PC
20:43:32.0255 6940 UserName: SharkGaming
20:43:32.0255 6940 Windows directory: C:\Windows
20:43:32.0255 6940 System windows directory: C:\Windows
20:43:32.0255 6940 Running under WOW64
20:43:32.0255 6940 Processor architecture: Intel x64
20:43:32.0255 6940 Number of processors: 8
20:43:32.0255 6940 Page size: 0x1000
20:43:32.0255 6940 Boot type: Normal boot
20:43:32.0255 6940 ============================================================
20:43:33.0223 6940 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:43:33.0229 6940 ============================================================
20:43:33.0229 6940 \Device\Harddisk0\DR0:
20:43:33.0229 6940 MBR partitions:
20:43:33.0229 6940 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:43:33.0229 6940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
20:43:33.0230 6940 ============================================================
20:43:33.0247 6940 C: <-> \Device\Harddisk0\DR0\Partition1
20:43:33.0247 6940 ============================================================
20:43:33.0247 6940 Initialize success
20:43:33.0247 6940 ============================================================
20:43:58.0601 7112 ============================================================
20:43:58.0601 7112 Scan started
20:43:58.0601 7112 Mode: Manual; TDLFS;
20:43:58.0601 7112 ============================================================
20:43:59.0003 7112 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
20:43:59.0007 7112 1394ohci - ok
20:43:59.0027 7112 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:43:59.0033 7112 ACPI - ok
20:43:59.0042 7112 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:43:59.0043 7112 AcpiPmi - ok
20:43:59.0170 7112 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:43:59.0172 7112 AdobeFlashPlayerUpdateSvc - ok
20:43:59.0214 7112 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:43:59.0241 7112 adp94xx - ok
20:43:59.0282 7112 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:43:59.0295 7112 adpahci - ok
20:43:59.0318 7112 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:43:59.0321 7112 adpu320 - ok
20:43:59.0350 7112 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:43:59.0351 7112 AeLookupSvc - ok
20:43:59.0422 7112 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:43:59.0433 7112 AFD - ok
20:43:59.0444 7112 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:43:59.0446 7112 agp440 - ok
20:43:59.0465 7112 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:43:59.0466 7112 ALG - ok
20:43:59.0469 7112 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:43:59.0470 7112 aliide - ok
20:43:59.0474 7112 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:43:59.0474 7112 amdide - ok
20:43:59.0490 7112 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:43:59.0491 7112 AmdK8 - ok
20:43:59.0497 7112 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:43:59.0498 7112 AmdPPM - ok
20:43:59.0543 7112 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:43:59.0545 7112 amdsata - ok
20:43:59.0562 7112 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:43:59.0564 7112 amdsbs - ok
20:43:59.0586 7112 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:43:59.0587 7112 amdxata - ok
20:43:59.0616 7112 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:43:59.0618 7112 AppID - ok
20:43:59.0639 7112 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:43:59.0640 7112 AppIDSvc - ok
20:43:59.0655 7112 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:43:59.0656 7112 Appinfo - ok
20:43:59.0675 7112 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:43:59.0677 7112 arc - ok
20:43:59.0690 7112 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:43:59.0692 7112 arcsas - ok
20:43:59.0749 7112 aspnet_state - ok
20:43:59.0780 7112 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:43:59.0781 7112 AsyncMac - ok
20:43:59.0790 7112 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:43:59.0790 7112 atapi - ok
20:43:59.0848 7112 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:43:59.0886 7112 AudioEndpointBuilder - ok
20:43:59.0894 7112 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:43:59.0899 7112 AudioSrv - ok
20:43:59.0927 7112 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:43:59.0929 7112 AxInstSV - ok
20:43:59.0957 7112 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:43:59.0969 7112 b06bdrv - ok
20:43:59.0991 7112 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:43:59.0998 7112 b57nd60a - ok
20:44:00.0008 7112 badmghpp - ok
20:44:00.0093 7112 BCMH43XX (6fa3557ea5fa09ba705298cc6b0e9f5a) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
20:44:00.0102 7112 BCMH43XX - ok
20:44:00.0138 7112 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:44:00.0140 7112 BDESVC - ok
20:44:00.0175 7112 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:44:00.0176 7112 Beep - ok
20:44:00.0227 7112 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:44:00.0240 7112 BFE - ok
20:44:00.0294 7112 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:44:00.0312 7112 BITS - ok
20:44:00.0336 7112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:00.0337 7112 blbdrive - ok
20:44:00.0393 7112 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:44:00.0394 7112 bowser - ok
20:44:00.0416 7112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:44:00.0417 7112 BrFiltLo - ok
20:44:00.0426 7112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:44:00.0427 7112 BrFiltUp - ok
20:44:00.0459 7112 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:44:00.0461 7112 Browser - ok
20:44:00.0484 7112 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:44:00.0490 7112 Brserid - ok
20:44:00.0507 7112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:44:00.0508 7112 BrSerWdm - ok
20:44:00.0522 7112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:44:00.0523 7112 BrUsbMdm - ok
20:44:00.0526 7112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:44:00.0527 7112 BrUsbSer - ok
20:44:00.0548 7112 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:44:00.0549 7112 BTHMODEM - ok
20:44:00.0568 7112 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:44:00.0570 7112 bthserv - ok
20:44:00.0595 7112 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:44:00.0597 7112 cdfs - ok
20:44:00.0619 7112 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:44:00.0621 7112 cdrom - ok
20:44:00.0649 7112 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:00.0651 7112 CertPropSvc - ok
20:44:00.0663 7112 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:44:00.0664 7112 circlass - ok
20:44:00.0688 7112 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:44:00.0702 7112 CLFS - ok
20:44:00.0761 7112 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:00.0763 7112 clr_optimization_v2.0.50727_32 - ok
20:44:00.0793 7112 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:44:00.0795 7112 clr_optimization_v2.0.50727_64 - ok
20:44:00.0882 7112 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:44:00.0884 7112 clr_optimization_v4.0.30319_32 - ok
20:44:00.0934 7112 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:44:00.0937 7112 clr_optimization_v4.0.30319_64 - ok
20:44:00.0973 7112 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:44:00.0974 7112 CmBatt - ok
20:44:00.0983 7112 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:44:00.0984 7112 cmdide - ok
20:44:01.0034 7112 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:44:01.0045 7112 CNG - ok
20:44:01.0058 7112 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:44:01.0059 7112 Compbatt - ok
20:44:01.0095 7112 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:44:01.0095 7112 CompositeBus - ok
20:44:01.0109 7112 COMSysApp - ok
20:44:01.0112 7112 cqbvreew - ok
20:44:01.0122 7112 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:44:01.0123 7112 crcdisk - ok
20:44:01.0158 7112 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:44:01.0161 7112 CryptSvc - ok
20:44:01.0197 7112 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:01.0204 7112 DcomLaunch - ok
20:44:01.0246 7112 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:44:01.0249 7112 defragsvc - ok
20:44:01.0283 7112 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:44:01.0285 7112 DfsC - ok
20:44:01.0311 7112 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:44:01.0318 7112 Dhcp - ok
20:44:01.0327 7112 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:44:01.0328 7112 discache - ok
20:44:01.0358 7112 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:44:01.0359 7112 Disk - ok
20:44:01.0401 7112 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:44:01.0404 7112 Dnscache - ok
20:44:01.0427 7112 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:44:01.0436 7112 dot3svc - ok
20:44:01.0450 7112 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:44:01.0452 7112 DPS - ok
20:44:01.0476 7112 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:44:01.0476 7112 drmkaud - ok
20:44:01.0524 7112 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:44:01.0526 7112 dtsoftbus01 - ok
20:44:01.0588 7112 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:44:01.0596 7112 DXGKrnl - ok
20:44:01.0616 7112 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:44:01.0618 7112 EapHost - ok
20:44:01.0726 7112 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:44:01.0767 7112 ebdrv - ok
20:44:01.0854 7112 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:44:01.0856 7112 EFS - ok
20:44:01.0915 7112 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:44:01.0928 7112 ehRecvr - ok
20:44:01.0945 7112 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:44:01.0947 7112 ehSched - ok
20:44:02.0019 7112 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:44:02.0027 7112 elxstor - ok
20:44:02.0043 7112 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:44:02.0043 7112 ErrDev - ok
20:44:02.0087 7112 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:44:02.0100 7112 EventSystem - ok
20:44:02.0134 7112 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:44:02.0136 7112 exfat - ok
20:44:02.0160 7112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:44:02.0162 7112 fastfat - ok
20:44:02.0200 7112 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:44:02.0213 7112 Fax - ok
20:44:02.0223 7112 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:44:02.0224 7112 fdc - ok
20:44:02.0236 7112 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:44:02.0237 7112 fdPHost - ok
20:44:02.0251 7112 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:44:02.0252 7112 FDResPub - ok
20:44:02.0264 7112 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:44:02.0265 7112 FileInfo - ok
20:44:02.0269 7112 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:44:02.0270 7112 Filetrace - ok
20:44:02.0278 7112 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:44:02.0279 7112 flpydisk - ok
20:44:02.0303 7112 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:44:02.0305 7112 FltMgr - ok
20:44:02.0377 7112 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:44:02.0395 7112 FontCache - ok
20:44:02.0451 7112 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:44:02.0453 7112 FontCache3.0.0.0 - ok
20:44:02.0489 7112 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:44:02.0491 7112 FsDepends - ok
20:44:02.0529 7112 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:44:02.0529 7112 Fs_Rec - ok
20:44:02.0559 7112 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:44:02.0568 7112 fvevol - ok
20:44:02.0599 7112 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:44:02.0601 7112 gagp30kx - ok
20:44:02.0655 7112 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:44:02.0690 7112 gpsvc - ok
20:44:02.0707 7112 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:44:02.0708 7112 hcw85cir - ok
20:44:02.0760 7112 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:44:02.0773 7112 HdAudAddService - ok
20:44:02.0797 7112 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:44:02.0798 7112 HDAudBus - ok
20:44:02.0809 7112 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:44:02.0810 7112 HidBatt - ok
20:44:02.0825 7112 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:44:02.0827 7112 HidBth - ok
20:44:02.0848 7112 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:44:02.0849 7112 HidIr - ok
20:44:02.0877 7112 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:44:02.0878 7112 hidserv - ok
20:44:02.0885 7112 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:44:02.0886 7112 HidUsb - ok
20:44:02.0910 7112 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:44:02.0912 7112 hkmsvc - ok
20:44:02.0924 7112 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:44:02.0928 7112 HomeGroupListener - ok
20:44:02.0949 7112 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:44:02.0959 7112 HomeGroupProvider - ok
20:44:02.0983 7112 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:44:02.0984 7112 HpSAMD - ok
20:44:03.0027 7112 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:44:03.0040 7112 HTTP - ok
20:44:03.0050 7112 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:44:03.0051 7112 hwpolicy - ok
20:44:03.0072 7112 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:44:03.0073 7112 i8042prt - ok
20:44:03.0128 7112 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:44:03.0138 7112 iaStorV - ok
20:44:03.0226 7112 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:44:03.0268 7112 idsvc - ok
20:44:03.0281 7112 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:44:03.0283 7112 iirsp - ok
20:44:03.0339 7112 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:44:03.0356 7112 IKEEXT - ok
20:44:03.0478 7112 IntcAzAudAddService (03076f51af9f78a272cccde03e9340ce) C:\Windows\system32\drivers\RTKVHD64.sys
20:44:03.0496 7112 IntcAzAudAddService - ok
20:44:03.0584 7112 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:44:03.0585 7112 intelide - ok
20:44:03.0599 7112 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:44:03.0599 7112 intelppm - ok
20:44:03.0634 7112 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:44:03.0636 7112 IPBusEnum - ok
20:44:03.0657 7112 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:03.0658 7112 IpFilterDriver - ok
20:44:03.0675 7112 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:44:03.0677 7112 IPMIDRV - ok
20:44:03.0695 7112 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:44:03.0697 7112 IPNAT - ok
20:44:03.0722 7112 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:44:03.0723 7112 IRENUM - ok
20:44:03.0738 7112 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:44:03.0739 7112 isapnp - ok
20:44:03.0764 7112 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:44:03.0771 7112 iScsiPrt - ok
20:44:03.0808 7112 JRAID (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\DRIVERS\jraid.sys
20:44:03.0809 7112 JRAID - ok
20:44:03.0817 7112 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:03.0817 7112 kbdclass - ok
20:44:03.0826 7112 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:03.0826 7112 kbdhid - ok
20:44:03.0854 7112 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:03.0855 7112 KeyIso - ok
20:44:03.0870 7112 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:44:03.0872 7112 KSecDD - ok
20:44:03.0888 7112 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:44:03.0890 7112 KSecPkg - ok
20:44:03.0899 7112 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:44:03.0900 7112 ksthunk - ok
20:44:03.0942 7112 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:44:03.0971 7112 KtmRm - ok
20:44:04.0005 7112 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:44:04.0012 7112 LanmanServer - ok
20:44:04.0047 7112 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:44:04.0050 7112 LanmanWorkstation - ok
20:44:04.0083 7112 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:44:04.0084 7112 lltdio - ok
20:44:04.0121 7112 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:44:04.0128 7112 lltdsvc - ok
20:44:04.0142 7112 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:44:04.0144 7112 lmhosts - ok
20:44:04.0182 7112 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:44:04.0183 7112 LSI_FC - ok
20:44:04.0207 7112 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:44:04.0209 7112 LSI_SAS - ok
20:44:04.0223 7112 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:44:04.0224 7112 LSI_SAS2 - ok
20:44:04.0238 7112 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:44:04.0240 7112 LSI_SCSI - ok
20:44:04.0257 7112 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:44:04.0258 7112 luafv - ok
20:44:04.0304 7112 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
20:44:04.0305 7112 MBAMProtector - ok
20:44:04.0389 7112 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:04.0394 7112 MBAMService - ok
20:44:04.0428 7112 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
20:44:04.0428 7112 MBfilt - ok
20:44:04.0456 7112 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:44:04.0458 7112 Mcx2Svc - ok
20:44:04.0476 7112 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:44:04.0477 7112 megasas - ok
20:44:04.0520 7112 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:44:04.0527 7112 MegaSR - ok
20:44:04.0545 7112 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:44:04.0545 7112 MEIx64 - ok
20:44:04.0564 7112 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:04.0566 7112 MMCSS - ok
20:44:04.0579 7112 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:44:04.0580 7112 Modem - ok
20:44:04.0590 7112 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:44:04.0590 7112 monitor - ok
20:44:04.0600 7112 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:44:04.0601 7112 mouclass - ok
20:44:04.0625 7112 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:44:04.0626 7112 mouhid - ok
20:44:04.0655 7112 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:44:04.0656 7112 mountmgr - ok
20:44:04.0753 7112 MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:44:04.0755 7112 MozillaMaintenance - ok
20:44:04.0785 7112 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
20:44:04.0787 7112 MpFilter - ok
20:44:04.0803 7112 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:44:04.0805 7112 mpio - ok
20:44:04.0821 7112 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:44:04.0822 7112 mpsdrv - ok
20:44:04.0886 7112 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:44:04.0927 7112 MpsSvc - ok
20:44:04.0950 7112 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:44:04.0952 7112 MRxDAV - ok
20:44:04.0995 7112 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:44:04.0997 7112 mrxsmb - ok
20:44:05.0021 7112 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:44:05.0028 7112 mrxsmb10 - ok
20:44:05.0071 7112 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:44:05.0072 7112 mrxsmb20 - ok
20:44:05.0086 7112 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:44:05.0087 7112 msahci - ok
20:44:05.0105 7112 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:44:05.0107 7112 msdsm - ok
20:44:05.0124 7112 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:44:05.0127 7112 MSDTC - ok
20:44:05.0139 7112 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:44:05.0140 7112 Msfs - ok
20:44:05.0153 7112 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:44:05.0154 7112 mshidkmdf - ok
20:44:05.0166 7112 MSICDSetup - ok
20:44:05.0178 7112 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:44:05.0178 7112 msisadrv - ok
20:44:05.0211 7112 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:44:05.0214 7112 MSiSCSI - ok
20:44:05.0216 7112 msiserver - ok
20:44:05.0238 7112 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:44:05.0238 7112 MSKSSRV - ok
20:44:05.0288 7112 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:44:05.0288 7112 MsMpSvc - ok
20:44:05.0316 7112 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:44:05.0317 7112 MSPCLOCK - ok
20:44:05.0329 7112 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:44:05.0330 7112 MSPQM - ok
20:44:05.0364 7112 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:44:05.0392 7112 MsRPC - ok
20:44:05.0405 7112 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:44:05.0405 7112 mssmbios - ok
20:44:05.0416 7112 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:44:05.0417 7112 MSTEE - ok
20:44:05.0426 7112 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:44:05.0427 7112 MTConfig - ok
20:44:05.0440 7112 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:44:05.0442 7112 Mup - ok
20:44:05.0474 7112 mv91cons (e53d9ab63917338d7ffe12e85310a636) C:\Windows\system32\DRIVERS\mv91cons.sys
20:44:05.0475 7112 mv91cons - ok
20:44:05.0501 7112 mv91xx (38b4c95e821528fb91df16a78e04450f) C:\Windows\system32\DRIVERS\mv91xx.sys
20:44:05.0506 7112 mv91xx - ok
20:44:05.0544 7112 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:44:05.0555 7112 napagent - ok
20:44:05.0591 7112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:44:05.0595 7112 NativeWifiP - ok
20:44:05.0671 7112 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:44:05.0685 7112 NDIS - ok
20:44:05.0697 7112 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:44:05.0698 7112 NdisCap - ok
20:44:05.0712 7112 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:44:05.0713 7112 NdisTapi - ok
20:44:05.0724 7112 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:44:05.0725 7112 Ndisuio - ok
20:44:05.0739 7112 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:44:05.0741 7112 NdisWan - ok
20:44:05.0763 7112 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:44:05.0764 7112 NDProxy - ok
20:44:05.0772 7112 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:44:05.0773 7112 NetBIOS - ok
20:44:05.0793 7112 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:44:05.0800 7112 NetBT - ok
20:44:05.0829 7112 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:05.0830 7112 Netlogon - ok
20:44:05.0868 7112 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:44:05.0880 7112 Netman - ok
20:44:05.0994 7112 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:05.0996 7112 NetMsmqActivator - ok
20:44:05.0999 7112 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:06.0000 7112 NetPipeActivator - ok
20:44:06.0021 7112 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:44:06.0027 7112 netprofm - ok
20:44:06.0030 7112 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:06.0032 7112 NetTcpActivator - ok
20:44:06.0035 7112 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:06.0036 7112 NetTcpPortSharing - ok
20:44:06.0075 7112 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:44:06.0076 7112 nfrd960 - ok
20:44:06.0105 7112 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:44:06.0107 7112 NisDrv - ok
20:44:06.0196 7112 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
20:44:06.0203 7112 NisSrv - ok
20:44:06.0242 7112 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:44:06.0248 7112 NlaSvc - ok
20:44:06.0282 7112 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\DRIVERS\npf.sys
20:44:06.0284 7112 NPF - ok
20:44:06.0307 7112 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:44:06.0308 7112 Npfs - ok
20:44:06.0313 7112 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:44:06.0314 7112 nsi - ok
20:44:06.0321 7112 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:44:06.0322 7112 nsiproxy - ok
20:44:06.0458 7112 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:44:06.0493 7112 Ntfs - ok
20:44:06.0573 7112 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:44:06.0574 7112 Null - ok
20:44:06.0596 7112 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
20:44:06.0597 7112 nusb3hub - ok
20:44:06.0612 7112 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:44:06.0615 7112 nusb3xhc - ok
20:44:06.0654 7112 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
20:44:06.0656 7112 NVHDA - ok
20:44:07.0101 7112 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:44:07.0150 7112 nvlddmkm - ok
20:44:07.0269 7112 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:44:07.0271 7112 nvraid - ok
20:44:07.0331 7112 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:44:07.0333 7112 nvstor - ok
20:44:07.0441 7112 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
20:44:07.0475 7112 nvsvc - ok
20:44:07.0633 7112 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:44:07.0643 7112 nvUpdatusService - ok
20:44:07.0753 7112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:44:07.0755 7112 nv_agp - ok
20:44:07.0768 7112 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:44:07.0770 7112 ohci1394 - ok
20:44:07.0805 7112 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:07.0819 7112 p2pimsvc - ok
20:44:07.0860 7112 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:44:07.0871 7112 p2psvc - ok
20:44:07.0885 7112 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:44:07.0886 7112 Parport - ok
20:44:07.0927 7112 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:44:07.0928 7112 partmgr - ok
20:44:07.0945 7112 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:44:07.0954 7112 PcaSvc - ok
20:44:07.0970 7112 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:44:07.0979 7112 pci - ok
20:44:07.0992 7112 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:44:07.0993 7112 pciide - ok
20:44:08.0004 7112 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:44:08.0007 7112 pcmcia - ok
20:44:08.0019 7112 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:44:08.0021 7112 pcw - ok
20:44:08.0055 7112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:44:08.0069 7112 PEAUTH - ok
20:44:08.0134 7112 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:44:08.0136 7112 PerfHost - ok
20:44:08.0215 7112 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:44:08.0232 7112 pla - ok
20:44:08.0295 7112 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:44:08.0307 7112 PlugPlay - ok
20:44:08.0309 7112 PnkBstrA - ok
20:44:08.0324 7112 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:44:08.0326 7112 PNRPAutoReg - ok
20:44:08.0355 7112 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:08.0359 7112 PNRPsvc - ok
20:44:08.0400 7112 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:44:08.0408 7112 PolicyAgent - ok
20:44:08.0431 7112 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:44:08.0435 7112 Power - ok
20:44:08.0497 7112 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:44:08.0498 7112 PptpMiniport - ok
20:44:08.0509 7112 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:44:08.0511 7112 Processor - ok
20:44:08.0535 7112 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:44:08.0544 7112 ProfSvc - ok
20:44:08.0570 7112 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:08.0572 7112 ProtectedStorage - ok
20:44:08.0591 7112 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:44:08.0593 7112 Psched - ok
20:44:08.0684 7112 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:44:08.0710 7112 ql2300 - ok
20:44:08.0797 7112 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:44:08.0799 7112 ql40xx - ok
20:44:08.0824 7112 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:44:08.0832 7112 QWAVE - ok
20:44:08.0842 7112 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:44:08.0844 7112 QWAVEdrv - ok
20:44:08.0860 7112 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:44:08.0861 7112 RasAcd - ok
20:44:08.0893 7112 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:44:08.0894 7112 RasAgileVpn - ok
20:44:08.0916 7112 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:44:08.0919 7112 RasAuto - ok
20:44:08.0940 7112 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:44:08.0942 7112 Rasl2tp - ok
20:44:08.0970 7112 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:44:08.0984 7112 RasMan - ok
20:44:09.0002 7112 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:44:09.0004 7112 RasPppoe - ok
20:44:09.0019 7112 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:44:09.0021 7112 RasSstp - ok
20:44:09.0044 7112 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:44:09.0050 7112 rdbss - ok
20:44:09.0062 7112 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:44:09.0063 7112 rdpbus - ok
20:44:09.0080 7112 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:44:09.0081 7112 RDPCDD - ok
20:44:09.0089 7112 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:44:09.0090 7112 RDPENCDD - ok
20:44:09.0104 7112 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:44:09.0104 7112 RDPREFMP - ok
20:44:09.0150 7112 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:44:09.0159 7112 RDPWD - ok
20:44:09.0183 7112 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:44:09.0191 7112 rdyboost - ok
20:44:09.0214 7112 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:44:09.0216 7112 RemoteAccess - ok
20:44:09.0241 7112 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:44:09.0244 7112 RemoteRegistry - ok
20:44:09.0261 7112 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:44:09.0264 7112 RpcEptMapper - ok
20:44:09.0285 7112 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:44:09.0287 7112 RpcLocator - ok
20:44:09.0320 7112 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:09.0326 7112 RpcSs - ok
20:44:09.0346 7112 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:44:09.0347 7112 rspndr - ok
20:44:09.0423 7112 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:44:09.0428 7112 RTL8167 - ok
20:44:09.0454 7112 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:09.0455 7112 SamSs - ok
20:44:09.0471 7112 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:44:09.0473 7112 sbp2port - ok
20:44:09.0497 7112 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:44:09.0501 7112 SCardSvr - ok
20:44:09.0506 7112 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:44:09.0507 7112 scfilter - ok
20:44:09.0560 7112 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:44:09.0596 7112 Schedule - ok
20:44:09.0620 7112 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
20:44:09.0621 7112 SCMNdisP - ok
20:44:09.0648 7112 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:09.0649 7112 SCPolicySvc - ok
20:44:09.0667 7112 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:44:09.0670 7112 SDRSVC - ok
20:44:09.0690 7112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:44:09.0691 7112 secdrv - ok
20:44:09.0698 7112 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:44:09.0700 7112 seclogon - ok
20:44:09.0723 7112 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:44:09.0726 7112 SENS - ok
20:44:09.0740 7112 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:44:09.0743 7112 SensrSvc - ok
20:44:09.0762 7112 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:44:09.0763 7112 Serenum - ok
20:44:09.0783 7112 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:44:09.0784 7112 Serial - ok
20:44:09.0802 7112 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:44:09.0803 7112 sermouse - ok
20:44:09.0824 7112 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:44:09.0827 7112 SessionEnv - ok
20:44:09.0830 7112 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:44:09.0831 7112 sffdisk - ok
20:44:09.0836 7112 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:44:09.0837 7112 sffp_mmc - ok
20:44:09.0840 7112 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:44:09.0841 7112 sffp_sd - ok
20:44:09.0844 7112 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:44:09.0845 7112 sfloppy - ok
20:44:09.0877 7112 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:44:09.0890 7112 ShellHWDetection - ok
20:44:09.0895 7112 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:44:09.0896 7112 SiSRaid2 - ok
20:44:09.0916 7112 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:44:09.0918 7112 SiSRaid4 - ok
20:44:10.0005 7112 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
20:44:10.0007 7112 SkypeUpdate - ok
20:44:10.0031 7112 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:44:10.0033 7112 Smb - ok
20:44:10.0059 7112 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:44:10.0062 7112 SNMPTRAP - ok
20:44:10.0068 7112 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:44:10.0069 7112 spldr - ok
20:44:10.0098 7112 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:44:10.0116 7112 Spooler - ok
20:44:10.0243 7112 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:44:10.0304 7112 sppsvc - ok
20:44:10.0384 7112 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:44:10.0387 7112 sppuinotify - ok
20:44:10.0460 7112 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:44:10.0470 7112 srv - ok
20:44:10.0497 7112 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:44:10.0509 7112 srv2 - ok
20:44:10.0558 7112 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:44:10.0560 7112 srvnet - ok
20:44:10.0597 7112 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:44:10.0601 7112 SSDPSRV - ok
20:44:10.0634 7112 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:44:10.0637 7112 SstpSvc - ok
20:44:10.0668 7112 Steam Client Service - ok
20:44:10.0682 7112 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:44:10.0683 7112 stexstor - ok
20:44:10.0724 7112 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:44:10.0740 7112 stisvc - ok
20:44:10.0754 7112 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:44:10.0755 7112 swenum - ok
20:44:10.0802 7112 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:44:10.0821 7112 swprv - ok
20:44:10.0900 7112 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:44:10.0939 7112 SysMain - ok
20:44:11.0013 7112 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:44:11.0016 7112 TabletInputService - ok
20:44:11.0032 7112 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:44:11.0037 7112 TapiSrv - ok
20:44:11.0055 7112 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:44:11.0058 7112 TBS - ok
20:44:11.0188 7112 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:44:11.0250 7112 Tcpip - ok
20:44:11.0339 7112 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:44:11.0346 7112 TCPIP6 - ok
20:44:11.0385 7112 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:44:11.0385 7112 tcpipreg - ok
20:44:11.0397 7112 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:44:11.0397 7112 TDPIPE - ok
20:44:11.0427 7112 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:44:11.0427 7112 TDTCP - ok
20:44:11.0441 7112 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:44:11.0442 7112 tdx - ok
20:44:11.0467 7112 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:44:11.0468 7112 TermDD - ok
20:44:11.0510 7112 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:44:11.0516 7112 TermService - ok
20:44:11.0528 7112 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:44:11.0530 7112 Themes - ok
20:44:11.0545 7112 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:11.0546 7112 THREADORDER - ok
20:44:11.0559 7112 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:44:11.0561 7112 TrkWks - ok
20:44:11.0609 7112 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:44:11.0610 7112 TrustedInstaller - ok
20:44:11.0624 7112 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:44:11.0624 7112 tssecsrv - ok
20:44:11.0635 7112 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:44:11.0636 7112 TsUsbFlt - ok
20:44:11.0643 7112 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:44:11.0644 7112 TsUsbGD - ok
20:44:11.0663 7112 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:44:11.0664 7112 tunnel - ok
20:44:11.0667 7112 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:44:11.0668 7112 uagp35 - ok
20:44:11.0689 7112 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:44:11.0695 7112 udfs - ok
20:44:11.0715 7112 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:44:11.0716 7112 UI0Detect - ok
20:44:11.0727 7112 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:44:11.0727 7112 uliagpkx - ok
20:44:11.0740 7112 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:44:11.0741 7112 umbus - ok
20:44:11.0752 7112 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:44:11.0753 7112 UmPass - ok
20:44:11.0765 7112 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:44:11.0769 7112 upnphost - ok
20:44:11.0805 7112 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:44:11.0806 7112 usbccgp - ok
20:44:11.0826 7112 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:44:11.0828 7112 usbcir - ok
20:44:11.0841 7112 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:44:11.0842 7112 usbehci - ok
20:44:11.0863 7112 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:44:11.0868 7112 usbhub - ok
20:44:11.0904 7112 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:44:11.0905 7112 usbohci - ok
20:44:11.0919 7112 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
20:44:11.0920 7112 usbprint - ok
20:44:11.0953 7112 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:44:11.0955 7112 USBSTOR - ok
20:44:11.0973 7112 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:44:11.0974 7112 usbuhci - ok
20:44:11.0996 7112 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:44:11.0998 7112 UxSms - ok
20:44:12.0020 7112 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:12.0021 7112 VaultSvc - ok
20:44:12.0030 7112 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:44:12.0031 7112 vdrvroot - ok
20:44:12.0064 7112 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:44:12.0107 7112 vds - ok
20:44:12.0126 7112 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:44:12.0127 7112 vga - ok
20:44:12.0138 7112 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:44:12.0139 7112 VgaSave - ok
20:44:12.0162 7112 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:44:12.0170 7112 vhdmp - ok
20:44:12.0183 7112 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:44:12.0184 7112 viaide - ok
20:44:12.0209 7112 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:44:12.0210 7112 volmgr - ok
20:44:12.0237 7112 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:44:12.0249 7112 volmgrx - ok
20:44:12.0274 7112 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:44:12.0280 7112 volsnap - ok
20:44:12.0307 7112 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:44:12.0310 7112 vsmraid - ok
20:44:12.0396 7112 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:44:12.0428 7112 VSS - ok
20:44:12.0509 7112 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:44:12.0510 7112 vwifibus - ok
20:44:12.0522 7112 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:44:12.0523 7112 vwififlt - ok
20:44:12.0562 7112 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:44:12.0575 7112 W32Time - ok
20:44:12.0602 7112 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:44:12.0603 7112 WacomPen - ok
20:44:12.0630 7112 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:12.0631 7112 WANARP - ok
20:44:12.0638 7112 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:12.0639 7112 Wanarpv6 - ok
20:44:12.0735 7112 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:44:12.0777 7112 WatAdminSvc - ok
20:44:12.0842 7112 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:44:12.0870 7112 wbengine - ok
20:44:12.0955 7112 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:44:12.0963 7112 WbioSrvc - ok
20:44:12.0980 7112 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:44:12.0985 7112 wcncsvc - ok
20:44:12.0990 7112 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:44:12.0992 7112 WcsPlugInService - ok
20:44:13.0026 7112 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:44:13.0027 7112 Wd - ok
20:44:13.0067 7112 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:44:13.0081 7112 Wdf01000 - ok
20:44:13.0097 7112 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:13.0099 7112 WdiServiceHost - ok
20:44:13.0102 7112 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:13.0104 7112 WdiSystemHost - ok
20:44:13.0117 7112 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:44:13.0121 7112 WebClient - ok
20:44:13.0133 7112 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:44:13.0138 7112 Wecsvc - ok
20:44:13.0152 7112 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:44:13.0155 7112 wercplsupport - ok
20:44:13.0186 7112 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:44:13.0188 7112 WerSvc - ok
20:44:13.0202 7112 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:44:13.0203 7112 WfpLwf - ok
20:44:13.0215 7112 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:44:13.0215 7112 WIMMount - ok
20:44:13.0251 7112 WinDefend - ok
20:44:13.0258 7112 WinHttpAutoProxySvc - ok
20:44:13.0313 7112 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:44:13.0315 7112 Winmgmt - ok
20:44:13.0416 7112 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:44:13.0450 7112 WinRM - ok
20:44:13.0569 7112 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:44:13.0584 7112 Wlansvc - ok
20:44:13.0745 7112 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:44:13.0758 7112 wlidsvc - ok
20:44:13.0827 7112 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:44:13.0827 7112 WmiAcpi - ok
20:44:13.0871 7112 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:44:13.0874 7112 wmiApSrv - ok
20:44:13.0885 7112 WMPNetworkSvc - ok
20:44:13.0905 7112 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:44:13.0906 7112 WPCSvc - ok
20:44:13.0924 7112 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:44:13.0927 7112 WPDBusEnum - ok
20:44:13.0941 7112 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:44:13.0942 7112 ws2ifsl - ok
20:44:13.0981 7112 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:44:13.0984 7112 wscsvc - ok
20:44:13.0986 7112 WSearch - ok
20:44:14.0031 7112 WSWNDA3100 (a2c4dc335656fb7a5a3ac076282534cb) C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
20:44:14.0033 7112 WSWNDA3100 - ok
20:44:14.0124 7112 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:44:14.0162 7112 wuauserv - ok
20:44:14.0257 7112 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:44:14.0259 7112 WudfPf - ok
20:44:14.0291 7112 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:14.0293 7112 WUDFRd - ok
20:44:14.0321 7112 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:44:14.0324 7112 wudfsvc - ok
20:44:14.0348 7112 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:44:14.0356 7112 WwanSvc - ok
20:44:14.0433 7112 X6va005 - ok
20:44:14.0457 7112 X6va006 - ok
20:44:14.0472 7112 X6va008 - ok
20:44:14.0496 7112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:44:14.0741 7112 \Device\Harddisk0\DR0 - ok
20:44:14.0744 7112 Boot (0x1200) (a7a4d946c098b4d684c922b30391d12a) \Device\Harddisk0\DR0\Partition0
20:44:14.0745 7112 \Device\Harddisk0\DR0\Partition0 - ok
20:44:14.0774 7112 Boot (0x1200) (2963b20738096e5291604ca30c8004f8) \Device\Harddisk0\DR0\Partition1
20:44:14.0775 7112 \Device\Harddisk0\DR0\Partition1 - ok
20:44:14.0776 7112 ============================================================
20:44:14.0776 7112 Scan finished
20:44:14.0776 7112 ============================================================
20:44:14.0787 7104 Detected object count: 0
20:44:14.0787 7104 Actual detected object count: 0
20:44:38.0054 4088 ============================================================
20:44:38.0054 4088 Scan started
20:44:38.0055 4088 Mode: Manual; TDLFS;
20:44:38.0055 4088 ============================================================
20:44:38.0237 4088 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
20:44:38.0239 4088 1394ohci - ok
20:44:38.0266 4088 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:44:38.0269 4088 ACPI - ok
20:44:38.0282 4088 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:44:38.0283 4088 AcpiPmi - ok
20:44:38.0376 4088 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:44:38.0378 4088 AdobeFlashPlayerUpdateSvc - ok
20:44:38.0413 4088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:44:38.0416 4088 adp94xx - ok
20:44:38.0446 4088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:44:38.0448 4088 adpahci - ok
20:44:38.0467 4088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:44:38.0468 4088 adpu320 - ok
20:44:38.0498 4088 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:44:38.0499 4088 AeLookupSvc - ok
20:44:38.0554 4088 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:44:38.0558 4088 AFD - ok
20:44:38.0568 4088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:44:38.0569 4088 agp440 - ok
20:44:38.0580 4088 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:44:38.0581 4088 ALG - ok
20:44:38.0584 4088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:44:38.0584 4088 aliide - ok
20:44:38.0587 4088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:44:38.0588 4088 amdide - ok
20:44:38.0596 4088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:44:38.0597 4088 AmdK8 - ok
20:44:38.0602 4088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:44:38.0603 4088 AmdPPM - ok
20:44:38.0641 4088 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:44:38.0642 4088 amdsata - ok
20:44:38.0659 4088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:44:38.0661 4088 amdsbs - ok
20:44:38.0671 4088 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:44:38.0671 4088 amdxata - ok
20:44:38.0689 4088 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:44:38.0690 4088 AppID - ok
20:44:38.0703 4088 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:44:38.0704 4088 AppIDSvc - ok
20:44:38.0719 4088 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:44:38.0720 4088 Appinfo - ok
20:44:38.0739 4088 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:44:38.0740 4088 arc - ok
20:44:38.0753 4088 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:44:38.0754 4088 arcsas - ok
20:44:38.0787 4088 aspnet_state - ok
20:44:38.0794 4088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:38.0795 4088 AsyncMac - ok
20:44:38.0804 4088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:44:38.0804 4088 atapi - ok
20:44:38.0836 4088 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:38.0841 4088 AudioEndpointBuilder - ok
20:44:38.0848 4088 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:38.0853 4088 AudioSrv - ok
20:44:38.0866 4088 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:44:38.0866 4088 AxInstSV - ok
20:44:38.0896 4088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:44:38.0898 4088 b06bdrv - ok
20:44:38.0920 4088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:44:38.0922 4088 b57nd60a - ok
20:44:38.0923 4088 badmghpp - ok
20:44:38.0997 4088 BCMH43XX (6fa3557ea5fa09ba705298cc6b0e9f5a) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
20:44:39.0005 4088 BCMH43XX - ok
20:44:39.0019 4088 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:44:39.0019 4088 BDESVC - ok
20:44:39.0081 4088 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:44:39.0082 4088 Beep - ok
20:44:39.0115 4088 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:44:39.0121 4088 BFE - ok
20:44:39.0174 4088 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:44:39.0181 4088 BITS - ok
20:44:39.0208 4088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:39.0209 4088 blbdrive - ok
20:44:39.0249 4088 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:44:39.0250 4088 bowser - ok
20:44:39.0264 4088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:44:39.0264 4088 BrFiltLo - ok
20:44:39.0274 4088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:44:39.0274 4088 BrFiltUp - ok
20:44:39.0288 4

Synes godt om

BATMANWASHERE Nybegynder

07. juni 2012 - 20:59 #13

aswMBR LOG
____________

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-07 20:49:11
-----------------------------
20:49:11.648 OS Version: Windows x64 6.1.7601 Service Pack 1
20:49:11.649 Number of processors: 8 586 0x2A07
20:49:11.650 ComputerName: SHARKGAMING-PC UserName: SharkGaming
20:49:12.309 Initialize success
20:53:58.460 AVAST engine defs: 12060700
20:57:22.940 The log file has been saved successfully to "C:\Users\SharkGaming\Desktop\aswMBR.txt"

_____

Dette var et QUICK-SCAN.

Synes godt om

f-arn Guru

07. juni 2012 - 21:29 #14

Det nederste af loggen fra TDSSKiller mangler !!!

Den log fra aswMBR ser helt forkert ud, for den har hverken scannet tjenester, moduler eller mapper.

Vil du godt prøve igen !!!

Synes godt om

BATMANWASHERE Nybegynder

07. juni 2012 - 22:21 #15

20:43:31.0985 6940 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
20:43:32.0254 6940 ============================================================
20:43:32.0254 6940 Current date / time: 2012/06/07 20:43:32.0254
20:43:32.0254 6940 SystemInfo:
20:43:32.0254 6940
20:43:32.0254 6940 OS Version: 6.1.7601 ServicePack: 1.0
20:43:32.0254 6940 Product type: Workstation
20:43:32.0255 6940 ComputerName: SHARKGAMING-PC
20:43:32.0255 6940 UserName: SharkGaming
20:43:32.0255 6940 Windows directory: C:\Windows
20:43:32.0255 6940 System windows directory: C:\Windows
20:43:32.0255 6940 Running under WOW64
20:43:32.0255 6940 Processor architecture: Intel x64
20:43:32.0255 6940 Number of processors: 8
20:43:32.0255 6940 Page size: 0x1000
20:43:32.0255 6940 Boot type: Normal boot
20:43:32.0255 6940 ============================================================
20:43:33.0223 6940 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:43:33.0229 6940 ============================================================
20:43:33.0229 6940 \Device\Harddisk0\DR0:
20:43:33.0229 6940 MBR partitions:
20:43:33.0229 6940 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:43:33.0229 6940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
20:43:33.0230 6940 ============================================================
20:43:33.0247 6940 C: <-> \Device\Harddisk0\DR0\Partition1
20:43:33.0247 6940 ============================================================
20:43:33.0247 6940 Initialize success
20:43:33.0247 6940 ============================================================
20:43:58.0601 7112 ============================================================
20:43:58.0601 7112 Scan started
20:43:58.0601 7112 Mode: Manual; TDLFS;
20:43:58.0601 7112 ============================================================
20:43:59.0003 7112 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
20:43:59.0007 7112 1394ohci - ok
20:43:59.0027 7112 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:43:59.0033 7112 ACPI - ok
20:43:59.0042 7112 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:43:59.0043 7112 AcpiPmi - ok
20:43:59.0170 7112 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:43:59.0172 7112 AdobeFlashPlayerUpdateSvc - ok
20:43:59.0214 7112 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:43:59.0241 7112 adp94xx - ok
20:43:59.0282 7112 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:43:59.0295 7112 adpahci - ok
20:43:59.0318 7112 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:43:59.0321 7112 adpu320 - ok
20:43:59.0350 7112 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:43:59.0351 7112 AeLookupSvc - ok
20:43:59.0422 7112 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:43:59.0433 7112 AFD - ok
20:43:59.0444 7112 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:43:59.0446 7112 agp440 - ok
20:43:59.0465 7112 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:43:59.0466 7112 ALG - ok
20:43:59.0469 7112 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:43:59.0470 7112 aliide - ok
20:43:59.0474 7112 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:43:59.0474 7112 amdide - ok
20:43:59.0490 7112 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:43:59.0491 7112 AmdK8 - ok
20:43:59.0497 7112 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:43:59.0498 7112 AmdPPM - ok
20:43:59.0543 7112 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:43:59.0545 7112 amdsata - ok
20:43:59.0562 7112 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:43:59.0564 7112 amdsbs - ok
20:43:59.0586 7112 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:43:59.0587 7112 amdxata - ok
20:43:59.0616 7112 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:43:59.0618 7112 AppID - ok
20:43:59.0639 7112 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:43:59.0640 7112 AppIDSvc - ok
20:43:59.0655 7112 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:43:59.0656 7112 Appinfo - ok
20:43:59.0675 7112 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:43:59.0677 7112 arc - ok
20:43:59.0690 7112 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:43:59.0692 7112 arcsas - ok
20:43:59.0749 7112 aspnet_state - ok
20:43:59.0780 7112 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:43:59.0781 7112 AsyncMac - ok
20:43:59.0790 7112 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:43:59.0790 7112 atapi - ok
20:43:59.0848 7112 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:43:59.0886 7112 AudioEndpointBuilder - ok
20:43:59.0894 7112 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:43:59.0899 7112 AudioSrv - ok
20:43:59.0927 7112 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:43:59.0929 7112 AxInstSV - ok
20:43:59.0957 7112 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:43:59.0969 7112 b06bdrv - ok
20:43:59.0991 7112 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:43:59.0998 7112 b57nd60a - ok
20:44:00.0008 7112 badmghpp - ok
20:44:00.0093 7112 BCMH43XX (6fa3557ea5fa09ba705298cc6b0e9f5a) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
20:44:00.0102 7112 BCMH43XX - ok
20:44:00.0138 7112 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:44:00.0140 7112 BDESVC - ok
20:44:00.0175 7112 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:44:00.0176 7112 Beep - ok
20:44:00.0227 7112 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:44:00.0240 7112 BFE - ok
20:44:00.0294 7112 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:44:00.0312 7112 BITS - ok
20:44:00.0336 7112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:00.0337 7112 blbdrive - ok
20:44:00.0393 7112 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:44:00.0394 7112 bowser - ok
20:44:00.0416 7112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:44:00.0417 7112 BrFiltLo - ok
20:44:00.0426 7112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:44:00.0427 7112 BrFiltUp - ok
20:44:00.0459 7112 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:44:00.0461 7112 Browser - ok
20:44:00.0484 7112 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:44:00.0490 7112 Brserid - ok
20:44:00.0507 7112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:44:00.0508 7112 BrSerWdm - ok
20:44:00.0522 7112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:44:00.0523 7112 BrUsbMdm - ok
20:44:00.0526 7112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:44:00.0527 7112 BrUsbSer - ok
20:44:00.0548 7112 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:44:00.0549 7112 BTHMODEM - ok
20:44:00.0568 7112 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:44:00.0570 7112 bthserv - ok
20:44:00.0595 7112 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:44:00.0597 7112 cdfs - ok
20:44:00.0619 7112 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:44:00.0621 7112 cdrom - ok
20:44:00.0649 7112 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:00.0651 7112 CertPropSvc - ok
20:44:00.0663 7112 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:44:00.0664 7112 circlass - ok
20:44:00.0688 7112 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:44:00.0702 7112 CLFS - ok
20:44:00.0761 7112 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:00.0763 7112 clr_optimization_v2.0.50727_32 - ok
20:44:00.0793 7112 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:44:00.0795 7112 clr_optimization_v2.0.50727_64 - ok
20:44:00.0882 7112 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:44:00.0884 7112 clr_optimization_v4.0.30319_32 - ok
20:44:00.0934 7112 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:44:00.0937 7112 clr_optimization_v4.0.30319_64 - ok
20:44:00.0973 7112 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:44:00.0974 7112 CmBatt - ok
20:44:00.0983 7112 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:44:00.0984 7112 cmdide - ok
20:44:01.0034 7112 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:44:01.0045 7112 CNG - ok
20:44:01.0058 7112 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:44:01.0059 7112 Compbatt - ok
20:44:01.0095 7112 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:44:01.0095 7112 CompositeBus - ok
20:44:01.0109 7112 COMSysApp - ok
20:44:01.0112 7112 cqbvreew - ok
20:44:01.0122 7112 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:44:01.0123 7112 crcdisk - ok
20:44:01.0158 7112 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:44:01.0161 7112 CryptSvc - ok
20:44:01.0197 7112 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:01.0204 7112 DcomLaunch - ok
20:44:01.0246 7112 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:44:01.0249 7112 defragsvc - ok
20:44:01.0283 7112 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:44:01.0285 7112 DfsC - ok
20:44:01.0311 7112 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:44:01.0318 7112 Dhcp - ok
20:44:01.0327 7112 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:44:01.0328 7112 discache - ok
20:44:01.0358 7112 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:44:01.0359 7112 Disk - ok
20:44:01.0401 7112 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:44:01.0404 7112 Dnscache - ok
20:44:01.0427 7112 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:44:01.0436 7112 dot3svc - ok
20:44:01.0450 7112 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:44:01.0452 7112 DPS - ok
20:44:01.0476 7112 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:44:01.0476 7112 drmkaud - ok
20:44:01.0524 7112 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:44:01.0526 7112 dtsoftbus01 - ok
20:44:01.0588 7112 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:44:01.0596 7112 DXGKrnl - ok
20:44:01.0616 7112 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:44:01.0618 7112 EapHost - ok
20:44:01.0726 7112 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:44:01.0767 7112 ebdrv - ok
20:44:01.0854 7112 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:44:01.0856 7112 EFS - ok
20:44:01.0915 7112 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:44:01.0928 7112 ehRecvr - ok
20:44:01.0945 7112 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:44:01.0947 7112 ehSched - ok
20:44:02.0019 7112 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:44:02.0027 7112 elxstor - ok
20:44:02.0043 7112 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:44:02.0043 7112 ErrDev - ok
20:44:02.0087 7112 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:44:02.0100 7112 EventSystem - ok
20:44:02.0134 7112 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:44:02.0136 7112 exfat - ok
20:44:02.0160 7112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:44:02.0162 7112 fastfat - ok
20:44:02.0200 7112 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:44:02.0213 7112 Fax - ok
20:44:02.0223 7112 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:44:02.0224 7112 fdc - ok
20:44:02.0236 7112 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:44:02.0237 7112 fdPHost - ok
20:44:02.0251 7112 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:44:02.0252 7112 FDResPub - ok
20:44:02.0264 7112 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:44:02.0265 7112 FileInfo - ok
20:44:02.0269 7112 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:44:02.0270 7112 Filetrace - ok
20:44:02.0278 7112 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:44:02.0279 7112 flpydisk - ok
20:44:02.0303 7112 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:44:02.0305 7112 FltMgr - ok
20:44:02.0377 7112 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:44:02.0395 7112 FontCache - ok
20:44:02.0451 7112 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:44:02.0453 7112 FontCache3.0.0.0 - ok
20:44:02.0489 7112 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:44:02.0491 7112 FsDepends - ok
20:44:02.0529 7112 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:44:02.0529 7112 Fs_Rec - ok
20:44:02.0559 7112 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:44:02.0568 7112 fvevol - ok
20:44:02.0599 7112 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:44:02.0601 7112 gagp30kx - ok
20:44:02.0655 7112 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:44:02.0690 7112 gpsvc - ok
20:44:02.0707 7112 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:44:02.0708 7112 hcw85cir - ok
20:44:02.0760 7112 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:44:02.0773 7112 HdAudAddService - ok
20:44:02.0797 7112 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:44:02.0798 7112 HDAudBus - ok
20:44:02.0809 7112 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:44:02.0810 7112 HidBatt - ok
20:44:02.0825 7112 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:44:02.0827 7112 HidBth - ok
20:44:02.0848 7112 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:44:02.0849 7112 HidIr - ok
20:44:02.0877 7112 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:44:02.0878 7112 hidserv - ok
20:44:02.0885 7112 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:44:02.0886 7112 HidUsb - ok
20:44:02.0910 7112 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:44:02.0912 7112 hkmsvc - ok
20:44:02.0924 7112 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:44:02.0928 7112 HomeGroupListener - ok
20:44:02.0949 7112 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:44:02.0959 7112 HomeGroupProvider - ok
20:44:02.0983 7112 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:44:02.0984 7112 HpSAMD - ok
20:44:03.0027 7112 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:44:03.0040 7112 HTTP - ok
20:44:03.0050 7112 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:44:03.0051 7112 hwpolicy - ok
20:44:03.0072 7112 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:44:03.0073 7112 i8042prt - ok
20:44:03.0128 7112 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:44:03.0138 7112 iaStorV - ok
20:44:03.0226 7112 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:44:03.0268 7112 idsvc - ok
20:44:03.0281 7112 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:44:03.0283 7112 iirsp - ok
20:44:03.0339 7112 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:44:03.0356 7112 IKEEXT - ok
20:44:03.0478 7112 IntcAzAudAddService (03076f51af9f78a272cccde03e9340ce) C:\Windows\system32\drivers\RTKVHD64.sys
20:44:03.0496 7112 IntcAzAudAddService - ok
20:44:03.0584 7112 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:44:03.0585 7112 intelide - ok
20:44:03.0599 7112 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:44:03.0599 7112 intelppm - ok
20:44:03.0634 7112 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:44:03.0636 7112 IPBusEnum - ok
20:44:03.0657 7112 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:03.0658 7112 IpFilterDriver - ok
20:44:03.0675 7112 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:44:03.0677 7112 IPMIDRV - ok
20:44:03.0695 7112 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:44:03.0697 7112 IPNAT - ok
20:44:03.0722 7112 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:44:03.0723 7112 IRENUM - ok
20:44:03.0738 7112 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:44:03.0739 7112 isapnp - ok
20:44:03.0764 7112 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:44:03.0771 7112 iScsiPrt - ok
20:44:03.0808 7112 JRAID (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\DRIVERS\jraid.sys
20:44:03.0809 7112 JRAID - ok
20:44:03.0817 7112 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:03.0817 7112 kbdclass - ok
20:44:03.0826 7112 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:03.0826 7112 kbdhid - ok
20:44:03.0854 7112 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:03.0855 7112 KeyIso - ok
20:44:03.0870 7112 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:44:03.0872 7112 KSecDD - ok
20:44:03.0888 7112 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:44:03.0890 7112 KSecPkg - ok
20:44:03.0899 7112 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:44:03.0900 7112 ksthunk - ok
20:44:03.0942 7112 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:44:03.0971 7112 KtmRm - ok
20:44:04.0005 7112 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:44:04.0012 7112 LanmanServer - ok
20:44:04.0047 7112 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:44:04.0050 7112 LanmanWorkstation - ok
20:44:04.0083 7112 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:44:04.0084 7112 lltdio - ok
20:44:04.0121 7112 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:44:04.0128 7112 lltdsvc - ok
20:44:04.0142 7112 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:44:04.0144 7112 lmhosts - ok
20:44:04.0182 7112 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:44:04.0183 7112 LSI_FC - ok
20:44:04.0207 7112 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:44:04.0209 7112 LSI_SAS - ok
20:44:04.0223 7112 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:44:04.0224 7112 LSI_SAS2 - ok
20:44:04.0238 7112 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:44:04.0240 7112 LSI_SCSI - ok
20:44:04.0257 7112 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:44:04.0258 7112 luafv - ok
20:44:04.0304 7112 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
20:44:04.0305 7112 MBAMProtector - ok
20:44:04.0389 7112 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:04.0394 7112 MBAMService - ok
20:44:04.0428 7112 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
20:44:04.0428 7112 MBfilt - ok
20:44:04.0456 7112 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:44:04.0458 7112 Mcx2Svc - ok
20:44:04.0476 7112 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:44:04.0477 7112 megasas - ok
20:44:04.0520 7112 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:44:04.0527 7112 MegaSR - ok
20:44:04.0545 7112 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:44:04.0545 7112 MEIx64 - ok
20:44:04.0564 7112 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:04.0566 7112 MMCSS - ok
20:44:04.0579 7112 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:44:04.0580 7112 Modem - ok
20:44:04.0590 7112 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:44:04.0590 7112 monitor - ok
20:44:04.0600 7112 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:44:04.0601 7112 mouclass - ok
20:44:04.0625 7112 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:44:04.0626 7112 mouhid - ok
20:44:04.0655 7112 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:44:04.0656 7112 mountmgr - ok
20:44:04.0753 7112 MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:44:04.0755 7112 MozillaMaintenance - ok
20:44:04.0785 7112 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
20:44:04.0787 7112 MpFilter - ok
20:44:04.0803 7112 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:44:04.0805 7112 mpio - ok
20:44:04.0821 7112 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:44:04.0822 7112 mpsdrv - ok
20:44:04.0886 7112 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:44:04.0927 7112 MpsSvc - ok
20:44:04.0950 7112 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:44:04.0952 7112 MRxDAV - ok
20:44:04.0995 7112 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:44:04.0997 7112 mrxsmb - ok
20:44:05.0021 7112 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:44:05.0028 7112 mrxsmb10 - ok
20:44:05.0071 7112 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:44:05.0072 7112 mrxsmb20 - ok
20:44:05.0086 7112 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:44:05.0087 7112 msahci - ok
20:44:05.0105 7112 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:44:05.0107 7112 msdsm - ok
20:44:05.0124 7112 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:44:05.0127 7112 MSDTC - ok
20:44:05.0139 7112 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:44:05.0140 7112 Msfs - ok
20:44:05.0153 7112 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:44:05.0154 7112 mshidkmdf - ok
20:44:05.0166 7112 MSICDSetup - ok
20:44:05.0178 7112 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:44:05.0178 7112 msisadrv - ok
20:44:05.0211 7112 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:44:05.0214 7112 MSiSCSI - ok
20:44:05.0216 7112 msiserver - ok
20:44:05.0238 7112 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:44:05.0238 7112 MSKSSRV - ok
20:44:05.0288 7112 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:44:05.0288 7112 MsMpSvc - ok
20:44:05.0316 7112 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:44:05.0317 7112 MSPCLOCK - ok
20:44:05.0329 7112 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:44:05.0330 7112 MSPQM - ok
20:44:05.0364 7112 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:44:05.0392 7112 MsRPC - ok
20:44:05.0405 7112 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:44:05.0405 7112 mssmbios - ok
20:44:05.0416 7112 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:44:05.0417 7112 MSTEE - ok
20:44:05.0426 7112 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:44:05.0427 7112 MTConfig - ok
20:44:05.0440 7112 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:44:05.0442 7112 Mup - ok
20:44:05.0474 7112 mv91cons (e53d9ab63917338d7ffe12e85310a636) C:\Windows\system32\DRIVERS\mv91cons.sys
20:44:05.0475 7112 mv91cons - ok
20:44:05.0501 7112 mv91xx (38b4c95e821528fb91df16a78e04450f) C:\Windows\system32\DRIVERS\mv91xx.sys
20:44:05.0506 7112 mv91xx - ok
20:44:05.0544 7112 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:44:05.0555 7112 napagent - ok
20:44:05.0591 7112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:44:05.0595 7112 NativeWifiP - ok
20:44:05.0671 7112 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:44:05.0685 7112 NDIS - ok
20:44:05.0697 7112 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:44:05.0698 7112 NdisCap - ok
20:44:05.0712 7112 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:44:05.0713 7112 NdisTapi - ok
20:44:05.0724 7112 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:44:05.0725 7112 Ndisuio - ok
20:44:05.0739 7112 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:44:05.0741 7112 NdisWan - ok
20:44:05.0763 7112 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:44:05.0764 7112 NDProxy - ok
20:44:05.0772 7112 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:44:05.0773 7112 NetBIOS - ok
20:44:05.0793 7112 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:44:05.0800 7112 NetBT - ok
20:44:05.0829 7112 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:05.0830 7112 Netlogon - ok
20:44:05.0868 7112 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:44:05.0880 7112 Netman - ok
20:44:05.0994 7112 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:05.0996 7112 NetMsmqActivator - ok
20:44:05.0999 7112 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:06.0000 7112 NetPipeActivator - ok
20:44:06.0021 7112 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:44:06.0027 7112 netprofm - ok
20:44:06.0030 7112 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:06.0032 7112 NetTcpActivator - ok
20:44:06.0035 7112 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:06.0036 7112 NetTcpPortSharing - ok
20:44:06.0075 7112 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:44:06.0076 7112 nfrd960 - ok
20:44:06.0105 7112 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:44:06.0107 7112 NisDrv - ok
20:44:06.0196 7112 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
20:44:06.0203 7112 NisSrv - ok
20:44:06.0242 7112 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:44:06.0248 7112 NlaSvc - ok
20:44:06.0282 7112 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\DRIVERS\npf.sys
20:44:06.0284 7112 NPF - ok
20:44:06.0307 7112 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:44:06.0308 7112 Npfs - ok
20:44:06.0313 7112 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:44:06.0314 7112 nsi - ok
20:44:06.0321 7112 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:44:06.0322 7112 nsiproxy - ok
20:44:06.0458 7112 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:44:06.0493 7112 Ntfs - ok
20:44:06.0573 7112 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:44:06.0574 7112 Null - ok
20:44:06.0596 7112 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
20:44:06.0597 7112 nusb3hub - ok
20:44:06.0612 7112 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:44:06.0615 7112 nusb3xhc - ok
20:44:06.0654 7112 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
20:44:06.0656 7112 NVHDA - ok
20:44:07.0101 7112 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:44:07.0150 7112 nvlddmkm - ok
20:44:07.0269 7112 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:44:07.0271 7112 nvraid - ok
20:44:07.0331 7112 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:44:07.0333 7112 nvstor - ok
20:44:07.0441 7112 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
20:44:07.0475 7112 nvsvc - ok
20:44:07.0633 7112 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:44:07.0643 7112 nvUpdatusService - ok
20:44:07.0753 7112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:44:07.0755 7112 nv_agp - ok
20:44:07.0768 7112 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:44:07.0770 7112 ohci1394 - ok
20:44:07.0805 7112 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:07.0819 7112 p2pimsvc - ok
20:44:07.0860 7112 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:44:07.0871 7112 p2psvc - ok
20:44:07.0885 7112 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:44:07.0886 7112 Parport - ok
20:44:07.0927 7112 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:44:07.0928 7112 partmgr - ok
20:44:07.0945 7112 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:44:07.0954 7112 PcaSvc - ok
20:44:07.0970 7112 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:44:07.0979 7112 pci - ok
20:44:07.0992 7112 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:44:07.0993 7112 pciide - ok
20:44:08.0004 7112 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:44:08.0007 7112 pcmcia - ok
20:44:08.0019 7112 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:44:08.0021 7112 pcw - ok
20:44:08.0055 7112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:44:08.0069 7112 PEAUTH - ok
20:44:08.0134 7112 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:44:08.0136 7112 PerfHost - ok
20:44:08.0215 7112 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:44:08.0232 7112 pla - ok
20:44:08.0295 7112 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:44:08.0307 7112 PlugPlay - ok
20:44:08.0309 7112 PnkBstrA - ok
20:44:08.0324 7112 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:44:08.0326 7112 PNRPAutoReg - ok
20:44:08.0355 7112 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:08.0359 7112 PNRPsvc - ok
20:44:08.0400 7112 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:44:08.0408 7112 PolicyAgent - ok
20:44:08.0431 7112 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:44:08.0435 7112 Power - ok
20:44:08.0497 7112 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:44:08.0498 7112 PptpMiniport - ok
20:44:08.0509 7112 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:44:08.0511 7112 Processor - ok
20:44:08.0535 7112 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:44:08.0544 7112 ProfSvc - ok
20:44:08.0570 7112 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:08.0572 7112 ProtectedStorage - ok
20:44:08.0591 7112 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:44:08.0593 7112 Psched - ok
20:44:08.0684 7112 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:44:08.0710 7112 ql2300 - ok
20:44:08.0797 7112 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:44:08.0799 7112 ql40xx - ok
20:44:08.0824 7112 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:44:08.0832 7112 QWAVE - ok
20:44:08.0842 7112 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:44:08.0844 7112 QWAVEdrv - ok
20:44:08.0860 7112 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:44:08.0861 7112 RasAcd - ok
20:44:08.0893 7112 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:44:08.0894 7112 RasAgileVpn - ok
20:44:08.0916 7112 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:44:08.0919 7112 RasAuto - ok
20:44:08.0940 7112 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:44:08.0942 7112 Rasl2tp - ok
20:44:08.0970 7112 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:44:08.0984 7112 RasMan - ok
20:44:09.0002 7112 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:44:09.0004 7112 RasPppoe - ok
20:44:09.0019 7112 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:44:09.0021 7112 RasSstp - ok
20:44:09.0044 7112 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:44:09.0050 7112 rdbss - ok
20:44:09.0062 7112 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:44:09.0063 7112 rdpbus - ok
20:44:09.0080 7112 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:44:09.0081 7112 RDPCDD - ok
20:44:09.0089 7112 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:44:09.0090 7112 RDPENCDD - ok
20:44:09.0104 7112 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:44:09.0104 7112 RDPREFMP - ok
20:44:09.0150 7112 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:44:09.0159 7112 RDPWD - ok
20:44:09.0183 7112 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:44:09.0191 7112 rdyboost - ok
20:44:09.0214 7112 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:44:09.0216 7112 RemoteAccess - ok
20:44:09.0241 7112 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:44:09.0244 7112 RemoteRegistry - ok
20:44:09.0261 7112 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:44:09.0264 7112 RpcEptMapper - ok
20:44:09.0285 7112 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:44:09.0287 7112 RpcLocator - ok
20:44:09.0320 7112 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:09.0326 7112 RpcSs - ok
20:44:09.0346 7112 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:44:09.0347 7112 rspndr - ok
20:44:09.0423 7112 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:44:09.0428 7112 RTL8167 - ok
20:44:09.0454 7112 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:09.0455 7112 SamSs - ok
20:44:09.0471 7112 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:44:09.0473 7112 sbp2port - ok
20:44:09.0497 7112 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:44:09.0501 7112 SCardSvr - ok
20:44:09.0506 7112 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:44:09.0507 7112 scfilter - ok
20:44:09.0560 7112 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:44:09.0596 7112 Schedule - ok
20:44:09.0620 7112 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
20:44:09.0621 7112 SCMNdisP - ok
20:44:09.0648 7112 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:09.0649 7112 SCPolicySvc - ok
20:44:09.0667 7112 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:44:09.0670 7112 SDRSVC - ok
20:44:09.0690 7112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:44:09.0691 7112 secdrv - ok
20:44:09.0698 7112 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:44:09.0700 7112 seclogon - ok
20:44:09.0723 7112 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:44:09.0726 7112 SENS - ok
20:44:09.0740 7112 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:44:09.0743 7112 SensrSvc - ok
20:44:09.0762 7112 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:44:09.0763 7112 Serenum - ok
20:44:09.0783 7112 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:44:09.0784 7112 Serial - ok
20:44:09.0802 7112 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:44:09.0803 7112 sermouse - ok
20:44:09.0824 7112 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:44:09.0827 7112 SessionEnv - ok
20:44:09.0830 7112 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:44:09.0831 7112 sffdisk - ok
20:44:09.0836 7112 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:44:09.0837 7112 sffp_mmc - ok
20:44:09.0840 7112 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:44:09.0841 7112 sffp_sd - ok
20:44:09.0844 7112 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:44:09.0845 7112 sfloppy - ok
20:44:09.0877 7112 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:44:09.0890 7112 ShellHWDetection - ok
20:44:09.0895 7112 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:44:09.0896 7112 SiSRaid2 - ok
20:44:09.0916 7112 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:44:09.0918 7112 SiSRaid4 - ok
20:44:10.0005 7112 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
20:44:10.0007 7112 SkypeUpdate - ok
20:44:10.0031 7112 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:44:10.0033 7112 Smb - ok
20:44:10.0059 7112 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:44:10.0062 7112 SNMPTRAP - ok
20:44:10.0068 7112 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:44:10.0069 7112 spldr - ok
20:44:10.0098 7112 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:44:10.0116 7112 Spooler - ok
20:44:10.0243 7112 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:44:10.0304 7112 sppsvc - ok
20:44:10.0384 7112 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:44:10.0387 7112 sppuinotify - ok
20:44:10.0460 7112 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:44:10.0470 7112 srv - ok
20:44:10.0497 7112 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:44:10.0509 7112 srv2 - ok
20:44:10.0558 7112 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:44:10.0560 7112 srvnet - ok
20:44:10.0597 7112 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:44:10.0601 7112 SSDPSRV - ok
20:44:10.0634 7112 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:44:10.0637 7112 SstpSvc - ok
20:44:10.0668 7112 Steam Client Service - ok
20:44:10.0682 7112 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:44:10.0683 7112 stexstor - ok
20:44:10.0724 7112 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:44:10.0740 7112 stisvc - ok
20:44:10.0754 7112 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:44:10.0755 7112 swenum - ok
20:44:10.0802 7112 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:44:10.0821 7112 swprv - ok
20:44:10.0900 7112 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:44:10.0939 7112 SysMain - ok
20:44:11.0013 7112 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:44:11.0016 7112 TabletInputService - ok
20:44:11.0032 7112 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:44:11.0037 7112 TapiSrv - ok
20:44:11.0055 7112 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:44:11.0058 7112 TBS - ok
20:44:11.0188 7112 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:44:11.0250 7112 Tcpip - ok
20:44:11.0339 7112 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:44:11.0346 7112 TCPIP6 - ok
20:44:11.0385 7112 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:44:11.0385 7112 tcpipreg - ok
20:44:11.0397 7112 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:44:11.0397 7112 TDPIPE - ok
20:44:11.0427 7112 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:44:11.0427 7112 TDTCP - ok
20:44:11.0441 7112 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:44:11.0442 7112 tdx - ok
20:44:11.0467 7112 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:44:11.0468 7112 TermDD - ok
20:44:11.0510 7112 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:44:11.0516 7112 TermService - ok
20:44:11.0528 7112 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:44:11.0530 7112 Themes - ok
20:44:11.0545 7112 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:11.0546 7112 THREADORDER - ok
20:44:11.0559 7112 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:44:11.0561 7112 TrkWks - ok
20:44:11.0609 7112 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:44:11.0610 7112 TrustedInstaller - ok
20:44:11.0624 7112 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:44:11.0624 7112 tssecsrv - ok
20:44:11.0635 7112 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:44:11.0636 7112 TsUsbFlt - ok
20:44:11.0643 7112 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:44:11.0644 7112 TsUsbGD - ok
20:44:11.0663 7112 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:44:11.0664 7112 tunnel - ok
20:44:11.0667 7112 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:44:11.0668 7112 uagp35 - ok
20:44:11.0689 7112 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:44:11.0695 7112 udfs - ok
20:44:11.0715 7112 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:44:11.0716 7112 UI0Detect - ok
20:44:11.0727 7112 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:44:11.0727 7112 uliagpkx - ok
20:44:11.0740 7112 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:44:11.0741 7112 umbus - ok
20:44:11.0752 7112 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:44:11.0753 7112 UmPass - ok
20:44:11.0765 7112 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:44:11.0769 7112 upnphost - ok
20:44:11.0805 7112 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:44:11.0806 7112 usbccgp - ok
20:44:11.0826 7112 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:44:11.0828 7112 usbcir - ok
20:44:11.0841 7112 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:44:11.0842 7112 usbehci - ok
20:44:11.0863 7112 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:44:11.0868 7112 usbhub - ok
20:44:11.0904 7112 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:44:11.0905 7112 usbohci - ok
20:44:11.0919 7112 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
20:44:11.0920 7112 usbprint - ok
20:44:11.0953 7112 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:44:11.0955 7112 USBSTOR - ok
20:44:11.0973 7112 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:44:11.0974 7112 usbuhci - ok
20:44:11.0996 7112 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:44:11.0998 7112 UxSms - ok
20:44:12.0020 7112 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:12.0021 7112 VaultSvc - ok
20:44:12.0030 7112 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:44:12.0031 7112 vdrvroot - ok
20:44:12.0064 7112 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:44:12.0107 7112 vds - ok
20:44:12.0126 7112 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:44:12.0127 7112 vga - ok
20:44:12.0138 7112 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:44:12.0139 7112 VgaSave - ok
20:44:12.0162 7112 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:44:12.0170 7112 vhdmp - ok
20:44:12.0183 7112 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:44:12.0184 7112 viaide - ok
20:44:12.0209 7112 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:44:12.0210 7112 volmgr - ok
20:44:12.0237 7112 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:44:12.0249 7112 volmgrx - ok
20:44:12.0274 7112 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:44:12.0280 7112 volsnap - ok
20:44:12.0307 7112 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:44:12.0310 7112 vsmraid - ok
20:44:12.0396 7112 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:44:12.0428 7112 VSS - ok
20:44:12.0509 7112 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:44:12.0510 7112 vwifibus - ok
20:44:12.0522 7112 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:44:12.0523 7112 vwififlt - ok
20:44:12.0562 7112 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:44:12.0575 7112 W32Time - ok
20:44:12.0602 7112 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:44:12.0603 7112 WacomPen - ok
20:44:12.0630 7112 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:12.0631 7112 WANARP - ok
20:44:12.0638 7112 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:12.0639 7112 Wanarpv6 - ok
20:44:12.0735 7112 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:44:12.0777 7112 WatAdminSvc - ok
20:44:12.0842 7112 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:44:12.0870 7112 wbengine - ok
20:44:12.0955 7112 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:44:12.0963 7112 WbioSrvc - ok
20:44:12.0980 7112 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:44:12.0985 7112 wcncsvc - ok
20:44:12.0990 7112 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:44:12.0992 7112 WcsPlugInService - ok
20:44:13.0026 7112 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:44:13.0027 7112 Wd - ok
20:44:13.0067 7112 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:44:13.0081 7112 Wdf01000 - ok
20:44:13.0097 7112 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:13.0099 7112 WdiServiceHost - ok
20:44:13.0102 7112 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:13.0104 7112 WdiSystemHost - ok
20:44:13.0117 7112 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:44:13.0121 7112 WebClient - ok
20:44:13.0133 7112 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:44:13.0138 7112 Wecsvc - ok
20:44:13.0152 7112 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:44:13.0155 7112 wercplsupport - ok
20:44:13.0186 7112 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:44:13.0188 7112 WerSvc - ok
20:44:13.0202 7112 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:44:13.0203 7112 WfpLwf - ok
20:44:13.0215 7112 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:44:13.0215 7112 WIMMount - ok
20:44:13.0251 7112 WinDefend - ok
20:44:13.0258 7112 WinHttpAutoProxySvc - ok
20:44:13.0313 7112 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:44:13.0315 7112 Winmgmt - ok
20:44:13.0416 7112 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:44:13.0450 7112 WinRM - ok
20:44:13.0569 7112 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:44:13.0584 7112 Wlansvc - ok
20:44:13.0745 7112 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:44:13.0758 7112 wlidsvc - ok
20:44:13.0827 7112 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:44:13.0827 7112 WmiAcpi - ok
20:44:13.0871 7112 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:44:13.0874 7112 wmiApSrv - ok
20:44:13.0885 7112 WMPNetworkSvc - ok
20:44:13.0905 7112 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:44:13.0906 7112 WPCSvc - ok
20:44:13.0924 7112 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:44:13.0927 7112 WPDBusEnum - ok
20:44:13.0941 7112 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:44:13.0942 7112 ws2ifsl - ok
20:44:13.0981 7112 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:44:13.0984 7112 wscsvc - ok
20:44:13.0986 7112 WSearch - ok
20:44:14.0031 7112 WSWNDA3100 (a2c4dc335656fb7a5a3ac076282534cb) C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
20:44:14.0033 7112 WSWNDA3100 - ok
20:44:14.0124 7112 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:44:14.0162 7112 wuauserv - ok
20:44:14.0257 7112 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:44:14.0259 7112 WudfPf - ok
20:44:14.0291 7112 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:14.0293 7112 WUDFRd - ok
20:44:14.0321 7112 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:44:14.0324 7112 wudfsvc - ok
20:44:14.0348 7112 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:44:14.0356 7112 WwanSvc - ok
20:44:14.0433 7112 X6va005 - ok
20:44:14.0457 7112 X6va006 - ok
20:44:14.0472 7112 X6va008 - ok
20:44:14.0496 7112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:44:14.0741 7112 \Device\Harddisk0\DR0 - ok
20:44:14.0744 7112 Boot (0x1200) (a7a4d946c098b4d684c922b30391d12a) \Device\Harddisk0\DR0\Partition0
20:44:14.0745 7112 \Device\Harddisk0\DR0\Partition0 - ok
20:44:14.0774 7112 Boot (0x1200) (2963b20738096e5291604ca30c8004f8) \Device\Harddisk0\DR0\Partition1
20:44:14.0775 7112 \Device\Harddisk0\DR0\Partition1 - ok
20:44:14.0776 7112 ============================================================
20:44:14.0776 7112 Scan finished
20:44:14.0776 7112 ============================================================
20:44:14.0787 7104 Detected object count: 0
20:44:14.0787 7104 Actual detected object count: 0
20:44:38.0054 4088 ============================================================
20:44:38.0054 4088 Scan started
20:44:38.0055 4088 Mode: Manual; TDLFS;
20:44:38.0055 4088 ============================================================
20:44:38.0237 4088 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
20:44:38.0239 4088 1394ohci - ok
20:44:38.0266 4088 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:44:38.0269 4088 ACPI - ok
20:44:38.0282 4088 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:44:38.0283 4088 AcpiPmi - ok
20:44:38.0376 4088 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:44:38.0378 4088 AdobeFlashPlayerUpdateSvc - ok
20:44:38.0413 4088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:44:38.0416 4088 adp94xx - ok
20:44:38.0446 4088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:44:38.0448 4088 adpahci - ok
20:44:38.0467 4088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:44:38.0468 4088 adpu320 - ok
20:44:38.0498 4088 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:44:38.0499 4088 AeLookupSvc - ok
20:44:38.0554 4088 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:44:38.0558 4088 AFD - ok
20:44:38.0568 4088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:44:38.0569 4088 agp440 - ok
20:44:38.0580 4088 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:44:38.0581 4088 ALG - ok
20:44:38.0584 4088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:44:38.0584 4088 aliide - ok
20:44:38.0587 4088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:44:38.0588 4088 amdide - ok
20:44:38.0596 4088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:44:38.0597 4088 AmdK8 - ok
20:44:38.0602 4088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:44:38.0603 4088 AmdPPM - ok
20:44:38.0641 4088 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:44:38.0642 4088 amdsata - ok
20:44:38.0659 4088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:44:38.0661 4088 amdsbs - ok
20:44:38.0671 4088 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:44:38.0671 4088 amdxata - ok
20:44:38.0689 4088 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:44:38.0690 4088 AppID - ok
20:44:38.0703 4088 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:44:38.0704 4088 AppIDSvc - ok
20:44:38.0719 4088 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:44:38.0720 4088 Appinfo - ok
20:44:38.0739 4088 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:44:38.0740 4088 arc - ok
20:44:38.0753 4088 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:44:38.0754 4088 arcsas - ok
20:44:38.0787 4088 aspnet_state - ok
20:44:38.0794 4088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:38.0795 4088 AsyncMac - ok
20:44:38.0804 4088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:44:38.0804 4088 atapi - ok
20:44:38.0836 4088 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:38.0841 4088 AudioEndpointBuilder - ok
20:44:38.0848 4088 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:38.0853 4088 AudioSrv - ok
20:44:38.0866 4088 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:44:38.0866 4088 AxInstSV - ok
20:44:38.0896 4088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:44:38.0898 4088 b06bdrv - ok
20:44:38.0920 4088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:44:38.0922 4088 b57nd60a - ok
20:44:38.0923 4088 badmghpp - ok
20:44:38.0997 4088 BCMH43XX (6fa3557ea5fa09ba705298cc6b0e9f5a) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
20:44:39.0005 4088 BCMH43XX - ok
20:44:39.0019 4088 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:44:39.0019 4088 BDESVC - ok
20:44:39.0081 4088 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:44:39.0082 4088 Beep - ok
20:44:39.0115 4088 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:44:39.0121 4088 BFE - ok
20:44:39.0174 4088 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:44:39.0181 4088 BITS - ok
20:44:39.0208 4088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:39.0209 4088 blbdrive - ok
20:44:39.0249 4088 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:44:39.0250 4088 bowser - ok
20:44:39.0264 4088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:44:39.0264 4088 BrFiltLo - ok
20:44:39.0274 4088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:44:39.0274 4088 BrFiltUp - ok
20:44:39.0288 4

Synes godt om

BATMANWASHERE Nybegynder

07. juni 2012 - 22:21 #16

20:44:39.0383 4088 bthserv - ok
20:44:39.0401 4088 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:44:39.0402 4088 cdfs - ok
20:44:39.0417 4088 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:44:39.0418 4088 cdrom - ok
20:44:39.0438 4088 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:39.0439 4088 CertPropSvc - ok
20:44:39.0452 4088 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:44:39.0452 4088 circlass - ok
20:44:39.0477 4088 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:44:39.0479 4088 CLFS - ok
20:44:39.0542 4088 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:39.0543 4088 clr_optimization_v2.0.50727_32 - ok
20:44:39.0574 4088 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:44:39.0575 4088 clr_optimization_v2.0.50727_64 - ok
20:44:39.0645 4088 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:44:39.0647 4088 clr_optimization_v4.0.30319_32 - ok
20:44:39.0699 4088 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:44:39.0700 4088 clr_optimization_v4.0.30319_64 - ok
20:44:39.0729 4088 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:44:39.0729 4088 CmBatt - ok
20:44:39.0739 4088 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:44:39.0739 4088 cmdide - ok
20:44:39.0773 4088 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:44:39.0776 4088 CNG - ok
20:44:39.0789 4088 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:44:39.0789 4088 Compbatt - ok
20:44:39.0805 4088 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:44:39.0806 4088 CompositeBus - ok
20:44:39.0808 4088 COMSysApp - ok
20:44:39.0811 4088 cqbvreew - ok
20:44:39.0820 4088 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:44:39.0820 4088 crcdisk - ok
20:44:39.0854 4088 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:44:39.0856 4088 CryptSvc - ok
20:44:39.0894 4088 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:39.0899 4088 DcomLaunch - ok
20:44:39.0934 4088 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:44:39.0937 4088 defragsvc - ok
20:44:39.0947 4088 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:44:39.0948 4088 DfsC - ok
20:44:39.0976 4088 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:44:39.0978 4088 Dhcp - ok
20:44:39.0991 4088 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:44:39.0992 4088 discache - ok
20:44:40.0005 4088 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:44:40.0006 4088 Disk - ok
20:44:40.0049 4088 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:44:40.0051 4088 Dnscache - ok
20:44:40.0075 4088 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:44:40.0077 4088 dot3svc - ok
20:44:40.0098 4088 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:44:40.0100 4088 DPS - ok
20:44:40.0123 4088 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:44:40.0124 4088 drmkaud - ok
20:44:40.0162 4088 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:44:40.0165 4088 dtsoftbus01 - ok
20:44:40.0215 4088 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:44:40.0223 4088 DXGKrnl - ok
20:44:40.0240 4088 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:44:40.0242 4088 EapHost - ok
20:44:40.0366 4088 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:44:40.0379 4088 ebdrv - ok
20:44:40.0460 4088 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:44:40.0462 4088 EFS - ok
20:44:40.0511 4088 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:44:40.0515 4088 ehRecvr - ok
20:44:40.0533 4088 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:44:40.0534 4088 ehSched - ok
20:44:40.0590 4088 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:44:40.0594 4088 elxstor - ok
20:44:40.0607 4088 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:44:40.0607 4088 ErrDev - ok
20:44:40.0651 4088 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:44:40.0655 4088 EventSystem - ok
20:44:40.0674 4088 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:44:40.0675 4088 exfat - ok
20:44:40.0699 4088 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:44:40.0701 4088 fastfat - ok
20:44:40.0739 4088 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:44:40.0744 4088 Fax - ok
20:44:40.0754 4088 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:44:40.0754 4088 fdc - ok
20:44:40.0767 4088 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:44:40.0767 4088 fdPHost - ok
20:44:40.0773 4088 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:44:40.0774 4088 FDResPub - ok
20:44:40.0786 4088 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:44:40.0787 4088 FileInfo - ok
20:44:40.0789 4088 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:44:40.0790 4088 Filetrace - ok
20:44:40.0801 4088 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:44:40.0801 4088 flpydisk - ok
20:44:40.0825 4088 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:44:40.0826 4088 FltMgr - ok
20:44:40.0896 4088 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:44:40.0903 4088 FontCache - ok
20:44:40.0957 4088 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:44:40.0958 4088 FontCache3.0.0.0 - ok
20:44:40.0987 4088 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:44:40.0988 4088 FsDepends - ok
20:44:41.0026 4088 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:44:41.0027 4088 Fs_Rec - ok
20:44:41.0048 4088 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:44:41.0050 4088 fvevol - ok
20:44:41.0063 4088 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:44:41.0064 4088 gagp30kx - ok
20:44:41.0108 4088 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:44:41.0113 4088 gpsvc - ok
20:44:41.0129 4088 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:44:41.0130 4088 hcw85cir - ok
20:44:41.0164 4088 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:44:41.0167 4088 HdAudAddService - ok
20:44:41.0186 4088 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:44:41.0187 4088 HDAudBus - ok
20:44:41.0199 4088 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:44:41.0199 4088 HidBatt - ok
20:44:41.0214 4088 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:44:41.0215 4088 HidBth - ok
20:44:41.0219 4088 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:44:41.0219 4088 HidIr - ok
20:44:41.0233 4088 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:44:41.0234 4088 hidserv - ok
20:44:41.0241 4088 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:44:41.0242 4088 HidUsb - ok
20:44:41.0265 4088 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:44:41.0266 4088 hkmsvc - ok
20:44:41.0278 4088 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:44:41.0280 4088 HomeGroupListener - ok
20:44:41.0330 4088 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:44:41.0333 4088 HomeGroupProvider - ok
20:44:41.0347 4088 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:44:41.0348 4088 HpSAMD - ok
20:44:41.0392 4088 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:44:41.0397 4088 HTTP - ok
20:44:41.0406 4088 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:44:41.0406 4088 hwpolicy - ok
20:44:41.0428 4088 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:44:41.0429 4088 i8042prt - ok
20:44:41.0473 4088 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:44:41.0476 4088 iaStorV - ok
20:44:41.0564 4088 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:44:41.0571 4088 idsvc - ok
20:44:41.0579 4088 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:44:41.0580 4088 iirsp - ok
20:44:41.0637 4088 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:44:41.0643 4088 IKEEXT - ok
20:44:41.0739 4088 IntcAzAudAddService (03076f51af9f78a272cccde03e9340ce) C:\Windows\system32\drivers\RTKVHD64.sys
20:44:41.0750 4088 IntcAzAudAddService - ok
20:44:41.0819 4088 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:44:41.0819 4088 intelide - ok
20:44:41.0830 4088 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:44:41.0830 4088 intelppm - ok
20:44:41.0848 4088 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:44:41.0849 4088 IPBusEnum - ok
20:44:41.0863 4088 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:41.0864 4088 IpFilterDriver - ok
20:44:41.0881 4088 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:44:41.0882 4088 IPMIDRV - ok
20:44:41.0900 4088 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:44:41.0901 4088 IPNAT - ok
20:44:41.0911 4088 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:44:41.0912 4088 IRENUM - ok
20:44:41.0927 4088 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:44:41.0928 4088 isapnp - ok
20:44:41.0961 4088 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:44:41.0963 4088 iScsiPrt - ok
20:44:41.0988 4088 JRAID (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\DRIVERS\jraid.sys
20:44:41.0989 4088 JRAID - ok
20:44:41.0998 4088 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:41.0999 4088 kbdclass - ok
20:44:42.0007 4088 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:42.0007 4088 kbdhid - ok
20:44:42.0027 4088 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:42.0028 4088 KeyIso - ok
20:44:42.0043 4088 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:44:42.0044 4088 KSecDD - ok
20:44:42.0059 4088 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:44:42.0060 4088 KSecPkg - ok
20:44:42.0072 4088 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:44:42.0072 4088 ksthunk - ok
20:44:42.0113 4088 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:44:42.0117 4088 KtmRm - ok
20:44:42.0142 4088 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:44:42.0145 4088 LanmanServer - ok
20:44:42.0169 4088 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:44:42.0171 4088 LanmanWorkstation - ok
20:44:42.0180 4088 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:44:42.0181 4088 lltdio - ok
20:44:42.0210 4088 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:44:42.0213 4088 lltdsvc - ok
20:44:42.0223 4088 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:44:42.0224 4088 lmhosts - ok
20:44:42.0241 4088 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:44:42.0242 4088 LSI_FC - ok
20:44:42.0263 4088 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:44:42.0264 4088 LSI_SAS - ok
20:44:42.0310 4088 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:44:42.0311 4088 LSI_SAS2 - ok
20:44:42.0429 4088 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:44:42.0430 4088 LSI_SCSI - ok
20:44:42.0446 4088 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:44:42.0447 4088 luafv - ok
20:44:42.0485 4088 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
20:44:42.0486 4088 MBAMProtector - ok
20:44:42.0568 4088 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:42.0573 4088 MBAMService - ok
20:44:42.0600 4088 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
20:44:42.0600 4088 MBfilt - ok
20:44:42.0628 4088 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:44:42.0629 4088 Mcx2Svc - ok
20:44:42.0640 4088 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:44:42.0641 4088 megasas - ok
20:44:42.0691 4088 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:44:42.0694 4088 MegaSR - ok
20:44:42.0717 4088 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:44:42.0718 4088 MEIx64 - ok
20:44:42.0745 4088 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:42.0746 4088 MMCSS - ok
20:44:42.0756 4088 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:44:42.0756 4088 Modem - ok
20:44:42.0779 4088 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:44:42.0780 4088 monitor - ok
20:44:42.0789 4088 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:44:42.0790 4088 mouclass - ok
20:44:42.0798 4088 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:44:42.0799 4088 mouhid - ok
20:44:42.0810 4088 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:44:42.0811 4088 mountmgr - ok
20:44:42.0876 4088 MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:44:42.0877 4088 MozillaMaintenance - ok
20:44:42.0907 4088 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
20:44:42.0908 4088 MpFilter - ok
20:44:42.0926 4088 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:44:42.0927 4088 mpio - ok
20:44:42.0942 4088 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:44:42.0942 4088 mpsdrv - ok
20:44:42.0987 4088 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:44:42.0992 4088 MpsSvc - ok
20:44:43.0014 4088 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:44:43.0015 4088 MRxDAV - ok
20:44:43.0040 4088 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:44:43.0041 4088 mrxsmb - ok
20:44:43.0076 4088 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:44:43.0078 4088 mrxsmb10 - ok
20:44:43.0117 4088 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:44:43.0118 4088 mrxsmb20 - ok
20:44:43.0134 4088 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:44:43.0134 4088 msahci - ok
20:44:43.0152 4088 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:44:43.0153 4088 msdsm - ok
20:44:43.0171 4088 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:44:43.0172 4088 MSDTC - ok
20:44:43.0187 4088 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:44:43.0187 4088 Msfs - ok
20:44:43.0201 4088 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:44:43.0201 4088 mshidkmdf - ok
20:44:43.0203 4088 MSICDSetup - ok
20:44:43.0217 4088 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:44:43.0217 4088 msisadrv - ok
20:44:43.0241 4088 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:44:43.0244 4088 MSiSCSI - ok
20:44:43.0246 4088 msiserver - ok
20:44:43.0260 4088 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:44:43.0261 4088 MSKSSRV - ok
20:44:43.0302 4088 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:44:43.0302 4088 MsMpSvc - ok
20:44:43.0313 4088 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:44:43.0314 4088 MSPCLOCK - ok
20:44:43.0327 4088 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:44:43.0327 4088 MSPQM - ok
20:44:43.0359 4088 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:44:43.0361 4088 MsRPC - ok
20:44:43.0385 4088 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:44:43.0386 4088 mssmbios - ok
20:44:43.0397 4088 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:44:43.0398 4088 MSTEE - ok
20:44:43.0407 4088 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:44:43.0408 4088 MTConfig - ok
20:44:43.0421 4088 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:44:43.0422 4088 Mup - ok
20:44:43.0439 4088 mv91cons (e53d9ab63917338d7ffe12e85310a636) C:\Windows\system32\DRIVERS\mv91cons.sys
20:44:43.0439 4088 mv91cons - ok
20:44:43.0463 4088 mv91xx (38b4c95e821528fb91df16a78e04450f) C:\Windows\system32\DRIVERS\mv91xx.sys
20:44:43.0465 4088 mv91xx - ok
20:44:43.0499 4088 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:44:43.0503 4088 napagent - ok
20:44:43.0527 4088 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:44:43.0529 4088 NativeWifiP - ok
20:44:43.0574 4088 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:44:43.0580 4088 NDIS - ok
20:44:43.0595 4088 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:44:43.0595 4088 NdisCap - ok
20:44:43.0610 4088 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:44:43.0610 4088 NdisTapi - ok
20:44:43.0622 4088 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:44:43.0623 4088 Ndisuio - ok
20:44:43.0637 4088 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:44:43.0638 4088 NdisWan - ok
20:44:43.0652 4088 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:44:43.0653 4088 NDProxy - ok
20:44:43.0662 4088 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:44:43.0662 4088 NetBIOS - ok
20:44:43.0681 4088 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:44:43.0683 4088 NetBT - ok
20:44:43.0710 4088 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:43.0711 4088 Netlogon - ok
20:44:43.0748 4088 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:44:43.0751 4088 Netman - ok
20:44:43.0849 4088 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:43.0850 4088 NetMsmqActivator - ok
20:44:43.0854 4088 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:43.0855 4088 NetPipeActivator - ok
20:44:43.0874 4088 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:44:43.0878 4088 netprofm - ok
20:44:43.0882 4088 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:43.0883 4088 NetTcpActivator - ok
20:44:43.0887 4088 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:43.0888 4088 NetTcpPortSharing - ok
20:44:43.0922 4088 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:44:43.0923 4088 nfrd960 - ok
20:44:43.0944 4088 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:44:43.0945 4088 NisDrv - ok
20:44:44.0019 4088 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
20:44:44.0025 4088 NisSrv - ok
20:44:44.0055 4088 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:44:44.0059 4088 NlaSvc - ok
20:44:44.0088 4088 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\DRIVERS\npf.sys
20:44:44.0089 4088 NPF - ok
20:44:44.0104 4088 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:44:44.0105 4088 Npfs - ok
20:44:44.0127 4088 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:44:44.0129 4088 nsi - ok
20:44:44.0135 4088 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:44:44.0136 4088 nsiproxy - ok
20:44:44.0230 4088 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:44:44.0238 4088 Ntfs - ok
20:44:44.0313 4088 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:44:44.0313 4088 Null - ok
20:44:44.0335 4088 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
20:44:44.0336 4088 nusb3hub - ok
20:44:44.0351 4088 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:44:44.0353 4088 nusb3xhc - ok
20:44:44.0377 4088 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
20:44:44.0379 4088 NVHDA - ok
20:44:44.0748 4088 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:44:44.0795 4088 nvlddmkm - ok
20:44:44.0891 4088 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:44:44.0893 4088 nvraid - ok
20:44:44.0936 4088 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:44:44.0938 4088 nvstor - ok
20:44:45.0031 4088 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
20:44:45.0043 4088 nvsvc - ok
20:44:45.0163 4088 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:44:45.0176 4088 nvUpdatusService - ok
20:44:45.0276 4088 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:44:45.0277 4088 nv_agp - ok
20:44:45.0291 4088 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:44:45.0292 4088 ohci1394 - ok
20:44:45.0327 4088 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:45.0331 4088 p2pimsvc - ok
20:44:45.0374 4088 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:44:45.0378 4088 p2psvc - ok
20:44:45.0398 4088 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:44:45.0399 4088 Parport - ok
20:44:45.0440 4088 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:44:45.0441 4088 partmgr - ok
20:44:45.0459 4088 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:44:45.0461 4088 PcaSvc - ok
20:44:45.0475 4088 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:44:45.0476 4088 pci - ok
20:44:45.0490 4088 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:44:45.0490 4088 pciide - ok
20:44:45.0501 4088 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:44:45.0503 4088 pcmcia - ok
20:44:45.0534 4088 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:44:45.0534 4088 pcw - ok
20:44:45.0570 4088 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:44:45.0575 4088 PEAUTH - ok
20:44:45.0648 4088 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:44:45.0650 4088 PerfHost - ok
20:44:45.0725 4088 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:44:45.0736 4088 pla - ok
20:44:45.0792 4088 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:44:45.0796 4088 PlugPlay - ok
20:44:45.0800 4088 PnkBstrA - ok
20:44:45.0813 4088 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:44:45.0815 4088 PNRPAutoReg - ok
20:44:45.0844 4088 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:45.0847 4088 PNRPsvc - ok
20:44:45.0887 4088 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:44:45.0891 4088 PolicyAgent - ok
20:44:45.0913 4088 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:44:45.0915 4088 Power - ok
20:44:45.0961 4088 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:44:45.0962 4088 PptpMiniport - ok
20:44:45.0974 4088 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:44:45.0975 4088 Processor - ok
20:44:46.0000 4088 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:44:46.0002 4088 ProfSvc - ok
20:44:46.0026 4088 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:46.0027 4088 ProtectedStorage - ok
20:44:46.0038 4088 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:44:46.0039 4088 Psched - ok
20:44:46.0114 4088 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:44:46.0123 4088 ql2300 - ok
20:44:46.0212 4088 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:44:46.0213 4088 ql40xx - ok
20:44:46.0238 4088 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:44:46.0241 4088 QWAVE - ok
20:44:46.0257 4088 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:44:46.0258 4088 QWAVEdrv - ok
20:44:46.0275 4088 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:44:46.0275 4088 RasAcd - ok
20:44:46.0299 4088 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:44:46.0299 4088 RasAgileVpn - ok
20:44:46.0322 4088 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:44:46.0325 4088 RasAuto - ok
20:44:46.0346 4088 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:44:46.0347 4088 Rasl2tp - ok
20:44:46.0376 4088 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:44:46.0380 4088 RasMan - ok
20:44:46.0399 4088 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:44:46.0401 4088 RasPppoe - ok
20:44:46.0416 4088 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:44:46.0417 4088 RasSstp - ok
20:44:46.0441 4088 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:44:46.0443 4088 rdbss - ok
20:44:46.0460 4088 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:44:46.0461 4088 rdpbus - ok
20:44:46.0469 4088 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:44:46.0470 4088 RDPCDD - ok
20:44:46.0478 4088 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:44:46.0479 4088 RDPENCDD - ok
20:44:46.0485 4088 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:44:46.0485 4088 RDPREFMP - ok
20:44:46.0531 4088 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:44:46.0533 4088 RDPWD - ok
20:44:46.0555 4088 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:44:46.0557 4088 rdyboost - ok
20:44:46.0577 4088 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:44:46.0579 4088 RemoteAccess - ok
20:44:46.0604 4088 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:44:46.0607 4088 RemoteRegistry - ok
20:44:46.0626 4088 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:44:46.0628 4088 RpcEptMapper - ok
20:44:46.0650 4088 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:44:46.0651 4088 RpcLocator - ok
20:44:46.0683 4088 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:46.0689 4088 RpcSs - ok
20:44:46.0701 4088 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:44:46.0702 4088 rspndr - ok
20:44:46.0762 4088 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:44:46.0766 4088 RTL8167 - ok
20:44:46.0793 4088 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:46.0794 4088 SamSs - ok
20:44:46.0810 4088 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:44:46.0811 4088 sbp2port - ok
20:44:46.0821 4088 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:44:46.0825 4088 SCardSvr - ok
20:44:46.0829 4088 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:44:46.0829 4088 scfilter - ok
20:44:46.0879 4088 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:44:46.0889 4088 Schedule - ok
20:44:46.0909 4088 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
20:44:46.0909 4088 SCMNdisP - ok
20:44:46.0937 4088 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:46.0938 4088 SCPolicySvc - ok
20:44:46.0955 4088 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:44:46.0958 4088 SDRSVC - ok
20:44:46.0971 4088 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:44:46.0972 4088 secdrv - ok
20:44:46.0979 4088 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:44:46.0982 4088 seclogon - ok
20:44:46.0996 4088 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:44:46.0998 4088 SENS - ok
20:44:47.0013 4088 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:44:47.0015 4088 SensrSvc - ok
20:44:47.0027 4088 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:44:47.0027 4088 Serenum - ok
20:44:47.0033 4088 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:44:47.0034 4088 Serial - ok
20:44:47.0049 4088 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:44:47.0050 4088 sermouse - ok
20:44:47.0112 4088 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:44:47.0115 4088 SessionEnv - ok
20:44:47.0118 4088 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:44:47.0118 4088 sffdisk - ok
20:44:47.0122 4088 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:44:47.0123 4088 sffp_mmc - ok
20:44:47.0126 4088 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:44:47.0126 4088 sffp_sd - ok
20:44:47.0130 4088 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:44:47.0131 4088 sfloppy - ok
20:44:47.0157 4088 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:44:47.0160 4088 ShellHWDetection - ok
20:44:47.0163 4088 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:44:47.0164 4088 SiSRaid2 - ok
20:44:47.0181 4088 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:44:47.0181 4088 SiSRaid4 - ok
20:44:47.0244 4088 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
20:44:47.0246 4088 SkypeUpdate - ok
20:44:47.0262 4088 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:44:47.0263 4088 Smb - ok
20:44:47.0282 4088 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:44:47.0284 4088 SNMPTRAP - ok
20:44:47.0291 4088 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:44:47.0291 4088 spldr - ok
20:44:47.0321 4088 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:44:47.0326 4088 Spooler - ok
20:44:47.0549 4088 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:44:47.0568 4088 sppsvc - ok
20:44:47.0640 4088 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:44:47.0642 4088 sppuinotify - ok
20:44:47.0715 4088 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:44:47.0718 4088 srv - ok
20:44:47.0744 4088 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:44:47.0747 4088 srv2 - ok
20:44:47.0797 4088 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:44:47.0798 4088 srvnet - ok
20:44:47.0812 4088 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:44:47.0815 4088 SSDPSRV - ok
20:44:47.0831 4088 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:44:47.0833 4088 SstpSvc - ok
20:44:47.0857 4088 Steam Client Service - ok
20:44:47.0871 4088 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:44:47.0872 4088 stexstor - ok
20:44:47.0905 4088 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:44:47.0910 4088 stisvc - ok
20:44:47.0919 4088 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:44:47.0919 4088 swenum - ok
20:44:47.0948 4088 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:44:47.0952 4088 swprv - ok
20:44:48.0029 4088 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:44:48.0042 4088 SysMain - ok
20:44:48.0119 4088 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:44:48.0122 4088 TabletInputService - ok
20:44:48.0136 4088 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:44:48.0140 4088 TapiSrv - ok
20:44:48.0153 4088 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:44:48.0156 4088 TBS - ok
20:44:48.0273 4088 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:44:48.0284 4088 Tcpip - ok
20:44:48.0377 4088 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:44:48.0387 4088 TCPIP6 - ok
20:44:48.0433 4088 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:44:48.0433 4088 tcpipreg - ok
20:44:48.0445 4088 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:44:48.0445 4088 TDPIPE - ok
20:44:48.0475 4088 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:44:48.0475 4088 TDTCP - ok
20:44:48.0489 4088 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:44:48.0490 4088 tdx - ok
20:44:48.0499 4088 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:44:48.0499 4088 TermDD - ok
20:44:48.0543 4088 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:44:48.0548 4088 TermService - ok
20:44:48.0560 4088 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:44:48.0561 4088 Themes - ok
20:44:48.0576 4088 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:48.0577 4088 THREADORDER - ok
20:44:48.0591 4088 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:44:48.0592 4088 TrkWks - ok
20:44:48.0641 4088 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:44:48.0641 4088 TrustedInstaller - ok
20:44:48.0655 4088 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:44:48.0655 4088 tssecsrv - ok
20:44:48.0666 4088 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:44:48.0667 4088 TsUsbFlt - ok
20:44:48.0674 4088 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:44:48.0675 4088 TsUsbGD - ok
20:44:48.0694 4088 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:44:48.0695 4088 tunnel - ok
20:44:48.0698 4088 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:44:48.0698 4088 uagp35 - ok
20:44:48.0721 4088 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:44:48.0722 4088 udfs - ok
20:44:48.0738 4088 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:44:48.0740 4088 UI0Detect - ok
20:44:48.0744 4088 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:44:48.0744 4088 uliagpkx - ok
20:44:48.0755 4088 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:44:48.0755 4088 umbus - ok
20:44:48.0775 4088 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:44:48.0775 4088 UmPass - ok
20:44:48.0790 4088 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:44:48.0792 4088 upnphost - ok
20:44:48.0828 4088 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:44:48.0829 4088 usbccgp - ok
20:44:48.0848 4088 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:44:48.0849 4088 usbcir - ok
20:44:48.0864 4088 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:44:48.0864 4088 usbehci - ok
20:44:48.0885 4088 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:44:48.0887 4088 usbhub - ok
20:44:48.0927 4088 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:44:48.0928 4088 usbohci - ok
20:44:48.0942 4088 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
20:44:48.0943 4088 usbprint - ok
20:44:48.0976 4088 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:44:48.0977 4088 USBSTOR - ok
20:44:48.0995 4088 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:44:48.0996 4088 usbuhci - ok
20:44:49.0010 4088 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:44:49.0012 4088 UxSms - ok
20:44:49.0034 4088 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:49.0036 4088 VaultSvc - ok
20:44:49.0045 4088 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:44:49.0045 4088 vdrvroot - ok
20:44:49.0086 4088 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:44:49.0091 4088 vds - ok
20:44:49.0107 4088 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:44:49.0108 4088 vga - ok
20:44:49.0119 4088 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:44:49.0120 4088 VgaSave - ok
20:44:49.0142 4088 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:44:49.0144 4088 vhdmp - ok
20:44:49.0156 4088 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:44:49.0157 4088 viaide - ok
20:44:49.0173 4088 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:44:49.0174 4088 volmgr - ok
20:44:49.0200 4088 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:44:49.0203 4088 volmgrx - ok
20:44:49.0246 4088 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:44:49.0249 4088 volsnap - ok
20:44:49.0270 4088 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:44:49.0272 4088 vsmraid - ok
20:44:49.0352 4088 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:44:49.0365 4088 VSS - ok
20:44:49.0441 4088 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:44:49.0441 4088 vwifibus - ok
20:44:49.0453 4088 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:44:49.0454 4088 vwififlt - ok
20:44:49.0485 4088 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:44:49.0489 4088 W32Time - ok
20:44:49.0499 4088 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:44:49.0500 4088 WacomPen - ok
20:44:49.0519 4088 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:49.0520 4088 WANARP - ok
20:44:49.0522 4088 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:49.0523 4088 Wanarpv6 - ok
20:44:49.0615 4088 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:44:49.0624 4088 WatAdminSvc - ok
20:44:49.0678 4088 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:44:49.0686 4088 wbengine - ok
20:44:49.0769 4088 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:44:49.0772 4088 WbioSrvc - ok
20:44:49.0790 4088 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:44:49.0795 4088 wcncsvc - ok
20:44:49.0799 4088 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:44:49.0802 4088 WcsPlugInService - ok
20:44:49.0823 4088 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:44:49.0824 4088 Wd - ok
20:44:49.0855 4088 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:44:49.0858 4088 Wdf01000 - ok
20:44:49.0869 4088 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:49.0871 4088 WdiServiceHost - ok
20:44:49.0873 4088 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:49.0874 4088 WdiSystemHost - ok
20:44:49.0884 4088 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:44:49.0886 4088 WebClient - ok
20:44:49.0895 4088 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:44:49.0896 4088 Wecsvc - ok
20:44:49.0907 4088 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:44:49.0908 4088 wercplsupport - ok
20:44:49.0916 4088 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:44:49.0917 4088 WerSvc - ok
20:44:49.0924 4088 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:44:49.0925 4088 WfpLwf - ok
20:44:49.0937 4088 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:44:49.0938 4088 WIMMount - ok
20:44:49.0958 4088 WinDefend - ok
20:44:49.0961 4088 WinHttpAutoProxySvc - ok
20:44:50.0009 4088 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:44:50.0012 4088 Winmgmt - ok
20:44:50.0081 4088 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:44:50.0089 4088 WinRM - ok
20:44:50.0189 4088 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:44:50.0196 4088 Wlansvc - ok
20:44:50.0330 4088 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:44:50.0344 4088 wlidsvc - ok
20:44:50.0392 4088 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:44:50.0392 4088 WmiAcpi - ok
20:44:50.0444 4088 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:44:50.0445 4088 wmiApSrv - ok
20:44:50.0453 4088 WMPNetworkSvc - ok
20:44:50.0469 4088 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:44:50.0471 4088 WPCSvc - ok
20:44:50.0487 4088 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:44:50.0490 4088 WPDBusEnum - ok
20:44:50.0506 4088 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:44:50.0506 4088 ws2ifsl - ok
20:44:50.0520 4088 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:44:50.0523 4088 wscsvc - ok
20:44:50.0525 4088 WSearch - ok
20:44:50.0562 4088 WSWNDA3100 (a2c4dc335656fb7a5a3ac076282534cb) C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
20:44:50.0564 4088 WSWNDA3100 - ok
20:44:50.0689 4088 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:44:50.0700 4088 wuauserv - ok
20:44:50.0806 4088 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:44:50.0807 4088 WudfPf - ok
20:44:50.0830 4088 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:50.0832 4088 WUDFRd - ok
20:44:50.0852 4088 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:44:50.0855 4088 wudfsvc - ok
20:44:50.0879 4088 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:44:50.0883 4088 WwanSvc - ok
20:44:50.0939 4088 X6va005 - ok
20:44:50.0942 4088 X6va006 - ok
20:44:50.0946 4088 X6va008 - ok
20:44:50.0960 4088 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:44:51.0189 4088 \Device\Harddisk0\DR0 - ok
20:44:51.0192 4088 Boot (0x1200) (a7a4d946c098b4d684c922b30391d12a) \Device\Harddisk0\DR0\Partition0
20:44:51.0193 4088 \Device\Harddisk0\DR0\Partition0 - ok
20:44:51.0222 4088 Boot (0x1200) (2963b20738096e5291604ca30c8004f8) \Device\Harddisk0\DR0\Partition1
20:44:51.0223 4088 \Device\Harddisk0\DR0\Partition1 - ok
20:44:51.0224 4088 ============================================================
20:44:51.0224 4088 Scan finished
20:44:51.0224 4088 ============================================================
20:44:51.0232 4296 Detected object count: 0
20:44:51.0232 4296 Actual detected object count: 0

Synes godt om

BATMANWASHERE Nybegynder

08. juni 2012 - 00:14 #17

aswMBR log

Dette er en scan af "C:\"

Undskyld fra før, var lidt for hurtig på aftrækkeren med at lægge det ind, uden at se det igennem, håber jeg har gjort det rigtigt denne gang.
_______

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-07 22:22:20
-----------------------------
22:22:20.574 OS Version: Windows x64 6.1.7601 Service Pack 1
22:22:20.574 Number of processors: 8 586 0x2A07
22:22:20.574 ComputerName: SHARKGAMING-PC UserName: SharkGaming
22:22:21.176 Initialize success
22:22:23.888 AVAST engine defs: 12060700
22:22:38.028 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:22:38.030 Disk 0 Vendor: WDC_WD5000AAKX-083CA1 19.01H19 Size: 476940MB BusType: 3
22:22:38.038 Disk 0 MBR read successfully
22:22:38.041 Disk 0 MBR scan
22:22:38.045 Disk 0 Windows 7 default MBR code
22:22:38.049 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:22:38.053 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
22:22:38.060 Disk 0 scanning C:\Windows\system32\drivers
22:22:43.839 Service scanning
22:22:49.092 Service MSICDSetup D:\CDriver64.sys **LOCKED** 21
22:22:58.564 Modules scanning
22:22:58.573 Disk 0 trace - called modules:
22:22:58.586 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
22:22:58.918 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80082cf790]
22:22:58.924 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8006c90e40]
22:22:58.929 5 ACPI.sys[fffff88000fa87a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80077bb060]
22:23:00.332 AVAST engine scan C:\
23:36:07.415 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
23:36:08.965 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
23:58:58.831 Scan finished successfully
00:11:36.948 Disk 0 MBR has been saved successfully to "C:\Users\SharkGaming\Desktop\MBR.dat"
00:11:36.951 The log file has been saved successfully to "C:\Users\SharkGaming\Desktop\aswMBR.txt"

Synes godt om

f-arn Guru

08. juni 2012 - 10:33 #18

OK - jeg vil gerne ha' du prøver ComboFix èn gang.

Hvis den ikke vil. skal du ikke peøve igen.

Bare fortæl mig det, her i tråden !!!

------

Hent og gem ComboFix på dit skrivebord. <- Vigtigt

Kør så ComboFix.exe og følg anvisningerne.

Da ComboFix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem. <- Vigtigt

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan findes her: C:\ComboFix.txt

Synes godt om

BATMANWASHERE Nybegynder

08. juni 2012 - 16:47 #19

ComboFix 12-06-08.01 - SharkGaming 08-06-2012 15:58:31.1.8 - x64
Kører fra: c:\users\SharkGaming\Desktop\ComboFix.exe
* Dannede nyt systemgendannelsespunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2012-05-08 til 2012-06-08 )))))))))))))))))))))))))))))))))))
.
.
2012-06-08 14:01 . 2012-06-08 14:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-08 14:01 . 2012-06-08 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-07 22:19 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E428FCA6-EF40-497B-B5DE-625B2D29358D}\mpengine.dll
2012-06-07 22:18 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-06 19:59 . 2012-06-06 19:59 -------- d-----w- c:\program files (x86)\ERUNT
2012-06-06 14:12 . 2012-06-06 14:12 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 14:12 . 2012-06-06 14:12 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 21:11 . 2012-06-05 21:11 -------- d-----w- c:\program files (x86)\ESET
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\Malwarebytes
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\programdata\Malwarebytes
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-02 23:51 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 23:41 . 2012-06-02 23:41 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2422CA51-F472-4A19-8EE0-0E637DFA145B}\gapaengine.dll
2012-06-02 23:39 . 2012-06-02 23:39 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-06-02 23:39 . 2012-06-02 23:39 -------- d-----w- c:\program files\Microsoft Security Client
2012-05-31 00:50 . 2012-05-31 00:50 -------- d-sh--w- c:\programdata\DSS
2012-05-30 09:34 . 2012-05-30 09:34 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-30 09:33 . 2012-05-30 09:39 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\DAEMON Tools Lite
2012-05-30 09:33 . 2012-05-30 09:34 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-05-30 09:32 . 2012-05-30 09:39 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-05-29 18:23 . 2012-05-29 18:23 -------- d-----w- c:\users\SharkGaming\AppData\Local\Google
2012-05-29 18:23 . 2012-05-29 18:23 -------- d-----w- c:\users\SharkGaming\AppData\Local\CRE
2012-05-29 18:23 . 2012-05-29 18:23 -------- d-----w- c:\program files (x86)\BitTorrentBar
2012-05-25 17:44 . 2012-05-30 23:20 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-05-25 17:44 . 2012-05-25 17:44 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-05-22 17:26 . 2012-05-22 18:08 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\Awesomium
2012-05-15 14:55 . 2012-05-15 15:04 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-05-15 14:42 . 2012-05-15 14:42 -------- d-----w- c:\programdata\Battle.net
2012-05-15 10:11 . 2012-05-15 14:43 -------- d-----w- c:\users\SharkGaming\Diablo-III-8370-enGB-Installer
2012-05-14 19:39 . 2012-06-07 17:55 -------- d-----w- c:\users\SharkGaming\Incomplete
2012-05-11 16:12 . 2012-05-15 10:12 -------- d-----w- c:\program files (x86)\Diablo II
2012-05-11 15:32 . 2012-05-11 15:59 -------- d-----w- c:\users\SharkGaming\D2LOD-1.12A-enGB
2012-05-11 13:59 . 2012-05-11 15:30 -------- d-----w- c:\users\SharkGaming\D2-1.12A-enGB
2012-05-11 13:59 . 2012-05-15 15:04 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-06 14:48 . 2012-02-18 20:45 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-06 14:48 . 2012-02-18 20:42 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-05 20:32 . 2012-02-18 20:42 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-06-04 17:50 . 2012-02-18 20:42 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-08 20:55 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-08 20:55 . 2009-08-18 09:24 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-05 12:35 . 2012-04-16 12:11 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 12:35 . 2012-01-20 00:31 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 12:35 . 2012-04-16 12:35 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-03-31 06:05 . 2012-05-09 12:23 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-09 12:23 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-09 12:23 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-09 12:23 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-09 12:22 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-20 18:44 . 2012-03-20 18:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2012-03-20 18:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-17 07:58 . 2012-05-09 12:22 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-01-20 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\SharkGaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-1-20 4577760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 badmghpp;badmghpp;c:\windows\system32\drivers\badmghpp.sys [x]
R1 cqbvreew;cqbvreew;c:\windows\system32\drivers\cqbvreew.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 WSWNDA3100;WSWNDA3100;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2010-08-19 272864]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netværksinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 X6va005;X6va005;c:\users\SHARKG~1\AppData\Local\Temp\005CB.tmp [x]
R3 X6va006;X6va006;c:\users\SHARKG~1\AppData\Local\Temp\0067FAC.tmp [x]
R3 X6va008;X6va008;c:\users\SHARKG~1\AppData\Local\Temp\008B3F.tmp [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Andre Services/Drivers i Hukommelsen ---
.
*NewlyCreated* - IPNAT
*NewlyCreated* - WS2IFSL
.
Indhold af mappen 'Planlagte Opgaver'
.
2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 12:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-04 6602856]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"combofix"="c:\combofix\CF26763.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
FF - ProfilePath - c:\users\SharkGaming\AppData\Roaming\Mozilla\Firefox\Profiles\44xz14t6.default\
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
.
- - - - TOMME GENVEJE FJERNET - - - -
.
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
AddRemove-{B931FB80-537A-4600-00AD-AC5DEDB6C25B} - c:\program files (x86)\Electronic Arts\The Lord of the Rings
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\SHARKG~1\AppData\Local\Temp\005CB.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\SHARKG~1\AppData\Local\Temp\0067FAC.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\users\SHARKG~1\AppData\Local\Temp\008B3F.tmp"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\S-1-5-21-3696142184-1702543921-4226803488-1000\Software\SecuROM\License information*]
"datasecu"=hex:1c,f8,6f,62,ff,c6,f6,c2,69,f5,dd,92,83,ec,85,0b,b2,ac,92,c2,84,
18,df,6f,3d,93,1e,19,e3,e8,eb,05,ba,ad,e0,21,a0,a5,e4,63,7f,90,83,de,47,22,\
"rkeysecu"=hex:fc,73,1d,9f,82,cf,76,8b,1f,16,88,e0,c2,87,65,f7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Gennemført tid: 2012-06-08 16:07:08 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-06-08 14:07
.
Pre-Kørsel: 250.080.923.648 byte ledig
Post-Kørsel: 251.138.170.880 byte ledig
.
- - End Of File - - 4AC937EE1A52CB1D357F9C450C4EDB11

_______

Da den var færdig, havde den yderligere åbnet 2 logs "DDS" & "Attach" vil du også have de logs?

Synes godt om

f-arn Guru

08. juni 2012 - 20:28 #20

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
File::
c:\users\SharkGaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
c:\windows\system32\drivers\badmghpp.sys
c:\windows\system32\drivers\cqbvreew.sys
c:\users\SHARKG~1\AppData\Local\Temp\005CB.tmp
c:\users\SHARKG~1\AppData\Local\Temp\0067FAC.tmp
c:\users\SHARKG~1\AppData\Local\Temp\008B3F.tmp
Folder::
c:\program files (x86)\BitTorrentBar
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=-
[-HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=-
[-HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
Driver::
badmghpp
cqbvreew
MSICDSetup
X6va005
X6va006
X6va008
ClearJavaCache::

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Synes godt om

BATMANWASHERE Nybegynder

08. juni 2012 - 21:39 #21

ComboFix 12-06-08.02 - SharkGaming 08-06-2012 21:27:07.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1030.18.8160.6873 [GMT 2:00]
Kører fra: c:\users\SharkGaming\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\SharkGaming\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\SHARKG~1\AppData\Local\Temp\005CB.tmp"
"c:\users\SHARKG~1\AppData\Local\Temp\0067FAC.tmp"
"c:\users\SHARKG~1\AppData\Local\Temp\008B3F.tmp"
"c:\users\SharkGaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk"
"c:\windows\system32\drivers\badmghpp.sys"
"c:\windows\system32\drivers\cqbvreew.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BitTorrentBar
c:\program files (x86)\BitTorrentBar\BitTorrentBarToolbarHelper.exe
c:\program files (x86)\BitTorrentBar\GottenAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\ldrtbBitT.dll
c:\program files (x86)\BitTorrentBar\OtherAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
c:\program files (x86)\BitTorrentBar\SharedAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\tbBitT.dll
c:\program files (x86)\BitTorrentBar\toolbar.cfg
c:\program files (x86)\BitTorrentBar\ToolbarContextMenu.xml
c:\program files (x86)\BitTorrentBar\uninstall.exe
c:\users\SharkGaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MSICDSETUP
-------\Legacy_X6VA005
-------\Legacy_X6VA006
-------\Legacy_X6VA008
-------\Service_badmghpp
-------\Service_cqbvreew
-------\Service_MSICDSetup
-------\Service_X6va005
-------\Service_X6va006
-------\Service_X6va008
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2012-05-08 til 2012-06-08 )))))))))))))))))))))))))))))))))))
.
.
2012-06-08 19:31 . 2012-06-08 19:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-08 19:31 . 2012-06-08 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-08 16:46 . 2012-06-08 16:46 -------- d-----w- c:\programdata\Battle.net
2012-06-08 15:30 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DB37226-649B-4A8D-8B0B-B8502EAE11A8}\mpengine.dll
2012-06-07 22:18 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-06 19:59 . 2012-06-06 19:59 -------- d-----w- c:\program files (x86)\ERUNT
2012-06-06 14:12 . 2012-06-06 14:12 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 14:12 . 2012-06-06 14:12 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 21:11 . 2012-06-05 21:11 -------- d-----w- c:\program files (x86)\ESET
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\Malwarebytes
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\programdata\Malwarebytes
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-02 23:51 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 23:41 . 2012-06-02 23:41 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2422CA51-F472-4A19-8EE0-0E637DFA145B}\gapaengine.dll
2012-06-02 23:39 . 2012-06-02 23:39 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-06-02 23:39 . 2012-06-02 23:39 -------- d-----w- c:\program files\Microsoft Security Client
2012-05-31 00:50 . 2012-05-31 00:50 -------- d-sh--w- c:\programdata\DSS
2012-05-30 09:34 . 2012-05-30 09:34 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-30 09:33 . 2012-05-30 09:39 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\DAEMON Tools Lite
2012-05-30 09:33 . 2012-05-30 09:34 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-05-30 09:32 . 2012-05-30 09:39 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-05-29 18:23 . 2012-05-29 18:23 -------- d-----w- c:\users\SharkGaming\AppData\Local\Google
2012-05-29 18:23 . 2012-05-29 18:23 -------- d-----w- c:\users\SharkGaming\AppData\Local\CRE
2012-05-25 17:44 . 2012-05-30 23:20 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-05-25 17:44 . 2012-05-25 17:44 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-05-22 17:26 . 2012-05-22 18:08 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\Awesomium
2012-05-15 14:55 . 2012-06-08 17:00 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-05-14 19:39 . 2012-06-08 16:49 -------- d-----w- c:\users\SharkGaming\Incomplete
2012-05-11 16:12 . 2012-05-15 10:12 -------- d-----w- c:\program files (x86)\Diablo II
2012-05-11 15:32 . 2012-05-11 15:59 -------- d-----w- c:\users\SharkGaming\D2LOD-1.12A-enGB
2012-05-11 13:59 . 2012-05-11 15:30 -------- d-----w- c:\users\SharkGaming\D2-1.12A-enGB
2012-05-11 13:59 . 2012-06-08 17:00 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-06 14:48 . 2012-02-18 20:45 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-06 14:48 . 2012-02-18 20:42 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-05 20:32 . 2012-02-18 20:42 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-06-04 17:50 . 2012-02-18 20:42 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-08 20:55 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-08 20:55 . 2009-08-18 09:24 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-05 12:35 . 2012-04-16 12:11 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 12:35 . 2012-01-20 00:31 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 12:35 . 2012-04-16 12:35 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-03-31 06:05 . 2012-05-09 12:23 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-09 12:23 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-09 12:23 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-09 12:23 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-09 12:22 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-20 18:44 . 2012-03-20 18:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2012-03-20 18:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-17 07:58 . 2012-05-09 12:22 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-08_14.03.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-06-08 16:13 34156 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-19 19:30 . 2012-06-08 16:13 9718 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3696142184-1702543921-4226803488-1000_UserData.bin
- 2012-06-08 14:03 . 2012-06-08 14:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-08 19:32 . 2012-06-08 19:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-08 14:03 . 2012-06-08 14:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-08 19:32 . 2012-06-08 19:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-06-02 23:39 662980 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-08 16:16 662980 c:\windows\system32\perfh009.dat
- 2010-11-21 08:43 . 2012-06-02 23:39 517990 c:\windows\system32\perfh006.dat
+ 2010-11-21 08:43 . 2012-06-08 16:16 517990 c:\windows\system32\perfh006.dat
+ 2009-07-14 02:36 . 2012-06-08 16:16 126070 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-02 23:39 126070 c:\windows\system32\perfc009.dat
- 2010-11-21 08:43 . 2012-06-02 23:39 103408 c:\windows\system32\perfc006.dat
+ 2010-11-21 08:43 . 2012-06-08 16:16 103408 c:\windows\system32\perfc006.dat
- 2009-07-14 05:01 . 2012-06-08 14:02 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-08 19:31 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-19 22:58 . 2012-06-08 19:31 27661316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3696142184-1702543921-4226803488-1000-12288.dat
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-01-20 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-1-20 4577760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 WSWNDA3100;WSWNDA3100;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2010-08-19 272864]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netværksinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Indhold af mappen 'Planlagte Opgaver'
.
2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 12:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-04 6602856]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"combofix"="c:\combofix\CF25504.3XE" [2010-11-21 345088]
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
FF - ProfilePath - c:\users\SharkGaming\AppData\Roaming\Mozilla\Firefox\Profiles\44xz14t6.default\
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
.
- - - - TOMME GENVEJE FJERNET - - - -
.
AddRemove-BitTorrentBar Toolbar - c:\program files (x86)\BitTorrentBar\uninstall.exe
.
.
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\S-1-5-21-3696142184-1702543921-4226803488-1000\Software\SecuROM\License information*]
"datasecu"=hex:1c,f8,6f,62,ff,c6,f6,c2,69,f5,dd,92,83,ec,85,0b,b2,ac,92,c2,84,
18,df,6f,3d,93,1e,19,e3,e8,eb,05,ba,ad,e0,21,a0,a5,e4,63,7f,90,83,de,47,22,\
"rkeysecu"=hex:fc,73,1d,9f,82,cf,76,8b,1f,16,88,e0,c2,87,65,f7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Gennemført tid: 2012-06-08 21:36:10 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-06-08 19:36
ComboFix2.txt 2012-06-08 14:07
.
Pre-Kørsel: 259.253.043.200 byte ledig
Post-Kørsel: 258.940.944.384 byte ledig
.
- - End Of File - - 914F78B1609A7AEEE34BEF3E56E9D05B

______

Den startede med at brokke sig over at mit Antivirus ikke var slået fra - selvom det var, det er jeg i hvert fald ret sikker på.

Synes godt om

f-arn Guru

08. juni 2012 - 22:01 #22

Jeg vil gerne ha' dig til at køre Farbar Service Scanner igen.

Start den og sæt flueben i følgende.

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

Klik på Scan.

Kopier FSS.txt herind, og fortæl hvordan PCen kører nu ???

Synes godt om

BATMANWASHERE Nybegynder

08. juni 2012 - 22:17 #23

ComboFix 12-06-08.02 - SharkGaming 08-06-2012 21:27:07.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1030.18.8160.6873 [GMT 2:00]
Kører fra: c:\users\SharkGaming\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\SharkGaming\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\SHARKG~1\AppData\Local\Temp\005CB.tmp"
"c:\users\SHARKG~1\AppData\Local\Temp\0067FAC.tmp"
"c:\users\SHARKG~1\AppData\Local\Temp\008B3F.tmp"
"c:\users\SharkGaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk"
"c:\windows\system32\drivers\badmghpp.sys"
"c:\windows\system32\drivers\cqbvreew.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BitTorrentBar
c:\program files (x86)\BitTorrentBar\BitTorrentBarToolbarHelper.exe
c:\program files (x86)\BitTorrentBar\GottenAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\ldrtbBitT.dll
c:\program files (x86)\BitTorrentBar\OtherAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
c:\program files (x86)\BitTorrentBar\SharedAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\tbBitT.dll
c:\program files (x86)\BitTorrentBar\toolbar.cfg
c:\program files (x86)\BitTorrentBar\ToolbarContextMenu.xml
c:\program files (x86)\BitTorrentBar\uninstall.exe
c:\users\SharkGaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MSICDSETUP
-------\Legacy_X6VA005
-------\Legacy_X6VA006
-------\Legacy_X6VA008
-------\Service_badmghpp
-------\Service_cqbvreew
-------\Service_MSICDSetup
-------\Service_X6va005
-------\Service_X6va006
-------\Service_X6va008
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2012-05-08 til 2012-06-08 )))))))))))))))))))))))))))))))))))
.
.
2012-06-08 19:31 . 2012-06-08 19:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-08 19:31 . 2012-06-08 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-08 16:46 . 2012-06-08 16:46 -------- d-----w- c:\programdata\Battle.net
2012-06-08 15:30 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DB37226-649B-4A8D-8B0B-B8502EAE11A8}\mpengine.dll
2012-06-07 22:18 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-06 19:59 . 2012-06-06 19:59 -------- d-----w- c:\program files (x86)\ERUNT
2012-06-06 14:12 . 2012-06-06 14:12 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 14:12 . 2012-06-06 14:12 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-05 21:11 . 2012-06-05 21:11 -------- d-----w- c:\program files (x86)\ESET
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\Malwarebytes
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\programdata\Malwarebytes
2012-06-02 23:51 . 2012-06-02 23:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-02 23:51 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 23:41 . 2012-06-02 23:41 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2422CA51-F472-4A19-8EE0-0E637DFA145B}\gapaengine.dll
2012-06-02 23:39 . 2012-06-02 23:39 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-06-02 23:39 . 2012-06-02 23:39 -------- d-----w- c:\program files\Microsoft Security Client
2012-05-31 00:50 . 2012-05-31 00:50 -------- d-sh--w- c:\programdata\DSS
2012-05-30 09:34 . 2012-05-30 09:34 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-30 09:33 . 2012-05-30 09:39 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\DAEMON Tools Lite
2012-05-30 09:33 . 2012-05-30 09:34 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-05-30 09:32 . 2012-05-30 09:39 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-05-29 18:23 . 2012-05-29 18:23 -------- d-----w- c:\users\SharkGaming\AppData\Local\Google
2012-05-29 18:23 . 2012-05-29 18:23 -------- d-----w- c:\users\SharkGaming\AppData\Local\CRE
2012-05-25 17:44 . 2012-05-30 23:20 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-05-25 17:44 . 2012-05-25 17:44 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-05-22 17:26 . 2012-05-22 18:08 -------- d-----w- c:\users\SharkGaming\AppData\Roaming\Awesomium
2012-05-15 14:55 . 2012-06-08 17:00 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-05-14 19:39 . 2012-06-08 16:49 -------- d-----w- c:\users\SharkGaming\Incomplete
2012-05-11 16:12 . 2012-05-15 10:12 -------- d-----w- c:\program files (x86)\Diablo II
2012-05-11 15:32 . 2012-05-11 15:59 -------- d-----w- c:\users\SharkGaming\D2LOD-1.12A-enGB
2012-05-11 13:59 . 2012-05-11 15:30 -------- d-----w- c:\users\SharkGaming\D2-1.12A-enGB
2012-05-11 13:59 . 2012-06-08 17:00 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-06 14:48 . 2012-02-18 20:45 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-06 14:48 . 2012-02-18 20:42 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-05 20:32 . 2012-02-18 20:42 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-06-04 17:50 . 2012-02-18 20:42 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-08 20:55 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-08 20:55 . 2009-08-18 09:24 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-05 12:35 . 2012-04-16 12:11 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 12:35 . 2012-01-20 00:31 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 12:35 . 2012-04-16 12:35 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-03-31 06:05 . 2012-05-09 12:23 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-09 12:23 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-09 12:23 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-09 12:23 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-09 12:22 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-20 18:44 . 2012-03-20 18:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2012-03-20 18:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-17 07:58 . 2012-05-09 12:22 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-08_14.03.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-06-08 16:13 34156 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-19 19:30 . 2012-06-08 16:13 9718 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3696142184-1702543921-4226803488-1000_UserData.bin
- 2012-06-08 14:03 . 2012-06-08 14:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-08 19:32 . 2012-06-08 19:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-08 14:03 . 2012-06-08 14:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-08 19:32 . 2012-06-08 19:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-06-02 23:39 662980 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-08 16:16 662980 c:\windows\system32\perfh009.dat
- 2010-11-21 08:43 . 2012-06-02 23:39 517990 c:\windows\system32\perfh006.dat
+ 2010-11-21 08:43 . 2012-06-08 16:16 517990 c:\windows\system32\perfh006.dat
+ 2009-07-14 02:36 . 2012-06-08 16:16 126070 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-02 23:39 126070 c:\windows\system32\perfc009.dat
- 2010-11-21 08:43 . 2012-06-02 23:39 103408 c:\windows\system32\perfc006.dat
+ 2010-11-21 08:43 . 2012-06-08 16:16 103408 c:\windows\system32\perfc006.dat
- 2009-07-14 05:01 . 2012-06-08 14:02 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-08 19:31 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-19 22:58 . 2012-06-08 19:31 27661316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3696142184-1702543921-4226803488-1000-12288.dat
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-01-20 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-1-20 4577760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 WSWNDA3100;WSWNDA3100;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2010-08-19 272864]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netværksinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Indhold af mappen 'Planlagte Opgaver'
.
2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 12:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-04 6602856]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"combofix"="c:\combofix\CF25504.3XE" [2010-11-21 345088]
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
FF - ProfilePath - c:\users\SharkGaming\AppData\Roaming\Mozilla\Firefox\Profiles\44xz14t6.default\
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
.
- - - - TOMME GENVEJE FJERNET - - - -
.
AddRemove-BitTorrentBar Toolbar - c:\program files (x86)\BitTorrentBar\uninstall.exe
.
.
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\S-1-5-21-3696142184-1702543921-4226803488-1000\Software\SecuROM\License information*]
"datasecu"=hex:1c,f8,6f,62,ff,c6,f6,c2,69,f5,dd,92,83,ec,85,0b,b2,ac,92,c2,84,
18,df,6f,3d,93,1e,19,e3,e8,eb,05,ba,ad,e0,21,a0,a5,e4,63,7f,90,83,de,47,22,\
"rkeysecu"=hex:fc,73,1d,9f,82,cf,76,8b,1f,16,88,e0,c2,87,65,f7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Gennemført tid: 2012-06-08 21:36:10 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-06-08 19:36
ComboFix2.txt 2012-06-08 14:07
.
Pre-Kørsel: 259.253.043.200 byte ledig
Post-Kørsel: 258.940.944.384 byte ledig
.
- - End Of File - - 914F78B1609A7AEEE34BEF3E56E9D05B

_____

Windows Firewall ser ud til at virke, men det har den gjort i et stykke tid, jeg tror Microsoft Security Essentials har taget over.
Windows Defender - jeg kan stadig ikke slå det til, jeg får beskeden "Handlingen returnerede fordi timeout-perioden udløb. (Fejlkode 0x800705b4)

Synes godt om

BATMANWASHERE Nybegynder

08. juni 2012 - 22:18 #24

Undskyld, det var den forkerte
Farbar Service Scanner Version: 05-06-2012
Ran by SharkGaming (administrator) on 08-06-2012 at 22:11:34
Running from "C:\Users\SharkGaming\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

_____

Windows Firewall ser ud til at virke, men det har den gjort i et stykke tid, jeg tror Microsoft Security Essentials har taget over.
Windows Defender - jeg kan stadig ikke slå det til, jeg får beskeden "Handlingen returnerede fordi timeout-perioden udløb. (Fejlkode 0x800705b4)

Synes godt om

f-arn Guru

08. juni 2012 - 22:52 #25

Jeg ved ikke, om det er klogt at tvinge Windows Defender i gang.

Prøv at læse dette.

Start Farbar Service Scanner.

Kopier nedenstående ind.

WinDefend

Klik på "Export Service"

Kopier loggen herind.

Synes godt om

f-arn Guru

08. juni 2012 - 22:55 #26

Forker link - prøv dette.

Synes godt om

BATMANWASHERE Nybegynder

08. juni 2012 - 23:46 #27

Er jeg "fri" fra ZeroAcess rootkitet?
Er det nødvendigt at have Windows Defender kørende?
"Windows Defender skal deaktiveres hvis du benytter Microsoft Security Essentials.

I modsat fald vil du som oftest opleve en langsom computer, altså en konflikt. Det er noget jeg efterhånden har sagt i årevis, men nu konfirmeret af producenten selv."
I såfald er jeg IKKE interesseret i at have den kørende, medmindre det er yderst nødvendigt - eller skal jeg anskaffe mig et andet Antivirus program? Jeg har mulighed for at skaffe McAfee.

- Skal du stadig have den scan fra Farbar Service Scanner?

Synes godt om

f-arn Guru

09. juni 2012 - 09:23 #28

Er jeg "fri" fra ZeroAcess rootkitet?

Det er jeg ikke helt sikker på.

- Skal du stadig have den scan fra Farbar Service Scanner?

Jeg vil stadig gerne ha' du exporterer WinDefend.

Synes godt om

BATMANWASHERE Nybegynder

09. juni 2012 - 14:34 #29

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\WinDefend]
"DisplayName"="@%ProgramFiles%\\Windows Defender\\MsMpRes.dll,-103"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,73,00,65,00,63,00,73,00,76,00,63,00,73,00,00,00
"Start"=dword:00000003
"Type"=dword:00000020
"Description"="@%ProgramFiles%\\Windows Defender\\MsMpRes.dll,-1176"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ObjectName"="LocalSystem"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,\
00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
65,00,00,00,53,00,65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,\
00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,\
74,00,6f,00,72,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,\
00,00,00,53,00,65,00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,\
69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,\
00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,\
6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,69,\
00,74,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
53,00,65,00,53,00,68,00,75,00,74,00,64,00,6f,00,77,00,6e,00,50,00,72,00,69,\
00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,63,00,\
72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,00,69,\
00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,\
69,00,67,00,6e,00,50,00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,\
00,65,00,6e,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
00,00
"DelayedAutoStart"=dword:00000000
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\WinDefend\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,\
00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,\
20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,6d,00,70,00,73,\
00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\WinDefend\Security]
"Security"=hex:01,00,14,80,dc,00,00,00,e8,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,ac,00,06,00,00,00,00,00,28,00,ff,01,0f,00,01,06,00,00,00,00,00,\
05,50,00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,\
00,0b,28,00,00,00,00,10,01,06,00,00,00,00,00,05,50,00,00,00,b5,89,fb,38,19,\
84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,00,00,14,00,fd,01,02,00,01,01,\
00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,\
05,20,00,00,00,20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,\
04,00,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,01,\
01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\WinDefend\TriggerInfo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\WinDefend\TriggerInfo\0]
"Type"=dword:00000005
"Action"=dword:00000001
"GUID"=hex:e6,ca,9f,65,db,5b,a9,4d,b1,ff,ca,2a,17,8d,46,e0

Synes godt om

f-arn Guru

09. juni 2012 - 17:07 #30

Bortset fra Start typen, ser det rigtigt ud. Det er noget jeg regner med MSE har ændret.

Den synes jeg vi skal lade være.

------

Jeg kan se du har kørt ESET Online Scanner, men jeg vil gerne ha' du gør det igen.

Deaktiver dit antivirus-program, kør en online scanning med ESET Online Scanner:
http://www.eset.com/onlinescan/

Du skal acceptere betingelserne for brug, og klik på Start.
Efter ActiveX Control er indlæst, vil det tage et par minutter for scanneren at blive klar.
Dernæst skal du sætte flueben i følgende felter: (kun dem)

Den må ikke fjerne noget, da vi ikke ønsker den fjerner noget forkert !!!

Scan archives

under advanced settings
Scan for potentialy unwanted applications
Scan for potentially unsafe applications
Enable anti-stealth technology

Klik på Start. Denne scanning kan tage et stykke tid, så vær tålmodig.
En log vil åbne, når scanningen er færdig.

(hvis ikke, skal du gå til C:\Programmer\EsetOnlineScanner\ og åbne filen Log.txt).

Kopier den herind i næste indlæg.

Synes godt om

BATMANWASHERE Nybegynder

09. juni 2012 - 19:37 #31

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=56d9d433ee5c454aa491c961e3add106
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-06-05 10:19:13
# local_time=2012-06-06 12:19:13 (+0100, Rom, sommertid)
# country="Denmark"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 94 48605561 90560829 0 0
# compatibility_mode=8192 67108863 100 0 267 267 0 0
# scanned=221511
# found=3
# cleaned=3
# scan_time=3773
C:\Users\SharkGaming\AppData\Local\Temp\utt928.tmp Win32/OpenCandy application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\SharkGaming\Downloads\DTLite4454-0315.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\SharkGaming\Downloads\epicbot_520.exe Win32/InstallIQ application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=56d9d433ee5c454aa491c961e3add106
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-06-09 05:30:53
# local_time=2012-06-09 07:30:53 (+0100, Rom, sommertid)
# country="Denmark"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 48934994 90890262 0 0
# compatibility_mode=8192 67108863 100 0 329700 329700 0 0
# scanned=207578
# found=0
# cleaned=0
# scan_time=2641

Synes godt om

f-arn Guru

09. juni 2012 - 20:03 #32

Det ser fint ud, men du burde ha' ladet den scanne "archives"

Hvis du ikke har flere problemer, skal vi ha' rydet op i mit næste indlæg.

Synes godt om

BATMANWASHERE Nybegynder

09. juni 2012 - 20:08 #33

Vil du have jeg scanner igen, men hvor "archives" er med?
Kan stadig ikke slå Windows Defender til, men som sagt, hvis det er ikke er nødvendigt er det fint med mig. Så vi kan vel godt begynde på den næste del.

Synes godt om

BATMANWASHERE Nybegynder

09. juni 2012 - 20:12 #34

Kontrolpanel > System og Sikkerhed > løsningscenter, går jeg under "Sikkerhed" og "vis de installerede antispywareprogrammer" derunder er Windows Defender, hvis status skifter fra "Fra til Forældet"

Synes godt om

f-arn Guru

09. juni 2012 - 20:29 #35

Vil du have jeg scanner igen, men hvor "archives" er med?

Nej.

Windows Defender er deaktiveret i registreringsdatabasen, og det synes jeg vi skal la' den være ved med.

------

Klik start, kør og kopier dette ind: combofix /uninstall
Tryk enter
Det vil fjerne Combofix og nulstille urets indstillinger.
Nulstille systemgendannelsen.
Skjule filtypenavne hvis det kræves.
Skjule System/skjulte filer hvis det kræves.

------

Hent og kør OTC af OldTimer.
Klik "CleanUp" og lad den genstarte. Den fjerner andre værktøjer vi har brugt til at rense maskinen.

Hvis der efterlades noget, må du slette det manuelt.

Synes godt om

BATMANWASHERE Nybegynder

09. juni 2012 - 20:52 #36

Jeg går ud fra vi nu er færdige og jeg ikke længere er inficeret. Du skal have mange gange tak fordi du gad hjælpe og havde tålmodigheden til det.

Synes godt om

Titel	Indlæg	Oprettet	Seneste aktivitet
Fejlmeddelse i Easy Firewall Af cyperbent i Firewalls	22	21/01/202418:54	08/03/202415:31
Abelssoft EasyFirewall Af valby i Firewalls	9	12/10/202319:21	13/10/202319:17
Firewals og antivirus med videre Af mogens8000 i Firewalls	4	24/06/202213:54	24/06/202215:30
Din internetadgang er blokeret Af sigyn i Firewalls	1	04/01/202218:04	04/01/202220:25
Den afsatte tid til at gennemføre dit køb, er desværre udløbet. Men dit produkt er sandsynligvis stadig tilgængeligt i sortimentet. Forsøg gerne igen" Af gh0stry i Firewalls	3	25/09/202114:52	25/09/202120:39

I går 18:09	Billedoverførsel Af Laurids i iOS, iPhone & iPad
I går 13:30	Hvordan ændres UniFi Dream Machine UDM til switch mode Af Kasper4450 i Internetforbindelser
I går 13:01	Film går i stå midt i afspilningen Af ole falsted i Musik & videoafspillere
I går 11:40	Fjerne mappe i stifinder Af Peter Olsen i Andet software
I går 11:27	renteberegning Af Pil i Excel

fejlkode 0x80070424

Log ind eller opret profil

Hov!