Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Killen van Search Babylon tabblad IE7

None
11 antwoorden
  • Ik zoek een oplossing om het tabblad "Search Babylon" te verwijderen bij het opstarten van de IE (wsindows 7).
    Ik heb geen bestand meer gevonden in mijn programma files. Ook de aanwezige registersleutel met "Babylon" verwijderd. Kaspersky TDSSkiller gedraaid, Malwarebytes Anti-Malware gedraaid. Geen resultaten.
    Wie kan mij de weg wijzen dit irritante programma te doen "killen"?
  • Kun je niet de werkbalk Babylon verwijderen? volgens mij in de tabblad "beeld"
    Je zou het ook kunnen proberen door het opnieuw te installeren en dan te verwijderen met revo-uninstaller(gratis). Maar Babylon lijkt wel een virus zo hardnekkig als die is.
  • Babylon graaft zich behoorlijk diep in Windows in!

    [b:43e200a37a]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:43e200a37a]
    [list:43e200a37a][*:43e200a37a]Lees alle instrukties goed door.
    [*:43e200a37a]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken.
    [*:43e200a37a]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken.
    [*:43e200a37a]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken.
    [*:43e200a37a]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
    [*:43e200a37a]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:43e200a37a][/color:43e200a37a]

    [b:43e200a37a]Stap •1•[/b:43e200a37a][/color:43e200a37a]
    [b:43e200a37a]Welk programma[/b:43e200a37a]: Trend Micro [b:43e200a37a]Hijack This Versie 2.0.4[/b:43e200a37a]
    [b:43e200a37a]Waarvoor/waarom[/b:43e200a37a]: maakt een duidelijk overzicht van Windows door middel van een scan.
    [b:43e200a37a]Moeilijkheidsgraad[/b:43e200a37a]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven.

    [b:43e200a37a]Download[/b:43e200a37a] de [b:43e200a37a]HijackThis Installer[/b:43e200a37a]

    [b:43e200a37a]Installatie[/b:43e200a37a]:
    [list:43e200a37a][*:43e200a37a]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:43e200a37a]
    Gebruikers van [b:43e200a37a]Windows Vista[/b:43e200a37a] en [b:43e200a37a]Windows 7[/b:43e200a37a] gaan daarna naar de installatielokatie van HijackThis.
    [list:43e200a37a][*:43e200a37a]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen.
    [*:43e200a37a]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren".
    [*:43e200a37a]Als laatste wordt dan nog op [b:43e200a37a]Toepassen[/b:43e200a37a] en [b:43e200a37a]OK[/b:43e200a37a] geklikt[/list:u:43e200a37a]

    [b:43e200a37a]Hijack This gebruiken[/b:43e200a37a]:
    [list:43e200a37a][*:43e200a37a]Sluit eerst alle openstaande programma's en de webbrowsers.
    [*:43e200a37a]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile'
    [list:43e200a37a][*:43e200a37a]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:43e200a37a]
    [*:43e200a37a]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'.
    [*:43e200a37a]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht.
    [*:43e200a37a]Hierna mag je Hijack This weer sluiten[/list:u:43e200a37a]
    [b:43e200a37a]Stap •2•[/b:43e200a37a][/color:43e200a37a]
    [b:43e200a37a]Welk programma[/b:43e200a37a]: Malwarebytes MBAM
    [b:43e200a37a]Waarvoor/waarom[/b:43e200a37a]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:43e200a37a]Moeilijkheidsgraad[/b:43e200a37a]: geen.

    [b:43e200a37a]Download Malwarebytes MBAM via één van deze locaties[/b:43e200a37a]:
    [list:43e200a37a][*:43e200a37a][b:43e200a37a]Download.com[/b:43e200a37a]
    [*:43e200a37a][b:43e200a37a]Softpedia.com[/b:43e200a37a][*:43e200a37a][b:43e200a37a]Majorgeeks.com[/b:43e200a37a][/list:u:43e200a37a]
    [b:43e200a37a]Allereerst[/b:43e200a37a]:[list:43e200a37a][*:43e200a37a] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:43e200a37a] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
    [/list:u:43e200a37a]
    [b:43e200a37a]Malwarebytes MBAM opstarten[/b:43e200a37a]:
    Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
    [list:43e200a37a][*:43e200a37a][b:43e200a37a]Let op:[/b:43e200a37a]
    [list:43e200a37a][*:43e200a37a]Malwarebytes verstrekt nu de volledige versie van MBAM.
    [*:43e200a37a]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
    [*:43e200a37a]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
    [*:43e200a37a]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:43e200a37a][/list:u:43e200a37a]
    [img:43e200a37a]http://img30.imageshack.us/img30/3928/mbam2.png[/img:43e200a37a]

    [list:43e200a37a][*:43e200a37a][b:43e200a37a]Doe ook nog het volgende:[/b:43e200a37a]
    [list:43e200a37a][*:43e200a37a]Zodra het programma gestart is, ga dan naar het tabblad "[b:43e200a37a]Instellingen[/b:43e200a37a]".
    [*:43e200a37a]Vink hier aan: "[b:43e200a37a]Sluit Internet Explorer tijdens verwijdering van malware[/b:43e200a37a]".[/list:u:43e200a37a][/list:u:43e200a37a]

    [b:43e200a37a]Scannen[/b:43e200a37a]:
    [list:43e200a37a][*:43e200a37a] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:43e200a37a]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:43e200a37a]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:43e200a37a]
    [b:43e200a37a]Infecties gevonden[/b:43e200a37a]:
    [list:43e200a37a][*:43e200a37a]Klik nu eerst op OK om de melding weg te klikken
    [*:43e200a37a]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:43e200a37a]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:43e200a37a]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:43e200a37a]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:43e200a37a]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:43e200a37a]
    [b:43e200a37a]MBAM-Log[/b:43e200a37a]:
    [list:43e200a37a][*:43e200a37a] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:43e200a37a]
    [b:43e200a37a]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:43e200a37a]

    [b:43e200a37a]Stap •3•[/b:43e200a37a][/color:43e200a37a]
    [b:43e200a37a]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:43e200a37a]
    [list:43e200a37a][*:43e200a37a] een Hijackthis-log
    [*:43e200a37a] MBAM scanlog[/list:u:43e200a37a]
  • Hieronder mijn logfiles met betrekking tot onderzoek van het Babylon seach
    Opmerking: MBAM had ik 29-12-2011 al gedraaid en daaruit is een aantal spyware in quarantaine geplaatst. De scan van 7-1-2012 gaf een schoon beeld (geen bevindingen). Beide logs treft u hierbij aan.

    Bedankt en ik hoor wel wat ik moet doen[/color:8b8aac080c]

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:23:28, on 7-1-2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16912)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/8
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/8
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/8
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
    O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
    O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
    O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
    O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
    O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
    O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
    O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
    O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12856 bytes


    Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.0.1800
    www.malwarebytes.org

    Databaseversie: v2011.12.29.04

    Windows 7 x64 NTFS
    Internet Explorer 8.0.7600.16385
    Egbert :: COCU [administrator]

    Realtime bescherming: Ingeschakeld

    29-12-2011 19:42:38
    mbam-log-2011-12-29 (19-42-38).txt

    Scantype: Volledige scan
    Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 33663
    Verstreken tijd: 2 minuut/minuten, 29 seconde(n) [beëindigd]

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 6
    HKCR\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    Malwarebytes Anti-Malware (PRO) 1.60.0.1800
    www.malwarebytes.org

    Databaseversie: v2012.01.07.01

    Windows 7 x64 NTFS
    Internet Explorer 8.0.7600.16385
    Egbert :: COCU [administrator]

    Realtime bescherming: Ingeschakeld

    7-1-2012 13:10:41
    mbam-log-2012-01-07 (13-10-41).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 187486
    Verstreken tijd: 3 minuut/minuten, 46 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
  • Hallo agovv, lees alles eerst goed door.

    [b:d86378b17d]Stap •1•[/b:d86378b17d][/color:d86378b17d]
    Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:d86378b17d]Fix checked[/b:d86378b17d] klikt!

    Start nu HijackThis middels rechtsklik met Administratorrechten (lukt dat niet ga dan naar de installatielokatie van HijackThis en start "hijackthis.exe"

    vervolgens met administratorrechten.)en klik op de knop [b:d86378b17d]Do a Scan only,

    R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
    O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
    O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
    O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
    O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
    [/b:d86378b17d]
    [list:d86378b17d][*:d86378b17d] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:d86378b17d] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:d86378b17d]Fix checked[/b:d86378b17d]
    [*:d86378b17d] Klik hierna HijackThis op uit.[/list:u:d86378b17d]
    [b:d86378b17d]Stap •2•[/b:d86378b17d][/color:d86378b17d]
    [b:d86378b17d]Welk programma[/b:d86378b17d]: Kaspersky [b:d86378b17d]TDSSKiller[/b:d86378b17d]
    [b:d86378b17d]Waarvoor/waarom[/b:d86378b17d]: Rootkitscanner
    [b:d86378b17d]Moeilijkheidsgraad[/b:d86378b17d]: geen
    [b:d86378b17d]Downloadlokatie[/b:d86378b17d]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:d86378b17d]Download[/b:d86378b17d] [b:d86378b17d]TDSSKiller[/b:d86378b17d] [b:d86378b17d]hier[/b:d86378b17d].

    [b:d86378b17d]Installatie[/b:d86378b17d]:
    [list:d86378b17d][*:d86378b17d] pak het bestand uit op je bureaublad.[/list:u:d86378b17d]

    [b:d86378b17d]TDSSKiller gebruiken[/b:d86378b17d]:
    [list:d86378b17d][*:d86378b17d]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
    [*:d86378b17d]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:d86378b17d]Als Administrator uitvoeren[/b:d86378b17d].[/list:u:d86378b17d]
    [list:d86378b17d][*:d86378b17d]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit,
    [*:d86378b17d]klik daarvoor op de knop "Load update"[/list:u:d86378b17d]
    [img:d86378b17d]http://www.malwareinfo.nl/files/screens/TDSSkiller(update).jpg[/img:d86378b17d]

    [list:d86378b17d][*:d86378b17d]Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
    [*:d86378b17d]Start nu TDSSkiller opnieuw.
    [*:d86378b17d] Klik op "[b:d86378b17d]Change parameters[/b:d86378b17d]" en zorg dat de onderstaande opties allemaal aangevinkt zijn.[/list:u:d86378b17d]

    [img:d86378b17d]http://www.malwareinfo.nl/files/screens/TDSSkiller(opties).jpg[/img:d86378b17d]

    [list:d86378b17d][*:d86378b17d]Klik vervolgens op de knop [b:d86378b17d]"Start Scan"[/b:d86378b17d] en volg de instructies.
    [*:d86378b17d] Nadat de scan klaar is klik je op de knop [b:d86378b17d]"Report"[/b:d86378b17d].
    [*:d86378b17d]Er opent een kladblokbestand. Post de inhoud van dit bestand.[/list:u:d86378b17d]
    [list:d86378b17d][*:d86378b17d][b:d86378b17d]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:d86378b17d]
    [*:d86378b17d]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:d86378b17d]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:d86378b17d][/list:u:d86378b17d]

    [b:d86378b17d]Belangrijk:[/b:d86378b17d][/color:d86378b17d]
    [list:d86378b17d][*:d86378b17d]Indien je een waarschuwing krijgt over [b:d86378b17d]sptd.sys[/b:d86378b17d] dan mag je deze 'skippen' deze hoort bij Emulatiesoftware zoals bijv. DaemonTools.
    [*:d86378b17d]De [b:d86378b17d]unsigned files[/b:d86378b17d] skip je,
    [*:d86378b17d][b:d86378b17d]TDSS File System[/b:d86378b17d] laat je verwijderen of in quarantaine zetten, [b:d86378b17d]delete[/b:d86378b17d] of [b:d86378b17d]copy to quarantine[/b:d86378b17d].
    [*:d86378b17d][b:d86378b17d]Rootkit.Boot.SST.b[/b:d86378b17d] en anderen zoals Sinowal, ZeroAccess of Whistler laat je herstellen [b:d86378b17d]Cure[/b:d86378b17d].[/list:u:d86378b17d]
    [b:d86378b17d]Stap •3•[/b:d86378b17d][/color:d86378b17d]
    [b:d86378b17d]Welk programma[/b:d86378b17d]: ComboFix
    [b:d86378b17d]Waarvoor/waarom[/b:d86378b17d]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:d86378b17d]Moeilijkheidsgraad[/b:d86378b17d]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:d86378b17d]Downloadlokatie[/b:d86378b17d]: Dit programma absoluut naar het bureaublad downloaden!
    [b:d86378b17d]Download ComboFix via één van deze locaties[/b:d86378b17d]:
    [list:d86378b17d][*:d86378b17d][b:d86378b17d]Bleepingcomputer[/b:d86378b17d]
    [*:d86378b17d][b:d86378b17d]ForoSpyware[/b:d86378b17d]
    [*:d86378b17d][b:d86378b17d]Geekstogo[/b:d86378b17d][/list:u:d86378b17d]
    [b:d86378b17d]Hier[/b:d86378b17d] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:d86378b17d]Hier[/b:d86378b17d] en [b:d86378b17d]hier[/b:d86378b17d] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:d86378b17d]Voor alle duidelijkheid nogmaals[/b:d86378b17d]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:d86378b17d]Opmerkingen[/b:d86378b17d]:
    [list:d86378b17d][*:d86378b17d] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:d86378b17d]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:d86378b17d]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:d86378b17d]
    [b:d86378b17d]ComboFix is opgestart[/b:d86378b17d]:
    [list:d86378b17d][*:d86378b17d]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:d86378b17d]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
    [*:d86378b17d]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:d86378b17d]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:d86378b17d]Post de inhoud van dit logbestand in je volgende bericht.
    [*:d86378b17d]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:d86378b17d]
    [b:d86378b17d]Belangrijke opmerking[/b:d86378b17d]:
    [list:d86378b17d][*:d86378b17d][b:d86378b17d]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:d86378b17d][/b:d86378b17d]
    [*:d86378b17d][b:d86378b17d]Illegal operation attempted on a registery key that has been marked for deletion.[/color:d86378b17d][/b:d86378b17d]
    [*:d86378b17d][b:d86378b17d]Start dan de computer opnieuw op.[/color:d86378b17d][/b:d86378b17d][/list:u:d86378b17d]

    [b:d86378b17d]Stap •3•[/b:d86378b17d][/color:d86378b17d]
    [b:d86378b17d]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:d86378b17d]
    [list:d86378b17d][*:d86378b17d] TDSSKiller-log
    [*:d86378b17d] ComboFix.txt-log
    [/list:u:d86378b17d]
  • Hierbij het rapport TDSSkiller. Ik durf het niet aan om combo te draaien met alle risico van dien. Is dit wel noodzakelijk? Ik heb nu 3 lograpporten verzonden maar heb nog geen bevinding vernomen. Hier TDSSlog:[/color:5e8dfa6f6c]
    13:38:47.0768 3936 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
    13:38:47.0971 3936 ============================================================
    13:38:47.0971 3936 Current date / time: 2012/01/08 13:38:47.0971
    13:38:47.0971 3936 SystemInfo:
    13:38:47.0971 3936
    13:38:47.0971 3936 OS Version: 6.1.7600 ServicePack: 0.0
    13:38:47.0971 3936 Product type: Workstation
    13:38:47.0971 3936 ComputerName: COCU
    13:38:47.0987 3936 UserName: Egbert
    13:38:47.0987 3936 Windows directory: C:\Windows
    13:38:47.0987 3936 System windows directory: C:\Windows
    13:38:47.0987 3936 Running under WOW64
    13:38:47.0987 3936 Processor architecture: Intel x64
    13:38:47.0987 3936 Number of processors: 4
    13:38:47.0987 3936 Page size: 0x1000
    13:38:47.0987 3936 Boot type: Normal boot
    13:38:47.0987 3936 ============================================================
    13:38:48.0439 3936 Initialize success
    13:38:58.0236 5492 ============================================================
    13:38:58.0236 5492 Scan started
    13:38:58.0236 5492 Mode: Manual; SigCheck; TDLFS;
    13:38:58.0236 5492 ============================================================
    13:38:58.0564 5492 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
    13:38:58.0735 5492 1394ohci - ok
    13:38:58.0860 5492 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
    13:38:58.0907 5492 ACPI - ok
    13:38:58.0985 5492 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
    13:38:59.0063 5492 AcpiPmi - ok
    13:38:59.0203 5492 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    13:38:59.0266 5492 adp94xx - ok
    13:38:59.0375 5492 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    13:38:59.0422 5492 adpahci - ok
    13:38:59.0531 5492 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    13:38:59.0546 5492 adpu320 - ok
    13:38:59.0796 5492 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
    13:38:59.0874 5492 AFD - ok
    13:39:00.0014 5492 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
    13:39:00.0124 5492 AgereSoftModem - ok
    13:39:00.0248 5492 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
    13:39:00.0280 5492 agp440 - ok
    13:39:00.0420 5492 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
    13:39:00.0451 5492 aliide - ok
    13:39:00.0560 5492 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
    13:39:00.0592 5492 amdide - ok
    13:39:00.0701 5492 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    13:39:00.0763 5492 AmdK8 - ok
    13:39:00.0997 5492 amdkmdag (8155ea1864d1fa8b168c46c41ed97a76) C:\Windows\system32\DRIVERS\atikmdag.sys
    13:39:01.0309 5492 amdkmdag - ok
    13:39:01.0403 5492 amdkmdap (4841c7af2bac05ae23955d65b4336446) C:\Windows\system32\DRIVERS\atikmpag.sys
    13:39:01.0481 5492 amdkmdap - ok
    13:39:01.0574 5492 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    13:39:01.0621 5492 AmdPPM - ok
    13:39:01.0730 5492 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
    13:39:01.0762 5492 amdsata - ok
    13:39:01.0808 5492 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    13:39:01.0840 5492 amdsbs - ok
    13:39:01.0918 5492 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
    13:39:01.0949 5492 amdxata - ok
    13:39:02.0058 5492 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
    13:39:02.0198 5492 AppID - ok
    13:39:02.0323 5492 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    13:39:02.0370 5492 arc - ok
    13:39:02.0464 5492 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    13:39:02.0526 5492 arcsas - ok
    13:39:02.0620 5492 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:39:02.0822 5492 AsyncMac - ok
    13:39:02.0916 5492 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
    13:39:02.0947 5492 atapi - ok
    13:39:03.0041 5492 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
    13:39:03.0134 5492 athr - ok
    13:39:03.0244 5492 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
    13:39:03.0306 5492 AtiHdmiService - ok
    13:39:03.0446 5492 Avgfwfd (705417fd6c165ccf926aca943b478d68) C:\Windows\system32\DRIVERS\avgfwd6a.sys
    13:39:03.0509 5492 Avgfwfd - ok
    13:39:03.0634 5492 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    13:39:03.0696 5492 AVGIDSDriver - ok
    13:39:03.0805 5492 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    13:39:03.0836 5492 AVGIDSEH - ok
    13:39:03.0883 5492 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    13:39:03.0946 5492 AVGIDSFilter - ok
    13:39:04.0039 5492 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
    13:39:04.0148 5492 Avgldx64 - ok
    13:39:04.0242 5492 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
    13:39:04.0304 5492 Avgmfx64 - ok
    13:39:04.0429 5492 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
    13:39:04.0523 5492 Avgrkx64 - ok
    13:39:04.0648 5492 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
    13:39:04.0710 5492 Avgtdia - ok
    13:39:04.0850 5492 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    13:39:04.0944 5492 b06bdrv - ok
    13:39:05.0053 5492 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    13:39:05.0147 5492 b57nd60a - ok
    13:39:05.0318 5492 BCM43XX (810be94a9e42309b3f74217ac28bc6ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
    13:39:05.0474 5492 BCM43XX - ok
    13:39:05.0568 5492 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    13:39:05.0646 5492 Beep - ok
    13:39:05.0786 5492 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    13:39:05.0833 5492 blbdrive - ok
    13:39:05.0880 5492 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
    13:39:05.0974 5492 bowser - ok
    13:39:06.0067 5492 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    13:39:06.0114 5492 BrFiltLo - ok
    13:39:06.0223 5492 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    13:39:06.0254 5492 BrFiltUp - ok
    13:39:06.0364 5492 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    13:39:06.0442 5492 Brserid - ok
    13:39:06.0551 5492 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    13:39:06.0598 5492 BrSerWdm - ok
    13:39:06.0722 5492 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    13:39:06.0769 5492 BrUsbMdm - ok
    13:39:06.0878 5492 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    13:39:06.0941 5492 BrUsbSer - ok
    13:39:07.0050 5492 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    13:39:07.0128 5492 BthEnum - ok
    13:39:07.0222 5492 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    13:39:07.0284 5492 BTHMODEM - ok
    13:39:07.0393 5492 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    13:39:07.0502 5492 BthPan - ok
    13:39:07.0658 5492 BTHPORT (538392664fee486620dfea146f2500bc) C:\Windows\System32\Drivers\BTHport.sys
    13:39:07.0768 5492 BTHPORT - ok
    13:39:07.0861 5492 BTHUSB (6e71522e317b22257d8e37a1584b5829) C:\Windows\System32\Drivers\BTHUSB.sys
    13:39:07.0924 5492 BTHUSB - ok
    13:39:08.0298 5492 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    13:39:08.0376 5492 cdfs - ok
    13:39:08.0485 5492 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
    13:39:08.0548 5492 cdrom - ok
    13:39:08.0704 5492 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    13:39:08.0750 5492 circlass - ok
    13:39:08.0860 5492 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    13:39:08.0906 5492 CLFS - ok
    13:39:09.0031 5492 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    13:39:09.0109 5492 CmBatt - ok
    13:39:09.0203 5492 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
    13:39:09.0234 5492 cmdide - ok
    13:39:09.0265 5492 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
    13:39:09.0374 5492 CNG - ok
    13:39:09.0499 5492 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    13:39:09.0530 5492 Compbatt - ok
    13:39:09.0562 5492 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
    13:39:09.0608 5492 CompositeBus - ok
    13:39:09.0718 5492 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    13:39:09.0749 5492 crcdisk - ok
    13:39:09.0998 5492 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
    13:39:10.0061 5492 DfsC - ok
    13:39:10.0139 5492 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    13:39:10.0232 5492 discache - ok
    13:39:10.0326 5492 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    13:39:10.0373 5492 Disk - ok
    13:39:10.0498 5492 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    13:39:10.0544 5492 drmkaud - ok
    13:39:10.0654 5492 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
    13:39:10.0732 5492 DXGKrnl - ok
    13:39:10.0888 5492 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    13:39:11.0044 5492 ebdrv - ok
    13:39:11.0184 5492 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    13:39:11.0246 5492 elxstor - ok
    13:39:11.0246 5492 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
    13:39:11.0293 5492 ErrDev - ok
    13:39:11.0402 5492 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    13:39:11.0496 5492 exfat - ok
    13:39:11.0605 5492 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    13:39:11.0714 5492 fastfat - ok
    13:39:11.0824 5492 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    13:39:11.0870 5492 fdc - ok
    13:39:11.0980 5492 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    13:39:12.0011 5492 FileInfo - ok
    13:39:12.0058 5492 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    13:39:12.0136 5492 Filetrace - ok
    13:39:12.0229 5492 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:39:12.0276 5492 flpydisk - ok
    13:39:12.0338 5492 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
    13:39:12.0385 5492 FltMgr - ok
    13:39:12.0494 5492 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    13:39:12.0541 5492 FsDepends - ok
    13:39:12.0619 5492 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
    13:39:12.0650 5492 fssfltr - ok
    13:39:12.0682 5492 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    13:39:12.0697 5492 Fs_Rec - ok
    13:39:12.0760 5492 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
    13:39:12.0806 5492 fvevol - ok
    13:39:12.0853 5492 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    13:39:12.0916 5492 gagp30kx - ok
    13:39:13.0072 5492 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    13:39:13.0134 5492 hcw85cir - ok
    13:39:13.0243 5492 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
    13:39:13.0306 5492 HdAudAddService - ok
    13:39:13.0430 5492 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    13:39:13.0493 5492 HDAudBus - ok
    13:39:13.0524 5492 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    13:39:13.0540 5492 HECIx64 - ok
    13:39:13.0571 5492 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    13:39:13.0664 5492 HidBatt - ok
    13:39:13.0774 5492 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    13:39:13.0836 5492 HidBth - ok
    13:39:13.0930 5492 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    13:39:13.0992 5492 HidIr - ok
    13:39:14.0101 5492 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
    13:39:14.0148 5492 HidUsb - ok
    13:39:14.0304 5492 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
    13:39:14.0335 5492 HpSAMD - ok
    13:39:14.0460 5492 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
    13:39:14.0585 5492 HTTP - ok
    13:39:14.0678 5492 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
    13:39:14.0725 5492 hwpolicy - ok
    13:39:14.0834 5492 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    13:39:14.0866 5492 i8042prt - ok
    13:39:14.0912 5492 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
    13:39:14.0944 5492 iaStor - ok
    13:39:15.0068 5492 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
    13:39:15.0131 5492 iaStorV - ok
    13:39:15.0365 5492 igfx (fbacbed7a37b3223822470ff1d8ea00f) C:\Windows\system32\DRIVERS\igdkmd64.sys
    13:39:15.0802 5492 igfx - ok
    13:39:15.0911 5492 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    13:39:15.0926 5492 iirsp - ok
    13:39:16.0036 5492 IntcAzAudAddService (e76fdfff07f8a2fa81ff250dda0f6bba) C:\Windows\system32\drivers\RTKVHD64.sys
    13:39:16.0207 5492 IntcAzAudAddService - ok
    13:39:16.0316 5492 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
    13:39:16.0348 5492 intelide - ok
    13:39:16.0582 5492 intelkmd (fbacbed7a37b3223822470ff1d8ea00f) C:\Windows\system32\DRIVERS\igdpmd64.sys
    13:39:16.0940 5492 intelkmd - ok
    13:39:17.0034 5492 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    13:39:17.0065 5492 intelppm - ok
    13:39:17.0159 5492 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:39:17.0237 5492 IpFilterDriver - ok
    13:39:17.0346 5492 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    13:39:17.0408 5492 IPMIDRV - ok
    13:39:17.0502 5492 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    13:39:17.0596 5492 IPNAT - ok
    13:39:17.0689 5492 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    13:39:17.0752 5492 IRENUM - ok
    13:39:17.0876 5492 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
    13:39:17.0908 5492 isapnp - ok
    13:39:17.0954 5492 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
    13:39:17.0986 5492 iScsiPrt - ok
    13:39:18.0079 5492 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    13:39:18.0110 5492 kbdclass - ok
    13:39:18.0157 5492 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
    13:39:18.0188 5492 kbdhid - ok
    13:39:18.0298 5492 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
    13:39:18.0344 5492 KSecDD - ok
    13:39:18.0376 5492 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
    13:39:18.0391 5492 KSecPkg - ok
    13:39:18.0422 5492 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    13:39:18.0516 5492 ksthunk - ok
    13:39:18.0656 5492 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    13:39:18.0750 5492 lltdio - ok
    13:39:18.0875 5492 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    13:39:18.0906 5492 LSI_FC - ok
    13:39:18.0922 5492 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    13:39:18.0953 5492 LSI_SAS - ok
    13:39:18.0953 5492 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    13:39:18.0968 5492 LSI_SAS2 - ok
    13:39:19.0000 5492 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    13:39:19.0015 5492 LSI_SCSI - ok
    13:39:19.0124 5492 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    13:39:19.0202 5492 luafv - ok
    13:39:19.0343 5492 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
    13:39:19.0374 5492 MBAMProtector - ok
    13:39:19.0452 5492 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    13:39:19.0468 5492 megasas - ok
    13:39:19.0577 5492 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    13:39:19.0624 5492 MegaSR - ok
    13:39:19.0733 5492 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    13:39:19.0811 5492 Modem - ok
    13:39:19.0936 5492 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    13:39:20.0029 5492 monitor - ok
    13:39:20.0138 5492 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    13:39:20.0170 5492 mouclass - ok
    13:39:20.0279 5492 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    13:39:20.0341 5492 mouhid - ok
    13:39:20.0388 5492 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
    13:39:20.0419 5492 mountmgr - ok
    13:39:20.0482 5492 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
    13:39:20.0513 5492 MpFilter - ok
    13:39:20.0622 5492 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
    13:39:20.0669 5492 mpio - ok
    13:39:20.0684 5492 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
    13:39:20.0700 5492 MpNWMon - ok
    13:39:20.0731 5492 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    13:39:20.0794 5492 mpsdrv - ok
    13:39:20.0825 5492 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
    13:39:20.0872 5492 MRxDAV - ok
    13:39:20.0903 5492 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:39:20.0950 5492 mrxsmb - ok
    13:39:21.0059 5492 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:39:21.0121 5492 mrxsmb10 - ok
    13:39:21.0168 5492 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:39:21.0215 5492 mrxsmb20 - ok
    13:39:21.0308 5492 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys
    13:39:21.0340 5492 msahci - ok
    13:39:21.0371 5492 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
    13:39:21.0402 5492 msdsm - ok
    13:39:21.0449 5492 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    13:39:21.0511 5492 Msfs - ok
    13:39:21.0636 5492 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    13:39:21.0698 5492 mshidkmdf - ok
    13:39:21.0745 5492 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
    13:39:21.0823 5492 msisadrv - ok
    13:39:21.0964 5492 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    13:39:22.0042 5492 MSKSSRV - ok
    13:39:22.0135 5492 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:39:22.0213 5492 MSPCLOCK - ok
    13:39:22.0229 5492 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    13:39:22.0291 5492 MSPQM - ok
    13:39:22.0322 5492 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
    13:39:22.0354 5492 MsRPC - ok
    13:39:22.0369 5492 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
    13:39:22.0400 5492 mssmbios - ok
    13:39:22.0432 5492 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    13:39:22.0510 5492 MSTEE - ok
    13:39:22.0603 5492 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    13:39:22.0650 5492 MTConfig - ok
    13:39:22.0759 5492 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    13:39:22.0806 5492 Mup - ok
    13:39:22.0915 5492 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
    wifi.sys
    13:39:22.0978 5492 NativeWifiP - ok
    13:39:23.0118 5492 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers
    dis.sys
    13:39:23.0196 5492 NDIS - ok
    13:39:23.0305 5492 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
    discap.sys
    13:39:23.0383 5492 NdisCap - ok
    13:39:23.0477 5492 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
    distapi.sys
    13:39:23.0555 5492 NdisTapi - ok
    13:39:23.0680 5492 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS
    disuio.sys
    13:39:23.0758 5492 Ndisuio - ok
    13:39:23.0789 5492 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS
    diswan.sys
    13:39:23.0851 5492 NdisWan - ok
    13:39:23.0882 5492 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
    13:39:23.0929 5492 NDProxy - ok
    13:39:24.0023 5492 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
    etbios.sys
    13:39:24.0116 5492 NetBIOS - ok
    13:39:24.0210 5492 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS
    etbt.sys
    13:39:24.0366 5492 NetBT - ok
    13:39:24.0631 5492 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS
    etw5v64.sys
    13:39:24.0818 5492 netw5v64 - ok
    13:39:24.0943 5492 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS
    frd960.sys
    13:39:24.0974 5492 nfrd960 - ok
    13:39:25.0021 5492 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    13:39:25.0037 5492 NisDrv - ok
    13:39:25.0084 5492 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    13:39:25.0162 5492 Npfs - ok
    13:39:25.0255 5492 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
    siproxy.sys
    13:39:25.0333 5492 nsiproxy - ok
    13:39:25.0411 5492 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
    13:39:25.0520 5492 Ntfs - ok
    13:39:25.0661 5492 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP
    tk_PowerDVD_64.sys
    13:39:25.0692 5492 ntk_PowerDVD - ok
    13:39:25.0786 5492 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    13:39:25.0864 5492 Null - ok
    13:39:25.0973 5492 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers
    vraid.sys
    13:39:26.0004 5492 nvraid - ok
    13:39:26.0113 5492 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers
    vstor.sys
    13:39:26.0129 5492 nvstor - ok
    13:39:26.0254 5492 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS
    v_agp.sys
    13:39:26.0285 5492 nv_agp - ok
    13:39:26.0394 5492 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
    13:39:26.0425 5492 ohci1394 - ok
    13:39:26.0597 5492 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    13:39:26.0628 5492 Parport - ok
    13:39:26.0737 5492 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
    13:39:26.0768 5492 partmgr - ok
    13:39:26.0800 5492 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
    13:39:26.0815 5492 pci - ok
    13:39:26.0878 5492 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
    13:39:26.0909 5492 pciide - ok
    13:39:26.0924 5492 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    13:39:26.0956 5492 pcmcia - ok
    13:39:27.0065 5492 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
    13:39:27.0112 5492 pcouffin - ok
    13:39:27.0236 5492 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    13:39:27.0268 5492 pcw - ok
    13:39:27.0330 5492 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    13:39:27.0455 5492 PEAUTH - ok
    13:39:27.0970 5492 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
    13:39:28.0063 5492 PptpMiniport - ok
    13:39:28.0172 5492 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    13:39:28.0219 5492 Processor - ok
    13:39:28.0360 5492 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
    13:39:28.0438 5492 Psched - ok
    13:39:28.0578 5492 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    13:39:28.0672 5492 ql2300 - ok
    13:39:28.0750 5492 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    13:39:28.0796 5492 ql40xx - ok
    13:39:28.0828 5492 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    13:39:28.0874 5492 QWAVEdrv - ok
    13:39:28.0906 5492 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    13:39:28.0984 5492 RasAcd - ok
    13:39:29.0093 5492 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    13:39:29.0140 5492 RasAgileVpn - ok
    13:39:29.0186 5492 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:39:29.0296 5492 Rasl2tp - ok
    13:39:29.0420 5492 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:39:29.0483 5492 RasPppoe - ok
    13:39:29.0608 5492 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    13:39:29.0670 5492 RasSstp - ok
    13:39:29.0779 5492 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
    13:39:29.0857 5492 rdbss - ok
    13:39:29.0982 5492 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    13:39:30.0029 5492 rdpbus - ok
    13:39:30.0154 5492 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:39:30.0232 5492 RDPCDD - ok
    13:39:30.0232 5492 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    13:39:30.0294 5492 RDPENCDD - ok
    13:39:30.0325 5492 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    13:39:30.0388 5492 RDPREFMP - ok
    13:39:30.0403 5492 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
    13:39:30.0466 5492 RDPWD - ok
    13:39:30.0512 5492 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
    13:39:30.0528 5492 rdyboost - ok
    13:39:30.0590 5492 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    13:39:30.0684 5492 RFCOMM - ok
    13:39:30.0793 5492 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    13:39:30.0871 5492 rspndr - ok
    13:39:30.0965 5492 RSUSBSTOR - ok
    13:39:31.0012 5492 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
    13:39:31.0043 5492 RTL8167 - ok
    13:39:31.0136 5492 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
    13:39:31.0214 5492 sbp2port - ok
    13:39:31.0308 5492 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
    13:39:31.0370 5492 scfilter - ok
    13:39:31.0480 5492 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
    13:39:31.0542 5492 sdbus - ok
    13:39:31.0651 5492 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    13:39:31.0714 5492 secdrv - ok
    13:39:31.0838 5492 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    13:39:31.0870 5492 Serenum - ok
    13:39:31.0885 5492 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    13:39:31.0916 5492 Serial - ok
    13:39:32.0026 5492 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    13:39:32.0072 5492 sermouse - ok
    13:39:32.0088 5492 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
    13:39:32.0150 5492 sffdisk - ok
    13:39:32.0244 5492 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    13:39:32.0291 5492 sffp_mmc - ok
    13:39:32.0306 5492 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
    13:39:32.0353 5492 sffp_sd - ok
    13:39:32.0478 5492 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    13:39:32.0509 5492 sfloppy - ok
    13:39:32.0540 5492 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    13:39:32.0556 5492 SiSRaid2 - ok
    13:39:32.0572 5492 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    13:39:32.0603 5492 SiSRaid4 - ok
    13:39:32.0634 5492 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    13:39:32.0696 5492 Smb - ok
    13:39:32.0915 5492 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    13:39:32.0962 5492 spldr - ok
    13:39:33.0055 5492 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
    13:39:33.0180 5492 srv - ok
    13:39:33.0320 5492 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
    13:39:33.0383 5492 srv2 - ok
    13:39:33.0492 5492 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    13:39:33.0539 5492 SrvHsfHDA - ok
    13:39:33.0586 5492 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    13:39:33.0664 5492 SrvHsfV92 - ok
    13:39:33.0710 5492 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    13:39:33.0773 5492 SrvHsfWinac - ok
    13:39:33.0804 5492 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
    13:39:33.0835 5492 srvnet - ok
    13:39:33.0866 5492 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    13:39:33.0882 5492 stexstor - ok
    13:39:33.0976 5492 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
    13:39:34.0007 5492 swenum - ok
    13:39:34.0054 5492 SynTP (4998ae89119c7106c92f0a64e4840ff6) C:\Windows\system32\DRIVERS\SynTP.sys
    13:39:34.0085 5492 SynTP - ok
    13:39:34.0178 5492 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
    13:39:34.0288 5492 Tcpip - ok
    13:39:34.0428 5492 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
    13:39:34.0490 5492 TCPIP6 - ok
    13:39:34.0537 5492 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
    13:39:34.0600 5492 tcpipreg - ok
    13:39:34.0615 5492 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    13:39:34.0678 5492 TDPIPE - ok
    13:39:34.0693 5492 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    13:39:34.0756 5492 TDTCP - ok
    13:39:34.0787 5492 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
    13:39:34.0880 5492 tdx - ok
    13:39:34.0974 5492 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
    13:39:35.0005 5492 TermDD - ok
    13:39:35.0146 5492 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:39:35.0224 5492 tssecsrv - ok
    13:39:35.0380 5492 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
    13:39:35.0489 5492 tunnel - ok
    13:39:35.0692 5492 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    13:39:35.0754 5492 uagp35 - ok
    13:39:35.0941 5492 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
    13:39:36.0004 5492 udfs - ok
    13:39:36.0128 5492 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
    13:39:36.0175 5492 uliagpkx - ok
    13:39:36.0440 5492 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
    13:39:36.0487 5492 umbus - ok
    13:39:36.0612 5492 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    13:39:36.0643 5492 UmPass - ok
    13:39:36.0737 5492 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
    13:39:36.0799 5492 usbccgp - ok
    13:39:36.0908 5492 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
    13:39:36.0971 5492 usbcir - ok
    13:39:37.0018 5492 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
    13:39:37.0064 5492 usbehci - ok
    13:39:37.0096 5492 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
    13:39:37.0158 5492 usbhub - ok
    13:39:37.0189 5492 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
    13:39:37.0220 5492 usbohci - ok
    13:39:37.0330 5492 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    13:39:37.0376 5492 usbprint - ok
    13:39:37.0423 5492 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    13:39:37.0470 5492 usbscan - ok
    13:39:37.0501 5492 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:39:37.0579 5492 USBSTOR - ok
    13:39:37.0688 5492 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
    13:39:37.0735 5492 usbuhci - ok
    13:39:37.0907 5492 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
    13:39:37.0969 5492 usbvideo - ok
    13:39:38.0156 5492 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
    13:39:38.0203 5492 VClone - ok
    13:39:38.0328 5492 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
    13:39:38.0375 5492 vdrvroot - ok
    13:39:38.0406 5492 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:39:38.0422 5492 vga - ok
    13:39:38.0593 5492 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    13:39:38.0687 5492 VgaSave - ok
    13:39:38.0765 5492 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
    13:39:38.0812 5492 vhdmp - ok
    13:39:38.0843 5492 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
    13:39:38.0858 5492 viaide - ok
    13:39:38.0905 5492 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
    13:39:38.0968 5492 volmgr - ok
    13:39:39.0046 5492 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
    13:39:39.0092 5492 volmgrx - ok
    13:39:39.0124 5492 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
    13:39:39.0139 5492 volsnap - ok
    13:39:39.0170 5492 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    13:39:39.0202 5492 vsmraid - ok
    13:39:39.0342 5492 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    13:39:39.0389 5492 vwifibus - ok
    13:39:39.0404 5492 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    13:39:39.0436 5492 vwififlt - ok
    13:39:39.0467 5492 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
    13:39:39.0498 5492 vwifimp - ok
    13:39:39.0529 5492 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    13:39:39.0576 5492 WacomPen - ok
    13:39:39.0623 5492 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    13:39:39.0685 5492 WANARP - ok
    13:39:39.0701 5492 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    13:39:39.0748 5492 Wanarpv6 - ok
    13:39:39.0841 5492 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    13:39:39.0872 5492 Wd - ok
    13:39:39.0904 5492 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    13:39:39.0935 5492 Wdf01000 - ok
    13:39:40.0060 5492 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    13:39:40.0138 5492 WfpLwf - ok
    13:39:40.0169 5492 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    13:39:40.0184 5492 WIMMount - ok
    13:39:40.0294 5492 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
    13:39:40.0340 5492 WinUsb - ok
    13:39:40.0372 5492 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
    13:39:40.0434 5492 WmiAcpi - ok
    13:39:40.0559 5492 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    13:39:40.0652 5492 ws2ifsl - ok
    13:39:40.0699 5492 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
    13:39:40.0762 5492 WudfPf - ok
    13:39:40.0886 5492 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:39:40.0949 5492 WUDFRd - ok
    13:39:41.0074 5492 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
    13:39:41.0183 5492 yukonw7 - ok
    13:39:41.0354 5492 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
    13:39:41.0682 5492 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
    13:39:41.0729 5492 MBR (0x1B8) (09de7b4f9730f58634c3e9f8efede8d4) \Device\Harddisk0\DR0
    13:39:41.0776 5492 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
    13:39:41.0776 5492 \Device\Harddisk0\DR0 - detected TDSS File System (1)
    13:39:41.0791 5492 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
    13:39:42.0431 5492 \Device\Harddisk1\DR1 - ok
    13:39:42.0446 5492 Boot (0x1200) (d3c545b6ddf8b0ee529351abbbb5b7ea) \Device\Harddisk0\DR0\Partition0
    13:39:42.0446 5492 \Device\Harddisk0\DR0\Partition0 - ok
    13:39:42.0462 5492 Boot (0x1200) (526a2efc45b94de5003bb998e7b364b0) \Device\Harddisk0\DR0\Partition1
    13:39:42.0462 5492 \Device\Harddisk0\DR0\Partition1 - ok
    13:39:42.0493 5492 Boot (0x1200) (d8004c5c5f34d371f5e7fe87c40a797a) \Device\Harddisk0\DR0\Partition2
    13:39:42.0493 5492 \Device\Harddisk0\DR0\Partition2 - ok
    13:39:42.0509 5492 Boot (0x1200) (0161b663635c28111950e1265b6ace61) \Device\Harddisk0\DR0\Partition3
    13:39:42.0509 5492 \Device\Harddisk0\DR0\Partition3 - ok
    13:39:42.0524 5492 Boot (0x1200) (8b33f6f96864a3f2a7e04ec25130871d) \Device\Harddisk1\DR1\Partition0
    13:39:42.0524 5492 \Device\Harddisk1\DR1\Partition0 - ok
    13:39:42.0524 5492 ============================================================
    13:39:42.0524 5492 Scan finished
    13:39:42.0524 5492 ============================================================
    13:39:42.0571 1312 Detected object count: 1
    13:39:42.0571 1312 Actual detected object count: 1
    13:39:52.0820 1312 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
    13:39:52.0820 1312 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • Je bent aangesloten aan TDL botnet en hebt datgene wat daarvoor verantwoordelijk is niet laten verwijderen door TDSSKiller.
    Want je hebt schijnbaar de handleiding niet goed genoeg gelezen.
    Uit je log:

    [b:4a3dd1ef98]13:39:42.0571 1312 Detected object count: 1
    13:39:42.0571 1312 Actual detected object count: 1
    13:39:52.0820 1312 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
    13:39:52.0820 1312 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip[/b:4a3dd1ef98]

    Herhaal nu TDSKiller, gebruik weer dezelfde instellingen en kies nu voor TDSS File System de opdracht [b:4a3dd1ef98]Delete[/b:4a3dd1ef98]

    Post wederom de inhoud van het log.
  • Excuses voor mijn fout. Hierbij het 2e rapport
    Bedankt voor de inzet.

    15:07:48.0217 1364 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
    15:07:50.0219 1364 ============================================================
    15:07:50.0220 1364 Current date / time: 2012/01/08 15:07:50.0219
    15:07:50.0220 1364 SystemInfo:
    15:07:50.0220 1364
    15:07:50.0220 1364 OS Version: 6.1.7600 ServicePack: 0.0
    15:07:50.0220 1364 Product type: Workstation
    15:07:50.0220 1364 ComputerName: COCU
    15:07:50.0220 1364 UserName: Egbert
    15:07:50.0220 1364 Windows directory: C:\Windows
    15:07:50.0220 1364 System windows directory: C:\Windows
    15:07:50.0220 1364 Running under WOW64
    15:07:50.0220 1364 Processor architecture: Intel x64
    15:07:50.0220 1364 Number of processors: 4
    15:07:50.0220 1364 Page size: 0x1000
    15:07:50.0220 1364 Boot type: Normal boot
    15:07:50.0220 1364 ============================================================
    15:07:51.0904 1364 Initialize success
    15:08:41.0840 6328 ============================================================
    15:08:41.0840 6328 Scan started
    15:08:41.0841 6328 Mode: Manual; SigCheck; TDLFS;
    15:08:41.0841 6328 ============================================================
    15:08:42.0361 6328 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
    15:08:42.0553 6328 1394ohci - ok
    15:08:42.0654 6328 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
    15:08:42.0710 6328 ACPI - ok
    15:08:42.0811 6328 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
    15:08:42.0918 6328 AcpiPmi - ok
    15:08:43.0060 6328 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    15:08:43.0136 6328 adp94xx - ok
    15:08:43.0234 6328 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    15:08:43.0264 6328 adpahci - ok
    15:08:43.0361 6328 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    15:08:43.0389 6328 adpu320 - ok
    15:08:43.0518 6328 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
    15:08:43.0626 6328 AFD - ok
    15:08:43.0752 6328 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
    15:08:43.0891 6328 AgereSoftModem - ok
    15:08:43.0998 6328 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
    15:08:44.0023 6328 agp440 - ok
    15:08:44.0142 6328 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
    15:08:44.0164 6328 aliide - ok
    15:08:44.0266 6328 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
    15:08:44.0287 6328 amdide - ok
    15:08:44.0401 6328 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    15:08:44.0476 6328 AmdK8 - ok
    15:08:44.0716 6328 amdkmdag (8155ea1864d1fa8b168c46c41ed97a76) C:\Windows\system32\DRIVERS\atikmdag.sys
    15:08:45.0106 6328 amdkmdag - ok
    15:08:45.0213 6328 amdkmdap (4841c7af2bac05ae23955d65b4336446) C:\Windows\system32\DRIVERS\atikmpag.sys
    15:08:45.0427 6328 amdkmdap - ok
    15:08:45.0525 6328 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    15:08:45.0577 6328 AmdPPM - ok
    15:08:45.0686 6328 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
    15:08:45.0739 6328 amdsata - ok
    15:08:45.0844 6328 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    15:08:45.0876 6328 amdsbs - ok
    15:08:45.0952 6328 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
    15:08:45.0985 6328 amdxata - ok
    15:08:46.0100 6328 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
    15:08:46.0237 6328 AppID - ok
    15:08:46.0369 6328 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    15:08:46.0421 6328 arc - ok
    15:08:46.0527 6328 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    15:08:46.0586 6328 arcsas - ok
    15:08:46.0695 6328 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    15:08:46.0940 6328 AsyncMac - ok
    15:08:47.0033 6328 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
    15:08:47.0057 6328 atapi - ok
    15:08:47.0191 6328 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
    15:08:47.0276 6328 athr - ok
    15:08:47.0392 6328 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
    15:08:47.0460 6328 AtiHdmiService - ok
    15:08:47.0597 6328 Avgfwfd (705417fd6c165ccf926aca943b478d68) C:\Windows\system32\DRIVERS\avgfwd6a.sys
    15:08:47.0661 6328 Avgfwfd - ok
    15:08:47.0782 6328 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    15:08:47.0848 6328 AVGIDSDriver - ok
    15:08:47.0959 6328 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    15:08:47.0987 6328 AVGIDSEH - ok
    15:08:48.0096 6328 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    15:08:48.0139 6328 AVGIDSFilter - ok
    15:08:48.0257 6328 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
    15:08:48.0334 6328 Avgldx64 - ok
    15:08:48.0360 6328 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
    15:08:48.0403 6328 Avgmfx64 - ok
    15:08:48.0523 6328 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
    15:08:48.0552 6328 Avgrkx64 - ok
    15:08:48.0615 6328 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
    15:08:48.0672 6328 Avgtdia - ok
    15:08:48.0804 6328 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    15:08:48.0893 6328 b06bdrv - ok
    15:08:49.0003 6328 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    15:08:49.0067 6328 b57nd60a - ok
    15:08:49.0246 6328 BCM43XX (810be94a9e42309b3f74217ac28bc6ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
    15:08:49.0380 6328 BCM43XX - ok
    15:08:49.0498 6328 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    15:08:49.0582 6328 Beep - ok
    15:08:49.0703 6328 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    15:08:49.0749 6328 blbdrive - ok
    15:08:49.0800 6328 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
    15:08:49.0909 6328 bowser - ok
    15:08:50.0020 6328 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    15:08:50.0069 6328 BrFiltLo - ok
    15:08:50.0164 6328 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    15:08:50.0213 6328 BrFiltUp - ok
    15:08:50.0326 6328 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    15:08:50.0384 6328 Brserid - ok
    15:08:50.0498 6328 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    15:08:50.0556 6328 BrSerWdm - ok
    15:08:50.0676 6328 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    15:08:50.0746 6328 BrUsbMdm - ok
    15:08:50.0854 6328 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    15:08:50.0929 6328 BrUsbSer - ok
    15:08:51.0112 6328 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    15:08:51.0224 6328 BthEnum - ok
    15:08:51.0324 6328 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    15:08:51.0380 6328 BTHMODEM - ok
    15:08:51.0505 6328 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    15:08:51.0572 6328 BthPan - ok
    15:08:51.0706 6328 BTHPORT (538392664fee486620dfea146f2500bc) C:\Windows\System32\Drivers\BTHport.sys
    15:08:51.0833 6328 BTHPORT - ok
    15:08:51.0923 6328 BTHUSB (6e71522e317b22257d8e37a1584b5829) C:\Windows\System32\Drivers\BTHUSB.sys
    15:08:52.0002 6328 BTHUSB - ok
    15:08:52.0106 6328 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    15:08:52.0183 6328 cdfs - ok
    15:08:52.0288 6328 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
    15:08:52.0345 6328 cdrom - ok
    15:08:52.0476 6328 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    15:08:52.0524 6328 circlass - ok
    15:08:52.0612 6328 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    15:08:52.0649 6328 CLFS - ok
    15:08:52.0786 6328 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    15:08:52.0822 6328 CmBatt - ok
    15:08:52.0845 6328 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
    15:08:52.0868 6328 cmdide - ok
    15:08:52.0900 6328 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
    15:08:52.0956 6328 CNG - ok
    15:08:53.0063 6328 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    15:08:53.0092 6328 Compbatt - ok
    15:08:53.0197 6328 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
    15:08:53.0246 6328 CompositeBus - ok
    15:08:53.0361 6328 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    15:08:53.0395 6328 crcdisk - ok
    15:08:53.0526 6328 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
    15:08:53.0661 6328 DfsC - ok
    15:08:53.0766 6328 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    15:08:53.0839 6328 discache - ok
    15:08:53.0955 6328 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    15:08:53.0993 6328 Disk - ok
    15:08:54.0101 6328 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    15:08:54.0162 6328 drmkaud - ok
    15:08:54.0297 6328 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
    15:08:54.0402 6328 DXGKrnl - ok
    15:08:54.0559 6328 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    15:08:54.0710 6328 ebdrv - ok
    15:08:54.0841 6328 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    15:08:54.0898 6328 elxstor - ok
    15:08:54.0983 6328 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
    15:08:55.0017 6328 ErrDev - ok
    15:08:55.0070 6328 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    15:08:55.0159 6328 exfat - ok
    15:08:55.0281 6328 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    15:08:55.0390 6328 fastfat - ok
    15:08:55.0497 6328 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    15:08:55.0533 6328 fdc - ok
    15:08:55.0646 6328 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    15:08:55.0673 6328 FileInfo - ok
    15:08:55.0691 6328 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    15:08:55.0776 6328 Filetrace - ok
    15:08:55.0879 6328 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    15:08:55.0904 6328 flpydisk - ok
    15:08:55.0937 6328 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
    15:08:55.0970 6328 FltMgr - ok
    15:08:56.0000 6328 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    15:08:56.0022 6328 FsDepends - ok
    15:08:56.0131 6328 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
    15:08:56.0162 6328 fssfltr - ok
    15:08:56.0193 6328 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    15:08:56.0216 6328 Fs_Rec - ok
    15:08:56.0255 6328 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
    15:08:56.0331 6328 fvevol - ok
    15:08:56.0444 6328 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    15:08:56.0470 6328 gagp30kx - ok
    15:08:56.0630 6328 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    15:08:56.0704 6328 hcw85cir - ok
    15:08:56.0826 6328 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
    15:08:56.0898 6328 HdAudAddService - ok
    15:08:56.0928 6328 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    15:08:56.0983 6328 HDAudBus - ok
    15:08:57.0032 6328 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    15:08:57.0082 6328 HECIx64 - ok
    15:08:57.0120 6328 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    15:08:57.0182 6328 HidBatt - ok
    15:08:57.0290 6328 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    15:08:57.0350 6328 HidBth - ok
    15:08:57.0449 6328 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    15:08:57.0503 6328 HidIr - ok
    15:08:57.0623 6328 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
    15:08:57.0682 6328 HidUsb - ok
    15:08:57.0841 6328 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
    15:08:57.0873 6328 HpSAMD - ok
    15:08:58.0015 6328 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
    15:08:58.0142 6328 HTTP - ok
    15:08:58.0231 6328 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
    15:08:58.0260 6328 hwpolicy - ok
    15:08:58.0362 6328 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    15:08:58.0391 6328 i8042prt - ok
    15:08:58.0434 6328 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
    15:08:58.0468 6328 iaStor - ok
    15:08:58.0586 6328 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
    15:08:58.0647 6328 iaStorV - ok
    15:08:58.0904 6328 igfx (fbacbed7a37b3223822470ff1d8ea00f) C:\Windows\system32\DRIVERS\igdkmd64.sys
    15:08:59.0337 6328 igfx - ok
    15:08:59.0445 6328 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    15:08:59.0480 6328 iirsp - ok
    15:08:59.0593 6328 IntcAzAudAddService (e76fdfff07f8a2fa81ff250dda0f6bba) C:\Windows\system32\drivers\RTKVHD64.sys
    15:08:59.0810 6328 IntcAzAudAddService - ok
    15:08:59.0890 6328 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
    15:08:59.0916 6328 intelide - ok
    15:09:00.0200 6328 intelkmd (fbacbed7a37b3223822470ff1d8ea00f) C:\Windows\system32\DRIVERS\igdpmd64.sys
    15:09:00.0627 6328 intelkmd - ok
    15:09:00.0723 6328 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    15:09:00.0787 6328 intelppm - ok
    15:09:00.0910 6328 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    15:09:00.0991 6328 IpFilterDriver - ok
    15:09:01.0085 6328 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    15:09:01.0137 6328 IPMIDRV - ok
    15:09:01.0231 6328 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    15:09:01.0318 6328 IPNAT - ok
    15:09:01.0422 6328 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    15:09:01.0511 6328 IRENUM - ok
    15:09:01.0610 6328 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
    15:09:01.0636 6328 isapnp - ok
    15:09:01.0668 6328 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
    15:09:01.0699 6328 iScsiPrt - ok
    15:09:01.0790 6328 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    15:09:01.0819 6328 kbdclass - ok
    15:09:01.0846 6328 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
    15:09:01.0882 6328 kbdhid - ok
    15:09:01.0979 6328 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
    15:09:02.0016 6328 KSecDD - ok
    15:09:02.0047 6328 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
    15:09:02.0075 6328 KSecPkg - ok
    15:09:02.0119 6328 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    15:09:02.0220 6328 ksthunk - ok
    15:09:02.0365 6328 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    15:09:02.0450 6328 lltdio - ok
    15:09:02.0552 6328 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    15:09:02.0582 6328 LSI_FC - ok
    15:09:02.0608 6328 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    15:09:02.0633 6328 LSI_SAS - ok
    15:09:02.0654 6328 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    15:09:02.0676 6328 LSI_SAS2 - ok
    15:09:02.0713 6328 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    15:09:02.0735 6328 LSI_SCSI - ok
    15:09:02.0753 6328 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    15:09:02.0824 6328 luafv - ok
    15:09:02.0949 6328 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
    15:09:02.0982 6328 MBAMProtector - ok
    15:09:03.0094 6328 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    15:09:03.0133 6328 megasas - ok
    15:09:03.0146 6328 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    15:09:03.0175 6328 MegaSR - ok
    15:09:03.0225 6328 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    15:09:03.0298 6328 Modem - ok
    15:09:03.0396 6328 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    15:09:03.0482 6328 monitor - ok
    15:09:03.0587 6328 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    15:09:03.0623 6328 mouclass - ok
    15:09:03.0737 6328 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    15:09:03.0793 6328 mouhid - ok
    15:09:03.0817 6328 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
    15:09:03.0862 6328 mountmgr - ok
    15:09:03.0910 6328 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
    15:09:03.0941 6328 MpFilter - ok
    15:09:04.0036 6328 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
    15:09:04.0081 6328 mpio - ok
    15:09:04.0109 6328 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
    15:09:04.0132 6328 MpNWMon - ok
    15:09:04.0161 6328 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    15:09:04.0250 6328 mpsdrv - ok
    15:09:04.0350 6328 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
    15:09:04.0411 6328 MRxDAV - ok
    15:09:04.0443 6328 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    15:09:04.0474 6328 mrxsmb - ok
    15:09:04.0567 6328 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    15:09:04.0675 6328 mrxsmb10 - ok
    15:09:04.0768 6328 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    15:09:04.0822 6328 mrxsmb20 - ok
    15:09:04.0915 6328 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys
    15:09:04.0953 6328 msahci - ok
    15:09:04.0983 6328 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
    15:09:05.0008 6328 msdsm - ok
    15:09:05.0048 6328 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    15:09:05.0106 6328 Msfs - ok
    15:09:05.0211 6328 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    15:09:05.0296 6328 mshidkmdf - ok
    15:09:05.0382 6328 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
    15:09:05.0437 6328 msisadrv - ok
    15:09:05.0548 6328 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    15:09:05.0640 6328 MSKSSRV - ok
    15:09:05.0748 6328 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    15:09:05.0830 6328 MSPCLOCK - ok
    15:09:05.0847 6328 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    15:09:05.0915 6328 MSPQM - ok
    15:09:05.0945 6328 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
    15:09:05.0975 6328 MsRPC - ok
    15:09:05.0996 6328 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
    15:09:06.0019 6328 mssmbios - ok
    15:09:06.0060 6328 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    15:09:06.0132 6328 MSTEE - ok
    15:09:06.0155 6328 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    15:09:06.0200 6328 MTConfig - ok
    15:09:06.0278 6328 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    15:09:06.0306 6328 Mup - ok
    15:09:06.0446 6328 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
    wifi.sys
    15:09:06.0523 6328 NativeWifiP - ok
    15:09:06.0655 6328 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers
    dis.sys
    15:09:06.0738 6328 NDIS - ok
    15:09:06.0847 6328 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
    discap.sys
    15:09:06.0917 6328 NdisCap - ok
    15:09:06.0972 6328 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
    distapi.sys
    15:09:07.0043 6328 NdisTapi - ok
    15:09:07.0142 6328 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS
    disuio.sys
    15:09:07.0222 6328 Ndisuio - ok
    15:09:07.0321 6328 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS
    diswan.sys
    15:09:07.0437 6328 NdisWan - ok
    15:09:07.0535 6328 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
    15:09:07.0610 6328 NDProxy - ok
    15:09:07.0716 6328 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
    etbios.sys
    15:09:07.0814 6328 NetBIOS - ok
    15:09:07.0918 6328 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS
    etbt.sys
    15:09:08.0040 6328 NetBT - ok
    15:09:08.0291 6328 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS
    etw5v64.sys
    15:09:08.0507 6328 netw5v64 - ok
    15:09:08.0629 6328 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS
    frd960.sys
    15:09:08.0661 6328 nfrd960 - ok
    15:09:08.0705 6328 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    15:09:08.0743 6328 NisDrv - ok
    15:09:08.0799 6328 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    15:09:08.0875 6328 Npfs - ok
    15:09:08.0971 6328 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
    siproxy.sys
    15:09:09.0051 6328 nsiproxy - ok
    15:09:09.0124 6328 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
    15:09:09.0258 6328 Ntfs - ok
    15:09:09.0368 6328 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP
    tk_PowerDVD_64.sys
    15:09:09.0405 6328 ntk_PowerDVD - ok
    15:09:09.0499 6328 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    15:09:09.0597 6328 Null - ok
    15:09:09.0700 6328 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers
    vraid.sys
    15:09:09.0731 6328 nvraid - ok
    15:09:09.0774 6328 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers
    vstor.sys
    15:09:09.0800 6328 nvstor - ok
    15:09:09.0860 6328 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS
    v_agp.sys
    15:09:09.0890 6328 nv_agp - ok
    15:09:09.0901 6328 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
    15:09:09.0928 6328 ohci1394 - ok
    15:09:10.0083 6328 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    15:09:10.0123 6328 Parport - ok
    15:09:10.0144 6328 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
    15:09:10.0166 6328 partmgr - ok
    15:09:10.0186 6328 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
    15:09:10.0214 6328 pci - ok
    15:09:10.0232 6328 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
    15:09:10.0255 6328 pciide - ok
    15:09:10.0266 6328 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    15:09:10.0291 6328 pcmcia - ok
    15:09:10.0383 6328 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
    15:09:10.0456 6328 pcouffin - ok
    15:09:10.0580 6328 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    15:09:10.0607 6328 pcw - ok
    15:09:10.0663 6328 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    15:09:10.0757 6328 PEAUTH - ok
    15:09:10.0877 6328 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
    15:09:10.0956 6328 PptpMiniport - ok
    15:09:11.0056 6328 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    15:09:11.0122 6328 Processor - ok
    15:09:11.0242 6328 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
    15:09:11.0315 6328 Psched - ok
    15:09:11.0460 6328 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    15:09:11.0555 6328 ql2300 - ok
    15:09:11.0652 6328 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    15:09:11.0682 6328 ql40xx - ok
    15:09:11.0722 6328 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    15:09:11.0773 6328 QWAVEdrv - ok
    15:09:11.0798 6328 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    15:09:11.0880 6328 RasAcd - ok
    15:09:11.0990 6328 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    15:09:12.0082 6328 RasAgileVpn - ok
    15:09:12.0185 6328 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
    15:09:12.0278 6328 Rasl2tp - ok
    15:09:12.0393 6328 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    15:09:12.0471 6328 RasPppoe - ok
    15:09:12.0581 6328 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    15:09:12.0676 6328 RasSstp - ok
    15:09:12.0772 6328 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
    15:09:12.0870 6328 rdbss - ok
    15:09:12.0960 6328 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    15:09:12.0997 6328 rdpbus - ok
    15:09:13.0037 6328 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    15:09:13.0106 6328 RDPCDD - ok
    15:09:13.0188 6328 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    15:09:13.0266 6328 RDPENCDD - ok
    15:09:13.0297 6328 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    15:09:13.0382 6328 RDPREFMP - ok
    15:09:13.0454 6328 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
    15:09:13.0534 6328 RDPWD - ok
    15:09:13.0631 6328 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
    15:09:13.0676 6328 rdyboost - ok
    15:09:13.0731 6328 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    15:09:13.0829 6328 RFCOMM - ok
    15:09:13.0945 6328 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    15:09:14.0032 6328 rspndr - ok
    15:09:14.0128 6328 RSUSBSTOR - ok
    15:09:14.0179 6328 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
    15:09:14.0254 6328 RTL8167 - ok
    15:09:14.0341 6328 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
    15:09:14.0406 6328 sbp2port - ok
    15:09:14.0434 6328 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
    15:09:14.0521 6328 scfilter - ok
    15:09:14.0630 6328 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
    15:09:14.0677 6328 sdbus - ok
    15:09:14.0790 6328 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    15:09:14.0919 6328 secdrv - ok
    15:09:15.0028 6328 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    15:09:15.0060 6328 Serenum - ok
    15:09:15.0072 6328 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    15:09:15.0115 6328 Serial - ok
    15:09:15.0231 6328 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    15:09:15.0297 6328 sermouse - ok
    15:09:15.0397 6328 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
    15:09:15.0499 6328 sffdisk - ok
    15:09:15.0587 6328 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    15:09:15.0633 6328 sffp_mmc - ok
    15:09:15.0726 6328 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
    15:09:15.0833 6328 sffp_sd - ok
    15:09:15.0943 6328 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    15:09:15.0982 6328 sfloppy - ok
    15:09:16.0006 6328 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    15:09:16.0032 6328 SiSRaid2 - ok
    15:09:16.0088 6328 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    15:09:16.0112 6328 SiSRaid4 - ok
    15:09:16.0220 6328 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    15:09:16.0316 6328 Smb - ok
    15:09:16.0532 6328 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    15:09:16.0556 6328 spldr - ok
    15:09:16.0735 6328 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
    15:09:16.0880 6328 srv - ok
    15:09:16.0983 6328 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
    15:09:17.0054 6328 srv2 - ok
    15:09:17.0149 6328 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    15:09:17.0195 6328 SrvHsfHDA - ok
    15:09:17.0250 6328 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    15:09:17.0355 6328 SrvHsfV92 - ok
    15:09:17.0458 6328 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    15:09:17.0513 6328 SrvHsfWinac - ok
    15:09:17.0537 6328 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
    15:09:17.0591 6328 srvnet - ok
    15:09:17.0739 6328 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    15:09:17.0765 6328 stexstor - ok
    15:09:17.0878 6328 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
    15:09:17.0906 6328 swenum - ok
    15:09:18.0000 6328 SynTP (4998ae89119c7106c92f0a64e4840ff6) C:\Windows\system32\DRIVERS\SynTP.sys
    15:09:18.0046 6328 SynTP - ok
    15:09:18.0192 6328 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
    15:09:18.0304 6328 Tcpip - ok
    15:09:18.0458 6328 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
    15:09:18.0512 6328 TCPIP6 - ok
    15:09:18.0586 6328 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
    15:09:18.0655 6328 tcpipreg - ok
    15:09:18.0701 6328 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    15:09:18.0765 6328 TDPIPE - ok
    15:09:18.0929 6328 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    15:09:18.0992 6328 TDTCP - ok
    15:09:19.0116 6328 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
    15:09:19.0196 6328 tdx - ok
    15:09:19.0305 6328 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
    15:09:19.0335 6328 TermDD - ok
    15:09:19.0391 6328 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
    15:09:19.0470 6328 tssecsrv - ok
    15:09:19.0496 6328 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
    15:09:19.0565 6328 tunnel - ok
    15:09:19.0647 6328 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    15:09:19.0715 6328 uagp35 - ok
    15:09:19.0766 6328 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
    15:09:19.0873 6328 udfs - ok
    15:09:19.0976 6328 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
    15:09:20.0011 6328 uliagpkx - ok
    15:09:20.0054 6328 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
    15:09:20.0100 6328 umbus - ok
    15:09:20.0217 6328 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    15:09:20.0298 6328 UmPass - ok
    15:09:20.0468 6328 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
    15:09:20.0571 6328 usbccgp - ok
    15:09:20.0683 6328 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
    15:09:20.0739 6328 usbcir - ok
    15:09:20.0803 6328 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
    15:09:20.0865 6328 usbehci - ok
    15:09:21.0027 6328 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
    15:09:21.0113 6328 usbhub - ok
    15:09:21.0205 6328 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
    15:09:21.0238 6328 usbohci - ok
    15:09:21.0361 6328 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    15:09:21.0408 6328 usbprint - ok
    15:09:21.0533 6328 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    15:09:21.0610 6328 usbscan - ok
    15:09:21.0724 6328 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    15:09:21.0805 6328 USBSTOR - ok
    15:09:21.0892 6328 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
    15:09:21.0950 6328 usbuhci - ok
    15:09:22.0066 6328 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
    15:09:22.0187 6328 usbvideo - ok
    15:09:22.0286 6328 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
    15:09:22.0365 6328 VClone - ok
    15:09:22.0466 6328 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
    15:09:22.0496 6328 vdrvroot - ok
    15:09:22.0514 6328 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    15:09:22.0563 6328 vga - ok
    15:09:22.0602 6328 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    15:09:22.0666 6328 VgaSave - ok
    15:09:22.0840 6328 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
    15:09:22.0882 6328 vhdmp - ok
    15:09:23.0008 6328 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
    15:09:23.0052 6328 viaide - ok
    15:09:23.0110 6328 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
    15:09:23.0209 6328 volmgr - ok
    15:09:23.0347 6328 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
    15:09:23.0398 6328 volmgrx - ok
    15:09:23.0429 6328 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
    15:09:23.0457 6328 volsnap - ok
    15:09:23.0489 6328 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    15:09:23.0515 6328 vsmraid - ok
    15:09:23.0649 6328 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    15:09:23.0683 6328 vwifibus - ok
    15:09:23.0704 6328 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    15:09:23.0754 6328 vwififlt - ok
    15:09:23.0776 6328 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
    15:09:23.0804 6328 vwifimp - ok
    15:09:23.0835 6328 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    15:09:23.0896 6328 WacomPen - ok
    15:09:23.0945 6328 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    15:09:24.0027 6328 WANARP - ok
    15:09:24.0046 6328 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    15:09:24.0104 6328 Wanarpv6 - ok
    15:09:24.0205 6328 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    15:09:24.0244 6328 Wd - ok
    15:09:24.0278 6328 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    15:09:24.0316 6328 Wdf01000 - ok
    15:09:24.0423 6328 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    15:09:24.0506 6328 WfpLwf - ok
    15:09:24.0521 6328 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    15:09:24.0541 6328 WIMMount - ok
    15:09:24.0672 6328 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
    15:09:24.0715 6328 WinUsb - ok
    15:09:24.0825 6328 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
    15:09:24.0888 6328 WmiAcpi - ok
    15:09:24.0996 6328 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    15:09:25.0068 6328 ws2ifsl - ok
    15:09:25.0100 6328 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
    15:09:25.0168 6328 WudfPf - ok
    15:09:25.0259 6328 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
    15:09:25.0347 6328 WUDFRd - ok
    15:09:25.0469 6328 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
    15:09:25.0543 6328 yukonw7 - ok
    15:09:25.0703 6328 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
    15:09:26.0041 6328 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
    15:09:26.0082 6328 MBR (0x1B8) (09de7b4f9730f58634c3e9f8efede8d4) \Device\Harddisk0\DR0
    15:09:26.0125 6328 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
    15:09:26.0125 6328 \Device\Harddisk0\DR0 - detected TDSS File System (1)
    15:09:26.0131 6328 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
    15:09:26.0293 6328 \Device\Harddisk1\DR1 - ok
    15:09:26.0306 6328 Boot (0x1200) (d3c545b6ddf8b0ee529351abbbb5b7ea) \Device\Harddisk0\DR0\Partition0
    15:09:26.0307 6328 \Device\Harddisk0\DR0\Partition0 - ok
    15:09:26.0316 6328 Boot (0x1200) (526a2efc45b94de5003bb998e7b364b0) \Device\Harddisk0\DR0\Partition1
    15:09:26.0317 6328 \Device\Harddisk0\DR0\Partition1 - ok
    15:09:26.0353 6328 Boot (0x1200) (d8004c5c5f34d371f5e7fe87c40a797a) \Device\Harddisk0\DR0\Partition2
    15:09:26.0354 6328 \Device\Harddisk0\DR0\Partition2 - ok
    15:09:26.0372 6328 Boot (0x1200) (0161b663635c28111950e1265b6ace61) \Device\Harddisk0\DR0\Partition3
    15:09:26.0373 6328 \Device\Harddisk0\DR0\Partition3 - ok
    15:09:26.0386 6328 Boot (0x1200) (8b33f6f96864a3f2a7e04ec25130871d) \Device\Harddisk1\DR1\Partition0
    15:09:26.0387 6328 \Device\Harddisk1\DR1\Partition0 - ok
    15:09:26.0388 6328 ============================================================
    15:09:26.0388 6328 Scan finished
    15:09:26.0388 6328 ============================================================
    15:09:26.0437 2788 Detected object count: 1
    15:09:26.0438 2788 Actual detected object count: 1
    15:09:45.0519 2788 \Device\Harddisk0\DR0\TDLFS - deleted
    15:09:45.0519 2788 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
  • Zo, dat ruimt op.

    En nu toch ComboFix doen.
    Je hoeft geen angst te hebben, dit tool heft al duizenden en duizenden keren zijn nut bewezen!

    Gewoon goed lezen wat je moet doen!
  • OK, je zegt dat ruimt op. Wat is nu opgeruimd? Welke risico's loop ik nu als ik geen combofix draai? Ik heb gezien dat botnet kan ingrijpen op mijn PC. Is dit risico nu afgewend?
    Ik krijg nog wel het tabblad Babylon search.
    Bedankt alvast.
  • Daarom ook is het belangrijk ComboFix alsnog te doen!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.