Vraag & Antwoord

Beveiliging & privacy

HijachThis log vanwege backup probleem

Anoniem
None
32 antwoorden
 • Vertel dan maar eens wat jij precies aangeeft om te back-uppen….
 • Da's heel eenvoudig: de lokale C-schijf, verder niets. En dat is dus zo'n 32 GB aan data.
 • Ik krijg sinds enkele weken steeds de volgende melding in Windows 7:

  "Kon de schaduwkopie niet lezen op een van volumes waarvan een back-up wordt gemaakt. Controleer de gebeurtenislogboeken op relevante fouten. (0x81000037)."

  Als antivirusprogramma gebruik ik McAfee, en heb deze al een paar keer een volledige scan uit laten voeren; daarbij werd niets gevonden. Ook heb ik MalwareBytes een volledige scan uit laten voeren, en ook daarbij werd niets gevonden.

  Nu dus maar een HijackThis log gepost; wellicht dat daar iets in te ontdekken valt. Alvast bedankt voor het meekijken en -denken.

  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 14:05:04, on 4-12-2011
  Platform: Windows 7 SP1 (WinNT 6.00.3505)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\Windows\system32\taskhost.exe
  C:\Windows\system32\Dwm.exe
  C:\Windows\Explorer.EXE
  C:\Windows\System32\nvraidservice.exe
  C:\Program Files\McAfee.com\Agent\mcagent.exe
  C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
  C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
  C:\Windows\WindowsMobile\wmdc.exe
  C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  C:\Program Files\Microsoft IntelliType Pro\itype.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Program Files\Microsoft IntelliPoint\ipoint.exe
  C:\Program Files\Windows Sidebar\sidebar.exe
  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
  C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  c:\program files\common files\installshield\updateservice\isuspm.exe
  C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  C:\Program Files\Windows Live\Mail\wlmail.exe
  C:\Program Files\Windows Live\Contacts\wlcomm.exe
  C:\Program Files\HijackThis\HijackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
  O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111117220054.dll
  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Users\Joep\AppData\Roaming\LastPass\LPBar.dll (file missing)
  O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
  O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Users\Joep\AppData\Roaming\LastPass\LPBar.dll (file missing)
  O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
  O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
  O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
  O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
  O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
  O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
  O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
  O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
  O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
  O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
  O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
  O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
  O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
  O4 - HKLM\..\Run: [DevconDefaultDB] C:\Windows\READREG /PSCONV={NO} /NO_DEFPS
  O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
  O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
  O4 - HKCU\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
  O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
  O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Joep\AppData\Roaming\LastPass\context.html?cmd=fillforms
  O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
  O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
  O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Users\Joep\AppData\Roaming\LastPass\LPBar.dll (file missing)
  O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
  O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O15 - Trusted Zone: http://*.mcafee.com
  O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://csg.kiwa.nl/CitrixSessionInit/ICAWEB/icaweb.cab
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
  O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll
  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
  O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  O23 - Service: GenericMount Helper Service - Unknown owner - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe (file missing)
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
  O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
  O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
  O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
  O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
  O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
  O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
  O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
  O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
  O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
  O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
  O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
  O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
  O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
  O23 - Service: SymSnapService - Unknown owner - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (file missing)


  End of file - 12930 bytes
 • Ik kan niks bijzonders vinden in jouw log.
  Wel wil ik graag dat je onderstaande doet.
  Overigens, waarom tweemaal gepost?

  Start [b:22f0266100]Uitvoeren[/b:22f0266100] door gelijktijdig de "Windowstoets + R-toets" in te drukken.

  In de opdrachtregel typ of kopieer jij de volgende opdracht: [b:22f0266100]
 • Ik had de vraag eerst in het Windows forum gesteld. Daar vroeg iemand mij om een HijackThis log te maken en dit te plaatsen in het forum Internet en Beveiliging, vandaar dat de vraag tweemaal gesteld is.

  Ik vind bij de grafische weergave geen bijzonderheden:
  - een herstelpartitie van 7,8 GB
  - een C-partitie van 923 GB
  - een D-partitie van 240 GB
 • Mooi zo.
  Dan kunnen we de nieuwste TDL-4-variant uitsluiten!

  Maar je mag nu het volgende doen:

  [b:d195b33243]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:d195b33243]
 • Bij deze de logs van TDSSKiller en ComboFix. De PC heeft zich tijdens het uitvoeren van de scans keurig gedragen; geen vreemde meldingen of weigerachtig gedrag. Ben benieuwd of er bijzonderheden in de logs staan.

  Log van TDSSKiller:

  15:17:58.0971 4264 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
  15:18:00.0023 4264 ============================================================
  15:18:00.0023 4264 Current date / time: 2011/12/05 15:18:00.0023
  15:18:00.0023 4264 SystemInfo:
  15:18:00.0023 4264
  15:18:00.0023 4264 OS Version: 6.1.7601 ServicePack: 1.0
  15:18:00.0023 4264 Product type: Workstation
  15:18:00.0024 4264 ComputerName: KANTOOR
  15:18:00.0024 4264 UserName: Joep
  15:18:00.0024 4264 Windows directory: C:\Windows
  15:18:00.0024 4264 System windows directory: C:\Windows
  15:18:00.0024 4264 Processor architecture: Intel x86
  15:18:00.0024 4264 Number of processors: 4
  15:18:00.0024 4264 Page size: 0x1000
  15:18:00.0024 4264 Boot type: Normal boot
  15:18:00.0024 4264 ============================================================
  15:18:01.0679 4264 Initialize success
  15:18:23.0928 3692 ============================================================
  15:18:23.0928 3692 Scan started
  15:18:23.0928 3692 Mode: Manual;
  15:18:23.0929 3692 ============================================================
  15:18:24.0568 3692 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\DRIVERS\1394ohci.sys
  15:18:24.0636 3692 1394ohci - ok
  15:18:24.0654 3692 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
  15:18:24.0658 3692 ACPI - ok
  15:18:24.0678 3692 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
  15:18:24.0679 3692 AcpiPmi - ok
  15:18:24.0753 3692 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
  15:18:24.0759 3692 adp94xx - ok
  15:18:24.0824 3692 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
  15:18:24.0832 3692 adpahci - ok
  15:18:24.0847 3692 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
  15:18:24.0851 3692 adpu320 - ok
  15:18:24.0904 3692 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
  15:18:24.0909 3692 AFD - ok
  15:18:24.0938 3692 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
  15:18:24.0944 3692 agp440 - ok
  15:18:24.0964 3692 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
  15:18:24.0967 3692 aic78xx - ok
  15:18:25.0019 3692 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
  15:18:25.0027 3692 aliide - ok
  15:18:25.0102 3692 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
  15:18:25.0109 3692 amdagp - ok
  15:18:25.0127 3692 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
  15:18:25.0128 3692 amdide - ok
  15:18:25.0154 3692 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
  15:18:25.0157 3692 AmdK8 - ok
  15:18:25.0178 3692 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
  15:18:25.0181 3692 AmdPPM - ok
  15:18:25.0207 3692 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
  15:18:25.0208 3692 amdsata - ok
  15:18:25.0233 3692 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
  15:18:25.0237 3692 amdsbs - ok
  15:18:25.0254 3692 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
  15:18:25.0256 3692 amdxata - ok
  15:18:25.0328 3692 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
  15:18:25.0492 3692 AppID - ok
  15:18:25.0587 3692 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
  15:18:25.0592 3692 arc - ok
  15:18:25.0606 3692 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
  15:18:25.0626 3692 arcsas - ok
  15:18:25.0653 3692 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
  15:18:25.0654 3692 AsyncMac - ok
  15:18:25.0686 3692 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
  15:18:25.0688 3692 atapi - ok
  15:18:25.0793 3692 atikmdag (b9290cf76263838ed609f3bdb6ad07ec) C:\Windows\system32\DRIVERS\atikmdag.sys
  15:18:25.0847 3692 atikmdag - ok
  15:18:25.0957 3692 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
  15:18:25.0984 3692 b06bdrv - ok
  15:18:26.0064 3692 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
  15:18:26.0068 3692 b57nd60x - ok
  15:18:26.0087 3692 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
  15:18:26.0088 3692 Beep - ok
  15:18:26.0114 3692 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
  15:18:26.0116 3692 blbdrive - ok
  15:18:26.0168 3692 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
  15:18:26.0171 3692 bowser - ok
  15:18:26.0227 3692 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
  15:18:26.0228 3692 BrFiltLo - ok
  15:18:26.0247 3692 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
  15:18:26.0253 3692 BrFiltUp - ok
  15:18:26.0274 3692 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
  15:18:26.0279 3692 Brserid - ok
  15:18:26.0293 3692 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
  15:18:26.0296 3692 BrSerWdm - ok
  15:18:26.0314 3692 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
  15:18:26.0317 3692 BrUsbMdm - ok
  15:18:26.0332 3692 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
  15:18:26.0333 3692 BrUsbSer - ok
  15:18:26.0416 3692 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
  15:18:26.0418 3692 BthEnum - ok
  15:18:26.0447 3692 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
  15:18:26.0449 3692 BTHMODEM - ok
  15:18:26.0467 3692 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
  15:18:26.0476 3692 BthPan - ok
  15:18:26.0497 3692 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
  15:18:26.0502 3692 BTHPORT - ok
  15:18:26.0531 3692 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
  15:18:26.0532 3692 BTHUSB - ok
  15:18:26.0584 3692 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
  15:18:26.0587 3692 cdfs - ok
  15:18:26.0638 3692 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
  15:18:26.0641 3692 cdrom - ok
  15:18:26.0681 3692 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
  15:18:26.0683 3692 cfwids - ok
  15:18:26.0703 3692 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
  15:18:26.0706 3692 circlass - ok
  15:18:26.0741 3692 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
  15:18:26.0744 3692 CLFS - ok
  15:18:26.0797 3692 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
  15:18:26.0798 3692 CmBatt - ok
  15:18:26.0839 3692 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
  15:18:26.0842 3692 cmdide - ok
  15:18:26.0951 3692 cmuda3 (f6c6004322bafbeb9801d5a7bbbbb26b) C:\Windows\system32\drivers\cmudax3.sys
  15:18:26.0972 3692 cmuda3 - ok
  15:18:27.0013 3692 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
  15:18:27.0026 3692 CNG - ok
  15:18:27.0109 3692 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
  15:18:27.0112 3692 Compbatt - ok
  15:18:27.0169 3692 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
  15:18:27.0171 3692 CompositeBus - ok
  15:18:27.0206 3692 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
  15:18:27.0207 3692 crcdisk - ok
  15:18:27.0257 3692 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
  15:18:27.0263 3692 CSC - ok
  15:18:27.0346 3692 dc3d (b0e11963a75f509aac5ed4095cba11d1) C:\Windows\system32\DRIVERS\dc3d.sys
  15:18:27.0348 3692 dc3d - ok
  15:18:27.0379 3692 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
  15:18:27.0381 3692 DfsC - ok
  15:18:27.0409 3692 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
  15:18:27.0414 3692 discache - ok
  15:18:27.0452 3692 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
  15:18:27.0454 3692 Disk - ok
  15:18:27.0488 3692 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
  15:18:27.0489 3692 drmkaud - ok
  15:18:27.0568 3692 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
  15:18:27.0578 3692 DXGKrnl - ok
  15:18:27.0624 3692 e.dentifier2 (5d41bfb57fe676fb513f84d23e40e939) C:\Windows\system32\DRIVERS\aabed2.sys
  15:18:27.0627 3692 e.dentifier2 - ok
  15:18:27.0707 3692 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
  15:18:27.0739 3692 ebdrv - ok
  15:18:27.0823 3692 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
  15:18:27.0829 3692 elxstor - ok
  15:18:27.0859 3692 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
  15:18:27.0861 3692 ErrDev - ok
  15:18:27.0899 3692 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
  15:18:27.0906 3692 exfat - ok
  15:18:27.0926 3692 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
  15:18:27.0934 3692 fastfat - ok
  15:18:27.0956 3692 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
  15:18:27.0959 3692 fdc - ok
  15:18:27.0981 3692 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
  15:18:27.0982 3692 FileInfo - ok
  15:18:28.0029 3692 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
  15:18:28.0037 3692 Filetrace - ok
  15:18:28.0057 3692 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
  15:18:28.0062 3692 flpydisk - ok
  15:18:28.0104 3692 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
  15:18:28.0108 3692 FltMgr - ok
  15:18:28.0138 3692 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
  15:18:28.0141 3692 FsDepends - ok
  15:18:28.0151 3692 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
  15:18:28.0156 3692 Fs_Rec - ok
  15:18:28.0186 3692 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
  15:18:28.0189 3692 fvevol - ok
  15:18:28.0252 3692 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
  15:18:28.0259 3692 gagp30kx - ok
  15:18:28.0286 3692 GEARAspiWDM (5dc17164f66380cbfefd895c18467773) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
  15:18:28.0287 3692 GEARAspiWDM - ok
  15:18:28.0323 3692 GenericMount (69f8f310654d699c7e5bd5c67279980f) C:\Windows\system32\DRIVERS\GenericMount.sys
  15:18:28.0324 3692 GenericMount - ok
  15:18:28.0371 3692 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
  15:18:28.0372 3692 hcw85cir - ok
  15:18:28.0444 3692 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
  15:18:28.0449 3692 HdAudAddService - ok
  15:18:28.0471 3692 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
  15:18:28.0543 3692 HDAudBus - ok
  15:18:28.0558 3692 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
  15:18:28.0559 3692 HidBatt - ok
  15:18:28.0582 3692 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
  15:18:28.0583 3692 HidBth - ok
  15:18:28.0642 3692 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
  15:18:28.0648 3692 HidIr - ok
  15:18:28.0712 3692 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
  15:18:28.0713 3692 HidUsb - ok
  15:18:28.0753 3692 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
  15:18:28.0758 3692 HpSAMD - ok
  15:18:28.0811 3692 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
  15:18:28.0818 3692 HTTP - ok
  15:18:28.0857 3692 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
  15:18:28.0858 3692 hwpolicy - ok
  15:18:28.0878 3692 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
  15:18:28.0882 3692 i8042prt - ok
  15:18:28.0921 3692 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
  15:18:29.0033 3692 iaStorV - ok
  15:18:29.0144 3692 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
  15:18:29.0146 3692 iirsp - ok
  15:18:29.0267 3692 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
  15:18:29.0268 3692 intelide - ok
  15:18:29.0294 3692 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
  15:18:29.0297 3692 intelppm - ok
  15:18:29.0326 3692 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
  15:18:29.0328 3692 IpFilterDriver - ok
  15:18:29.0367 3692 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
  15:18:29.0369 3692 IPMIDRV - ok
  15:18:29.0408 3692 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
  15:18:29.0411 3692 IPNAT - ok
  15:18:29.0446 3692 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
  15:18:29.0447 3692 IRENUM - ok
  15:18:29.0477 3692 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
  15:18:29.0478 3692 isapnp - ok
  15:18:29.0498 3692 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
  15:18:29.0502 3692 iScsiPrt - ok
  15:18:29.0524 3692 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
  15:18:29.0526 3692 kbdclass - ok
  15:18:29.0558 3692 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
  15:18:29.0559 3692 kbdhid - ok
  15:18:29.0618 3692 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
  15:18:29.0621 3692 KSecDD - ok
  15:18:29.0672 3692 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
  15:18:29.0674 3692 KSecPkg - ok
  15:18:29.0716 3692 kxwdmdrv - ok
  15:18:29.0749 3692 L8042Kbd (3ce13abc9f612e08f6b23eecc63780e4) C:\Windows\system32\DRIVERS\L8042Kbd.sys
  15:18:29.0752 3692 L8042Kbd - ok
  15:18:29.0768 3692 L8042mou (7175434625b350d7f2f53e82a16c45ae) C:\Windows\system32\DRIVERS\L8042mou.Sys
  15:18:29.0771 3692 L8042mou - ok
  15:18:29.0843 3692 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
  15:18:29.0846 3692 lltdio - ok
  15:18:29.0887 3692 LMouKE (435f23fc9b93d46720a0e9d43ec80dd0) C:\Windows\system32\DRIVERS\LMouKE.Sys
  15:18:29.0889 3692 LMouKE - ok
  15:18:29.0933 3692 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
  15:18:29.0936 3692 LSI_FC - ok
  15:18:29.0954 3692 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
  15:18:29.0963 3692 LSI_SAS - ok
  15:18:29.0982 3692 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
  15:18:29.0983 3692 LSI_SAS2 - ok
  15:18:29.0998 3692 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
  15:18:30.0001 3692 LSI_SCSI - ok
  15:18:30.0039 3692 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
  15:18:30.0061 3692 luafv - ok
  15:18:30.0116 3692 LVUSBSta (9e9306063ecd8aa91b3fb76678d3cee2) C:\Windows\system32\drivers\LVUSBSta.sys
  15:18:30.0118 3692 LVUSBSta - ok
  15:18:30.0158 3692 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
  15:18:30.0161 3692 MBAMProtector - ok
  15:18:30.0219 3692 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
  15:18:30.0221 3692 megasas - ok
  15:18:30.0266 3692 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
  15:18:30.0273 3692 MegaSR - ok
  15:18:30.0314 3692 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
  15:18:30.0317 3692 mfeapfk - ok
  15:18:30.0342 3692 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
  15:18:30.0344 3692 mfeavfk - ok
  15:18:30.0359 3692 mfeavfk01 - ok
  15:18:30.0377 3692 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
  15:18:30.0378 3692 mfebopk - ok
  15:18:30.0416 3692 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
  15:18:30.0484 3692 mfefirek - ok
  15:18:30.0563 3692 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
  15:18:30.0571 3692 mfehidk - ok
  15:18:30.0586 3692 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
  15:18:30.0587 3692 mfenlfk - ok
  15:18:30.0612 3692 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
  15:18:30.0664 3692 mferkdet - ok
  15:18:30.0693 3692 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
  15:18:30.0696 3692 mfewfpk - ok
  15:18:30.0721 3692 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
  15:18:30.0722 3692 Modem - ok
  15:18:30.0774 3692 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
  15:18:30.0776 3692 monitor - ok
  15:18:30.0816 3692 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
  15:18:30.0818 3692 mouclass - ok
  15:18:30.0851 3692 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
  15:18:30.0852 3692 mouhid - ok
  15:18:30.0886 3692 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
  15:18:30.0939 3692 mountmgr - ok
  15:18:30.0972 3692 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
  15:18:30.0974 3692 mpio - ok
  15:18:30.0989 3692 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
  15:18:30.0992 3692 mpsdrv - ok
  15:18:31.0013 3692 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
  15:18:31.0016 3692 MRxDAV - ok
  15:18:31.0099 3692 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
  15:18:31.0102 3692 mrxsmb - ok
  15:18:31.0159 3692 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
  15:18:31.0163 3692 mrxsmb10 - ok
  15:18:31.0192 3692 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
  15:18:31.0194 3692 mrxsmb20 - ok
  15:18:31.0242 3692 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
  15:18:31.0243 3692 msahci - ok
  15:18:31.0288 3692 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
  15:18:31.0291 3692 msdsm - ok
  15:18:31.0368 3692 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
  15:18:31.0371 3692 Msfs - ok
  15:18:31.0392 3692 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
  15:18:31.0393 3692 mshidkmdf - ok
  15:18:31.0422 3692 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
  15:18:31.0423 3692 msisadrv - ok
  15:18:31.0451 3692 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
  15:18:31.0452 3692 MSKSSRV - ok
  15:18:31.0472 3692 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
  15:18:31.0478 3692 MSPCLOCK - ok
  15:18:31.0488 3692 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
  15:18:31.0491 3692 MSPQM - ok
  15:18:31.0513 3692 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
  15:18:31.0516 3692 MsRPC - ok
  15:18:31.0591 3692 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
  15:18:31.0594 3692 mssmbios - ok
  15:18:31.0616 3692 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
  15:18:31.0617 3692 MSTEE - ok
  15:18:31.0631 3692 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
  15:18:31.0634 3692 MTConfig - ok
  15:18:31.0653 3692 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
  15:18:31.0656 3692 Mup - ok
  15:18:31.0684 3692 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
  15:18:31.0689 3692 NativeWifiP - ok
  15:18:31.0737 3692 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
  15:18:31.0747 3692 NDIS - ok
  15:18:31.0804 3692 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
  15:18:31.0806 3692 NdisCap - ok
  15:18:31.0833 3692 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
  15:18:31.0834 3692 NdisTapi - ok
  15:18:31.0868 3692 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
  15:18:31.0869 3692 Ndisuio - ok
  15:18:31.0896 3692 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
  15:18:31.0899 3692 NdisWan - ok
  15:18:31.0924 3692 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
  15:18:31.0986 3692 NDProxy - ok
  15:18:32.0067 3692 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
  15:18:32.0068 3692 NetBIOS - ok
  15:18:32.0097 3692 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
  15:18:32.0184 3692 NetBT - ok
  15:18:32.0227 3692 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
  15:18:32.0228 3692 nfrd960 - ok
  15:18:32.0249 3692 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
  15:18:32.0254 3692 Npfs - ok
  15:18:32.0268 3692 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
  15:18:32.0269 3692 nsiproxy - ok
  15:18:32.0356 3692 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
  15:18:32.0446 3692 Ntfs - ok
  15:18:32.0476 3692 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
  15:18:32.0478 3692 Null - ok
  15:18:32.0511 3692 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
  15:18:32.0514 3692 NVENETFD - ok
  15:18:32.0747 3692 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
  15:18:32.0871 3692 nvlddmkm - ok
  15:18:32.0949 3692 NVNET (5bf9c11586f4764446407f509f1beca8) C:\Windows\system32\DRIVERS\nvmf6232.sys
  15:18:32.0954 3692 NVNET - ok
  15:18:33.0001 3692 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
  15:18:33.0003 3692 nvraid - ok
  15:18:33.0023 3692 nvrd32 (6f922993c8aa8bf555b0a8428aab5731) C:\Windows\system32\DRIVERS\nvrd32.sys
  15:18:33.0027 3692 nvrd32 - ok
  15:18:33.0056 3692 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys
  15:18:33.0057 3692 nvsmu - ok
  15:18:33.0077 3692 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
  15:18:33.0081 3692 nvstor - ok
  15:18:33.0098 3692 nvstor32 (269de658deaf032564e8b6430b5bd170) C:\Windows\system32\DRIVERS\nvstor32.sys
  15:18:33.0101 3692 nvstor32 - ok
  15:18:33.0168 3692 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
  15:18:33.0171 3692 nv_agp - ok
  15:18:33.0202 3692 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
  15:18:33.0204 3692 ohci1394 - ok
  15:18:33.0251 3692 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
  15:18:33.0253 3692 Parport - ok
  15:18:33.0279 3692 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
  15:18:33.0386 3692 partmgr - ok
  15:18:33.0442 3692 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
  15:18:33.0443 3692 Parvdm - ok
  15:18:33.0473 3692 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
  15:18:33.0476 3692 pci - ok
  15:18:33.0489 3692 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
  15:18:33.0491 3692 pciide - ok
  15:18:33.0517 3692 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
  15:18:33.0519 3692 pcmcia - ok
  15:18:33.0541 3692 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
  15:18:33.0543 3692 pcw - ok
  15:18:33.0569 3692 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
  15:18:33.0577 3692 PEAUTH - ok
  15:18:33.0647 3692 pepifilter (d30eda6e1ab3c8c82f2ca085ab79040a) C:\Windows\system32\DRIVERS\lv302af.sys
  15:18:33.0648 3692 pepifilter - ok
  15:18:33.0707 3692 PID_PEPI (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\Windows\system32\DRIVERS\LV302V32.SYS
  15:18:33.0722 3692 PID_PEPI - ok
  15:18:33.0776 3692 Point32 (04df0452fbededf9297fd2e5440cb3c9) C:\Windows\system32\DRIVERS\point32k.sys
  15:18:33.0872 3692 Point32 - ok
  15:18:33.0952 3692 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
  15:18:33.0954 3692 PptpMiniport - ok
  15:18:33.0977 3692 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
  15:18:33.0979 3692 Processor - ok
  15:18:34.0028 3692 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
  15:18:34.0029 3692 Psched - ok
  15:18:34.0069 3692 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
  15:18:34.0086 3692 ql2300 - ok
  15:18:34.0107 3692 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
  15:18:34.0108 3692 ql40xx - ok
  15:18:34.0177 3692 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
  15:18:34.0183 3692 QWAVEdrv - ok
  15:18:34.0216 3692 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
  15:18:34.0217 3692 RasAcd - ok
  15:18:34.0243 3692 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
  15:18:34.0246 3692 RasAgileVpn - ok
  15:18:34.0266 3692 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
  15:18:34.0268 3692 Rasl2tp - ok
  15:18:34.0319 3692 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
  15:18:34.0322 3692 RasPppoe - ok
  15:18:34.0384 3692 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
  15:18:34.0391 3692 RasSstp - ok
  15:18:34.0419 3692 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
  15:18:34.0424 3692 rdbss - ok
  15:18:34.0446 3692 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
  15:18:34.0447 3692 rdpbus - ok
  15:18:34.0478 3692 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
  15:18:34.0479 3692 RDPCDD - ok
  15:18:34.0503 3692 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
  15:18:34.0507 3692 RDPDR - ok
  15:18:34.0557 3692 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
  15:18:34.0558 3692 RDPENCDD - ok
  15:18:34.0593 3692 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
  15:18:34.0594 3692 RDPREFMP - ok
  15:18:34.0627 3692 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
  15:18:34.0629 3692 RdpVideoMiniport - ok
  15:18:34.0661 3692 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
  15:18:34.0769 3692 RDPWD - ok
  15:18:34.0841 3692 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
  15:18:34.0844 3692 rdyboost - ok
  15:18:34.0878 3692 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
  15:18:34.0881 3692 RFCOMM - ok
  15:18:34.0933 3692 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
  15:18:34.0934 3692 rspndr - ok
  15:18:34.0957 3692 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
  15:18:34.0959 3692 s3cap - ok
  15:18:34.0992 3692 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
  15:18:34.0994 3692 sbp2port - ok
  15:18:35.0059 3692 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
  15:18:35.0149 3692 scfilter - ok
  15:18:35.0189 3692 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
  15:18:35.0193 3692 secdrv - ok
  15:18:35.0263 3692 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
  15:18:35.0264 3692 Serenum - ok
  15:18:35.0284 3692 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
  15:18:35.0288 3692 Serial - ok
  15:18:35.0318 3692 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
  15:18:35.0319 3692 sermouse - ok
  15:18:35.0357 3692 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
  15:18:35.0359 3692 sffdisk - ok
  15:18:35.0377 3692 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
  15:18:35.0378 3692 sffp_mmc - ok
  15:18:35.0392 3692 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
  15:18:35.0393 3692 sffp_sd - ok
  15:18:35.0418 3692 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
  15:18:35.0419 3692 sfloppy - ok
  15:18:35.0476 3692 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
  15:18:35.0477 3692 sisagp - ok
  15:18:35.0503 3692 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
  15:18:35.0508 3692 SiSRaid2 - ok
  15:18:35.0531 3692 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
  15:18:35.0537 3692 SiSRaid4 - ok
  15:18:35.0561 3692 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
  15:18:35.0562 3692 Smb - ok
  15:18:35.0592 3692 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
  15:18:35.0594 3692 spldr - ok
  15:18:35.0679 3692 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
  15:18:35.0684 3692 srv - ok
  15:18:35.0706 3692 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
  15:18:35.0711 3692 srv2 - ok
  15:18:35.0729 3692 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
  15:18:35.0732 3692 srvnet - ok
  15:18:35.0771 3692 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
  15:18:35.0772 3692 stexstor - ok
  15:18:35.0803 3692 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
  15:18:35.0806 3692 StillCam - ok
  15:18:35.0873 3692 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
  15:18:35.0874 3692 storflt - ok
  15:18:35.0897 3692 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
  15:18:35.0969 3692 storvsc - ok
  15:18:35.0989 3692 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
  15:18:35.0991 3692 swenum - ok
  15:18:36.0054 3692 symsnap (c9273531eac75ee225e3170fb6107fa3) C:\Windows\system32\DRIVERS\symsnap.sys
  15:18:36.0058 3692 symsnap - ok
  15:18:36.0133 3692 Synth3dVsc - ok
  15:18:36.0248 3692 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
  15:18:36.0336 3692 Tcpip - ok
  15:18:36.0403 3692 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
  15:18:36.0413 3692 TCPIP6 - ok
  15:18:36.0444 3692 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
  15:18:36.0446 3692 tcpipreg - ok
  15:18:36.0473 3692 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
  15:18:36.0474 3692 TDPIPE - ok
  15:18:36.0494 3692 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
  15:18:36.0626 3692 TDTCP - ok
  15:18:36.0684 3692 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
  15:18:36.0687 3692 tdx - ok
  15:18:36.0713 3692 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
  15:18:36.0714 3692 TermDD - ok
  15:18:36.0756 3692 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
  15:18:36.0757 3692 tssecsrv - ok
  15:18:36.0788 3692 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
  15:18:36.0789 3692 TsUsbFlt - ok
  15:18:36.0801 3692 tsusbhub - ok
  15:18:36.0861 3692 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
  15:18:36.0916 3692 tunnel - ok
  15:18:36.0946 3692 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
  15:18:36.0949 3692 uagp35 - ok
  15:18:36.0976 3692 UCORESYS - ok
  15:18:37.0008 3692 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
  15:18:37.0012 3692 udfs - ok
  15:18:37.0054 3692 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
  15:18:37.0057 3692 uliagpkx - ok
  15:18:37.0116 3692 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
  15:18:37.0118 3692 umbus - ok
  15:18:37.0142 3692 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
  15:18:37.0146 3692 UmPass - ok
  15:18:37.0177 3692 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
  15:18:37.0179 3692 usbaudio - ok
  15:18:37.0221 3692 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
  15:18:37.0223 3692 usbccgp - ok
  15:18:37.0252 3692 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
  15:18:37.0254 3692 usbcir - ok
  15:18:37.0283 3692 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
  15:18:37.0286 3692 usbehci - ok
  15:18:37.0348 3692 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
  15:18:37.0352 3692 usbhub - ok
  15:18:37.0371 3692 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
  15:18:37.0491 3692 usbohci - ok
  15:18:37.0522 3692 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
  15:18:37.0523 3692 usbprint - ok
  15:18:37.0577 3692 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
  15:18:37.0578 3692 USBSTOR - ok
  15:18:37.0607 3692 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
  15:18:37.0608 3692 usbuhci - ok
  15:18:37.0642 3692 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
  15:18:37.0644 3692 usb_rndisx - ok
  15:18:37.0684 3692 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
  15:18:37.0687 3692 vdrvroot - ok
  15:18:37.0711 3692 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
  15:18:37.0714 3692 vga - ok
  15:18:37.0751 3692 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
  15:18:37.0752 3692 VgaSave - ok
  15:18:37.0791 3692 VGPU - ok
  15:18:37.0819 3692 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
  15:18:37.0892 3692 vhdmp - ok
  15:18:37.0921 3692 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
  15:18:37.0923 3692 viaagp - ok
  15:18:37.0939 3692 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
  15:18:37.0943 3692 ViaC7 - ok
  15:18:37.0978 3692 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
  15:18:37.0981 3692 viaide - ok
  15:18:38.0027 3692 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
  15:18:38.0031 3692 vmbus - ok
  15:18:38.0053 3692 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
  15:18:38.0056 3692 VMBusHID - ok
  15:18:38.0076 3692 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
  15:18:38.0078 3692 volmgr - ok
  15:18:38.0106 3692 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
  15:18:38.0109 3692 volmgrx - ok
  15:18:38.0142 3692 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
  15:18:38.0146 3692 volsnap - ok
  15:18:38.0181 3692 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
  15:18:38.0184 3692 vsmraid - ok
  15:18:38.0228 3692 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
  15:18:38.0229 3692 vwifibus - ok
  15:18:38.0261 3692 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
  15:18:38.0262 3692 WacomPen - ok
  15:18:38.0294 3692 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
  15:18:38.0297 3692 WANARP - ok
  15:18:38.0301 3692 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
  15:18:38.0303 3692 Wanarpv6 - ok
  15:18:38.0348 3692 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
  15:18:38.0349 3692 Wd - ok
  15:18:38.0378 3692 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
  15:18:38.0384 3692 Wdf01000 - ok
  15:18:38.0476 3692 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
  15:18:38.0478 3692 WfpLwf - ok
  15:18:38.0498 3692 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
  15:18:38.0499 3692 WIMMount - ok
  15:18:38.0559 3692 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
  15:18:38.0617 3692 WinUsb - ok
  15:18:38.0689 3692 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
  15:18:38.0692 3692 WmiAcpi - ok
  15:18:38.0739 3692 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
  15:18:38.0742 3692 ws2ifsl - ok
  15:18:38.0778 3692 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
  15:18:38.0781 3692 WudfPf - ok
  15:18:38.0818 3692 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
  15:18:38.0822 3692 WUDFRd - ok
  15:18:38.0869 3692 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
  15:18:38.0886 3692 \Device\Harddisk0\DR0 - ok
  15:18:38.0889 3692 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
  15:18:38.0894 3692 \Device\Harddisk1\DR1 - ok
  15:18:38.0898 3692 Boot (0x1200) (6f74240e7ad45b5ade0d5bf4a699a867) \Device\Harddisk0\DR0\Partition0
  15:18:38.0899 3692 \Device\Harddisk0\DR0\Partition0 - ok
  15:18:38.0904 3692 Boot (0x1200) (375ad92ddc78e6eafdce5ef01020afad) \Device\Harddisk1\DR1\Partition0
  15:18:38.0904 3692 \Device\Harddisk1\DR1\Partition0 - ok
  15:18:38.0907 3692 ============================================================
  15:18:38.0907 3692 Scan finished
  15:18:38.0907 3692 ============================================================
  15:18:38.0918 1176 Detected object count: 0
  15:18:38.0918 1176 Actual detected object count: 0

  Log ComboFix

  ComboFix 11-12-05.01 - Joep 05-12-2011 15:32:57.1.4 - x86
  Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3071.2094 [GMT 1:00]
  Gestart vanuit: c:\users\Joep\Desktop\ComboFix.exe
  AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
  FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
  SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
  SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  c:\program files\driver
  c:\program files\driver\aabed2.cat
  c:\program files\driver\aabed2.inf
  c:\program files\driver\aabed2.sys
  c:\windows\PFRO.log
  c:\windows\pkunzip.pif
  c:\windows\pkzip.pif
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2011-11-05 to 2011-12-05 ))))))))))))))))))))))))))))))
  .
  .
  2011-12-05 14:40 . 2011-12-05 14:40 ——– d—–w- c:\users\Yvon\AppData\Local\temp
  2011-12-05 14:40 . 2011-12-05 14:40 ——– d—–w- c:\users\Default\AppData\Local\temp
  2011-12-04 15:15 . 2011-12-04 15:15 56200 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF49C8E5-3B8F-4AA2-A7EE-46FFFEE312CC}\offreg.dll
  2011-12-04 10:16 . 2011-12-04 10:16 ——– d—–w- c:\users\Joep\AppData\Roaming\Malwarebytes
  2011-12-04 10:15 . 2011-12-04 10:15 ——– d—–w- c:\programdata\Malwarebytes
  2011-12-04 10:15 . 2011-12-04 10:16 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
  2011-12-04 10:15 . 2011-08-31 16:00 22216 —-a-w- c:\windows\system32\drivers\mbam.sys
  2011-12-03 15:40 . 2011-11-21 10:47 6823496 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF49C8E5-3B8F-4AA2-A7EE-46FFFEE312CC}\mpengine.dll
  2011-12-03 15:27 . 2009-05-20 05:22 1872192 —-a-w- c:\windows\system32\drivers\cmudax3.sys
  2011-12-03 15:27 . 2007-02-27 09:30 36864 —-a-w- c:\windows\system32\cmudax3.DLL
  2011-12-03 15:27 . 2009-04-09 03:23 299008 —-a-r- c:\windows\system32\CmiInstallResAll.dll
  2011-12-03 15:27 . 2006-10-06 18:47 319968 —-a-r- c:\windows\difxapi.dll
  2011-11-28 20:42 . 2002-07-19 09:56 270336 —-a-w- c:\windows\system32\SFMS32.DLL
  2011-11-28 20:42 . 2001-08-17 13:35 36864 —-a-w- c:\windows\system32\SFMAN32.DLL
  2011-11-28 20:42 . 2002-07-19 10:07 53248 —-a-w- c:\windows\system32\AC3API.DLL
  2011-11-28 20:42 . 2002-07-19 09:43 65536 —-a-w- c:\windows\system32\A3D.DLL
  2011-11-28 20:41 . 1999-12-17 00:00 6752 ——w- c:\windows\system32\PFMODNT.SYS
  2011-11-28 14:03 . 2011-11-28 14:03 ——– d—–w- c:\users\Joep\AppData\Roaming\Creative
  2011-11-28 13:58 . 2011-11-28 20:02 ——– d—–w- c:\program files\Common Files\Creative
  2011-11-28 13:58 . 2011-11-28 20:24 ——– d—–w- c:\program files\Creative Installation Information
  2011-11-28 13:43 . 2011-11-28 14:07 ——– d—–w- c:\programdata\Creative
  2011-11-28 13:41 . 2011-11-29 19:08 ——– d—–w- c:\program files\Creative
  2011-11-09 18:10 . 2011-09-29 16:03 1290608 —-a-w- c:\windows\system32\drivers\tcpip.sys
  2011-11-09 18:10 . 2011-10-01 04:37 708608 —-a-w- c:\program files\Common Files\System\wab32.dll
  2011-11-09 18:10 . 2011-09-29 03:37 2341888 —-a-w- c:\windows\system32\win32k.sys
  2011-11-08 20:16 . 2011-11-08 20:17 ——– d—–w- c:\program files\Microsoft IntelliPoint
  2011-11-08 20:10 . 2011-11-08 20:10 ——– d—–w- c:\program files\Microsoft IntelliType Pro
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2011-11-14 21:50 . 2011-05-20 18:29 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  2011-10-30 14:10 . 2011-10-30 14:10 53248 —-a-r- c:\users\Joep\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
  2011-10-18 13:32 . 2011-01-12 16:21 150856 —-a-w- c:\windows\system32\mfevtps.exe
  2011-10-15 12:16 . 2011-01-12 16:22 9608 —-a-w- c:\windows\system32\drivers\mfeclnk.sys
  2011-10-15 12:16 . 2011-01-12 16:21 87656 —-a-w- c:\windows\system32\drivers\mferkdet.sys
  2011-10-15 12:16 . 2011-01-12 16:21 64880 —-a-w- c:\windows\system32\drivers\mfenlfk.sys
  2011-10-15 12:16 . 2011-01-12 16:21 59456 —-a-w- c:\windows\system32\drivers\mfebopk.sys
  2011-10-15 12:16 . 2011-01-12 16:21 57600 —-a-w- c:\windows\system32\drivers\cfwids.sys
  2011-10-15 12:16 . 2011-01-12 16:21 464176 —-a-w- c:\windows\system32\drivers\mfehidk.sys
  2011-10-15 12:16 . 2011-01-12 16:21 338176 —-a-w- c:\windows\system32\drivers\mfefirek.sys
  2011-10-15 12:16 . 2011-01-12 16:21 180816 —-a-w- c:\windows\system32\drivers\mfeavfk.sys
  2011-10-15 12:16 . 2011-01-12 16:21 165680 —-a-w- c:\windows\system32\drivers\mfewfpk.sys
  2011-10-15 12:16 . 2011-01-12 16:21 121256 —-a-w- c:\windows\system32\drivers\mfeapfk.sys
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
  "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]
  "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DevconDefaultDB"="c:\windows\READREG" [X]
  "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
  "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
  "NVRaidService"="c:\windows\system32\nvraidservice.exe" [2009-06-30 163872]
  "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1318552]
  "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
  "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152]
  "IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
  "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
  "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
  "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-11-15 36760]
  "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-11-15 821144]
  "QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2005-11-30 77892]
  "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
  "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
  "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
  "AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
  "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-18 98304]
  "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 1505144]
  "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 1468256]
  "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
  @=""
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
  @=""
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
  2003-11-28 01:41 733184 —-a-w- c:\program files\Corel\Corel Graphics 12\Languages\NL\Programs\registration.exe
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 23040]
  R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [x]
  R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [2010-02-12 57840]
  R3 kxwdmdrv;kX WDM Driver Service;c:\windows\system32\drivers\kx.sys [x]
  R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-15 87656]
  R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
  R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
  R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
  R3 SymSnapService;SymSnapService;c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [x]
  R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
  R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
  R3 UCORESYS;UCORESYS;c:\td\Bios\BIOS_R01-B4\UCORESYS.SYS [x]
  R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
  R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-09 1343400]
  S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-10-15 165680]
  S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-10-15 64880]
  S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
  S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-18 172032]
  S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
  S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
  S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
  S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 214904]
  S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 160608]
  S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-18 150856]
  S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-10-15 57600]
  S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2009-11-05 22392]
  S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
  S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-10-15 338176]
  S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
  .
  .
  — Andere Services/Drivers In Geheugen —
  .
  *NewlyCreated* - 38942115
  *Deregistered* - 38942115
  *Deregistered* - mfeavfk01
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
  WindowsMobile REG_MULTI_SZ wcescomm rapimgr
  LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2011-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-720531506-3794076317-1602043091-1003Core.job
  - c:\users\Yvon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 12:00]
  .
  2011-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-720531506-3794076317-1602043091-1003UA.job
  - c:\users\Yvon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 12:00]
  .
  .
  ——- Bijkomende Scan ——-
  .
  uStart Page = hxxp://www.google.nl/
  uInternet Settings,ProxyOverride = *.local
  IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
  IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
  IE: LastPass Invulformulieren - file://c:\users\Joep\AppData\Roaming\LastPass\context.html?cmd=fillforms
  IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
  Trusted Zone: internet
  Trusted Zone: mcafee.com
  TCP: DhcpNameServer = 213.197.28.3 213.197.30.28
  .
  - - - - ORPHANS VERWIJDERD - - - -
  .
  HKCU-Run-SetDefaultMIDI - MIDIDef.exe
  .
  .
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_USERS\S-1-5-21-720531506-3794076317-1602043091-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
  @Denied: (2) (LocalSystem)
  "Progid"="WindowsLiveMail.Email.1"
  .
  [HKEY_USERS\S-1-5-21-720531506-3794076317-1602043091-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
  @Denied: (2) (LocalSystem)
  "Progid"="WindowsLiveMail.VCard.1"
  .
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  Voltooingstijd: 2011-12-05 15:45:29
  ComboFix-quarantined-files.txt 2011-12-05 14:45
  .
  Pre-Run: 946.307.227.648 bytes beschikbaar
  Post-Run: 948.268.679.168 bytes beschikbaar
  .
  - - End Of File - - FC403B1B2DE1ABCA782CEBF00FBD864D
 • Logs zien er goed uit.

  [b:887846e872]Doe de ESET online scan (Klik).[/b:887846e872]
  [list:887846e872]
  [*:887846e872]Klik op de knop [b:887846e872]ESET Online Scanner[/b:887846e872]
  [*:887846e872]Zet een vinkje bij [b:887846e872]YES, I accept the Terms of Use[/b:887846e872]
  [*:887846e872]Klik op [b:887846e872]Start[/b:887846e872]
  [*:887846e872]Sta het ActiveX control toe om te installeren.
  [*:887846e872]Zet een vinkje bij de volgende opties:
  [list:887846e872][*:887846e872][b:887846e872]Remove found threats[/b:887846e872]
  [*:887846e872][b:887846e872]Scan archives[/b:887846e872][/list:u:887846e872]
  [*:887846e872]Klik vervolgens op [b:887846e872]
 • Zo, die ESET-scan had wel even tijd nodig. Maar goed, wèl met resultaat; er is één bestand gevonden dat in quarantaine is gezet. Het logbestand:

  D:\KANTOOR\Backup Set 2011-10-03 151536\Backup Files 2011-10-03 151536\Backup files 5.zip HTML/Refresh.AU trojan deleted - quarantined

  Zou dit de oorzaak kunnen zijn van het steeds niet af kunnen maken van de backup?
 • Dat is een goede vraag, waar ik geen antwoord op heb.

  In welk bestandssysteem is de back-uppartitie geformaatteerd?
  FAT32 of NTFS?

  En verwijder die back-up waarin het virus is gevonden, die back-up is niet meer te vertrouwen!
 • De backuppartitie is als NTFS geformatteerd.

  Ik ga zometeen idd de backup die er nu staat verwijderen, dat lijkt me een goed plan.

  Wat ik me nog bedenk: ga ik straks bij de eerstvolgende backup die ik ga draaien niet opnieuw last krijgen van het bestand dat de ESET-scan (op de C-partitie) in quarantaine heeft gezet?
 • Wacht nog even met een nieuwe back-up te maken!

  We gaan namelijk eerst opruimen en onderzoeken of jouw Windows goed is beveiligd!

 • Oeps, te laat; ik had alweer een backup gemaakt. En helaas wederom met dezelfde foutmelding als waar het hele verhaal mee begon …

  Maar goed, ook die backup weer weggegooid. En verder heb ik:
  - TDSSKiller verwijderd
  - ComboFix verwijderd
  - TFC gedraaid
  - Security Check uit laten voeren, waarvan hieronder de resultaten:

  Results of screen317's Security Check version 0.99.28
  Windows 7 Service Pack 1 x86 (UAC is enabled)
  Internet Explorer 9
  [b:d3db417149]``````````````````````````````
  [u:d3db417149]Antivirus/Firewall Check:[/u:d3db417149][/b:d3db417149]
  ESET Online Scanner v3
  McAfee AntiVirus Plus
  [size=1:d3db417149]WMI entry may not exist for antivirus; attempting automatic update.[/size:d3db417149]
  [b:d3db417149]```````````````````````````````
  [u:d3db417149]Anti-malware/Other Utilities Check:[/u:d3db417149][/b:d3db417149]
  Malwarebytes' Anti-Malware
  Adobe Reader X (10.1.1)
  [b:d3db417149]````````````````````````````````
  Process Check:
  [u:d3db417149]objlist.exe by Laurent[/u:d3db417149][/b:d3db417149]
  Malwarebytes' Anti-Malware mbamservice.exe
  Malwarebytes' Anti-Malware mbamgui.exe
  [b:d3db417149]``````````End of Log````````````[/b:d3db417149]

  Wat denk je, nu nog maar eens een backup proberen te maken?
 • Hallo Joep, hoe lang zit jij nog aan McAfee vast?
  En weet je al wat je daarna gaat gebruiken?

  Ik ga ervan uit dat er ook een Flashplayer in jouw Windows zit.
  Want je gaat toch ook naar YouTube?


  Er zijn twee onderdelen in Windows, die altijd de nieuwste versie dienen te zijn en dat zijn Java runtime en Adobe Flash Player.
  Waarom: in die nieuwste versies zijn altijd de ontdekte veiligheidsrisico's uitverbeterd en ook dat vaak het tool zelf beter funktioneert!

  Wat mij zelf opgevallen is, dat update je de Flash Player, dan bijft de oude versie ook geïnstalleerd en dat is niet de bedoeling!

  Ten behoeve van Flash Player in Windows:

  ga nu eerst naar Configuratiescherm
  [list:ab0abe96c8][*:ab0abe96c8][b:ab0abe96c8]Software[/b:ab0abe96c8] - Windows 2000/Windows XP
  [*:ab0abe96c8][b:ab0abe96c8]Programma's en onderdelen[/b:ab0abe96c8] - Windows Vista en Windows 7[/list:u:ab0abe96c8]

  en verwijder daar vervolgens [b:ab0abe96c8]Adobe Flashplayer Active X…..[/b:ab0abe96c8]

  ga vervolgens met Internet Explorer naar http://get.adobe.com/nl/flashplayer/ om de nieuwste Flasplayer te laten installeren;
  (wil je de [b:ab0abe96c8]Gratis Google Toolbar (optioneel) (2,12 MB)[/b:ab0abe96c8] niet erbij hebben, haal dan eerst het vinkje weg!).


  [b:ab0abe96c8]Belangrijk[/b:ab0abe96c8]: gebruik je ook andere browsers dan verwijder je eerst via dezelfde weg de [b:ab0abe96c8]Adobe Flashplayer Plugins[/b:ab0abe96c8] en daarna gebruik je dan die andere browsers telkens via hetzelfde internetadres om de nieuwste Flashplayer Plugins te downloaden en na afsluiten van de betreffende browser de nieuwe plugin te installeren!
 • Op zich zit ik niet vast aan McAfee, maar een voordeel ervan is dat ik het gratis krijg verstrekt via mijn werk. Ik proef uit je vraag echter dat jouw voorkeur naar een andere virusscanner uitgaat? Zelf heb ik geen uitgesproken voorkeur; de enige voorwaarde die ik eigenlijk stel is dat ik er niet al te veel 'last' van wil hebben tijdens normaal gebruik. Ja oke, en dat het een goede scanner is natuurlijk :)

  Ik heb mijn versie van FlashPlayer gecontroleerd; dat is de meest recente die er is, dus geen probleem daar.

  Wat denk je, zal ik nog maar eens een poging wagen om een backup te maken nu alles schoon gepoetst is?
 • McAfee is nu eenmaal niet de betrouwbaarste antivirussoftware.
  Er zijn meerdere gratis antivirusprogramma's met een veel betere virusherkenning.

  Wil je McAfee blijven gebruiken, draai dan 1x maandelijks de Eset Online scan!

  En ja, een back-up kan je zondedr probleem maken!
 • Hmmm, backup gedraaid en opnieuw geeft deze de foutmelding waar het hele verhaal mee begon … :cry:
  Ik ga geloof ik nog maar een keer mijn geluk beproeven bij het Windows forum.
  In elk geval bedankt voor je moeite en het meedenken!
 • Doe dan eerst eens het volgende:

  [b:ca13ddc6e1]Welk programma[/b:ca13ddc6e1]: CrystalDiskInfo
  [b:ca13ddc6e1]Waarvoor/waarom[/b:ca13ddc6e1]: controle van van SMART-gegevens van de harddisk(s)
  [b:ca13ddc6e1]Moeilijkheidsgraad[/b:ca13ddc6e1]: geen.
  [b:ca13ddc6e1]Download CrystalDiskInfo[/b:ca13ddc6e1] [b:ca13ddc6e1]hier[/b:ca13ddc6e1]


  [img:ca13ddc6e1]http://www.imgdumper.nl/uploads4/4df870efec9f5/4df870efeba86-CrystalDiskInfo.png[/img:ca13ddc6e1]


  Installeer het tool en start vervolgens CrystalDiskInfo

  Het tool leest daarop de SMART-gegevens van de aangesloten harddisks.
  Is de kleur Blauw - dan volledig gezond.
  Is de kleur Geel - dan zijn er problemen.
  Is de kleur Rood - dan de HD z.s.m. vervangen.

  Bij SSD's wordt ook de gezondheidstoestand van de SSD's vermeld (Health)
 • CrystalDiskInfo gedraaid: alles is blauw, dus dat ziet er goed uit.
  Toch maar de gang naar het Windows-forum weer maken?
 • Hoe groot is de partitie, waar jij de back-up naar toe laat schrijven?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.