Vraag & Antwoord

Beveiliging & privacy

Maljava.trojan gevonden door Norton en laptop wordt erg warm

Anoniem
None
18 antwoorden
 • Hoi,

  De laptop van mijn zoon wordt erg warm en schakelt dan zelf uit, ook is deze de laatste weken erg langzaam geworden. Norton vond het Maljava.trojan bestand en heeft dit in quarantaine gezet.

  De laptop is helemaal uit elkaar gehaald om vuil en stof te verwijderen maar dit hielp niets.
  We hebben inmiddels een aantal programma's verwijderd en de HP hersteltool laten draaien. Ook heb ik nu de laatste java update erop gezet.

  Om helemaal zeker te zijn dat het nu opgeruimd is vraag ik jullie hulp. Wat kan ik nog meer doen om deze 1,5 jaar oude HP laptop te redden?

  Hieronder mijn eerste HijackThis logfile:


  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 14:29:04, on 21-1-2012
  Platform: Windows 7 SP1 (WinNT 6.00.3505)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
  C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/7
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hyves.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/7
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/7
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
  R3 - URLSearchHook: (no name) - {6d8d66f3-14fc-4736-a096-fac0ea66289c} - (no file)
  F2 - REG:system.ini: UserInit=userinit.exe
  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
  O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
  O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
  O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
  O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
  O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
  O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
  O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
  O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
  O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
  O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


  End of file - 10581 bytes
 • Hallo Iggy,

  [b:6ec8dcb792]ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:6ec8dcb792]
 • Hoi Abraham,
  Dank voor je snelle reactie.
  Ik heb alle stappen uitgevoerd. Hieronder de 2 log files.
  Malwarebytes heeft niets gevonden. Inmiddels wordt de laptop alweer aardig warm

  Ik ben benieuwd wat ik hierna moet doen en hoor graag weer van je.
  gr. Iggy


  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 16:35:33, on 21-1-2012
  Platform: Windows 7 SP1 (WinNT 6.00.3505)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Program Files (x86)\Internet Explorer\iexplore.exe
  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
  C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/7
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hyves.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/7
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/7
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  F2 - REG:system.ini: UserInit=userinit.exe
  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
  O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
  O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
  O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
  O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
  O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
  O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
  O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
  O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
  O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


  End of file - 10291 bytes


  Malwarebytes Anti-Malware 1.60.0.1800
  www.malwarebytes.org

  Databaseversie: v2012.01.21.01

  Windows 7 Service Pack 1 x64 NTFS
  Internet Explorer 9.0.8112.16421
  Luc :: LUC-PC [administrator]

  21-1-2012 16:20:48
  mbam-log-2012-01-21 (16-20-48).txt

  Scantype: Snelle scan
  Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
  Uitgeschakelde scanopties: P2P
  Objecten gescand: 188438
  Verstreken tijd: 8 minuut/minuten, 2 seconde(n)

  Geheugenprocessen gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Mappen gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  (einde)
 • Ziet er al goed uit, toch gaan we dieper kijken!

  [b:340ecfab3b]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:340ecfab3b]
 • Hoi Abraham,

  Ik heb stap 1 uitgevoerd en kreeg het volgend logbestand.
  Bij het downloaden van stap 2 verwijderde Norton het bestand wat we hadden gedownload naar het bureaublad. Ook Windows gaf aan dit bestand niet te willen uitvoeren.

  Op dit moment zijn we bij vrienden op visite en kunnen we ons niet genoeg hierop concentreren. We gaan morgen weer verder.

  Hoe moeten we dan stap 2 wel downloaden zonder dat Norton zegt dat dit een virus bevat?

  gr. Iggy


  17:03:22.0980 3828 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
  17:03:22.0980 3828 ============================================================
  17:03:22.0980 3828 Current date / time: 2012/01/21 17:03:22.0980
  17:03:22.0980 3828 SystemInfo:
  17:03:22.0980 3828
  17:03:22.0980 3828 OS Version: 6.1.7601 ServicePack: 1.0
  17:03:22.0980 3828 Product type: Workstation
  17:03:22.0980 3828 ComputerName: LUC-PC
  17:03:22.0980 3828 UserName: Luc
  17:03:22.0980 3828 Windows directory: C:\Windows
  17:03:22.0980 3828 System windows directory: C:\Windows
  17:03:22.0980 3828 Running under WOW64
  17:03:22.0980 3828 Processor architecture: Intel x64
  17:03:22.0980 3828 Number of processors: 1
  17:03:22.0980 3828 Page size: 0x1000
  17:03:22.0980 3828 Boot type: Normal boot
  17:03:22.0980 3828 ============================================================
  17:03:26.0506 3828 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
  17:03:26.0802 3828 Initialize success
  17:03:26.0880 4876 ============================================================
  17:03:26.0880 4876 Scan started
  17:03:26.0880 4876 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
  17:03:26.0880 4876 ============================================================
  17:03:29.0797 4876 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
  17:03:29.0984 4876 1394ohci - ok
  17:03:30.0156 4876 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
  17:03:30.0172 4876 ACPI - ok
  17:03:30.0281 4876 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
  17:03:30.0437 4876 AcpiPmi - ok
  17:03:30.0608 4876 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
  17:03:30.0702 4876 adp94xx - ok
  17:03:30.0842 4876 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
  17:03:30.0905 4876 adpahci - ok
  17:03:30.0952 4876 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
  17:03:30.0998 4876 adpu320 - ok
  17:03:31.0108 4876 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
  17:03:31.0232 4876 AFD - ok
  17:03:31.0544 4876 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
  17:03:31.0700 4876 AgereSoftModem - ok
  17:03:31.0810 4876 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
  17:03:31.0872 4876 agp440 - ok
  17:03:32.0106 4876 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
  17:03:32.0184 4876 aliide - ok
  17:03:32.0293 4876 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
  17:03:32.0371 4876 amdide - ok
  17:03:32.0527 4876 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
  17:03:32.0683 4876 AmdK8 - ok
  17:03:32.0746 4876 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
  17:03:32.0839 4876 AmdPPM - ok
  17:03:33.0089 4876 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
  17:03:33.0136 4876 amdsata - ok
  17:03:33.0182 4876 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
  17:03:33.0214 4876 amdsbs - ok
  17:03:33.0307 4876 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
  17:03:33.0338 4876 amdxata - ok
  17:03:33.0448 4876 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
  17:03:34.0150 4876 AppID - ok
  17:03:34.0368 4876 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
  17:03:34.0430 4876 arc - ok
  17:03:34.0524 4876 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
  17:03:34.0555 4876 arcsas - ok
  17:03:34.0664 4876 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
  17:03:35.0008 4876 AsyncMac - ok
  17:03:35.0132 4876 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
  17:03:35.0164 4876 atapi - ok
  17:03:35.0460 4876 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
  17:03:46.0692 4876 athr - ok
  17:03:47.0051 4876 AtiHdmiService (3b9014fb7ce9e20fd726321c7db7d8b0) C:\Windows\system32\drivers\AtiHdmi.sys
  17:03:47.0129 4876 AtiHdmiService - ok
  17:03:47.0924 4876 atikmdag (a29087680a1c3b049e3c05438e8ff2b8) C:\Windows\system32\DRIVERS\atikmdag.sys
  17:03:48.0455 4876 atikmdag - ok
  17:03:48.0736 4876 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
  17:03:48.0767 4876 AtiPcie - ok
  17:03:49.0001 4876 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
  17:03:49.0266 4876 b06bdrv - ok
  17:03:49.0438 4876 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
  17:03:49.0562 4876 b57nd60a - ok
  17:03:49.0750 4876 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
  17:03:49.0859 4876 Beep - ok
  17:03:50.0124 4876 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111223.001\BHDrvx64.sys
  17:03:50.0218 4876 BHDrvx64 - ok
  17:03:50.0342 4876 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
  17:03:50.0405 4876 blbdrive - ok
  17:03:50.0436 4876 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
  17:03:50.0514 4876 bowser - ok
  17:03:50.0623 4876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
  17:03:50.0748 4876 BrFiltLo - ok
  17:03:50.0795 4876 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
  17:03:50.0857 4876 BrFiltUp - ok
  17:03:50.0935 4876 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
  17:03:51.0029 4876 Brserid - ok
  17:03:51.0107 4876 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
  17:03:51.0185 4876 BrSerWdm - ok
  17:03:51.0325 4876 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
  17:03:51.0450 4876 BrUsbMdm - ok
  17:03:51.0575 4876 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
  17:03:51.0653 4876 BrUsbSer - ok
  17:03:51.0778 4876 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys
  17:03:52.0261 4876 BthAvrcp - ok
  17:03:52.0370 4876 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
  17:03:52.0542 4876 BthEnum - ok
  17:03:52.0682 4876 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
  17:03:52.0745 4876 BTHMODEM - ok
  17:03:52.0823 4876 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
  17:03:53.0010 4876 BthPan - ok
  17:03:53.0119 4876 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
  17:03:53.0213 4876 BTHPORT - ok
  17:03:53.0369 4876 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
  17:03:53.0447 4876 BTHUSB - ok
  17:03:53.0650 4876 ccHP (37f1baec39b505b3b51893a35c8337ea) C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
  17:03:53.0712 4876 ccHP - ok
  17:03:53.0852 4876 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
  17:03:53.0993 4876 cdfs - ok
  17:03:54.0180 4876 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
  17:03:54.0227 4876 cdrom - ok
  17:03:54.0336 4876 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
  17:03:54.0414 4876 circlass - ok
  17:03:54.0586 4876 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
  17:03:54.0632 4876 CLFS - ok
  17:03:54.0788 4876 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
  17:03:54.0913 4876 CmBatt - ok
  17:03:54.0976 4876 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
  17:03:55.0022 4876 cmdide - ok
  17:03:55.0210 4876 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
  17:03:55.0272 4876 CNG - ok
  17:03:55.0444 4876 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
  17:03:55.0522 4876 Compbatt - ok
  17:03:55.0600 4876 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
  17:03:55.0724 4876 CompositeBus - ok
  17:03:55.0880 4876 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
  17:03:56.0036 4876 crcdisk - ok
  17:03:56.0208 4876 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
  17:03:56.0348 4876 DfsC - ok
  17:03:56.0411 4876 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
  17:03:56.0489 4876 discache - ok
  17:03:56.0660 4876 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
  17:03:56.0692 4876 Disk - ok
  17:03:56.0801 4876 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
  17:03:56.0879 4876 Dot4 - ok
  17:03:57.0035 4876 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
  17:03:57.0097 4876 Dot4Print - ok
  17:03:57.0175 4876 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
  17:03:57.0238 4876 dot4usb - ok
  17:03:57.0362 4876 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
  17:03:57.0394 4876 drmkaud - ok
  17:03:57.0487 4876 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
  17:03:57.0534 4876 DXGKrnl - ok
  17:03:57.0924 4876 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
  17:03:58.0127 4876 ebdrv - ok
  17:03:58.0283 4876 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
  17:03:58.0361 4876 eeCtrl - ok
  17:03:58.0486 4876 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
  17:03:58.0564 4876 elxstor - ok
  17:03:58.0704 4876 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
  17:03:58.0782 4876 EraserUtilRebootDrv - ok
  17:03:58.0876 4876 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
  17:03:58.0969 4876 ErrDev - ok
  17:03:59.0032 4876 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
  17:03:59.0203 4876 exfat - ok
  17:03:59.0297 4876 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
  17:03:59.0390 4876 fastfat - ok
  17:03:59.0468 4876 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
  17:03:59.0546 4876 fdc - ok
  17:03:59.0687 4876 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
  17:03:59.0718 4876 FileInfo - ok
  17:03:59.0749 4876 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
  17:03:59.0905 4876 Filetrace - ok
  17:03:59.0952 4876 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
  17:04:00.0046 4876 flpydisk - ok
  17:04:00.0139 4876 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
  17:04:00.0155 4876 FltMgr - ok
  17:04:00.0202 4876 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
  17:04:00.0217 4876 FsDepends - ok
  17:04:00.0248 4876 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
  17:04:00.0295 4876 Fs_Rec - ok
  17:04:00.0373 4876 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
  17:04:00.0420 4876 fvevol - ok
  17:04:00.0482 4876 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
  17:04:00.0545 4876 gagp30kx - ok
  17:04:00.0654 4876 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
  17:04:00.0716 4876 hamachi - ok
  17:04:00.0810 4876 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
  17:04:00.0966 4876 hcw85cir - ok
  17:04:01.0060 4876 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
  17:04:01.0122 4876 HdAudAddService - ok
  17:04:01.0231 4876 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
  17:04:01.0309 4876 HDAudBus - ok
  17:04:01.0340 4876 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
  17:04:01.0403 4876 HidBatt - ok
  17:04:01.0543 4876 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
  17:04:01.0652 4876 HidBth - ok
  17:04:01.0652 4876 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
  17:04:01.0762 4876 HidIr - ok
  17:04:01.0933 4876 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
  17:04:01.0980 4876 HidUsb - ok
  17:04:02.0027 4876 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
  17:04:02.0120 4876 HpqKbFiltr - ok
  17:04:02.0230 4876 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
  17:04:02.0292 4876 HpSAMD - ok
  17:04:02.0432 4876 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
  17:04:02.0542 4876 HTTP - ok
  17:04:02.0729 4876 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
  17:04:02.0807 4876 hwpolicy - ok
  17:04:02.0994 4876 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
  17:04:03.0056 4876 i8042prt - ok
  17:04:03.0134 4876 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
  17:04:03.0166 4876 iaStorV - ok
  17:04:03.0415 4876 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120120.002\IDSvia64.sys
  17:04:03.0478 4876 IDSVia64 - ok
  17:04:03.0758 4876 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
  17:04:04.0008 4876 igfx - ok
  17:04:04.0102 4876 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
  17:04:04.0164 4876 iirsp - ok
  17:04:04.0211 4876 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
  17:04:04.0242 4876 intelide - ok
  17:04:04.0289 4876 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
  17:04:04.0367 4876 intelppm - ok
  17:04:04.0632 4876 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
  17:04:04.0757 4876 IpFilterDriver - ok
  17:04:04.0882 4876 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
  17:04:05.0006 4876 IPMIDRV - ok
  17:04:05.0069 4876 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
  17:04:05.0318 4876 IPNAT - ok
  17:04:05.0428 4876 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
  17:04:05.0615 4876 IRENUM - ok
  17:04:05.0755 4876 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
  17:04:05.0818 4876 isapnp - ok
  17:04:05.0880 4876 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
  17:04:05.0927 4876 iScsiPrt - ok
  17:04:05.0974 4876 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
  17:04:06.0005 4876 kbdclass - ok
  17:04:06.0145 4876 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
  17:04:06.0254 4876 kbdhid - ok
  17:04:06.0301 4876 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
  17:04:06.0364 4876 KSecDD - ok
  17:04:06.0379 4876 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
  17:04:06.0410 4876 KSecPkg - ok
  17:04:06.0629 4876 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
  17:04:06.0878 4876 ksthunk - ok
  17:04:06.0956 4876 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
  17:04:07.0190 4876 lltdio - ok
  17:04:07.0237 4876 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
  17:04:07.0268 4876 LSI_FC - ok
  17:04:07.0315 4876 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
  17:04:07.0362 4876 LSI_SAS - ok
  17:04:07.0440 4876 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
  17:04:07.0518 4876 LSI_SAS2 - ok
  17:04:07.0596 4876 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
  17:04:07.0627 4876 LSI_SCSI - ok
  17:04:07.0721 4876 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
  17:04:12.0510 4876 luafv - ok
  17:04:12.0635 4876 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
  17:04:12.0682 4876 megasas - ok
  17:04:12.0775 4876 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
  17:04:12.0806 4876 MegaSR - ok
  17:04:12.0884 4876 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
  17:04:13.0321 4876 Modem - ok
  17:04:13.0540 4876 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
  17:04:13.0586 4876 monitor - ok
  17:04:13.0664 4876 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
  17:04:13.0711 4876 mouclass - ok
  17:04:13.0820 4876 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
  17:04:13.0867 4876 mouhid - ok
  17:04:13.0930 4876 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
  17:04:13.0992 4876 mountmgr - ok
  17:04:14.0070 4876 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
  17:04:14.0101 4876 mpio - ok
  17:04:14.0226 4876 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
  17:04:14.0382 4876 mpsdrv - ok
  17:04:14.0429 4876 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
  17:04:14.0694 4876 MRxDAV - ok
  17:04:14.0866 4876 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
  17:04:14.0944 4876 mrxsmb - ok
  17:04:15.0115 4876 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
  17:04:15.0178 4876 mrxsmb10 - ok
  17:04:15.0458 4876 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
  17:04:15.0505 4876 mrxsmb20 - ok
  17:04:15.0536 4876 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
  17:04:15.0599 4876 msahci - ok
  17:04:15.0880 4876 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
  17:04:15.0926 4876 msdsm - ok
  17:04:16.0036 4876 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
  17:04:16.0098 4876 Msfs - ok
  17:04:16.0348 4876 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
  17:04:16.0550 4876 mshidkmdf - ok
  17:04:16.0847 4876 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
  17:04:16.0909 4876 msisadrv - ok
  17:04:17.0034 4876 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
  17:04:17.0112 4876 MSKSSRV - ok
  17:04:17.0549 4876 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
  17:04:17.0705 4876 MSPCLOCK - ok
  17:04:18.0188 4876 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
  17:04:18.0344 4876 MSPQM - ok
  17:04:18.0563 4876 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
  17:04:18.0594 4876 MsRPC - ok
  17:04:18.0656 4876 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
  17:04:18.0688 4876 mssmbios - ok
  17:04:18.0937 4876 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
  17:04:19.0031 4876 MSTEE - ok
  17:04:19.0109 4876 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
  17:04:19.0156 4876 MTConfig - ok
  17:04:19.0374 4876 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
  17:04:19.0421 4876 Mup - ok
  17:04:19.0561 4876 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
  17:04:19.0655 4876 NativeWifiP - ok
  17:04:19.0842 4876 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120120.035\ENG64.SYS
  17:04:19.0936 4876 NAVENG - ok
  17:04:20.0154 4876 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120120.035\EX64.SYS
  17:04:20.0232 4876 NAVEX15 - ok
  17:04:20.0372 4876 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
  17:04:20.0419 4876 NDIS - ok
  17:04:20.0482 4876 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
  17:04:20.0560 4876 NdisCap - ok
  17:04:20.0669 4876 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
  17:04:20.0747 4876 NdisTapi - ok
  17:04:20.0809 4876 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
  17:04:20.0903 4876 Ndisuio - ok
  17:04:20.0965 4876 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
  17:04:21.0028 4876 NdisWan - ok
  17:04:21.0152 4876 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
  17:04:21.0277 4876 NDProxy - ok
  17:04:21.0340 4876 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
  17:04:21.0418 4876 NetBIOS - ok
  17:04:21.0511 4876 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
  17:04:21.0605 4876 NetBT - ok
  17:04:21.0839 4876 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
  17:04:21.0995 4876 netw5v64 - ok
  17:04:22.0104 4876 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
  17:04:22.0135 4876 nfrd960 - ok
  17:04:22.0213 4876 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
  17:04:22.0276 4876 Npfs - ok
  17:04:22.0432 4876 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
  17:04:22.0541 4876 nsiproxy - ok
  17:04:22.0634 4876 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
  17:04:22.0697 4876 Ntfs - ok
  17:04:22.0853 4876 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
  17:04:22.0962 4876 Null - ok
  17:04:22.0993 4876 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
  17:04:23.0024 4876 nvraid - ok
  17:04:23.0056 4876 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
  17:04:23.0087 4876 nvstor - ok
  17:04:23.0243 4876 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
  17:04:23.0274 4876 nv_agp - ok
  17:04:23.0430 4876 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
  17:04:23.0555 4876 ohci1394 - ok
  17:04:24.0584 4876 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
  17:04:24.0647 4876 Parport - ok
  17:04:24.0818 4876 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
  17:04:24.0850 4876 partmgr - ok
  17:04:25.0130 4876 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
  17:04:25.0162 4876 pci - ok
  17:04:25.0427 4876 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
  17:04:25.0489 4876 pciide - ok
  17:04:25.0630 4876 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
  17:04:25.0692 4876 pcmcia - ok
  17:04:25.0739 4876 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
  17:04:25.0786 4876 pcw - ok
  17:04:25.0864 4876 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
  17:04:25.0973 4876 PEAUTH - ok
  17:04:26.0238 4876 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
  17:04:26.0332 4876 PptpMiniport - ok
  17:04:26.0410 4876 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
  17:04:26.0456 4876 Processor - ok
  17:04:26.0597 4876 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
  17:04:26.0659 4876 Psched - ok
  17:04:26.0753 4876 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
  17:04:26.0831 4876 ql2300 - ok
  17:04:26.0956 4876 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
  17:04:27.0002 4876 ql40xx - ok
  17:04:27.0034 4876 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
  17:04:27.0112 4876 QWAVEdrv - ok
  17:04:27.0190 4876 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
  17:04:27.0252 4876 RasAcd - ok
  17:04:27.0346 4876 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
  17:04:27.0408 4876 RasAgileVpn - ok
  17:04:27.0548 4876 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
  17:04:27.0658 4876 Rasl2tp - ok
  17:04:27.0720 4876 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
  17:04:27.0860 4876 RasPppoe - ok
  17:04:28.0063 4876 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
  17:04:28.0157 4876 RasSstp - ok
  17:04:28.0360 4876 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
  17:04:28.0422 4876 rdbss - ok
  17:04:28.0469 4876 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
  17:04:28.0547 4876 rdpbus - ok
  17:04:28.0703 4876 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
  17:04:28.0781 4876 RDPCDD - ok
  17:04:28.0796 4876 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
  17:04:28.0890 4876 RDPENCDD - ok
  17:04:28.0937 4876 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
  17:04:28.0999 4876 RDPREFMP - ok
  17:04:29.0093 4876 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
  17:04:29.0155 4876 RDPWD - ok
  17:04:29.0264 4876 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
  17:04:29.0296 4876 rdyboost - ok
  17:04:29.0467 4876 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
  17:04:29.0561 4876 RFCOMM - ok
  17:04:29.0670 4876 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
  17:04:29.0764 4876 rspndr - ok
  17:04:29.0935 4876 RSUSBSTOR (a5df2f732a6c95554e548fcb6932bd31) C:\Windows\system32\Drivers\RtsUStor.sys
  17:04:30.0091 4876 RSUSBSTOR - ok
  17:04:30.0169 4876 RTL2832UBDA (21158f0b38f1296f5d38505c43520ad4) C:\Windows\system32\drivers\RTL2832UBDA.sys
  17:04:30.0216 4876 RTL2832UBDA - ok
  17:04:30.0466 4876 RTL2832UUSB (f5d6c41fa141025b60784a273288e75f) C:\Windows\system32\Drivers\RTL2832UUSB.sys
  17:04:30.0544 4876 RTL2832UUSB - ok
  17:04:30.0793 4876 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
  17:04:30.0918 4876 RTL8167 - ok
  17:04:31.0058 4876 RtsUIR - ok
  17:04:31.0105 4876 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
  17:04:31.0183 4876 sbp2port - ok
  17:04:31.0246 4876 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
  17:04:31.0339 4876 scfilter - ok
  17:04:31.0448 4876 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
  17:04:31.0558 4876 sdbus - ok
  17:04:31.0698 4876 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
  17:04:31.0792 4876 secdrv - ok
  17:04:31.0838 4876 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
  17:04:31.0870 4876 Serenum - ok
  17:04:31.0963 4876 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
  17:04:32.0041 4876 Serial - ok
  17:04:32.0150 4876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
  17:04:32.0228 4876 sermouse - ok
  17:04:32.0291 4876 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
  17:04:32.0353 4876 sffdisk - ok
  17:04:32.0384 4876 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
  17:04:32.0447 4876 sffp_mmc - ok
  17:04:32.0494 4876 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
  17:04:32.0556 4876 sffp_sd - ok
  17:04:32.0665 4876 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
  17:04:32.0728 4876 sfloppy - ok
  17:04:32.0774 4876 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
  17:04:32.0806 4876 SiSRaid2 - ok
  17:04:32.0852 4876 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
  17:04:32.0915 4876 SiSRaid4 - ok
  17:04:33.0008 4876 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
  17:04:33.0102 4876 Smb - ok
  17:04:33.0118 4876 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
  17:04:33.0133 4876 spldr - ok
  17:04:33.0227 4876 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
  17:04:33.0227 4876 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
  17:04:33.0227 4876 sptd ( LockedFile.Multi.Generic ) - warning
  17:04:33.0227 4876 sptd - detected LockedFile.Multi.Generic (1)
  17:04:33.0336 4876 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
  17:04:33.0383 4876 SRTSP - ok
  17:04:33.0476 4876 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
  17:04:33.0508 4876 SRTSPX - ok
  17:04:33.0586 4876 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
  17:04:33.0648 4876 srv - ok
  17:04:33.0757 4876 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
  17:04:33.0820 4876 srv2 - ok
  17:04:33.0898 4876 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
  17:04:33.0991 4876 SrvHsfHDA - ok
  17:04:34.0038 4876 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
  17:04:34.0132 4876 SrvHsfV92 - ok
  17:04:34.0210 4876 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
  17:04:34.0257 4876 SrvHsfWinac - ok
  17:04:34.0366 4876 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
  17:04:34.0428 4876 srvnet - ok
  17:04:34.0522 4876 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
  17:04:34.0584 4876 stexstor - ok
  17:04:34.0693 4876 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
  17:04:34.0803 4876 STHDA - ok
  17:04:34.0896 4876 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
  17:04:34.0959 4876 StillCam - ok
  17:04:35.0005 4876 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
  17:04:35.0037 4876 swenum - ok
  17:04:35.0177 4876 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
  17:04:35.0224 4876 SymDS - ok
  17:04:35.0349 4876 SymEFA (9f5783a4a03d0091cdbdaa858b566926) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
  17:04:35.0380 4876 SymEFA - ok
  17:04:35.0427 4876 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
  17:04:35.0473 4876 SymEvent - ok
  17:04:35.0661 4876 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
  17:04:35.0848 4876 SymIRON - ok
  17:04:36.0316 4876 SYMTDIv (3adfb72f0797ae3832509fe030755e21) C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
  17:04:36.0363 4876 SYMTDIv - ok
  17:04:36.0487 4876 SynasUSB (512231ba47975f3f1a67b11f271bb49d) C:\Windows\system32\drivers\SynUSB64.sys
  17:04:36.0550 4876 SynasUSB - ok
  17:04:36.0643 4876 SynTP (929c9fa0b18ad2ebc8340591c4bf00ff) C:\Windows\system32\DRIVERS\SynTP.sys
  17:04:36.0706 4876 SynTP - ok
  17:04:36.0846 4876 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
  17:04:36.0909 4876 Tcpip - ok
  17:04:37.0033 4876 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
  17:04:37.0096 4876 TCPIP6 - ok
  17:04:37.0127 4876 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
  17:04:37.0221 4876 tcpipreg - ok
  17:04:37.0314 4876 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
  17:04:37.0423 4876 TDPIPE - ok
  17:04:37.0470 4876 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
  17:04:37.0564 4876 TDTCP - ok
  17:04:37.0626 4876 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
  17:04:37.0704 4876 tdx - ok
  17:04:37.0798 4876 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
  17:04:37.0829 4876 TermDD - ok
  17:04:37.0891 4876 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
  17:04:37.0969 4876 tssecsrv - ok
  17:04:38.0063 4876 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
  17:04:38.0110 4876 TsUsbFlt - ok
  17:04:38.0219 4876 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
  17:04:38.0281 4876 tunnel - ok
  17:04:38.0359 4876 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
  17:04:38.0406 4876 uagp35 - ok
  17:04:38.0484 4876 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
  17:04:38.0593 4876 udfs - ok
  17:04:38.0687 4876 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
  17:04:38.0734 4876 uliagpkx - ok
  17:04:38.0796 4876 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
  17:04:38.0874 4876 umbus - ok
  17:04:38.0937 4876 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
  17:04:38.0983 4876 UmPass - ok
  17:04:39.0077 4876 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
  17:04:39.0155 4876 usbccgp - ok
  17:04:39.0155 4876 USBCCID - ok
  17:04:39.0264 4876 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
  17:04:39.0358 4876 usbcir - ok
  17:04:39.0389 4876 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
  17:04:39.0451 4876 usbehci - ok
  17:04:39.0561 4876 usbfilter (44d9c773febff10593b50ddfc2d6bc27) C:\Windows\system32\DRIVERS\usbfilter.sys
  17:04:39.0592 4876 usbfilter - ok
  17:04:39.0685 4876 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
  17:04:39.0748 4876 usbhub - ok
  17:04:39.0826 4876 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
  17:04:39.0888 4876 usbohci - ok
  17:04:39.0997 4876 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
  17:04:40.0060 4876 usbprint - ok
  17:04:40.0153 4876 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
  17:04:40.0216 4876 usbscan - ok
  17:04:40.0247 4876 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
  17:04:40.0356 4876 USBSTOR - ok
  17:04:40.0434 4876 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
  17:04:40.0497 4876 usbuhci - ok
  17:04:40.0590 4876 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
  17:04:40.0653 4876 usbvideo - ok
  17:04:40.0731 4876 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
  17:04:40.0762 4876 vdrvroot - ok
  17:04:40.0809 4876 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
  17:04:40.0887 4876 vga - ok
  17:04:40.0980 4876 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
  17:04:41.0043 4876 VgaSave - ok
  17:04:41.0136 4876 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
  17:04:41.0167 4876 vhdmp - ok
  17:04:41.0214 4876 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
  17:04:41.0261 4876 viaide - ok
  17:04:41.0292 4876 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
  17:04:41.0339 4876 volmgr - ok
  17:04:41.0526 4876 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
  17:04:41.0573 4876 volmgrx - ok
  17:04:41.0651 4876 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
  17:04:41.0682 4876 volsnap - ok
  17:04:41.0729 4876 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
  17:04:41.0791 4876 vsmraid - ok
  17:04:41.0885 4876 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
  17:04:41.0947 4876 vwifibus - ok
  17:04:42.0010 4876 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
  17:04:42.0057 4876 vwififlt - ok
  17:04:42.0119 4876 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
  17:04:42.0213 4876 vwifimp - ok
  17:04:42.0244 4876 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
  17:04:42.0306 4876 WacomPen - ok
  17:04:42.0447 4876 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
  17:04:42.0556 4876 WANARP - ok
  17:04:42.0571 4876 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
  17:04:42.0649 4876 Wanarpv6 - ok
  17:04:43.0367 4876 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
  17:04:43.0461 4876 Wd - ok
  17:04:43.0757 4876 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
  17:04:43.0804 4876 Wdf01000 - ok
  17:04:44.0038 4876 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
  17:04:44.0163 4876 WfpLwf - ok
  17:04:44.0397 4876 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
  17:04:44.0443 4876 WIMMount - ok
  17:04:44.0646 4876 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
  17:04:44.0709 4876 WinUsb - ok
  17:04:44.0880 4876 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
  17:04:45.0052 4876 WmiAcpi - ok
  17:04:45.0270 4876 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
  17:04:45.0379 4876 ws2ifsl - ok
  17:04:45.0426 4876 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
  17:04:45.0489 4876 WSDPrintDevice - ok
  17:04:45.0879 4876 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
  17:04:45.0972 4876 WudfPf - ok
  17:04:46.0300 4876 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
  17:04:46.0425 4876 WUDFRd - ok
  17:04:46.0659 4876 X6va003 - ok
  17:04:46.0690 4876 X6va005 - ok
  17:04:46.0846 4876 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
  17:04:46.0924 4876 yukonw7 - ok
  17:04:46.0971 4876 MBR (0x1B8) (125b507a6644b0ba762fd2f1cdba1ba3) \Device\Harddisk0\DR0
  17:04:47.0017 4876 \Device\Harddisk0\DR0 - ok
  17:04:47.0064 4876 Boot (0x1200) (1b72e9e2fcfea04daefd3c4108e6b1ec) \Device\Harddisk0\DR0\Partition0
  17:04:47.0080 4876 \Device\Harddisk0\DR0\Partition0 - ok
  17:04:47.0095 4876 Boot (0x1200) (ce8ee302bef076aab8b05085d1461ee6) \Device\Harddisk0\DR0\Partition1
  17:04:47.0127 4876 \Device\Harddisk0\DR0\Partition1 - ok
  17:04:47.0173 4876 Boot (0x1200) (7f3b91d40a9d5209214d2bf0e651b597) \Device\Harddisk0\DR0\Partition2
  17:04:47.0236 4876 \Device\Harddisk0\DR0\Partition2 - ok
  17:04:47.0267 4876 Boot (0x1200) (f54071a557189f42871363710de288ab) \Device\Harddisk0\DR0\Partition3
  17:04:47.0345 4876 \Device\Harddisk0\DR0\Partition3 - ok
  17:04:47.0345 4876 ============================================================
  17:04:47.0345 4876 Scan finished
  17:04:47.0345 4876 ============================================================
  17:04:48.0343 3936 Deinitialize success

  ==============================================
  Last Created System Restore Point
  ==============================================
  RP170: 21-1-2012 15:57:42 - Removed Steinberg HALionOne Essential Set
  ==============================================
  EOF
 • Hallo Iggy, we zijn niet met een wedstrijd bezig hoor, alles in je eigen tempo doen is het beste.
  Dus veel plezier vanavond.

  Norton deactiveren: rechtsklikken op het Norton-icoon in de systray en kies "Disable Auto-Protect." met als instelling tot aan herstart van de PC.
 • Hoi Abraham,

  Daar ben ik weer. Het heeft wat moeite gekost om de laptop weer een beetje redelijk aan de gang te krijgen. Door bij energiebeheer de prestaties lager te zetten draait het weer een beetje. Ook doet soms de ventilator het wel en soms niet…. Nu gelukkig wel en hebben we een beetje snelheid.
  Hierbij de 2 logs van TDSS en Combofix

  Moet ik nu combofix van de laptop verwijderen of laten staan? Combofix heeft trouwens geen nieuwe opstart uitgevoerd. Zal ik zo ff zelf doen en alles weer aanzetten in Norton.

  gr. Iggy

  17:03:22.0980 3828 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
  17:03:22.0980 3828 ============================================================
  17:03:22.0980 3828 Current date / time: 2012/01/21 17:03:22.0980
  17:03:22.0980 3828 SystemInfo:
  17:03:22.0980 3828
  17:03:22.0980 3828 OS Version: 6.1.7601 ServicePack: 1.0
  17:03:22.0980 3828 Product type: Workstation
  17:03:22.0980 3828 ComputerName: LUC-PC
  17:03:22.0980 3828 UserName: Luc
  17:03:22.0980 3828 Windows directory: C:\Windows
  17:03:22.0980 3828 System windows directory: C:\Windows
  17:03:22.0980 3828 Running under WOW64
  17:03:22.0980 3828 Processor architecture: Intel x64
  17:03:22.0980 3828 Number of processors: 1
  17:03:22.0980 3828 Page size: 0x1000
  17:03:22.0980 3828 Boot type: Normal boot
  17:03:22.0980 3828 ============================================================
  17:03:26.0506 3828 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
  17:03:26.0802 3828 Initialize success
  17:03:26.0880 4876 ============================================================
  17:03:26.0880 4876 Scan started
  17:03:26.0880 4876 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
  17:03:26.0880 4876 ============================================================
  17:03:29.0797 4876 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
  17:03:29.0984 4876 1394ohci - ok
  17:03:30.0156 4876 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
  17:03:30.0172 4876 ACPI - ok
  17:03:30.0281 4876 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
  17:03:30.0437 4876 AcpiPmi - ok
  17:03:30.0608 4876 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
  17:03:30.0702 4876 adp94xx - ok
  17:03:30.0842 4876 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
  17:03:30.0905 4876 adpahci - ok
  17:03:30.0952 4876 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
  17:03:30.0998 4876 adpu320 - ok
  17:03:31.0108 4876 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
  17:03:31.0232 4876 AFD - ok
  17:03:31.0544 4876 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
  17:03:31.0700 4876 AgereSoftModem - ok
  17:03:31.0810 4876 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
  17:03:31.0872 4876 agp440 - ok
  17:03:32.0106 4876 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
  17:03:32.0184 4876 aliide - ok
  17:03:32.0293 4876 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
  17:03:32.0371 4876 amdide - ok
  17:03:32.0527 4876 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
  17:03:32.0683 4876 AmdK8 - ok
  17:03:32.0746 4876 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
  17:03:32.0839 4876 AmdPPM - ok
  17:03:33.0089 4876 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
  17:03:33.0136 4876 amdsata - ok
  17:03:33.0182 4876 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
  17:03:33.0214 4876 amdsbs - ok
  17:03:33.0307 4876 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
  17:03:33.0338 4876 amdxata - ok
  17:03:33.0448 4876 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
  17:03:34.0150 4876 AppID - ok
  17:03:34.0368 4876 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
  17:03:34.0430 4876 arc - ok
  17:03:34.0524 4876 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
  17:03:34.0555 4876 arcsas - ok
  17:03:34.0664 4876 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
  17:03:35.0008 4876 AsyncMac - ok
  17:03:35.0132 4876 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
  17:03:35.0164 4876 atapi - ok
  17:03:35.0460 4876 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
  17:03:46.0692 4876 athr - ok
  17:03:47.0051 4876 AtiHdmiService (3b9014fb7ce9e20fd726321c7db7d8b0) C:\Windows\system32\drivers\AtiHdmi.sys
  17:03:47.0129 4876 AtiHdmiService - ok
  17:03:47.0924 4876 atikmdag (a29087680a1c3b049e3c05438e8ff2b8) C:\Windows\system32\DRIVERS\atikmdag.sys
  17:03:48.0455 4876 atikmdag - ok
  17:03:48.0736 4876 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
  17:03:48.0767 4876 AtiPcie - ok
  17:03:49.0001 4876 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
  17:03:49.0266 4876 b06bdrv - ok
  17:03:49.0438 4876 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
  17:03:49.0562 4876 b57nd60a - ok
  17:03:49.0750 4876 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
  17:03:49.0859 4876 Beep - ok
  17:03:50.0124 4876 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111223.001\BHDrvx64.sys
  17:03:50.0218 4876 BHDrvx64 - ok
  17:03:50.0342 4876 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
  17:03:50.0405 4876 blbdrive - ok
  17:03:50.0436 4876 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
  17:03:50.0514 4876 bowser - ok
  17:03:50.0623 4876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
  17:03:50.0748 4876 BrFiltLo - ok
  17:03:50.0795 4876 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
  17:03:50.0857 4876 BrFiltUp - ok
  17:03:50.0935 4876 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
  17:03:51.0029 4876 Brserid - ok
  17:03:51.0107 4876 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
  17:03:51.0185 4876 BrSerWdm - ok
  17:03:51.0325 4876 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
  17:03:51.0450 4876 BrUsbMdm - ok
  17:03:51.0575 4876 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
  17:03:51.0653 4876 BrUsbSer - ok
  17:03:51.0778 4876 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys
  17:03:52.0261 4876 BthAvrcp - ok
  17:03:52.0370 4876 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
  17:03:52.0542 4876 BthEnum - ok
  17:03:52.0682 4876 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
  17:03:52.0745 4876 BTHMODEM - ok
  17:03:52.0823 4876 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
  17:03:53.0010 4876 BthPan - ok
  17:03:53.0119 4876 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
  17:03:53.0213 4876 BTHPORT - ok
  17:03:53.0369 4876 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
  17:03:53.0447 4876 BTHUSB - ok
  17:03:53.0650 4876 ccHP (37f1baec39b505b3b51893a35c8337ea) C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
  17:03:53.0712 4876 ccHP - ok
  17:03:53.0852 4876 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
  17:03:53.0993 4876 cdfs - ok
  17:03:54.0180 4876 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
  17:03:54.0227 4876 cdrom - ok
  17:03:54.0336 4876 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
  17:03:54.0414 4876 circlass - ok
  17:03:54.0586 4876 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
  17:03:54.0632 4876 CLFS - ok
  17:03:54.0788 4876 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
  17:03:54.0913 4876 CmBatt - ok
  17:03:54.0976 4876 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
  17:03:55.0022 4876 cmdide - ok
  17:03:55.0210 4876 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
  17:03:55.0272 4876 CNG - ok
  17:03:55.0444 4876 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
  17:03:55.0522 4876 Compbatt - ok
  17:03:55.0600 4876 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
  17:03:55.0724 4876 CompositeBus - ok
  17:03:55.0880 4876 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
  17:03:56.0036 4876 crcdisk - ok
  17:03:56.0208 4876 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
  17:03:56.0348 4876 DfsC - ok
  17:03:56.0411 4876 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
  17:03:56.0489 4876 discache - ok
  17:03:56.0660 4876 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
  17:03:56.0692 4876 Disk - ok
  17:03:56.0801 4876 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
  17:03:56.0879 4876 Dot4 - ok
  17:03:57.0035 4876 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
  17:03:57.0097 4876 Dot4Print - ok
  17:03:57.0175 4876 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
  17:03:57.0238 4876 dot4usb - ok
  17:03:57.0362 4876 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
  17:03:57.0394 4876 drmkaud - ok
  17:03:57.0487 4876 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
  17:03:57.0534 4876 DXGKrnl - ok
  17:03:57.0924 4876 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
  17:03:58.0127 4876 ebdrv - ok
  17:03:58.0283 4876 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
  17:03:58.0361 4876 eeCtrl - ok
  17:03:58.0486 4876 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
  17:03:58.0564 4876 elxstor - ok
  17:03:58.0704 4876 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
  17:03:58.0782 4876 EraserUtilRebootDrv - ok
  17:03:58.0876 4876 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
  17:03:58.0969 4876 ErrDev - ok
  17:03:59.0032 4876 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
  17:03:59.0203 4876 exfat - ok
  17:03:59.0297 4876 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
  17:03:59.0390 4876 fastfat - ok
  17:03:59.0468 4876 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
  17:03:59.0546 4876 fdc - ok
  17:03:59.0687 4876 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
  17:03:59.0718 4876 FileInfo - ok
  17:03:59.0749 4876 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
  17:03:59.0905 4876 Filetrace - ok
  17:03:59.0952 4876 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
  17:04:00.0046 4876 flpydisk - ok
  17:04:00.0139 4876 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
  17:04:00.0155 4876 FltMgr - ok
  17:04:00.0202 4876 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
  17:04:00.0217 4876 FsDepends - ok
  17:04:00.0248 4876 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
  17:04:00.0295 4876 Fs_Rec - ok
  17:04:00.0373 4876 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
  17:04:00.0420 4876 fvevol - ok
  17:04:00.0482 4876 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
  17:04:00.0545 4876 gagp30kx - ok
  17:04:00.0654 4876 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
  17:04:00.0716 4876 hamachi - ok
  17:04:00.0810 4876 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
  17:04:00.0966 4876 hcw85cir - ok
  17:04:01.0060 4876 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
  17:04:01.0122 4876 HdAudAddService - ok
  17:04:01.0231 4876 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
  17:04:01.0309 4876 HDAudBus - ok
  17:04:01.0340 4876 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
  17:04:01.0403 4876 HidBatt - ok
  17:04:01.0543 4876 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
  17:04:01.0652 4876 HidBth - ok
  17:04:01.0652 4876 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
  17:04:01.0762 4876 HidIr - ok
  17:04:01.0933 4876 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
  17:04:01.0980 4876 HidUsb - ok
  17:04:02.0027 4876 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
  17:04:02.0120 4876 HpqKbFiltr - ok
  17:04:02.0230 4876 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
  17:04:02.0292 4876 HpSAMD - ok
  17:04:02.0432 4876 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
  17:04:02.0542 4876 HTTP - ok
  17:04:02.0729 4876 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
  17:04:02.0807 4876 hwpolicy - ok
  17:04:02.0994 4876 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
  17:04:03.0056 4876 i8042prt - ok
  17:04:03.0134 4876 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
  17:04:03.0166 4876 iaStorV - ok
  17:04:03.0415 4876 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120120.002\IDSvia64.sys
  17:04:03.0478 4876 IDSVia64 - ok
  17:04:03.0758 4876 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
  17:04:04.0008 4876 igfx - ok
  17:04:04.0102 4876 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
  17:04:04.0164 4876 iirsp - ok
  17:04:04.0211 4876 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
  17:04:04.0242 4876 intelide - ok
  17:04:04.0289 4876 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
  17:04:04.0367 4876 intelppm - ok
  17:04:04.0632 4876 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
  17:04:04.0757 4876 IpFilterDriver - ok
  17:04:04.0882 4876 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
  17:04:05.0006 4876 IPMIDRV - ok
  17:04:05.0069 4876 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
  17:04:05.0318 4876 IPNAT - ok
  17:04:05.0428 4876 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
  17:04:05.0615 4876 IRENUM - ok
  17:04:05.0755 4876 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
  17:04:05.0818 4876 isapnp - ok
  17:04:05.0880 4876 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
  17:04:05.0927 4876 iScsiPrt - ok
  17:04:05.0974 4876 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
  17:04:06.0005 4876 kbdclass - ok
  17:04:06.0145 4876 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
  17:04:06.0254 4876 kbdhid - ok
  17:04:06.0301 4876 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
  17:04:06.0364 4876 KSecDD - ok
  17:04:06.0379 4876 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
  17:04:06.0410 4876 KSecPkg - ok
  17:04:06.0629 4876 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
  17:04:06.0878 4876 ksthunk - ok
  17:04:06.0956 4876 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
  17:04:07.0190 4876 lltdio - ok
  17:04:07.0237 4876 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
  17:04:07.0268 4876 LSI_FC - ok
  17:04:07.0315 4876 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
  17:04:07.0362 4876 LSI_SAS - ok
  17:04:07.0440 4876 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
  17:04:07.0518 4876 LSI_SAS2 - ok
  17:04:07.0596 4876 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
  17:04:07.0627 4876 LSI_SCSI - ok
  17:04:07.0721 4876 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
  17:04:12.0510 4876 luafv - ok
  17:04:12.0635 4876 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
  17:04:12.0682 4876 megasas - ok
  17:04:12.0775 4876 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
  17:04:12.0806 4876 MegaSR - ok
  17:04:12.0884 4876 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
  17:04:13.0321 4876 Modem - ok
  17:04:13.0540 4876 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
  17:04:13.0586 4876 monitor - ok
  17:04:13.0664 4876 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
  17:04:13.0711 4876 mouclass - ok
  17:04:13.0820 4876 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
  17:04:13.0867 4876 mouhid - ok
  17:04:13.0930 4876 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
  17:04:13.0992 4876 mountmgr - ok
  17:04:14.0070 4876 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
  17:04:14.0101 4876 mpio - ok
  17:04:14.0226 4876 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
  17:04:14.0382 4876 mpsdrv - ok
  17:04:14.0429 4876 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
  17:04:14.0694 4876 MRxDAV - ok
  17:04:14.0866 4876 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
  17:04:14.0944 4876 mrxsmb - ok
  17:04:15.0115 4876 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
  17:04:15.0178 4876 mrxsmb10 - ok
  17:04:15.0458 4876 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
  17:04:15.0505 4876 mrxsmb20 - ok
  17:04:15.0536 4876 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
  17:04:15.0599 4876 msahci - ok
  17:04:15.0880 4876 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
  17:04:15.0926 4876 msdsm - ok
  17:04:16.0036 4876 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
  17:04:16.0098 4876 Msfs - ok
  17:04:16.0348 4876 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
  17:04:16.0550 4876 mshidkmdf - ok
  17:04:16.0847 4876 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
  17:04:16.0909 4876 msisadrv - ok
  17:04:17.0034 4876 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
  17:04:17.0112 4876 MSKSSRV - ok
  17:04:17.0549 4876 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
  17:04:17.0705 4876 MSPCLOCK - ok
  17:04:18.0188 4876 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
  17:04:18.0344 4876 MSPQM - ok
  17:04:18.0563 4876 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
  17:04:18.0594 4876 MsRPC - ok
  17:04:18.0656 4876 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
  17:04:18.0688 4876 mssmbios - ok
  17:04:18.0937 4876 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
  17:04:19.0031 4876 MSTEE - ok
  17:04:19.0109 4876 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
  17:04:19.0156 4876 MTConfig - ok
  17:04:19.0374 4876 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
  17:04:19.0421 4876 Mup - ok
  17:04:19.0561 4876 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
  17:04:19.0655 4876 NativeWifiP - ok
  17:04:19.0842 4876 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120120.035\ENG64.SYS
  17:04:19.0936 4876 NAVENG - ok
  17:04:20.0154 4876 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120120.035\EX64.SYS
  17:04:20.0232 4876 NAVEX15 - ok
  17:04:20.0372 4876 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
  17:04:20.0419 4876 NDIS - ok
  17:04:20.0482 4876 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
  17:04:20.0560 4876 NdisCap - ok
  17:04:20.0669 4876 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
  17:04:20.0747 4876 NdisTapi - ok
  17:04:20.0809 4876 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
  17:04:20.0903 4876 Ndisuio - ok
  17:04:20.0965 4876 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
  17:04:21.0028 4876 NdisWan - ok
  17:04:21.0152 4876 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
  17:04:21.0277 4876 NDProxy - ok
  17:04:21.0340 4876 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
  17:04:21.0418 4876 NetBIOS - ok
  17:04:21.0511 4876 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
  17:04:21.0605 4876 NetBT - ok
  17:04:21.0839 4876 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
  17:04:21.0995 4876 netw5v64 - ok
  17:04:22.0104 4876 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
  17:04:22.0135 4876 nfrd960 - ok
  17:04:22.0213 4876 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
  17:04:22.0276 4876 Npfs - ok
  17:04:22.0432 4876 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
  17:04:22.0541 4876 nsiproxy - ok
  17:04:22.0634 4876 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
  17:04:22.0697 4876 Ntfs - ok
  17:04:22.0853 4876 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
  17:04:22.0962 4876 Null - ok
  17:04:22.0993 4876 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
  17:04:23.0024 4876 nvraid - ok
  17:04:23.0056 4876 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
  17:04:23.0087 4876 nvstor - ok
  17:04:23.0243 4876 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
  17:04:23.0274 4876 nv_agp - ok
  17:04:23.0430 4876 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
  17:04:23.0555 4876 ohci1394 - ok
  17:04:24.0584 4876 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
  17:04:24.0647 4876 Parport - ok
  17:04:24.0818 4876 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
  17:04:24.0850 4876 partmgr - ok
  17:04:25.0130 4876 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
  17:04:25.0162 4876 pci - ok
  17:04:25.0427 4876 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
  17:04:25.0489 4876 pciide - ok
  17:04:25.0630 4876 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
  17:04:25.0692 4876 pcmcia - ok
  17:04:25.0739 4876 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
  17:04:25.0786 4876 pcw - ok
  17:04:25.0864 4876 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
  17:04:25.0973 4876 PEAUTH - ok
  17:04:26.0238 4876 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
  17:04:26.0332 4876 PptpMiniport - ok
  17:04:26.0410 4876 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
  17:04:26.0456 4876 Processor - ok
  17:04:26.0597 4876 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
  17:04:26.0659 4876 Psched - ok
  17:04:26.0753 4876 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
  17:04:26.0831 4876 ql2300 - ok
  17:04:26.0956 4876 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
  17:04:27.0002 4876 ql40xx - ok
  17:04:27.0034 4876 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
  17:04:27.0112 4876 QWAVEdrv - ok
  17:04:27.0190 4876 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
  17:04:27.0252 4876 RasAcd - ok
  17:04:27.0346 4876 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
  17:04:27.0408 4876 RasAgileVpn - ok
  17:04:27.0548 4876 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
  17:04:27.0658 4876 Rasl2tp - ok
  17:04:27.0720 4876 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
  17:04:27.0860 4876 RasPppoe - ok
  17:04:28.0063 4876 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
  17:04:28.0157 4876 RasSstp - ok
  17:04:28.0360 4876 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
  17:04:28.0422 4876 rdbss - ok
  17:04:28.0469 4876 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
  17:04:28.0547 4876 rdpbus - ok
  17:04:28.0703 4876 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
  17:04:28.0781 4876 RDPCDD - ok
  17:04:28.0796 4876 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
  17:04:28.0890 4876 RDPENCDD - ok
  17:04:28.0937 4876 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
  17:04:28.0999 4876 RDPREFMP - ok
  17:04:29.0093 4876 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
  17:04:29.0155 4876 RDPWD - ok
  17:04:29.0264 4876 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
  17:04:29.0296 4876 rdyboost - ok
  17:04:29.0467 4876 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
  17:04:29.0561 4876 RFCOMM - ok
  17:04:29.0670 4876 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
  17:04:29.0764 4876 rspndr - ok
  17:04:29.0935 4876 RSUSBSTOR (a5df2f732a6c95554e548fcb6932bd31) C:\Windows\system32\Drivers\RtsUStor.sys
  17:04:30.0091 4876 RSUSBSTOR - ok
  17:04:30.0169 4876 RTL2832UBDA (21158f0b38f1296f5d38505c43520ad4) C:\Windows\system32\drivers\RTL2832UBDA.sys
  17:04:30.0216 4876 RTL2832UBDA - ok
  17:04:30.0466 4876 RTL2832UUSB (f5d6c41fa141025b60784a273288e75f) C:\Windows\system32\Drivers\RTL2832UUSB.sys
  17:04:30.0544 4876 RTL2832UUSB - ok
  17:04:30.0793 4876 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
  17:04:30.0918 4876 RTL8167 - ok
  17:04:31.0058 4876 RtsUIR - ok
  17:04:31.0105 4876 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
  17:04:31.0183 4876 sbp2port - ok
  17:04:31.0246 4876 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
  17:04:31.0339 4876 scfilter - ok
  17:04:31.0448 4876 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
  17:04:31.0558 4876 sdbus - ok
  17:04:31.0698 4876 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
  17:04:31.0792 4876 secdrv - ok
  17:04:31.0838 4876 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
  17:04:31.0870 4876 Serenum - ok
  17:04:31.0963 4876 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
  17:04:32.0041 4876 Serial - ok
  17:04:32.0150 4876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
  17:04:32.0228 4876 sermouse - ok
  17:04:32.0291 4876 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
  17:04:32.0353 4876 sffdisk - ok
  17:04:32.0384 4876 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
  17:04:32.0447 4876 sffp_mmc - ok
  17:04:32.0494 4876 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
  17:04:32.0556 4876 sffp_sd - ok
  17:04:32.0665 4876 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
  17:04:32.0728 4876 sfloppy - ok
  17:04:32.0774 4876 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
  17:04:32.0806 4876 SiSRaid2 - ok
  17:04:32.0852 4876 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
  17:04:32.0915 4876 SiSRaid4 - ok
  17:04:33.0008 4876 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
  17:04:33.0102 4876 Smb - ok
  17:04:33.0118 4876 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
  17:04:33.0133 4876 spldr - ok
  17:04:33.0227 4876 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
  17:04:33.0227 4876 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
  17:04:33.0227 4876 sptd ( LockedFile.Multi.Generic ) - warning
  17:04:33.0227 4876 sptd - detected LockedFile.Multi.Generic (1)
  17:04:33.0336 4876 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
  17:04:33.0383 4876 SRTSP - ok
  17:04:33.0476 4876 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
  17:04:33.0508 4876 SRTSPX - ok
  17:04:33.0586 4876 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
  17:04:33.0648 4876 srv - ok
  17:04:33.0757 4876 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
  17:04:33.0820 4876 srv2 - ok
  17:04:33.0898 4876 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
  17:04:33.0991 4876 SrvHsfHDA - ok
  17:04:34.0038 4876 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
  17:04:34.0132 4876 SrvHsfV92 - ok
  17:04:34.0210 4876 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
  17:04:34.0257 4876 SrvHsfWinac - ok
  17:04:34.0366 4876 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
  17:04:34.0428 4876 srvnet - ok
  17:04:34.0522 4876 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
  17:04:34.0584 4876 stexstor - ok
  17:04:34.0693 4876 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
  17:04:34.0803 4876 STHDA - ok
  17:04:34.0896 4876 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
  17:04:34.0959 4876 StillCam - ok
  17:04:35.0005 4876 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
  17:04:35.0037 4876 swenum - ok
  17:04:35.0177 4876 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
  17:04:35.0224 4876 SymDS - ok
  17:04:35.0349 4876 SymEFA (9f5783a4a03d0091cdbdaa858b566926) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
  17:04:35.0380 4876 SymEFA - ok
  17:04:35.0427 4876 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
  17:04:35.0473 4876 SymEvent - ok
  17:04:35.0661 4876 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
  17:04:35.0848 4876 SymIRON - ok
  17:04:36.0316 4876 SYMTDIv (3adfb72f0797ae3832509fe030755e21) C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
  17:04:36.0363 4876 SYMTDIv - ok
  17:04:36.0487 4876 SynasUSB (512231ba47975f3f1a67b11f271bb49d) C:\Windows\system32\drivers\SynUSB64.sys
  17:04:36.0550 4876 SynasUSB - ok
  17:04:36.0643 4876 SynTP (929c9fa0b18ad2ebc8340591c4bf00ff) C:\Windows\system32\DRIVERS\SynTP.sys
  17:04:36.0706 4876 SynTP - ok
  17:04:36.0846 4876 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
  17:04:36.0909 4876 Tcpip - ok
  17:04:37.0033 4876 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
  17:04:37.0096 4876 TCPIP6 - ok
  17:04:37.0127 4876 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
  17:04:37.0221 4876 tcpipreg - ok
  17:04:37.0314 4876 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
  17:04:37.0423 4876 TDPIPE - ok
  17:04:37.0470 4876 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
  17:04:37.0564 4876 TDTCP - ok
  17:04:37.0626 4876 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
  17:04:37.0704 4876 tdx - ok
  17:04:37.0798 4876 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
  17:04:37.0829 4876 TermDD - ok
  17:04:37.0891 4876 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
  17:04:37.0969 4876 tssecsrv - ok
  17:04:38.0063 4876 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
  17:04:38.0110 4876 TsUsbFlt - ok
  17:04:38.0219 4876 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
  17:04:38.0281 4876 tunnel - ok
  17:04:38.0359 4876 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
  17:04:38.0406 4876 uagp35 - ok
  17:04:38.0484 4876 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
  17:04:38.0593 4876 udfs - ok
  17:04:38.0687 4876 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
  17:04:38.0734 4876 uliagpkx - ok
  17:04:38.0796 4876 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
  17:04:38.0874 4876 umbus - ok
  17:04:38.0937 4876 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
  17:04:38.0983 4876 UmPass - ok
  17:04:39.0077 4876 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
  17:04:39.0155 4876 usbccgp - ok
  17:04:39.0155 4876 USBCCID - ok
  17:04:39.0264 4876 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
  17:04:39.0358 4876 usbcir - ok
  17:04:39.0389 4876 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
  17:04:39.0451 4876 usbehci - ok
  17:04:39.0561 4876 usbfilter (44d9c773febff10593b50ddfc2d6bc27) C:\Windows\system32\DRIVERS\usbfilter.sys
  17:04:39.0592 4876 usbfilter - ok
  17:04:39.0685 4876 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
  17:04:39.0748 4876 usbhub - ok
  17:04:39.0826 4876 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
  17:04:39.0888 4876 usbohci - ok
  17:04:39.0997 4876 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
  17:04:40.0060 4876 usbprint - ok
  17:04:40.0153 4876 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
  17:04:40.0216 4876 usbscan - ok
  17:04:40.0247 4876 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
  17:04:40.0356 4876 USBSTOR - ok
  17:04:40.0434 4876 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
  17:04:40.0497 4876 usbuhci - ok
  17:04:40.0590 4876 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
  17:04:40.0653 4876 usbvideo - ok
  17:04:40.0731 4876 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
  17:04:40.0762 4876 vdrvroot - ok
  17:04:40.0809 4876 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
  17:04:40.0887 4876 vga - ok
  17:04:40.0980 4876 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
  17:04:41.0043 4876 VgaSave - ok
  17:04:41.0136 4876 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
  17:04:41.0167 4876 vhdmp - ok
  17:04:41.0214 4876 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
  17:04:41.0261 4876 viaide - ok
  17:04:41.0292 4876 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
  17:04:41.0339 4876 volmgr - ok
  17:04:41.0526 4876 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
  17:04:41.0573 4876 volmgrx - ok
  17:04:41.0651 4876 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
  17:04:41.0682 4876 volsnap - ok
  17:04:41.0729 4876 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
  17:04:41.0791 4876 vsmraid - ok
  17:04:41.0885 4876 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
  17:04:41.0947 4876 vwifibus - ok
  17:04:42.0010 4876 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
  17:04:42.0057 4876 vwififlt - ok
  17:04:42.0119 4876 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
  17:04:42.0213 4876 vwifimp - ok
  17:04:42.0244 4876 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
  17:04:42.0306 4876 WacomPen - ok
  17:04:42.0447 4876 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
  17:04:42.0556 4876 WANARP - ok
  17:04:42.0571 4876 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
  17:04:42.0649 4876 Wanarpv6 - ok
  17:04:43.0367 4876 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
  17:04:43.0461 4876 Wd - ok
  17:04:43.0757 4876 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
  17:04:43.0804 4876 Wdf01000 - ok
  17:04:44.0038 4876 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
  17:04:44.0163 4876 WfpLwf - ok
  17:04:44.0397 4876 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
  17:04:44.0443 4876 WIMMount - ok
  17:04:44.0646 4876 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
  17:04:44.0709 4876 WinUsb - ok
  17:04:44.0880 4876 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
  17:04:45.0052 4876 WmiAcpi - ok
  17:04:45.0270 4876 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
  17:04:45.0379 4876 ws2ifsl - ok
  17:04:45.0426 4876 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
  17:04:45.0489 4876 WSDPrintDevice - ok
  17:04:45.0879 4876 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
  17:04:45.0972 4876 WudfPf - ok
  17:04:46.0300 4876 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
  17:04:46.0425 4876 WUDFRd - ok
  17:04:46.0659 4876 X6va003 - ok
  17:04:46.0690 4876 X6va005 - ok
  17:04:46.0846 4876 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
  17:04:46.0924 4876 yukonw7 - ok
  17:04:46.0971 4876 MBR (0x1B8) (125b507a6644b0ba762fd2f1cdba1ba3) \Device\Harddisk0\DR0
  17:04:47.0017 4876 \Device\Harddisk0\DR0 - ok
  17:04:47.0064 4876 Boot (0x1200) (1b72e9e2fcfea04daefd3c4108e6b1ec) \Device\Harddisk0\DR0\Partition0
  17:04:47.0080 4876 \Device\Harddisk0\DR0\Partition0 - ok
  17:04:47.0095 4876 Boot (0x1200) (ce8ee302bef076aab8b05085d1461ee6) \Device\Harddisk0\DR0\Partition1
  17:04:47.0127 4876 \Device\Harddisk0\DR0\Partition1 - ok
  17:04:47.0173 4876 Boot (0x1200) (7f3b91d40a9d5209214d2bf0e651b597) \Device\Harddisk0\DR0\Partition2
  17:04:47.0236 4876 \Device\Harddisk0\DR0\Partition2 - ok
  17:04:47.0267 4876 Boot (0x1200) (f54071a557189f42871363710de288ab) \Device\Harddisk0\DR0\Partition3
  17:04:47.0345 4876 \Device\Harddisk0\DR0\Partition3 - ok
  17:04:47.0345 4876 ============================================================
  17:04:47.0345 4876 Scan finished
  17:04:47.0345 4876 ============================================================
  17:04:48.0343 3936 Deinitialize success

  ==============================================
  Last Created System Restore Point
  ==============================================
  RP170: 21-1-2012 15:57:42 - Removed Steinberg HALionOne Essential Set

  ComboFix 12-01-23.02 - Luc 23-01-2012 16:28:32.1.1 - x64
  Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2812.1672 [GMT 1:00]
  Gestart vanuit: c:\users\Luc\Desktop\ComboFix.exe
  AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
  FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
  SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
  SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  * Nieuw herstelpunt werd aangemaakt
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  C:\CFLog
  c:\cflog\CrashLog_20101204.txt
  c:\cflog\CrashLog_20101224.txt
  c:\cflog\CrashLog_20110209.txt
  c:\cflog\CrashLog_20110213.txt
  c:\cflog\CrashLog_20110528.txt
  c:\cflog\CrashLog_20110531.txt
  c:\cflog\CrashLog_20110902.txt
  c:\cflog\CrashLog_20110903.txt
  c:\cflog\CrashLog_20110904.txt
  c:\cflog\CrashLog_20110905.txt
  c:\cflog\CrashLog_20110910.txt
  c:\cflog\CrashLog_20110918.txt
  c:\cflog\CrashLog_20110921.txt
  c:\cflog\CrashLog_20111008.txt
  c:\cflog\CrashLog_20111010.txt
  c:\cflog\CrashLog_20111022.txt
  c:\cflog\CrashLog_20111029.txt
  c:\cflog\CrashLog_20111111.txt
  c:\cflog\CrashLog_20111119.txt
  c:\cflog\CrashLog_20111121.txt
  c:\cflog\CrashLog_20111130.txt
  c:\cflog\CrashLog_20111210.txt
  c:\windows\IsUn0413.exe
  c:\windows\SysWow64\system32
  c:\windows\SysWow64\system32\DRIVERS\RTL2832U_IRHID.sys
  c:\windows\SysWow64\system32\DRIVERS\RTL2832UBDA.sys
  c:\windows\SysWow64\system32\DRIVERS\RTL2832UUSB.sys
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2011-12-23 to 2012-01-23 ))))))))))))))))))))))))))))))
  .
  .
  2012-01-23 15:44 . 2012-01-23 15:44 ——– d—–w- c:\users\Default\AppData\Local\temp
  2012-01-21 16:03 . 2012-01-21 16:04 ——– d—–w- C:\TDSSStarter
  2012-01-21 15:13 . 2012-01-21 15:13 ——– d—–w- c:\users\Luc\AppData\Roaming\Malwarebytes
  2012-01-21 15:12 . 2012-01-21 15:12 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
  2012-01-21 15:12 . 2012-01-21 15:12 ——– d—–w- c:\programdata\Malwarebytes
  2012-01-21 15:12 . 2011-12-10 14:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
  2012-01-21 12:06 . 2012-01-21 12:06 388096 —-a-r- c:\users\Luc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2012-01-21 12:06 . 2012-01-21 12:06 ——– d—–w- c:\program files (x86)\Trend Micro
  2012-01-11 14:41 . 2011-10-26 05:25 1572864 —-a-w- c:\windows\system32\quartz.dll
  2012-01-11 14:41 . 2011-10-26 04:32 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
  2012-01-11 14:41 . 2011-10-26 04:32 1328128 —-a-w- c:\windows\SysWow64\quartz.dll
  2012-01-11 14:41 . 2011-10-26 05:25 366592 —-a-w- c:\windows\system32\qdvd.dll
  2012-01-11 14:41 . 2011-11-17 06:41 1731920 —-a-w- c:\windows\system32\ntdll.dll
  2012-01-11 14:41 . 2011-11-17 05:38 1292080 —-a-w- c:\windows\SysWow64\ntdll.dll
  2012-01-11 14:41 . 2011-11-19 14:58 77312 —-a-w- c:\windows\system32\packager.dll
  2012-01-11 14:41 . 2011-11-19 14:01 67072 —-a-w- c:\windows\SysWow64\packager.dll
  2012-01-06 07:25 . 2012-01-21 12:47 280736 —-a-w- c:\windows\SysWow64\PnkBstrB.exe
  2012-01-06 07:25 . 2012-01-06 08:24 280736 —-a-w- c:\windows\SysWow64\PnkBstrB.ex0
  2012-01-06 07:24 . 2012-01-21 12:47 280736 —-a-w- c:\windows\SysWow64\PnkBstrB.xtr
  2012-01-06 07:24 . 2012-01-06 07:24 75136 —-a-w- c:\windows\SysWow64\PnkBstrA.exe
  2012-01-05 15:20 . 2012-01-05 15:20 ——– d—–w- c:\windows\system32\Macromed
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2012-01-05 15:20 . 2011-05-16 13:27 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  2011-11-24 04:52 . 2011-12-15 15:19 3145216 —-a-w- c:\windows\system32\win32k.sys
  2011-11-10 04:54 . 2010-04-28 18:25 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
  2011-11-05 05:32 . 2011-12-15 15:19 2048 —-a-w- c:\windows\system32\tzres.dll
  2011-11-05 04:26 . 2011-12-15 15:19 2048 —-a-w- c:\windows\SysWow64\tzres.dll
  2011-11-04 01:53 . 2011-12-16 13:31 2309120 —-a-w- c:\windows\system32\jscript9.dll
  2011-11-04 01:44 . 2011-12-16 13:31 1390080 —-a-w- c:\windows\system32\wininet.dll
  2011-11-04 01:44 . 2011-12-16 13:31 1493504 —-a-w- c:\windows\system32\inetcpl.cpl
  2011-11-04 01:34 . 2011-12-16 13:31 2382848 —-a-w- c:\windows\system32\mshtml.tlb
  2011-11-03 22:47 . 2011-12-16 13:31 1798144 —-a-w- c:\windows\SysWow64\jscript9.dll
  2011-11-03 22:40 . 2011-12-16 13:31 1427456 —-a-w- c:\windows\SysWow64\inetcpl.cpl
  2011-11-03 22:39 . 2011-12-16 13:31 1127424 —-a-w- c:\windows\SysWow64\wininet.dll
  2011-11-03 22:31 . 2011-12-16 13:31 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
  2011-10-26 05:21 . 2011-12-15 15:19 43520 —-a-w- c:\windows\system32\csrsrv.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
  "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
  "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  "HideFastUserSwitching"= 0 (0x0)
  .
  [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  "mixer"=wdmaud.drv
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
  @="Driver"
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
  R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
  R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
  R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
  R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
  R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-08-17 116640]
  R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-08-17 38944]
  R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
  R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
  R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
  R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
  R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynUSB64.sys [x]
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  R3 X6va003;X6va003;c:\users\Luc\AppData\Local\Temp\003AA2A.tmp [x]
  R3 X6va005;X6va005;c:\users\Luc\AppData\Local\Temp\0055503.tmp [x]
  R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
  R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 136176]
  R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 136176]
  R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
  S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
  S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [x]
  S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [x]
  S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [2011-12-01 1157240]
  S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [x]
  S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120120.002\IDSvia64.sys [2011-08-22 488568]
  S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [x]
  S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [x]
  S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
  S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
  S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
  S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
  S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-09 138360]
  S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
  S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
  S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
  .
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
  hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
  Akamai REG_MULTI_SZ Akamai
  .
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
  ezSharedSvc
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2012-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 10:45]
  .
  2012-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 10:45]
  .
  .
  ——— x86-64 ———–
  .
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "LoadAppInit_DLLs"=0x0
  .
  ——- Bijkomende Scan ——-
  .
  uStart Page = hxxp://www.hyves.nl/
  uLocal Page = c:\windows\system32\blank.htm
  uDefault_Search_URL = hxxp://www.google.com/ie
  mLocal Page = c:\windows\SysWOW64\blank.htm
  uSearchAssistant = hxxp://www.google.com/ie
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
  TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
  DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
  .
  - - - - ORPHANS VERWIJDERD - - - -
  .
  WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
  WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
  WebBrowser-{6D8D66F3-14FC-4736-A096-FAC0EA66289C} - (no file)
  HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
  AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
  AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
  .
  .
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
  "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
  "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_b427739.dll"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
  "ImagePath"="\??\c:\users\Luc\AppData\Local\Temp\003AA2A.tmp"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
  "ImagePath"="\??\c:\users\Luc\AppData\Local\Temp\0055503.tmp"
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_USERS\S-1-5-21-2319316078-2554005352-4139559210-1001\Software\SecuROM\License information*]
  "datasecu"=hex:1c,87,28,ef,19,72,b9,a0,6f,57,31,ae,87,12,cb,dc,5f,3f,0d,7c,f9,
  0f,d2,d1,c7,c6,43,5c,e6,a6,b0,73,e1,f4,80,86,7e,56,8e,24,f4,f1,75,8c,f9,2c,\
  "rkeysecu"=hex:7b,92,63,5f,10,44,44,21,e1,cc,f7,60,5a,f9,e6,70
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  "Enabled"=dword:00000001
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Shockwave Flash Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  @="0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  @="ShockwaveFlash.ShockwaveFlash.10"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="ShockwaveFlash.ShockwaveFlash"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Macromedia Flash Factory Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  @="FlashFactory.FlashFactory.1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="FlashFactory.FlashFactory"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  @Denied: (A 2) (Everyone)
  @="IFlashBroker4"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  @="{00020424-0000-0000-C000-000000000046}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  "Version"="1.0"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  Voltooingstijd: 2012-01-23 16:49:42
  ComboFix-quarantined-files.txt 2012-01-23 15:49
  .
  Pre-Run: 123.425.505.280 bytes beschikbaar
  Post-Run: 123.339.776.000 bytes beschikbaar
  .
  - - End Of File - - 5FD7AFA629F18315BA4C84EA62937AA5
 • Hoi Iggy, wat jij vertelt over de fan van dat notebook: ik vermoed dat deze vol met stof zit.

  Het beste is een bus perslucht te kopen en daarmee de ventilatie openingen mee uitblazen (ook vanaf de onderkant!).

  Verder kan je aan de achterzijde een kleine ophoging onder het notebook plaatsen, zodat er makkelijker lucht via de onderzijde aangezogen kan worden!


  En je mag het volgende doen: [b:214ef9cf89]Doe de ESET online scan (Klik).[/b:214ef9cf89]
  [list:214ef9cf89]
  [*:214ef9cf89]Klik op de knop [b:214ef9cf89]ESET Online Scanner[/b:214ef9cf89]
  [*:214ef9cf89]Zet een vinkje bij [b:214ef9cf89]YES, I accept the Terms of Use[/b:214ef9cf89]
  [*:214ef9cf89]Klik op [b:214ef9cf89]Start[/b:214ef9cf89]
  [*:214ef9cf89]Sta het ActiveX control toe om te installeren.
  [*:214ef9cf89]Zet een vinkje bij de volgende opties:
  [list:214ef9cf89][*:214ef9cf89][b:214ef9cf89]Remove found threats[/b:214ef9cf89]
  [*:214ef9cf89][b:214ef9cf89]Scan archives[/b:214ef9cf89][/list:u:214ef9cf89]
  [*:214ef9cf89]Klik vervolgens op [b:214ef9cf89]
 • Hoi Abraham,

  Ik heb de scan gedaan en kreeg alleen maar de melding 'no threats found' dus geen 'list of found threats die ik naar een file kon exporteren.

  Goed teken toch?

  De laptop is al 2 keer volledig uit elkaar gehaald en doorgeblazen, er zat wel wat stof in maar op dit moment kan ik gewoon niet geloven dat er echt nog veel stof in zit. Het kan natuurlijk ook zijn dat de fan 'gewoon' kapot is maar deze zit onder platen weggewerkt en kunnen we niet zo maar even loshalen (durf ik niet, ben bang iets kapot te maken).

  Heb je nog meer stappen voor me om te doorlopen of zijn we klaar met diep schoonmaken?

  groet,

  Iggy
 • Hoi, indien je Taakbeheer opstart, hoeveel processen zijn dan aktief en wat is het CPU-gebruik?
 • Hoi,

  Nu zijn er nog maar 61 processen aktief. CPU is tussen 14 en 20%.

  Ik heb er geen verstand van maar dit lijkt mij al een hele verbetering.

  gr. Iggy
 • Hoi Iggy, het aantal processen is feitelijk akkoord.

  Maar dat CPU-gebruik vindt ik hoog.
  Weet jij nog welke applikaties op dat moment open stonden?

  Desnoosnoods start je Taakbeheer nogmaals op terwijl er verder geen nieuwe vensters zijn geopend en post dan nogmaals dezelfde gegevens.
 • Hoi Abraham,

  Ik heb nu de laptop opgestart, even een minuut of 10 laten staan en nu gekeken:

  Aantal processen 58. CPU tussen 2 en 7 procent maar iedere 20 seconden is er wel een uitschieter naar 25% of zelfs 40%. Hierna zakt het direct weer naar 2%.

  Ik heb dan geen enkel programma open staan, alleen Norton draait op de achtergrond.

  Moet een fan trouwens altijd draaien of alleen als het warm is? Op dit moment draait die niet en heb ik wel een normale reactie tijd van de laptop. Maar dat zal misschien over 10 minuten heel anders zijn :-)

  Ik hoor graag weer van je.
  groet,
  Iggy
 • Ik acht het mogelijk dat op zich Windows Update (Wau.exe) aktief is.

  Download (klik hier), installeer en start CPUID's [b:6a06e99c86]Hardwaremonitor[/b:6a06e99c86] om de temperatuur van de verschillende onderdelen te kunnen zien.

  [img:6a06e99c86]http://www.cpuid.com/medias/images/en/softwares-hwmonitor.jpg[/img:6a06e99c86]
 • Hoi Abraham,

  Ik gisteren CPUID monitor geinstalleerd en sindsdien houden we een beetje bij wat de temperaturen zoal zijn. Zodra we een beetje vermogen gaan vragen aan de laptop (bijvoorbeeld even Hyves aan, een muziekje erbij en de huiswerksite open) dan loopt de temp makkelijk op richting 95 graden in zo'n 10 minuten. Zoon raakt dan wel in paniek en zet de laptop uit. Als het zo heet wordt dan gaat het ook erg langzaam allemaal.

  Als ik opstart en vrijwel niets doe, alleen even hier naar het forum (met natuurlijk Norton op de achtergrond draaiend) dan loopt de temp op tot 79 graden in een minuut of 10 tijd.

  Ik weet niet hoe ik hier een plaatje bij kan plakken zodat je het kan zien.

  Ik heb wel het idee dat nu de fan helemaal niet meer draait. De laptop is nog nooit zo stil geweest…. we missen het zachte gebrom op de achtergrond…..

  gr. Iggy

 • Ik denk dat de fan stuk is, die temps duiden daarop.
  Heb j het notebook al te reparatie gedaan?
  Anders dit z.s.m. doen.
 • Hoi Abraham,

  Ik was even stil maar heb de laptop ter reparatie weggebracht en er is inderdaad een nieuwe ventilator ingezet. Tjee….. wat is dat duur zeg!
  De fan kost 50 Euro en reparatiekosten zijn 45, dus in totaal was het 95 Euro. Duur grapje voor een hp laptop van maar 350 Euro (was een aanbieding, normaal 450 Euro).

  Ik ben wel erg blij met al jouw hulp hier op dit forum want door alle opruimwerkzaamheden samen met de nieuwe fan loopt de laptop weer als een zonnetje!

  Ik heb veel van je geleerd. Hartelijk dan voor je hulp.

  Gr. Iggy
 • Hallo Iggy, mij is al lang ter ore gekomen, dat de budget notebooks van HP nu niet bepaald van de beste kwaliteit zijn.
  Ik weet niet hoe oud dat notebook inmiddels al is, maar de Nederlandse wet is bepaald duidelijk als het om consumentenrechten gaat.
  Voor PC's en notebooks geldt, dat de standaard garantietermijn voor de wet feitelijk 3 jaar is.
  Meer daarover vindt je op www.consuwijzer.nl

  En verder moeten we nog opruimen!

  Maar eerst dit:
  hou MBAM en de Eset Onlinescanner in jouw Windows erbij.
  Navigeer naar [b:b0fef5f50a]C:\Program Files\ESET\ESET Online Scanner[/b:b0fef5f50a] en klik met rechts op en kies dan voor Snelkoppeling op het bureaublad plaatsen.

  Gebruik MBAM 1x wekelijks - na upaten kies je voor snelle scan.
  Gebruik OnlineScannerApp.exe ix maandelijks.
  Eset zal nu als App opstarten, dan kan je de scan-instellingen aanvinken en vervolgens zal het updateproces beginnen en daarna de scan starten.
  En nog een tip: hier - http://www.jawwi.nl/artikelen/cookies.html - vindt je info over cookies en hoe in je browser(s) AdAware cookies te weren.


Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.