mXX
23 December 2011, 12:15
Ik word altijd geredirect via mijn browser naar ongewenste sites... Ik gebruik panda antivirus. Iemand ie logje eens wilt nazien aub?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:28, on 23/12/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\Jaouad\AppData\Local\Akamai\netsession_wi n.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Users\Jaouad\AppData\Local\Akamai\netsession_wi n.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\avciman.exe
G:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bfus&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\Jaouad\AppData\Local\Akamai\netsession_wi n.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE. EXE /FU "C:\Windows\TEMP\E_SC7D9.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.e xe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.e xe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12727 bytes
EvelineGirl
23 December 2011, 13:23
Hallo,
1.
Download MalwareBytes' Anti-Malware (http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button) en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg dat er na de installatie een vinkje is geplaatst bij:
Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
Bij problemen!!! (Lees de onderstaande instructies)
Problemen bij het installeren van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3419)
Problemen bij het updaten van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3420)
Problemen bij het starten van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3421)
Het venster met de vraag of je de "Evaluatie wil starten" mag je in principe weigeren, deze kan je later ook nog inschakelen.
Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.
2.
Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) en plaats het op je bureaublad.
Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Let op!!! Windows Vista & 7 gebruikers dienen TDSSkiller als administrator uit te voeren "Rechtermuisknop uitvoeren als",
Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
http://www.malwareinfo.nl/files/screens/TDSSkiller(update).jpg
Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
Start nu TDSSkiller opnieuw.
Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
http://www.malwareinfo.nl/files/screens/TDSSkiller(opties).jpg
Klik op de knop "Start Scan" en volg de instructies.
Wanneer de scan klaar is klik je op de knop "Report".
Selecteer de inhoud (log) en plaats deze in uw volgende bericht.
Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
Note: Indien je een waarschuwing krijgt over sptd.sys dan mag je deze 'skippen' deze hoort bij Emulatiesoftware zoals Daemon Tools.
3.
Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download (http://download.bleepingcomputer.com/sUBs/dds.com).
DDS - Bleeping Computer download (http://download.bleepingcomputer.com/sUBs/dds.scr).
DDS - Infospyware (http://www.infospyware.net/sUBs/dds).
http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif
DDS is een diagnosetool en maakt gebruik van scripts.
Schakel je beveiligings software uit voordat je DDS uitvoert!
Dubbelklik op DDS om de tool te starten.
DDS zal 2 logfiles openen:
* DDS.txt
* Attach.txt
Een scherm vraagt je om beide logjes op te slaan omdat de logjes weg zullen zijn als je ze sluit.
Sla de logjes op bijvoorbeeld op je bureaublad of een andere plaats waar je ze makkelijk terug vind.
Post het DDS.txt logje met je volgende antwoord. De Attach.txt post je alleen wanneer ik hier om vraag.
Succes,
Eveline
mXX
23 December 2011, 15:28
Als eerste bedankt voor de snelle reactie!
[ComboFix logje]
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Databaseversie: 911122306
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
23/12/2011 14:19:02
mbam-log-2011-12-23 (14-19-02).txt
Scantype: Snelle scan
Objecten gescand: 192092
Verstreken tijd: 6 minuut/minuten, 1 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
[TDDskiller Log]
14:21:42.0902 4196 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:21:44.0275 4196 ================================================== ==========
14:21:44.0275 4196 Current date / time: 2011/12/23 14:21:44.0275
14:21:44.0275 4196 SystemInfo:
14:21:44.0275 4196
14:21:44.0275 4196 OS Version: 6.1.7601 ServicePack: 1.0
14:21:44.0275 4196 Product type: Workstation
14:21:44.0275 4196 ComputerName: JAOUAD-PC
14:21:44.0275 4196 UserName: Jaouad
14:21:44.0275 4196 Windows directory: C:\Windows
14:21:44.0275 4196 System windows directory: C:\Windows
14:21:44.0275 4196 Running under WOW64
14:21:44.0275 4196 Processor architecture: Intel x64
14:21:44.0275 4196 Number of processors: 2
14:21:44.0275 4196 Page size: 0x1000
14:21:44.0275 4196 Boot type: Normal boot
14:21:44.0275 4196 ================================================== ==========
14:21:45.0179 4196 Initialize success
14:22:29.0562 6952 ================================================== ==========
14:22:29.0562 6952 Scan started
14:22:29.0562 6952 Mode: Manual; SigCheck; TDLFS;
14:22:29.0562 6952 ================================================== ==========
14:22:30.0108 6952 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:22:30.0217 6952 1394ohci - ok
14:22:30.0232 6952 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:22:30.0248 6952 ACPI - ok
14:22:30.0279 6952 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:22:30.0326 6952 AcpiPmi - ok
14:22:30.0451 6952 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:22:30.0466 6952 adp94xx - ok
14:22:30.0498 6952 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:22:30.0513 6952 adpahci - ok
14:22:30.0544 6952 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:22:30.0560 6952 adpu320 - ok
14:22:30.0669 6952 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
14:22:31.0090 6952 AFD - ok
14:22:31.0153 6952 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
14:22:31.0543 6952 AgereSoftModem - ok
14:22:31.0621 6952 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:22:31.0636 6952 agp440 - ok
14:22:31.0699 6952 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:22:31.0714 6952 aliide - ok
14:22:31.0714 6952 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:22:31.0730 6952 amdide - ok
14:22:31.0777 6952 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:22:31.0824 6952 AmdK8 - ok
14:22:31.0886 6952 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:22:31.0933 6952 AmdPPM - ok
14:22:31.0948 6952 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
14:22:31.0964 6952 amdsata - ok
14:22:31.0995 6952 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:22:32.0011 6952 amdsbs - ok
14:22:32.0026 6952 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
14:22:32.0042 6952 amdxata - ok
14:22:32.0073 6952 AmFSM (71336e77f98a65efaaeb950902611d3f) C:\Windows\system32\DRIVERS\amm6460.sys
14:22:32.0120 6952 AmFSM - ok
14:22:32.0198 6952 APPFLT (b1a935537be5c168c223946572e2edd1) C:\Windows\system32\Drivers\APPFLT64.SYS
14:22:32.0214 6952 APPFLT - ok
14:22:32.0260 6952 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:22:32.0307 6952 AppID - ok
14:22:32.0354 6952 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:22:32.0370 6952 arc - ok
14:22:32.0385 6952 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:22:32.0401 6952 arcsas - ok
14:22:32.0463 6952 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:22:32.0541 6952 AsyncMac - ok
14:22:32.0572 6952 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:22:32.0572 6952 atapi - ok
14:22:32.0635 6952 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
14:22:32.0697 6952 athr - ok
14:22:32.0822 6952 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:22:33.0243 6952 b06bdrv - ok
14:22:33.0274 6952 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:22:33.0306 6952 b57nd60a - ok
14:22:33.0384 6952 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:22:33.0446 6952 Beep - ok
14:22:33.0477 6952 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:22:33.0493 6952 blbdrive - ok
14:22:33.0524 6952 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:22:33.0571 6952 bowser - ok
14:22:33.0649 6952 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:22:33.0664 6952 BrFiltLo - ok
14:22:33.0680 6952 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:22:33.0711 6952 BrFiltUp - ok
14:22:33.0727 6952 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:22:33.0789 6952 Brserid - ok
14:22:33.0805 6952 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:22:33.0836 6952 BrSerWdm - ok
14:22:33.0852 6952 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:22:33.0883 6952 BrUsbMdm - ok
14:22:33.0898 6952 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:22:33.0930 6952 BrUsbSer - ok
14:22:33.0976 6952 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:22:34.0008 6952 BTHMODEM - ok
14:22:34.0086 6952 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:22:34.0148 6952 cdfs - ok
14:22:34.0195 6952 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:22:34.0226 6952 cdrom - ok
14:22:34.0273 6952 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:22:34.0304 6952 circlass - ok
14:22:34.0366 6952 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:22:34.0382 6952 CLFS - ok
14:22:34.0444 6952 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:22:34.0476 6952 CmBatt - ok
14:22:34.0507 6952 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:22:34.0522 6952 cmdide - ok
14:22:34.0569 6952 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
14:22:34.0600 6952 CNG - ok
14:22:34.0694 6952 ComFiltr (8a64c45f467fb30c47a30ae2819ddd62) C:\Windows\system32\DRIVERS\COMFiltr.sys
14:22:34.0710 6952 ComFiltr - ok
14:22:34.0741 6952 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:22:34.0756 6952 Compbatt - ok
14:22:34.0788 6952 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:22:34.0819 6952 CompositeBus - ok
14:22:34.0866 6952 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:22:34.0881 6952 crcdisk - ok
14:22:34.0990 6952 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:22:35.0037 6952 DfsC - ok
14:22:35.0068 6952 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:22:35.0131 6952 discache - ok
14:22:35.0146 6952 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:22:35.0162 6952 Disk - ok
14:22:35.0240 6952 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:22:35.0271 6952 drmkaud - ok
14:22:35.0318 6952 DSAFLT (64648b677d5005749f2fe412254512b7) C:\Windows\system32\Drivers\DSAFLT64.SYS
14:22:35.0334 6952 DSAFLT - ok
14:22:35.0365 6952 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:22:35.0412 6952 DXGKrnl - ok
14:22:35.0521 6952 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:22:35.0614 6952 ebdrv - ok
14:22:35.0708 6952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:22:35.0739 6952 elxstor - ok
14:22:35.0770 6952 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:22:35.0817 6952 ErrDev - ok
14:22:35.0833 6952 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:22:35.0895 6952 exfat - ok
14:22:36.0004 6952 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:22:36.0067 6952 fastfat - ok
14:22:36.0098 6952 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:22:36.0129 6952 fdc - ok
14:22:36.0160 6952 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:22:36.0176 6952 FileInfo - ok
14:22:36.0192 6952 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:22:36.0254 6952 Filetrace - ok
14:22:36.0332 6952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:22:36.0348 6952 flpydisk - ok
14:22:36.0379 6952 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:22:36.0410 6952 FltMgr - ok
14:22:36.0441 6952 FNETMON (50c6c310a98108a94e985fd46b4e150c) C:\Windows\system32\Drivers\fnetm64.SYS
14:22:36.0457 6952 FNETMON - ok
14:22:36.0472 6952 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:22:36.0488 6952 FsDepends - ok
14:22:36.0535 6952 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
14:22:36.0550 6952 fssfltr - ok
14:22:36.0582 6952 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:22:36.0597 6952 Fs_Rec - ok
14:22:36.0691 6952 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:22:36.0706 6952 fvevol - ok
14:22:36.0753 6952 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:22:36.0769 6952 gagp30kx - ok
14:22:36.0784 6952 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:22:36.0831 6952 hcw85cir - ok
14:22:36.0878 6952 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:22:36.0909 6952 HdAudAddService - ok
14:22:37.0003 6952 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:22:37.0034 6952 HDAudBus - ok
14:22:37.0050 6952 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:22:37.0081 6952 HidBatt - ok
14:22:37.0112 6952 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:22:37.0143 6952 HidBth - ok
14:22:37.0159 6952 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:22:37.0190 6952 HidIr - ok
14:22:37.0299 6952 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:22:37.0330 6952 HidUsb - ok
14:22:37.0393 6952 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:22:37.0408 6952 HpqKbFiltr - ok
14:22:37.0471 6952 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:22:37.0486 6952 HpSAMD - ok
14:22:37.0564 6952 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:22:38.0001 6952 HTTP - ok
14:22:38.0079 6952 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:22:38.0095 6952 hwpolicy - ok
14:22:38.0126 6952 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:22:38.0142 6952 i8042prt - ok
14:22:38.0188 6952 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
14:22:38.0204 6952 iaStorV - ok
14:22:38.0251 6952 IDSFLT (e3fc339dac4ddf4a12188313dc4da94f) C:\Windows\system32\Drivers\IDSFLT64.SYS
14:22:38.0563 6952 IDSFLT - ok
14:22:38.0734 6952 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:22:38.0922 6952 igfx - ok
14:22:39.0015 6952 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:22:39.0031 6952 iirsp - ok
14:22:39.0062 6952 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:22:39.0078 6952 intelide - ok
14:22:39.0093 6952 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:22:39.0124 6952 intelppm - ok
14:22:39.0171 6952 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:22:39.0655 6952 IpFilterDriver - ok
14:22:39.0717 6952 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:22:39.0748 6952 IPMIDRV - ok
14:22:39.0795 6952 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:22:40.0185 6952 IPNAT - ok
14:22:40.0201 6952 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:22:40.0232 6952 IRENUM - ok
14:22:40.0263 6952 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:22:40.0279 6952 isapnp - ok
14:22:40.0341 6952 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:22:40.0357 6952 iScsiPrt - ok
14:22:40.0388 6952 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:22:40.0419 6952 kbdclass - ok
14:22:40.0435 6952 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:22:40.0466 6952 kbdhid - ok
14:22:40.0513 6952 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
14:22:40.0528 6952 KSecDD - ok
14:22:40.0560 6952 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
14:22:40.0575 6952 KSecPkg - ok
14:22:40.0653 6952 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:22:40.0700 6952 ksthunk - ok
14:22:40.0778 6952 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:22:40.0825 6952 lltdio - ok
14:22:40.0856 6952 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:22:40.0872 6952 LSI_FC - ok
14:22:40.0950 6952 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:22:40.0965 6952 LSI_SAS - ok
14:22:40.0981 6952 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:22:40.0996 6952 LSI_SAS2 - ok
14:22:41.0012 6952 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:22:41.0028 6952 LSI_SCSI - ok
14:22:41.0059 6952 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:22:41.0106 6952 luafv - ok
14:22:41.0137 6952 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:22:41.0152 6952 megasas - ok
14:22:41.0168 6952 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:22:41.0199 6952 MegaSR - ok
14:22:41.0262 6952 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:22:41.0324 6952 Modem - ok
14:22:41.0355 6952 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:22:41.0386 6952 monitor - ok
14:22:41.0418 6952 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:22:41.0433 6952 mouclass - ok
14:22:41.0449 6952 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:22:41.0480 6952 mouhid - ok
14:22:41.0558 6952 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:22:41.0574 6952 mountmgr - ok
14:22:41.0605 6952 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:22:41.0620 6952 mpio - ok
14:22:41.0652 6952 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:22:41.0698 6952 mpsdrv - ok
14:22:41.0730 6952 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:22:41.0808 6952 MRxDAV - ok
14:22:41.0886 6952 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:22:41.0917 6952 mrxsmb - ok
14:22:41.0932 6952 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:22:41.0964 6952 mrxsmb10 - ok
14:22:41.0979 6952 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:22:42.0010 6952 mrxsmb20 - ok
14:22:42.0026 6952 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:22:42.0042 6952 msahci - ok
14:22:42.0057 6952 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:22:42.0073 6952 msdsm - ok
14:22:42.0120 6952 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:22:42.0166 6952 Msfs - ok
14:22:42.0229 6952 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:22:42.0276 6952 mshidkmdf - ok
14:22:42.0307 6952 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:22:42.0322 6952 msisadrv - ok
14:22:42.0354 6952 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:22:42.0400 6952 MSKSSRV - ok
14:22:42.0416 6952 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:22:42.0463 6952 MSPCLOCK - ok
14:22:42.0478 6952 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:22:42.0541 6952 MSPQM - ok
14:22:42.0619 6952 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:22:42.0634 6952 MsRPC - ok
14:22:42.0666 6952 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:22:42.0681 6952 mssmbios - ok
14:22:42.0712 6952 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:22:42.0775 6952 MSTEE - ok
14:22:42.0822 6952 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:22:42.0853 6952 MTConfig - ok
14:22:42.0931 6952 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:22:42.0946 6952 Mup - ok
14:22:42.0993 6952 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:22:43.0024 6952 NativeWifiP - ok
14:22:43.0071 6952 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:22:43.0102 6952 NDIS - ok
14:22:43.0134 6952 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:22:43.0196 6952 NdisCap - ok
14:22:43.0274 6952 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:22:43.0321 6952 NdisTapi - ok
14:22:43.0368 6952 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:22:43.0414 6952 Ndisuio - ok
14:22:43.0446 6952 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:22:43.0492 6952 NdisWan - ok
14:22:43.0524 6952 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:22:43.0570 6952 NDProxy - ok
14:22:43.0648 6952 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:22:43.0695 6952 NetBIOS - ok
14:22:43.0742 6952 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:22:43.0789 6952 NetBT - ok
14:22:43.0820 6952 NETFLTDI (ba99a34a9b5eb737ce54bc0a7c596609) C:\Windows\system32\Drivers\NETTDI64.SYS
14:22:44.0148 6952 NETFLTDI - ok
14:22:44.0194 6952 NETIMFLT01060044 (fd0bfed656d9b26c22e439cc0ef5c771) C:\Windows\system32\DRIVERS\n64i1644.sys
14:22:44.0210 6952 NETIMFLT01060044 - ok
14:22:44.0522 6952 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
14:22:45.0084 6952 netw5v64 - ok
14:22:45.0162 6952 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:22:45.0177 6952 nfrd960 - ok
14:22:45.0208 6952 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:22:45.0255 6952 Npfs - ok
14:22:45.0271 6952 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:22:45.0333 6952 nsiproxy - ok
14:22:45.0396 6952 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
14:22:45.0442 6952 Ntfs - ok
14:22:45.0520 6952 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:22:45.0583 6952 Null - ok
14:22:45.0614 6952 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys
14:22:45.0630 6952 NVHDA - ok
14:22:45.0848 6952 nvlddmkm (e63279a205da5c225369770e400904a8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:22:46.0456 6952 nvlddmkm - ok
14:22:46.0597 6952 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
14:22:46.0612 6952 nvraid - ok
14:22:46.0628 6952 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
14:22:46.0644 6952 nvstor - ok
14:22:46.0675 6952 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:22:46.0706 6952 nv_agp - ok
14:22:46.0737 6952 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:22:46.0784 6952 ohci1394 - ok
14:22:46.0893 6952 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:22:46.0924 6952 Parport - ok
14:22:46.0956 6952 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:22:46.0971 6952 partmgr - ok
14:22:47.0018 6952 pavboot (337a81b3ff34f9851d245d42a725fc22) C:\Windows\system32\Drivers\pavboot64.sys
14:22:47.0018 6952 pavboot - ok
14:22:47.0049 6952 PavTPK.sys - ok
14:22:47.0080 6952 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:22:47.0096 6952 pci - ok
14:22:47.0112 6952 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:22:47.0127 6952 pciide - ok
14:22:47.0158 6952 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:22:47.0174 6952 pcmcia - ok
14:22:47.0252 6952 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:22:47.0268 6952 pcw - ok
14:22:47.0299 6952 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:22:47.0361 6952 PEAUTH - ok
14:22:47.0486 6952 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:22:47.0533 6952 PptpMiniport - ok
14:22:47.0564 6952 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:22:47.0595 6952 Processor - ok
14:22:47.0611 6952 Prot6Flt - ok
14:22:47.0658 6952 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:22:47.0720 6952 Psched - ok
14:22:47.0845 6952 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:22:47.0892 6952 ql2300 - ok
14:22:47.0907 6952 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:22:47.0923 6952 ql40xx - ok
14:22:47.0954 6952 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:22:47.0985 6952 QWAVEdrv - ok
14:22:48.0063 6952 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:22:48.0110 6952 RasAcd - ok
14:22:48.0141 6952 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:22:48.0172 6952 RasAgileVpn - ok
14:22:48.0219 6952 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:22:48.0266 6952 Rasl2tp - ok
14:22:48.0297 6952 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:22:48.0344 6952 RasPppoe - ok
14:22:48.0360 6952 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:22:48.0406 6952 RasSstp - ok
14:22:48.0484 6952 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:22:48.0531 6952 rdbss - ok
14:22:48.0562 6952 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:22:48.0594 6952 rdpbus - ok
14:22:48.0609 6952 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:22:48.0672 6952 RDPCDD - ok
14:22:48.0703 6952 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:22:48.0734 6952 RDPENCDD - ok
14:22:48.0750 6952 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:22:48.0796 6952 RDPREFMP - ok
14:22:48.0812 6952 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
14:22:48.0859 6952 RDPWD - ok
14:22:48.0952 6952 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:22:48.0984 6952 rdyboost - ok
14:22:49.0062 6952 RMCAST (caf88d6573d21cd2aa27001ddbfdc74d) C:\Windows\system32\DRIVERS\RMCAST.sys
14:22:49.0405 6952 RMCAST - ok
14:22:49.0452 6952 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:22:49.0498 6952 rspndr - ok
14:22:49.0592 6952 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys
14:22:49.0639 6952 RSUSBSTOR - ok
14:22:49.0670 6952 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:22:49.0717 6952 RTL8167 - ok
14:22:49.0748 6952 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:22:49.0764 6952 sbp2port - ok
14:22:49.0810 6952 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:22:49.0857 6952 scfilter - ok
14:22:49.0951 6952 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
14:22:49.0982 6952 sdbus - ok
14:22:50.0060 6952 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:22:50.0107 6952 secdrv - ok
14:22:50.0138 6952 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:22:50.0154 6952 Serenum - ok
14:22:50.0169 6952 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:22:50.0185 6952 Serial - ok
14:22:50.0216 6952 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:22:50.0247 6952 sermouse - ok
14:22:50.0341 6952 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:22:50.0372 6952 sffdisk - ok
14:22:50.0388 6952 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:22:50.0434 6952 sffp_mmc - ok
14:22:50.0434 6952 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:22:50.0466 6952 sffp_sd - ok
14:22:50.0512 6952 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:22:50.0528 6952 sfloppy - ok
14:22:50.0622 6952 ShldFlt (03639a3b26aa808bae79d89fdb4b151c) C:\Windows\system32\DRIVERS\ShldFlt.sys
14:22:50.0637 6952 ShldFlt - ok
14:22:50.0668 6952 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:22:50.0684 6952 SiSRaid2 - ok
14:22:50.0700 6952 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:22:50.0715 6952 SiSRaid4 - ok
14:22:50.0746 6952 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:22:50.0793 6952 Smb - ok
14:22:50.0840 6952 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:22:50.0856 6952 spldr - ok
14:22:50.0965 6952 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:22:50.0996 6952 srv - ok
14:22:51.0027 6952 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:22:51.0058 6952 srv2 - ok
14:22:51.0105 6952 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:22:51.0136 6952 SrvHsfHDA - ok
14:22:51.0230 6952 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:22:51.0292 6952 SrvHsfV92 - ok
14:22:51.0339 6952 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:22:51.0370 6952 SrvHsfWinac - ok
14:22:51.0448 6952 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:22:51.0480 6952 srvnet - ok
14:22:51.0542 6952 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:22:51.0558 6952 stexstor - ok
14:22:51.0589 6952 STHDA (8d1ce4322a35f840711b87927cb57c05) C:\Windows\system32\DRIVERS\stwrt64.sys
14:22:51.0636 6952 STHDA - ok
14:22:51.0729 6952 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:22:51.0745 6952 swenum - ok
14:22:51.0823 6952 SynTP (08425cd92972c6430f350a9697f4a553) C:\Windows\system32\DRIVERS\SynTP.sys
14:22:51.0854 6952 SynTP - ok
14:22:52.0010 6952 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
14:22:52.0057 6952 Tcpip - ok
14:22:52.0182 6952 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
14:22:52.0228 6952 TCPIP6 - ok
14:22:52.0275 6952 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:22:52.0338 6952 tcpipreg - ok
14:22:52.0431 6952 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:22:52.0478 6952 TDPIPE - ok
14:22:52.0494 6952 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:22:52.0540 6952 TDTCP - ok
14:22:52.0572 6952 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:22:52.0634 6952 tdx - ok
14:22:52.0650 6952 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:22:52.0665 6952 TermDD - ok
14:22:52.0743 6952 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:22:52.0790 6952 tssecsrv - ok
14:22:52.0884 6952 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:22:52.0930 6952 TsUsbFlt - ok
14:22:52.0993 6952 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:22:53.0367 6952 tunnel - ok
14:22:53.0398 6952 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:22:53.0414 6952 uagp35 - ok
14:22:53.0508 6952 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:22:53.0570 6952 udfs - ok
14:22:53.0617 6952 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:22:53.0632 6952 uliagpkx - ok
14:22:53.0664 6952 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:22:53.0679 6952 umbus - ok
14:22:53.0710 6952 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:22:53.0726 6952 UmPass - ok
14:22:53.0757 6952 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
14:22:53.0773 6952 usbccgp - ok
14:22:53.0866 6952 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:22:53.0898 6952 usbcir - ok
14:22:53.0929 6952 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
14:22:53.0944 6952 usbehci - ok
14:22:53.0976 6952 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
14:22:54.0022 6952 usbhub - ok
14:22:54.0038 6952 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
14:22:54.0069 6952 usbohci - ok
14:22:54.0163 6952 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:22:54.0194 6952 usbprint - ok
14:22:54.0241 6952 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:22:54.0272 6952 usbscan - ok
14:22:54.0303 6952 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:22:54.0319 6952 USBSTOR - ok
14:22:54.0334 6952 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:22:54.0381 6952 usbuhci - ok
14:22:54.0444 6952 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:22:54.0475 6952 usbvideo - ok
14:22:54.0506 6952 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:22:54.0522 6952 vdrvroot - ok
14:22:54.0568 6952 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:22:54.0584 6952 vga - ok
14:22:54.0600 6952 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:22:54.0646 6952 VgaSave - ok
14:22:54.0678 6952 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:22:54.0693 6952 vhdmp - ok
14:22:54.0724 6952 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:22:54.0740 6952 viaide - ok
14:22:54.0756 6952 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:22:54.0771 6952 volmgr - ok
14:22:54.0818 6952 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:22:54.0834 6952 volmgrx - ok
14:22:54.0896 6952 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:22:54.0912 6952 volsnap - ok
14:22:54.0943 6952 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:22:54.0958 6952 vsmraid - ok
14:22:54.0990 6952 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:22:55.0021 6952 vwifibus - ok
14:22:55.0052 6952 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:22:55.0083 6952 vwififlt - ok
14:22:55.0177 6952 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:22:55.0192 6952 vwifimp - ok
14:22:55.0224 6952 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:22:55.0255 6952 WacomPen - ok
14:22:55.0302 6952 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:22:55.0364 6952 WANARP - ok
14:22:55.0364 6952 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:22:55.0395 6952 Wanarpv6 - ok
14:22:55.0442 6952 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:22:55.0458 6952 Wd - ok
14:22:55.0489 6952 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:22:55.0520 6952 Wdf01000 - ok
14:22:55.0629 6952 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:22:55.0676 6952 WfpLwf - ok
14:22:55.0692 6952 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:22:55.0707 6952 WIMMount - ok
14:22:55.0801 6952 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:22:55.0832 6952 WmiAcpi - ok
14:22:55.0894 6952 WNMFLT (c1b61612fccc6e750ad0a6e19c77ee85) C:\Windows\system32\Drivers\WNMFLT64.SYS
14:22:55.0910 6952 WNMFLT - ok
14:22:55.0988 6952 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:22:56.0050 6952 ws2ifsl - ok
14:22:56.0097 6952 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:22:56.0144 6952 WudfPf - ok
14:22:56.0160 6952 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:22:56.0206 6952 WUDFRd - ok
14:22:56.0253 6952 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
14:22:56.0300 6952 yukonw7 - ok
14:22:56.0347 6952 MBR (0x1B8) (acb62127cdbddb6cedce8be9700f4181) \Device\Harddisk0\DR0
14:22:56.0394 6952 \Device\Harddisk0\DR0 - ok
14:22:56.0409 6952 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
14:22:57.0314 6952 \Device\Harddisk1\DR1 - ok
14:22:57.0330 6952 Boot (0x1200) (23070d00b8b80e0563f5d7f9f43ad91e) \Device\Harddisk0\DR0\Partition0
14:22:57.0330 6952 \Device\Harddisk0\DR0\Partition0 - ok
14:22:57.0345 6952 Boot (0x1200) (836d080ec7691fe243dcdb0804742c37) \Device\Harddisk0\DR0\Partition1
14:22:57.0345 6952 \Device\Harddisk0\DR0\Partition1 - ok
14:22:57.0376 6952 Boot (0x1200) (82d515224f707f2ba8d42652aa893a49) \Device\Harddisk0\DR0\Partition2
14:22:57.0376 6952 \Device\Harddisk0\DR0\Partition2 - ok
14:22:57.0376 6952 Boot (0x1200) (f472eacce7cefb8be5efee5779930d70) \Device\Harddisk1\DR1\Partition0
14:22:57.0376 6952 \Device\Harddisk1\DR1\Partition0 - ok
14:22:57.0376 6952 ================================================== ==========
14:22:57.0376 6952 Scan finished
14:22:57.0376 6952 ================================================== ==========
14:22:57.0408 8284 Detected object count: 0
14:22:57.0408 8284 Actual detected object count: 0
[DDS Log]
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Run by Jaouad at 14:24:49 on 2011-12-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4063.2642 [GMT 1:00]
.
AV: Panda Internet Security 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.e xe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.e xe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE
c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\Jaouad\AppData\Local\Akamai\netsession_wi n.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATICAE. EXE
C:\Users\Jaouad\AppData\Local\Akamai\netsession_wi n.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.be/
mSearchAssistant = hxxp://start.facemoods.com/?a=bfus&s={searchTerms}&f=4
uURLSearchHooks: H - No File
mWinlogon: Userinit=C:\Windows\system32\userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {87775FDB-6972-41F9-AE51-8326E38CB206} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
uRun: [Akamai NetSession Interface] C:\Users\Jaouad\AppData\Local\Akamai\netsession_wi n.exe
uRun: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE. EXE /FU "C:\Windows\TEMP\E_SC7D9.tmp" /EF "HKCU"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 10.2.19.4 10.2.17.4 10.202.19.2
TCP: Interfaces\{4FE78271-9BD6-422D-82A2-2E172E1689D4} : DhcpNameServer = 10.2.19.4 10.2.17.4 10.202.19.2
TCP: Interfaces\{4FE78271-9BD6-422D-82A2-2E172E1689D4}\2444F4F514472796F6F57457563747 : DhcpNameServer = 195.238.2.21 195.238.2.22
TCP: Interfaces\{4FE78271-9BD6-422D-82A2-2E172E1689D4}\65257425F45405 : DhcpNameServer = 195.130.131.4 195.130.130.132 192.168.1.1
TCP: Interfaces\{4FE78271-9BD6-422D-82A2-2E172E1689D4}\7427F656E6567516C6679637D276163747 : DhcpNameServer = 195.130.131.4 195.130.130.132
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {87775FDB-6972-41F9-AE51-8326E38CB206} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(standaard)]
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun-x64: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
mRun-x64: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;Panda boot driver;C:\Windows\system32\Drivers\pavboot64.sys --> C:\Windows\system32\Drivers\pavboot64.sys [?]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShldFlt.sys --> C:\Windows\system32\DRIVERS\ShldFlt.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileReposi tory\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AE STSr64.exe [2010-10-5 89600]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 20992]
R2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm6460.sy s --> C:\Windows\system32\DRIVERS\amm6460.sys [?]
R2 APPFLT;App Filter Plugin;\??\C:\Windows\system32\Drivers\APPFLT64.SY S --> C:\Windows\system32\Drivers\APPFLT64.SYS [?]
R2 ComFiltr;Panda Anti-Dialer;\??\C:\Windows\system32\DRIVERS\COMFiltr.sy s --> C:\Windows\system32\DRIVERS\COMFiltr.sys [?]
R2 DSAFLT;DSA Filter Plugin;\??\C:\Windows\system32\Drivers\DSAFLT64.SY S --> C:\Windows\system32\Drivers\DSAFLT64.SYS [?]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
R2 FNETMON;NetMon Filter Plugin;\??\C:\Windows\system32\Drivers\fnetm64.SYS --> C:\Windows\system32\Drivers\fnetm64.SYS [?]
R2 IDSFLT;Ids Filter Plugin;\??\C:\Windows\system32\Drivers\IDSFLT64.SY S --> C:\Windows\system32\Drivers\IDSFLT64.SYS [?]
R2 NETFLTDI;Panda Net Driver [TDI Layer];\??\C:\Windows\system32\Drivers\NETTDI64.SYS --> C:\Windows\system32\Drivers\NETTDI64.SYS [?]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrlS.exe [2011-12-6 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2011-12-6 202048]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2011-12-6 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2011-12-6 314176]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\psksvc.exe [2011-12-6 28992]
R2 WNMFLT;Wifi Monitor Filter Plugin;\??\C:\Windows\system32\Drivers\WNMFLT64.SY S --> C:\Windows\system32\Drivers\WNMFLT64.SYS [?]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-11-10 228408]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\system32\DRIVERS\n64i1644.sys --> C:\Windows\system32\DRIVERS\n64i1644.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssflt r.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-10-5 225280]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VS TAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VS TDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVER S\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
.scr=DWGTrueViewScriptFile
.
=============== Created Last 30 ================
.
2011-12-23 13:11:49 -------- d-----w- C:\Users\Jaouad\AppData\Roaming\Malwarebytes
2011-12-23 13:11:35 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-23 13:11:17 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-23 13:11:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-23 11:59:47 -------- d-----w- C:\Users\Jaouad\AppData\Local\{BDA4F776-E7F1-4201-B610-82C67A2D416C}
2011-12-23 11:51:18 -------- d-----w- C:\Users\Jaouad\AppData\Local\{020AB46A-EEB6-4DC2-8E9F-C9D5FCEFE394}
2011-12-22 22:23:05 -------- d-----w- C:\Users\Jaouad\AppData\Local\{9FF8EC8E-F073-46CF-945C-D1951CD41057}
2011-12-22 22:22:52 -------- d-----w- C:\Users\Jaouad\AppData\Local\{AAFAA931-989D-4D87-8CE2-F98798CDE3CA}
2011-12-22 12:11:35 -------- d-----w- C:\Program Files (x86)\Edraw Max
2011-12-22 10:22:24 -------- d-----w- C:\Users\Jaouad\AppData\Local\{77514323-3BF1-474C-8959-358CA500B6B8}
2011-12-22 10:21:47 -------- d-----w- C:\Users\Jaouad\AppData\Local\{70B4BE79-D121-4F5A-9775-236EBC4EF186}
2011-12-21 14:09:56 -------- d-----w- C:\Users\Jaouad\AppData\Local\{CBA8A7AB-85D4-432C-8144-EB066CE15038}
2011-12-21 14:09:45 -------- d-----w- C:\Users\Jaouad\AppData\Local\{F3926A31-D702-4581-B300-13C8C88541DC}
2011-12-21 10:58:02 -------- d-----w- C:\Users\Jaouad\AppData\Local\{775AD6F9-B8B7-44AC-A298-189867F7797B}
2011-12-20 22:15:16 -------- d-----w- C:\Users\Jaouad\AppData\Local\{BD2118D3-4F7D-497C-A56E-95266598D15A}
2011-12-20 22:15:05 -------- d-----w- C:\Users\Jaouad\AppData\Local\{C78FE361-F246-4506-A21B-1A7FBAD5395E}
2011-12-20 17:00:56 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-20 14:29:05 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2011-12-20 14:24:26 -------- d-sh--w- C:\Users\Jaouad\AppData\Local\0f40d0bc
2011-12-20 10:14:37 -------- d-----w- C:\Users\Jaouad\AppData\Local\{27B5C360-C4D4-4254-8EBE-AA3880B4B5E5}
2011-12-20 10:14:13 -------- d-----w- C:\Users\Jaouad\AppData\Local\{AF01F1F6-5EDC-491E-A0F7-333A13A9BEA9}
2011-12-19 14:29:48 -------- d-----w- C:\Users\Jaouad\AppData\Local\{EE9097B7-DD5A-4DB4-8B09-AA4D19718A73}
2011-12-19 14:29:11 -------- d-----w- C:\Users\Jaouad\AppData\Local\{ABE71199-23D0-4C16-B743-68B7A5962642}
2011-12-18 19:43:00 208896 ----a-w- C:\Windows\SysWow64\esint7e.dll
2011-12-18 19:42:58 -------- d-----w- C:\Program Files (x86)\epson
2011-12-18 19:42:57 4608 ----a-w- C:\Windows\System32\esxwiaml.dll
2011-12-18 19:42:57 245248 ----a-w- C:\Windows\System32\esxuin7e.dll
2011-12-18 19:42:57 100352 ----a-w- C:\Windows\System32\esxwia7e.dll
2011-12-18 19:38:01 8704 ----a-w- C:\Windows\System32\E_GCINST.DLL
2011-12-18 19:38:01 108032 ----a-w- C:\Windows\System32\E_ILMCAE.DLL
2011-12-18 19:38:00 81408 ----a-w- C:\Windows\System32\E_IBCBCAE.DLL
2011-12-18 19:37:53 -------- d-----w- C:\ProgramData\EPSON
2011-12-18 11:57:04 -------- d-----w- C:\Users\Jaouad\AppData\Local\{8FBA1CA7-1DEC-4E19-ABE1-31C4046C08E6}
2011-12-18 11:56:32 -------- d-----w- C:\Users\Jaouad\AppData\Local\{5A272F1B-9B79-42AE-9989-D2816C1DD99A}
2011-12-17 13:57:44 -------- d-----w- C:\Users\Jaouad\AppData\Local\{F104246A-7B53-4480-960A-9A4FE4EC1B8D}
2011-12-17 13:57:06 -------- d-----w- C:\Users\Jaouad\AppData\Local\{F60A72CC-AD67-4746-BDDF-A013A8D4A254}
2011-12-17 01:11:34 -------- d-----w- C:\Users\Jaouad\AppData\Local\{75E7BF69-A4E3-4613-ABC1-CA2DE1311FC8}
2011-12-16 08:15:18 -------- d-----w- C:\Users\Jaouad\AppData\Local\{DFB2C6A3-C80B-4DF4-AE03-9C647E37F598}
2011-12-15 22:25:53 -------- d-----w- C:\Users\Jaouad\AppData\Local\{125B243A-B429-4148-B31C-B3AB4A2FB43B}
2011-12-15 11:13:55 -------- d-----w- C:\Program Files (x86)\Panda USB Vaccine
2011-12-15 10:09:39 -------- d-----w- C:\Users\Jaouad\AppData\Local\{688FF999-85DB-40A2-A277-22C1824191BF}
2011-12-15 10:09:02 -------- d-----w- C:\Users\Jaouad\AppData\Local\{2084EC9D-4388-4150-B7AA-C21DB3ACB2E8}
2011-12-14 21:18:27 -------- d-----w- C:\Users\Jaouad\AppData\Local\Solid State Networks
2011-12-14 19:03:42 -------- d-----w- C:\Users\Jaouad\AppData\Local\{72304892-F7C3-48A1-8289-50D173229C84}
2011-12-14 19:03:20 -------- d-----w- C:\Users\Jaouad\AppData\Local\{42FC8741-D477-4FD1-96A9-F29AFE65EA7A}
2011-12-13 17:33:07 -------- d-----w- C:\Users\Jaouad\AppData\Local\{B69CAFE2-2B60-4DC0-BBA9-BD1551F87911}
2011-12-13 17:30:01 -------- d-----w- C:\Users\Jaouad\AppData\Local\{0EC2D424-6EAA-4328-9FF9-6A27C9389DFE}
2011-12-12 14:53:05 -------- d-----w- C:\Users\Jaouad\AppData\Local\{3DDA43C4-0D9D-408E-A9B9-170FE5B37219}
2011-12-12 14:52:29 -------- d-----w- C:\Users\Jaouad\AppData\Local\{7EB13326-759C-4E2A-9112-6BA8A1085FAC}
2011-12-11 19:39:17 -------- d-----w- C:\Users\Jaouad\AppData\Local\{012B8782-EE32-4E4C-A944-BDE9CD293C93}
2011-12-11 19:38:30 -------- d-----w- C:\Users\Jaouad\AppData\Local\{317BB62B-6824-47DA-BD18-EA22A9A63D0E}
2011-12-11 12:31:33 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{816A3634-B9ED-4DF8-8D6B-D6148C83BEEC}\mpengine.dll
2011-12-10 11:29:39 -------- d-----w- C:\Panda Software
2011-12-10 11:10:56 -------- d-----w- C:\Users\Jaouad\AppData\Local\{73B450B6-AB06-4E4C-8B15-C19CC9E1FB1A}
2011-12-10 11:08:04 -------- d-----w- C:\Users\Jaouad\AppData\Local\{ABB89138-6B21-438F-B5ED-29D2EBA05070}
2011-12-09 09:28:05 -------- d-----w- C:\Users\Jaouad\AppData\Local\{F2CCC4D3-3008-4C00-986D-01556BD6A897}
2011-12-09 09:27:27 -------- d-----w- C:\Users\Jaouad\AppData\Local\{D81DE40D-6918-4CC2-B0EE-054F370C35E8}
2011-12-08 14:26:37 -------- d-----w- C:\Users\Jaouad\AppData\Local\{E42300B3-2D7B-49D2-9E9A-382E06BD5EE2}
2011-12-08 14:26:13 -------- d-----w- C:\Users\Jaouad\AppData\Local\{A0A698D3-13B7-461B-A884-73D4891EA386}
2011-12-07 23:14:45 -------- d-----w- C:\Users\Jaouad\AppData\Local\{5CE7FE54-3954-4B48-A476-FB8C8314EB68}
2011-12-07 23:14:23 -------- d-----w- C:\Users\Jaouad\AppData\Local\{F261A111-D9E8-4E84-8A14-3A55BF78E66E}
2011-12-07 16:44:05 -------- d-----w- C:\ProgramData\Affinegy
2011-12-07 16:44:05 -------- d-----w- C:\Program Files (x86)\Belkin
2011-12-07 11:13:56 -------- d-----w- C:\Users\Jaouad\AppData\Local\{DEA489EC-1657-4C6A-8050-E68A27398CC3}
2011-12-07 11:13:45 -------- d-----w- C:\Users\Jaouad\AppData\Local\{6EAC9E51-49FB-4ACF-AE42-6CCF97E1A1D0}
2011-12-06 17:02:16 -------- d-----w- C:\ProgramData\Panda Software
2011-12-06 13:02:36 -------- d-----w- C:\Windows\FltMgr
2011-12-06 13:01:56 -------- d-----w- C:\Users\Jaouad\AppData\Local\{DBAEDDB0-0CB4-4AB2-854D-CA6E21B9CBF5}
2011-12-06 13:01:46 -------- d-----w- C:\Users\Jaouad\AppData\Local\{15C40DA9-0E85-4AC6-8F3F-56D40B2BDCAB}
2011-12-06 13:01:12 -------- d-----w- C:\Users\Jaouad\AppData\Local\Panda Security
2011-12-06 12:55:42 15928 ----a-w- C:\Windows\System32\drivers\COMFiltr.sys
2011-12-06 12:55:17 82952 ----a-w- C:\Windows\System32\drivers\dsaflt64.sys
2011-12-06 12:55:17 78920 ----a-w- C:\Windows\System32\drivers\idsflt64.sys
2011-12-06 12:55:17 74760 ----a-w- C:\Windows\System32\drivers\wnmflt64.sys
2011-12-06 12:55:03 31752 ----a-w- C:\Windows\System32\drivers\fnetm64.sys
2011-12-06 12:55:03 170504 ----a-w- C:\Windows\System32\drivers\NETTDI64.SYS
2011-12-06 12:55:03 129096 ----a-w- C:\Windows\System32\drivers\APPFLT64.SYS
2011-12-06 12:55:01 -------- d-----w- C:\ProgramData\Backup
2011-12-06 12:55:00 30792 ----a-w- C:\Windows\System32\drivers\pavboot64.sys
2011-12-06 12:50:43 48136 ----a-w- C:\Windows\System32\drivers\ShldFlt.sys
2011-12-06 12:50:43 -------- d-----w- C:\Program Files (x86)\Common Files\Panda Security
2011-12-06 09:55:29 -------- d-----w- C:\Users\Jaouad\AppData\Local\{2C2204EA-8ADE-4E33-AF73-169D5E2D9EAB}
2011-12-05 21:03:00 -------- d-----w- C:\Users\Jaouad\AppData\Local\{C72EA6A2-158E-4236-92F3-DD5901C2A181}
2011-12-05 17:58:07 -------- d-----w- C:\Users\Jaouad\AppData\Local\{4F2C0503-6DAA-40BB-9AFE-92F7268CFF58}
2011-12-05 17:03:15 -------- d-----w- C:\Users\Jaouad\AppData\Local\{B204C18A-A094-4CCA-85BE-50F3907F769A}
2011-11-29 12:43:14 -------- d-----w- C:\Users\Jaouad\AppData\Local\{FF8D0DEE-FEB1-4B5E-9AD2-49E63EEDAAD3}
2011-11-29 12:42:44 -------- d-----w- C:\Users\Jaouad\AppData\Roaming\Synaptics
.
==================== Find3M ====================
.
2011-12-08 10:35:37 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-10-21 17:17:13 1468 ----a-w- C:\Windows\SysWow64\setacl.bat
2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 14:25:22,76 ===============
EvelineGirl
23 December 2011, 16:00
Download ComboFix van één van deze locaties:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.infospyware.net/antimalware/combofix/)
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden) kunt u lezen hoe u Combofix dient te gebruiken.
1. Bij Windows XP gebruikers zal er indien nodig gevraagd worden om de "Recovery Console" te installeren, sta dit dan toe (hiervoor is een actieve internet verbinding vereist)
2. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* (hier (http://www.bleepingcomputer.com/forums/topic114351.html) of hier (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html) staat een handleiding over hoe je deze kan uitschakelen:)
3. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
4. Dubbelklik op "Combofix.exe" om de tool te starten.
5. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.
* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.
6. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.