Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

niet verwijderde virussen

None
24 antwoorden
  • Kreeg van de week dat er besmetting was, maar die kon niet verwijdert worden ,
    MBAM is schoon, ESET geeft al 3 dagen error 8 op deze machine.
    Alles up-to-date, dus even een HJT log
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 15:10:23, on 19-3-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\Internetbeveiliging\Common\FSM32.EXE
    C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
    C:\Program Files\NetWorx
    etworx.exe
    C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
    C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Users\.Anjo\AppData\Local\FAH\Folding@home-Win32-x86.exe
    C:\Windows\system32\conhost.exe
    C:\Users\.Anjo\AppData\Local\FAH\FahCore_a4.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={F25151F8-12D6-4670-A0DD-17DC92D6A082}&mid=b7a07ab0597547d1b29bd15f4cc3f091-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=nl&ds=is015&pr=sa&d=2012-03-06 10:26:02&v=10.0.0.7&sap=hp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll
    O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O4 - HKLM\..\Run: [Rocketdock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Internetbeveiliging\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Internetbeveiliging\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
    O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx
    etworx.exe" /auto
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized
    egrun
    O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe" -agent
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\MICROS~2\Office14\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra 'Tools' menuitem: &Instellingen voor Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Internetbeveiliging\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\ORSP Client\fsorsp.exe
    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe


    End of file - 8616 bytes


  • Hoi Anjo, welk tool gaf een besmetting aan en weet je ook nog waarbij het hier om ging?

  • F Secure geeft : Suspicious: W32/malware!Gemini
    in C:\Programfiles\Nirsoft\Downtester\Downtester.exe
    Actie: Mislukt
  • 16:20:39.0589 2980 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
    16:20:39.0621 2980 ============================================================
    16:20:39.0621 2980 Current date / time: 2012/03/19 16:20:39.0621
    16:20:39.0621 2980 SystemInfo:
    16:20:39.0621 2980
    16:20:39.0621 2980 OS Version: 6.1.7601 ServicePack: 1.0
    16:20:39.0621 2980 Product type: Workstation
    16:20:39.0699 2980 ComputerName: ANJO-PC
    16:20:39.0699 2980 UserName: .Anjo
    16:20:39.0699 2980 Windows directory: C:\Windows
    16:20:39.0699 2980 System windows directory: C:\Windows
    16:20:39.0699 2980 Processor architecture: Intel x86
    16:20:39.0699 2980 Number of processors: 2
    16:20:39.0699 2980 Page size: 0x1000
    16:20:39.0699 2980 Boot type: Normal boot
    16:20:39.0699 2980 ============================================================
    16:20:47.0527 2980 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    16:20:47.0527 2980 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x7E2CB, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000050
    16:20:47.0542 2980 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x37C87B, SectorsPerTrack: 0x13, TracksPerCylinder: 0x9, Type 'K0', Flags 0x00000050
    16:20:47.0558 2980 \Device\Harddisk0\DR0:
    16:20:47.0558 2980 MBR used
    16:20:47.0558 2980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
    16:20:47.0558 2980 \Device\Harddisk1\DR1:
    16:20:47.0558 2980 MBR used
    16:20:47.0558 2980 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
    16:20:47.0558 2980 \Device\Harddisk2\DR2:
    16:20:47.0574 2980 MBR used
    16:20:47.0574 2980 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    16:20:47.0574 2980 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
    16:20:47.0652 2980 Initialize success
    16:20:47.0652 2980 ============================================================
    16:20:47.0714 2180 ============================================================
    16:20:47.0714 2180 Scan started
    16:20:47.0714 2180 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    16:20:47.0714 2180 ============================================================
    16:20:48.0714 2180 1394ohci (cafa7bf92ec0b97b41f6c1d1d2f3a0ad) C:\Windows\system32\drivers\1394ohci.sys
    16:20:48.0886 2180 1394ohci - ok
    16:20:48.0933 2180 ACPI (97e93a2d8c9d0f72f1c1a34d764a6c63) C:\Windows\system32\drivers\ACPI.sys
    16:20:48.0980 2180 ACPI - ok
    16:20:48.0996 2180 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
    16:20:49.0089 2180 AcpiPmi - ok
    16:20:49.0121 2180 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
    16:20:49.0183 2180 adp94xx - ok
    16:20:49.0230 2180 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
    16:20:49.0277 2180 adpahci - ok
    16:20:49.0292 2180 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
    16:20:49.0339 2180 adpu320 - ok
    16:20:49.0371 2180 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
    16:20:49.0464 2180 AFD - ok
    16:20:49.0480 2180 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
    16:20:49.0527 2180 agp440 - ok
    16:20:49.0542 2180 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
    16:20:49.0589 2180 aic78xx - ok
    16:20:49.0621 2180 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
    16:20:49.0636 2180 aliide - ok
    16:20:49.0699 2180 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
    16:20:49.0746 2180 amdagp - ok
    16:20:49.0777 2180 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
    16:20:49.0824 2180 amdide - ok
    16:20:49.0855 2180 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
    16:20:49.0933 2180 AmdK8 - ok
    16:20:50.0324 2180 amdkmdag (fef6346529b840ae859de65a0f4773d2) C:\Windows\system32\DRIVERS\atikmdag.sys
    16:20:50.0902 2180 amdkmdag - ok
    16:20:51.0027 2180 amdkmdap (0e245c8be29baf0084b95c4d16542a79) C:\Windows\system32\DRIVERS\atikmpag.sys
    16:20:51.0136 2180 amdkmdap - ok
    16:20:51.0167 2180 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    16:20:51.0214 2180 AmdPPM - ok
    16:20:51.0230 2180 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
    16:20:51.0261 2180 amdsata - ok
    16:20:51.0277 2180 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
    16:20:51.0308 2180 amdsbs - ok
    16:20:51.0339 2180 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
    16:20:51.0355 2180 amdxata - ok
    16:20:51.0371 2180 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
    16:20:51.0449 2180 AppID - ok
    16:20:51.0480 2180 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
    16:20:51.0496 2180 arc - ok
    16:20:51.0527 2180 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
    16:20:51.0558 2180 arcsas - ok
    16:20:51.0605 2180 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    16:20:51.0730 2180 AsyncMac - ok
    16:20:51.0746 2180 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    16:20:51.0792 2180 atapi - ok
    16:20:51.0855 2180 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
    16:20:51.0917 2180 b06bdrv - ok
    16:20:51.0933 2180 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    16:20:51.0980 2180 b57nd60x - ok
    16:20:52.0011 2180 BackupReader (fb2d375c8f90cb17aaf2f90fe37c7b91) C:\Windows\system32\DRIVERS\BackupReader.sys
    16:20:52.0042 2180 BackupReader - ok
    16:20:52.0058 2180 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    16:20:52.0136 2180 Beep - ok
    16:20:52.0152 2180 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    16:20:52.0199 2180 blbdrive - ok
    16:20:52.0214 2180 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
    16:20:52.0339 2180 bowser - ok
    16:20:52.0355 2180 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
    16:20:52.0402 2180 BrFiltLo - ok
    16:20:52.0402 2180 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
    16:20:52.0480 2180 BrFiltUp - ok
    16:20:52.0511 2180 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    16:20:52.0636 2180 Brserid - ok
    16:20:52.0683 2180 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    16:20:52.0761 2180 BrSerWdm - ok
    16:20:52.0777 2180 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    16:20:52.0855 2180 BrUsbMdm - ok
    16:20:52.0855 2180 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    16:20:52.0902 2180 BrUsbSer - ok
    16:20:52.0917 2180 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
    16:20:52.0964 2180 BTHMODEM - ok
    16:20:52.0996 2180 catchme - ok
    16:20:53.0027 2180 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    16:20:53.0105 2180 cdfs - ok
    16:20:53.0136 2180 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
    16:20:53.0230 2180 cdrom - ok
    16:20:53.0261 2180 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
    16:20:53.0324 2180 circlass - ok
    16:20:53.0371 2180 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    16:20:53.0433 2180 CLFS - ok
    16:20:53.0449 2180 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
    16:20:53.0527 2180 CmBatt - ok
    16:20:53.0542 2180 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
    16:20:53.0558 2180 cmdide - ok
    16:20:53.0589 2180 CNG (378fe2aef273419d1ee31620e83de94a) C:\Windows\system32\Drivers\cng.sys
    16:20:53.0667 2180 CNG - ok
    16:20:53.0683 2180 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
    16:20:53.0699 2180 Compbatt - ok
    16:20:53.0714 2180 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
    16:20:53.0761 2180 CompositeBus - ok
    16:20:53.0808 2180 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
    16:20:53.0886 2180 cpuz135 - ok
    16:20:53.0902 2180 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
    16:20:53.0933 2180 crcdisk - ok
    16:20:53.0949 2180 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
    16:20:54.0011 2180 CSC - ok
    16:20:54.0042 2180 dc3d (b7ef38c2c22a7805de919cff5e16a372) C:\Windows\system32\DRIVERS\dc3d.sys
    16:20:54.0074 2180 dc3d - ok
    16:20:54.0089 2180 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
    16:20:54.0261 2180 DfsC - ok
    16:20:54.0292 2180 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    16:20:54.0355 2180 discache - ok
    16:20:54.0386 2180 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
    16:20:54.0417 2180 Disk - ok
    16:20:54.0433 2180 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
    16:20:54.0480 2180 dmvsc - ok
    16:20:54.0496 2180 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    16:20:54.0589 2180 drmkaud - ok
    16:20:54.0621 2180 DXGKrnl (5a186ecfba1e81df3367221f889ae0a7) C:\Windows\System32\drivers\dxgkrnl.sys
    16:20:54.0699 2180 DXGKrnl - ok
    16:20:54.0730 2180 E1G60 (22ef8965101685add128f03a2b03ce16) C:\Windows\system32\DRIVERS\E1G60I32.sys
    16:20:54.0824 2180 E1G60 - ok
    16:20:54.0886 2180 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
    16:20:54.0996 2180 ebdrv - ok
    16:20:55.0042 2180 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
    16:20:55.0089 2180 elxstor - ok
    16:20:55.0105 2180 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
    16:20:55.0136 2180 ErrDev - ok
    16:20:55.0167 2180 es1371 (24e564f710d887ecc75cfe59882ecc5d) C:\Windows\system32\drivers\es1371mp.sys
    16:20:55.0246 2180 es1371 - ok
    16:20:55.0292 2180 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    16:20:55.0402 2180 exfat - ok
    16:20:55.0511 2180 F-Secure Gatekeeper (29d12e1e45d93b45d2598e2663bbeff4) C:\Program Files\Internetbeveiliging\Anti-Virus\minifilter\fsgk.sys
    16:20:55.0558 2180 F-Secure Gatekeeper - ok
    16:20:55.0589 2180 F-Secure HIPS (f5aca65237c7511d5803cdc5e7003d75) C:\Program Files\Internetbeveiliging\HIPS\drivers\fshs.sys
    16:20:55.0636 2180 F-Secure HIPS - ok
    16:20:55.0652 2180 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    16:20:55.0714 2180 fastfat - ok
    16:20:55.0746 2180 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
    16:20:55.0824 2180 fdc - ok
    16:20:55.0855 2180 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    16:20:55.0980 2180 FileInfo - ok
    16:20:56.0074 2180 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    16:20:56.0230 2180 Filetrace - ok
    16:20:56.0246 2180 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
    16:20:56.0292 2180 flpydisk - ok
    16:20:56.0308 2180 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    16:20:56.0371 2180 FltMgr - ok
    16:20:56.0402 2180 fsbts (343786e182b9c9ae3066e00dec650f50) C:\Windows\system32\Drivers\fsbts.sys
    16:20:56.0449 2180 fsbts - ok
    16:20:56.0464 2180 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    16:20:56.0496 2180 FsDepends - ok
    16:20:56.0542 2180 FSES (2bffae1318ce3d9847a8d61b3726e54e) C:\Windows\system32\drivers\fses.sys
    16:20:56.0605 2180 FSES - ok
    16:20:56.0636 2180 FSFW (73e6e711455491da6ebbaf9603e96323) C:\Windows\system32\drivers\fsdfw.sys
    16:20:56.0667 2180 FSFW - ok
    16:20:56.0746 2180 fsvista (f4a1769bd7a3f073c492663e6a7decd1) C:\Program Files\Internetbeveiliging\Anti-Virus\minifilter\fsvista.sys
    16:20:56.0792 2180 fsvista - ok
    16:20:56.0824 2180 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    16:20:56.0886 2180 Fs_Rec - ok
    16:20:56.0917 2180 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
    16:20:56.0996 2180 fvevol - ok
    16:20:57.0011 2180 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
    16:20:57.0042 2180 gagp30kx - ok
    16:20:57.0121 2180 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    16:20:57.0183 2180 hcw85cir - ok
    16:20:57.0230 2180 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
    16:20:57.0324 2180 HdAudAddService - ok
    16:20:57.0386 2180 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
    16:20:57.0464 2180 HDAudBus - ok
    16:20:57.0480 2180 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
    16:20:57.0558 2180 HidBatt - ok
    16:20:57.0589 2180 HidBth (72b8842c548a9584329690867fca8b0e) C:\Windows\system32\drivers\hidbth.sys
    16:20:57.0652 2180 HidBth - ok
    16:20:57.0683 2180 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
    16:20:57.0746 2180 HidIr - ok
    16:20:57.0761 2180 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
    16:20:57.0871 2180 HidUsb - ok
    16:20:57.0917 2180 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
    16:20:57.0949 2180 HpSAMD - ok
    16:20:57.0996 2180 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\ANDROIDUSB.sys
    16:20:58.0058 2180 HTCAND32 - ok
    16:20:58.0105 2180 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys
    16:20:58.0167 2180 htcnprot - ok
    16:20:58.0199 2180 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
    16:20:58.0292 2180 HTTP - ok
    16:20:58.0324 2180 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
    16:20:58.0339 2180 hwpolicy - ok
    16:20:58.0371 2180 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
    16:20:58.0417 2180 i8042prt - ok
    16:20:58.0464 2180 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
    16:20:58.0511 2180 iaStorV - ok
    16:20:58.0527 2180 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
    16:20:58.0558 2180 iirsp - ok
    16:20:58.0589 2180 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
    16:20:58.0621 2180 intelide - ok
    16:20:58.0652 2180 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\drivers\intelppm.sys
    16:20:58.0714 2180 intelppm - ok
    16:20:58.0746 2180 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    16:20:58.0808 2180 IpFilterDriver - ok
    16:20:58.0824 2180 IPMIDRV (d38a50ed76f309c75591fdfa427e2997) C:\Windows\system32\drivers\IPMIDrv.sys
    16:20:58.0886 2180 IPMIDRV - ok
    16:20:58.0902 2180 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    16:20:58.0996 2180 IPNAT - ok
    16:20:59.0027 2180 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    16:20:59.0074 2180 IRENUM - ok
    16:20:59.0089 2180 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
    16:20:59.0121 2180 isapnp - ok
    16:20:59.0152 2180 iScsiPrt (bb0dc67524e2c3b38d985f4f6f13f729) C:\Windows\system32\drivers\msiscsi.sys
    16:20:59.0183 2180 iScsiPrt - ok
    16:20:59.0199 2180 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    16:20:59.0230 2180 kbdclass - ok
    16:20:59.0246 2180 kbdhid (056b425b6e108632daf3fef267cef7a6) C:\Windows\system32\DRIVERS\kbdhid.sys
    16:20:59.0277 2180 kbdhid - ok
    16:20:59.0324 2180 KSecDD (91beb3c853eb11ab8363f2f261875fea) C:\Windows\system32\Drivers\ksecdd.sys
    16:20:59.0371 2180 KSecDD - ok
    16:20:59.0386 2180 KSecPkg (a424cf447b8fe515f282236b3877d12a) C:\Windows\system32\Drivers\ksecpkg.sys
    16:20:59.0417 2180 KSecPkg - ok
    16:20:59.0480 2180 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    16:20:59.0558 2180 lltdio - ok
    16:20:59.0574 2180 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
    16:20:59.0605 2180 LSI_FC - ok
    16:20:59.0621 2180 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
    16:20:59.0652 2180 LSI_SAS - ok
    16:20:59.0667 2180 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
    16:20:59.0699 2180 LSI_SAS2 - ok
    16:20:59.0730 2180 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
    16:20:59.0761 2180 LSI_SCSI - ok
    16:20:59.0777 2180 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    16:20:59.0824 2180 luafv - ok
    16:20:59.0933 2180 LVRS (ed643e777ba3f7151ef3f0fb6be4f7f0) C:\Windows\system32\DRIVERS\lvrs.sys
    16:21:00.0027 2180 LVRS - ok
    16:21:00.0214 2180 LVUVC (5bc80451109a8dd7f2ddd35bce2929a3) C:\Windows\system32\DRIVERS\lvuvc.sys
    16:21:00.0386 2180 LVUVC - ok
    16:21:00.0417 2180 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
    16:21:00.0433 2180 megasas - ok
    16:21:00.0464 2180 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
    16:21:00.0496 2180 MegaSR - ok
    16:21:00.0527 2180 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    16:21:00.0621 2180 Modem - ok
    16:21:00.0636 2180 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    16:21:00.0714 2180 monitor - ok
    16:21:00.0746 2180 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    16:21:00.0761 2180 mouclass - ok
    16:21:00.0792 2180 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    16:21:00.0839 2180 mouhid - ok
    16:21:00.0855 2180 mountmgr (7d79e6cf080068fa14f7166db744bbcb) C:\Windows\system32\drivers\mountmgr.sys
    16:21:00.0886 2180 mountmgr - ok
    16:21:00.0917 2180 mpio (4df386c97ee446ab8d45413e63c15aa0) C:\Windows\system32\drivers\mpio.sys
    16:21:00.0949 2180 mpio - ok
    16:21:00.0964 2180 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    16:21:01.0042 2180 mpsdrv - ok
    16:21:01.0074 2180 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
    16:21:01.0167 2180 MRxDAV - ok
    16:21:01.0214 2180 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    16:21:01.0339 2180 mrxsmb - ok
    16:21:01.0464 2180 mrxsmb10 (b1a3f4ae743fdb71668f7e6ea11da0f5) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    16:21:01.0699 2180 mrxsmb10 - ok
    16:21:01.0714 2180 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    16:21:01.0746 2180 mrxsmb20 - ok
    16:21:01.0777 2180 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
    16:21:01.0808 2180 msahci - ok
    16:21:01.0839 2180 msdsm (60b7b332bb86c4f313c7d4cf8d3a830c) C:\Windows\system32\drivers\msdsm.sys
    16:21:01.0902 2180 msdsm - ok
    16:21:01.0917 2180 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    16:21:02.0042 2180 Msfs - ok
    16:21:02.0074 2180 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    16:21:02.0167 2180 mshidkmdf - ok
    16:21:02.0183 2180 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
    16:21:02.0214 2180 msisadrv - ok
    16:21:02.0230 2180 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    16:21:02.0261 2180 MSKSSRV - ok
    16:21:02.0292 2180 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    16:21:02.0339 2180 MSPCLOCK - ok
    16:21:02.0355 2180 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    16:21:02.0402 2180 MSPQM - ok
    16:21:02.0449 2180 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    16:21:02.0511 2180 MsRPC - ok
    16:21:02.0527 2180 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    16:21:02.0558 2180 mssmbios - ok
    16:21:02.0574 2180 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    16:21:02.0636 2180 MSTEE - ok
    16:21:02.0636 2180 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
    16:21:02.0683 2180 MTConfig - ok
    16:21:02.0699 2180 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    16:21:02.0730 2180 Mup - ok
    16:21:02.0777 2180 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS
    wifi.sys
    16:21:02.0871 2180 NativeWifiP - ok
    16:21:02.0902 2180 NDIS (5546f38e16f6d2637a438acc98e99ba7) C:\Windows\system32\drivers
    dis.sys
    16:21:02.0996 2180 NDIS - ok
    16:21:03.0011 2180 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS
    discap.sys
    16:21:03.0121 2180 NdisCap - ok
    16:21:03.0136 2180 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS
    distapi.sys
    16:21:03.0183 2180 NdisTapi - ok
    16:21:03.0199 2180 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS
    disuio.sys
    16:21:03.0246 2180 Ndisuio - ok
    16:21:03.0261 2180 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS
    diswan.sys
    16:21:03.0308 2180 NdisWan - ok
    16:21:03.0339 2180 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
    16:21:03.0386 2180 NDProxy - ok
    16:21:03.0417 2180 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS
    etbios.sys
    16:21:03.0464 2180 NetBIOS - ok
    16:21:03.0496 2180 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS
    etbt.sys
    16:21:03.0542 2180 NetBT - ok
    16:21:03.0652 2180 netr28 (c1e4bd71f67b5cac0a0dc4f0ff5da409) C:\Windows\system32\DRIVERS
    etr28.sys
    16:21:03.0746 2180 netr28 - ok
    16:21:03.0777 2180 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers
    frd960.sys
    16:21:03.0808 2180 nfrd960 - ok
    16:21:03.0824 2180 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    16:21:03.0871 2180 Npfs - ok
    16:21:03.0902 2180 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers
    siproxy.sys
    16:21:03.0964 2180 nsiproxy - ok
    16:21:04.0011 2180 Ntfs (7bbb008e799a03415610dd6a9ec25119) C:\Windows\system32\drivers\Ntfs.sys
    16:21:04.0105 2180 Ntfs - ok
    16:21:04.0183 2180 NuidFltr (28613c245d9f26190dcee18430a4ebbe) C:\Windows\system32\DRIVERS\NuidFltr.sys
    16:21:04.0277 2180 NuidFltr - ok
    16:21:04.0324 2180 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    16:21:04.0386 2180 Null - ok
    16:21:04.0480 2180 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS
    vm62x32.sys
    16:21:04.0558 2180 NVENETFD - ok
    16:21:04.0605 2180 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS
    vmf6232.sys
    16:21:04.0683 2180 NVNET - ok
    16:21:04.0699 2180 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers
    vraid.sys
    16:21:04.0730 2180 nvraid - ok
    16:21:04.0777 2180 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers
    vstor.sys
    16:21:04.0824 2180 nvstor - ok
    16:21:04.0871 2180 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers
    v_agp.sys
    16:21:04.0933 2180 nv_agp - ok
    16:21:04.0964 2180 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
    16:21:05.0027 2180 ohci1394 - ok
    16:21:05.0105 2180 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    16:21:05.0167 2180 Parport - ok
    16:21:05.0183 2180 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
    16:21:05.0214 2180 partmgr - ok
    16:21:05.0230 2180 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    16:21:05.0261 2180 Parvdm - ok
    16:21:05.0308 2180 pci (baa20ef5383f0ff93c3cd7ddfb1de62f) C:\Windows\system32\drivers\pci.sys
    16:21:05.0339 2180 pci - ok
    16:21:05.0355 2180 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    16:21:05.0386 2180 pciide - ok
    16:21:05.0417 2180 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
    16:21:05.0449 2180 pcmcia - ok
    16:21:05.0464 2180 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    16:21:05.0496 2180 pcw - ok
    16:21:05.0511 2180 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    16:21:05.0589 2180 PEAUTH - ok
    16:21:05.0699 2180 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
    16:21:05.0746 2180 Point32 - ok
    16:21:05.0792 2180 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    16:21:05.0917 2180 PptpMiniport - ok
    16:21:05.0933 2180 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
    16:21:06.0027 2180 Processor - ok
    16:21:06.0058 2180 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    16:21:06.0105 2180 Psched - ok
    16:21:06.0152 2180 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
    16:21:06.0246 2180 ql2300 - ok
    16:21:06.0261 2180 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
    16:21:06.0324 2180 ql40xx - ok
    16:21:06.0339 2180 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    16:21:06.0371 2180 QWAVEdrv - ok
    16:21:06.0402 2180 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    16:21:06.0449 2180 RasAcd - ok
    16:21:06.0496 2180 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    16:21:06.0558 2180 RasAgileVpn - ok
    16:21:06.0574 2180 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    16:21:06.0636 2180 Rasl2tp - ok
    16:21:06.0746 2180 RasPppoe (c4aacceca39af598dcdb3d9304067569) C:\Windows\system32\DRIVERS\raspppoe.sys
    16:21:06.0949 2180 RasPppoe - ok
    16:21:06.0980 2180 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    16:21:07.0042 2180 RasSstp - ok
    16:21:07.0058 2180 rdbss (9f741994288c85744eb838958ff3481e) C:\Windows\system32\DRIVERS\rdbss.sys
    16:21:07.0136 2180 rdbss - ok
    16:21:07.0152 2180 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    16:21:07.0183 2180 rdpbus - ok
    16:21:07.0199 2180 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
    16:21:07.0261 2180 RDPCDD - ok
    16:21:07.0308 2180 RDPDR (7f881c6d3781cab9c0e15595bb8696be) C:\Windows\system32\drivers\rdpdr.sys
    16:21:07.0355 2180 RDPDR - ok
    16:21:07.0371 2180 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    16:21:07.0417 2180 RDPENCDD - ok
    16:21:07.0433 2180 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    16:21:07.0480 2180 RDPREFMP - ok
    16:21:07.0511 2180 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
    16:21:07.0574 2180 RdpVideoMiniport - ok
    16:21:07.0621 2180 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
    16:21:07.0683 2180 RDPWD - ok
    16:21:07.0714 2180 rdyboost (b39424595c95c3a0aa6b5913eb207276) C:\Windows\system32\drivers\rdyboost.sys
    16:21:07.0761 2180 rdyboost - ok
    16:21:07.0808 2180 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    16:21:07.0902 2180 rspndr - ok
    16:21:07.0949 2180 RTHDMIAzAudService (2c358271f0a50167ba3dfb6a2c35607a) C:\Windows\system32\drivers\RtHDMIV.sys
    16:21:07.0996 2180 RTHDMIAzAudService - ok
    16:21:08.0058 2180 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
    16:21:08.0121 2180 RTL8167 - ok
    16:21:08.0152 2180 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
    16:21:08.0199 2180 s3cap - ok
    16:21:08.0230 2180 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
    16:21:08.0246 2180 sbp2port - ok
    16:21:08.0277 2180 scfilter (12784cf1b1e9c3540cc7c83324965277) C:\Windows\system32\DRIVERS\scfilter.sys
    16:21:08.0308 2180 scfilter - ok
    16:21:08.0324 2180 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    16:21:08.0371 2180 secdrv - ok
    16:21:08.0402 2180 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    16:21:08.0449 2180 Serenum - ok
    16:21:08.0496 2180 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    16:21:08.0605 2180 Serial - ok
    16:21:08.0621 2180 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
    16:21:08.0667 2180 sermouse - ok
    16:21:08.0699 2180 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
    16:21:08.0746 2180 sffdisk - ok
    16:21:08.0746 2180 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
    16:21:08.0792 2180 sffp_mmc - ok
    16:21:08.0808 2180 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
    16:21:08.0839 2180 sffp_sd - ok
    16:21:08.0855 2180 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
    16:21:08.0886 2180 sfloppy - ok
    16:21:08.0933 2180 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
    16:21:08.0964 2180 sisagp - ok
    16:21:08.0980 2180 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
    16:21:09.0011 2180 SiSRaid2 - ok
    16:21:09.0027 2180 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
    16:21:09.0058 2180 SiSRaid4 - ok
    16:21:09.0089 2180 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    16:21:09.0136 2180 Smb - ok
    16:21:09.0167 2180 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    16:21:09.0199 2180 spldr - ok
    16:21:09.0246 2180 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
    16:21:09.0386 2180 srv - ok
    16:21:09.0417 2180 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
    16:21:09.0496 2180 srv2 - ok
    16:21:09.0511 2180 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
    16:21:09.0558 2180 srvnet - ok
    16:21:09.0605 2180 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
    16:21:09.0621 2180 stexstor - ok
    16:21:09.0667 2180 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
    16:21:09.0714 2180 StillCam - ok
    16:21:09.0746 2180 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
    16:21:09.0777 2180 storflt - ok
    16:21:09.0808 2180 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
    16:21:09.0855 2180 storvsc - ok
    16:21:09.0886 2180 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    16:21:09.0917 2180 swenum - ok
    16:21:09.0949 2180 Synth3dVsc (16e7642da4bacccd7696b326caa84870) C:\Windows\system32\drivers\Synth3dVsc.sys
    16:21:09.0964 2180 Synth3dVsc - ok
    16:21:10.0042 2180 Tcpip (3c1c41e317710f74cec1e7f0d5325993) C:\Windows\system32\drivers\tcpip.sys
    16:21:10.0152 2180 Tcpip - ok
    16:21:10.0199 2180 TCPIP6 (3c1c41e317710f74cec1e7f0d5325993) C:\Windows\system32\DRIVERS\tcpip.sys
    16:21:10.0292 2180 TCPIP6 - ok
    16:21:10.0339 2180 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
    16:21:10.0417 2180 tcpipreg - ok
    16:21:10.0449 2180 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
    16:21:10.0464 2180 TDPIPE - ok
    16:21:10.0496 2180 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
    16:21:10.0527 2180 TDTCP - ok
    16:21:10.0542 2180 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
    16:21:10.0605 2180 tdx - ok
    16:21:10.0699 2180 teamviewervpn (9101fffcfccd1a30e870a5b8a9091b10) C:\Windows\system32\DRIVERS\teamviewervpn.sys
    16:21:10.0746 2180 teamviewervpn - ok
    16:21:10.0761 2180 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
    16:21:10.0792 2180 TermDD - ok
    16:21:10.0839 2180 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys
    16:21:10.0917 2180 terminpt - ok
    16:21:11.0011 2180 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
    16:21:11.0105 2180 tssecsrv - ok
    16:21:11.0121 2180 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
    16:21:11.0167 2180 TsUsbFlt - ok
    16:21:11.0183 2180 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
    16:21:11.0261 2180 TsUsbGD - ok
    16:21:11.0324 2180 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys
    16:21:11.0449 2180 tsusbhub - ok
    16:21:11.0464 2180 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
    16:21:11.0511 2180 tunnel - ok
    16:21:11.0542 2180 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
    16:21:11.0574 2180 uagp35 - ok
    16:21:11.0589 2180 udfs (e604de37d14c79d9e44dbd585a31f095) C:\Windows\system32\DRIVERS\udfs.sys
    16:21:11.0652 2180 udfs - ok
    16:21:11.0699 2180 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
    16:21:11.0730 2180 uliagpkx - ok
    16:21:11.0777 2180 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
    16:21:11.0871 2180 umbus - ok
    16:21:11.0902 2180 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    16:21:12.0011 2180 UmPass - ok
    16:21:12.0105 2180 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
    16:21:12.0183 2180 usbaudio - ok
    16:21:12.0230 2180 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
    16:21:12.0277 2180 usbccgp - ok
    16:21:12.0308 2180 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
    16:21:12.0355 2180 usbcir - ok
    16:21:12.0386 2180 usbehci (627f715b39b6058a76bccb1c7026c01e) C:\Windows\system32\DRIVERS\usbehci.sys
    16:21:12.0402 2180 usbehci - ok
    16:21:12.0480 2180 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
    16:21:12.0605 2180 usbhub - ok
    16:21:12.0636 2180 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
    16:21:12.0730 2180 usbohci - ok
    16:21:12.0746 2180 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    16:21:12.0792 2180 usbprint - ok
    16:21:12.0824 2180 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    16:21:12.0855 2180 usbscan - ok
    16:21:12.0886 2180 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    16:21:12.0964 2180 USBSTOR - ok
    16:21:12.0996 2180 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
    16:21:13.0058 2180 usbuhci - ok
    16:21:13.0105 2180 usbvideo (9aff8de4d52ce4acdd0b963342e97337) C:\Windows\system32\Drivers\usbvideo.sys
    16:21:13.0152 2180 usbvideo - ok
    16:21:13.0183 2180 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
    16:21:13.0214 2180 vdrvroot - ok
    16:21:13.0246 2180 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    16:21:13.0292 2180 vga - ok
    16:21:13.0324 2180 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    16:21:13.0355 2180 VgaSave - ok
    16:21:13.0371 2180 VGPU - ok
    16:21:13.0402 2180 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
    16:21:13.0433 2180 vhdmp - ok
    16:21:13.0449 2180 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
    16:21:13.0480 2180 viaagp - ok
    16:21:13.0496 2180 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
    16:21:13.0542 2180 ViaC7 - ok
    16:21:13.0558 2180 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
    16:21:13.0589 2180 viaide - ok
    16:21:13.0605 2180 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
    16:21:13.0683 2180 vmbus - ok
    16:21:13.0714 2180 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
    16:21:13.0746 2180 VMBusHID - ok
    16:21:13.0761 2180 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
    16:21:13.0792 2180 volmgr - ok
    16:21:13.0824 2180 volmgrx (670b6d02548bc93f54cde5979560a7b8) C:\Windows\system32\drivers\volmgrx.sys
    16:21:13.0855 2180 volmgrx - ok
    16:21:13.0886 2180 volsnap (c2232c62cd2e44e40cdadd00bbcfe366) C:\Windows\system32\drivers\volsnap.sys
    16:21:13.0933 2180 volsnap - ok
    16:21:13.0980 2180 vpcbus (b26536add1d748cda104d856c979ae79) C:\Windows\system32\DRIVERS\vpchbus.sys
    16:21:14.0011 2180 vpcbus - ok
    16:21:14.0058 2180 vpcnfltr (a0f7e923a6261760130f22b85df9040e) C:\Windows\system32\DRIVERS\vpcnfltr.sys
    16:21:14.0121 2180 vpcnfltr - ok
    16:21:14.0152 2180 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:\Windows\system32\DRIVERS\vpcusb.sys
    16:21:14.0214 2180 vpcusb - ok
    16:21:14.0277 2180 vpcvmm (b487191fe18d6863381a1ac55482469a) C:\Windows\system32\drivers\vpcvmm.sys
    16:21:14.0355 2180 vpcvmm - ok
    16:21:14.0386 2180 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
    16:21:14.0417 2180 vsmraid - ok
    16:21:14.0449 2180 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
    16:21:14.0527 2180 vwifibus - ok
    16:21:14.0558 2180 vwififlt (632f1b4b573b19ce0c80df8432d1f65d) C:\Windows\system32\DRIVERS\vwififlt.sys
    16:21:14.0605 2180 vwififlt - ok
    16:21:14.0652 2180 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
    16:21:14.0730 2180 WacomPen - ok
    16:21:14.0792 2180 WANARP (1ffe8ca5f775e1c4da3629f215a322b5) C:\Windows\system32\DRIVERS\wanarp.sys
    16:21:14.0902 2180 WANARP - ok
    16:21:14.0902 2180 Wanarpv6 (1ffe8ca5f775e1c4da3629f215a322b5) C:\Windows\system32\DRIVERS\wanarp.sys
    16:21:14.0949 2180 Wanarpv6 - ok
    16:21:14.0980 2180 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
    16:21:15.0011 2180 Wd - ok
    16:21:15.0042 2180 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    16:21:15.0089 2180 Wdf01000 - ok
    16:21:15.0136 2180 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    16:21:15.0183 2180 WfpLwf - ok
    16:21:15.0214 2180 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    16:21:15.0261 2180 WIMMount - ok
    16:21:15.0355 2180 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
    16:21:15.0417 2180 WinUsb - ok
    16:21:15.0449 2180 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
    16:21:15.0496 2180 WmiAcpi - ok
    16:21:15.0558 2180 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    16:21:15.0636 2180 ws2ifsl - ok
    16:21:15.0683 2180 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
    16:21:15.0730 2180 WudfPf - ok
    16:21:15.0761 2180 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
    16:21:15.0824 2180 WUDFRd - ok
    16:21:15.0886 2180 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    16:21:15.0996 2180 \Device\Harddisk0\DR0 - ok
    16:21:15.0996 2180 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
    16:21:16.0058 2180 \Device\Harddisk1\DR1 - ok
    16:21:16.0074 2180 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
    16:21:16.0652 2180 \Device\Harddisk2\DR2 - ok
    16:21:16.0667 2180 Boot (0x1200) (fdf902ee993d8eb210f83b977f2096b9) \Device\Harddisk0\DR0\Partition0
    16:21:16.0667 2180 \Device\Harddisk0\DR0\Partition0 - ok
    16:21:16.0683 2180 Boot (0x1200) (89dd1190050300a88b63ec65e3e46882) \Device\Harddisk1\DR1\Partition0
    16:21:16.0683 2180 \Device\Harddisk1\DR1\Partition0 - ok
    16:21:16.0683 2180 Boot (0x1200) (52349edaba6f10ac7dc4fc00a4c71988) \Device\Harddisk2\DR2\Partition0
    16:21:16.0699 2180 \Device\Harddisk2\DR2\Partition0 - ok
    16:21:16.0714 2180 Boot (0x1200) (6e28453a5ffafde885620870ec1955b3) \Device\Harddisk2\DR2\Partition1
    16:21:16.0730 2180 \Device\Harddisk2\DR2\Partition1 - ok
    16:21:16.0730 2180 ============================================================
    16:21:16.0730 2180 Scan finished
    16:21:16.0730 2180 ============================================================
    16:21:17.0574 0348 Deinitialize success

    ==============================================
    System Restore Point Check:

    TDSSKiller Starter Restore Point Created Succesfully
    ==============================================
    EOF















  • ComboFix 12-03-18.04 - .Anjo 19-03-2012 19:08:16.3.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3583.2300 [GMT 1:00]
    Gestart vanuit: c:\users\.Anjo\Desktop\ComboFix.exe
    AV: Ziggo uitgebreide internetbeveiliging 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
    FW: Ziggo uitgebreide internetbeveiliging 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Ziggo uitgebreide internetbeveiliging 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\Setup.exe
    c:\windows\system32\drivers\etc\hosts.ics
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-02-19 to 2012-03-19 ))))))))))))))))))))))))))))))
    .
    .
    2012-03-19 18:12 . 2012-03-19 18:12 ——– d—–w- c:\users\.Anjo\AppData\Local\temp
    2012-03-19 18:12 . 2012-03-19 18:12 ——– d—–w- c:\users\Public\AppData\Local\temp
    2012-03-19 18:12 . 2012-03-19 18:12 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-03-19 15:20 . 2012-03-19 15:21 ——– d—–w- C:\TDSSStarter
    2012-03-19 14:10 . 2012-03-19 14:10 388096 —-a-r- c:\users\.Anjo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-03-19 11:19 . 2012-03-19 11:19 56200 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9C00F5D-A827-4F3C-8C78-612EA547712C}\offreg.dll
    2012-03-16 10:33 . 2012-03-16 10:33 ——– d—–w- c:\program files\ESET
    2012-03-16 10:14 . 2012-02-08 06:03 6552120 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9C00F5D-A827-4F3C-8C78-612EA547712C}\mpengine.dll
    2012-03-14 02:00 . 2011-11-19 14:50 3968368 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2012-03-14 02:00 . 2011-11-19 14:50 3913584 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-03-13 23:08 . 2012-02-03 03:54 2343424 —-a-w- c:\windows\system32\win32k.sys
    2012-03-13 23:08 . 2012-02-10 05:38 1077248 —-a-w- c:\windows\system32\DWrite.dll
    2012-03-13 23:00 . 2012-01-25 05:32 58880 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-03-13 23:00 . 2012-01-25 05:32 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-03-13 23:00 . 2012-01-25 05:27 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2012-03-13 23:00 . 2012-02-17 05:34 919040 —-a-w- c:\windows\system32\rdpcorets.dll
    2012-03-13 23:00 . 2012-02-17 05:30 826880 —-a-w- c:\windows\system32\rdpcore.dll
    2012-03-13 23:00 . 2012-02-17 04:14 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-03-13 23:00 . 2012-02-17 04:13 24576 —-a-w- c:\windows\system32\drivers\tdtcp.sys
    2012-03-13 07:48 . 2012-03-13 07:48 ——– d—–w- c:\users\.Anjo\AppData\Local\Apps
    2012-03-06 09:25 . 2012-03-06 09:25 ——– d–h–w- c:\programdata\Common Files
    2012-03-03 11:27 . 2012-03-03 11:27 ——– d—–w- c:\program files\DVD Decrypter
    2012-03-02 10:54 . 2012-03-02 10:54 5164704 —-a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
    2012-03-01 12:52 . 2012-03-01 12:55 ——– d—–w- c:\users\.Anjo\AppData\Local\DuplicateCleaner
    2012-03-01 12:52 . 2012-03-01 12:52 ——– d—–w- c:\program files\Duplicate Cleaner
    2012-02-22 21:17 . 2012-02-22 21:17 ——– d—–w- c:\windows\Hewlett-Packard
    2012-02-21 14:13 . 2010-11-20 12:17 2171392 —-a-w- c:\windows\system32\VPCWizard.exe
    2012-02-21 14:13 . 2010-11-20 10:50 48128 —-a-w- c:\windows\system32\drivers\vpcnfltr.sys
    2012-02-21 14:13 . 2010-11-20 12:30 296064 —-a-w- c:\windows\system32\drivers\vpcvmm.sys
    2012-02-21 14:13 . 2010-11-20 12:30 172416 —-a-w- c:\windows\system32\drivers\vpchbus.sys
    2012-02-21 14:13 . 2010-11-20 12:21 14848 —-a-w- c:\windows\system32\vpchbuspipe.dll
    2012-02-21 14:13 . 2010-11-20 10:50 78336 —-a-w- c:\windows\system32\drivers\vpcusb.sys
    2012-02-21 14:13 . 2010-11-20 12:17 1260032 —-a-w- c:\windows\system32\VPCSettings.exe
    2012-02-21 14:13 . 2010-11-20 10:50 559616 —-a-w- c:\windows\system32\VMCPropertyHandler.dll
    2012-02-21 14:13 . 2010-11-20 10:52 1003008 —-a-w- c:\windows\system32\VMWindow.exe
    2012-02-21 14:13 . 2010-11-20 10:52 793600 —-a-w- c:\windows\system32\vmsal.exe
    2012-02-21 14:13 . 2010-11-20 12:17 3330560 —-a-w- c:\windows\system32\vpc.exe
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-02-23 08:18 . 2011-08-06 14:38 237072 ——w- c:\windows\system32\MpSigStub.exe
    2012-01-18 06:44 . 2012-01-18 06:44 540960 —-a-w- c:\windows\system32\LVUI2RC.dll
    2012-01-18 06:44 . 2012-01-18 06:44 4332960 —-a-w- c:\windows\system32\drivers\lvuvc.sys
    2012-01-18 06:44 . 2012-01-18 06:44 545056 —-a-w- c:\windows\system32\LVUI2.dll
    2012-01-18 06:44 . 2012-01-18 06:44 312096 —-a-w- c:\windows\system32\drivers\lvrs.sys
    2012-01-18 06:44 . 2012-01-18 06:44 307488 —-a-w- c:\windows\system32\lvcodec2.dll
    2012-01-18 06:44 . 2012-01-18 06:44 196896 —-a-w- c:\windows\system32\lvci13311044.dll
    2012-01-18 06:44 . 2012-01-18 06:44 336408 —-a-w- c:\windows\system32\DevManagerCore.dll
    2012-01-18 06:44 . 2012-01-18 06:44 10920984 —-a-w- c:\windows\system32\LogiDPP.dll
    2012-01-18 06:44 . 2012-01-18 06:44 104472 —-a-w- c:\windows\system32\LogiDPPApp.exe
    2012-01-04 08:58 . 2012-02-15 11:23 442880 —-a-w- c:\windows\system32
    tshrui.dll
    2011-12-30 05:27 . 2012-02-15 11:24 478720 —-a-w- c:\windows\system32\timedate.cpl
    2012-02-21 13:04 . 2011-11-22 08:12 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
    "DriverMax"="c:\program files\Innovative Solutions\DriverMax\drivermax.exe" [2012-03-02 8557464]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Rocketdock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
    "F-Secure Manager"="c:\program files\Internetbeveiliging\Common\FSM32.EXE" [2009-08-05 199264]
    "F-Secure TNB"="c:\program files\Internetbeveiliging\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]
    "NetWorx"="c:\program files\NetWorx
    etworx.exe" [2012-01-29 3380224]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 0 (0x0)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2012-01-03 07:37 843712 —-a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
    2010-03-13 13:54 91520 —-a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2011-03-06 08:19 3872080 —-a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
    2007-09-02 11:58 495616 —-a-w- c:\program files\RocketDock\RocketDock.exe
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
    R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
    R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-01-31 158856]
    R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
    R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
    R3 BackupReader;BackupReader;c:\windows\system32\DRIVERS\BackupReader.sys [2011-03-02 53504]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
    R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
    R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
    R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS
    etr28.sys [2010-12-30 1017184]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
    R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-08-06 77184]
    R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
    R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-06 1343400]
    R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-11-22 42672]
    S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Internetbeveiliging\HIPS\drivers\fshs.sys [2009-08-05 68064]
    S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-11-22 36792]
    S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-11-22 73160]
    S1 fsvista;F-Secure Vista Support Driver;c:\program files\Internetbeveiliging\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2011-08-06 48640]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-13 176128]
    S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-13 8598528]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-13 257024]
    S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-08-01 45288]
    S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Internetbeveiliging\Anti-Virus\minifilter\fsgk.sys [2011-11-22 148632]
    S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Internetbeveiliging\ORSP Client\fsorsp.exe [2011-11-22 61088]
    S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
    S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2011-11-11 25088]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 64460519
    *Deregistered* - 64460519
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPService REG_MULTI_SZ HPSLPSVC
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
    2010-02-16 18:02 114688 —-a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 09:37]
    .
    2012-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 09:37]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://isearch.avg.com/?cid={F25151F8-12D6-4670-A0DD-17DC92D6A082}&mid=b7a07ab0597547d1b29bd15f4cc3f091-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=nl&ds=is015&pr=sa&d=2012-03-06 10:26&v=10.0.0.7&sap=hp
    IE: &Verzenden naar OneNote - c:\program files\MICROS~2\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - c:\program files\MICROS~2\Office14\EXCEL.EXE/3000
    LSP: c:\program files\Internetbeveiliging\FSPS\program\FSLSP.DLL
    TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 192.168.1.1
    FF - ProfilePath - c:\users\.Anjo\AppData\Roaming\Mozilla\Firefox\Profiles\uwm8kbs3.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B95ca62c3-dc63-4a0d-82ed-33069ed1f1df%7D&mid=b7a07ab0597547d1b29bd15f4cc3f091-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=is015&v=10.0.0.7&lang=nl&pr=sa&d=2012-03-06%2010%3A26%3A02&sap=ku&q=
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
    MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
    MSConfigStartUp-DriverMax - c:\program files\Innovative Solutions\DriverMax\devices.exe
    MSConfigStartUp-DriverMax_RESTART - c:\program files\Innovative Solutions\DriverMax\devices.exe
    MSConfigStartUp-PlusService - c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
    .
    .
    .
    **************************************************************************
    .
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Windows 6.1.7601 Disk: SAMSUNG_ rev.1AC0 -> Harddisk2\DR2 -> \Device\0000006d
    .
    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user != kernel MBR !!!
    sectors 625142446 (+255): user != kernel
    .
    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(744)
    c:\program files\internetbeveiliging\hips\fshook32.dll
    .
    - - - - - - - > 'lsass.exe'(540)
    c:\program files\internetbeveiliging\hips\fshook32.dll
    .
    Voltooingstijd: 2012-03-19 19:13:43
    ComboFix-quarantined-files.txt 2012-03-19 18:13
    ComboFix2.txt 2011-12-01 17:09
    .
    Pre-Run: 245.478.920.192 bytes beschikbaar
    Post-Run: 245.195.337.728 bytes beschikbaar
    .
    - - End Of File - - DC0EA53AA51A3F1883BEE2F3BC18A074




  • Hoi Anjo, een en ander ziet goed uit.
    Maar je hebt in Firefox conduitsearch als zoekpagina en verder gebruik je in Firefox AVG'iSerch, terwijl jij zelf F-Secure gebruikt als AV.

    Download [b:06190179a8] en plaats het bestand op je bureaublad.

    [b:06190179a8]"OTL.com" gebruiken[/b:06190179a8]:
    [list:06190179a8][*:06190179a8] [b:06190179a8]
  • Zowel die AVG als dat andere zeggen me niets, zie ze zogauw ook niet in programmalijst in configsacherm staan. Mss weer eens te snel geklikt….
    OTL logfile created on: 19-3-2012 20:24:02 - Run 1
    OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\.Anjo\Desktop
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,50 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 67,89% Memory free
    7,00 Gb Paging File | 5,46 Gb Available in Paging File | 78,07% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 297,99 Gb Total Space | 228,54 Gb Free Space | 76,69% Space Free | Partition Type: NTFS
    Drive D: | 465,76 Gb Total Space | 298,17 Gb Free Space | 64,02% Space Free | Partition Type: NTFS
    Drive Z: | 698,63 Gb Total Space | 440,55 Gb Free Space | 63,06% Space Free | Partition Type: NTFS

    Computer Name: ANJO-PC | User Name: .Anjo | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

  • OTL Extras logfile created on: 19-3-2012 20:24:02 - Run 1
    OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\.Anjo\Desktop
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,50 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 67,89% Memory free
    7,00 Gb Paging File | 5,46 Gb Available in Paging File | 78,07% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 297,99 Gb Total Space | 228,54 Gb Free Space | 76,69% Space Free | Partition Type: NTFS
    Drive D: | 465,76 Gb Total Space | 298,17 Gb Free Space | 64,02% Space Free | Partition Type: NTFS
    Drive Z: | 698,63 Gb Total Space | 440,55 Gb Free Space | 63,06% Space Free | Partition Type: NTFS

    Computer Name: ANJO-PC | User Name: .Anjo | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

  • Hoi Anjo, F-Secure heeft zijn eigen firewall, maar die wordt tegengewerkt door de Windows Firewall, die nog steeds aktief is!

    Ga daarom naar naar Start\Uitvoeren en de opdracht luidt: [b:a33cab7c9f]services.msc[/b:a33cab7c9f].
    Klik op de knop OK.
    N.B.: Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken.

    In het venster Services scroll je naar [b:a33cab7c9f]
  • Vreemd, ik heb op alle machines de firewalls uitstaan ivm netwerksnelheid en verplkaatsen grote bestanden in huis.
    Heb nu in services de zaak uitgezet
    LOG:

    All processes killed
    ========== OTL ==========
    Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
    Prefs.js: "NCH EN Customized Web Search" removed from browser.search.defaultthis.engineName
    Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
    Prefs.js: "http://isearch.avg.com/search?cid=%7B95ca62c3-dc63-4a0d-82ed-33069ed1f1df%7D&mid=b7a07ab0597547d1b29bd15f4cc3f091-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=is015&v=10.0.0.7&lang=nl&pr=sa&d=2012-03-06%2010%3A26%3A02&sap=ku&q=" removed from keyword.URL
    C:\Users\.Anjo\AppData\Roaming\Mozilla\Firefox\Profiles\uwm8kbs3.default\searchplugins\conduit.xml moved successfully.
    C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: .Anjo
    ->Temp folder emptied: 10957 bytes
    ->Temporary Internet Files folder emptied: 512122 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 60051010 bytes
    ->Flash cache emptied: 233 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 56475 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 6466 bytes
    RecycleBin emptied: 3617267128 bytes

    Total Files Cleaned = 3.508,00 mb


    [EMPTYJAVA]

    User: .Anjo
    ->Java cache emptied: 0 bytes

    User: All Users

    User: Default

    User: Default User

    User: Public

    Total Java Files Cleaned = 0,00 mb


    [EMPTYFLASH]

    User: .Anjo
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0,00 mb



    OTL by OldTimer - Version 3.2.39.1 log created on 03202012_111432

    Files\Folders moved on Reboot…

    Registry entries deleted on Reboot…
  • Hoi Anjo, mogelijk dat ComboFix al in een eerder stadium de standaard MS instellingen terugzet.

    Controleer of via dezelfde weg of Windows Defender mogelijk ook op Automatisch opstarten staat.
    Zo ja deactiveren!

    En hoe gaat het inmiddels?
  • Krijg geen rara meldingen meer, behoudens dat FF nu wat raar doet. Zo ontbreekt bij elke opstart mijn bladwijzerbalk. Op te lossen door die in "werkbalken "uit en aan te zetten, maar is toch vreemd, net als de ( uitgeschakelde) vraag of dat FF mijn standaardbrowser moet zijn.
    Defender had ik al gekilld in settings, tHNXX
  • Dan Firefox eerst deïnstalleren, waarbij je dus niet jouw persoonlijke datagegevens laat verwijderen, de PC herstarten en dan de nieuwste Firefox installeren.
  • Ga ik later doen.
    Kan m natuurlijk wél alles laten wissen, ik gebruik die sync-optie om op mijn 5 machines dezelfde bladwijzers te hebben. Werkt best goed.
    Vervelende is dat de Gears niet meer ondersteund worden, mijn NAS draait op JAVA en dan moet je gears hebben, toch??
  • NAS en netwerk zijn voor mij niet mijn sterkste kant; dat laat ik graag aan anderen over.

    Wat betreft die sync-optie, toch zou ik mijn eigen bestanden van FF niet mee laten deïstalleren!
  • OK, meld me als eea weer volledig achter de rug is en ik de safetyscanner heb laten draaien.
    Wat is die webclient nou eigenlijk??
  • Safetyscan geeft 0 problemen aan…
    Bedankt Abraham :lol:
  • Abraham, zijn er nog bijzonderheden ivm de-installeren van combofix, OTL en TDKSKKiller??
  • Hoi Anjo, niet nee.
    Indien jouw systeem weer normaal werkt en er geen problemen meer zijn, kunnen we gaan opruimen.
  • Ik wacht op instructies, dit systeem werkt vlgs mij weer vlekkeloos

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.