Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Ook het data recovery virus gevangen

None
20 antwoorden
  • Gisteravond heb ik helaas het data recovery virus binnen gehaald. Waarschijnlijk zat het bij een programma om collage's mee te maken.
    Ik ben de halve nacht bezig geweest met behulp van de faq spyware en het topic van swimkim van mei dit jaar en ben al een heel eind gekomen.
    Helaas blijft mijn achtergrond zwart en mis ik nog een aantal iconen op mijn bureaublad.
    Ik maak gebruik van Windows 7.

    Ik had Avira op mijn computer, maar die heeft 'm niet gezien. Na de laatste run ben ik die opeens ook kwijt.

    Wat ik heb gedaan:

    Opgestart in veilige modus met netwerkmogelijkheid.
    RKILL gedraaid.
    Daarna TDSSKiller.
    MBAM
    Hijack This (deze speelde alleen niet in de veilige modus af, dus die in de normale modus gedraaid. Daarna teruggegaan naar veilige modus)
    Combofix


    Hieronder de logs van TDSSKiller en MBAM vanmorgen (dus nadat ik dit vannacht al allemaal gedaan had)


    10:21:48.0796 1468 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
    10:21:49.0217 1468 ============================================================
    10:21:49.0217 1468 Current date / time: 2012/07/14 10:21:49.0217
    10:21:49.0217 1468 SystemInfo:
    10:21:49.0217 1468
    10:21:49.0217 1468 OS Version: 6.1.7601 ServicePack: 1.0
    10:21:49.0217 1468 Product type: Workstation
    10:21:49.0217 1468 ComputerName: KARIN-LAPTOP
    10:21:49.0217 1468 UserName: Karin
    10:21:49.0217 1468 Windows directory: C:\Windows
    10:21:49.0217 1468 System windows directory: C:\Windows
    10:21:49.0217 1468 Processor architecture: Intel x86
    10:21:49.0217 1468 Number of processors: 2
    10:21:49.0217 1468 Page size: 0x1000
    10:21:49.0217 1468 Boot type: Safe boot with network
    10:21:49.0217 1468 ============================================================
    10:21:50.0309 1468 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    10:21:50.0309 1468 ============================================================
    10:21:50.0309 1468 \Device\Harddisk0\DR0:
    10:21:50.0309 1468 MBR partitions:
    10:21:50.0309 1468 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A37E030
    10:21:50.0309 1468 ============================================================
    10:21:50.0325 1468 C: <-> \Device\Harddisk0\DR0\Partition0
    10:21:50.0325 1468 ============================================================
    10:21:50.0325 1468 Initialize success
    10:21:50.0325 1468 ============================================================
    10:23:01.0414 1168 ============================================================
    10:23:01.0414 1168 Scan started
    10:23:01.0414 1168 Mode: Manual;
    10:23:01.0414 1168 ============================================================
    10:23:03.0068 1168 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
    10:23:03.0068 1168 1394ohci - ok
    10:23:03.0115 1168 Scan interrupted by user!
    10:23:03.0115 1168 Scan interrupted by user!
    10:23:03.0115 1168 Scan interrupted by user!
    10:23:03.0115 1168 ============================================================
    10:23:03.0115 1168 Scan finished
    10:23:03.0115 1168 ============================================================
    10:23:03.0146 1120 Detected object count: 0
    10:23:03.0146 1120 Actual detected object count: 0
    10:24:28.0494 0640 ============================================================
    10:24:28.0494 0640 Scan started
    10:24:28.0494 0640 Mode: Manual; SigCheck; TDLFS;
    10:24:28.0494 0640 ============================================================
    10:24:28.0852 0640 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
    10:24:28.0962 0640 1394ohci - ok
    10:24:29.0024 0640 ACDaemon - ok
    10:24:29.0102 0640 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
    10:24:29.0118 0640 ACPI - ok
    10:24:29.0149 0640 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
    10:24:29.0227 0640 AcpiPmi - ok
    10:24:29.0336 0640 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    10:24:29.0352 0640 AdobeARMservice - ok
    10:24:29.0492 0640 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    10:24:29.0508 0640 AdobeFlashPlayerUpdateSvc - ok
    10:24:29.0586 0640 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    10:24:29.0664 0640 adp94xx - ok
    10:24:29.0695 0640 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    10:24:29.0710 0640 adpahci - ok
    10:24:29.0726 0640 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    10:24:29.0742 0640 adpu320 - ok
    10:24:29.0788 0640 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
    10:24:29.0866 0640 AeLookupSvc - ok
    10:24:29.0944 0640 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
    10:24:30.0007 0640 AFD - ok
    10:24:30.0054 0640 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
    10:24:30.0069 0640 agp440 - ok
    10:24:30.0116 0640 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    10:24:30.0132 0640 aic78xx - ok
    10:24:30.0225 0640 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
    10:24:30.0288 0640 ALG - ok
    10:24:30.0334 0640 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
    10:24:30.0350 0640 aliide - ok
    10:24:30.0366 0640 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
    10:24:30.0381 0640 amdagp - ok
    10:24:30.0397 0640 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
    10:24:30.0412 0640 amdide - ok
    10:24:30.0459 0640 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    10:24:30.0522 0640 AmdK8 - ok
    10:24:30.0537 0640 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    10:24:30.0568 0640 AmdPPM - ok
    10:24:30.0615 0640 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
    10:24:30.0631 0640 amdsata - ok
    10:24:30.0646 0640 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    10:24:30.0662 0640 amdsbs - ok
    10:24:30.0693 0640 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
    10:24:30.0709 0640 amdxata - ok
    10:24:30.0834 0640 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
    10:24:30.0849 0640 AntiVirSchedulerService - ok
    10:24:30.0912 0640 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    10:24:30.0927 0640 AntiVirService - ok
    10:24:30.0974 0640 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
    10:24:31.0114 0640 AppID - ok
    10:24:31.0177 0640 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
    10:24:31.0239 0640 AppIDSvc - ok
    10:24:31.0302 0640 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
    10:24:31.0348 0640 Appinfo - ok
    10:24:31.0426 0640 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    10:24:31.0442 0640 arc - ok
    10:24:31.0473 0640 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    10:24:31.0489 0640 arcsas - ok
    10:24:31.0520 0640 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    10:24:31.0629 0640 AsyncMac - ok
    10:24:31.0676 0640 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
    10:24:31.0692 0640 atapi - ok
    10:24:31.0770 0640 athr (614a60aee03a6151fdcbac295854a9cb) C:\Windows\system32\DRIVERS\athr.sys
    10:24:31.0848 0640 athr - ok
    10:24:31.0910 0640 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
    10:24:31.0972 0640 AudioEndpointBuilder - ok
    10:24:31.0972 0640 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
    10:24:32.0004 0640 Audiosrv - ok
    10:24:32.0128 0640 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
    10:24:32.0191 0640 avgntflt - ok
    10:24:32.0238 0640 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
    10:24:32.0253 0640 avipbb - ok
    10:24:32.0269 0640 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
    10:24:32.0284 0640 avkmgr - ok
    10:24:32.0347 0640 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
    10:24:32.0409 0640 AxInstSV - ok
    10:24:32.0472 0640 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    10:24:32.0534 0640 b06bdrv - ok
    10:24:32.0581 0640 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    10:24:32.0612 0640 b57nd60x - ok
    10:24:32.0706 0640 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
    10:24:32.0737 0640 BDESVC - ok
    10:24:32.0768 0640 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    10:24:32.0830 0640 Beep - ok
    10:24:33.0002 0640 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
    10:24:33.0064 0640 BFE - ok
    10:24:33.0127 0640 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
    10:24:33.0345 0640 BITS - ok
    10:24:33.0392 0640 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    10:24:33.0423 0640 blbdrive - ok
    10:24:33.0486 0640 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
    10:24:33.0532 0640 bowser - ok
    10:24:33.0564 0640 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    10:24:33.0626 0640 BrFiltLo - ok
    10:24:33.0642 0640 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    10:24:33.0673 0640 BrFiltUp - ok
    10:24:33.0720 0640 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
    10:24:33.0766 0640 BridgeMP - ok
    10:24:33.0829 0640 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
    10:24:33.0876 0640 Browser - ok
    10:24:33.0922 0640 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    10:24:33.0985 0640 Brserid - ok
    10:24:34.0000 0640 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    10:24:34.0032 0640 BrSerWdm - ok
    10:24:34.0063 0640 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    10:24:34.0078 0640 BrUsbMdm - ok
    10:24:34.0110 0640 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    10:24:34.0141 0640 BrUsbSer - ok
    10:24:34.0172 0640 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    10:24:34.0203 0640 BTHMODEM - ok
    10:24:34.0266 0640 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
    10:24:34.0281 0640 bthserv - ok
    10:24:34.0437 0640 catchme - ok
    10:24:34.0468 0640 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    10:24:34.0531 0640 cdfs - ok
    10:24:34.0578 0640 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
    10:24:34.0609 0640 cdrom - ok
    10:24:34.0671 0640 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
    10:24:34.0718 0640 CertPropSvc - ok
    10:24:34.0765 0640 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    10:24:34.0780 0640 circlass - ok
    10:24:34.0843 0640 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    10:24:34.0858 0640 CLFS - ok
    10:24:34.0999 0640 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    10:24:35.0014 0640 clr_optimization_v2.0.50727_32 - ok
    10:24:35.0077 0640 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    10:24:35.0108 0640 clr_optimization_v4.0.30319_32 - ok
    10:24:35.0155 0640 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    10:24:35.0170 0640 CmBatt - ok
    10:24:35.0217 0640 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
    10:24:35.0217 0640 cmdide - ok
    10:24:35.0280 0640 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
    10:24:35.0326 0640 CNG - ok
    10:24:35.0342 0640 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    10:24:35.0358 0640 Compbatt - ok
    10:24:35.0389 0640 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
    10:24:35.0420 0640 CompositeBus - ok
    10:24:35.0451 0640 COMSysApp - ok
    10:24:35.0467 0640 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    10:24:35.0482 0640 crcdisk - ok
    10:24:35.0529 0640 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
    10:24:35.0592 0640 CryptSvc - ok
    10:24:35.0654 0640 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys
    10:24:35.0670 0640 ctxusbm - ok
    10:24:35.0732 0640 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
    10:24:35.0794 0640 DcomLaunch - ok
    10:24:35.0841 0640 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
    10:24:35.0888 0640 defragsvc - ok
    10:24:35.0966 0640 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
    10:24:36.0013 0640 DfsC - ok
    10:24:36.0075 0640 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\Windows\system32\DRIVERS\ssudbus.sys
    10:24:36.0091 0640 dg_ssudbus - ok
    10:24:36.0153 0640 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
    10:24:36.0200 0640 Dhcp - ok
    10:24:36.0247 0640 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    10:24:36.0294 0640 discache - ok
    10:24:36.0387 0640 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    10:24:36.0418 0640 Disk - ok
    10:24:36.0465 0640 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
    10:24:36.0512 0640 Dnscache - ok
    10:24:36.0574 0640 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
    10:24:36.0621 0640 dot3svc - ok
    10:24:36.0652 0640 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
    10:24:36.0715 0640 DPS - ok
    10:24:36.0762 0640 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    10:24:36.0777 0640 drmkaud - ok
    10:24:36.0855 0640 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
    10:24:36.0886 0640 DXGKrnl - ok
    10:24:36.0949 0640 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
    10:24:36.0996 0640 EapHost - ok
    10:24:37.0136 0640 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    10:24:37.0245 0640 ebdrv - ok
    10:24:37.0370 0640 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
    10:24:37.0417 0640 EFS - ok
    10:24:37.0510 0640 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
    10:24:37.0588 0640 ehRecvr - ok
    10:24:37.0635 0640 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
    10:24:37.0682 0640 ehSched - ok
    10:24:37.0776 0640 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    10:24:37.0807 0640 elxstor - ok
    10:24:37.0838 0640 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
    10:24:37.0869 0640 ErrDev - ok
    10:24:37.0947 0640 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
    10:24:38.0010 0640 EventSystem - ok
    10:24:38.0088 0640 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    10:24:38.0134 0640 exfat - ok
    10:24:38.0150 0640 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    10:24:38.0212 0640 fastfat - ok
    10:24:38.0290 0640 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
    10:24:38.0368 0640 Fax - ok
    10:24:38.0415 0640 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    10:24:38.0446 0640 fdc - ok
    10:24:38.0478 0640 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
    10:24:38.0524 0640 fdPHost - ok
    10:24:38.0556 0640 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
    10:24:38.0602 0640 FDResPub - ok
    10:24:38.0634 0640 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    10:24:38.0649 0640 FileInfo - ok
    10:24:38.0696 0640 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    10:24:38.0727 0640 Filetrace - ok
    10:24:38.0743 0640 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    10:24:38.0774 0640 flpydisk - ok
    10:24:38.0821 0640 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    10:24:38.0836 0640 FltMgr - ok
    10:24:38.0899 0640 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
    10:24:38.0977 0640 FontCache - ok
    10:24:39.0102 0640 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    10:24:39.0102 0640 FontCache3.0.0.0 - ok
    10:24:39.0148 0640 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    10:24:39.0164 0640 FsDepends - ok
    10:24:39.0195 0640 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
    10:24:39.0211 0640 Fs_Rec - ok
    10:24:39.0273 0640 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
    10:24:39.0289 0640 fvevol - ok
    10:24:39.0304 0640 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    10:24:39.0320 0640 gagp30kx - ok
    10:24:39.0382 0640 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
    10:24:39.0382 0640 ggflt - ok
    10:24:39.0414 0640 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
    10:24:39.0414 0640 ggsemc - ok
    10:24:39.0460 0640 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
    10:24:39.0538 0640 gpsvc - ok
    10:24:39.0554 0640 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    10:24:39.0585 0640 hcw85cir - ok
    10:24:39.0632 0640 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
    10:24:39.0679 0640 HdAudAddService - ok
    10:24:39.0694 0640 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
    10:24:39.0726 0640 HDAudBus - ok
    10:24:39.0757 0640 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    10:24:39.0804 0640 HidBatt - ok
    10:24:39.0819 0640 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    10:24:39.0850 0640 HidBth - ok
    10:24:39.0882 0640 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    10:24:39.0913 0640 HidIr - ok
    10:24:39.0960 0640 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
    10:24:40.0006 0640 hidserv - ok
    10:24:40.0084 0640 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
    10:24:40.0116 0640 HidUsb - ok
    10:24:40.0209 0640 hitmanpro36 (47eece68857817f39c8c6f33a7e5e76c) C:\Windows\system32\drivers\hitmanpro36.sys
    10:24:40.0225 0640 hitmanpro36 - ok
    10:24:40.0272 0640 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
    10:24:40.0318 0640 hkmsvc - ok
    10:24:40.0350 0640 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
    10:24:40.0412 0640 HomeGroupListener - ok
    10:24:40.0459 0640 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
    10:24:40.0490 0640 HomeGroupProvider - ok
    10:24:40.0552 0640 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
    10:24:40.0568 0640 HpSAMD - ok
    10:24:40.0646 0640 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
    10:24:40.0693 0640 HTTP - ok
    10:24:40.0708 0640 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
    10:24:40.0724 0640 hwpolicy - ok
    10:24:40.0755 0640 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
    10:24:40.0786 0640 i8042prt - ok
    10:24:40.0849 0640 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
    10:24:40.0864 0640 iaStorV - ok
    10:24:41.0005 0640 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    10:24:41.0052 0640 idsvc - ok
    10:24:41.0067 0640 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    10:24:41.0083 0640 iirsp - ok
    10:24:41.0161 0640 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
    10:24:41.0223 0640 IKEEXT - ok
    10:24:41.0254 0640 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
    10:24:41.0270 0640 intelide - ok
    10:24:41.0317 0640 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    10:24:41.0332 0640 intelppm - ok
    10:24:41.0364 0640 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
    10:24:41.0410 0640 IPBusEnum - ok
    10:24:41.0442 0640 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    10:24:41.0488 0640 IpFilterDriver - ok
    10:24:41.0551 0640 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
    10:24:41.0629 0640 iphlpsvc - ok
    10:24:41.0660 0640 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
    10:24:41.0691 0640 IPMIDRV - ok
    10:24:41.0722 0640 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    10:24:41.0769 0640 IPNAT - ok
    10:24:41.0800 0640 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    10:24:41.0847 0640 IRENUM - ok
    10:24:41.0894 0640 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
    10:24:41.0910 0640 isapnp - ok
    10:24:41.0941 0640 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
    10:24:41.0956 0640 iScsiPrt - ok
    10:24:41.0988 0640 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
    10:24:42.0003 0640 kbdclass - ok
    10:24:42.0034 0640 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
    10:24:42.0050 0640 kbdhid - ok
    10:24:42.0097 0640 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
    10:24:42.0112 0640 KeyIso - ok
    10:24:42.0159 0640 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
    10:24:42.0175 0640 KSecDD - ok
    10:24:42.0206 0640 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
    10:24:42.0222 0640 KSecPkg - ok
    10:24:42.0268 0640 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
    10:24:42.0331 0640 KtmRm - ok
    10:24:42.0393 0640 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
    10:24:42.0440 0640 LanmanServer - ok
    10:24:42.0502 0640 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
    10:24:42.0549 0640 LanmanWorkstation - ok
    10:24:42.0627 0640 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    10:24:42.0658 0640 lltdio - ok
    10:24:42.0690 0640 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
    10:24:42.0752 0640 lltdsvc - ok
    10:24:42.0768 0640 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
    10:24:42.0799 0640 lmhosts - ok
    10:24:42.0830 0640 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    10:24:42.0846 0640 LSI_FC - ok
    10:24:42.0861 0640 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    10:24:42.0877 0640 LSI_SAS - ok
    10:24:42.0892 0640 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    10:24:42.0908 0640 LSI_SAS2 - ok
    10:24:42.0939 0640 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    10:24:42.0939 0640 LSI_SCSI - ok
    10:24:42.0986 0640 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    10:24:43.0048 0640 luafv - ok
    10:24:43.0111 0640 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
    10:24:43.0126 0640 MBAMProtector - ok
    10:24:43.0267 0640 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    10:24:43.0298 0640 MBAMService - ok
    10:24:43.0360 0640 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
    10:24:43.0376 0640 Mcx2Svc - ok
    10:24:43.0438 0640 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    10:24:43.0454 0640 megasas - ok
    10:24:43.0485 0640 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    10:24:43.0501 0640 MegaSR - ok
    10:24:43.0579 0640 Microsoft SharePoint Workspace Audit Service - ok
    10:24:43.0626 0640 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
    10:24:43.0672 0640 MMCSS - ok
    10:24:43.0688 0640 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    10:24:43.0719 0640 Modem - ok
    10:24:43.0782 0640 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    10:24:43.0813 0640 monitor - ok
    10:24:43.0875 0640 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
    10:24:43.0891 0640 mouclass - ok
    10:24:43.0938 0640 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    10:24:43.0969 0640 mouhid - ok
    10:24:44.0016 0640 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
    10:24:44.0031 0640 mountmgr - ok
    10:24:44.0078 0640 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
    10:24:44.0094 0640 mpio - ok
    10:24:44.0125 0640 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    10:24:44.0156 0640 mpsdrv - ok
    10:24:44.0218 0640 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
    10:24:44.0312 0640 MpsSvc - ok
    10:24:44.0343 0640 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
    10:24:44.0359 0640 MRxDAV - ok
    10:24:44.0421 0640 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    10:24:44.0468 0640 mrxsmb - ok
    10:24:44.0515 0640 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    10:24:44.0530 0640 mrxsmb10 - ok
    10:24:44.0546 0640 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    10:24:44.0593 0640 mrxsmb20 - ok
    10:24:44.0640 0640 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
    10:24:44.0640 0640 msahci - ok
    10:24:44.0686 0640 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
    10:24:44.0686 0640 msdsm - ok
    10:24:44.0749 0640 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
    10:24:44.0780 0640 MSDTC - ok
    10:24:44.0874 0640 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    10:24:44.0905 0640 Msfs - ok
    10:24:44.0920 0640 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    10:24:44.0967 0640 mshidkmdf - ok
    10:24:44.0998 0640 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
    10:24:45.0014 0640 msisadrv - ok
    10:24:45.0061 0640 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
    10:24:45.0108 0640 MSiSCSI - ok
    10:24:45.0108 0640 msiserver - ok
    10:24:45.0154 0640 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    10:24:45.0201 0640 MSKSSRV - ok
    10:24:45.0232 0640 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    10:24:45.0279 0640 MSPCLOCK - ok
    10:24:45.0295 0640 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    10:24:45.0342 0640 MSPQM - ok
    10:24:45.0373 0640 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    10:24:45.0388 0640 MsRPC - ok
    10:24:45.0420 0640 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
    10:24:45.0435 0640 mssmbios - ok
    10:24:45.0451 0640 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    10:24:45.0482 0640 MSTEE - ok
    10:24:45.0498 0640 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    10:24:45.0529 0640 MTConfig - ok
    10:24:45.0560 0640 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    10:24:45.0576 0640 Mup - ok
    10:24:45.0638 0640 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
    10:24:45.0669 0640 napagent - ok
    10:24:45.0700 0640 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS
    wifi.sys
    10:24:45.0716 0640 NativeWifiP - ok
    10:24:45.0778 0640 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers
    dis.sys
    10:24:45.0810 0640 NDIS - ok
    10:24:45.0841 0640 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS
    discap.sys
    10:24:45.0888 0640 NdisCap - ok
    10:24:45.0919 0640 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS
    distapi.sys
    10:24:45.0966 0640 NdisTapi - ok
    10:24:46.0012 0640 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS
    disuio.sys
    10:24:46.0059 0640 Ndisuio - ok
    10:24:46.0075 0640 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS
    diswan.sys
    10:24:46.0106 0640 NdisWan - ok
    10:24:46.0137 0640 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
    10:24:46.0168 0640 NDProxy - ok
    10:24:46.0231 0640 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS
    etbios.sys
    10:24:46.0278 0640 NetBIOS - ok
    10:24:46.0324 0640 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS
    etbt.sys
    10:24:46.0356 0640 NetBT - ok
    10:24:46.0387 0640 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
    10:24:46.0402 0640 Netlogon - ok
    10:24:46.0465 0640 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32
    etman.dll
    10:24:46.0512 0640 Netman - ok
    10:24:46.0558 0640 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32
    etprofm.dll
    10:24:46.0621 0640 netprofm - ok
    10:24:46.0730 0640 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    10:24:46.0746 0640 NetTcpPortSharing - ok
    10:24:46.0808 0640 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS
    frd960.sys
    10:24:46.0824 0640 nfrd960 - ok
    10:24:46.0870 0640 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32
    lasvc.dll
    10:24:46.0933 0640 NlaSvc - ok
    10:24:46.0948 0640 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    10:24:46.0995 0640 Npfs - ok
    10:24:47.0026 0640 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32
    sisvc.dll
    10:24:47.0073 0640 nsi - ok
    10:24:47.0120 0640 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers
    siproxy.sys
    10:24:47.0136 0640 nsiproxy - ok
    10:24:47.0245 0640 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
    10:24:47.0292 0640 Ntfs - ok
    10:24:47.0323 0640 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    10:24:47.0354 0640 Null - ok
    10:24:47.0728 0640 nvlddmkm (bd409de5681c74c1de51d72427dc202d) C:\Windows\system32\DRIVERS
    vlddmkm.sys
    10:24:48.0040 0640 nvlddmkm - ok
    10:24:48.0212 0640 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers
    vraid.sys
    10:24:48.0228 0640 nvraid - ok
    10:24:48.0274 0640 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers
    vstor.sys
    10:24:48.0290 0640 nvstor - ok
    10:24:48.0306 0640 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers
    v_agp.sys
    10:24:48.0321 0640 nv_agp - ok
    10:24:48.0337 0640 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
    10:24:48.0384 0640 ohci1394 - ok
    10:24:48.0508 0640 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    10:24:48.0508 0640 ose - ok
    10:24:48.0742 0640 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    10:24:48.0898 0640 osppsvc - ok
    10:24:49.0054 0640 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
    10:24:49.0101 0640 p2pimsvc - ok
    10:24:49.0148 0640 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
    10:24:49.0164 0640 p2psvc - ok
    10:24:49.0257 0640 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    10:24:49.0273 0640 Parport - ok
    10:24:49.0320 0640 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
    10:24:49.0335 0640 partmgr - ok
    10:24:49.0366 0640 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    10:24:49.0398 0640 Parvdm - ok
    10:24:49.0444 0640 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
    10:24:49.0460 0640 PcaSvc - ok
    10:24:49.0507 0640 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
    10:24:49.0522 0640 pci - ok
    10:24:49.0554 0640 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
    10:24:49.0554 0640 pciide - ok
    10:24:49.0585 0640 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    10:24:49.0600 0640 pcmcia - ok
    10:24:49.0616 0640 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    10:24:49.0632 0640 pcw - ok
    10:24:49.0678 0640 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    10:24:49.0756 0640 PEAUTH - ok
    10:24:49.0881 0640 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
    10:24:49.0975 0640 pla - ok
    10:24:50.0131 0640 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
    10:24:50.0193 0640 PlugPlay - ok
    10:24:50.0240 0640 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
    10:24:50.0271 0640 PNRPAutoReg - ok
    10:24:50.0302 0640 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
    10:24:50.0318 0640 PNRPsvc - ok
    10:24:50.0380 0640 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
    10:24:50.0443 0640 PolicyAgent - ok
    10:24:50.0490 0640 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
    10:24:50.0552 0640 Power - ok
    10:24:50.0646 0640 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    10:24:50.0692 0640 PptpMiniport - ok
    10:24:50.0724 0640 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    10:24:50.0739 0640 Processor - ok
    10:24:50.0802 0640 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
    10:24:50.0864 0640 ProfSvc - ok
    10:24:50.0895 0640 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
    10:24:50.0911 0640 ProtectedStorage - ok
    10:24:50.0973 0640 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    10:24:50.0989 0640 Psched - ok
    10:24:51.0098 0640 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    10:24:51.0114 0640 PSI_SVC_2 - ok
    10:24:51.0176 0640 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    10:24:51.0238 0640 ql2300 - ok
    10:24:51.0379 0640 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    10:24:51.0394 0640 ql40xx - ok
    10:24:51.0441 0640 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
    10:24:51.0457 0640 QWAVE - ok
    10:24:51.0504 0640 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    10:24:51.0519 0640 QWAVEdrv - ok
    10:24:51.0550 0640 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    10:24:51.0597 0640 RasAcd - ok
    10:24:51.0628 0640 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    10:24:51.0675 0640 RasAgileVpn - ok
    10:24:51.0706 0640 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
    10:24:51.0738 0640 RasAuto - ok
    10:24:51.0738 0640 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    10:24:51.0769 0640 Rasl2tp - ok
    10:24:51.0831 0640 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
    10:24:51.0878 0640 RasMan - ok
    10:24:51.0925 0640 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    10:24:51.0956 0640 RasPppoe - ok
    10:24:52.0003 0640 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    10:24:52.0034 0640 RasSstp - ok
    10:24:52.0081 0640 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
    10:24:52.0128 0640 rdbss - ok
    10:24:52.0174 0640 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    10:24:52.0190 0640 rdpbus - ok
    10:24:52.0237 0640 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
    10:24:52.0284 0640 RDPCDD - ok
    10:24:52.0299 0640 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    10:24:52.0346 0640 RDPENCDD - ok
    10:24:52.0377 0640 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    10:24:52.0408 0640 RDPREFMP - ok
    10:24:52.0440 0640 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
    10:24:52.0502 0640 RDPWD - ok
    10:24:52.0549 0640 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
    10:24:52.0564 0640 rdyboost - ok
    10:24:52.0611 0640 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
    10:24:52.0658 0640 RemoteAccess - ok
    10:24:52.0689 0640 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
    10:24:52.0736 0640 RemoteRegistry - ok
    10:24:52.0783 0640 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
    10:24:52.0814 0640 RpcEptMapper - ok
    10:24:52.0861 0640 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
    10:24:52.0892 0640 RpcLocator - ok
    10:24:52.0939 0640 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
    10:24:52.0970 0640 RpcSs - ok
    10:24:53.0048 0640 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    10:24:53.0095 0640 rspndr - ok
    10:24:53.0173 0640 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
    10:24:53.0204 0640 RTL8167 - ok
    10:24:53.0251 0640 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
    10:24:53.0266 0640 SamSs - ok
    10:24:53.0313 0640 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
    10:24:53.0329 0640 sbp2port - ok
    10:24:53.0485 0640 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    10:24:53.0547 0640 SBSDWSCService - ok
    10:24:53.0563 0640 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
    10:24:53.0610 0640 SCardSvr - ok
    10:24:53.0688 0640 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
    10:24:53.0734 0640 scfilter - ok
    10:24:53.0890 0640 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
    10:24:53.0984 0640 Schedule - ok
    10:24:54.0046 0640 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
    10:24:54.0062 0640 SCPolicySvc - ok
    10:24:54.0109 0640 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
    10:24:54.0187 0640 SDRSVC - ok
    10:24:54.0234 0640 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    10:24:54.0296 0640 secdrv - ok
    10:24:54.0312 0640 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
    10:24:54.0358 0640 seclogon - ok
    10:24:54.0421 0640 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
    10:24:54.0468 0640 SENS - ok
    10:24:54.0546 0640 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
    10:24:54.0592 0640 SensrSvc - ok
    10:24:54.0608 0640 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    10:24:54.0639 0640 Serenum - ok
    10:24:54.0702 0640 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    10:24:54.0717 0640 Serial - ok
    10:24:54.0748 0640 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    10:24:54.0780 0640 sermouse - ok
    10:24:54.0826 0640 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
    10:24:54.0889 0640 SessionEnv - ok
    10:24:54.0920 0640 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
    10:24:54.0967 0640 sffdisk - ok
    10:24:54.0982 0640 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
    10:24:55.0029 0640 sffp_mmc - ok
    10:24:55.0045 0640 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
    10:24:55.0060 0640 sffp_sd - ok
    10:24:55.0092 0640 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    10:24:55.0107 0640 sfloppy - ok
    10:24:55.0170 0640 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
    10:24:55.0216 0640 SharedAccess - ok
    10:24:55.0263 0640 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
    10:24:55.0310 0640 ShellHWDetection - ok
    10:24:55.0341 0640 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
    10:24:55.0357 0640 sisagp - ok
    10:24:55.0388 0640 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    10:24:55.0419 0640 SiSRaid2 - ok
    10:24:55.0435 0640 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    10:24:55.0450 0640 SiSRaid4 - ok
    10:24:55.0497 0640 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    10:24:55.0528 0640 Smb - ok
    10:24:55.0560 0640 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
    10:24:55.0575 0640 SNMPTRAP - ok
    10:24:55.0591 0640 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    10:24:55.0606 0640 spldr - ok
    10:24:55.0653 0640 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
    10:24:55.0716 0640 Spooler - ok
    10:24:55.0856 0640 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
    10:24:55.0996 0640 sppsvc - ok
    10:24:56.0152 0640 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
    10:24:56.0168 0640 sppuinotify - ok
    10:24:56.0230 0640 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
    10:24:56.0308 0640 srv - ok
    10:24:56.0324 0640 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
    10:24:56.0386 0640 srv2 - ok
    10:24:56.0418 0640 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
    10:24:56.0433 0640 srvnet - ok
    10:24:56.0480 0640 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
    10:24:56.0511 0640 SSDPSRV - ok
    10:24:56.0574 0640 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
    10:24:56.0589 0640 ssmdrv - ok
    10:24:56.0605 0640 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
    10:24:56.0652 0640 SstpSvc - ok
    10:24:56.0730 0640 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\Windows\system32\DRIVERS\ssudmdm.sys
    10:24:56.0745 0640 ssudmdm - ok
    10:24:56.0792 0640 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    10:24:56.0823 0640 stexstor - ok
    10:24:56.0932 0640 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
    10:24:56.0979 0640 StiSvc - ok
    10:24:57.0010 0640 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
    10:24:57.0026 0640 swenum - ok
    10:24:57.0073 0640 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
    10:24:57.0135 0640 swprv - ok
    10:24:57.0244 0640 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
    10:24:57.0322 0640 SysMain - ok
    10:24:57.0369 0640 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
    10:24:57.0416 0640 TabletInputService - ok
    10:24:57.0447 0640 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
    10:24:57.0510 0640 TapiSrv - ok
    10:24:57.0556 0640 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
    10:24:57.0588 0640 TBS - ok
    10:24:57.0697 0640 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
    10:24:57.0775 0640 Tcpip - ok
    10:24:57.0806 0640 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
    10:24:57.0837 0640 TCPIP6 - ok
    10:24:57.0915 0640 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
    10:24:57.0962 0640 tcpipreg - ok
    10:24:58.0009 0640 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
    10:24:58.0056 0640 TDPIPE - ok
    10:24:58.0087 0640 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
    10:24:58.0118 0640 TDTCP - ok
    10:24:58.0165 0640 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
    10:24:58.0196 0640 tdx - ok
    10:24:58.0227 0640 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
    10:24:58.0243 0640 TermDD - ok
    10:24:58.0305 0640 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
    10:24:58.0352 0640 TermService - ok
    10:24:58.0414 0640 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
    10:24:58.0446 0640 Themes - ok
    10:24:58.0492 0640 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
    10:24:58.0524 0640 THREADORDER - ok
    10:24:58.0539 0640 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
    10:24:58.0586 0640 TrkWks - ok
    10:24:58.0664 0640 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
    10:24:58.0695 0640 TrustedInstaller - ok
    10:24:58.0711 0640 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
    10:24:58.0758 0640 tssecsrv - ok
    10:24:58.0820 0640 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
    10:24:58.0851 0640 TsUsbFlt - ok
    10:24:58.0914 0640 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
    10:24:58.0960 0640 tunnel - ok
    10:24:58.0992 0640 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    10:24:59.0007 0640 uagp35 - ok
    10:24:59.0038 0640 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
    10:24:59.0085 0640 udfs - ok
    10:24:59.0132 0640 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
    10:24:59.0148 0640 UI0Detect - ok
    10:24:59.0194 0640 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
    10:24:59.0210 0640 uliagpkx - ok
    10:24:59.0241 0640 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
    10:24:59.0288 0640 umbus - ok
    10:24:59.0319 0640 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    10:24:59.0335 0640 UmPass - ok
    10:24:59.0397 0640 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
    10:24:59.0460 0640 upnphost - ok
    10:24:59.0506 0640 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
    10:24:59.0506 0640 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
    10:24:59.0506 0640 USBAAPL - detected UnsignedFile.Multi.Generic (1)
    10:24:59.0553 0640 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
    10:24:59.0600 0640 usbccgp - ok
    10:24:59.0662 0640 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
    10:24:59.0678 0640 usbcir - ok
    10:24:59.0694 0640 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
    10:24:59.0709 0640 usbehci - ok
    10:24:59.0740 0640 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
    10:24:59.0756 0640 usbhub - ok
    10:24:59.0787 0640 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
    10:24:59.0803 0640 usbohci - ok
    10:24:59.0865 0640 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    10:24:59.0896 0640 usbprint - ok
    10:24:59.0912 0640 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    10:24:59.0959 0640 USBSTOR - ok
    10:25:00.0006 0640 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    10:25:00.0021 0640 usbuhci - ok
    10:25:00.0037 0640 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
    10:25:00.0084 0640 usbvideo - ok
    10:25:00.0115 0640 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
    10:25:00.0162 0640 UxSms - ok
    10:25:00.0193 0640 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
    10:25:00.0208 0640 VaultSvc - ok
    10:25:00.0255 0640 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
    10:25:00.0271 0640 vdrvroot - ok
    10:25:00.0318 0640 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
    10:25:00.0364 0640 vds - ok
    10:25:00.0411 0640 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    10:25:00.0442 0640 vga - ok
    10:25:00.0474 0640 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    10:25:00.0520 0640 VgaSave - ok
    10:25:00.0552 0640 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
    10:25:00.0567 0640 vhdmp - ok
    10:25:00.0630 0640 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
    10:25:00.0645 0640 viaagp - ok
    10:25:00.0676 0640 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    10:25:00.0708 0640 ViaC7 - ok
    10:25:00.0723 0640 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
    10:25:00.0739 0640 viaide - ok
    10:25:00.0754 0640 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
    10:25:00.0770 0640 volmgr - ok
    10:25:00.0801 0640 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    10:25:00.0817 0640 volmgrx - ok
    10:25:00.0832 0640 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
    10:25:00.0848 0640 volsnap - ok
    10:25:00.0879 0640 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    10:25:00.0895 0640 vsmraid - ok
    10:25:00.0973 0640 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
    10:25:01.0051 0640 VSS - ok
    10:25:01.0066 0640 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
    10:25:01.0082 0640 vwifibus - ok
    10:25:01.0113 0640 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
    10:25:01.0144 0640 vwififlt - ok
    10:25:01.0207 0640 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
    10:25:01.0238 0640 W32Time - ok
    10:25:01.0254 0640 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    10:25:01.0285 0640 WacomPen - ok
    10:25:01.0347 0640 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    10:25:01.0363 0640 WANARP - ok
    10:25:01.0378 0640 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    10:25:01.0394 0640 Wanarpv6 - ok
    10:25:01.0488 0640 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
    10:25:01.0550 0640 WatAdminSvc - ok
    10:25:01.0644 0640 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
    10:25:01.0722 0640 wbengine - ok
    10:25:01.0784 0640 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
    10:25:01.0800 0640 WbioSrvc - ok
    10:25:01.0846 0640 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
    10:25:01.0878 0640 wcncsvc - ok
    10:25:01.0909 0640 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
    10:25:01.0956 0640 WcsPlugInService - ok
    10:25:02.0034 0640 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    10:25:02.0049 0640 Wd - ok
    10:25:02.0080 0640 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    10:25:02.0112 0640 Wdf01000 - ok
    10:25:02.0158 0640 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
    10:25:02.0205 0640 WdiServiceHost - ok
    10:25:02.0205 0640 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
    10:25:02.0221 0640 WdiSystemHost - ok
    10:25:02.0252 0640 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
    10:25:02.0299 0640 WebClient - ok
    10:25:02.0330 0640 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
    10:25:02.0361 0640 Wecsvc - ok
    10:25:02.0377 0640 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
    10:25:02.0408 0640 wercplsupport - ok
    10:25:02.0424 0640 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
    10:25:02.0455 0640 WerSvc - ok
    10:25:02.0502 0640 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    10:25:02.0533 0640 WfpLwf - ok
    10:25:02.0548 0640 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    10:25:02.0564 0640 WIMMount - ok
    10:25:02.0704 0640 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
    10:25:02.0767 0640 WinDefend - ok
    10:25:02.0767 0640 WinHttpAutoProxySvc - ok
    10:25:02.0845 0640 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
    10:25:02.0892 0640 Winmgmt - ok
    10:25:02.0970 0640 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
    10:25:03.0048 0640 WinRM - ok
    10:25:03.0172 0640 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
    10:25:03.0204 0640 WinUsb - ok
    10:25:03.0282 0640 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
    10:25:03.0328 0640 Wlansvc - ok
    10:25:03.0484 0640 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    10:25:03.0547 0640 wlidsvc - ok
    10:25:03.0718 0640 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
    10:25:03.0718 0640 WmiAcpi - ok
    10:25:03.0796 0640 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
    10:25:03.0812 0640 wmiApSrv - ok
    10:25:03.0968 0640 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
    10:25:04.0046 0640 WMPNetworkSvc - ok
    10:25:04.0093 0640 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
    10:25:04.0140 0640 WPCSvc - ok
    10:25:04.0171 0640 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
    10:25:04.0218 0640 WPDBusEnum - ok
    10:25:04.0296 0640 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    10:25:04.0342 0640 ws2ifsl - ok
    10:25:04.0389 0640 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
    10:25:04.0420 0640 wscsvc - ok
    10:25:04.0420 0640 WSearch - ok
    10:25:04.0545 0640 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
    10:25:04.0623 0640 wuauserv - ok
    10:25:04.0779 0640 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
    10:25:04.0795 0640 WudfPf - ok
    10:25:04.0842 0640 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
    10:25:04.0888 0640 WUDFRd - ok
    10:25:04.0920 0640 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
    10:25:04.0966 0640 wudfsvc - ok
    10:25:05.0013 0640 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
    10:25:05.0107 0640 WwanSvc - ok
    10:25:05.0154 0640 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    10:25:05.0450 0640 \Device\Harddisk0\DR0 - ok
    10:25:05.0450 0640 Boot (0x1200) (a9333d633d9422eadc7bc9d79dcd767c) \Device\Harddisk0\DR0\Partition0
    10:25:05.0450 0640 \Device\Harddisk0\DR0\Partition0 - ok
    10:25:05.0450 0640 ============================================================
    10:25:05.0450 0640 Scan finished
    10:25:05.0450 0640 ============================================================
    10:25:05.0466 1916 Detected object count: 1
    10:25:05.0466 1916 Actual detected object count: 1
    10:25:47.0851 1916 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
    10:25:47.0851 1916 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip







    Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300
    www.malwarebytes.org

    Databaseversie: v2012.07.14.03

    Windows 7 Service Pack 1 x86 NTFS (Veilige modus/netwerkmogelijkheden)
    Internet Explorer 9.0.8112.16421
    Karin :: KARIN-LAPTOP [administrator]

    Realtime bescherming: Uitgeschakeld

    14-7-2012 10:37:06
    mbam-log-2012-07-14 (10-37-06).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 204223
    Verstreken tijd: 4 minuut/minuten, 6 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

















  • Hallo Too5,
    [img:f8e97ae1ba]http://www.smartestcomputing.us.com/public/style_emoticons/default/smiley_says_hello.gif[/img:f8e97ae1ba]welkom op dit geweldige forum.

    Volgende keer meteen hulp zoeken in plaats van zelf eerst tools te gebruiken, die bij fout gebruik jouw Windows helemaal kunnen vernielen!

    We gaan nu eerst diep kijken in jouw Windows!

    [b:f8e97ae1ba]Welk programma[/b:f8e97ae1ba]:
  • Thanks!
    Ik ben persoonlijk van mening dat je eerst zelf moet proberen, aangezien er al zoveel beschreven staat. Maar inderdaad is dat niet in alle gevallen slim.

    De log van Combofix (ik zie dat avira wel nog ergens op de computer moet staan)

    ComboFix 12-07-13.03 - Karin 14-07-2012 11:17:56.2.2 - x86 NETWORK
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3039.2548 [GMT 2:00]
    Gestart vanuit: c:\users\Karin\Desktop\ComboFix.exe
    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-06-14 to 2012-07-14 ))))))))))))))))))))))))))))))
    .
    .
    2012-07-14 09:24 . 2012-07-14 09:24 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-07-13 21:42 . 2012-05-31 03:41 6762896 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7E15260-093D-456A-A164-49802BDBFB4A}\mpengine.dll
    2012-07-13 20:24 . 2012-07-13 20:56 ——– d—–w- c:\programdata\Spybot - Search & Destroy
    2012-07-13 20:24 . 2012-07-13 20:25 ——– d—–w- c:\program files\Spybot - Search & Destroy
    2012-07-13 20:08 . 2012-07-13 20:08 ——– d—–w- c:\users\Karin\AppData\Roaming\Malwarebytes
    2012-07-13 20:07 . 2012-07-13 20:07 ——– d—–w- c:\programdata\Malwarebytes
    2012-07-13 20:07 . 2012-07-14 08:30 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-13 20:07 . 2012-07-03 11:46 22344 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-13 20:04 . 2012-07-13 20:04 2139752 —-a-w- C:\FLV_Runner.exe
    2012-07-13 20:01 . 2012-07-13 20:01 ——– d—–w- c:\program files\Conduit
    2012-07-13 19:59 . 2012-07-13 20:05 ——– d—–w- c:\program files\FLV_Runner
    2012-07-13 19:57 . 2012-07-13 19:57 ——– d—–w- C:\TDSSKiller_Quarantine
    2012-07-13 19:07 . 2012-07-13 19:34 ——– d—–w- c:\program files\PC Tools
    2012-07-13 18:59 . 2012-07-13 19:34 ——– d—–w- c:\program files\Common Files\PC Tools
    2012-07-13 18:59 . 2012-05-11 09:14 203088 —-a-w- c:\windows\system32\drivers\PCTSD.sys
    2012-07-13 18:58 . 2012-07-13 19:33 ——– d—–w- c:\programdata\PC Tools
    2012-07-13 18:58 . 2012-07-13 18:58 ——– d—–w- c:\users\Karin\AppData\Roaming\TestApp
    2012-07-13 18:54 . 2012-07-13 18:54 27424 —-a-w- c:\windows\system32\drivers\hitmanpro36.sys
    2012-07-13 18:43 . 2012-07-13 18:43 ——– d—–w- c:\windows\Sun
    2012-07-12 17:42 . 2012-07-13 17:46 ——– d—–w- c:\users\Karin\AppData\Roaming\Zoekz
    2012-07-11 08:55 . 2012-06-12 02:40 2345984 —-a-w- c:\windows\system32\win32k.sys
    2012-07-10 21:53 . 2012-07-10 22:10 ——– d—–w- c:\users\Karin\AppData\Roaming\PhotoScape
    2012-06-27 14:13 . 2012-06-27 15:20 ——– d—–w- c:\users\Karin\AppData\Roaming\Oqmya
    2012-06-19 07:40 . 2012-04-24 04:36 140288 —-a-w- c:\windows\system32\cryptsvc.dll
    2012-06-19 07:40 . 2012-04-24 04:36 1158656 —-a-w- c:\windows\system32\crypt32.dll
    2012-06-19 07:40 . 2012-04-24 04:36 103936 —-a-w- c:\windows\system32\cryptnet.dll
    2012-06-19 07:40 . 2012-04-28 03:17 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-19 07:39 . 2012-04-07 11:26 2342400 —-a-w- c:\windows\system32\msi.dll
    2012-06-19 07:39 . 2012-04-26 04:45 58880 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-06-19 07:39 . 2012-04-26 04:45 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-06-19 07:39 . 2012-04-26 04:41 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2012-06-19 07:39 . 2012-05-01 04:44 164352 —-a-w- c:\windows\system32\profsvc.dll
    2012-06-19 07:34 . 2012-06-02 22:19 53784 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-19 07:34 . 2012-06-02 22:19 45080 —-a-w- c:\windows\system32\wups2.dll
    2012-06-19 07:34 . 2012-06-02 22:19 1933848 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-19 07:34 . 2012-06-02 22:12 2422272 —-a-w- c:\windows\system32\wucltux.dll
    2012-06-19 07:33 . 2012-06-02 22:19 35864 —-a-w- c:\windows\system32\wups.dll
    2012-06-19 07:33 . 2012-06-02 22:19 577048 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-19 07:33 . 2012-06-02 22:12 88576 —-a-w- c:\windows\system32\wudriver.dll
    2012-06-19 07:33 . 2012-06-02 13:19 171904 —-a-w- c:\windows\system32\wuwebv.dll
    2012-06-19 07:33 . 2012-06-02 13:12 33792 —-a-w- c:\windows\system32\wuapp.exe
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-12 10:29 . 2012-04-04 18:29 426184 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-07-12 10:29 . 2011-05-14 12:08 70344 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-07-10 21:12 . 2011-01-19 10:43 2828 –sha-w- c:\programdata\KGyGaAvL.sys
    2012-05-29 07:38 . 2011-12-23 19:58 330240 —-a-w- c:\windows\MASetupCaller.dll
    2012-05-09 13:12 . 2012-03-17 14:38 83392 —-a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-05-09 13:12 . 2012-03-17 14:38 137928 —-a-w- c:\windows\system32\drivers\avipbb.sys
    2010-10-12 15:33 . 2010-10-12 15:33 124344 —-a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
    2010-10-12 17:15 . 2010-10-12 17:15 13240 —-a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
    2010-10-12 15:37 . 2010-10-12 15:37 70592 —-a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
    2010-10-12 15:35 . 2010-10-12 15:35 91576 —-a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
    2010-10-12 15:34 . 2010-10-12 15:34 22464 —-a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
    2010-10-12 15:32 . 2010-10-12 15:32 255416 —-a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
    2010-10-12 15:35 . 2010-10-12 15:35 31672 —-a-w- c:\program files\mozilla firefox\plugins\icafile.dll
    2010-10-12 15:34 . 2010-10-12 15:34 40384 —-a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
    2010-07-14 11:42 . 2010-07-14 11:42 898480 —-a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
    2010-10-12 15:37 . 2010-10-12 15:37 24000 —-a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
    2011-06-16 04:50 . 2011-08-12 15:33 142296 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{3bbd3c14-4c16-4989-8366-95bc9179779d}"= "c:\program files\FLV_Runner\prxtbFLV_.dll" [2011-05-09 176936]
    .
    [HKEY_CLASSES_ROOT\clsid\{3bbd3c14-4c16-4989-8366-95bc9179779d}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3bbd3c14-4c16-4989-8366-95bc9179779d}]
    2011-05-09 08:49 176936 —-a-w- c:\program files\FLV_Runner\prxtbFLV_.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{3bbd3c14-4c16-4989-8366-95bc9179779d}"= "c:\program files\FLV_Runner\prxtbFLV_.dll" [2011-05-09 176936]
    .
    [HKEY_CLASSES_ROOT\clsid\{3bbd3c14-4c16-4989-8366-95bc9179779d}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Standby"="c:\program files\Common Files\Corel\Standby\Standby.exe" [2010-01-07 105632]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
    "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-09 348624]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "GrpConv"="grpconv -o" [X]
    "Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
    "InnoSetupRegFile.0000000001"="c:\windows\is-AB8O5.exe" [2012-07-14 711240]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0bootdelete
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
    @=""
    .
    R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
    R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
    R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
    R3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [x]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 10:29]
    .
    2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038345157-2957208815-1384172614-1000Core.job
    - c:\users\Karin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-17 18:32]
    .
    2012-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038345157-2957208815-1384172614-1000UA.job
    - c:\users\Karin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-17 18:32]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mStart Page = hxxp://dutch.toggle.com/nl/index.php?rvs=google
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.1.1
    DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20110526061118
    DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
    DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
    DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} - hxxp://www.pixum.nl/apps/EasyUploadX.cab
    FF - ProfilePath - c:\users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\4zcvp5pv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: network.cookie.cookieBehavior - 0
    FF - user.js: privacy.clearOnShutdown.cookies - false
    FF - user.js: security.warn_viewing_mixed - false
    FF - user.js: security.warn_viewing_mixed.show_once - false
    FF - user.js: security.warn_submit_insecure - false
    FF - user.js: security.warn_submit_insecure.show_once - false
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-07-14 11:46:46
    ComboFix-quarantined-files.txt 2012-07-14 09:46
    ComboFix2.txt 2012-07-13 23:00
    .
    Pre-Run: 317.670.174.720 bytes beschikbaar
    Post-Run: 317.635.973.120 bytes beschikbaar
    .
    - - End Of File - - 3621D7342D25E8426C1D235D81488FE4
  • Hoi Karin, ook al is er al zoveel beschreven, jijzelf weet niet welke tools die ingezet worden, door verkeerd gebruik jouw Windows kunnen ruïneren.

    We gaan wat anders doen:

    [b:61e20f4d9e]Welk programma[/b:61e20f4d9e]:
  • [quote:fba81e844e="Abraham54"]Hoi, ook al is er al zoveel beschreven, jijzelf weet niet welke tools die ingezet worden, door verkeerd gebruik jouw Windows kunnen ruïneren.
    [/quote:fba81e844e]

    Ik zou wel heel dom zijn dit tegen te spreken ;)
    Ik ga aan de slag met de volgende stap.
  • a2scan_120714-122717


    Emsisoft Emergency Kit - Versie 2.0
    Laatste Update: 14-7-2012 12:26:47

    Scaninstellingen:

    Scantype: Diepe scan
    Objecten: Rootkits, Geheugen, Sporen, C:\
    Scan archieven: Aan
    ADS Scan: Aan

    Scan gestart: 14-7-2012 12:27:17

    C:\Windows.old.000\Users\Karin\AppData\Roaming\Windowz.exe Ontdekt: Trojan-Downloader.Win32.NSIS!E2
    C:\Users\Karin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c1cd7c1-19e3e428 -> sa\sb.class Ontdekt: Exploit.Java.CVE-2011!E2
    C:\Users\Karin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c1cd7c1-19e3e428 -> sa\er.class Ontdekt: Java.CVE!E2
    C:\TDSSKiller_Quarantine\13.07.2012_21.54.46\tdlfs0000\tsk0004.dta Ontdekt: Trojan.Win32.Alureon!E2
    C:\HP\BIN\EndProcess.exe Ontdekt: Riskware.Win32.KillApp!E1

    Gescand 845366
    Gevonden 5

    Scan geëindigd: 14-7-2012 14:30:41
    Scantijd: 2:03:24

    C:\HP\BIN\EndProcess.exe Verwijderd Riskware.Win32.KillApp!E1
    C:\TDSSKiller_Quarantine\13.07.2012_21.54.46\tdlfs0000\tsk0004.dta Verwijderd Trojan.Win32.Alureon!E2
    C:\Users\Karin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c1cd7c1-19e3e428 -> sa\er.class Verwijderd Java.CVE!E2
    C:\Windows.old.000\Users\Karin\AppData\Roaming\Windowz.exe Verwijderd Trojan-Downloader.Win32.NSIS!E2

    Verwijderd 4
  • Hoi, waarom bewaar je Windows.old nog?

    En dan TDSSKiller: Verwijderd Trojan.Win32.Alureon!E2

    Dat is een andere scan geweest dan je eerder hier het log van gepost hebt!
    Is dat via een ander forum gegaan?

    In ieder geval - zo te zien gaat alles voorspoedig.

    Download AdwCleaner by Xplode naar het bureaublad.

    [list:710e420a9e][*:710e420a9e]Sluit alle openstaande vensters
    [*:710e420a9e]Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren…
    [*:710e420a9e]Klik vervolgens op Delete
    [*:710e420a9e]Klik bij AdwCleaner – Information op OK
    [*:710e420a9e]Klik bij AdwCleaner – Restart Required op OK[/list:u:710e420a9e]

    Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
    Nadat de PC opnieuw is opgestart, opent een logfile.
    Post aansluitend de inhoud van dit log in je volgende bericht.
  • Het is via dit forum gegaan en ik heb serieus letterlijk alles zo gekopieerd als het er stond.
    Wist niet dat windows.old er nog op stond. Zal 'm op het einde ook verwijderen.
  • # AdwCleaner v1.702 - Logfile created 07/14/2012 at 15:59:48
    # Updated 13/07/2012 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
    # User : Karin - KARIN-LAPTOP
    # Running from : C:\Users\Karin\Desktop\adwcleaner0.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****


    ***** [Registry] *****


    ***** [Registre - GUID] *****


    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Registry is clean.

    -\\ Mozilla Firefox v5.0 (nl)

    Profile name : default
    File : C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\4zcvp5pv.default\prefs.js

    [OK] File is clean.

    -\\ Opera v11.52.1100.0

    File : C:\Users\Karin\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [18614 octets] - [14/07/2012 15:57:15]
    AdwCleaner[S2].txt - [885 octets] - [14/07/2012 15:59:48]

    ########## EOF - C:\AdwCleaner[S2].txt - [1012 octets] ##########
  • Hoi Karin, ondervind je nog dingen of draait Windows weer goed?
  • Het enige opmerkelijke is dat mijn achtergrond nog steeds zwart is.
    En dat IE niet meer op mijn bureaublad staat.
    Verder lijkt het weer normaal te zijn.

    Hartelijk bedankt voor je moeite en tijd!!

    Welke van de gedownloade programma's kan ik het beste laten staan en welke er af halen?
  • Wel heb ik nog geen antwoord op twee eerdere vragen gehad.

    En wat jij ook nog mag doen is het volgende:

    Download [b:300c6e8849] naar het bureaublad, als u een melding krijgt dat het bestand mogelijk onveilig is kunt u dit negeren.
    [list:300c6e8849]
    [*:300c6e8849] Dubbelklik op "[b:300c6e8849]Unhide.exe[/b:300c6e8849]" om de tool te starten.
    [*:300c6e8849] [b:300c6e8849]
  • Done.
    De popup tekst was wat uitgebreider, maar begon wel met deze zin.

    Het enige dat nu nog mist is mijn achtergrond (die ik natuurlijk ook zelf kan terugzetten, maar weet niet of dat vanzelf had terug moeten komen) en de iconen naast het start - menu (same story)).

    Ik kan de 2 onbeantwoorde vragen niet vinden :oops:
  • Hallo Karin, had jij eerder een schoonmaakprogramma gebruikt?
    En wat bedoel jij precies met de snelkoppelingen naast het startmenu?

    Wat betreft de twee vragen: ik heb over jouw antwoord heen gelezen.
    En Windows.old mag je handmatig verwijderen of vie de Windows Schijfopruiming.
    Maar wacht met dat laatste even.
  • Ik heb eerder MBAM en Hitmanpro gebruikt.
    Ik begrijp dat die laatste inmiddels achterhaald is.

    De icoontjes voor ie ed.
  • HitmanPro is niet mijn favoriet.

    Al dat kan middels kopiëren uit de program files mappen weer terugkeren.

    Maar je mag Unhide nog wel een keer proberen.
  • Kan ik er nu dan van uit gaan dat alles weer oke is?

    Hartelijk dank!
  • Laat MBAM nog maar weer een snelle scan doen na ge-updated te zijn.

    En doe ook nog het volgende: een test, om te kijken hoe goed de veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:041a7c2bad].
    [list:041a7c2bad][*:041a7c2bad] Klik/dubbelklik op [b:041a7c2bad]SecurityCheck.exe[/b:041a7c2bad] en let op de instrukties in het zwarte venster.
    [*:041a7c2bad] Een Kladblok document genaamd [b:041a7c2bad]checkup.txt[/b:041a7c2bad] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:041a7c2bad] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:041a7c2bad]
    Post de inhoud van [b:041a7c2bad]checkup.txt [/b:041a7c2bad]in je volgende post.
  • Mbam:

    Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300
    www.malwarebytes.org

    Databaseversie: v2012.07.16.05

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Karin :: KARIN-LAPTOP [administrator]

    Realtime bescherming: Uitgeschakeld

    16-7-2012 14:04:57
    mbam-log-2012-07-16 (14-04-57).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 215153
    Verstreken tijd: 8 minuut/minuten, 44 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)


    Check up txt:


    Results of screen317's Security Check version 0.99.42
    Windows 7 Service Pack 1 x86 (UAC is enabled)
    Internet Explorer 9
    [b:1fa5312b27][u:1fa5312b27]``````````````Antivirus/Firewall Check:``````````````[/b:1fa5312b27][/u:1fa5312b27]
    Avira Desktop
    Antivirus up to date!
    [b:1fa5312b27][u:1fa5312b27]`````````Anti-malware/Other Utilities Check:`````````[/b:1fa5312b27][/u:1fa5312b27]
    Spybot - Search & Destroy
    Malwarebytes Anti-Malware versie 1.62.0.1300
    Java(TM) 6 Update 29
  • Hoi - indien jij Firefox niet meer gebruikt, kan je die webbrowser beter verwijderen.
    Prima overigens dat jij de UAC niet hebt uitgeschakeld.

    Java is verouderd en vormt daardoor een beveiligingslek in Windows.
    Download daarom nu eerst [b:511258399c]Java 7 Update 5 (x86) voor Windows 7/XP/Vista/2000/2003/2008 Offline[/b:511258399c] naar jouw bureaublad.
    [b:511258399c]Echter nog niet de nieuwe versie installeren![/b:511258399c]

    Je gaat daarna eerst naar Configuratiescherm
    [list:511258399c][*:511258399c][b:511258399c]Software[/b:511258399c] - Windows 2000/Windows XP
    [*:511258399c][b:511258399c]Programma's en onderdelen[/b:511258399c] - Windows Vista en Windows 7[/list:u:511258399c] en je verwijdert daar [b:511258399c]Java(TM) 6 Update 29 [/b:511258399c]

    Vervolgens start jij je PC opnieuw op.
    Dan mag je daarna de nieuwste Java versie installeren.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.