Pagina 2 van 3 EersteEerste 123 LaatsteLaatste
Weergegeven resultaten: 11 t/m 20 van 23
  1. 17 October 2011, 21:02 #11
    EvelineGirl
    EvelineGirl is offline
    Spyware Slayer   EvelineGirl's schermafbeelding
    Geregistreerd
    4 November 2009
    Locatie
    Spijkenisse Zuid-Holland
    Berichten
    519
    Bedankjes
    99
    Bedankt
    483 keer in 259 posts
    Het is niet geheel zonder risico's.
    Eerst je belangrijke bestanden backuppen voordat je dit gaat uitvoeren.
    Print de instructies uit of gebruik een andere computer.

    Herstart nu de computer.
    Tijdens het opstarten van de computer druk je op de F8 toets.
    Hierdoor wordt het menu Geavanceerde opstartopties getoont.
    Selecteer Uw computer herstellen en druk op Enter om de keuze te bevestigen.

    De bestanden worden geladen.
    Selecteer de juiste toetsenbordindeling.
    Druk op Volgende.
    Kies een login met Administratorrechten en geef het bijbehorende wachtwoord in, heeft u geen password dan drukt u hier op enter.
    Bevestig met OK.

    Het scherm Opties voor systeemherstel verschijnt.
    Je ziet bovenaan staan : Microsoft Windows 7 op (C: Lokale schijf
    (is de vetgedrukte letter anders bij jou dan vervang je deze in onderstaand commando (c: wordt dan anders)

    Selecteer de optie Opdrachtprompt.
    Achter de prompt tik je dit in:

    cd /d C:\windows
    Druk op Enter.

    Daarna tik je in:

    /FixMbr
    Druk op Enter.

    Als er gevraagd wordt om de MBR te overschrijven bevestigd u dit met "J" (Ja) of "Y" (Yes).
    Wanneer dit klaar is typ je:

    EXIT
    Druk op Enter.

    Herstart de computer en start je windows.
    Laat TDSSKiller nu nog eens scannen post het resultaat.

    Succes,
    Eveline.
    Laatst gewijzigd door EvelineGirl; 18 October 2011 om 11:00
    Mvg,

  2. 17 October 2011, 22:38 #12
    Shinma
    Shinma is offline
    Up-to-date  
    Geregistreerd
    16 October 2011
    Berichten
    18
    Bedankjes
    1
    Bedankt
    1 keer in 1 post
    Wanneer ik het "fixmbr" ingeef krijg ik als antwoord dat de opdracht niet herkend word. toen ik met bootrec.exe probeerde had ik ook geen succes, het antwoord was toen dat de opdracht voltooid was.

    Is het veilig om mijn backups op een afzonderlijke partitie op dezelfde schijf te bewaren? of ben ik in dit geval beter af met een andere schijf? Anders zal ik pas morgen een backup kunnen nemen.

    In ieder geval al bedankt voor de geboden hulp.
  3. 18 October 2011, 11:01 #13
    EvelineGirl
    EvelineGirl is offline
    Spyware Slayer   EvelineGirl's schermafbeelding
    Geregistreerd
    4 November 2009
    Locatie
    Spijkenisse Zuid-Holland
    Berichten
    519
    Bedankjes
    99
    Bedankt
    483 keer in 259 posts
    Je kunt het beste een andere schijf hiervoor gebruiken. Of alles op cd's en dvd's zetten bijvoorbeeld of externe schijf.
    Ik heb mijn bericht hierboven gewijzigt; fixmbr moet /fixmbr zijn.
    Mvg,

  4. 18 October 2011, 21:47 #14
    Shinma
    Shinma is offline
    Up-to-date  
    Geregistreerd
    16 October 2011
    Berichten
    18
    Bedankjes
    1
    Bedankt
    1 keer in 1 post
    De MBR herstellen is niet gelukt via het prompt venster. Ik heb de exacte commando's ingegeven en gedubbelcheckt of ik wel op de juiste partitie werkte. Deze is in mijn geval E:\. Deze opdracht bleef hij echter straal negeren. Via bootrec geprobeerd, daar gaf hij het antwoord dat de opdracht al voltooid was. Zonder verdere keuzes. Omdat ik ook eens via een partitieprogramma wou proberen in windows zelf heb ik PartitionWizard de MBR laten rebuilden. Ik vrees echter dat dit niet het benodigde resultaat geeft. Tot slot dan maar TDSS laten lopen en hij vind nog steeds dezelfde medium risk threat:

    21:39:01.0121 3368 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
    21:39:01.0589 3368 ================================================== ==========
    21:39:01.0589 3368 Current date / time: 2011/10/18 21:39:01.0589
    21:39:01.0589 3368 SystemInfo:
    21:39:01.0589 3368
    21:39:01.0589 3368 OS Version: 6.1.7600 ServicePack: 0.0
    21:39:01.0589 3368 Product type: Workstation
    21:39:01.0589 3368 ComputerName: DESKTOPBOVEN
    21:39:01.0589 3368 UserName: Jens Sierens
    21:39:01.0589 3368 Windows directory: C:\Windows
    21:39:01.0589 3368 System windows directory: C:\Windows
    21:39:01.0589 3368 Processor architecture: Intel x86
    21:39:01.0589 3368 Number of processors: 2
    21:39:01.0589 3368 Page size: 0x1000
    21:39:01.0589 3368 Boot type: Normal boot
    21:39:01.0589 3368 ================================================== ==========
    21:39:02.0587 3368 Initialize success
    21:39:07.0189 3404 ================================================== ==========
    21:39:07.0189 3404 Scan started
    21:39:07.0189 3404 Mode: Manual;
    21:39:07.0189 3404 ================================================== ==========
    21:39:08.0562 3404 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
    21:39:08.0562 3404 1394ohci - ok
    21:39:08.0765 3404 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
    21:39:08.0765 3404 ACPI - ok
    21:39:08.0968 3404 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
    21:39:08.0968 3404 AcpiPmi - ok
    21:39:09.0155 3404 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    21:39:09.0171 3404 adp94xx - ok
    21:39:09.0467 3404 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    21:39:09.0467 3404 adpahci - ok
    21:39:09.0654 3404 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    21:39:09.0654 3404 adpu320 - ok
    21:39:09.0826 3404 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
    21:39:09.0841 3404 AFD - ok
    21:39:09.0997 3404 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
    21:39:09.0997 3404 agp440 - ok
    21:39:10.0200 3404 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    21:39:10.0216 3404 aic78xx - ok
    21:39:10.0372 3404 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
    21:39:10.0372 3404 aliide - ok
    21:39:10.0528 3404 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
    21:39:10.0528 3404 amdagp - ok
    21:39:10.0575 3404 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
    21:39:10.0575 3404 amdide - ok
    21:39:10.0809 3404 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    21:39:10.0809 3404 AmdK8 - ok
    21:39:11.0027 3404 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    21:39:11.0027 3404 AmdPPM - ok
    21:39:11.0261 3404 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
    21:39:11.0277 3404 amdsata - ok
    21:39:11.0589 3404 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    21:39:11.0604 3404 amdsbs - ok
    21:39:11.0776 3404 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
    21:39:11.0776 3404 amdxata - ok
    21:39:12.0072 3404 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
    21:39:12.0088 3404 AppID - ok
    21:39:12.0306 3404 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    21:39:12.0322 3404 arc - ok
    21:39:12.0384 3404 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    21:39:12.0400 3404 arcsas - ok
    21:39:12.0571 3404 AsIO (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
    21:39:12.0571 3404 AsIO - ok
    21:39:12.0852 3404 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:39:12.0868 3404 AsyncMac - ok
    21:39:13.0024 3404 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    21:39:13.0024 3404 atapi - ok
    21:39:13.0305 3404 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
    21:39:13.0398 3404 atikmdag - ok
    21:39:13.0585 3404 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
    21:39:13.0585 3404 AtiPcie - ok
    21:39:13.0851 3404 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    21:39:13.0866 3404 b06bdrv - ok
    21:39:14.0147 3404 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    21:39:14.0178 3404 b57nd60x - ok
    21:39:14.0381 3404 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    21:39:14.0381 3404 Beep - ok
    21:39:14.0490 3404 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    21:39:14.0490 3404 blbdrive - ok
    21:39:14.0646 3404 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
    21:39:14.0646 3404 bowser - ok
    21:39:14.0740 3404 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    21:39:14.0740 3404 BrFiltLo - ok
    21:39:14.0911 3404 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    21:39:14.0911 3404 BrFiltUp - ok
    21:39:15.0161 3404 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    21:39:15.0192 3404 Brserid - ok
    21:39:15.0364 3404 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    21:39:15.0364 3404 BrSerWdm - ok
    21:39:15.0504 3404 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:39:15.0504 3404 BrUsbMdm - ok
    21:39:15.0660 3404 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    21:39:15.0660 3404 BrUsbSer - ok
    21:39:15.0832 3404 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    21:39:15.0832 3404 BTHMODEM - ok
    21:39:16.0003 3404 catchme - ok
    21:39:16.0191 3404 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    21:39:16.0206 3404 cdfs - ok
    21:39:16.0393 3404 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
    21:39:16.0393 3404 cdrom - ok
    21:39:16.0612 3404 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    21:39:16.0612 3404 circlass - ok
    21:39:16.0768 3404 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    21:39:16.0768 3404 CLFS - ok
    21:39:16.0955 3404 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:39:16.0955 3404 CmBatt - ok
    21:39:17.0111 3404 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
    21:39:17.0111 3404 cmdide - ok
    21:39:17.0298 3404 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    21:39:17.0298 3404 CNG - ok
    21:39:17.0439 3404 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    21:39:17.0439 3404 Compbatt - ok
    21:39:17.0610 3404 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
    21:39:17.0610 3404 CompositeBus - ok
    21:39:17.0735 3404 cpuz135 - ok
    21:39:17.0829 3404 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    21:39:17.0829 3404 crcdisk - ok
    21:39:18.0031 3404 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
    21:39:18.0031 3404 CSC - ok
    21:39:18.0203 3404 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
    21:39:18.0203 3404 DfsC - ok
    21:39:18.0265 3404 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    21:39:18.0265 3404 discache - ok
    21:39:18.0453 3404 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    21:39:18.0453 3404 Disk - ok
    21:39:18.0624 3404 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    21:39:18.0624 3404 drmkaud - ok
    21:39:18.0733 3404 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
    21:39:18.0733 3404 DXGKrnl - ok
    21:39:18.0967 3404 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    21:39:19.0045 3404 ebdrv - ok
    21:39:19.0264 3404 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    21:39:19.0264 3404 elxstor - ok
    21:39:19.0420 3404 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
    21:39:19.0420 3404 ErrDev - ok
    21:39:19.0576 3404 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    21:39:19.0576 3404 exfat - ok
    21:39:19.0732 3404 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    21:39:19.0732 3404 fastfat - ok
    21:39:19.0903 3404 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    21:39:19.0903 3404 fdc - ok
    21:39:19.0981 3404 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    21:39:19.0981 3404 FileInfo - ok
    21:39:20.0137 3404 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    21:39:20.0137 3404 Filetrace - ok
    21:39:20.0278 3404 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:39:20.0278 3404 flpydisk - ok
    21:39:20.0418 3404 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    21:39:20.0434 3404 FltMgr - ok
    21:39:20.0574 3404 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    21:39:20.0574 3404 FsDepends - ok
    21:39:20.0715 3404 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    21:39:20.0715 3404 Fs_Rec - ok
    21:39:20.0933 3404 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
    21:39:20.0933 3404 fvevol - ok
    21:39:21.0120 3404 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    21:39:21.0120 3404 gagp30kx - ok
    21:39:21.0307 3404 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    21:39:21.0307 3404 hcw85cir - ok
    21:39:21.0526 3404 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
    21:39:21.0541 3404 HdAudAddService - ok
    21:39:21.0682 3404 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
    21:39:21.0697 3404 HDAudBus - ok
    21:39:21.0838 3404 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    21:39:21.0838 3404 HidBatt - ok
    21:39:21.0963 3404 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    21:39:21.0978 3404 HidBth - ok
    21:39:22.0150 3404 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    21:39:22.0150 3404 HidIr - ok
    21:39:22.0384 3404 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
    21:39:22.0384 3404 HidUsb - ok
    21:39:22.0555 3404 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
    21:39:22.0571 3404 HpSAMD - ok
    21:39:22.0727 3404 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
    21:39:22.0743 3404 HTTP - ok
    21:39:22.0883 3404 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
    21:39:22.0883 3404 hwpolicy - ok
    21:39:23.0055 3404 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
    21:39:23.0055 3404 i8042prt - ok
    21:39:23.0242 3404 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
    21:39:23.0242 3404 iaStorV - ok
    21:39:23.0413 3404 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    21:39:23.0429 3404 iirsp - ok
    21:39:23.0554 3404 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
    21:39:23.0554 3404 intelide - ok
    21:39:23.0725 3404 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    21:39:23.0725 3404 intelppm - ok
    21:39:23.0881 3404 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:39:23.0881 3404 IpFilterDriver - ok
    21:39:24.0022 3404 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    21:39:24.0022 3404 IPMIDRV - ok
    21:39:24.0100 3404 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    21:39:24.0100 3404 IPNAT - ok
    21:39:24.0318 3404 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    21:39:24.0318 3404 IRENUM - ok
    21:39:24.0443 3404 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
    21:39:24.0459 3404 isapnp - ok
    21:39:24.0599 3404 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
    21:39:24.0599 3404 iScsiPrt - ok
    21:39:24.0771 3404 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    21:39:24.0771 3404 kbdclass - ok
    21:39:24.0958 3404 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
    21:39:24.0973 3404 kbdhid - ok
    21:39:25.0161 3404 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
    21:39:25.0161 3404 KSecDD - ok
    21:39:25.0301 3404 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
    21:39:25.0301 3404 KSecPkg - ok
    21:39:25.0504 3404 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    21:39:25.0504 3404 lltdio - ok
    21:39:25.0675 3404 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    21:39:25.0691 3404 LSI_FC - ok
    21:39:25.0863 3404 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    21:39:25.0863 3404 LSI_SAS - ok
    21:39:26.0050 3404 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    21:39:26.0065 3404 LSI_SAS2 - ok
    21:39:26.0206 3404 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    21:39:26.0206 3404 LSI_SCSI - ok
    21:39:26.0268 3404 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    21:39:26.0268 3404 luafv - ok
    21:39:26.0299 3404 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    21:39:26.0299 3404 megasas - ok
    21:39:26.0377 3404 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    21:39:26.0377 3404 MegaSR - ok
    21:39:26.0611 3404 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    21:39:26.0611 3404 Modem - ok
    21:39:26.0814 3404 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    21:39:26.0814 3404 monitor - ok
    21:39:26.0986 3404 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    21:39:26.0986 3404 mouclass - ok
    21:39:27.0173 3404 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    21:39:27.0173 3404 mouhid - ok
    21:39:27.0345 3404 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
    21:39:27.0345 3404 mountmgr - ok
    21:39:27.0485 3404 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
    21:39:27.0501 3404 mpio - ok
    21:39:27.0641 3404 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    21:39:27.0641 3404 mpsdrv - ok
    21:39:27.0781 3404 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
    21:39:27.0781 3404 MRxDAV - ok
    21:39:27.0953 3404 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:39:27.0953 3404 mrxsmb - ok
    21:39:28.0093 3404 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:39:28.0093 3404 mrxsmb10 - ok
    21:39:28.0249 3404 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:39:28.0249 3404 mrxsmb20 - ok
    21:39:28.0390 3404 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
    21:39:28.0405 3404 msahci - ok
    21:39:28.0483 3404 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
    21:39:28.0483 3404 msdsm - ok
    21:39:28.0702 3404 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    21:39:28.0702 3404 Msfs - ok
    21:39:28.0889 3404 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    21:39:28.0889 3404 mshidkmdf - ok
    21:39:29.0029 3404 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
    21:39:29.0029 3404 msisadrv - ok
    21:39:29.0201 3404 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    21:39:29.0201 3404 MSKSSRV - ok
    21:39:29.0404 3404 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:39:29.0404 3404 MSPCLOCK - ok
    21:39:29.0607 3404 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    21:39:29.0607 3404 MSPQM - ok
    21:39:29.0747 3404 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    21:39:29.0747 3404 MsRPC - ok
    21:39:29.0903 3404 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    21:39:29.0903 3404 mssmbios - ok
    21:39:30.0090 3404 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    21:39:30.0090 3404 MSTEE - ok
    21:39:30.0106 3404 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    21:39:30.0106 3404 MTConfig - ok
    21:39:30.0293 3404 MTsensor (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS\ASACPI.sys
    21:39:30.0293 3404 MTsensor - ok
    21:39:30.0449 3404 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    21:39:30.0449 3404 Mup - ok
    21:39:30.0543 3404 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    21:39:30.0558 3404 NativeWifiP - ok
    21:39:30.0761 3404 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
    21:39:30.0792 3404 NDIS - ok
    21:39:30.0933 3404 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    21:39:30.0933 3404 NdisCap - ok
    21:39:31.0120 3404 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    21:39:31.0135 3404 NdisTapi - ok
    21:39:31.0307 3404 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
    21:39:31.0307 3404 Ndisuio - ok
    21:39:31.0447 3404 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
    21:39:31.0447 3404 NdisWan - ok
    21:39:31.0588 3404 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
    21:39:31.0603 3404 NDProxy - ok
    21:39:31.0744 3404 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    21:39:31.0744 3404 NetBIOS - ok
    21:39:31.0900 3404 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
    21:39:31.0900 3404 NetBT - ok
    21:39:32.0181 3404 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    21:39:32.0181 3404 nfrd960 - ok
    21:39:32.0368 3404 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    21:39:32.0368 3404 Npfs - ok
    21:39:32.0493 3404 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    21:39:32.0493 3404 nsiproxy - ok
    21:39:32.0664 3404 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
    21:39:32.0695 3404 Ntfs - ok
    21:39:32.0820 3404 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    21:39:32.0836 3404 Null - ok
    21:39:32.0961 3404 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
    21:39:32.0976 3404 nvraid - ok
    21:39:33.0132 3404 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
    21:39:33.0132 3404 nvstor - ok
    21:39:33.0288 3404 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
    21:39:33.0304 3404 nv_agp - ok
    21:39:33.0413 3404 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
    21:39:33.0413 3404 ohci1394 - ok
    21:39:33.0631 3404 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    21:39:33.0647 3404 Parport - ok
    21:39:33.0647 3404 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
    21:39:33.0663 3404 partmgr - ok
    21:39:33.0663 3404 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    21:39:33.0678 3404 Parvdm - ok
    21:39:33.0741 3404 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
    21:39:33.0741 3404 pci - ok
    21:39:33.0756 3404 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    21:39:33.0756 3404 pciide - ok
    21:39:33.0897 3404 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    21:39:33.0897 3404 pcmcia - ok
    21:39:34.0006 3404 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    21:39:34.0006 3404 pcw - ok
    21:39:34.0131 3404 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    21:39:34.0146 3404 PEAUTH - ok
    21:39:34.0365 3404 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    21:39:34.0365 3404 PptpMiniport - ok
    21:39:34.0489 3404 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    21:39:34.0505 3404 Processor - ok
    21:39:34.0692 3404 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    21:39:34.0692 3404 Psched - ok
    21:39:34.0848 3404 pwdrvio (c50de6d0c04b230f185a13fde0f047fa) C:\Windows\system32\pwdrvio.sys
    21:39:34.0864 3404 pwdrvio - ok
    21:39:35.0082 3404 pwdspio (cdc5704308222400ad606bcf87b006a5) C:\Windows\system32\pwdspio.sys
    21:39:35.0098 3404 pwdspio - ok
    21:39:35.0301 3404 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    21:39:35.0316 3404 ql2300 - ok
    21:39:35.0488 3404 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    21:39:35.0488 3404 ql40xx - ok
    21:39:35.0628 3404 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    21:39:35.0628 3404 QWAVEdrv - ok
    21:39:35.0769 3404 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    21:39:35.0784 3404 RasAcd - ok
    21:39:35.0940 3404 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:39:35.0940 3404 RasAgileVpn - ok
    21:39:36.0112 3404 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:39:36.0112 3404 Rasl2tp - ok
    21:39:36.0283 3404 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:39:36.0283 3404 RasPppoe - ok
    21:39:36.0346 3404 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    21:39:36.0346 3404 RasSstp - ok
    21:39:36.0471 3404 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
    21:39:36.0486 3404 rdbss - ok
    21:39:36.0627 3404 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    21:39:36.0627 3404 rdpbus - ok
    21:39:36.0705 3404 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:39:36.0705 3404 RDPCDD - ok
    21:39:36.0814 3404 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
    21:39:36.0814 3404 RDPDR - ok
    21:39:36.0970 3404 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    21:39:36.0985 3404 RDPENCDD - ok
    21:39:37.0095 3404 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    21:39:37.0110 3404 RDPREFMP - ok
    21:39:37.0235 3404 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
    21:39:37.0235 3404 RDPWD - ok
    21:39:37.0407 3404 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
    21:39:37.0407 3404 rdyboost - ok
    21:39:37.0609 3404 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    21:39:37.0609 3404 rspndr - ok
    21:39:37.0765 3404 RT61 (581e74880aeb1dba1cb5ac8e6e6c0a69) C:\Windows\system32\DRIVERS\RT61.sys
    21:39:37.0765 3404 RT61 - ok
    21:39:37.0921 3404 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\Windows\system32\DRIVERS\Rt86win7.sys
    21:39:37.0921 3404 RTL8167 - ok
    21:39:38.0093 3404 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
    21:39:38.0093 3404 s3cap - ok
    21:39:38.0218 3404 SASDIFSV - ok
    21:39:38.0358 3404 SASKUTIL - ok
    21:39:38.0530 3404 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
    21:39:38.0545 3404 sbp2port - ok
    21:39:38.0748 3404 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
    21:39:38.0748 3404 scfilter - ok
    21:39:38.0826 3404 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    21:39:38.0842 3404 secdrv - ok
    21:39:38.0998 3404 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    21:39:39.0013 3404 Serenum - ok
    21:39:39.0169 3404 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    21:39:39.0185 3404 sermouse - ok
    21:39:39.0325 3404 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
    21:39:39.0325 3404 sffdisk - ok
    21:39:39.0450 3404 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    21:39:39.0450 3404 sffp_mmc - ok
    21:39:39.0591 3404 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
    21:39:39.0591 3404 sffp_sd - ok
    21:39:39.0669 3404 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    21:39:39.0669 3404 sfloppy - ok
    21:39:39.0871 3404 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
    21:39:39.0871 3404 sisagp - ok
    21:39:40.0027 3404 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    21:39:40.0027 3404 SiSRaid2 - ok
    21:39:40.0059 3404 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    21:39:40.0059 3404 SiSRaid4 - ok
    21:39:40.0183 3404 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    21:39:40.0199 3404 Smb - ok
    21:39:40.0324 3404 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    21:39:40.0324 3404 spldr - ok
    21:39:40.0480 3404 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
    21:39:40.0480 3404 srv - ok
    21:39:40.0667 3404 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
    21:39:40.0667 3404 srv2 - ok
    21:39:40.0807 3404 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
    21:39:40.0807 3404 srvnet - ok
    21:39:40.0979 3404 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    21:39:40.0979 3404 stexstor - ok
    21:39:41.0104 3404 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
    21:39:41.0104 3404 storflt - ok
    21:39:41.0275 3404 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
    21:39:41.0275 3404 storvsc - ok
    21:39:41.0338 3404 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    21:39:41.0338 3404 swenum - ok
    21:39:41.0619 3404 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys
    21:39:41.0650 3404 Tcpip - ok
    21:39:41.0899 3404 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys
    21:39:41.0899 3404 TCPIP6 - ok
    21:39:42.0055 3404 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
    21:39:42.0055 3404 tcpipreg - ok
    21:39:42.0118 3404 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
    21:39:42.0133 3404 TDPIPE - ok
    21:39:42.0274 3404 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
    21:39:42.0274 3404 TDTCP - ok
    21:39:42.0399 3404 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
    21:39:42.0399 3404 tdx - ok
    21:39:42.0461 3404 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
    21:39:42.0461 3404 TermDD - ok
    21:39:42.0648 3404 tmrkb (7e2887341a3164dedc9b89082c24aeca) C:\Windows\system32\DRIVERS\tmrkb.sys
    21:39:42.0648 3404 Suspicious file (Forged): C:\Windows\system32\DRIVERS\tmrkb.sys. Real md5: 7e2887341a3164dedc9b89082c24aeca, Fake md5: b44d1e95a4c70853230a2e1cd0dac0b9
    21:39:42.0648 3404 tmrkb ( ForgedFile.Multi.Generic ) - warning
    21:39:42.0648 3404 tmrkb - detected ForgedFile.Multi.Generic (1)
    21:39:42.0820 3404 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:39:42.0820 3404 tssecsrv - ok
    21:39:42.0976 3404 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
    21:39:42.0976 3404 tunnel - ok
    21:39:43.0007 3404 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    21:39:43.0007 3404 uagp35 - ok
    21:39:43.0023 3404 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
    21:39:43.0023 3404 udfs - ok
    21:39:43.0225 3404 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
    21:39:43.0225 3404 uliagpkx - ok
    21:39:43.0397 3404 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
    21:39:43.0397 3404 umbus - ok
    21:39:43.0553 3404 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    21:39:43.0553 3404 UmPass - ok
    21:39:43.0725 3404 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
    21:39:43.0740 3404 usbaudio - ok
    21:39:43.0865 3404 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:39:43.0865 3404 usbccgp - ok
    21:39:44.0021 3404 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
    21:39:44.0037 3404 usbcir - ok
    21:39:44.0130 3404 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
    21:39:44.0130 3404 usbehci - ok
    21:39:44.0302 3404 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
    21:39:44.0302 3404 usbhub - ok
    21:39:44.0427 3404 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\DRIVERS\usbohci.sys
    21:39:44.0427 3404 usbohci - ok
    21:39:44.0536 3404 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    21:39:44.0536 3404 usbprint - ok
    21:39:44.0629 3404 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:39:44.0629 3404 USBSTOR - ok
    21:39:44.0770 3404 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
    21:39:44.0770 3404 usbuhci - ok
    21:39:44.0941 3404 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
    21:39:44.0941 3404 vdrvroot - ok
    21:39:45.0113 3404 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:39:45.0113 3404 vga - ok
    21:39:45.0191 3404 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    21:39:45.0207 3404 VgaSave - ok
    21:39:45.0222 3404 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
    21:39:45.0222 3404 vhdmp - ok
    21:39:45.0363 3404 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
    21:39:45.0378 3404 viaagp - ok
    21:39:45.0394 3404 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    21:39:45.0394 3404 ViaC7 - ok
    21:39:45.0612 3404 VIAHdAudAddService (dc56a867a2d92e1c51cb6d3f9c540548) C:\Windows\system32\drivers\viahduaa.sys
    21:39:45.0643 3404 VIAHdAudAddService - ok
    21:39:45.0768 3404 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
    21:39:45.0768 3404 viaide - ok
    21:39:45.0815 3404 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
    21:39:45.0815 3404 vmbus - ok
    21:39:45.0831 3404 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
    21:39:45.0846 3404 VMBusHID - ok
    21:39:46.0002 3404 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
    21:39:46.0002 3404 volmgr - ok
    21:39:46.0096 3404 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    21:39:46.0096 3404 volmgrx - ok
    21:39:46.0189 3404 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
    21:39:46.0205 3404 volsnap - ok
    21:39:46.0314 3404 vpcbus (33e74df34753fcaab06f6f2bdc8cabf5) C:\Windows\system32\DRIVERS\vpchbus.sys
    21:39:46.0314 3404 vpcbus - ok
    21:39:46.0548 3404 vpcnfltr (5f04362ceb5fb5901037e9d9eadd3760) C:\Windows\system32\DRIVERS\vpcnfltr.sys
    21:39:46.0548 3404 vpcnfltr - ok
    21:39:46.0704 3404 vpcusb (625088d6ee9ede977fd03cf18d1cd5c5) C:\Windows\system32\DRIVERS\vpcusb.sys
    21:39:46.0704 3404 vpcusb - ok
    21:39:46.0876 3404 vpcvmm (1023c696d42268e9071bb376dbec8396) C:\Windows\system32\drivers\vpcvmm.sys
    21:39:46.0876 3404 vpcvmm - ok
    21:39:47.0047 3404 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    21:39:47.0047 3404 vsmraid - ok
    21:39:47.0266 3404 VSPerfDrv100 (5a2ddc5411a092bedb1a07755e087784) C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
    21:39:47.0375 3404 VSPerfDrv100 - ok
    21:39:47.0578 3404 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
    21:39:47.0593 3404 vwifibus - ok
    21:39:47.0765 3404 wacmoumonitor (c3b03ed7b06657a3355f620bc02acfb6) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
    21:39:47.0781 3404 wacmoumonitor - ok
    21:39:47.0999 3404 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys
    21:39:47.0999 3404 wacommousefilter - ok
    21:39:48.0217 3404 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    21:39:48.0233 3404 WacomPen - ok
    21:39:48.0514 3404 wacomvhid (846b58ea44bf8c92e4b59f4e2252c4c0) C:\Windows\system32\DRIVERS\wacomvhid.sys
    21:39:48.0514 3404 wacomvhid - ok
    21:39:48.0763 3404 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    21:39:48.0779 3404 WANARP - ok
    21:39:48.0795 3404 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    21:39:48.0795 3404 Wanarpv6 - ok
    21:39:49.0138 3404 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    21:39:49.0153 3404 Wd - ok
    21:39:49.0341 3404 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    21:39:49.0341 3404 Wdf01000 - ok
    21:39:49.0559 3404 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    21:39:49.0559 3404 WfpLwf - ok
    21:39:49.0684 3404 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    21:39:49.0684 3404 WIMMount - ok
    21:39:49.0887 3404 WinDriver6 (0a597f84bc8af4229b529f655bb2ba14) C:\Windows\system32\drivers\windrvr6.sys
    21:39:49.0902 3404 WinDriver6 - ok
    21:39:50.0136 3404 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    21:39:50.0136 3404 WmiAcpi - ok
    21:39:50.0355 3404 WRkrn (6f759df9b7b1ddd22febe80cd942b54f) C:\Windows\system32\drivers\WRkrn.sys
    21:39:50.0355 3404 WRkrn - ok
    21:39:50.0464 3404 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    21:39:50.0464 3404 ws2ifsl - ok
    21:39:50.0620 3404 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    21:39:50.0620 3404 WudfPf - ok
    21:39:50.0807 3404 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:39:50.0807 3404 WUDFRd - ok
    21:39:50.0869 3404 MBR (0x1B8) (f46767ae2998ea7510ca3750adfc1357) \Device\Harddisk0\DR0
    21:39:51.0025 3404 \Device\Harddisk0\DR0 - ok
    21:39:51.0041 3404 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk1\DR1
    21:39:51.0041 3404 \Device\Harddisk1\DR1 - ok
    21:39:51.0041 3404 Boot (0x1200) (71301cf578259c44eac051a30ed79edd) \Device\Harddisk0\DR0\Partition0
    21:39:51.0041 3404 \Device\Harddisk0\DR0\Partition0 - ok
    21:39:51.0057 3404 Boot (0x1200) (2746959d8da5bc6d6b27c080fc47f0e3) \Device\Harddisk0\DR0\Partition1
    21:39:51.0057 3404 \Device\Harddisk0\DR0\Partition1 - ok
    21:39:51.0057 3404 Boot (0x1200) (1b11360251bf637005d28619ac9fa751) \Device\Harddisk1\DR1\Partition0
    21:39:51.0057 3404 \Device\Harddisk1\DR1\Partition0 - ok
    21:39:51.0072 3404 Boot (0x1200) (b1fbf230aa5a079fd8c945ff08808f03) \Device\Harddisk1\DR1\Partition1
    21:39:51.0072 3404 \Device\Harddisk1\DR1\Partition1 - ok
    21:39:51.0072 3404 ================================================== ==========
    21:39:51.0072 3404 Scan finished
    21:39:51.0072 3404 ================================================== ==========
    21:39:51.0088 3296 Detected object count: 1
    21:39:51.0088 3296 Actual detected object count: 1
    21:39:54.0801 3296 tmrkb ( ForgedFile.Multi.Generic ) - skipped by user
    21:39:54.0801 3296 tmrkb ( ForgedFile.Multi.Generic ) - User select action: Skip

    Ik hoop dat hier in ieder geval nog iets aan te doen is. We zijn nu al zover gekomen en de rootkit lijkt me toch verwijderd te zijn?
  5. 19 October 2011, 13:11 #15
    EvelineGirl
    EvelineGirl is offline
    Spyware Slayer   EvelineGirl's schermafbeelding
    Geregistreerd
    4 November 2009
    Locatie
    Spijkenisse Zuid-Holland
    Berichten
    519
    Bedankjes
    99
    Bedankt
    483 keer in 259 posts
    Ik ben er nog niet gerust op. Deze melding komt toch elke keer weer terug. ook al staat er nu geen ZAcces meer achter. Iets zegt me dat het nog niet lekker zit.

    We proberen dit:

    1.
    Start aswMBR.exe opnieuw.
    Vista en windows 7 -> Rechtsklik uitvoeren als Administrator.

    • Klik bij het volgende venster op "Nee"

    • Klik op de knop "scan"
    • Klik nu op de knop "Fix" of "FixMBR"
    • Herstart hierna de computer en laat aswMBR nogmaals scannen en plaats hiervan het nieuwe logje.
    2.
    Nu nogmaals TDSSKiller laten scannen.

    3.
    Blijft het hetzelfde dan denk ik dat we wel safe zitten. Dan mag je een online scan met ESET uitvoeren:
    Ga naar de site van de ESET Online Scanner
    • Klik op de knop ESET Online Scanner
    • Zet een vinkje bij YES, I accept the Terms of Use
    • Klik op Start
    • Sta het ActiveX control toe om te installeren.
    • Klik op "Advanced settings"
    • Zet een vinkje bij de volgende opties:
      • Remove found threats
      • Scan archives
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • Klik op Start
    • De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
    • Je mag het venster sluiten wanneer de scan klaar is.
    • Gebruik Kladblok om het logje te openen. Dit logje vind je op de locatie C:\Program Files\EsetOnlineScanner\log.txt
    • Kopieer en plak de inhoud van dit logje in je volgende bericht.
    Laatst gewijzigd door EvelineGirl; 19 October 2011 om 13:14
    Mvg,

  6. 19 October 2011, 20:07 #16
    Shinma
    Shinma is offline
    Up-to-date  
    Geregistreerd
    16 October 2011
    Berichten
    18
    Bedankjes
    1
    Bedankt
    1 keer in 1 post
    Dag EvelineGirl,

    Hier ben ik weer met nieuwe resultaten. In volgorde zoals hierboven vermeld.

    aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
    Run date: 2011-10-19 15:40:53
    -----------------------------
    15:40:53.300 OS Version: Windows 6.1.7600
    15:40:53.300 Number of processors: 2 586 0x6B02
    15:40:53.300 ComputerName: DESKTOPBOVEN UserName: Jens Sierens
    15:40:59.088 Initialize success
    15:41:04.627 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    15:41:04.627 Disk 0 Vendor: ST3160318AS CC38 Size: 152627MB BusType: 3
    15:41:04.627 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-2
    15:41:04.643 Disk 1 Vendor: ST3500320AS SD15 Size: 476940MB BusType: 3
    15:41:06.671 Disk 0 MBR read successfully
    15:41:06.687 Disk 0 MBR scan
    15:41:06.687 Disk 0 Windows 7 default MBR code
    15:41:06.687 Disk 0 scanning sectors +312578048
    15:41:06.780 Disk 0 scanning C:\Windows\system32\drivers
    15:41:14.315 Service scanning
    15:41:18.075 Modules scanning
    15:41:35.593 Disk 0 trace - called modules:
    15:41:35.609 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
    15:41:35.625 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8625e030]
    15:41:35.625 3 CLASSPNP.SYS[8bddf59e] -> nt!IofCallDriver -> [0x86718408]
    15:41:35.625 5 ACPI.sys[8383d3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86713908]
    15:41:35.640 Scan finished successfully
    15:41:54.017 Disk 0 MBR has been saved successfully to "C:\Users\Jens Sierens\Desktop\cleanuplogs\MBR.dat"
    15:41:54.017 The log file has been saved successfully to "C:\Users\Jens Sierens\Desktop\cleanuplogs\aswMBR.txt"


    15:43:03.0369 3924 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27
    15:43:03.0462 3924 ================================================== ==========
    15:43:03.0462 3924 Current date / time: 2011/10/19 15:43:03.0462
    15:43:03.0462 3924 SystemInfo:
    15:43:03.0462 3924
    15:43:03.0462 3924 OS Version: 6.1.7600 ServicePack: 0.0
    15:43:03.0462 3924 Product type: Workstation
    15:43:03.0462 3924 ComputerName: DESKTOPBOVEN
    15:43:03.0462 3924 UserName: Jens Sierens
    15:43:03.0462 3924 Windows directory: C:\Windows
    15:43:03.0462 3924 System windows directory: C:\Windows
    15:43:03.0462 3924 Processor architecture: Intel x86
    15:43:03.0462 3924 Number of processors: 2
    15:43:03.0462 3924 Page size: 0x1000
    15:43:03.0462 3924 Boot type: Normal boot
    15:43:03.0462 3924 ================================================== ==========
    15:43:04.0398 3924 Initialize success
    15:43:16.0270 2220 ================================================== ==========
    15:43:16.0270 2220 Scan started
    15:43:16.0270 2220 Mode: Manual;
    15:43:16.0270 2220 ================================================== ==========
    15:43:17.0190 2220 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
    15:43:17.0190 2220 1394ohci - ok
    15:43:17.0299 2220 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
    15:43:17.0315 2220 ACPI - ok
    15:43:17.0471 2220 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
    15:43:17.0471 2220 AcpiPmi - ok
    15:43:17.0643 2220 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    15:43:17.0643 2220 adp94xx - ok
    15:43:17.0799 2220 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    15:43:17.0799 2220 adpahci - ok
    15:43:17.0955 2220 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    15:43:17.0955 2220 adpu320 - ok
    15:43:18.0126 2220 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
    15:43:18.0126 2220 AFD - ok
    15:43:18.0157 2220 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
    15:43:18.0157 2220 agp440 - ok
    15:43:18.0298 2220 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    15:43:18.0313 2220 aic78xx - ok
    15:43:18.0469 2220 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
    15:43:18.0469 2220 aliide - ok
    15:43:18.0547 2220 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
    15:43:18.0547 2220 amdagp - ok
    15:43:18.0625 2220 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
    15:43:18.0625 2220 amdide - ok
    15:43:18.0813 2220 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    15:43:18.0813 2220 AmdK8 - ok
    15:43:18.0828 2220 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    15:43:18.0828 2220 AmdPPM - ok
    15:43:19.0000 2220 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
    15:43:19.0000 2220 amdsata - ok
    15:43:19.0156 2220 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    15:43:19.0156 2220 amdsbs - ok
    15:43:19.0187 2220 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
    15:43:19.0187 2220 amdxata - ok
    15:43:19.0343 2220 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
    15:43:19.0343 2220 AppID - ok
    15:43:19.0530 2220 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    15:43:19.0530 2220 arc - ok
    15:43:19.0530 2220 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    15:43:19.0530 2220 arcsas - ok
    15:43:19.0686 2220 AsIO (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
    15:43:19.0686 2220 AsIO - ok
    15:43:19.0858 2220 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    15:43:19.0858 2220 AsyncMac - ok
    15:43:19.0873 2220 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    15:43:19.0873 2220 atapi - ok
    15:43:20.0107 2220 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
    15:43:20.0185 2220 atikmdag - ok
    15:43:20.0341 2220 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
    15:43:20.0341 2220 AtiPcie - ok
    15:43:20.0529 2220 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    15:43:20.0544 2220 b06bdrv - ok
    15:43:20.0700 2220 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    15:43:20.0700 2220 b57nd60x - ok
    15:43:20.0856 2220 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    15:43:20.0856 2220 Beep - ok
    15:43:20.0965 2220 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    15:43:20.0965 2220 blbdrive - ok
    15:43:21.0043 2220 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
    15:43:21.0043 2220 bowser - ok
    15:43:21.0137 2220 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    15:43:21.0137 2220 BrFiltLo - ok
    15:43:21.0215 2220 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    15:43:21.0215 2220 BrFiltUp - ok
    15:43:21.0371 2220 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    15:43:21.0371 2220 Brserid - ok
    15:43:21.0433 2220 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    15:43:21.0433 2220 BrSerWdm - ok
    15:43:21.0511 2220 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    15:43:21.0511 2220 BrUsbMdm - ok
    15:43:21.0574 2220 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    15:43:21.0574 2220 BrUsbSer - ok
    15:43:21.0652 2220 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    15:43:21.0652 2220 BTHMODEM - ok
    15:43:21.0761 2220 catchme - ok
    15:43:21.0933 2220 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    15:43:21.0933 2220 cdfs - ok
    15:43:22.0104 2220 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
    15:43:22.0104 2220 cdrom - ok
    15:43:22.0198 2220 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    15:43:22.0198 2220 circlass - ok
    15:43:22.0229 2220 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    15:43:22.0229 2220 CLFS - ok
    15:43:22.0401 2220 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    15:43:22.0401 2220 CmBatt - ok
    15:43:22.0416 2220 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
    15:43:22.0416 2220 cmdide - ok
    15:43:22.0557 2220 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    15:43:22.0557 2220 CNG - ok
    15:43:22.0572 2220 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    15:43:22.0572 2220 Compbatt - ok
    15:43:22.0728 2220 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
    15:43:22.0728 2220 CompositeBus - ok
    15:43:22.0853 2220 cpuz135 - ok
    15:43:22.0931 2220 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    15:43:22.0931 2220 crcdisk - ok
    15:43:23.0118 2220 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
    15:43:23.0118 2220 CSC - ok
    15:43:23.0290 2220 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
    15:43:23.0290 2220 DfsC - ok
    15:43:23.0321 2220 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    15:43:23.0321 2220 discache - ok
    15:43:23.0493 2220 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    15:43:23.0493 2220 Disk - ok
    15:43:23.0649 2220 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    15:43:23.0649 2220 drmkaud - ok
    15:43:23.0742 2220 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
    15:43:23.0758 2220 DXGKrnl - ok
    15:43:23.0945 2220 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    15:43:23.0992 2220 ebdrv - ok
    15:43:24.0163 2220 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    15:43:24.0163 2220 elxstor - ok
    15:43:24.0195 2220 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
    15:43:24.0195 2220 ErrDev - ok
    15:43:24.0366 2220 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    15:43:24.0366 2220 exfat - ok
    15:43:24.0491 2220 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    15:43:24.0491 2220 fastfat - ok
    15:43:24.0647 2220 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    15:43:24.0647 2220 fdc - ok
    15:43:24.0678 2220 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    15:43:24.0678 2220 FileInfo - ok
    15:43:24.0819 2220 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    15:43:24.0819 2220 Filetrace - ok
    15:43:24.0943 2220 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    15:43:24.0943 2220 flpydisk - ok
    15:43:25.0053 2220 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    15:43:25.0068 2220 FltMgr - ok
    15:43:25.0193 2220 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    15:43:25.0193 2220 FsDepends - ok
    15:43:25.0209 2220 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    15:43:25.0209 2220 Fs_Rec - ok
    15:43:25.0396 2220 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
    15:43:25.0396 2220 fvevol - ok
    15:43:25.0521 2220 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    15:43:25.0521 2220 gagp30kx - ok
    15:43:25.0708 2220 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    15:43:25.0708 2220 hcw85cir - ok
    15:43:25.0833 2220 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
    15:43:25.0848 2220 HdAudAddService - ok
    15:43:25.0942 2220 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
    15:43:25.0942 2220 HDAudBus - ok
    15:43:26.0098 2220 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    15:43:26.0098 2220 HidBatt - ok
    15:43:26.0285 2220 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    15:43:26.0285 2220 HidBth - ok
    15:43:26.0441 2220 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    15:43:26.0457 2220 HidIr - ok
    15:43:26.0659 2220 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
    15:43:26.0659 2220 HidUsb - ok
    15:43:26.0862 2220 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
    15:43:26.0862 2220 HpSAMD - ok
    15:43:27.0034 2220 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
    15:43:27.0065 2220 HTTP - ok
    15:43:27.0221 2220 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
    15:43:27.0221 2220 hwpolicy - ok
    15:43:27.0393 2220 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
    15:43:27.0393 2220 i8042prt - ok
    15:43:27.0642 2220 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
    15:43:27.0642 2220 iaStorV - ok
    15:43:27.0814 2220 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    15:43:27.0814 2220 iirsp - ok
    15:43:28.0017 2220 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
    15:43:28.0017 2220 intelide - ok
    15:43:28.0344 2220 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    15:43:28.0344 2220 intelppm - ok
    15:43:28.0578 2220 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    15:43:28.0578 2220 IpFilterDriver - ok
    15:43:28.0812 2220 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    15:43:28.0812 2220 IPMIDRV - ok
    15:43:29.0062 2220 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    15:43:29.0062 2220 IPNAT - ok
    15:43:29.0218 2220 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    15:43:29.0218 2220 IRENUM - ok
    15:43:29.0405 2220 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
    15:43:29.0405 2220 isapnp - ok
    15:43:29.0608 2220 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
    15:43:29.0608 2220 iScsiPrt - ok
    15:43:29.0779 2220 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    15:43:29.0779 2220 kbdclass - ok
    15:43:30.0091 2220 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
    15:43:30.0091 2220 kbdhid - ok
    15:43:30.0279 2220 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
    15:43:30.0279 2220 KSecDD - ok
    15:43:30.0528 2220 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
    15:43:30.0528 2220 KSecPkg - ok
    15:43:30.0715 2220 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    15:43:30.0715 2220 lltdio - ok
    15:43:30.0949 2220 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    15:43:30.0949 2220 LSI_FC - ok
    15:43:31.0183 2220 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    15:43:31.0183 2220 LSI_SAS - ok
    15:43:31.0386 2220 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    15:43:31.0386 2220 LSI_SAS2 - ok
    15:43:31.0542 2220 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    15:43:31.0542 2220 LSI_SCSI - ok
    15:43:31.0792 2220 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    15:43:31.0792 2220 luafv - ok
    15:43:31.0917 2220 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    15:43:31.0917 2220 megasas - ok
    15:43:32.0182 2220 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    15:43:32.0275 2220 MegaSR - ok
    15:43:32.0478 2220 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    15:43:32.0478 2220 Modem - ok
    15:43:32.0665 2220 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    15:43:32.0665 2220 monitor - ok
    15:43:32.0821 2220 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    15:43:32.0821 2220 mouclass - ok
    15:43:32.0993 2220 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    15:43:32.0993 2220 mouhid - ok
    15:43:33.0165 2220 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
    15:43:33.0180 2220 mountmgr - ok
    15:43:33.0258 2220 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
    15:43:33.0274 2220 mpio - ok
    15:43:33.0430 2220 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    15:43:33.0430 2220 mpsdrv - ok
    15:43:33.0508 2220 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
    15:43:33.0523 2220 MRxDAV - ok
    15:43:33.0601 2220 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
    15:43:33.0601 2220 mrxsmb - ok
    15:43:33.0711 2220 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    15:43:33.0711 2220 mrxsmb10 - ok
    15:43:33.0851 2220 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    15:43:33.0867 2220 mrxsmb20 - ok
    15:43:34.0007 2220 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
    15:43:34.0007 2220 msahci - ok
    15:43:34.0163 2220 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
    15:43:34.0163 2220 msdsm - ok
    15:43:34.0350 2220 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    15:43:34.0350 2220 Msfs - ok
    15:43:34.0506 2220 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    15:43:34.0506 2220 mshidkmdf - ok
    15:43:34.0647 2220 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
    15:43:34.0647 2220 msisadrv - ok
    15:43:34.0881 2220 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    15:43:34.0881 2220 MSKSSRV - ok
    15:43:35.0052 2220 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    15:43:35.0052 2220 MSPCLOCK - ok
    15:43:35.0224 2220 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    15:43:35.0224 2220 MSPQM - ok
    15:43:35.0411 2220 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    15:43:35.0427 2220 MsRPC - ok
    15:43:35.0629 2220 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    15:43:35.0629 2220 mssmbios - ok
    15:43:35.0848 2220 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    15:43:35.0848 2220 MSTEE - ok
    15:43:36.0019 2220 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    15:43:36.0019 2220 MTConfig - ok
    15:43:36.0409 2220 MTsensor (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS\ASACPI.sys
    15:43:36.0409 2220 MTsensor - ok
    15:43:36.0675 2220 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    15:43:36.0675 2220 Mup - ok
    15:43:36.0893 2220 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    15:43:36.0893 2220 NativeWifiP - ok
    15:43:37.0127 2220 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
    15:43:37.0143 2220 NDIS - ok
    15:43:37.0314 2220 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    15:43:37.0314 2220 NdisCap - ok
    15:43:37.0533 2220 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    15:43:37.0533 2220 NdisTapi - ok
    15:43:37.0923 2220 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
    15:43:37.0923 2220 Ndisuio - ok
    15:43:38.0172 2220 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
    15:43:38.0172 2220 NdisWan - ok
    15:43:38.0391 2220 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
    15:43:38.0391 2220 NDProxy - ok
    15:43:38.0656 2220 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    15:43:38.0656 2220 NetBIOS - ok
    15:43:38.0874 2220 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
    15:43:38.0874 2220 NetBT - ok
    15:43:39.0202 2220 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    15:43:39.0202 2220 nfrd960 - ok
    15:43:39.0451 2220 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    15:43:39.0451 2220 Npfs - ok
    15:43:39.0576 2220 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    15:43:39.0576 2220 nsiproxy - ok
    15:43:39.0732 2220 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
    15:43:39.0763 2220 Ntfs - ok
    15:43:39.0888 2220 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    15:43:39.0888 2220 Null - ok
    15:43:40.0107 2220 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
    15:43:40.0122 2220 nvraid - ok
    15:43:40.0465 2220 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
    15:43:40.0481 2220 nvstor - ok
    15:43:40.0715 2220 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
    15:43:40.0715 2220 nv_agp - ok
    15:43:40.0887 2220 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
    15:43:40.0887 2220 ohci1394 - ok
    15:43:41.0121 2220 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    15:43:41.0121 2220 Parport - ok
    15:43:41.0261 2220 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
    15:43:41.0277 2220 partmgr - ok
    15:43:41.0417 2220 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    15:43:41.0417 2220 Parvdm - ok
    15:43:41.0542 2220 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
    15:43:41.0542 2220 pci - ok
    15:43:41.0698 2220 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    15:43:41.0698 2220 pciide - ok
    15:43:41.0838 2220 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    15:43:41.0838 2220 pcmcia - ok
    15:43:41.0979 2220 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    15:43:41.0994 2220 pcw - ok
    15:43:42.0150 2220 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    15:43:42.0166 2220 PEAUTH - ok
    15:43:42.0618 2220 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    15:43:42.0618 2220 PptpMiniport - ok
    15:43:42.0774 2220 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    15:43:42.0774 2220 Processor - ok
    15:43:42.0961 2220 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    15:43:42.0961 2220 Psched - ok
    15:43:43.0117 2220 pwdrvio (c50de6d0c04b230f185a13fde0f047fa) C:\Windows\system32\pwdrvio.sys
    15:43:43.0133 2220 pwdrvio - ok
    15:43:43.0320 2220 pwdspio (cdc5704308222400ad606bcf87b006a5) C:\Windows\system32\pwdspio.sys
    15:43:43.0336 2220 pwdspio - ok
    15:43:43.0523 2220 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    15:43:43.0554 2220 ql2300 - ok
    15:43:43.0726 2220 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    15:43:43.0726 2220 ql40xx - ok
    15:43:43.0882 2220 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    15:43:43.0882 2220 QWAVEdrv - ok
    15:43:43.0897 2220 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    15:43:43.0897 2220 RasAcd - ok
    15:43:44.0100 2220 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    15:43:44.0100 2220 RasAgileVpn - ok
    15:43:44.0287 2220 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    15:43:44.0287 2220 Rasl2tp - ok
    15:43:44.0443 2220 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    15:43:44.0443 2220 RasPppoe - ok
    15:43:44.0646 2220 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    15:43:44.0646 2220 RasSstp - ok
    15:43:44.0677 2220 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
    15:43:44.0677 2220 rdbss - ok
    15:43:44.0693 2220 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    15:43:44.0693 2220 rdpbus - ok
    15:43:44.0709 2220 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
    15:43:44.0709 2220 RDPCDD - ok
    15:43:44.0818 2220 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
    15:43:44.0818 2220 RDPDR - ok
    15:43:45.0021 2220 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    15:43:45.0021 2220 RDPENCDD - ok
    15:43:45.0208 2220 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    15:43:45.0208 2220 RDPREFMP - ok
    15:43:45.0348 2220 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
    15:43:45.0348 2220 RDPWD - ok
    15:43:45.0504 2220 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
    15:43:45.0504 2220 rdyboost - ok
    15:43:45.0723 2220 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    15:43:45.0723 2220 rspndr - ok
    15:43:45.0894 2220 RT61 (581e74880aeb1dba1cb5ac8e6e6c0a69) C:\Windows\system32\DRIVERS\RT61.sys
    15:43:45.0894 2220 RT61 - ok
    15:43:46.0081 2220 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\Windows\system32\DRIVERS\Rt86win7.sys
    15:43:46.0081 2220 RTL8167 - ok
    15:43:46.0222 2220 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
    15:43:46.0222 2220 s3cap - ok
    15:43:46.0331 2220 SASDIFSV - ok
    15:43:46.0487 2220 SASKUTIL - ok
    15:43:46.0690 2220 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
    15:43:46.0690 2220 sbp2port - ok
    15:43:46.0893 2220 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
    15:43:46.0893 2220 scfilter - ok
    15:43:46.0986 2220 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    15:43:46.0986 2220 secdrv - ok
    15:43:47.0127 2220 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    15:43:47.0127 2220 Serenum - ok
    15:43:47.0189 2220 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    15:43:47.0189 2220 sermouse - ok
    15:43:47.0329 2220 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
    15:43:47.0329 2220 sffdisk - ok
    15:43:47.0485 2220 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    15:43:47.0485 2220 sffp_mmc - ok
    15:43:47.0610 2220 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
    15:43:47.0610 2220 sffp_sd - ok
    15:43:47.0782 2220 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    15:43:47.0782 2220 sfloppy - ok
    15:43:47.0907 2220 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
    15:43:47.0907 2220 sisagp - ok
    15:43:48.0063 2220 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    15:43:48.0063 2220 SiSRaid2 - ok
    15:43:48.0094 2220 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    15:43:48.0094 2220 SiSRaid4 - ok
    15:43:48.0312 2220 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    15:43:48.0312 2220 Smb - ok
    15:43:48.0515 2220 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    15:43:48.0515 2220 spldr - ok
    15:43:48.0562 2220 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
    15:43:48.0577 2220 srv - ok
    15:43:48.0718 2220 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
    15:43:48.0718 2220 srv2 - ok
    15:43:48.0874 2220 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
    15:43:48.0874 2220 srvnet - ok
    15:43:49.0030 2220 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    15:43:49.0030 2220 stexstor - ok
    15:43:49.0201 2220 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
    15:43:49.0201 2220 storflt - ok
    15:43:49.0389 2220 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
    15:43:49.0389 2220 storvsc - ok
    15:43:49.0545 2220 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    15:43:49.0545 2220 swenum - ok
    15:43:49.0794 2220 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys
    15:43:49.0825 2220 Tcpip - ok
    15:43:50.0044 2220 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys
    15:43:50.0059 2220 TCPIP6 - ok
    15:43:50.0215 2220 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
    15:43:50.0215 2220 tcpipreg - ok
    15:43:50.0309 2220 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
    15:43:50.0309 2220 TDPIPE - ok
    15:43:50.0403 2220 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
    15:43:50.0403 2220 TDTCP - ok
    15:43:50.0527 2220 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
    15:43:50.0527 2220 tdx - ok
    15:43:50.0637 2220 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
    15:43:50.0637 2220 TermDD - ok
    15:43:50.0839 2220 tmrkb (7e2887341a3164dedc9b89082c24aeca) C:\Windows\system32\DRIVERS\tmrkb.sys
    15:43:50.0839 2220 Suspicious file (Forged): C:\Windows\system32\DRIVERS\tmrkb.sys. Real md5: 7e2887341a3164dedc9b89082c24aeca, Fake md5: b44d1e95a4c70853230a2e1cd0dac0b9
    15:43:50.0839 2220 tmrkb ( ForgedFile.Multi.Generic ) - warning
    15:43:50.0839 2220 tmrkb - detected ForgedFile.Multi.Generic (1)
    15:43:51.0011 2220 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
    15:43:51.0027 2220 tssecsrv - ok
    15:43:51.0183 2220 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
    15:43:51.0183 2220 tunnel - ok
    15:43:51.0198 2220 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    15:43:51.0198 2220 uagp35 - ok
    15:43:51.0229 2220 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
    15:43:51.0229 2220 udfs - ok
    15:43:51.0417 2220 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
    15:43:51.0417 2220 uliagpkx - ok
    15:43:51.0541 2220 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
    15:43:51.0541 2220 umbus - ok
    15:43:51.0697 2220 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    15:43:51.0697 2220 UmPass - ok
    15:43:51.0869 2220 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
    15:43:51.0869 2220 usbaudio - ok
    15:43:52.0025 2220 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
    15:43:52.0025 2220 usbccgp - ok
    15:43:52.0165 2220 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
    15:43:52.0165 2220 usbcir - ok
    15:43:52.0290 2220 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
    15:43:52.0290 2220 usbehci - ok
    15:43:52.0462 2220 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
    15:43:52.0477 2220 usbhub - ok
    15:43:52.0602 2220 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\DRIVERS\usbohci.sys
    15:43:52.0618 2220 usbohci - ok
    15:43:52.0727 2220 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    15:43:52.0727 2220 usbprint - ok
    15:43:52.0836 2220 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    15:43:52.0836 2220 USBSTOR - ok
    15:43:52.0992 2220 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
    15:43:52.0992 2220 usbuhci - ok
    15:43:53.0148 2220 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
    15:43:53.0148 2220 vdrvroot - ok
    15:43:53.0320 2220 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    15:43:53.0320 2220 vga - ok
    15:43:53.0382 2220 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    15:43:53.0382 2220 VgaSave - ok
    15:43:53.0460 2220 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
    15:43:53.0476 2220 vhdmp - ok
    15:43:53.0616 2220 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
    15:43:53.0616 2220 viaagp - ok
    15:43:53.0694 2220 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    15:43:53.0710 2220 ViaC7 - ok
    15:43:53.0881 2220 VIAHdAudAddService (dc56a867a2d92e1c51cb6d3f9c540548) C:\Windows\system32\drivers\viahduaa.sys
    15:43:53.0913 2220 VIAHdAudAddService - ok
    15:43:53.0991 2220 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
    15:43:53.0991 2220 viaide - ok
    15:43:54.0037 2220 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
    15:43:54.0037 2220 vmbus - ok
    15:43:54.0147 2220 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
    15:43:54.0147 2220 VMBusHID - ok
    15:43:54.0162 2220 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
    15:43:54.0178 2220 volmgr - ok
    15:43:54.0256 2220 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    15:43:54.0256 2220 volmgrx - ok
    15:43:54.0381 2220 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
    15:43:54.0381 2220 volsnap - ok
    15:43:54.0537 2220 vpcbus (33e74df34753fcaab06f6f2bdc8cabf5) C:\Windows\system32\DRIVERS\vpchbus.sys
    15:43:54.0537 2220 vpcbus - ok
    15:43:54.0693 2220 vpcnfltr (5f04362ceb5fb5901037e9d9eadd3760) C:\Windows\system32\DRIVERS\vpcnfltr.sys
    15:43:54.0693 2220 vpcnfltr - ok
    15:43:54.0864 2220 vpcusb (625088d6ee9ede977fd03cf18d1cd5c5) C:\Windows\system32\DRIVERS\vpcusb.sys
    15:43:54.0864 2220 vpcusb - ok
    15:43:55.0036 2220 vpcvmm (1023c696d42268e9071bb376dbec8396) C:\Windows\system32\drivers\vpcvmm.sys
    15:43:55.0036 2220 vpcvmm - ok
    15:43:55.0207 2220 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    15:43:55.0207 2220 vsmraid - ok
    15:43:55.0426 2220 VSPerfDrv100 (5a2ddc5411a092bedb1a07755e087784) C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
    15:43:55.0426 2220 VSPerfDrv100 - ok
    15:43:55.0582 2220 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
    15:43:55.0582 2220 vwifibus - ok
    15:43:55.0800 2220 wacmoumonitor (c3b03ed7b06657a3355f620bc02acfb6) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
    15:43:55.0800 2220 wacmoumonitor - ok
    15:43:55.0972 2220 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys
    15:43:55.0972 2220 wacommousefilter - ok
    15:43:56.0112 2220 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    15:43:56.0112 2220 WacomPen - ok
    15:43:56.0331 2220 wacomvhid (846b58ea44bf8c92e4b59f4e2252c4c0) C:\Windows\system32\DRIVERS\wacomvhid.sys
    15:43:56.0331 2220 wacomvhid - ok
    15:43:56.0502 2220 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    15:43:56.0502 2220 WANARP - ok
    15:43:56.0518 2220 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    15:43:56.0518 2220 Wanarpv6 - ok
    15:43:56.0705 2220 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    15:43:56.0705 2220 Wd - ok
    15:43:56.0861 2220 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    15:43:56.0861 2220 Wdf01000 - ok
    15:43:57.0095 2220 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    15:43:57.0095 2220 WfpLwf - ok
    15:43:57.0111 2220 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    15:43:57.0111 2220 WIMMount - ok
    15:43:57.0313 2220 WinDriver6 (0a597f84bc8af4229b529f655bb2ba14) C:\Windows\system32\drivers\windrvr6.sys
    15:43:57.0313 2220 WinDriver6 - ok
    15:43:57.0516 2220 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    15:43:57.0516 2220 WmiAcpi - ok
    15:43:57.0688 2220 WRkrn (6f759df9b7b1ddd22febe80cd942b54f) C:\Windows\system32\drivers\WRkrn.sys
    15:43:57.0688 2220 WRkrn - ok
    15:43:57.0719 2220 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    15:43:57.0719 2220 ws2ifsl - ok
    15:43:57.0781 2220 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    15:43:57.0781 2220 WudfPf - ok
    15:43:57.0984 2220 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
    15:43:58.0000 2220 WUDFRd - ok
    15:43:58.0109 2220 MBR (0x1B8) (af00fc1920e1cf861b39b90a4375edf3) \Device\Harddisk0\DR0
    15:43:58.0109 2220 \Device\Harddisk0\DR0 - ok
    15:43:58.0109 2220 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk1\DR1
    15:43:58.0125 2220 \Device\Harddisk1\DR1 - ok
    15:43:58.0125 2220 Boot (0x1200) (71301cf578259c44eac051a30ed79edd) \Device\Harddisk0\DR0\Partition0
    15:43:58.0125 2220 \Device\Harddisk0\DR0\Partition0 - ok
    15:43:58.0140 2220 Boot (0x1200) (2746959d8da5bc6d6b27c080fc47f0e3) \Device\Harddisk0\DR0\Partition1
    15:43:58.0140 2220 \Device\Harddisk0\DR0\Partition1 - ok
    15:43:58.0140 2220 Boot (0x1200) (1b11360251bf637005d28619ac9fa751) \Device\Harddisk1\DR1\Partition0
    15:43:58.0140 2220 \Device\Harddisk1\DR1\Partition0 - ok
    15:43:58.0156 2220 Boot (0x1200) (b1fbf230aa5a079fd8c945ff08808f03) \Device\Harddisk1\DR1\Partition1
    15:43:58.0156 2220 \Device\Harddisk1\DR1\Partition1 - ok
    15:43:58.0156 2220 ================================================== ==========
    15:43:58.0156 2220 Scan finished
    15:43:58.0156 2220 ================================================== ==========
    15:43:58.0171 2180 Detected object count: 1
    15:43:58.0171 2180 Actual detected object count: 1
    15:44:07.0563 2180 tmrkb ( ForgedFile.Multi.Generic ) - skipped by user
    15:44:07.0563 2180 tmrkb ( ForgedFile.Multi.Generic ) - User select action: Skip
    15:44:29.0746 2020 Deinitialize success



    ESETSmartInstaller@High as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6528
    # api_version=3.0.2
    # EOSSerial=01107bb2dd84144fb660d188b677b40b
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2011-10-19 05:50:58
    # local_time=2011-10-19 07:50:58 (+0100, Romance (zomertijd))
    # country="Belgium"
    # lang=1033
    # osver=6.1.7600 NT
    # compatibility_mode=512 16777215 100 0 236247 236247 0 0
    # compatibility_mode=1032 16777214 0 1 410479 410479 0 0
    # compatibility_mode=5893 16776573 100 94 341 71472056 0 0
    # compatibility_mode=8192 67108863 100 0 116 116 0 0
    # scanned=228395
    # found=18
    # cleaned=17
    # scan_time=14567
    C:\Qoobox\Quarantine\C\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE.vir Win32/Patched.HN trojan (cleaned - quarantined) 00000000000000000000000000000000 C
    C:\Qoobox\Quarantine\C\Program Files\Spybot - Search & Destroy\SDWinSec.exe.vir Win32/Patched.HN trojan (cleaned - quarantined) 00000000000000000000000000000000 C
    C:\Qoobox\Quarantine\C\Program Files\Tablet\Pen\Pen_Tablet.exe.vir Win32/Patched.HN trojan (cleaned - quarantined) 00000000000000000000000000000000 C
    C:\Qoobox\Quarantine\C\Program Files\Tablet\Pen\Pen_TouchService.exe.vir Win32/Patched.HN trojan (cleaned - quarantined) 00000000000000000000000000000000 C
    C:\Qoobox\Quarantine\C\Windows\assembly\GAC_MSIL\d esktop.ini.vir a variant of Win32/Sirefef.CH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\Qoobox\Quarantine\C\Windows\Microsoft.NET\Frame work\v4.0.30319\mscorsvw.exe.vir Win32/Patched.HN trojan (cleaned - quarantined) 00000000000000000000000000000000 C
    C:\Qoobox\Quarantine\C\Windows\system32\atiesrxx.e xe.vir Win32/Patched.HN trojan (cleaned - quarantined) 00000000000000000000000000000000 C
    C:\Qoobox\Quarantine\C\Windows\system32\Drivers\ne tbt.sys.vir a variant of Win32/Rootkit.Kryptik.DM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\TDSSKiller_Quarantine\16.10.2011_17.20.54\susp0 000\svc0000\tsk0000.dta Win32/Sirefef.CT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\Users\Jens Sierens\AppData\Local\05fe9198\X Win32/Sirefef.DD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\Users\Jens Sierens\Downloads\IZArc4.1.6.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
    C:\Windows\System32\atieclxx.exe Win32/Patched.HN trojan (error while cleaning) 00000000000000000000000000000000 I
    C:\Windows\System32\c_11982.nl_ a variant of Win32/Sirefef.CR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_603b1e8 55897bcd6\netbt.sys a variant of Win32/Rootkit.Kryptik.DM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    M:\DESKTOPBOVEN\Backup Set 2011-10-02 190007\Backup Files 2011-10-02 190007\Backup files 3.zip Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
    M:\DESKTOPBOVEN\Backup Set 2011-10-02 190007\Backup Files 2011-10-02 190007\Backup files 4.zip a variant of Win32/Keygen.BH application (deleted - quarantined) 00000000000000000000000000000000 C
    M:\DESKTOPBOVEN\Backup Set 2011-10-02 190007\Backup Files 2011-10-16 190007\Backup files 1.zip Win32/Sirefef.DD trojan (deleted - quarantined) 00000000000000000000000000000000 C
    N:\Downloads\IZArc4.1.6.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C


    Bij 1 gedecteerd bestand gaf hij een error. Voor de rest heeft ESET heel wat bedreigingen gevonden die mijn (ex-)virusscanner AVG blijkbaar over het hoofd zag. Tenzij deze allemaal het resultaat zijn van de zero access rootkit?

    mvg.
  7. 19 October 2011, 20:45 #17
    EvelineGirl
    EvelineGirl is offline
    Spyware Slayer   EvelineGirl's schermafbeelding
    Geregistreerd
    4 November 2009
    Locatie
    Spijkenisse Zuid-Holland
    Berichten
    519
    Bedankjes
    99
    Bedankt
    483 keer in 259 posts
    Sommigen stonden al in qurantaine van Combofix en tdsskiller. De anderen bevinden zich op je M en N schijf hier gaat het om backup.zip files. Je had meerdere infecties aan boord.

    Wil je combofix nog een keer laten scannen?
    Laat deze eerst updaten als er een nieuwe versie beschikbaar is.
    Plaats het logje.

    Hoe gaat het eigenlijk inmiddels?
    Mvg,

  8. 19 October 2011, 20:55 #18
    Shinma
    Shinma is offline
    Up-to-date  
    Geregistreerd
    16 October 2011
    Berichten
    18
    Bedankjes
    1
    Bedankt
    1 keer in 1 post
    Zo op het eerste en het tweede zicht lijken de problemen toch opgelost. De zoekacties via google worden in ieder geval niet meer omgeleid naar een of andere obscure website. Wat tijdens de infectie bijna altijd voorkwam. En de pc zelf lijkt ook terug responsiever te handelen. Ik ben nu de combofix scan aan het draaien en kan dadelijk resultaten posten
  9. 19 October 2011, 20:57 #19
    EvelineGirl
    EvelineGirl is offline
    Spyware Slayer   EvelineGirl's schermafbeelding
    Geregistreerd
    4 November 2009
    Locatie
    Spijkenisse Zuid-Holland
    Berichten
    519
    Bedankjes
    99
    Bedankt
    483 keer in 259 posts
    Prima dan denk ik dat we nu bijna kunnen gaan afronden.
    Mvg,

  10. 19 October 2011, 21:08 #20
    Shinma
    Shinma is offline
    Up-to-date  
    Geregistreerd
    16 October 2011
    Berichten
    18
    Bedankjes
    1
    Bedankt
    1 keer in 1 post
    ComboFix 11-10-19.06 - Jens Sierens 19/10/2011 20:54:16.2.2 - x86
    Microsoft Windows 7 Professional 6.1.7600.0.1252.32.1043.18.3327.2285 [GMT 2:00]
    Gestart vanuit: c:\users\Jens Sierens\Desktop\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Jens Sierens\AppData\Local\05fe9198\U
    c:\users\Jens Sierens\AppData\Local\05fe9198\U\80000000.@
    c:\users\Jens Sierens\AppData\Local\05fe9198\U\800000cb.@
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-09-19 to 2011-10-19 ))))))))))))))))))))))))))))))
    .
    .
    2011-10-19 19:00 . 2011-10-19 19:00 -------- d-----w- c:\users\Jens Sierens\AppData\Local\temp
    2011-10-19 19:00 . 2011-10-19 19:00 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-10-19 13:46 . 2011-10-19 13:46 -------- d-----w- c:\program files\ESET
    2011-10-19 13:42 . 2011-10-19 13:42 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEB7366E-7CB9-4B3F-89DE-28DD245291AC}\offreg.dll
    2011-10-18 19:50 . 2011-09-21 07:00 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEB7366E-7CB9-4B3F-89DE-28DD245291AC}\mpengine.dll
    2011-10-18 16:19 . 2010-08-16 13:31 725064 ----a-w- c:\windows\system32\pwNative.exe
    2011-10-18 16:19 . 2010-08-16 13:31 16472 ------w- c:\windows\system32\pwdrvio.sys
    2011-10-18 16:19 . 2010-08-16 13:31 11104 ------w- c:\windows\system32\pwdspio.sys
    2011-10-17 14:44 . 2011-03-28 18:31 1713536 ----a-w- c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    2011-10-17 14:12 . 2009-07-13 23:53 45568 ----a-w- c:\windows\system32\drivers\ndisuio.sys
    2011-10-16 20:11 . 2011-10-16 20:11 65808 ----a-w- c:\windows\system32\drivers\tmrkb.sys
    2011-10-16 20:11 . 2011-10-16 20:11 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
    2011-10-16 20:10 . 2011-10-16 20:10 388096 ----a-r- c:\users\Jens Sierens\AppData\Roaming\Microsoft\Installer\{45A66 726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-10-16 20:10 . 2011-10-16 20:10 -------- d-----w- c:\program files\Trend Micro
    2011-10-16 17:39 . 2011-10-16 17:39 -------- d-----w- c:\program files\HJT
    2011-10-16 15:22 . 2011-10-17 18:06 -------- d-----w- C:\TDSSKiller_Quarantine
    2011-10-16 13:40 . 2011-10-16 13:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2011-10-16 13:40 . 2011-10-16 13:40 -------- d-----w- c:\users\Jens Sierens\AppData\Roaming\SUPERAntiSpyware.com
    2011-10-14 20:32 . 2011-10-16 17:29 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-10-14 20:32 . 2011-10-14 20:32 -------- d-----w- c:\users\Jens Sierens\AppData\Roaming\Malwarebytes
    2011-10-14 20:32 . 2011-10-14 20:32 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-14 20:31 . 2011-10-16 20:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-14 19:41 . 2011-10-14 19:41 140760 ----a-w- c:\windows\system32\WRusr.dll
    2011-10-14 19:41 . 2011-10-14 19:41 106312 ----a-w- c:\windows\system32\drivers\WRkrn.sys
    2011-10-14 19:41 . 2011-10-14 19:59 -------- d-----w- c:\programdata\WRData
    2011-10-14 19:41 . 2011-10-14 19:41 -------- d-----w- c:\program files\Webroot
    2011-10-09 20:48 . 2011-10-19 19:00 -------- d-sh--w- c:\users\Jens Sierens\AppData\Local\05fe9198
    2011-10-08 19:28 . 2011-10-08 19:28 -------- d-----w- c:\program files\Advanced File Organizer
    2011-10-03 21:26 . 2011-10-03 21:26 -------- d-----w- c:\program files\DCoder Image Source
    2011-10-03 21:26 . 2011-10-03 21:26 -------- d-----w- c:\program files\7-Zip
    2011-10-03 21:26 . 2011-10-03 21:26 -------- d-----w- c:\program files\FFMPEG Core Files
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\SHOUTcast Source
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\MONOGRAM AMR SplitterDecoder
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\CD Audio Reader Filter
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\OpenSource AVI Splitter
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\OpenSource DTSAC3DD+ Source Filter
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\Gabest MPEG Splitter
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\DScaler5
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\AC3Filter
    2011-10-03 21:25 . 2009-08-11 19:18 497664 ----a-w- c:\windows\system32\ac3filter.acm
    2011-10-03 21:25 . 2011-10-03 21:25 -------- d-----w- c:\program files\Bass Audio Decoder
    2011-10-03 21:24 . 2011-10-17 19:09 -------- d-----w- c:\programdata\Zoom Player
    2011-10-03 21:24 . 2011-10-03 21:24 -------- d-----w- c:\program files\Zoom Player
    2011-09-28 20:37 . 2011-09-28 20:42 -------- d-----w- c:\program files\Inkscape
    2011-09-28 20:14 . 2011-09-28 20:14 -------- d-----w- c:\users\Jens Sierens\AppData\Roaming\WTablet
    2011-09-28 20:14 . 2011-09-08 15:48 1107832 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
    2011-09-28 20:14 . 2011-09-08 15:49 10752 ----a-w- c:\windows\system32\drivers\wacmoumonitor.sys
    2011-09-28 20:14 . 2011-09-08 15:49 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
    2011-09-28 20:13 . 2011-09-08 15:49 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
    2011-09-28 20:13 . 2011-09-08 15:48 1156472 ----a-w- c:\windows\system32\Wintab32.dll
    2011-09-28 20:13 . 2011-09-08 15:48 1152888 ----a-w- c:\windows\system32\WacomMT.dll
    2011-09-28 20:13 . 2011-09-08 15:48 1369464 ----a-w- c:\windows\system32\Pen_Tablet.dll
    2011-09-28 20:13 . 2011-09-28 20:14 -------- d-----w- c:\program files\Tablet
    2011-09-26 19:53 . 2011-09-26 19:53 -------- d-----w- c:\users\Jens Sierens\AppData\Roaming\BitTorrent
    2011-09-26 19:53 . 2011-09-26 19:53 -------- d-----w- c:\users\Jens Sierens\AppData\Local\BitTorrent
    2011-09-26 19:51 . 2011-09-26 19:51 -------- d-----w- c:\users\Jens Sierens\AppData\Roaming\uTorrent
    2011-09-26 19:51 . 2011-09-26 19:51 -------- d-----w- c:\users\Jens Sierens\AppData\Local\uTorrent
    2011-09-25 13:38 . 2011-09-27 20:33 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
    2011-09-25 13:22 . 2011-09-25 13:22 -------- d-----w- c:\program files\Adobe Media Player
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2011-10-16 19:21 . 2010-10-19 17:05 295936 ----a-w- c:\windows\system32\drivers\vpcvmm.sys
    2011-10-16 18:30 . 2011-06-16 08:57 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
    2011-10-16 15:22 . 2009-07-13 23:53 36352 ----a-w- c:\windows\system32\drivers\netbios.sys
    2011-09-18 01:11 . 2010-10-09 14:46 1415680 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\Re sourceCache.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-10-28 1701888]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "WRSVC"="c:\program files\Webroot\WRSA.exe" [2011-10-14 599616]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
    "AvgUninstallURL"="start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtN ElKTUg&inst=NzctNjI0NjY1MzE5LVFJWDErNC1YMjAxMCsyLU xJQysyMi1GTDEwKzEtU1AxKzEtVFVHKzMtU1VEKzEtUzFJKzEt U1UzKzEtRERUKzQ1NDUxLUREMTBGKzEtU1QxMEZBUFArMQ&pro d=90&ver=10.0.1410" [?]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux3"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKLM\~\startupfolder\C:^Users^Jens Sierens^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
    path=c:\users\Jens Sierens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
    backup=c:\windows\pss\CurseClientStartup.ccip.Star tup
    backupExtension=.Startup
    .
    [HKLM\~\startupfolder\C:^Users^Jens Sierens^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]
    path=c:\users\Jens Sierens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk
    backup=c:\windows\pss\OpenOffice.org 3.3 .lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
    2011-03-15 15:42 499608 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.e xe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
    2011-01-12 05:08 1523360 ----a-w- c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManage r.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
    2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    .
    R1 SASDIFSV;SASDIFSV;c:\users\JENSSI~1\AppData\Local\ Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS [x]
    R1 SASKUTIL;SASKUTIL;c:\users\JENSSI~1\AppData\Local\ Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS [x]
    R2 KMService;KMService;c:\windows\system32\srvany.exe [2011-02-03 8192]
    R2 tmrkb;tmrkb;c:\windows\system32\DRIVERS\tmrkb.sys [2011-10-16 65808]
    R2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2011-10-14 599616]
    R3 AVRZU;AVRZU;c:\users\JENSSI~1\AppData\Local\Temp\A VRZU.exe [x]
    R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x3 2.sys [x]
    R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4640000]
    R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-08-16 16472]
    R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-08-16 11104]
    R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
    R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.s ys [2011-09-08 10752]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-19 1343400]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
    S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2011-10-14 106312]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2009-06-10 66384]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 5554552]
    S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 451960]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-10-21 1102848]
    .
    .
    --- Andere Services/Drivers In Geheugen ---
    .
    *NewlyCreated* - 03660340
    *Deregistered* - 03660340
    *Deregistered* - aswMBR
    .
    .
    ------- Bijkomende Scan -------
    .
    uInternet Settings,ProxyServer = 0
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Jens Sierens\AppData\Roaming\Mozilla\Firefox\Profiles\l dg5rby9.default\
    FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
    FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cb3660a&v=7.008.031.001&i=23&tp=ab&iy=&ychte=u s&lng=nl&q=
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 62000
    FF - prefs.js: network.proxy.type - 0
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    FF - Ext: SOE Web Installer: {000F1EA4-5E08-4564-A29B-29076F63A37A} - %profile%\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
    FF - Ext: ChatZilla: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2} - %profile%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
    FF - user.js: network.cookie.cookieBehavior - 0
    FF - user.js: privacy.clearOnShutdown.cookies - false
    FF - user.js: security.warn_viewing_mixed - false
    FF - user.js: security.warn_viewing_mixed.show_once - false
    FF - user.js: security.warn_submit_insecure - false
    FF - user.js: security.warn_submit_insecure.show_once - false
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_USERS\S-1-5-21-1443393807-4273532130-1213093711-1000\Software\SecuROM\License information*]
    "datasecu"=hex:8b,c8,2c,a7,c5,18,ef,aa,fe,72,80,8c ,0b,9c,8a,09,a4,d3,f2,09,e8,
    f6,2c,64,d4,78,a4,07,3a,4e,23,81,c2,ee,2c,87,f5,a6 ,e7,c8,c8,89,2c,7c,2f,d4,\
    "rkeysecu"=hex:5c,de,45,b9,14,cf,66,c0,06,25,22,8d ,d9,37,8b,bc
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2011-10-19 21:02:22
    ComboFix-quarantined-files.txt 2011-10-19 19:02
    ComboFix2.txt 2011-10-17 14:51
    .
    Pre-Run: 65.808.302.080 bytes beschikbaar
    Post-Run: 65.764.003.840 bytes beschikbaar
    .
    - - End Of File - - 10C447A2E74AD49946D392391F64B83F


    Ziezo.
« Vorige discussie | Volgende discussie »

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. geen toegang tot internet met draadloos netwerk
    Door white diamond in forum Netwerken en internetproviders
    Reacties: 15
    Laatste bericht: 5 September 2009, 13:49
  2. planning scannen met avast home
    Door senna in forum Malware
    Reacties: 2
    Laatste bericht: 27 February 2006, 20:25
  3. Scannen met Spybot
    Door Tjoolaere in forum Malware
    Reacties: 17
    Laatste bericht: 17 November 2005, 12:32
  4. pc valt uit bij scannen met ad-adware
    Door tasha in forum Malware
    Reacties: 11
    Laatste bericht: 15 November 2005, 16:55

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •  

Forumregels