[
12:45:27.0183 3464 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
12:45:27.0279 3464 ============================================================
12:45:27.0279 3464 Current date / time: 2012/01/26 12:45:27.0279
12:45:27.0279 3464 SystemInfo:
12:45:27.0279 3464
12:45:27.0279 3464 OS Version: 6.0.6002 ServicePack: 2.0
12:45:27.0279 3464 Product type: Workstation
12:45:27.0279 3464 ComputerName: QUILLAUME
12:45:27.0279 3464 UserName: van de Weerd
12:45:27.0279 3464 Windows directory: C:\Windows
12:45:27.0279 3464 System windows directory: C:\Windows
12:45:27.0279 3464 Processor architecture: Intel x86
12:45:27.0279 3464 Number of processors: 4
12:45:27.0279 3464 Page size: 0x1000
12:45:27.0279 3464 Boot type: Normal boot
12:45:27.0279 3464 ============================================================
12:45:28.0375 3464 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:45:28.0389 3464 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:45:28.0402 3464 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:45:28.0909 3464 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:45:28.0916 3464 Drive \Device\Harddisk4\DR4 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:45:29.0260 3464 Initialize success
12:45:32.0737 4132 ============================================================
12:45:32.0738 4132 Scan started
12:45:32.0738 4132 Mode: Manual;
12:45:32.0738 4132 ============================================================
12:45:33.0240 4132 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:45:33.0242 4132 ACPI - ok
12:45:33.0381 4132 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
12:45:33.0383 4132 adp94xx - ok
12:45:33.0434 4132 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
12:45:33.0436 4132 adpahci - ok
12:45:33.0457 4132 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
12:45:33.0458 4132 adpu160m - ok
12:45:33.0534 4132 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
12:45:33.0535 4132 adpu320 - ok
12:45:33.0596 4132 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:45:33.0598 4132 AFD - ok
12:45:33.0667 4132 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
12:45:33.0667 4132 agp440 - ok
12:45:33.0696 4132 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:45:33.0697 4132 aic78xx - ok
12:45:33.0778 4132 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
12:45:33.0779 4132 aliide - ok
12:45:33.0815 4132 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
12:45:33.0816 4132 amdagp - ok
12:45:33.0889 4132 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
12:45:33.0890 4132 amdide - ok
12:45:33.0924 4132 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
12:45:33.0924 4132 AmdK7 - ok
12:45:33.0986 4132 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
12:45:33.0987 4132 AmdK8 - ok
12:45:34.0032 4132 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
12:45:34.0032 4132 arc - ok
12:45:34.0072 4132 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
12:45:34.0072 4132 arcsas - ok
12:45:34.0175 4132 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:45:34.0175 4132 AsyncMac - ok
12:45:34.0219 4132 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:45:34.0219 4132 atapi - ok
12:45:34.0326 4132 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:45:34.0326 4132 Beep - ok
12:45:34.0396 4132 blbdrive - ok
12:45:34.0449 4132 BlueletAudio (05c2204229cadc0a74553ed71a6e3e6f) C:\Windows\system32\DRIVERS\blueletaudio.sys
12:45:34.0449 4132 BlueletAudio - ok
12:45:34.0506 4132 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:45:34.0506 4132 bowser - ok
12:45:34.0568 4132 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:45:34.0568 4132 BrFiltLo - ok
12:45:34.0611 4132 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:45:34.0611 4132 BrFiltUp - ok
12:45:34.0689 4132 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:45:34.0690 4132 Brserid - ok
12:45:34.0710 4132 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:45:34.0711 4132 BrSerWdm - ok
12:45:34.0748 4132 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:45:34.0748 4132 BrUsbMdm - ok
12:45:34.0811 4132 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:45:34.0812 4132 BrUsbSer - ok
12:45:34.0895 4132 BT (33a331bd56aeaef290e175e926d52c57) C:\Windows\system32\DRIVERS\btnetdrv.sys
12:45:34.0895 4132 BT - ok
12:45:34.0957 4132 Btcsrusb (cd4113699ce34fe4b63c99aaa13f10c1) C:\Windows\system32\Drivers\btcusb.sys
12:45:34.0958 4132 Btcsrusb - ok
12:45:35.0004 4132 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
12:45:35.0004 4132 BthEnum - ok
12:45:35.0075 4132 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\Windows\system32\Drivers\BtHidBus.sys
12:45:35.0076 4132 BtHidBus - ok
12:45:35.0121 4132 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:45:35.0121 4132 BTHMODEM - ok
12:45:35.0178 4132 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
12:45:35.0179 4132 BthPan - ok
12:45:35.0259 4132 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
12:45:35.0263 4132 BTHPORT - ok
12:45:35.0325 4132 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
12:45:35.0326 4132 BTHUSB - ok
12:45:35.0418 4132 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\Windows\system32\Drivers\btnetBus.sys
12:45:35.0418 4132 btnetBUs - ok
12:45:35.0460 4132 BVRPMPR5 (6598d078d5446197aed6b46c6a2a3431) C:\Windows\system32\drivers\BVRPMPR5.SYS
12:45:35.0460 4132 BVRPMPR5 - ok
12:45:35.0528 4132 catchme - ok
12:45:35.0600 4132 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:45:35.0601 4132 cdfs - ok
12:45:35.0637 4132 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:45:35.0638 4132 cdrom - ok
12:45:35.0744 4132 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
12:45:35.0744 4132 circlass - ok
12:45:35.0790 4132 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:45:35.0792 4132 CLFS - ok
12:45:35.0872 4132 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
12:45:35.0872 4132 cmdide - ok
12:45:35.0929 4132 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
12:45:35.0930 4132 Compbatt - ok
12:45:35.0985 4132 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
12:45:35.0986 4132 crcdisk - ok
12:45:36.0095 4132 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
12:45:36.0096 4132 Crusoe - ok
12:45:36.0148 4132 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:45:36.0149 4132 DfsC - ok
12:45:36.0251 4132 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:45:36.0252 4132 disk - ok
12:45:36.0278 4132 DNIMp50 (2782a4549cc6558c52b0753126b2a833) C:\Windows\system32\Drivers\DNIMp50.sys
12:45:36.0278 4132 DNIMp50 - ok
12:45:36.0298 4132 DNISp50 (b222622709a919c91cb54a90cf7ceefc) C:\Windows\system32\Drivers\DNISp50.sys
12:45:36.0299 4132 DNISp50 - ok
12:45:36.0402 4132 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:45:36.0403 4132 drmkaud - ok
12:45:36.0440 4132 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:45:36.0444 4132 DXGKrnl - ok
12:45:36.0529 4132 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:45:36.0530 4132 E1G60 - ok
12:45:36.0622 4132 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:45:36.0623 4132 Ecache - ok
12:45:36.0746 4132 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
12:45:36.0748 4132 elxstor - ok
12:45:36.0870 4132 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:45:36.0871 4132 exfat - ok
12:45:36.0964 4132 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:45:36.0965 4132 fastfat - ok
12:45:37.0049 4132 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
12:45:37.0050 4132 fdc - ok
12:45:37.0156 4132 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:45:37.0157 4132 FileInfo - ok
12:45:37.0198 4132 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:45:37.0198 4132 Filetrace - ok
12:45:37.0302 4132 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
12:45:37.0302 4132 flpydisk - ok
12:45:37.0328 4132 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:45:37.0330 4132 FltMgr - ok
12:45:37.0438 4132 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
12:45:37.0439 4132 fssfltr - ok
12:45:37.0478 4132 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
12:45:37.0479 4132 FsUsbExDisk - ok
12:45:37.0569 4132 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
12:45:37.0570 4132 Fs_Rec - ok
12:45:37.0591 4132 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
12:45:37.0592 4132 gagp30kx - ok
12:45:37.0684 4132 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
12:45:37.0685 4132 HdAudAddService - ok
12:45:37.0723 4132 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:45:37.0726 4132 HDAudBus - ok
12:45:37.0811 4132 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:45:37.0812 4132 HidBth - ok
12:45:37.0832 4132 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:45:37.0832 4132 HidIr - ok
12:45:37.0937 4132 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:45:37.0938 4132 HidUsb - ok
12:45:38.0026 4132 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
12:45:38.0026 4132 HpCISSs - ok
12:45:38.0054 4132 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:45:38.0056 4132 HTTP - ok
12:45:38.0139 4132 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
12:45:38.0139 4132 i2omp - ok
12:45:38.0175 4132 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:45:38.0175 4132 i8042prt - ok
12:45:38.0264 4132 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
12:45:38.0265 4132 iaStorV - ok
12:45:38.0282 4132 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:45:38.0282 4132 iirsp - ok
12:45:38.0388 4132 imvad_multi (0dc9c7be59f8dba591b9f145457ed77c) C:\Windows\system32\drivers\imvad.sys
12:45:38.0388 4132 imvad_multi - ok
12:45:38.0564 4132 IntcAzAudAddService (202350c0055a39cfca30b2942f7b10d2) C:\Windows\system32\drivers\RTKVHDA.sys
12:45:38.0580 4132 IntcAzAudAddService - ok
12:45:38.0657 4132 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
12:45:38.0658 4132 intelide - ok
12:45:38.0687 4132 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:45:38.0687 4132 intelppm - ok
12:45:38.0774 4132 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:45:38.0774 4132 IpFilterDriver - ok
12:45:38.0783 4132 IpInIp - ok
12:45:38.0815 4132 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
12:45:38.0816 4132 IPMIDRV - ok
12:45:38.0913 4132 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:45:38.0914 4132 IPNAT - ok
12:45:38.0946 4132 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:45:38.0947 4132 IRENUM - ok
12:45:39.0026 4132 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
12:45:39.0027 4132 isapnp - ok
12:45:39.0054 4132 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:45:39.0058 4132 iScsiPrt - ok
12:45:39.0140 4132 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:45:39.0141 4132 iteatapi - ok
12:45:39.0160 4132 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:45:39.0161 4132 iteraid - ok
12:45:39.0272 4132 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\Windows\system32\Drivers\IvtBtBus.sys
12:45:39.0273 4132 IvtBtBUs - ok
12:45:39.0304 4132 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:45:39.0305 4132 kbdclass - ok
12:45:39.0382 4132 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:45:39.0383 4132 kbdhid - ok
12:45:39.0439 4132 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
12:45:39.0445 4132 KSecDD - ok
12:45:39.0531 4132 L8042Kbd (79d1dbfec599ec47244af7b06ae2a04e) C:\Windows\system32\DRIVERS\L8042Kbd.sys
12:45:39.0531 4132 L8042Kbd - ok
12:45:39.0583 4132 L8042mou (8a5993705add14352c9a279fa8338334) C:\Windows\system32\DRIVERS\L8042mou.Sys
12:45:39.0584 4132 L8042mou - ok
12:45:39.0662 4132 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:45:39.0663 4132 LHidFilt - ok
12:45:39.0696 4132 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:45:39.0698 4132 lltdio - ok
12:45:39.0806 4132 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:45:39.0807 4132 LMouFilt - ok
12:45:39.0852 4132 LMouKE (9837e55673818ecd8febb47f7f77521a) C:\Windows\system32\DRIVERS\LMouKE.Sys
12:45:39.0853 4132 LMouKE - ok
12:45:39.0945 4132 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
12:45:39.0945 4132 LSI_FC - ok
12:45:39.0973 4132 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
12:45:39.0973 4132 LSI_SAS - ok
12:45:40.0077 4132 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
12:45:40.0077 4132 LSI_SCSI - ok
12:45:40.0182 4132 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:45:40.0184 4132 luafv - ok
12:45:40.0222 4132 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
12:45:40.0223 4132 MarvinBus - ok
12:45:40.0307 4132 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
12:45:40.0308 4132 megasas - ok
12:45:40.0311 4132 mfeavfk01 - ok
12:45:40.0420 4132 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:45:40.0421 4132 Modem - ok
12:45:40.0451 4132 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:45:40.0453 4132 monitor - ok
12:45:40.0541 4132 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:45:40.0542 4132 mouclass - ok
12:45:40.0571 4132 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:45:40.0572 4132 mouhid - ok
12:45:40.0652 4132 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:45:40.0654 4132 MountMgr - ok
12:45:40.0702 4132 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
12:45:40.0703 4132 MpFilter - ok
12:45:40.0787 4132 MPFP (4fc96dab9d75c1f544ba45ccbafcae7e) C:\Windows\system32\Drivers\Mpfp.sys
12:45:40.0788 4132 MPFP - ok
12:45:40.0809 4132 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
12:45:40.0810 4132 mpio - ok
12:45:40.0924 4132 MpKslf5d57c02 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA863310-E4DC-4F45-A226-E2B522F49685}\MpKslf5d57c02.sys
12:45:40.0925 4132 MpKslf5d57c02 - ok
12:45:41.0013 4132 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
12:45:41.0014 4132 MpNWMon - ok
12:45:41.0054 4132 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:45:41.0055 4132 mpsdrv - ok
12:45:41.0163 4132 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:45:41.0164 4132 Mraid35x - ok
12:45:41.0213 4132 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:45:41.0215 4132 MRxDAV - ok
12:45:41.0305 4132 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:45:41.0307 4132 mrxsmb - ok
12:45:41.0363 4132 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:45:41.0366 4132 mrxsmb10 - ok
12:45:41.0454 4132 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:45:41.0456 4132 mrxsmb20 - ok
12:45:41.0512 4132 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
12:45:41.0513 4132 msahci - ok
12:45:41.0579 4132 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
12:45:41.0579 4132 msdsm - ok
12:45:41.0623 4132 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:45:41.0624 4132 Msfs - ok
12:45:41.0693 4132 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:45:41.0695 4132 msisadrv - ok
12:45:41.0742 4132 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:45:41.0743 4132 MSKSSRV - ok
12:45:41.0817 4132 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:45:41.0818 4132 MSPCLOCK - ok
12:45:41.0840 4132 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:45:41.0841 4132 MSPQM - ok
12:45:41.0917 4132 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:45:41.0920 4132 MsRPC - ok
12:45:41.0975 4132 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:45:41.0976 4132 mssmbios - ok
12:45:42.0040 4132 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:45:42.0041 4132 MSTEE - ok
12:45:42.0101 4132 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:45:42.0103 4132 Mup - ok
12:45:42.0171 4132 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:45:42.0173 4132 NativeWifiP - ok
12:45:42.0222 4132 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:45:42.0226 4132 NDIS - ok
12:45:42.0308 4132 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:45:42.0309 4132 NdisTapi - ok
12:45:42.0340 4132 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:45:42.0341 4132 Ndisuio - ok
12:45:42.0426 4132 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:45:42.0429 4132 NdisWan - ok
12:45:42.0466 4132 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:45:42.0468 4132 NDProxy - ok
12:45:42.0560 4132 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:45:42.0561 4132 NetBIOS - ok
12:45:42.0630 4132 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:45:42.0633 4132 netbt - ok
12:45:42.0717 4132 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:45:42.0718 4132 nfrd960 - ok
12:45:42.0777 4132 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:45:42.0777 4132 NisDrv - ok
12:45:42.0855 4132 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:45:42.0856 4132 Npfs - ok
12:45:42.0905 4132 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:45:42.0906 4132 nsiproxy - ok
12:45:42.0991 4132 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:45:42.0998 4132 Ntfs - ok
12:45:43.0135 4132 ntk_PowerDVD (170ee229d4def31dbe95348c9a88fe74) C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
12:45:43.0136 4132 ntk_PowerDVD - ok
12:45:43.0214 4132 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:45:43.0214 4132 ntrigdigi - ok
12:45:43.0256 4132 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:45:43.0257 4132 Null - ok
12:45:43.0337 4132 NVENETFD (d02b697f105de7f7e3e0b115d8bfb8f3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
12:45:43.0339 4132 NVENETFD - ok
12:45:43.0388 4132 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys
12:45:43.0389 4132 NVHDA - ok
12:45:43.0669 4132 nvlddmkm (6ef47521dce982602a25afb41dd13d4f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:45:43.0732 4132 nvlddmkm - ok
12:45:43.0829 4132 NVNET (d02b697f105de7f7e3e0b115d8bfb8f3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
12:45:43.0831 4132 NVNET - ok
12:45:43.0919 4132 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
12:45:43.0920 4132 nvraid - ok
12:45:43.0952 4132 nvrd32 (6f922993c8aa8bf555b0a8428aab5731) C:\Windows\system32\drivers\nvrd32.sys
12:45:43.0953 4132 nvrd32 - ok
12:45:44.0031 4132 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys
12:45:44.0031 4132 nvsmu - ok
12:45:44.0064 4132 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
12:45:44.0064 4132 nvstor - ok
12:45:44.0158 4132 nvstor32 (269de658deaf032564e8b6430b5bd170) C:\Windows\system32\drivers\nvstor32.sys
12:45:44.0160 4132 nvstor32 - ok
12:45:44.0257 4132 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
12:45:44.0258 4132 nv_agp - ok
12:45:44.0267 4132 NwlnkFlt - ok
12:45:44.0276 4132 NwlnkFwd - ok
12:45:44.0299 4132 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
12:45:44.0300 4132 ohci1394 - ok
12:45:44.0417 4132 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:45:44.0418 4132 Parport - ok
12:45:44.0453 4132 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
12:45:44.0454 4132 partmgr - ok
12:45:44.0488 4132 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:45:44.0488 4132 Parvdm - ok
12:45:44.0541 4132 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:45:44.0542 4132 pccsmcfd - ok
12:45:44.0565 4132 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:45:44.0568 4132 pci - ok
12:45:44.0647 4132 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
12:45:44.0648 4132 pciide - ok
12:45:44.0682 4132 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:45:44.0683 4132 pcmcia - ok
12:45:44.0790 4132 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:45:44.0800 4132 PEAUTH - ok
12:45:44.0905 4132 pppm - ok
12:45:44.0938 4132 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:45:44.0940 4132 PptpMiniport - ok
12:45:44.0967 4132 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
12:45:44.0967 4132 Processor - ok
12:45:45.0048 4132 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:45:45.0050 4132 PSched - ok
12:45:45.0111 4132 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
12:45:45.0117 4132 ql2300 - ok
12:45:45.0214 4132 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:45:45.0215 4132 ql40xx - ok
12:45:45.0251 4132 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:45:45.0253 4132 QWAVEdrv - ok
12:45:45.0337 4132 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:45:45.0339 4132 RasAcd - ok
12:45:45.0373 4132 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:45:45.0375 4132 Rasl2tp - ok
12:45:45.0493 4132 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:45:45.0494 4132 RasPppoe - ok
12:45:45.0513 4132 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:45:45.0515 4132 RasSstp - ok
12:45:45.0605 4132 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:45:45.0608 4132 rdbss - ok
12:45:45.0641 4132 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:45:45.0642 4132 RDPCDD - ok
12:45:45.0724 4132 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
12:45:45.0726 4132 rdpdr - ok
12:45:45.0760 4132 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:45:45.0761 4132 RDPENCDD - ok
12:45:45.0875 4132 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
12:45:45.0878 4132 RDPWD - ok
12:45:45.0916 4132 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
12:45:45.0917 4132 regi - ok
12:45:46.0033 4132 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
12:45:46.0036 4132 RFCOMM - ok
12:45:46.0149 4132 ROB_A (a83370a87efc242f37855b9a82de8bc8) C:\Windows\system32\DRIVERS\rob_a.sys
12:45:46.0150 4132 ROB_A - ok
12:45:46.0263 4132 ROB_V (28aa8e68b43df0954979565044fb8fd0) C:\Windows\system32\drivers\rob_v.sys
12:45:46.0264 4132 ROB_V - ok
12:45:46.0350 4132 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
12:45:46.0351 4132 ROOTMODEM - ok
12:45:46.0386 4132 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:45:46.0388 4132 rspndr - ok
12:45:46.0473 4132 RSUSBSTOR (46b21abebaba664b363f368db48d6fb8) C:\Windows\system32\Drivers\RtsUStor.sys
12:45:46.0474 4132 RSUSBSTOR - ok
12:45:46.0501 4132 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:45:46.0502 4132 sbp2port - ok
12:45:46.0605 4132 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:45:46.0606 4132 secdrv - ok
12:45:46.0639 4132 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
12:45:46.0640 4132 Serenum - ok
12:45:46.0715 4132 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
12:45:46.0717 4132 Serial - ok
12:45:46.0748 4132 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:45:46.0750 4132 sermouse - ok
12:45:46.0857 4132 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
12:45:46.0857 4132 sffdisk - ok
12:45:46.0876 4132 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
12:45:46.0876 4132 sffp_mmc - ok
12:45:46.0895 4132 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
12:45:46.0896 4132 sffp_sd - ok
12:45:46.0916 4132 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:45:46.0917 4132 sfloppy - ok
12:45:47.0012 4132 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
12:45:47.0013 4132 sisagp - ok
12:45:47.0042 4132 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
12:45:47.0042 4132 SiSRaid2 - ok
12:45:47.0116 4132 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
12:45:47.0116 4132 SiSRaid4 - ok
12:45:47.0244 4132 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:45:47.0245 4132 Smb - ok
12:45:47.0347 4132 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:45:47.0348 4132 spldr - ok
12:45:47.0400 4132 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:45:47.0405 4132 srv - ok
12:45:47.0499 4132 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:45:47.0502 4132 srv2 - ok
12:45:47.0518 4132 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:45:47.0520 4132 srvnet - ok
12:45:47.0631 4132 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\Windows\system32\DRIVERS\ss_bbus.sys
12:45:47.0632 4132 ss_bbus - ok
12:45:47.0682 4132 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
12:45:47.0683 4132 ss_bmdfl - ok
12:45:47.0756 4132 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\Windows\system32\DRIVERS\ss_bmdm.sys
12:45:47.0758 4132 ss_bmdm - ok
12:45:47.0871 4132 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:45:47.0871 4132 swenum - ok
12:45:47.0906 4132 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:45:47.0907 4132 Symc8xx - ok
12:45:47.0985 4132 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:45:47.0985 4132 Sym_hi - ok
12:45:48.0000 4132 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:45:48.0001 4132 Sym_u3 - ok
12:45:48.0137 4132 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
12:45:48.0144 4132 Tcpip - ok
12:45:48.0248 4132 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
12:45:48.0254 4132 Tcpip6 - ok
12:45:48.0379 4132 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
12:45:48.0396 4132 tcpipreg - ok
12:45:48.0539 4132 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:45:48.0547 4132 TDPIPE - ok
12:45:48.0683 4132 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:45:48.0712 4132 TDTCP - ok
12:45:48.0895 4132 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:45:48.0896 4132 tdx - ok
12:45:48.0925 4132 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:45:48.0927 4132 TermDD - ok
12:45:49.0026 4132 TridVid (9b2f3069f505a07c7e53d22715643806) C:\Windows\system32\DRIVERS\TridVid.sys
12:45:49.0028 4132 TridVid - ok
12:45:49.0074 4132 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:45:49.0075 4132 tssecsrv - ok
12:45:49.0158 4132 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:45:49.0159 4132 tunmp - ok
12:45:49.0196 4132 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:45:49.0197 4132 tunnel - ok
12:45:49.0277 4132 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
12:45:49.0278 4132 uagp35 - ok
12:45:49.0320 4132 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:45:49.0324 4132 udfs - ok
12:45:49.0409 4132 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
12:45:49.0410 4132 uliagpkx - ok
12:45:49.0433 4132 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
12:45:49.0434 4132 uliahci - ok
12:45:49.0454 4132 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:45:49.0455 4132 UlSata - ok
12:45:49.0533 4132 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:45:49.0534 4132 ulsata2 - ok
12:45:49.0569 4132 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:45:49.0570 4132 umbus - ok
12:45:49.0658 4132 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys
12:45:49.0659 4132 UMPass - ok
12:45:49.0749 4132 USB28xxBGA (6ac8e9fb8ad65179d78413db91ca3e16) C:\Windows\system32\DRIVERS\emBDA.sys
12:45:49.0753 4132 USB28xxBGA - ok
12:45:49.0848 4132 USB28xxOEM (77a71efcec58703c6ef7f2323105ceb3) C:\Windows\system32\DRIVERS\emOEM.sys
12:45:49.0854 4132 USB28xxOEM - ok
12:45:49.0939 4132 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
12:45:49.0941 4132 usbaudio - ok
12:45:49.0951 4132 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:45:49.0952 4132 usbccgp - ok
12:45:49.0975 4132 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:45:49.0976 4132 usbcir - ok
12:45:50.0056 4132 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:45:50.0057 4132 usbehci - ok
12:45:50.0088 4132 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:45:50.0091 4132 usbhub - ok
12:45:50.0175 4132 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
12:45:50.0176 4132 usbohci - ok
12:45:50.0282 4132 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:45:50.0283 4132 usbprint - ok
12:45:50.0331 4132 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
12:45:50.0331 4132 usbscan - ok
12:45:50.0417 4132 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:45:50.0419 4132 USBSTOR - ok
12:45:50.0442 4132 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
12:45:50.0443 4132 usbuhci - ok
12:45:50.0519 4132 VComm (025c2a8cba0ab595d3461d278eff5793) C:\Windows\system32\DRIVERS\VComm.sys
12:45:50.0520 4132 VComm - ok
12:45:50.0559 4132 VcommMgr (95ddf14292354887d7d8c8a0881c7485) C:\Windows\system32\Drivers\VcommMgr.sys
12:45:50.0560 4132 VcommMgr - ok
12:45:50.0637 4132 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
12:45:50.0638 4132 vga - ok
12:45:50.0737 4132 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:45:50.0738 4132 VgaSave - ok
12:45:50.0797 4132 VHidMinidrv (87abb3de0a2d8936245579316c7bb87c) C:\Windows\system32\drivers\VHIDMini.sys
12:45:50.0798 4132 VHidMinidrv - ok
12:45:50.0876 4132 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
12:45:50.0877 4132 viaagp - ok
12:45:50.0893 4132 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
12:45:50.0893 4132 ViaC7 - ok
12:45:50.0922 4132 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
12:45:50.0922 4132 viaide - ok
12:45:51.0020 4132 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:45:51.0021 4132 volmgr - ok
12:45:51.0088 4132 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:45:51.0093 4132 volmgrx - ok
12:45:51.0176 4132 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:45:51.0177 4132 volsnap - ok
12:45:51.0223 4132 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
12:45:51.0224 4132 vsmraid - ok
12:45:51.0346 4132 VX1000 (f4fab0b9d43a65f79fc838c94006f643) C:\Windows\system32\DRIVERS\VX1000.sys
12:45:51.0358 4132 VX1000 - ok
12:45:51.0468 4132 wacmoumonitor (026d58e9d7701f6b26b0b499f1705334) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
12:45:51.0469 4132 wacmoumonitor - ok
12:45:51.0520 4132 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys
12:45:51.0520 4132 wacommousefilter - ok
12:45:51.0585 4132 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:45:51.0586 4132 WacomPen - ok
12:45:51.0635 4132 wacomvhid (846b58ea44bf8c92e4b59f4e2252c4c0) C:\Windows\system32\DRIVERS\wacomvhid.sys
12:45:51.0635 4132 wacomvhid - ok
12:45:51.0667 4132 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:45:51.0668 4132 Wanarp - ok
12:45:51.0686 4132 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:45:51.0687 4132 Wanarpv6 - ok
12:45:51.0774 4132 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:45:51.0774 4132 Wd - ok
12:45:51.0819 4132 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:45:51.0826 4132 Wdf01000 - ok
12:45:51.0976 4132 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:45:51.0977 4132 WmiAcpi - ok
12:45:52.0098 4132 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:45:52.0099 4132 WpdUsb - ok
12:45:52.0179 4132 WPN111 - ok
12:45:52.0210 4132 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:45:52.0211 4132 ws2ifsl - ok
12:45:52.0252 4132 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:45:52.0254 4132 WUDFRd - ok
12:45:52.0423 4132 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (3cb263cf60b253bead6e0205e1fa5669) C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
12:45:52.0424 4132 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
12:45:52.0448 4132 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:45:52.0512 4132 \Device\Harddisk0\DR0 - ok
12:45:52.0515 4132 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
12:45:52.0517 4132 \Device\Harddisk1\DR1 - ok
12:45:52.0521 4132 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk2\DR2
12:45:52.0717 4132 \Device\Harddisk2\DR2 - ok
12:45:53.0212 4132 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk3\DR3
12:45:53.0214 4132 \Device\Harddisk3\DR3 - ok
12:45:53.0228 4132 MBR (0x1B8) (c06b75551e26229d2cebf1f7598b869f) \Device\Harddisk4\DR4
12:45:53.0429 4132 \Device\Harddisk4\DR4 - ok
12:45:53.0432 4132 Boot (0x1200) (3e8d4551b1527a96496bdac3b4e80159) \Device\Harddisk0\DR0\Partition0
12:45:53.0433 4132 \Device\Harddisk0\DR0\Partition0 - ok
12:45:53.0458 4132 Boot (0x1200) (d4e670a7f30604321223700bbde533de) \Device\Harddisk0\DR0\Partition1
12:45:53.0459 4132 \Device\Harddisk0\DR0\Partition1 - ok
12:45:53.0462 4132 Boot (0x1200) (940e42932578b82e8c7a69dadfefbdd5) \Device\Harddisk1\DR1\Partition0
12:45:53.0462 4132 \Device\Harddisk1\DR1\Partition0 - ok
12:45:53.0467 4132 Boot (0x1200) (daa3b4422875353f16daf0512df26894) \Device\Harddisk2\DR2\Partition0
12:45:53.0468 4132 \Device\Harddisk2\DR2\Partition0 - ok
12:45:53.0471 4132 Boot (0x1200) (008eeb30f451b575a81a4c837fe42ebd) \Device\Harddisk3\DR3\Partition0
12:45:53.0472 4132 \Device\Harddisk3\DR3\Partition0 - ok
12:45:53.0476 4132 ============================================================
12:45:53.0476 4132 Scan finished
12:45:53.0476 4132 ============================================================
12:45:53.0486 5668 Detected object count: 0
12:45:53.0486 5668 Actual detected object count: 0
---------- Post toegevoegd om 13:21 ---------- Vorige post was om 13:18 ----------
ComboFix 12-01-26.01 - van de Weerd 26-01-2012 12:56:46.4.4 - x86
Gestart vanuit: c:\users\van de Weerd\Downloads\ComboFix.exe
gebruikte Opdracht switches :: d:\download emuletje\1\CFScript.txt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-26 to 2012-01-26 ))))))))))))))))))))))))))))))
.
.
2012-01-26 12:06 . 2012-01-26 12:06 -------- d-----w- c:\users\van de Weerd\AppData\Local\temp
2012-01-26 12:06 . 2012-01-26 12:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-01-26 12:06 . 2012-01-26 12:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-26 11:41 . 2012-01-26 11:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA863310-E4DC-4F45-A226-E2B522F49685}\MpKslf5d57c02.sys
2012-01-26 09:43 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA863310-E4DC-4F45-A226-E2B522F49685}\mpengine.dll
2012-01-26 00:35 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-26 00:35 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-26 00:35 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-26 00:35 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-26 00:35 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-26 00:35 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-25 16:04 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-24 23:09 . 2012-01-24 23:09 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\DriverCure
2012-01-24 23:09 . 2012-01-24 23:09 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\SpeedMaxPc
2012-01-24 23:08 . 2012-01-25 08:02 -------- d-----w- c:\programdata\SpeedMaxPc
2012-01-24 15:21 . 2012-01-24 15:21 388096 ----a-r- c:\users\van de Weerd\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-24 15:21 . 2012-01-24 15:21 -------- d-----w- c:\program files\Trend Micro
2012-01-23 11:04 . 2012-01-23 11:04 -------- d-----w- c:\programdata\PCStreams
2012-01-23 11:04 . 2012-01-23 11:04 -------- d-----w- c:\users\van de Weerd\AppData\Local\PCStreams3
2012-01-23 11:01 . 2012-01-23 11:01 -------- d-----w- c:\program files\PCStreams
2012-01-23 11:00 . 2012-01-23 11:00 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\Downloaded Installations
2012-01-22 08:38 . 2012-01-22 08:38 -------- d-----w- c:\programdata\Clarus
2012-01-22 08:20 . 2012-01-22 08:20 -------- d-----w- c:\program files\Clarus
2012-01-18 13:20 . 2012-01-18 13:20 -------- d-----w- c:\program files\Common Files\SWF Studio
2012-01-18 13:20 . 2012-01-18 13:20 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\Disney Interactive
2012-01-18 13:18 . 2001-09-05 03:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2012-01-18 13:18 . 2001-09-05 03:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-01-18 13:18 . 2001-09-05 03:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-01-18 13:18 . 2001-09-05 03:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-01-17 15:10 . 2012-01-17 15:10 -------- d-----w- C:\FLAC To MP3
2012-01-14 16:26 . 2009-08-11 20:19 797184 ----a-w- c:\windows\system32\ac3filter.ax
2012-01-14 16:26 . 2007-11-22 09:29 115952 ----a-w- c:\windows\system32\mceesmpeg.ax
2012-01-14 16:26 . 2007-10-10 12:03 171760 ----a-w- c:\windows\system32\mcempgmux.dll
2012-01-14 16:26 . 2007-01-19 12:22 2058744 ----a-w- c:\windows\system32\mcempgvout.004
2012-01-14 16:26 . 2007-01-19 12:22 2002936 ----a-w- c:\windows\system32\mcempgvout.003
2012-01-14 16:26 . 2007-01-19 12:22 2009592 ----a-w- c:\windows\system32\mcempgvout.002
2012-01-14 13:29 . 2012-01-14 13:29 -------- d-----w- c:\program files\MP3 Jukebox
2012-01-12 16:13 . 2012-01-12 16:13 -------- d-----w- c:\program files\USB_video_device
2012-01-12 16:13 . 2011-03-10 01:06 1038080 ----a-w- c:\windows\system32\drivers\emOEM.sys
2012-01-12 16:13 . 2011-03-10 01:05 608128 ----a-w- c:\windows\system32\drivers\emBDA.sys
2012-01-12 16:13 . 2011-03-06 18:37 81920 ----a-w- c:\windows\emMON.exe
2012-01-12 16:13 . 2011-03-06 18:19 114176 ----a-w- c:\windows\system32\emPRP.ax
2012-01-11 13:05 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 13:05 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 13:05 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 13:05 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 13:05 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 13:05 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 13:04 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 13:04 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-05 19:10 . 2012-01-05 19:10 -------- d-----w- C:\Programmabestanden
2012-01-05 11:36 . 2012-01-05 11:38 -------- d-----w- c:\program files\HYTEK Stereo 3D Camera Driver
2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2012-01-02 13:23 . 2012-01-02 13:27 -------- d-----w- c:\program files\SuperMp3Download
2012-01-02 13:14 . 2012-01-02 13:14 -------- d-----w- c:\users\van de Weerd\AppData\Local\APN
2011-12-31 12:58 . 2011-12-31 12:58 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-31 12:58 . 2011-12-31 12:58 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-31 12:58 . 2011-12-31 12:58 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-31 12:58 . 2011-12-31 12:58 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-25 22:00 . 2010-11-01 21:00 3766 --sha-w- c:\programdata\KGyGaAvL.sys
2012-01-24 22:58 . 2010-11-04 01:59 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2012-01-11 14:32 . 2011-12-16 20:09 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-01-06 04:19 . 2011-04-04 11:14 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-04 09:26 . 2010-10-29 10:42 236576 ------w- c:\windows\system32\MpSigStub.exe
2011-11-28 18:43 . 2011-05-31 10:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37 . 2011-12-13 22:06 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42 . 2011-12-13 22:05 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-14 02:05 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-14 02:05 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-14 02:05 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-14 02:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-31 12:58 . 2011-05-06 18:11 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1AD61D5B-58A3-4592-9B34-DC84688FF805}]
2010-06-01 13:35 107328 ----a-w- c:\program files\PDF Suite 2010\PDFIEHelper.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-11-16 641400]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-04 39408]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 7772704]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-09-02 315478]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\L:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79559718.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MyTV Schedule Agent.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MyTV Schedule Agent.lnk
backup=c:\windows\pss\MyTV Schedule Agent.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2011-07-29 10:24 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
2011-10-01 10:40 646232 ----a-w- c:\program files\Bamboo Dock\BambooCore.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2010-03-24 17:50 2516296 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2010-04-02 09:18 1185112 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2007-05-17 21:45 279912 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NETGEARDigitalEntertainer]
2009-04-29 11:22 3498712 ----a-w- c:\program files\NETGEAR\NETGEAR Digital Entertainer for Windows\receiver.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
2009-06-30 16:40 163872 ----a-w- c:\windows\System32\nvraidservice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
2009-11-25 19:42 54672 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]
2011-05-19 03:00 234792 ----a-w- c:\program files\CyberLink\PowerDVD11\PDVD11Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-10-11 15:49 14940040 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-11-04 01:52 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2005-07-28 06:32 94208 ------w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Calendar Checker]
2005-08-22 07:10 69632 ----a-w- c:\program files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-11-16 15:28 641400 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2007-04-10 21:46 709992 ----a-w- c:\windows\vVX1000.exe
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - 93319868
*NewlyCreated* - 95879576
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - MPKSLF5D57C02
*Deregistered* - 93319868
*Deregistered* - 95879576
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-04 01:53]
.
2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-04 01:53]
.
2010-11-12 c:\windows\Tasks\Roxio PhotoShow Updater.job
- c:\program files\Roxio\PhotoShow\auto_updater_shim.exe [2010-06-11 04:25]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Free YouTube Download - c:\users\van de Weerd\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\van de Weerd\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
FF - ProfilePath - c:\users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\
FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
FF - prefs.js: network.proxy.type - 0
FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
FF - user.js: keyword.enabled - 1
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-01-26 13:06
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(544)
c:\program files\Logitech\SetPoint\IMHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
Voltooingstijd: 2012-01-26 13:08:46
ComboFix-quarantined-files.txt 2012-01-26 12:08
ComboFix2.txt 2012-01-26 08:20
ComboFix3.txt 2011-04-04 11:54
.
Pre-Run: 13.470.392.320 bytes beschikbaar
Post-Run: 13.450.002.432 bytes beschikbaar
.
- - End Of File - - 1021D24D9F0147DC9532C097D8710926
