Hallo,

Mijn laptop is geïnfecteerd geraakt met het nieuwe Buma virus. Inmiddels heb ik via deze site alle beschreven stappen van doorlopen. ( Bedankt voor de duidelijke aanwijzingen!) Alleen Pc geboot via veilige modus opdrachtprompt ipv Kaspersky. Dit zijn mijn logs van Malwarebytes Anti-Malware, Emsisoft en DDS:

Malwarebytes Anti-Malware 1.60.1.1000
http://www.malwarebytes.org" onclick="window.open(this.href);return false;

Databaseversie: v2012.03.02.01

Windows Vista x86 NTFS
Internet Explorer 8.0.6001.18882

2-3-2012 8:41:28
mbam-log-2012-03-02 (08-41-28).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 188836
Verstreken tijd: 12 minuut/minuten, 13 seconde(n)

Geheugenprocessen gedetecteerd: 1
c:\windows\installer\{9be3c893-3625-1cad-5a1f-a1a839a0f3c5}\syshost.exe (Trojan.Backdoor.FSGen) -> 944 -> Zal worden verwijderd tijdens het herstarten.

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 7
c:\windows\installer\{9be3c893-3625-1cad-5a1f-a1a839a0f3c5}\syshost.exe (Trojan.Backdoor.FSGen) -> Zal worden verwijderd tijdens het herstarten.
c:\windows\syshost.exe (Trojan.Downloader) -> Zal worden verwijderd tijdens het herstarten.
c:\users\user\appdata\local\temp\syshost.exe (Spyware.Agent) -> Zal worden verwijderd tijdens het herstarten.
c:\windows\serviceprofiles\localservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Zal worden verwijderd tijdens het herstarten.
c:\windows\serviceprofiles\networkservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Zal worden verwijderd tijdens het herstarten.
c:\windows\system32\config\systemprofile\appdata\local\temp\syshost.exe (Spyware.Agent) -> Zal worden verwijderd tijdens het herstarten.
c:\windows\temp\syshost.exe (Spyware.Agent) -> Zal worden verwijderd tijdens het herstarten.

(einde)

Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 1-3-2012 17:23:52

Scaninstellingen:

Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\, D:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan

Scan gestart: 2-3-2012 9:06:07

C:\ProgramData\GFI Software\AntiMalware\Quarantine\{58BD2D51-33EF-4BB4-908F-7E375BF50B97}_ENC2 Ontdekt: Rootkit.Win32.Agent!IK
C:\Users\All Users\GFI Software\AntiMalware\Quarantine\{58BD2D51-33EF-4BB4-908F-7E375BF50B97}_ENC2 Ontdekt: Rootkit.Win32.Agent!IK

Gescand

Bestanden: 342905
Sporen: 405133
Cookies: 7
Processen: 56

Gevonden

Bestanden: 2
Sporen: 0
Cookies: 0
Processen: 0
Registersleutels: 0

Scan Geëindigd: 2-3-2012 14:43:05
Scantijd: 5:36:58

C:\ProgramData\GFI Software\AntiMalware\Quarantine\{58BD2D51-33EF-4BB4-908F-7E375BF50B97}_ENC2 Verwijderd Rootkit.Win32.Agent!IK
C:\Users\All Users\GFI Software\AntiMalware\Quarantine\{58BD2D51-33EF-4BB4-908F-7E375BF50B97}_ENC2 Verwijderd Rootkit.Win32.Agent!IK

Verwijderd

Bestanden: 2
Sporen: 0
Cookies: 0


DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_30
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\user\Desktop\run\a2emergencykit.exe
C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=73&bd=Pavilion&pf=laptop" onclick="window.open(this.href);return false;
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=73&bd=Pavilion&pf=laptop" onclick="window.open(this.href);return false;
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=73&bd=Pavilion&pf=laptop" onclick="window.open(this.href);return false;
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - c:\program files\utorrentbar_nl\prxtbuTor.dll
mURLSearchHooks: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - c:\program files\utorrentbar_nl\prxtbuTor.dll
uWindows: Load="c:\windows\system32\smss.exe:844230881.vbs"
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - c:\program files\utorrentbar_nl\prxtbuTor.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Ask Search Assistant BHO: {9cb65201-89c4-402c-ba80-02d8c59f9b1d} - Ask Search Assistant BHO
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - c:\program files\utorrentbar_nl\prxtbuTor.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: Ask Toolbar: {fe063db9-4ec0-403e-8dd8-394c54984b2c} -
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [2X9I7BYX2HVCZF8VFHSCXXYSYXRRGAK] 2f0071000000
uRunServices: [PlayerPlayer] c:\users\user~1\appdata\local\temp\0.6116133340978206.exe
uRunServices: [0.6116133340978206] c:\users\user\appdata\local\temp\0.6116133340978206.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSConfig] "c:\windows\system32\msconfig.exe" /auto
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SBAMTray] "c:\program files\gfi software\vipre\SBAMTray.exe"
mRun: [SBRegRebootCleaner] "c:\program files\gfi software\vipre\SBRC.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} - hxxp://dl.pplive.com/PluginSetup.cab" onclick="window.open(this.href);return false;
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{DF559764-E4CE-49BA-A800-BDDA662DEDA6} : DhcpNameServer = 10.0.0.138
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\eals0j79.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" onclick="window.open(this.href);return false;
FF - component:
c:\users\appdata\roaming\mozilla\firefox\
profiles\eals0j79.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\appdata\roaming\mozilla\firefox\profiles\eals0j79.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2012-2-2 84600]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-9-9 77816]
R2 SBPIMSvc;SB Recovery Service;c:\program files\gfi software\vipre\SBPIMSvc.exe [2011-11-1 173424]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\Ndisrd.sys [2009-8-28 22016]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-18 135664]
S2 SBAMSvc;VIPRE Internet Security;c:\program files\gfi software\vipre\SBAMSvc.exe [2011-11-1 3287472]
S2 syshost32;syshost32;"c:\windows\installer\{9be3c893-3625-1cad-5a1f-a1a839a0f3c5}\syshost.exe" /service --> c:\windows\installer\{9be3c893-3625-1cad-5a1f-a1a839a0f3c5}\syshost.exe [?]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-11-15 54632]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-18 135664]
S3 Ndisrd;WinpkFilter Service;c:\windows\system32\drivers\Ndisrd.sys [2009-8-28 22016]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-2-2 94584]
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-2-2 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-2-2 93816]
.
=============== Created Last 30 ================
.
2012-03-02 07:41:19 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-03-02 07:03:05 -------- d-----w- c:\users\ user
user\appdata\roaming\Malwarebytes
2012-03-02 07:02:57 -------- d-----w- c:\programdata\Malwarebytes
2012-03-02 07:02:55 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-02 07:02:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-02 04:38:24 388096 ----a-r- c:\users\ user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-03-02 04:38:21 -------- d-----w- c:\program files\Trend Micro
2012-03-01 18:06:44 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-03-01 17:00:52 -------- d-----w- c:\users\
\appdata\roaming\EurekaLog
2012-03-01 16:15:42 54016 ----a-w- c:\windows\system32\drivers\jvtkw.sys
2012-02-29 21:36:25 -------- d-----w- c:\users\appdata\roaming\CBS Interactive
2012-02-28 21:48:41 -------- d-----w- c:\programdata\CPA_VA
2012-02-28 21:21:05 -------- d-----w- c:\programdata\Comodo
2012-02-28 21:20:39 -------- d-----w- c:\program files\Comodo
2012-02-28 21:20:28 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-02-28 11:58:26 -------- d-----w- c:\users\appdata\roaming\Wyroygz
2012-02-28 11:58:26 -------- d-----w- c:\users\appdata\roaming\Cukara
2012-02-16 18:41:57 -------- d-----w- c:\program files\Conduit
2012-02-16 18:41:14 -------- d-----w- c:\users\appdata\local\Conduit
2012-02-16 18:41:03 -------- d-----w- c:\program files\uTorrentBar_NL
2012-02-16 18:40:39 -------- d-----w- c:\program files\uTorrent
2012-02-16 18:38:11 -------- d-----w- c:\users\appdata\roaming\uTorrent
2012-02-12 22:14:59 646104 ----a-w- c:\program files\mozilla firefox\nss3.dll
2012-02-12 22:14:59 371672 ----a-w- c:\program files\mozilla firefox\nssckbi.dll
2012-02-12 22:14:59 109528 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
2012-02-12 22:14:59 105432 ----a-w- c:\program files\mozilla firefox\nssutil3.dll
2012-02-11 15:59:31 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2012-02-10 15:35:39 -------- d-sh--w- c:\users\appdata\local\1cf6efbe
2012-02-09 14:53:39 -------- d-----w- C:\temp
2012-02-02 10:31:19 -------- d-----w- c:\programdata\GFI Software
2012-02-02 10:29:30 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-02-02 10:29:26 84600 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-02-02 10:25:51 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-02-02 10:25:51 223864 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-02-02 10:25:42 -------- d-----w- c:\windows\system32\drivers\VDD
2012-02-02 10:23:08 -------- d-----w- c:\program files\GFI Software
2012-02-02 10:22:45 -------- d-----w- c:\users\appdata\roaming\GFI Software
.
==================== Find3M ====================
.
2012-02-28 15:25:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-07 09:08:58 236576 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 15:23:51,75 ===============


Ik hoor het graag als ik verdere stappen moet ondernemen.
Alvast bedankt voor de hulp!

Hoi en welkom op het forum,

1. Download aswMBR.exe naar het bureaublad.

• Dubbelklik op "aswMBR.exe" om de tool te starten.
• Klik bij het volgende venster op "Nee"
• Klik op de knop "scan"
• 
• Als de scan gereed is klikt u op de knop "save log"
• 
• Plaats dit log bestand in het volgende bericht.

2. Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

Let op!!! Windows Vista & 7 gebruikers dienen ComboFix als administrator uit te voeren "Rechtermuisknop uitvoeren als"

Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier staat een handleiding over hoe je deze kan uitschakelen:)

• Dubbelklik op "ComboFix.exe en ga "Akkoord" met de 'Disclaimer'
• Als er een melding komt dat er "Een nieuwere versie van ComboFix" beschikbaar is klik dan op "Ja" om te updaten.

• Klik na het update nogmaals op "Akkoord" en ComboFix zal nu starten.
• Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bij bijvoorbeeld een aanwezige rootkit, dit is normaal.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht samen met het logje van aswMBR.

Ik krijg error scan te zien bij het scannen via aswMBR.

Hoi,

Welke error geeft aswMBR precies?

Download TDSSKStarter naar het bureaublad.

• Dubbelklik op "TDSSKStarter.exe" om de tool te starten.
• Er zal een CMD venster gestart worden en indien gereed automatisch sluiten.
• Plaats de inhoud van het geopende kladblok bestand in het volgende bericht.

Hoi,

De error die aswMBR toont is:
Initialze error C0000001 - driver not loaded

Combofix hierna geprobeerd en lukt ook niet. Viel namelijk direct weg (tweemaal geprobeerd).

Het resultaat van TDSSKStarter.exe is als volgt:

17:59:11.0171 2204 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07
17:59:11.0173 2204 ============================================================
17:59:11.0173 2204 Current date / time: 2012/03/02 17:59:11.0173
17:59:11.0173 2204 SystemInfo:
17:59:11.0173 2204
17:59:11.0174 2204 OS Version: 6.0.6000 ServicePack: 0.0
17:59:11.0174 2204 Product type: Workstation
17:59:11.0174 2204 ComputerName:
17:59:11.0174 2204 UserName:
17:59:11.0174 2204 Windows directory: C:\Windows
17:59:11.0174 2204 System windows directory: C:\Windows
17:59:11.0174 2204 Processor architecture: Intel x86
17:59:11.0174 2204 Number of processors: 2
17:59:11.0174 2204 Page size: 0x1000
17:59:11.0174 2204 Boot type: Normal boot
17:59:11.0175 2204 ============================================================
17:59:23.0180 2204 !crdlk
17:59:23.0326 2204 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
17:59:23.0360 2204 \Device\Harddisk0\DR0:
17:59:23.0406 2204 MBR used
17:59:23.0406 2204 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD1C5A3D
17:59:23.0406 2204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xD1C5A7C, BlocksNum 0xDCDD45
17:59:23.0660 2204 Initialize success
17:59:23.0660 2204 ============================================================
17:59:23.0704 1436 ============================================================
17:59:23.0704 1436 Scan started
17:59:23.0704 1436 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
17:59:23.0704 1436 ============================================================
17:59:30.0166 1436 .tdx - ok
17:59:30.0692 1436 Suspicious service (NoAccess): 1c5ca90276bd7ebd
17:59:32.0591 1436 1c5ca90276bd7ebd (b044bfa41bc95f6bca614772dba770e6) C:\Windows\System32\Drivers\1c5ca90276bd7ebd.sys
17:59:32.0591 1436 Suspicious file (NoAccess): C:\Windows\System32\Drivers\1c5ca90276bd7ebd.sys. md5: b044bfa41bc95f6bca614772dba770e6
17:59:33.0186 1436 1c5ca90276bd7ebd ( LockedService.Multi.Generic ) - warning
17:59:33.0186 1436 1c5ca90276bd7ebd - detected LockedService.Multi.Generic (1)
17:59:35.0163 1436 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
17:59:35.0382 1436 ACPI - ok
17:59:36.0635 1436 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
17:59:36.0712 1436 adp94xx - ok
17:59:37.0233 1436 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
17:59:37.0398 1436 adpahci - ok
17:59:38.0960 1436 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
17:59:38.0980 1436 adpu160m - ok
17:59:39.0954 1436 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
17:59:39.0993 1436 adpu320 - ok
17:59:45.0124 1436 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
17:59:48.0790 1436 AFD - ok
17:59:51.0132 1436 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
17:59:51.0184 1436 agp440 - ok
17:59:54.0270 1436 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:59:54.0361 1436 aic78xx - ok
17:59:59.0078 1436 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
17:59:59.0135 1436 aliide - ok
18:00:01.0752 1436 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:00:01.0789 1436 amdagp - ok
18:00:04.0629 1436 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
18:00:04.0672 1436 amdide - ok
18:00:07.0307 1436 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:00:07.0496 1436 AmdK7 - ok
18:00:10.0710 1436 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
18:00:10.0904 1436 AmdK8 - ok
18:00:19.0848 1436 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:00:19.0875 1436 arc - ok
18:00:20.0333 1436 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:00:20.0355 1436 arcsas - ok
18:00:20.0683 1436 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:20.0797 1436 AsyncMac - ok
18:00:21.0149 1436 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
18:00:21.0180 1436 atapi - ok
18:00:22.0239 1436 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:00:22.0513 1436 BCM43XV - ok
18:00:22.0739 1436 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
18:00:22.0855 1436 Beep - ok
18:00:23.0360 1436 blbdrive - ok
18:00:23.0716 1436 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
18:00:23.0885 1436 bowser - ok
18:00:24.0134 1436 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:00:24.0324 1436 BrFiltLo - ok
18:00:24.0884 1436 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:00:25.0013 1436 BrFiltUp - ok
18:00:25.0679 1436 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:00:25.0807 1436 Brserid - ok
18:00:26.0186 1436 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:00:26.0331 1436 BrSerWdm - ok
18:00:26.0738 1436 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:00:26.0849 1436 BrUsbMdm - ok
18:00:27.0041 1436 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:00:27.0191 1436 BrUsbSer - ok
18:00:27.0562 1436 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:00:27.0708 1436 BTHMODEM - ok
18:00:27.0949 1436 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
18:00:28.0080 1436 cdfs - ok
18:00:30.0107 1436 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
18:00:30.0283 1436 cdrom - ok
18:00:34.0831 1436 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
18:00:34.0964 1436 circlass - ok
18:00:38.0094 1436 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
18:00:38.0241 1436 CLFS - ok
18:00:39.0703 1436 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
18:00:39.0838 1436 CmBatt - ok
18:00:40.0329 1436 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
18:00:40.0347 1436 cmdide - ok
18:00:41.0029 1436 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
18:00:41.0048 1436 Compbatt - ok
18:00:41.0842 1436 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:00:41.0860 1436 crcdisk - ok
18:00:42.0371 1436 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:00:42.0509 1436 Crusoe - ok
18:00:43.0904 1436 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
18:00:44.0056 1436 DfsC - ok
18:00:44.0664 1436 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
18:00:44.0681 1436 disk - ok
18:00:45.0613 1436 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
18:00:45.0715 1436 drmkaud - ok
18:00:46.0358 1436 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
18:00:46.0572 1436 DXGKrnl - ok
18:00:46.0932 1436 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
18:00:47.0027 1436 E100B - ok
18:00:47.0288 1436 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:00:47.0451 1436 E1G60 - ok
18:00:47.0799 1436 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys
18:00:47.0907 1436 eabfiltr - ok
18:00:49.0078 1436 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
18:00:49.0140 1436 Ecache - ok
18:00:49.0427 1436 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:00:49.0454 1436 elxstor - ok
18:00:49.0689 1436 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
18:00:49.0797 1436 fastfat - ok
18:00:50.0638 1436 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:00:50.0760 1436 fdc - ok
18:00:51.0079 1436 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
18:00:51.0096 1436 FileInfo - ok
18:00:51.0215 1436 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
18:00:51.0462 1436 Filetrace - ok
18:00:51.0610 1436 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:00:51.0707 1436 flpydisk - ok
18:00:51.0841 1436 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
18:00:51.0864 1436 FltMgr - ok
18:00:52.0039 1436 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
18:00:52.0056 1436 fssfltr - ok
18:00:52.0293 1436 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
18:00:52.0344 1436 Fs_Rec - ok
18:00:52.0489 1436 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:00:52.0506 1436 gagp30kx - ok
18:00:52.0642 1436 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:00:52.0657 1436 GEARAspiWDM - ok
18:00:53.0076 1436 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys
18:00:53.0115 1436 HBtnKey - ok
18:00:53.0240 1436 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:00:53.0337 1436 HdAudAddService - ok
18:00:53.0509 1436 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:00:53.0569 1436 HDAudBus - ok
18:00:53.0637 1436 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:00:53.0733 1436 HidBth - ok
18:00:53.0807 1436 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:00:53.0905 1436 HidIr - ok
18:00:54.0124 1436 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
18:00:54.0218 1436 HidUsb - ok
18:00:54.0382 1436 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:00:54.0398 1436 HpCISSs - ok
18:00:54.0530 1436 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:00:54.0594 1436 HSFHWAZL - ok
18:00:54.0761 1436 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:00:54.0918 1436 HSF_DPV - ok
18:00:55.0063 1436 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
18:00:55.0161 1436 HTTP - ok
18:00:55.0308 1436 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:00:55.0324 1436 i2omp - ok
18:00:55.0569 1436 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
18:00:55.0623 1436 i8042prt - ok
18:00:55.0938 1436 ialm (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:00:56.0183 1436 ialm - ok
18:00:56.0370 1436 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
18:00:56.0603 1436 iaStor - ok
18:00:56.0804 1436 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:00:56.0829 1436 iaStorV - ok
18:00:57.0083 1436 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:00:57.0318 1436 igfx - ok
18:00:57.0708 1436 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:00:57.0725 1436 iirsp - ok
18:00:57.0924 1436 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys
18:00:58.0119 1436 IntcAzAudAddService - ok
18:00:58.0282 1436 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
18:00:58.0297 1436 intelide - ok
18:00:58.0506 1436 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
18:00:58.0607 1436 intelppm - ok
18:00:58.0762 1436 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:00:58.0881 1436 IpFilterDriver - ok
18:00:59.0010 1436 IpInIp - ok
18:00:59.0127 1436 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:00:59.0229 1436 IPMIDRV - ok
18:00:59.0370 1436 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
18:00:59.0461 1436 IPNAT - ok
18:00:59.0699 1436 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
18:00:59.0805 1436 IRENUM - ok
18:00:59.0986 1436 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:01:00.0004 1436 isapnp - ok
18:01:00.0111 1436 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
18:01:00.0132 1436 iScsiPrt - ok
18:01:00.0252 1436 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:01:00.0269 1436 iteatapi - ok
18:01:00.0322 1436 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:01:00.0338 1436 iteraid - ok
18:01:00.0488 1436 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
18:01:00.0505 1436 kbdclass - ok
18:01:00.0613 1436 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
18:01:00.0652 1436 kbdhid - ok
18:01:00.0822 1436 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
18:01:00.0863 1436 KSecDD - ok
18:01:01.0113 1436 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
18:01:01.0216 1436 lltdio - ok
18:01:01.0436 1436 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:01:01.0454 1436 LSI_FC - ok
18:01:01.0592 1436 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:01:01.0610 1436 LSI_SAS - ok
18:01:01.0707 1436 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:01:01.0725 1436 LSI_SCSI - ok
18:01:01.0937 1436 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
18:01:02.0052 1436 luafv - ok
18:01:02.0205 1436 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:01:02.0221 1436 megasas - ok
18:01:02.0419 1436 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
18:01:02.0523 1436 Modem - ok
18:01:02.0691 1436 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
18:01:02.0759 1436 monitor - ok
18:01:02.0886 1436 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
18:01:02.0902 1436 mouclass - ok
18:01:02.0962 1436 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
18:01:02.0982 1436 mouhid - ok
18:01:03.0163 1436 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
18:01:03.0179 1436 MountMgr - ok
18:01:03.0281 1436 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:01:03.0299 1436 mpio - ok
18:01:03.0420 1436 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
18:01:03.0450 1436 mpsdrv - ok
18:01:03.0712 1436 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:01:03.0728 1436 Mraid35x - ok
18:01:03.0848 1436 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
18:01:03.0904 1436 MRxDAV - ok
18:01:04.0049 1436 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:01:04.0085 1436 mrxsmb - ok
18:01:04.0213 1436 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:01:04.0261 1436 mrxsmb10 - ok
18:01:04.0372 1436 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:01:04.0411 1436 mrxsmb20 - ok
18:01:04.0559 1436 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
18:01:04.0574 1436 msahci - ok
18:01:04.0745 1436 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:01:04.0762 1436 msdsm - ok
18:01:04.0914 1436 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
18:01:05.0009 1436 Msfs - ok
18:01:05.0153 1436 msisadrv (2c3f1983cd3629573cb9e9658247847a) C:\Windows\system32\drivers\msisadrv.sys
18:01:05.0169 1436 msisadrv - ok
18:01:05.0361 1436 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
18:01:05.0457 1436 MSKSSRV - ok
18:01:05.0577 1436 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
18:01:05.0674 1436 MSPCLOCK - ok
18:01:05.0775 1436 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
18:01:05.0871 1436 MSPQM - ok
18:01:06.0006 1436 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
18:01:06.0027 1436 MsRPC - ok
18:01:06.0162 1436 mssmbios (1f6f7159c75e4b27d138b5225808860f) C:\Windows\system32\DRIVERS\mssmbios.sys
18:01:06.0178 1436 mssmbios - ok
18:01:06.0285 1436 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
18:01:06.0381 1436 MSTEE - ok
18:01:06.0496 1436 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
18:01:06.0512 1436 Mup - ok
18:01:06.0695 1436 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
18:01:06.0754 1436 NativeWifiP - ok
18:01:06.0851 1436 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
18:01:06.0899 1436 NDIS - ok
18:01:07.0042 1436 Ndisrd (4598df84a3694dd693ea453645f1b3c8) C:\Windows\system32\DRIVERS\ndisrd.sys
18:01:07.0067 1436 Ndisrd ( UnsignedFile.Multi.Generic ) - warning
18:01:07.0067 1436 Ndisrd - detected UnsignedFile.Multi.Generic (1)
18:01:07.0126 1436 NdisrdMP (4598df84a3694dd693ea453645f1b3c8) C:\Windows\system32\DRIVERS\ndisrd.sys
18:01:07.0133 1436 NdisrdMP ( UnsignedFile.Multi.Generic ) - warning
18:01:07.0133 1436 NdisrdMP - detected UnsignedFile.Multi.Generic (1)
18:01:07.0254 1436 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
18:01:07.0284 1436 NdisTapi - ok
18:01:07.0394 1436 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
18:01:07.0493 1436 Ndisuio - ok
18:01:07.0626 1436 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
18:01:07.0709 1436 NdisWan - ok
18:01:07.0829 1436 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
18:01:07.0870 1436 NDProxy - ok
18:01:08.0029 1436 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
18:01:08.0133 1436 NetBIOS - ok
18:01:08.0320 1436 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
18:01:08.0422 1436 netbt - ok
18:01:08.0742 1436 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
18:01:09.0049 1436 NETw3v32 - ok
18:01:09.0273 1436 NETw4v32 (1d73499a6664b4da05d750ff83fdb274) C:\Windows\system32\DRIVERS\NETw4v32.sys
18:01:09.0556 1436 NETw4v32 - ok
18:01:09.0722 1436 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:01:09.0739 1436 nfrd960 - ok
18:01:09.0906 1436 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
18:01:10.0007 1436 Npfs - ok
18:01:10.0110 1436 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
18:01:10.0215 1436 nsiproxy - ok
18:01:10.0349 1436 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
18:01:10.0465 1436 Ntfs - ok
18:01:10.0701 1436 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:01:10.0815 1436 ntrigdigi - ok
18:01:10.0907 1436 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
18:01:11.0009 1436 Null - ok
18:01:11.0135 1436 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
18:01:11.0157 1436 nvraid - ok
18:01:11.0318 1436 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
18:01:11.0356 1436 nvstor - ok
18:01:11.0493 1436 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:01:11.0514 1436 nv_agp - ok
18:01:11.0569 1436 NwlnkFlt - ok
18:01:11.0656 1436 NwlnkFwd - ok
18:01:11.0757 1436 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
18:01:11.0878 1436 ohci1394 - ok
18:01:12.0253 1436 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:01:12.0345 1436 Parport - ok
18:01:12.0452 1436 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
18:01:12.0472 1436 partmgr - ok
18:01:12.0577 1436 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:01:12.0687 1436 Parvdm - ok
18:01:12.0997 1436 pci (5bedd5e1416da009c4f24adf8da13773) C:\Windows\system32\drivers\pci.sys
18:01:13.0020 1436 pci - ok
18:01:13.0161 1436 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys
18:01:13.0181 1436 pciide - ok
18:01:13.0353 1436 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:01:13.0377 1436 pcmcia - ok
18:01:13.0535 1436 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:01:13.0763 1436 PEAUTH - ok
18:01:14.0094 1436 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
18:01:14.0150 1436 PptpMiniport - ok
18:01:14.0407 1436 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:01:14.0517 1436 Processor - ok
18:01:14.0718 1436 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
18:01:14.0759 1436 PSched - ok
18:01:14.0872 1436 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
18:01:14.0887 1436 PxHelp20 - ok
18:01:15.0090 1436 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:01:15.0181 1436 ql2300 - ok
18:01:15.0374 1436 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:01:15.0394 1436 ql40xx - ok
18:01:15.0511 1436 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
18:01:15.0581 1436 QWAVEdrv - ok
18:01:15.0699 1436 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
18:01:15.0808 1436 RasAcd - ok
18:01:16.0004 1436 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:01:16.0049 1436 Rasl2tp - ok
18:01:16.0241 1436 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
18:01:16.0350 1436 RasPppoe - ok
18:01:16.0450 1436 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
18:01:16.0559 1436 rdbss - ok
18:01:16.0700 1436 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:01:16.0786 1436 RDPCDD - ok
18:01:16.0978 1436 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
18:01:17.0097 1436 rdpdr - ok
18:01:17.0345 1436 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
18:01:17.0449 1436 RDPENCDD - ok
18:01:17.0623 1436 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
18:01:17.0737 1436 RDPWD - ok
18:01:17.0963 1436 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
18:01:18.0022 1436 rimmptsk - ok
18:01:18.0153 1436 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
18:01:18.0231 1436 rimsptsk - ok
18:01:18.0419 1436 rismxdp (c663af77e2f4eabf8eb08b388d2f1f36) C:\Windows\system32\DRIVERS\rixdptsk.sys
18:01:18.0448 1436 rismxdp - ok
18:01:18.0728 1436 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
18:01:18.0836 1436 rspndr - ok
18:01:18.0989 1436 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys
18:01:19.0038 1436 RTL8169 - ok
18:01:19.0246 1436 sbapifs (a0bb2fb6749e357d4342e1eabaaea79e) C:\Windows\system32\DRIVERS\sbapifs.sys
18:01:19.0265 1436 sbapifs - ok
18:01:19.0383 1436 sbbotdi - ok
18:01:19.0607 1436 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\Windows\system32\DRIVERS\sbfwim.sys
18:01:19.0625 1436 SBFWIMCL - ok
18:01:19.0727 1436 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\Windows\system32\DRIVERS\SBFWIM.sys
18:01:19.0740 1436 SBFWIMCLMP - ok
18:01:19.0868 1436 sbhips (2b5798dcb705eed80231d37688788e09) C:\Windows\system32\drivers\sbhips.sys
18:01:19.0883 1436 sbhips - ok
18:01:20.0020 1436 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:01:20.0041 1436 sbp2port - ok
18:01:20.0166 1436 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
18:01:20.0182 1436 SBRE - ok
18:01:20.0403 1436 sbtis (97f6753da5db60108953dac75e2f5786) C:\Windows\system32\drivers\sbtis.sys
18:01:20.0420 1436 sbtis - ok
18:01:20.0699 1436 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
18:01:20.0731 1436 sdbus - ok
18:01:20.0864 1436 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:01:20.0947 1436 secdrv - ok
18:01:21.0185 1436 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:01:21.0338 1436 Serenum - ok
18:01:21.0463 1436 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:01:21.0569 1436 Serial - ok
18:01:21.0695 1436 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
18:01:21.0736 1436 sermouse - ok
18:01:21.0956 1436 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
18:01:21.0976 1436 sffdisk - ok
18:01:22.0068 1436 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:01:22.0178 1436 sffp_mmc - ok
18:01:22.0341 1436 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:01:22.0380 1436 sffp_sd - ok
18:01:22.0569 1436 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:01:22.0662 1436 sfloppy - ok
18:01:23.0142 1436 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:01:23.0159 1436 sisagp - ok
18:01:23.0273 1436 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
18:01:23.0295 1436 SiSRaid2 - ok
18:01:23.0456 1436 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:01:23.0474 1436 SiSRaid4 - ok
18:01:23.0712 1436 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
18:01:23.0823 1436 Smb - ok
18:01:23.0987 1436 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
18:01:24.0169 1436 smserial - ok
18:01:24.0428 1436 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
18:01:24.0444 1436 spldr - ok
18:01:24.0608 1436 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
18:01:24.0687 1436 srv - ok
18:01:24.0805 1436 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
18:01:24.0870 1436 srv2 - ok
18:01:25.0135 1436 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
18:01:25.0176 1436 srvnet - ok
18:01:25.0392 1436 swenum (92894dd7fdd62af808b1409b73af9c73) C:\Windows\system32\DRIVERS\swenum.sys
18:01:25.0409 1436 swenum - ok
18:01:25.0572 1436 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:01:25.0590 1436 Symc8xx - ok
18:01:25.0770 1436 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:01:25.0787 1436 Sym_hi - ok
18:01:25.0889 1436 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:01:25.0908 1436 Sym_u3 - ok
18:01:26.0030 1436 SynTP (8327106d1c93e9a7b98e63b9fcc24bb7) C:\Windows\system32\DRIVERS\SynTP.sys
18:01:26.0054 1436 SynTP - ok
18:01:26.0370 1436 tap0901 (2e644070f2240cca9775a6b79cae62cd) C:\Windows\system32\DRIVERS\tap0901.sys
18:01:26.0416 1436 tap0901 - ok
18:01:26.0561 1436 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
18:01:26.0576 1436 taphss - ok
18:01:26.0830 1436 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
18:01:26.0996 1436 Tcpip - ok
18:01:27.0164 1436 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
18:01:27.0233 1436 Tcpip6 - ok
18:01:27.0425 1436 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
18:01:27.0522 1436 tcpipreg - ok
18:01:27.0596 1436 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
18:01:27.0701 1436 TDPIPE - ok
18:01:27.0838 1436 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
18:01:27.0941 1436 TDTCP - ok
18:01:28.0062 1436 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
18:01:28.0181 1436 tdx - ok
18:01:28.0291 1436 TermDD (85908da29af0ab835048107ad2ad07d1) C:\Windows\system32\DRIVERS\termdd.sys
18:01:28.0309 1436 TermDD - ok
18:01:28.0688 1436 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:01:28.0806 1436 tssecsrv - ok
18:01:28.0928 1436 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
18:01:28.0954 1436 tunmp - ok
18:01:29.0047 1436 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
18:01:29.0095 1436 tunnel - ok
18:01:29.0185 1436 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:01:29.0204 1436 uagp35 - ok
18:01:29.0360 1436 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
18:01:29.0543 1436 udfs - ok
18:01:29.0762 1436 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:01:29.0779 1436 uliagpkx - ok
18:01:29.0917 1436 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:01:29.0945 1436 uliahci - ok
18:01:30.0087 1436 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:01:30.0106 1436 UlSata - ok
18:01:30.0228 1436 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:01:30.0249 1436 ulsata2 - ok
18:01:30.0366 1436 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
18:01:30.0484 1436 umbus - ok
18:01:30.0707 1436 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
18:01:30.0745 1436 USBAAPL - ok
18:01:30.0870 1436 usbccgp (ed74360cbb08d69decd0588464a199a8) C:\Windows\system32\DRIVERS\usbccgp.sys
18:01:30.0937 1436 usbccgp - ok
18:01:31.0050 1436 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:01:31.0155 1436 usbcir - ok
18:01:31.0297 1436 usbehci (518fe49c2cb56623ded9c35fa6cbea35) C:\Windows\system32\DRIVERS\usbehci.sys
18:01:31.0341 1436 usbehci - ok
18:01:31.0558 1436 usbhub (cc01a1353aa160504d6814a554d6b4be) C:\Windows\system32\DRIVERS\usbhub.sys
18:01:31.0602 1436 usbhub - ok
18:01:31.0721 1436 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:01:31.0831 1436 usbohci - ok
18:01:31.0959 1436 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
18:01:32.0068 1436 usbprint - ok
18:01:32.0185 1436 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
18:01:32.0289 1436 usbscan - ok
18:01:32.0404 1436 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:01:32.0551 1436 USBSTOR - ok
18:01:32.0715 1436 usbuhci (e8043983ee9ee02d60c45b0c6d3675b4) C:\Windows\system32\DRIVERS\usbuhci.sys
18:01:32.0757 1436 usbuhci - ok
18:01:32.0879 1436 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
18:01:32.0970 1436 usbvideo - ok
18:01:33.0193 1436 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
18:01:33.0301 1436 vga - ok
18:01:33.0439 1436 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
18:01:33.0587 1436 VgaSave - ok
18:01:33.0781 1436 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:01:33.0800 1436 viaagp - ok
18:01:33.0955 1436 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:01:34.0070 1436 ViaC7 - ok
18:01:34.0212 1436 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
18:01:34.0230 1436 viaide - ok
18:01:34.0379 1436 volmgr (d9e9490c960624c416fbde080deeb7fe) C:\Windows\system32\drivers\volmgr.sys
18:01:34.0396 1436 volmgr - ok
18:01:34.0567 1436 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
18:01:34.0611 1436 volmgrx - ok
18:01:34.0755 1436 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
18:01:34.0781 1436 volsnap - ok
18:01:34.0951 1436 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:01:34.0974 1436 vsmraid - ok
18:01:35.0165 1436 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:01:35.0267 1436 WacomPen - ok
18:01:35.0410 1436 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
18:01:35.0469 1436 Wanarp - ok
18:01:35.0542 1436 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
18:01:35.0565 1436 Wanarpv6 - ok
18:01:35.0725 1436 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:01:35.0743 1436 Wd - ok
18:01:35.0827 1436 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
18:01:35.0879 1436 Wdf01000 - ok
18:01:36.0270 1436 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:01:36.0395 1436 winachsf - ok
18:01:37.0178 1436 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:01:37.0201 1436 WmiAcpi - ok
18:01:37.0470 1436 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
18:01:37.0470 1436 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wpdusb.sys. md5: 2d27171b16a577ef14c1273668753485
18:01:37.0548 1436 WpdUsb ( LockedFile.Multi.Generic ) - warning
18:01:37.0548 1436 WpdUsb - detected LockedFile.Multi.Generic (1)
18:01:37.0646 1436 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
18:01:37.0646 1436 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 84620aecdcfd2a7a14e6263927d8c0ed
18:01:37.0677 1436 ws2ifsl ( LockedFile.Multi.Generic ) - warning
18:01:37.0678 1436 ws2ifsl - detected LockedFile.Multi.Generic (1)
18:01:37.0957 1436 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:01:37.0957 1436 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: a2aafcc8a204736296d937c7c545b53f
18:01:38.0060 1436 WUDFRd ( LockedFile.Multi.Generic ) - warning
18:01:38.0060 1436 WUDFRd - detected LockedFile.Multi.Generic (1)
18:01:38.0234 1436 wvyupgto - ok
18:01:38.0381 1436 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
18:01:38.0640 1436 \Device\Harddisk0\DR0 - ok
18:01:38.0641 1436 Boot (0x1200) (9bcdc50c7387a56dd220b0c13079a946) \Device\Harddisk0\DR0\Partition0
18:01:38.0644 1436 \Device\Harddisk0\DR0\Partition0 - ok
18:01:38.0646 1436 Boot (0x1200) (e0a05fed63f32ec721502e8079ffa6af) \Device\Harddisk0\DR0\Partition1
18:01:38.0648 1436 \Device\Harddisk0\DR0\Partition1 - ok
18:01:38.0649 1436 ============================================================
18:01:38.0649 1436 Scan finished
18:01:38.0649 1436 ============================================================
18:01:38.0691 3776 Deinitialize success

==============================================
System Restore Point Check:

TDSSKiller Starter Restore Point Created Succesfully
==============================================
EOF

Ow, vergeten ze zeggen dat bij Combofix ook mijn internet crashte.

Hoi,

Acy11 schreef:Ow, vergeten ze zeggen dat bij Combofix ook mijn internet crashte.

Oké laat MBAM eens updaten en voer opnieuw een scan uit.

Start MalwareBytes' Anti-Malware (MBAM)

• Klik op het tabblad "Update" en vervolgens op "Controleer op updates"
  
  Bij problemen!!! (Lees de onderstaande instructies)
  • 1. Problemen bij het updaten van Malwarebytes' Anti-Malware
    2. Problemen bij het starten van Malwarebytes' Anti-Malware
  Klik op het tabblad "scanner"
• Kies de optie "snelle scan" en klik op "scannen"
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Probeer nu nogmaals ComboFix.

Goed, ik heb nu Malwarebytes geupdate en nogmaals Combofix proberen te openen.
Internetverbinding wederom weggevallen. Vervolgens zie ik een blauw scherm met de vermelding dat ie aan het laden is, dan komt er een balk tevoorschijn die iets in rap tempo laadt (sorry weet niet wat er precies stond, ging zo snel) en tenslotte kreeg ik deze melding:

Combofix- ZeroAccess

You are infected with Rootkit.ZeroAccess! It has inserted itself into the tcp/ip stack. This is a particularly difficult infection. (Hierna een stuk over problemen met internetverbinding en dat de beste oplossing rebooten is.)




De volgende onderdelen van Combofix die je aangeeft, heb ik wederom niet kunnen doorlopen:

Dubbelklik op "ComboFix.exe en ga "Akkoord" met de 'Disclaimer'
Als er een melding komt dat er "Een nieuwere versie van ComboFix" beschikbaar is klik dan op "Ja" om te updaten.

Afbeelding

Klik na het update nogmaals op "Akkoord" en ComboFix zal nu starten.
Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bij bijvoorbeeld een aanwezige rootkit, dit is normaal.


* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht samen met het logje van aswMBR.


Wat nu? Na die melding van ZeroAccess begin ik mij erg zorgen te maken.

Ik heb inmiddels het stappenplan gevonden om een rootkit te verwijderen
(http://www.pcwebplus.nl/phpbb/viewtopic ... 653#p14653" onclick="window.open(this.href);return false; )

TDSSKiller gedownload, maar krijg dezelfde error als bij aswMBR --> kan driver niet laden.

Hoi,

Dan gaan we het even op een andere manier proberen.

Download The Avenger by Swandog46, naar je Bureaublad.
Klik op Avenger.zip om het uit te pakken naar je bureaublad.
Start The Avenger en zet een vinkje bij 'Scan for rootkits en Automatically disable any rootkits found'. In het venster Input Script here, kopieer en plak je het volgende:
Klik nu op de knop Execute.
Klik Yes om te bevestigen.
Klik Yes wanneer gevraagd wordt om je PC te rebooten.
Je PC zal rebooten, indien niet doe het dan manueel.
Na reboot opent een logfile (avenger .txt). Post de inhoud van de logfile.
De logfile van Avenger staat ook in C:\avenger.txt

Nadat ik het script heb ingevoegd en op execute klik, krijg ik de volgende meldingen.

Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/2X9I7BYX2HVCZF8VFHSCXXYSYXRRGAK"
Only registry keys under the HKEY_LOCAL_Machine hive are accesible to this program.
Skipping line. (Registry key deletion mode)


Nadat ik op OK klik, verschijnt dit:

Press OK to continue script execution or Cancel to abort.


Moet ik hier op OK klikken?

Ja hier kan je gewoon op OK klikken zodat het script verder uitgevoerd zal worden.
Als je die melding bij de onderstaande registersleutels krijgt kan je daar ook op OK klikken en gewoon verder gaan.

Hier de log Avenger:

//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6000)
Sat Mar 03 11:13:32 2012

11:12:53: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | 2X9I7BYX2HVCZF8VFHSCXXYSYXRRGAK"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)
11:13:32: Error: Execution aborted by user!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6000)
Sat Mar 03 11:14:15 2012

11:14:15: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6000)
Sat Mar 03 13:03:11 2012

13:02:53: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | 2X9I7BYX2HVCZF8VFHSCXXYSYXRRGAK"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)
13:03:01: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices | PlayerPlayer"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)
13:03:03: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices | 0.6116133340978206"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com" onclick="window.open(this.href);return false;

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "1c5ca90276bd7ebd" disabled successfully.
Driver "syshost32" disabled successfully.
Driver "1c5ca90276bd7ebd" deleted successfully.
Driver "syshost32" deleted successfully.
File "C:\Windows\System32\Drivers\1c5ca90276bd7ebd.sys" deleted successfully.

Error: could not open file "c:\users\user~1\appdata\local\temp\0.6116133340978206.exe"
Deletion of file "c:\users\user~1\appdata\local\temp\0.6116133340978206.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\users\user\appdata\local\temp\0.6116133340978206.exe"
Deletion of file "c:\users\user\appdata\local\temp\0.6116133340978206.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist

File "c:\windows\system32\drivers\jvtkw.sys" deleted successfully.

Error: file "c:\windows\installer\{9be3c893-3625-1cad-5a1f-a1a839a0f3c5}\syshost.exe" not found!
Deletion of file "c:\windows\installer\{9be3c893-3625-1cad-5a1f-a1a839a0f3c5}\syshost.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

Hoi,

Oké probeer nu nogmaals eens TDSSKiller te draaien.

Log van TDSSKiller:

14:53:27.0727 3868 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07
14:53:27.0871 3868 ============================================================
14:53:27.0871 3868 Current date / time: 2012/03/03 14:53:27.0871
14:53:27.0871 3868 SystemInfo:
14:53:27.0871 3868
14:53:27.0871 3868 OS Version: 6.0.6000 ServicePack: 0.0
14:53:27.0871 3868 Product type: Workstation
14:53:27.0871 3868 ComputerName:
14:53:27.0876 3868 UserName:
14:53:27.0876 3868 Windows directory: C:\Windows
14:53:27.0876 3868 System windows directory: C:\Windows
14:53:27.0876 3868 Processor architecture: Intel x86
14:53:27.0876 3868 Number of processors: 2
14:53:27.0876 3868 Page size: 0x1000
14:53:27.0876 3868 Boot type: Normal boot
14:53:27.0876 3868 ============================================================
14:53:28.0715 3868 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:53:28.0720 3868 \Device\Harddisk0\DR0:
14:53:28.0721 3868 MBR used
14:53:28.0721 3868 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD1C5A3D
14:53:28.0721 3868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xD1C5A7C, BlocksNum 0xDCDD45
14:53:28.0786 3868 Initialize success
14:53:28.0786 3868 ============================================================
14:54:25.0511 1696 ============================================================
14:54:25.0511 1696 Scan started
14:54:25.0511 1696 Mode: Manual; SigCheck; TDLFS;
14:54:25.0511 1696 ============================================================
14:54:25.0773 1696 .tdx - ok
14:54:25.0903 1696 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
14:54:26.0077 1696 ACPI - ok
14:54:26.0197 1696 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
14:54:26.0246 1696 adp94xx - ok
14:54:26.0329 1696 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
14:54:26.0355 1696 adpahci - ok
14:54:26.0423 1696 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
14:54:26.0441 1696 adpu160m - ok
14:54:26.0539 1696 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
14:54:26.0558 1696 adpu320 - ok
14:54:26.0674 1696 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
14:54:26.0787 1696 AFD - ok
14:54:26.0871 1696 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
14:54:26.0887 1696 agp440 - ok
14:54:26.0943 1696 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:54:26.0961 1696 aic78xx - ok
14:54:27.0061 1696 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
14:54:27.0075 1696 aliide - ok
14:54:27.0134 1696 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
14:54:27.0151 1696 amdagp - ok
14:54:27.0200 1696 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
14:54:27.0215 1696 amdide - ok
14:54:27.0309 1696 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
14:54:27.0401 1696 AmdK7 - ok
14:54:27.0458 1696 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
14:54:27.0559 1696 AmdK8 - ok
14:54:27.0729 1696 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
14:54:27.0746 1696 arc - ok
14:54:27.0813 1696 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
14:54:27.0829 1696 arcsas - ok
14:54:27.0908 1696 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
14:54:28.0006 1696 AsyncMac - ok
14:54:28.0074 1696 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
14:54:28.0090 1696 atapi - ok
14:54:28.0253 1696 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:54:28.0394 1696 BCM43XV - ok
14:54:28.0475 1696 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
14:54:28.0571 1696 Beep - ok
14:54:28.0655 1696 blbdrive - ok
14:54:28.0797 1696 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
14:54:28.0901 1696 bowser - ok
14:54:28.0981 1696 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:54:29.0134 1696 BrFiltLo - ok
14:54:29.0186 1696 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:54:29.0235 1696 BrFiltUp - ok
14:54:29.0370 1696 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:54:29.0461 1696 Brserid - ok
14:54:29.0522 1696 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:54:29.0623 1696 BrSerWdm - ok
14:54:29.0685 1696 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:54:29.0780 1696 BrUsbMdm - ok
14:54:29.0843 1696 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:54:29.0934 1696 BrUsbSer - ok
14:54:30.0065 1696 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:54:30.0165 1696 BTHMODEM - ok
14:54:30.0260 1696 catchme - ok
14:54:30.0307 1696 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
14:54:30.0405 1696 cdfs - ok
14:54:30.0454 1696 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
14:54:30.0552 1696 cdrom - ok
14:54:30.0655 1696 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
14:54:30.0751 1696 circlass - ok
14:54:30.0851 1696 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
14:54:30.0874 1696 CLFS - ok
14:54:30.0977 1696 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
14:54:31.0022 1696 CmBatt - ok
14:54:31.0097 1696 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
14:54:31.0111 1696 cmdide - ok
14:54:31.0200 1696 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
14:54:31.0216 1696 Compbatt - ok
14:54:31.0277 1696 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
14:54:31.0292 1696 crcdisk - ok
14:54:31.0372 1696 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
14:54:31.0463 1696 Crusoe - ok
14:54:31.0572 1696 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
14:54:31.0675 1696 DfsC - ok
14:54:31.0832 1696 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
14:54:31.0848 1696 disk - ok
14:54:31.0947 1696 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
14:54:32.0027 1696 drmkaud - ok
14:54:32.0103 1696 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
14:54:32.0205 1696 DXGKrnl - ok
14:54:32.0333 1696 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
14:54:32.0418 1696 E100B - ok
14:54:32.0521 1696 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:54:32.0620 1696 E1G60 - ok
14:54:32.0710 1696 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys
14:54:32.0762 1696 eabfiltr - ok
14:54:32.0906 1696 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
14:54:32.0925 1696 Ecache - ok
14:54:33.0039 1696 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
14:54:33.0067 1696 elxstor - ok
14:54:33.0146 1696 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
14:54:33.0253 1696 fastfat - ok
14:54:33.0338 1696 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
14:54:33.0436 1696 fdc - ok
14:54:33.0569 1696 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
14:54:33.0585 1696 FileInfo - ok
14:54:33.0626 1696 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
14:54:33.0720 1696 Filetrace - ok
14:54:33.0777 1696 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
14:54:33.0858 1696 flpydisk - ok
14:54:33.0904 1696 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
14:54:33.0925 1696 FltMgr - ok
14:54:34.0029 1696 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
14:54:34.0045 1696 fssfltr - ok
14:54:34.0168 1696 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
14:54:34.0223 1696 Fs_Rec - ok
14:54:34.0289 1696 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
14:54:34.0306 1696 gagp30kx - ok
14:54:34.0409 1696 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
14:54:34.0423 1696 GEARAspiWDM - ok
14:54:34.0610 1696 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys
14:54:34.0637 1696 HBtnKey - ok
14:54:34.0730 1696 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
14:54:34.0826 1696 HdAudAddService - ok
14:54:34.0909 1696 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:54:34.0969 1696 HDAudBus - ok
14:54:35.0027 1696 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:54:35.0122 1696 HidBth - ok
14:54:35.0197 1696 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:54:35.0293 1696 HidIr - ok
14:54:35.0391 1696 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
14:54:35.0484 1696 HidUsb - ok
14:54:35.0549 1696 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
14:54:35.0564 1696 HpCISSs - ok
14:54:35.0686 1696 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
14:54:35.0738 1696 HSFHWAZL - ok
14:54:35.0862 1696 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
14:54:36.0029 1696 HSF_DPV - ok
14:54:36.0118 1696 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
14:54:36.0195 1696 HTTP - ok
14:54:36.0253 1696 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
14:54:36.0268 1696 i2omp - ok
14:54:36.0392 1696 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
14:54:36.0427 1696 i8042prt - ok
14:54:36.0626 1696 ialm (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:54:36.0860 1696 ialm - ok
14:54:36.0937 1696 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
14:54:36.0988 1696 iaStor - ok
14:54:37.0072 1696 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
14:54:37.0095 1696 iaStorV - ok
14:54:37.0292 1696 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:54:37.0408 1696 igfx - ok
14:54:37.0498 1696 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:54:37.0513 1696 iirsp - ok
14:54:37.0684 1696 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys
14:54:37.0834 1696 IntcAzAudAddService - ok
14:54:37.0893 1696 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
14:54:37.0907 1696 intelide - ok
14:54:38.0017 1696 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
14:54:38.0118 1696 intelppm - ok
14:54:38.0218 1696 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:54:38.0315 1696 IpFilterDriver - ok
14:54:38.0356 1696 IpInIp - ok
14:54:38.0416 1696 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
14:54:38.0517 1696 IPMIDRV - ok
14:54:38.0581 1696 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
14:54:38.0666 1696 IPNAT - ok
14:54:38.0788 1696 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
14:54:38.0882 1696 IRENUM - ok
14:54:38.0942 1696 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
14:54:38.0958 1696 isapnp - ok
14:54:39.0012 1696 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
14:54:39.0032 1696 iScsiPrt - ok
14:54:39.0086 1696 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:54:39.0101 1696 iteatapi - ok
14:54:39.0134 1696 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:54:39.0149 1696 iteraid - ok
14:54:39.0211 1696 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
14:54:39.0226 1696 kbdclass - ok
14:54:39.0266 1696 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
14:54:39.0307 1696 kbdhid - ok
14:54:39.0366 1696 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
14:54:39.0418 1696 KSecDD - ok
14:54:39.0502 1696 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
14:54:39.0607 1696 lltdio - ok
14:54:39.0692 1696 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
14:54:39.0708 1696 LSI_FC - ok
14:54:39.0793 1696 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
14:54:39.0809 1696 LSI_SAS - ok
14:54:39.0885 1696 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
14:54:39.0901 1696 LSI_SCSI - ok
14:54:39.0960 1696 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
14:54:40.0064 1696 luafv - ok
14:54:40.0172 1696 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
14:54:40.0187 1696 megasas - ok
14:54:40.0242 1696 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
14:54:40.0343 1696 Modem - ok
14:54:40.0435 1696 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
14:54:40.0492 1696 monitor - ok
14:54:40.0542 1696 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
14:54:40.0559 1696 mouclass - ok
14:54:40.0651 1696 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
14:54:40.0671 1696 mouhid - ok
14:54:40.0730 1696 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
14:54:40.0746 1696 MountMgr - ok
14:54:40.0826 1696 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
14:54:40.0843 1696 mpio - ok
14:54:40.0899 1696 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
14:54:40.0961 1696 mpsdrv - ok
14:54:41.0012 1696 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:54:41.0028 1696 Mraid35x - ok
14:54:41.0071 1696 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
14:54:41.0104 1696 MRxDAV - ok
14:54:41.0172 1696 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:54:41.0228 1696 mrxsmb - ok
14:54:41.0336 1696 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:54:41.0383 1696 mrxsmb10 - ok
14:54:41.0439 1696 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:54:41.0478 1696 mrxsmb20 - ok
14:54:41.0559 1696 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
14:54:41.0574 1696 msahci - ok
14:54:41.0634 1696 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
14:54:41.0664 1696 msdsm - ok
14:54:41.0827 1696 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
14:54:41.0933 1696 Msfs - ok
14:54:42.0064 1696 msisadrv (2c3f1983cd3629573cb9e9658247847a) C:\Windows\system32\drivers\msisadrv.sys
14:54:42.0078 1696 msisadrv - ok
14:54:42.0150 1696 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
14:54:42.0244 1696 MSKSSRV - ok
14:54:42.0322 1696 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
14:54:42.0418 1696 MSPCLOCK - ok
14:54:42.0486 1696 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
14:54:42.0579 1696 MSPQM - ok
14:54:42.0660 1696 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
14:54:42.0681 1696 MsRPC - ok
14:54:42.0951 1696 mssmbios (1f6f7159c75e4b27d138b5225808860f) C:\Windows\system32\DRIVERS\mssmbios.sys
14:54:42.0965 1696 mssmbios - ok
14:54:43.0063 1696 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
14:54:43.0158 1696 MSTEE - ok
14:54:43.0207 1696 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
14:54:43.0223 1696 Mup - ok
14:54:43.0317 1696 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
14:54:43.0353 1696 NativeWifiP - ok
14:54:43.0417 1696 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
14:54:43.0465 1696 NDIS - ok
14:54:43.0598 1696 Ndisrd (4598df84a3694dd693ea453645f1b3c8) C:\Windows\system32\DRIVERS\ndisrd.sys
14:54:43.0623 1696 Ndisrd ( UnsignedFile.Multi.Generic ) - warning
14:54:43.0623 1696 Ndisrd - detected UnsignedFile.Multi.Generic (1)
14:54:43.0648 1696 NdisrdMP (4598df84a3694dd693ea453645f1b3c8) C:\Windows\system32\DRIVERS\ndisrd.sys
14:54:43.0657 1696 NdisrdMP ( UnsignedFile.Multi.Generic ) - warning
14:54:43.0657 1696 NdisrdMP - detected UnsignedFile.Multi.Generic (1)
14:54:43.0731 1696 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
14:54:43.0750 1696 NdisTapi - ok
14:54:43.0794 1696 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
14:54:43.0895 1696 Ndisuio - ok
14:54:43.0937 1696 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
14:54:44.0022 1696 NdisWan - ok
14:54:44.0073 1696 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
14:54:44.0113 1696 NDProxy - ok
14:54:44.0218 1696 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
14:54:44.0318 1696 NetBIOS - ok
14:54:44.0375 1696 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
14:54:44.0476 1696 netbt - ok
14:54:44.0655 1696 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
14:54:44.0869 1696 NETw3v32 - ok
14:54:45.0075 1696 NETw4v32 (1d73499a6664b4da05d750ff83fdb274) C:\Windows\system32\DRIVERS\NETw4v32.sys
14:54:45.0300 1696 NETw4v32 - ok
14:54:45.0355 1696 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:54:45.0371 1696 nfrd960 - ok
14:54:45.0439 1696 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
14:54:45.0540 1696 Npfs - ok
14:54:45.0632 1696 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
14:54:45.0713 1696 nsiproxy - ok
14:54:45.0823 1696 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
14:54:45.0911 1696 Ntfs - ok
14:54:45.0967 1696 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:54:46.0057 1696 ntrigdigi - ok
14:54:46.0129 1696 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
14:54:46.0231 1696 Null - ok
14:54:46.0302 1696 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
14:54:46.0319 1696 nvraid - ok
14:54:46.0384 1696 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
14:54:46.0401 1696 nvstor - ok
14:54:46.0459 1696 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
14:54:46.0478 1696 nv_agp - ok
14:54:46.0523 1696 NwlnkFlt - ok
14:54:46.0556 1696 NwlnkFwd - ok
14:54:46.0657 1696 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
14:54:46.0759 1696 ohci1394 - ok
14:54:46.0886 1696 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:54:46.0970 1696 Parport - ok
14:54:47.0007 1696 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
14:54:47.0023 1696 partmgr - ok
14:54:47.0077 1696 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:54:47.0175 1696 Parvdm - ok
14:54:47.0253 1696 pci (5bedd5e1416da009c4f24adf8da13773) C:\Windows\system32\drivers\pci.sys
14:54:47.0272 1696 pci - ok
14:54:47.0321 1696 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys
14:54:47.0337 1696 pciide - ok
14:54:47.0451 1696 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:54:47.0472 1696 pcmcia - ok
14:54:47.0577 1696 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:54:47.0740 1696 PEAUTH - ok
14:54:47.0859 1696 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
14:54:47.0915 1696 PptpMiniport - ok
14:54:48.0018 1696 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
14:54:48.0099 1696 Processor - ok
14:54:48.0184 1696 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
14:54:48.0222 1696 PSched - ok
14:54:48.0305 1696 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
14:54:48.0369 1696 PxHelp20 - ok
14:54:48.0501 1696 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
14:54:48.0584 1696 ql2300 - ok
14:54:48.0685 1696 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:54:48.0704 1696 ql40xx - ok
14:54:48.0755 1696 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
14:54:48.0836 1696 QWAVEdrv - ok
14:54:48.0887 1696 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
14:54:48.0991 1696 RasAcd - ok
14:54:49.0059 1696 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:54:49.0101 1696 Rasl2tp - ok
14:54:49.0190 1696 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
14:54:49.0271 1696 RasPppoe - ok
14:54:49.0317 1696 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
14:54:49.0423 1696 rdbss - ok
14:54:49.0477 1696 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:54:49.0574 1696 RDPCDD - ok
14:54:49.0644 1696 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
14:54:49.0741 1696 rdpdr - ok
14:54:49.0791 1696 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
14:54:49.0890 1696 RDPENCDD - ok
14:54:49.0978 1696 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
14:54:50.0082 1696 RDPWD - ok
14:54:50.0163 1696 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
14:54:50.0186 1696 rimmptsk - ok
14:54:50.0275 1696 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
14:54:50.0302 1696 rimsptsk - ok
14:54:50.0363 1696 rismxdp (c663af77e2f4eabf8eb08b388d2f1f36) C:\Windows\system32\DRIVERS\rixdptsk.sys
14:54:50.0391 1696 rismxdp - ok
14:54:50.0450 1696 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
14:54:50.0547 1696 rspndr - ok
14:54:50.0622 1696 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys
14:54:50.0666 1696 RTL8169 - ok
14:54:50.0795 1696 sbapifs (a0bb2fb6749e357d4342e1eabaaea79e) C:\Windows\system32\DRIVERS\sbapifs.sys
14:54:50.0810 1696 sbapifs - ok
14:54:50.0860 1696 sbbotdi - ok
14:54:50.0983 1696 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\Windows\system32\DRIVERS\sbfwim.sys
14:54:50.0997 1696 SBFWIMCL - ok
14:54:51.0038 1696 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\Windows\system32\DRIVERS\SBFWIM.sys
14:54:51.0052 1696 SBFWIMCLMP - ok
14:54:51.0178 1696 sbhips (2b5798dcb705eed80231d37688788e09) C:\Windows\system32\drivers\sbhips.sys
14:54:51.0193 1696 sbhips - ok
14:54:51.0264 1696 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:54:51.0282 1696 sbp2port - ok
14:54:51.0399 1696 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
14:54:51.0412 1696 SBRE - ok
14:54:51.0492 1696 sbtis (97f6753da5db60108953dac75e2f5786) C:\Windows\system32\drivers\sbtis.sys
14:54:51.0505 1696 sbtis - ok
14:54:51.0588 1696 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
14:54:51.0608 1696 sdbus - ok
14:54:51.0663 1696 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:54:51.0745 1696 secdrv - ok
14:54:51.0828 1696 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:54:51.0924 1696 Serenum - ok
14:54:51.0995 1696 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:54:52.0096 1696 Serial - ok
14:54:52.0161 1696 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
14:54:52.0181 1696 sermouse - ok
14:54:52.0277 1696 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
14:54:52.0296 1696 sffdisk - ok
14:54:52.0379 1696 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
14:54:52.0471 1696 sffp_mmc - ok
14:54:52.0541 1696 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:54:52.0577 1696 sffp_sd - ok
14:54:52.0635 1696 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:54:52.0716 1696 sfloppy - ok
14:54:52.0752 1696 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
14:54:52.0768 1696 sisagp - ok
14:54:52.0795 1696 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
14:54:52.0810 1696 SiSRaid2 - ok
14:54:52.0844 1696 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
14:54:52.0861 1696 SiSRaid4 - ok
14:54:52.0933 1696 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
14:54:53.0033 1696 Smb - ok
14:54:53.0148 1696 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
14:54:53.0327 1696 smserial - ok
14:54:53.0416 1696 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
14:54:53.0432 1696 spldr - ok
14:54:53.0506 1696 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
14:54:53.0584 1696 srv - ok
14:54:53.0660 1696 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
14:54:53.0723 1696 srv2 - ok
14:54:53.0777 1696 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
14:54:53.0817 1696 srvnet - ok
14:54:53.0924 1696 swenum (92894dd7fdd62af808b1409b73af9c73) C:\Windows\system32\DRIVERS\swenum.sys
14:54:53.0939 1696 swenum - ok
14:54:54.0004 1696 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:54:54.0020 1696 Symc8xx - ok
14:54:54.0092 1696 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:54:54.0107 1696 Sym_hi - ok
14:54:54.0166 1696 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:54:54.0181 1696 Sym_u3 - ok
14:54:54.0285 1696 SynTP (8327106d1c93e9a7b98e63b9fcc24bb7) C:\Windows\system32\DRIVERS\SynTP.sys
14:54:54.0305 1696 SynTP - ok
14:54:54.0365 1696 tap0901 (2e644070f2240cca9775a6b79cae62cd) C:\Windows\system32\DRIVERS\tap0901.sys
14:54:54.0410 1696 tap0901 - ok
14:54:54.0515 1696 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
14:54:54.0528 1696 taphss - ok
14:54:54.0640 1696 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
14:54:54.0747 1696 Tcpip - ok
14:54:54.0851 1696 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
14:54:54.0895 1696 Tcpip6 - ok
14:54:54.0969 1696 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
14:54:55.0051 1696 tcpipreg - ok
14:54:55.0117 1696 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
14:54:55.0212 1696 TDPIPE - ok
14:54:55.0269 1696 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
14:54:55.0365 1696 TDTCP - ok
14:54:55.0428 1696 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
14:54:55.0535 1696 tdx - ok
14:54:55.0624 1696 TermDD (85908da29af0ab835048107ad2ad07d1) C:\Windows\system32\DRIVERS\termdd.sys
14:54:55.0640 1696 TermDD - ok
14:54:55.0743 1696 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:54:55.0836 1696 tssecsrv - ok
14:54:55.0916 1696 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
14:54:55.0936 1696 tunmp - ok
14:54:55.0979 1696 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
14:54:56.0024 1696 tunnel - ok
14:54:56.0095 1696 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
14:54:56.0113 1696 uagp35 - ok
14:54:56.0204 1696 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
14:54:56.0321 1696 udfs - ok
14:54:56.0405 1696 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
14:54:56.0422 1696 uliagpkx - ok
14:54:56.0493 1696 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
14:54:56.0517 1696 uliahci - ok
14:54:56.0597 1696 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:54:56.0614 1696 UlSata - ok
14:54:56.0693 1696 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:54:56.0712 1696 ulsata2 - ok
14:54:56.0765 1696 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
14:54:56.0846 1696 umbus - ok
14:54:56.0917 1696 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
14:54:56.0953 1696 USBAAPL - ok
14:54:57.0002 1696 usbccgp (ed74360cbb08d69decd0588464a199a8) C:\Windows\system32\DRIVERS\usbccgp.sys
14:54:57.0067 1696 usbccgp - ok
14:54:57.0138 1696 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:54:57.0234 1696 usbcir - ok
14:54:57.0329 1696 usbehci (518fe49c2cb56623ded9c35fa6cbea35) C:\Windows\system32\DRIVERS\usbehci.sys
14:54:57.0361 1696 usbehci - ok
14:54:57.0433 1696 usbhub (cc01a1353aa160504d6814a554d6b4be) C:\Windows\system32\DRIVERS\usbhub.sys
14:54:57.0477 1696 usbhub - ok
14:54:57.0542 1696 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:54:57.0624 1696 usbohci - ok
14:54:57.0713 1696 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
14:54:57.0812 1696 usbprint - ok
14:54:57.0928 1696 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
14:54:58.0024 1696 usbscan - ok
14:54:58.0103 1696 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:54:58.0160 1696 USBSTOR - ok
14:54:58.0248 1696 usbuhci (e8043983ee9ee02d60c45b0c6d3675b4) C:\Windows\system32\DRIVERS\usbuhci.sys
14:54:58.0267 1696 usbuhci - ok
14:54:58.0323 1696 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
14:54:58.0430 1696 usbvideo - ok
14:54:58.0514 1696 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
14:54:58.0613 1696 vga - ok
14:54:58.0674 1696 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
14:54:58.0776 1696 VgaSave - ok
14:54:58.0847 1696 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
14:54:58.0863 1696 viaagp - ok
14:54:58.0931 1696 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
14:54:59.0031 1696 ViaC7 - ok
14:54:59.0099 1696 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
14:54:59.0115 1696 viaide - ok
14:54:59.0173 1696 volmgr (d9e9490c960624c416fbde080deeb7fe) C:\Windows\system32\drivers\volmgr.sys
14:54:59.0190 1696 volmgr - ok
14:54:59.0242 1696 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
14:54:59.0269 1696 volmgrx - ok
14:54:59.0354 1696 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
14:54:59.0378 1696 volsnap - ok
14:54:59.0483 1696 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
14:54:59.0502 1696 vsmraid - ok
14:54:59.0586 1696 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:54:59.0666 1696 WacomPen - ok
14:54:59.0720 1696 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
14:54:59.0740 1696 Wanarp - ok
14:54:59.0769 1696 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
14:54:59.0788 1696 Wanarpv6 - ok
14:54:59.0867 1696 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
14:54:59.0881 1696 Wd - ok
14:54:59.0993 1696 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
14:55:00.0042 1696 Wdf01000 - ok
14:55:00.0191 1696 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
14:55:00.0312 1696 winachsf - ok
14:55:00.0422 1696 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:55:00.0440 1696 WmiAcpi - ok
14:55:00.0579 1696 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
14:55:00.0672 1696 WpdUsb - ok
14:55:00.0733 1696 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
14:55:00.0833 1696 ws2ifsl - ok
14:55:00.0933 1696 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:55:01.0034 1696 WUDFRd - ok
14:55:01.0113 1696 wvyupgto - ok
14:55:01.0202 1696 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
14:55:01.0338 1696 \Device\Harddisk0\DR0 - ok
14:55:01.0345 1696 Boot (0x1200) (9bcdc50c7387a56dd220b0c13079a946) \Device\Harddisk0\DR0\Partition0
14:55:01.0347 1696 \Device\Harddisk0\DR0\Partition0 - ok
14:55:01.0357 1696 Boot (0x1200) (e0a05fed63f32ec721502e8079ffa6af) \Device\Harddisk0\DR0\Partition1
14:55:01.0359 1696 \Device\Harddisk0\DR0\Partition1 - ok
14:55:01.0361 1696 ============================================================
14:55:01.0361 1696 Scan finished
14:55:01.0361 1696 ============================================================
14:55:01.0385 1712 Detected object count: 2
14:55:01.0385 1712 Actual detected object count: 2
14:55:20.0222 1712 Ndisrd ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:20.0223 1712 Ndisrd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:20.0226 1712 NdisrdMP ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:20.0226 1712 NdisrdMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:53.0738 1724 Deinitialize success