langdurige opstart

Jion · 4 juli 2013

Start TDSSKiller opnieuw op.

Zorg dat je "Change parameters" aanvinkt dus lees eerst alles rustig door of print het uit.

Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.
- Klik hier voor de handleiding van Kaspersky TDSSKiller
[*] Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).

[*] Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"

[*] Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.

[*] Start nu TDSSkiller opnieuw.

[*] Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

[*] Klik op de knop "Start Scan" en volg de instructies.

[*]Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.

Let op alleen bij deze kies je voor delete:
18:51:05.0281 3344 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:51:05.0281 3344 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt
Voeg dit log-bestand als bijlage toe aan het volgende bericht.

steven02 · 4 juli 2013

volgens mij zonder succes, ik hoefde niks te verwijderen.

18:40:35.0203 2540 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:40:35.0718 2540 ============================================================

18:40:35.0718 2540 Current date / time: 2013/07/04 18:40:35.0718

18:40:35.0718 2540 SystemInfo:

18:40:35.0718 2540

18:40:35.0718 2540 OS Version: 5.1.2600 ServicePack: 3.0

18:40:35.0718 2540 Product type: Workstation

18:40:35.0718 2540 ComputerName: ACER1705SCI

18:40:35.0718 2540 UserName: Mijzelf

18:40:35.0718 2540 Windows directory: C:\WINDOWS

18:40:35.0718 2540 System windows directory: C:\WINDOWS

18:40:35.0718 2540 Processor architecture: Intel x86

18:40:35.0718 2540 Number of processors: 1

18:40:35.0718 2540 Page size: 0x1000

18:40:35.0718 2540 Boot type: Normal boot

18:40:35.0718 2540 ============================================================

18:40:37.0984 2540 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:40:38.0015 2540 ============================================================

18:40:38.0015 2540 \Device\Harddisk0\DR0:

18:40:38.0015 2540 MBR partitions:

18:40:38.0015 2540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBE0DDF6

18:40:38.0031 2540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0xBE0DE74, BlocksNum 0x218594D

18:40:38.0031 2540 ============================================================

18:40:38.0031 2540 D: <-> \Device\Harddisk0\DR0\Partition2

18:40:38.0125 2540 C: <-> \Device\Harddisk0\DR0\Partition1

18:40:38.0125 2540 ============================================================

18:40:38.0125 2540 Initialize success

18:40:38.0125 2540 ============================================================

18:40:46.0296 3720 ============================================================

18:40:46.0296 3720 Scan started

18:40:46.0296 3720 Mode: Manual; SigCheck; TDLFS;

18:40:46.0296 3720 ============================================================

18:40:47.0078 3720 ================ Scan system memory ========================

18:40:47.0078 3720 System memory - ok

18:40:47.0093 3720 ================ Scan services =============================

18:40:47.0265 3720 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys

18:40:47.0765 3720 Aavmker4 - ok

18:40:47.0781 3720 Abiosdsk - ok

18:40:47.0812 3720 abp480n5 - ok

18:40:47.0890 3720 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:40:48.0468 3720 ACPI - ok

18:40:48.0515 3720 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:40:48.0968 3720 ACPIEC - ok

18:40:48.0984 3720 adpu160m - ok

18:40:49.0046 3720 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:40:49.0484 3720 aec - ok

18:40:49.0531 3720 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:40:49.0593 3720 AFD - ok

18:40:49.0671 3720 [ E66AE825C42B668A90E67E7E41EEEEE7 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys

18:40:49.0812 3720 AgereSoftModem - ok

18:40:49.0828 3720 Aha154x - ok

18:40:49.0859 3720 aic78u2 - ok

18:40:49.0875 3720 aic78xx - ok

18:40:49.0953 3720 [ B07116C0F3E0E0BDE9B8ECD3D806FFC4 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS

18:40:50.0078 3720 ALCXWDM - ok

18:40:50.0109 3720 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:40:50.0515 3720 Alerter - ok

18:40:50.0562 3720 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe

18:40:51.0015 3720 ALG - ok

18:40:51.0046 3720 AliIde - ok

18:40:51.0078 3720 amsint - ok

18:40:51.0218 3720 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

18:40:51.0250 3720 Apple Mobile Device - ok

18:40:51.0296 3720 AppMgmt - ok

18:40:51.0343 3720 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:40:51.0781 3720 Arp1394 - ok

18:40:51.0812 3720 asc - ok

18:40:51.0828 3720 asc3350p - ok

18:40:51.0859 3720 asc3550 - ok

18:40:51.0984 3720 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

18:40:52.0031 3720 aspnet_state - ok

18:40:52.0078 3720 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys

18:40:52.0109 3720 aswFsBlk - ok

18:40:52.0156 3720 [ CCAFDA4AB7F3738142B3BA7DA311FFB0 ] aswFW C:\WINDOWS\system32\drivers\aswFW.sys

18:40:52.0203 3720 aswFW - ok

18:40:52.0234 3720 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys

18:40:52.0265 3720 aswKbd - ok

18:40:52.0328 3720 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys

18:40:52.0375 3720 aswMon2 - ok

18:40:52.0390 3720 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\WINDOWS\system32\DRIVERS\aswNdis.sys

18:40:52.0437 3720 aswNdis - ok

18:40:52.0484 3720 [ DCF8B68A3A6217F87CA7FA95F535B47E ] aswNdis2 C:\WINDOWS\system32\drivers\aswNdis2.sys

18:40:52.0531 3720 aswNdis2 - ok

18:40:52.0546 3720 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys

18:40:52.0609 3720 aswRdr - ok

18:40:52.0671 3720 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys

18:40:52.0765 3720 aswSnx - ok

18:40:52.0812 3720 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys

18:40:52.0890 3720 aswSP - ok

18:40:52.0921 3720 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys

18:40:52.0953 3720 aswTdi - ok

18:40:52.0984 3720 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:40:53.0437 3720 AsyncMac - ok

18:40:53.0500 3720 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:40:53.0953 3720 atapi - ok

18:40:53.0984 3720 Atdisk - ok

18:40:54.0031 3720 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:40:54.0484 3720 Atmarpc - ok

18:40:54.0531 3720 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:40:55.0031 3720 AudioSrv - ok

18:40:55.0078 3720 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:40:55.0531 3720 audstub - ok

18:40:55.0609 3720 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

18:40:55.0671 3720 avast! Antivirus - ok

18:40:55.0718 3720 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\Alwil Software\Avast5\afwServ.exe

18:40:55.0781 3720 avast! Firewall - ok

18:40:55.0890 3720 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:40:56.0750 3720 Beep - ok

18:40:56.0796 3720 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll

18:40:57.0890 3720 BITS - ok

18:40:57.0968 3720 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll

18:40:58.0875 3720 Browser - ok

18:40:59.0390 3720 catchme - ok

18:40:59.0437 3720 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:41:01.0250 3720 cbidf2k - ok

18:41:01.0734 3720 cd20xrnt - ok

18:41:02.0125 3720 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:41:04.0578 3720 Cdaudio - ok

18:41:04.0796 3720 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:41:07.0843 3720 Cdfs - ok

18:41:07.0875 3720 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:41:11.0421 3720 Cdrom - ok

18:41:11.0609 3720 Changer - ok

18:41:12.0015 3720 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:41:14.0718 3720 CiSvc - ok

18:41:15.0093 3720 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:41:17.0500 3720 ClipSrv - ok

18:41:17.0953 3720 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:41:18.0546 3720 clr_optimization_v2.0.50727_32 - ok

18:41:18.0781 3720 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:41:21.0390 3720 CmBatt - ok

18:41:21.0406 3720 CmdIde - ok

18:41:21.0562 3720 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:41:22.0265 3720 Compbatt - ok

18:41:22.0328 3720 COMSysApp - ok

18:41:22.0421 3720 Cpqarray - ok

18:41:22.0484 3720 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:41:23.0125 3720 CryptSvc - ok

18:41:23.0140 3720 dac2w2k - ok

18:41:23.0265 3720 dac960nt - ok

18:41:23.0390 3720 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:41:23.0875 3720 DcomLaunch - ok

18:41:23.0921 3720 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:41:24.0437 3720 Dhcp - ok

18:41:24.0468 3720 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:41:25.0218 3720 Disk - ok

18:41:25.0265 3720 [ 4B474C4B3932BCA5C2D44AD38BCD465F ] DKbFltr C:\WINDOWS\system32\Drivers\DKbFltr.sys

18:41:25.0484 3720 DKbFltr ( UnsignedFile.Multi.Generic ) - warning

18:41:25.0484 3720 DKbFltr - detected UnsignedFile.Multi.Generic (1)

18:41:25.0500 3720 dmadmin - ok

18:41:25.0593 3720 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:41:26.0187 3720 dmboot - ok

18:41:26.0234 3720 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:41:26.0703 3720 dmio - ok

18:41:26.0765 3720 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:41:27.0296 3720 dmload - ok

18:41:27.0343 3720 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll

18:41:27.0890 3720 dmserver - ok

18:41:27.0921 3720 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:41:28.0359 3720 DMusic - ok

18:41:28.0406 3720 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:41:28.0734 3720 Dnscache - ok

18:41:28.0781 3720 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:41:29.0390 3720 Dot3svc - ok

18:41:29.0437 3720 dpti2o - ok

18:41:29.0484 3720 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:41:30.0187 3720 drmkaud - ok

18:41:30.0265 3720 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:41:31.0562 3720 EapHost - ok

18:41:31.0625 3720 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:41:32.0562 3720 ERSvc - ok

18:41:32.0640 3720 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe

18:41:33.0375 3720 Eventlog - ok

18:41:33.0468 3720 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll

18:41:33.0640 3720 EventSystem - ok

18:41:33.0687 3720 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:41:34.0359 3720 Fastfat - ok

18:41:34.0453 3720 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:41:34.0703 3720 FastUserSwitchingCompatibility - ok

18:41:34.0906 3720 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

18:41:35.0453 3720 Fdc - ok

18:41:35.0484 3720 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:41:36.0046 3720 Fips - ok

18:41:36.0093 3720 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:41:36.0562 3720 Flpydisk - ok

18:41:36.0656 3720 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:41:37.0156 3720 FltMgr - ok

18:41:37.0265 3720 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:41:37.0343 3720 FontCache3.0.0.0 - ok

18:41:37.0390 3720 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:41:37.0984 3720 Fs_Rec - ok

18:41:38.0031 3720 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:41:38.0593 3720 Ftdisk - ok

18:41:38.0640 3720 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:41:38.0687 3720 GEARAspiWDM - ok

18:41:38.0718 3720 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:41:39.0234 3720 Gpc - ok

18:41:39.0437 3720 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

18:41:39.0484 3720 gupdate - ok

18:41:39.0593 3720 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

18:41:39.0640 3720 gupdatem - ok

18:41:39.0718 3720 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:41:39.0781 3720 gusvc - ok

18:41:39.0984 3720 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:41:40.0421 3720 helpsvc - ok

18:41:40.0453 3720 HidServ - ok

18:41:40.0515 3720 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:41:41.0234 3720 HidUsb - ok

18:41:41.0265 3720 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:41:41.0765 3720 hkmsvc - ok

18:41:41.0875 3720 [ C5F00D15AA15CB7F55A027FF75E44BB7 ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

18:41:42.0187 3720 HP Port Resolver - ok

18:41:42.0203 3720 [ C5A288E4CEEF5A26D105117BAA3763AB ] HP Status Server C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

18:41:42.0703 3720 HP Status Server - ok

18:41:42.0734 3720 hpn - ok

18:41:42.0781 3720 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:41:43.0187 3720 HPZid412 - ok

18:41:43.0218 3720 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:41:43.0593 3720 HPZipr12 - ok

18:41:43.0609 3720 [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:41:43.0984 3720 HPZius12 - ok

18:41:44.0031 3720 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:41:44.0218 3720 HTTP - ok

18:41:44.0281 3720 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:41:44.0843 3720 HTTPFilter - ok

18:41:44.0875 3720 i2omgmt - ok

18:41:44.0921 3720 i2omp - ok

18:41:44.0968 3720 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:41:45.0437 3720 i8042prt - ok

18:41:45.0531 3720 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:41:45.0718 3720 idsvc - ok

18:41:45.0765 3720 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:41:46.0312 3720 Imapi - ok

18:41:46.0390 3720 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe

18:41:46.0984 3720 ImapiService - ok

18:41:47.0046 3720 ini910u - ok

18:41:47.0109 3720 IntelIde - ok

18:41:47.0156 3720 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:41:47.0671 3720 intelppm - ok

18:41:47.0734 3720 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:41:48.0281 3720 Ip6Fw - ok

18:41:48.0343 3720 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:41:48.0906 3720 IpFilterDriver - ok

18:41:48.0953 3720 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:41:49.0578 3720 IpInIp - ok

18:41:49.0656 3720 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:41:50.0421 3720 IpNat - ok

18:41:50.0500 3720 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:41:50.0671 3720 iPod Service - ok

18:41:50.0703 3720 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:41:51.0343 3720 IPSec - ok

18:41:51.0421 3720 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:41:52.0515 3720 IRENUM - ok

18:41:52.0656 3720 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:41:53.0578 3720 isapnp - ok

18:41:53.0750 3720 [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

18:41:53.0796 3720 JavaQuickStarterService - ok

18:41:53.0875 3720 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:41:54.0468 3720 Kbdclass - ok

18:41:54.0531 3720 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:41:55.0468 3720 kmixer - ok

18:41:55.0593 3720 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:41:56.0046 3720 KSecDD - ok

18:41:56.0109 3720 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:41:56.0296 3720 lanmanserver - ok

18:41:56.0359 3720 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:41:56.0484 3720 lanmanworkstation - ok

18:41:56.0515 3720 lbrtfdc - ok

18:41:56.0734 3720 [ 00944D59948596721D17510C94CD3E4F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

18:41:56.0812 3720 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

18:41:56.0812 3720 LightScribeService - detected UnsignedFile.Multi.Generic (1)

18:41:56.0921 3720 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:41:57.0468 3720 LmHosts - ok

18:41:57.0531 3720 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

18:41:57.0578 3720 MBAMProtector - ok

18:41:57.0687 3720 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

18:41:58.0062 3720 MBAMScheduler - ok

18:41:58.0140 3720 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

18:41:58.0312 3720 MBAMService - ok

18:41:58.0406 3720 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:41:58.0890 3720 Messenger - ok

18:41:58.0937 3720 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:41:59.0578 3720 mnmdd - ok

18:41:59.0656 3720 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

18:42:00.0234 3720 mnmsrvc - ok

18:42:00.0296 3720 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:42:01.0250 3720 Modem - ok

18:42:01.0359 3720 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:42:02.0000 3720 Mouclass - ok

18:42:02.0343 3720 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:42:03.0515 3720 mouhid - ok

18:42:03.0765 3720 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:42:06.0515 3720 MountMgr - ok

18:42:07.0171 3720 mraid35x - ok

18:42:07.0750 3720 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:42:10.0578 3720 MRxDAV - ok

18:42:11.0015 3720 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:42:13.0093 3720 MRxSmb - ok

18:42:13.0500 3720 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe

18:42:15.0656 3720 MSDTC - ok

18:42:16.0015 3720 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:42:17.0765 3720 Msfs - ok

18:42:17.0843 3720 MSIServer - ok

18:42:18.0000 3720 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:42:19.0671 3720 MSKSSRV - ok

18:42:19.0718 3720 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:42:20.0421 3720 MSPCLOCK - ok

18:42:20.0500 3720 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:42:21.0078 3720 MSPQM - ok

18:42:21.0125 3720 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:42:21.0671 3720 mssmbios - ok

18:42:21.0734 3720 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:42:21.0828 3720 Mup - ok

18:42:21.0890 3720 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll

18:42:22.0437 3720 napagent - ok

18:42:22.0500 3720 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:42:22.0984 3720 NDIS - ok

18:42:23.0031 3720 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:42:23.0093 3720 NdisTapi - ok

18:42:23.0140 3720 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:42:23.0687 3720 Ndisuio - ok

18:42:23.0750 3720 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:42:24.0453 3720 NdisWan - ok

18:42:24.0500 3720 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:42:24.0562 3720 NDProxy - ok

18:42:24.0609 3720 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:42:25.0093 3720 NetBIOS - ok

18:42:25.0140 3720 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:42:25.0578 3720 NetBT - ok

18:42:25.0625 3720 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe

18:42:26.0062 3720 NetDDE - ok

18:42:26.0078 3720 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:42:26.0531 3720 NetDDEdsdm - ok

18:42:26.0578 3720 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:42:27.0078 3720 Netlogon - ok

18:42:27.0125 3720 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll

18:42:27.0703 3720 Netman - ok

18:42:28.0187 3720 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:42:28.0250 3720 NetTcpPortSharing - ok

18:42:28.0312 3720 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:42:29.0046 3720 NIC1394 - ok

18:42:29.0203 3720 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll

18:42:29.0468 3720 Nla - ok

18:42:29.0515 3720 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:42:29.0968 3720 Npfs - ok

18:42:30.0031 3720 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:42:30.0750 3720 Ntfs - ok

18:42:30.0781 3720 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

18:42:31.0546 3720 NtLmSsp - ok

18:42:31.0625 3720 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:42:32.0125 3720 NtmsSvc - ok

18:42:32.0156 3720 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

18:42:32.0921 3720 Null - ok

18:42:33.0093 3720 [ A1946DC75F5D9458783D236AADA04A09 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:42:33.0484 3720 nv - ok

18:42:33.0531 3720 [ 6635591C7E6C47F68524CAA27BB39F88 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

18:42:33.0625 3720 NVSvc - ok

18:42:33.0687 3720 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:42:34.0187 3720 NwlnkFlt - ok

18:42:34.0218 3720 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:42:34.0828 3720 NwlnkFwd - ok

18:42:34.0875 3720 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:42:35.0406 3720 ohci1394 - ok

18:42:35.0484 3720 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

18:42:36.0265 3720 Parport - ok

18:42:36.0500 3720 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:42:36.0984 3720 PartMgr - ok

18:42:37.0031 3720 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:42:37.0562 3720 ParVdm - ok

18:42:37.0609 3720 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:42:38.0093 3720 PCI - ok

18:42:38.0125 3720 PCIDump - ok

18:42:38.0187 3720 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:42:38.0781 3720 PCIIde - ok

18:42:38.0812 3720 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys

18:42:39.0328 3720 Pcmcia - ok

18:42:39.0343 3720 PDCOMP - ok

18:42:39.0390 3720 PDFRAME - ok

18:42:39.0421 3720 PDRELI - ok

18:42:39.0453 3720 PDRFRAME - ok

18:42:39.0500 3720 perc2 - ok

18:42:39.0531 3720 perc2hib - ok

18:42:39.0640 3720 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe

18:42:39.0937 3720 PlugPlay - ok

18:42:39.0984 3720 [ A38B3CE68E7F126190CDE4AA3FDF050F ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe

18:42:40.0328 3720 Pml Driver HPZ12 - ok

18:42:40.0343 3720 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:42:40.0765 3720 PolicyAgent - ok

18:42:40.0812 3720 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:42:41.0250 3720 PptpMiniport - ok

18:42:41.0312 3720 [ E16774ADF65A5BE9738D33B96E64F347 ] PRISM C:\WINDOWS\system32\DRIVERS\EXPRESS.sys

18:42:41.0453 3720 PRISM - ok

18:42:41.0484 3720 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:42:41.0968 3720 ProtectedStorage - ok

18:42:42.0000 3720 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

18:42:42.0453 3720 PSched - ok

18:42:42.0484 3720 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:42:42.0968 3720 Ptilink - ok

18:42:43.0031 3720 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:42:43.0062 3720 PxHelp20 - ok

18:42:43.0093 3720 ql1080 - ok

18:42:43.0125 3720 Ql10wnt - ok

18:42:43.0156 3720 ql12160 - ok

18:42:43.0187 3720 ql1240 - ok

18:42:43.0218 3720 ql1280 - ok

18:42:43.0265 3720 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:42:43.0796 3720 RasAcd - ok

18:42:43.0859 3720 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:42:44.0296 3720 RasAuto - ok

18:42:44.0328 3720 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:42:44.0781 3720 Rasl2tp - ok

18:42:44.0859 3720 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll

18:42:45.0468 3720 RasMan - ok

18:42:45.0515 3720 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:42:46.0234 3720 RasPppoe - ok

18:42:46.0265 3720 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:42:47.0046 3720 Raspti - ok

18:42:47.0078 3720 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:42:47.0593 3720 Rdbss - ok

18:42:47.0625 3720 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:42:48.0062 3720 RDPCDD - ok

18:42:48.0171 3720 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:42:48.0359 3720 RDPWD - ok

18:42:48.0421 3720 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:42:48.0875 3720 RDSessMgr - ok

18:42:48.0921 3720 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:42:49.0328 3720 redbook - ok

18:42:49.0406 3720 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

18:42:49.0906 3720 RemoteAccess - ok

18:42:49.0953 3720 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe

18:42:50.0484 3720 RpcLocator - ok

18:42:50.0562 3720 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\System32\rpcss.dll

18:42:50.0890 3720 RpcSs - ok

18:42:50.0937 3720 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe

18:42:51.0593 3720 RSVP - ok

18:42:51.0640 3720 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe

18:42:52.0234 3720 SamSs - ok

18:42:52.0281 3720 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:42:52.0968 3720 SCardSvr - ok

18:42:53.0031 3720 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:42:53.0796 3720 Schedule - ok

18:42:53.0906 3720 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:42:54.0437 3720 Secdrv - ok

18:42:54.0484 3720 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll

18:42:54.0921 3720 seclogon - ok

18:42:54.0953 3720 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll

18:42:55.0406 3720 SENS - ok

18:42:55.0453 3720 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

18:42:56.0015 3720 serenum - ok

18:42:56.0062 3720 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

18:42:56.0640 3720 Serial - ok

18:42:56.0750 3720 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:42:57.0218 3720 Sfloppy - ok

18:42:57.0265 3720 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:42:57.0734 3720 SharedAccess - ok

18:42:57.0812 3720 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:42:57.0984 3720 ShellHWDetection - ok

18:42:58.0000 3720 Simbad - ok

18:42:58.0046 3720 [ FCBB10EEBFBCE575CA48543F40DCF4BF ] sisagp C:\WINDOWS\system32\DRIVERS\SISAGPX.sys

18:42:58.0078 3720 sisagp - ok

18:42:58.0156 3720 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys

18:42:58.0625 3720 SISNIC - ok

18:42:58.0656 3720 Sparrow - ok

18:42:58.0687 3720 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:42:59.0218 3720 splitter - ok

18:42:59.0281 3720 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:42:59.0359 3720 Spooler - ok

18:42:59.0406 3720 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:42:59.0890 3720 sr - ok

18:42:59.0984 3720 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll

18:43:00.0515 3720 srservice - ok

18:43:00.0593 3720 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:43:00.0750 3720 Srv - ok

18:43:00.0812 3720 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:43:01.0406 3720 SSDPSRV - ok

18:43:01.0468 3720 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:43:02.0656 3720 stisvc - ok

18:43:02.0703 3720 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:43:03.0765 3720 swenum - ok

18:43:03.0796 3720 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:43:04.0859 3720 swmidi - ok

18:43:04.0906 3720 SwPrv - ok

18:43:04.0937 3720 symc810 - ok

18:43:04.0937 3720 symc8xx - ok

18:43:04.0968 3720 sym_hi - ok

18:43:04.0984 3720 sym_u3 - ok

18:43:05.0093 3720 [ DECAF721585F9DB53D60D70FD064B6BB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:43:05.0312 3720 SynTP - ok

18:43:05.0343 3720 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:43:05.0937 3720 sysaudio - ok

18:43:06.0000 3720 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:43:06.0515 3720 SysmonLog - ok

18:43:06.0578 3720 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:43:07.0250 3720 TapiSrv - ok

18:43:07.0406 3720 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:43:07.0843 3720 Tcpip - ok

18:43:07.0921 3720 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:43:08.0390 3720 TDPIPE - ok

18:43:08.0421 3720 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:43:09.0046 3720 TDTCP - ok

18:43:09.0078 3720 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:43:09.0843 3720 TermDD - ok

18:43:09.0921 3720 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll

18:43:10.0656 3720 TermService - ok

18:43:10.0718 3720 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll

18:43:10.0921 3720 Themes - ok

18:43:11.0031 3720 TosIde - ok

18:43:11.0093 3720 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:43:11.0750 3720 TrkWks - ok

18:43:11.0828 3720 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:43:12.0453 3720 Udfs - ok

18:43:12.0484 3720 ultra - ok

18:43:12.0625 3720 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:43:13.0984 3720 Update - ok

18:43:14.0062 3720 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll

18:43:14.0562 3720 upnphost - ok

18:43:14.0609 3720 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe

18:43:15.0359 3720 UPS - ok

18:43:15.0515 3720 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:43:16.0156 3720 usbccgp - ok

18:43:16.0234 3720 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:43:16.0859 3720 usbehci - ok

18:43:16.0906 3720 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:43:17.0937 3720 usbhub - ok

18:43:17.0984 3720 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

18:43:18.0578 3720 usbohci - ok

18:43:18.0625 3720 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:43:19.0218 3720 usbprint - ok

18:43:19.0281 3720 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:43:19.0828 3720 usbscan - ok

18:43:19.0859 3720 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:43:20.0406 3720 USBSTOR - ok

18:43:20.0468 3720 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:43:21.0156 3720 VgaSave - ok

18:43:21.0187 3720 ViaIde - ok

18:43:21.0265 3720 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:43:21.0828 3720 VolSnap - ok

18:43:21.0890 3720 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe

18:43:22.0625 3720 VSS - ok

18:43:22.0671 3720 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll

18:43:23.0171 3720 W32Time - ok

18:43:23.0234 3720 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:43:24.0562 3720 Wanarp - ok

18:43:24.0671 3720 WDICA - ok

18:43:24.0828 3720 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:43:25.0796 3720 wdmaud - ok

18:43:25.0859 3720 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll

18:43:29.0000 3720 WebClient - ok

18:43:29.0734 3720 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:43:32.0703 3720 winmgmt - ok

18:43:33.0656 3720 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:43:34.0359 3720 WmdmPmSN - ok

18:43:35.0109 3720 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:43:37.0015 3720 WmiApSrv - ok

18:43:37.0296 3720 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:43:38.0437 3720 WMPNetworkSvc - ok

18:43:38.0500 3720 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:43:39.0218 3720 WS2IFSL - ok

18:43:39.0265 3720 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:43:39.0703 3720 wscsvc - ok

18:43:39.0765 3720 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:43:40.0171 3720 wuauserv - ok

18:43:40.0218 3720 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:43:40.0281 3720 WudfPf - ok

18:43:40.0312 3720 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:43:40.0375 3720 WudfRd - ok

18:43:40.0406 3720 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:43:40.0468 3720 WudfSvc - ok

18:43:40.0531 3720 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:43:40.0953 3720 WZCSVC - ok

18:43:41.0015 3720 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:43:41.0421 3720 xmlprov - ok

18:43:41.0484 3720 ================ Scan global ===============================

18:43:41.0515 3720 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll

18:43:41.0578 3720 [ 6D43938F4980D62E091AE2F755FC259B ] C:\WINDOWS\system32\winsrv.dll

18:43:41.0625 3720 [ 6D43938F4980D62E091AE2F755FC259B ] C:\WINDOWS\system32\winsrv.dll

18:43:41.0671 3720 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe

18:43:41.0671 3720 [Global] - ok

18:43:41.0687 3720 ================ Scan MBR ==================================

18:43:41.0703 3720 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0

18:43:41.0953 3720 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

18:43:41.0953 3720 \Device\Harddisk0\DR0 - detected TDSS File System (1)

18:43:41.0968 3720 ================ Scan VBR ==================================

18:43:41.0968 3720 [ A6D810D90453049E63E9A4C4B54DC3D8 ] \Device\Harddisk0\DR0\Partition1

18:43:41.0984 3720 \Device\Harddisk0\DR0\Partition1 - ok

18:43:42.0015 3720 [ 6E82B092BF0E74F58A62EB517BFB1668 ] \Device\Harddisk0\DR0\Partition2

18:43:42.0015 3720 \Device\Harddisk0\DR0\Partition2 - ok

18:43:42.0031 3720 ============================================================

18:43:42.0031 3720 Scan finished

18:43:42.0031 3720 ============================================================

18:43:42.0406 3756 Detected object count: 3

18:43:42.0406 3756 Actual detected object count: 3

18:43:49.0906 3756 DKbFltr ( UnsignedFile.Multi.Generic ) - skipped by user

18:43:49.0906 3756 DKbFltr ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:43:49.0906 3756 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

18:43:49.0906 3756 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:43:49.0937 3756 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

18:43:49.0937 3756 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

- - - Updated - - -

sorry, ik had onderstaande niet verwijdert omwille van niet exact dezelfde benaming alhoewel het voorzetsel (18:43:49.0937 3756)wellicht geen belang heeft...

onderstaand de log na verwijdering.

18:43:49.0937 3756 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

18:43:49.0937 3756 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

18:46:49.0640 2452 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:46:49.0906 2452 ============================================================

18:46:49.0906 2452 Current date / time: 2013/07/04 18:46:49.0906

18:46:49.0906 2452 SystemInfo:

18:46:49.0906 2452

18:46:49.0906 2452 OS Version: 5.1.2600 ServicePack: 3.0

18:46:49.0906 2452 Product type: Workstation

18:46:49.0906 2452 ComputerName: ACER1705SCI

18:46:49.0906 2452 UserName: Mijzelf

18:46:49.0906 2452 Windows directory: C:\WINDOWS

18:46:49.0906 2452 System windows directory: C:\WINDOWS

18:46:49.0906 2452 Processor architecture: Intel x86

18:46:49.0906 2452 Number of processors: 1

18:46:49.0906 2452 Page size: 0x1000

18:46:49.0906 2452 Boot type: Normal boot

18:46:49.0906 2452 ============================================================

18:46:51.0546 2452 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:46:51.0546 2452 ============================================================

18:46:51.0546 2452 \Device\Harddisk0\DR0:

18:46:51.0546 2452 MBR partitions:

18:46:51.0546 2452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBE0DDF6

18:46:51.0578 2452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0xBE0DE74, BlocksNum 0x218594D

18:46:51.0578 2452 ============================================================

18:46:51.0578 2452 D: <-> \Device\Harddisk0\DR0\Partition2

18:46:51.0640 2452 C: <-> \Device\Harddisk0\DR0\Partition1

18:46:51.0640 2452 ============================================================

18:46:51.0640 2452 Initialize success

18:46:51.0640 2452 ============================================================

18:46:59.0531 3260 ============================================================

18:46:59.0531 3260 Scan started

18:46:59.0531 3260 Mode: Manual; SigCheck; TDLFS;

18:46:59.0531 3260 ============================================================

18:47:00.0000 3260 ================ Scan system memory ========================

18:47:00.0000 3260 System memory - ok

18:47:00.0015 3260 ================ Scan services =============================

18:47:00.0187 3260 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys

18:47:00.0468 3260 Aavmker4 - ok

18:47:00.0484 3260 Abiosdsk - ok

18:47:00.0515 3260 abp480n5 - ok

18:47:00.0593 3260 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:47:01.0109 3260 ACPI - ok

18:47:01.0171 3260 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:47:01.0578 3260 ACPIEC - ok

18:47:01.0609 3260 adpu160m - ok

18:47:01.0656 3260 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:47:02.0078 3260 aec - ok

18:47:02.0140 3260 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:47:02.0187 3260 AFD - ok

18:47:02.0281 3260 [ E66AE825C42B668A90E67E7E41EEEEE7 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys

18:47:02.0406 3260 AgereSoftModem - ok

18:47:02.0421 3260 Aha154x - ok

18:47:02.0453 3260 aic78u2 - ok

18:47:02.0468 3260 aic78xx - ok

18:47:02.0546 3260 [ B07116C0F3E0E0BDE9B8ECD3D806FFC4 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS

18:47:02.0656 3260 ALCXWDM - ok

18:47:02.0687 3260 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:47:03.0093 3260 Alerter - ok

18:47:03.0125 3260 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe

18:47:03.0531 3260 ALG - ok

18:47:03.0562 3260 AliIde - ok

18:47:03.0593 3260 amsint - ok

18:47:03.0734 3260 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

18:47:03.0765 3260 Apple Mobile Device - ok

18:47:03.0796 3260 AppMgmt - ok

18:47:03.0843 3260 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:47:04.0250 3260 Arp1394 - ok

18:47:04.0265 3260 asc - ok

18:47:04.0281 3260 asc3350p - ok

18:47:04.0312 3260 asc3550 - ok

18:47:04.0421 3260 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

18:47:04.0453 3260 aspnet_state - ok

18:47:04.0515 3260 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys

18:47:04.0546 3260 aswFsBlk - ok

18:47:04.0593 3260 [ CCAFDA4AB7F3738142B3BA7DA311FFB0 ] aswFW C:\WINDOWS\system32\drivers\aswFW.sys

18:47:04.0625 3260 aswFW - ok

18:47:04.0671 3260 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys

18:47:04.0703 3260 aswKbd - ok

18:47:04.0765 3260 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys

18:47:04.0796 3260 aswMon2 - ok

18:47:04.0812 3260 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\WINDOWS\system32\DRIVERS\aswNdis.sys

18:47:04.0859 3260 aswNdis - ok

18:47:04.0937 3260 [ DCF8B68A3A6217F87CA7FA95F535B47E ] aswNdis2 C:\WINDOWS\system32\drivers\aswNdis2.sys

18:47:04.0968 3260 aswNdis2 - ok

18:47:05.0000 3260 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys

18:47:05.0031 3260 aswRdr - ok

18:47:05.0109 3260 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys

18:47:05.0203 3260 aswSnx - ok

18:47:05.0250 3260 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys

18:47:05.0312 3260 aswSP - ok

18:47:05.0328 3260 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys

18:47:05.0359 3260 aswTdi - ok

18:47:05.0406 3260 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:47:05.0796 3260 AsyncMac - ok

18:47:05.0859 3260 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:47:06.0281 3260 atapi - ok

18:47:06.0312 3260 Atdisk - ok

18:47:06.0359 3260 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:47:06.0765 3260 Atmarpc - ok

18:47:06.0828 3260 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:47:07.0234 3260 AudioSrv - ok

18:47:07.0281 3260 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:47:07.0718 3260 audstub - ok

18:47:07.0812 3260 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

18:47:07.0843 3260 avast! Antivirus - ok

18:47:07.0906 3260 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\Alwil Software\Avast5\afwServ.exe

18:47:07.0937 3260 avast! Firewall - ok

18:47:08.0000 3260 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:47:08.0421 3260 Beep - ok

18:47:08.0484 3260 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll

18:47:08.0921 3260 BITS - ok

18:47:08.0968 3260 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll

18:47:09.0031 3260 Browser - ok

18:47:09.0171 3260 catchme - ok

18:47:09.0234 3260 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:47:09.0703 3260 cbidf2k - ok

18:47:09.0718 3260 cd20xrnt - ok

18:47:09.0781 3260 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:47:10.0203 3260 Cdaudio - ok

18:47:10.0250 3260 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:47:10.0671 3260 Cdfs - ok

18:47:10.0718 3260 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:47:11.0125 3260 Cdrom - ok

18:47:11.0140 3260 Changer - ok

18:47:11.0203 3260 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:47:11.0625 3260 CiSvc - ok

18:47:11.0640 3260 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:47:12.0046 3260 ClipSrv - ok

18:47:12.0093 3260 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:47:12.0125 3260 clr_optimization_v2.0.50727_32 - ok

18:47:12.0187 3260 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:47:12.0578 3260 CmBatt - ok

18:47:12.0593 3260 CmdIde - ok

18:47:12.0656 3260 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:47:13.0062 3260 Compbatt - ok

18:47:13.0093 3260 COMSysApp - ok

18:47:13.0140 3260 Cpqarray - ok

18:47:13.0203 3260 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:47:13.0609 3260 CryptSvc - ok

18:47:13.0625 3260 dac2w2k - ok

18:47:13.0640 3260 dac960nt - ok

18:47:13.0718 3260 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:47:13.0968 3260 DcomLaunch - ok

18:47:14.0015 3260 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:47:14.0437 3260 Dhcp - ok

18:47:14.0484 3260 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:47:14.0843 3260 Disk - ok

18:47:14.0890 3260 [ 4B474C4B3932BCA5C2D44AD38BCD465F ] DKbFltr C:\WINDOWS\system32\Drivers\DKbFltr.sys

18:47:14.0921 3260 DKbFltr ( UnsignedFile.Multi.Generic ) - warning

18:47:14.0921 3260 DKbFltr - detected UnsignedFile.Multi.Generic (1)

18:47:14.0953 3260 dmadmin - ok

18:47:15.0031 3260 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:47:15.0468 3260 dmboot - ok

18:47:15.0515 3260 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:47:15.0921 3260 dmio - ok

18:47:15.0968 3260 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:47:16.0484 3260 dmload - ok

18:47:16.0546 3260 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll

18:47:16.0968 3260 dmserver - ok

18:47:17.0328 3260 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:47:18.0406 3260 DMusic - ok

18:47:18.0453 3260 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:47:18.0671 3260 Dnscache - ok

18:47:18.0703 3260 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:47:19.0109 3260 Dot3svc - ok

18:47:19.0125 3260 dpti2o - ok

18:47:19.0156 3260 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:47:19.0843 3260 drmkaud - ok

18:47:19.0890 3260 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:47:20.0453 3260 EapHost - ok

18:47:20.0484 3260 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:47:22.0281 3260 ERSvc - ok

18:47:22.0500 3260 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe

18:47:23.0000 3260 Eventlog - ok

18:47:23.0062 3260 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll

18:47:23.0125 3260 EventSystem - ok

18:47:23.0156 3260 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:47:24.0546 3260 Fastfat - ok

18:47:24.0593 3260 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:47:24.0640 3260 FastUserSwitchingCompatibility - ok

18:47:24.0687 3260 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

18:47:25.0359 3260 Fdc - ok

18:47:25.0421 3260 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:47:26.0531 3260 Fips - ok

18:47:26.0562 3260 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:47:26.0968 3260 Flpydisk - ok

18:47:27.0031 3260 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:47:28.0078 3260 FltMgr - ok

18:47:28.0171 3260 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:47:28.0609 3260 FontCache3.0.0.0 - ok

18:47:28.0640 3260 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:47:29.0406 3260 Fs_Rec - ok

18:47:29.0437 3260 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:47:30.0593 3260 Ftdisk - ok

18:47:30.0640 3260 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:47:30.0671 3260 GEARAspiWDM - ok

18:47:30.0703 3260 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:47:31.0093 3260 Gpc - ok

18:47:31.0203 3260 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

18:47:31.0234 3260 gupdate - ok

18:47:31.0250 3260 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

18:47:31.0281 3260 gupdatem - ok

18:47:31.0359 3260 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:47:31.0390 3260 gusvc - ok

18:47:31.0484 3260 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:47:31.0890 3260 helpsvc - ok

18:47:31.0906 3260 HidServ - ok

18:47:31.0937 3260 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:47:32.0312 3260 HidUsb - ok

18:47:32.0359 3260 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:47:32.0750 3260 hkmsvc - ok

18:47:32.0828 3260 [ C5F00D15AA15CB7F55A027FF75E44BB7 ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

18:47:33.0093 3260 HP Port Resolver - ok

18:47:33.0109 3260 [ C5A288E4CEEF5A26D105117BAA3763AB ] HP Status Server C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

18:47:33.0328 3260 HP Status Server - ok

18:47:33.0343 3260 hpn - ok

18:47:33.0390 3260 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:47:33.0453 3260 HPZid412 - ok

18:47:33.0468 3260 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:47:33.0531 3260 HPZipr12 - ok

18:47:33.0546 3260 [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:47:33.0609 3260 HPZius12 - ok

18:47:33.0640 3260 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:47:33.0703 3260 HTTP - ok

18:47:33.0750 3260 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:47:34.0156 3260 HTTPFilter - ok

18:47:34.0156 3260 i2omgmt - ok

18:47:34.0171 3260 i2omp - ok

18:47:34.0218 3260 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:47:34.0609 3260 i8042prt - ok

18:47:34.0718 3260 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:47:34.0828 3260 idsvc - ok

18:47:34.0843 3260 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:47:35.0593 3260 Imapi - ok

18:47:35.0640 3260 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe

18:47:36.0062 3260 ImapiService - ok

18:47:36.0078 3260 ini910u - ok

18:47:36.0109 3260 IntelIde - ok

18:47:36.0156 3260 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:47:37.0578 3260 intelppm - ok

18:47:37.0796 3260 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:47:38.0906 3260 Ip6Fw - ok

18:47:38.0953 3260 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:47:39.0390 3260 IpFilterDriver - ok

18:47:39.0421 3260 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:47:39.0828 3260 IpInIp - ok

18:47:39.0859 3260 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:47:40.0250 3260 IpNat - ok

18:47:40.0296 3260 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:47:40.0359 3260 iPod Service - ok

18:47:40.0406 3260 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:47:40.0796 3260 IPSec - ok

18:47:40.0828 3260 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:47:41.0234 3260 IRENUM - ok

18:47:41.0281 3260 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:47:41.0671 3260 isapnp - ok

18:47:41.0750 3260 [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

18:47:41.0781 3260 JavaQuickStarterService - ok

18:47:41.0828 3260 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:47:42.0250 3260 Kbdclass - ok

18:47:42.0296 3260 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:47:42.0687 3260 kmixer - ok

18:47:42.0734 3260 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:47:43.0359 3260 KSecDD - ok

18:47:43.0437 3260 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:47:43.0796 3260 lanmanserver - ok

18:47:43.0843 3260 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:47:43.0906 3260 lanmanworkstation - ok

18:47:43.0921 3260 lbrtfdc - ok

18:47:44.0015 3260 [ 00944D59948596721D17510C94CD3E4F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

18:47:44.0062 3260 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

18:47:44.0062 3260 LightScribeService - detected UnsignedFile.Multi.Generic (1)

18:47:44.0093 3260 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:47:44.0953 3260 LmHosts - ok

18:47:45.0000 3260 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

18:47:45.0031 3260 MBAMProtector - ok

18:47:45.0125 3260 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

18:47:45.0703 3260 MBAMScheduler - ok

18:47:45.0765 3260 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

18:47:46.0453 3260 MBAMService - ok

18:47:46.0859 3260 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:47:47.0296 3260 Messenger - ok

18:47:47.0328 3260 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:47:47.0750 3260 mnmdd - ok

18:47:47.0781 3260 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

18:47:48.0156 3260 mnmsrvc - ok

18:47:48.0203 3260 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:47:48.0578 3260 Modem - ok

18:47:48.0593 3260 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:47:49.0000 3260 Mouclass - ok

18:47:49.0031 3260 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:47:49.0437 3260 mouhid - ok

18:47:49.0484 3260 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:47:49.0859 3260 MountMgr - ok

18:47:49.0875 3260 mraid35x - ok

18:47:49.0906 3260 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:47:50.0281 3260 MRxDAV - ok

18:47:50.0343 3260 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:47:50.0437 3260 MRxSmb - ok

18:47:50.0484 3260 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe

18:47:50.0890 3260 MSDTC - ok

18:47:50.0937 3260 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:47:51.0328 3260 Msfs - ok

18:47:51.0328 3260 MSIServer - ok

18:47:51.0375 3260 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:47:51.0765 3260 MSKSSRV - ok

18:47:51.0796 3260 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:47:52.0218 3260 MSPCLOCK - ok

18:47:52.0250 3260 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:47:53.0359 3260 MSPQM - ok

18:47:53.0578 3260 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:47:54.0000 3260 mssmbios - ok

18:47:54.0046 3260 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:47:54.0109 3260 Mup - ok

18:47:54.0156 3260 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll

18:47:55.0187 3260 napagent - ok

18:47:55.0250 3260 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:47:56.0343 3260 NDIS - ok

18:47:56.0390 3260 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:47:56.0421 3260 NdisTapi - ok

18:47:56.0437 3260 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:47:57.0921 3260 Ndisuio - ok

18:47:58.0046 3260 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:47:58.0609 3260 NdisWan - ok

18:47:58.0656 3260 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:47:58.0687 3260 NDProxy - ok

18:47:58.0718 3260 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:47:59.0125 3260 NetBIOS - ok

18:47:59.0156 3260 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:47:59.0546 3260 NetBT - ok

18:47:59.0578 3260 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe

18:48:00.0406 3260 NetDDE - ok

18:48:00.0421 3260 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:48:00.0796 3260 NetDDEdsdm - ok

18:48:00.0828 3260 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:48:01.0218 3260 Netlogon - ok

18:48:01.0265 3260 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll

18:48:01.0671 3260 Netman - ok

18:48:01.0734 3260 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:48:01.0765 3260 NetTcpPortSharing - ok

18:48:01.0796 3260 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:48:02.0203 3260 NIC1394 - ok

18:48:02.0234 3260 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll

18:48:02.0453 3260 Nla - ok

18:48:02.0484 3260 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:48:02.0906 3260 Npfs - ok

18:48:02.0953 3260 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:48:03.0359 3260 Ntfs - ok

18:48:03.0390 3260 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

18:48:03.0765 3260 NtLmSsp - ok

18:48:03.0828 3260 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:48:04.0906 3260 NtmsSvc - ok

18:48:04.0953 3260 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

18:48:05.0421 3260 Null - ok

18:48:05.0500 3260 [ A1946DC75F5D9458783D236AADA04A09 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:48:05.0625 3260 nv - ok

18:48:05.0656 3260 [ 6635591C7E6C47F68524CAA27BB39F88 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

18:48:05.0718 3260 NVSvc - ok

18:48:05.0765 3260 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:48:06.0906 3260 NwlnkFlt - ok

18:48:06.0906 3260 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:48:07.0328 3260 NwlnkFwd - ok

18:48:07.0375 3260 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:48:07.0968 3260 ohci1394 - ok

18:48:07.0984 3260 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

18:48:08.0375 3260 Parport - ok

18:48:08.0421 3260 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:48:09.0546 3260 PartMgr - ok

18:48:09.0640 3260 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:48:11.0484 3260 ParVdm - ok

18:48:11.0765 3260 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:48:13.0453 3260 PCI - ok

18:48:13.0640 3260 PCIDump - ok

18:48:13.0890 3260 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:48:15.0234 3260 PCIIde - ok

18:48:15.0281 3260 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys

18:48:15.0828 3260 Pcmcia - ok

18:48:15.0843 3260 PDCOMP - ok

18:48:15.0859 3260 PDFRAME - ok

18:48:15.0906 3260 PDRELI - ok

18:48:15.0921 3260 PDRFRAME - ok

18:48:15.0937 3260 perc2 - ok

18:48:15.0953 3260 perc2hib - ok

18:48:16.0015 3260 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe

18:48:16.0234 3260 PlugPlay - ok

18:48:16.0281 3260 [ A38B3CE68E7F126190CDE4AA3FDF050F ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe

18:48:16.0531 3260 Pml Driver HPZ12 - ok

18:48:16.0546 3260 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:48:16.0937 3260 PolicyAgent - ok

18:48:16.0968 3260 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:48:17.0359 3260 PptpMiniport - ok

18:48:17.0437 3260 [ E16774ADF65A5BE9738D33B96E64F347 ] PRISM C:\WINDOWS\system32\DRIVERS\EXPRESS.sys

18:48:17.0531 3260 PRISM - ok

18:48:17.0562 3260 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:48:17.0937 3260 ProtectedStorage - ok

18:48:17.0984 3260 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

18:48:18.0359 3260 PSched - ok

18:48:18.0375 3260 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:48:18.0828 3260 Ptilink - ok

18:48:18.0875 3260 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:48:18.0906 3260 PxHelp20 - ok

18:48:18.0937 3260 ql1080 - ok

18:48:18.0953 3260 Ql10wnt - ok

18:48:18.0968 3260 ql12160 - ok

18:48:18.0984 3260 ql1240 - ok

18:48:19.0000 3260 ql1280 - ok

18:48:19.0031 3260 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:48:19.0421 3260 RasAcd - ok

18:48:19.0468 3260 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:48:19.0859 3260 RasAuto - ok

18:48:19.0890 3260 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:48:20.0281 3260 Rasl2tp - ok

18:48:20.0328 3260 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll

18:48:21.0421 3260 RasMan - ok

18:48:21.0453 3260 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:48:21.0859 3260 RasPppoe - ok

18:48:21.0875 3260 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:48:22.0390 3260 Raspti - ok

18:48:22.0437 3260 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:48:22.0843 3260 Rdbss - ok

18:48:22.0859 3260 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:48:23.0343 3260 RDPCDD - ok

18:48:23.0437 3260 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:48:23.0500 3260 RDPWD - ok

18:48:23.0546 3260 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:48:23.0984 3260 RDSessMgr - ok

18:48:24.0031 3260 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:48:24.0421 3260 redbook - ok

18:48:24.0453 3260 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

18:48:24.0859 3260 RemoteAccess - ok

18:48:24.0890 3260 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe

18:48:25.0265 3260 RpcLocator - ok

18:48:25.0312 3260 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\System32\rpcss.dll

18:48:25.0546 3260 RpcSs - ok

18:48:25.0593 3260 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe

18:48:26.0031 3260 RSVP - ok

18:48:26.0046 3260 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe

18:48:26.0406 3260 SamSs - ok

18:48:26.0453 3260 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:48:26.0843 3260 SCardSvr - ok

18:48:26.0890 3260 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:48:27.0281 3260 Schedule - ok

18:48:27.0343 3260 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:48:27.0750 3260 Secdrv - ok

18:48:27.0781 3260 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll

18:48:28.0171 3260 seclogon - ok

18:48:28.0218 3260 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll

18:48:29.0171 3260 SENS - ok

18:48:29.0203 3260 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

18:48:30.0000 3260 serenum - ok

18:48:30.0015 3260 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

18:48:31.0218 3260 Serial - ok

18:48:31.0968 3260 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:48:34.0140 3260 Sfloppy - ok

18:48:34.0203 3260 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:48:35.0375 3260 SharedAccess - ok

18:48:35.0421 3260 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:48:35.0468 3260 ShellHWDetection - ok

18:48:35.0484 3260 Simbad - ok

18:48:35.0531 3260 [ FCBB10EEBFBCE575CA48543F40DCF4BF ] sisagp C:\WINDOWS\system32\DRIVERS\SISAGPX.sys

18:48:36.0187 3260 sisagp - ok

18:48:36.0359 3260 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys

18:48:37.0468 3260 SISNIC - ok

18:48:37.0531 3260 Sparrow - ok

18:48:37.0578 3260 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:48:38.0484 3260 splitter - ok

18:48:38.0515 3260 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:48:38.0656 3260 Spooler - ok

18:48:38.0703 3260 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:48:40.0109 3260 sr - ok

18:48:40.0312 3260 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll

18:48:42.0218 3260 srservice - ok

18:48:42.0515 3260 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:48:43.0750 3260 Srv - ok

18:48:43.0812 3260 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:48:44.0531 3260 SSDPSRV - ok

18:48:44.0625 3260 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:48:46.0546 3260 stisvc - ok

18:48:46.0656 3260 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:48:48.0406 3260 swenum - ok

18:48:48.0453 3260 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:48:49.0625 3260 swmidi - ok

18:48:49.0625 3260 SwPrv - ok

18:48:49.0656 3260 symc810 - ok

18:48:49.0671 3260 symc8xx - ok

18:48:49.0687 3260 sym_hi - ok

18:48:49.0703 3260 sym_u3 - ok

18:48:49.0890 3260 [ DECAF721585F9DB53D60D70FD064B6BB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:48:51.0109 3260 SynTP - ok

18:48:51.0218 3260 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:48:51.0671 3260 sysaudio - ok

18:48:51.0734 3260 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:48:52.0281 3260 SysmonLog - ok

18:48:52.0484 3260 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:48:53.0515 3260 TapiSrv - ok

18:48:53.0593 3260 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:48:53.0968 3260 Tcpip - ok

18:48:54.0000 3260 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:48:54.0500 3260 TDPIPE - ok

18:48:54.0546 3260 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:48:55.0125 3260 TDTCP - ok

18:48:55.0140 3260 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:48:55.0703 3260 TermDD - ok

18:48:55.0765 3260 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll

18:48:56.0218 3260 TermService - ok

18:48:56.0265 3260 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll

18:48:56.0296 3260 Themes - ok

18:48:56.0328 3260 TosIde - ok

18:48:56.0390 3260 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:48:56.0843 3260 TrkWks - ok

18:48:56.0890 3260 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:48:57.0609 3260 Udfs - ok

18:48:57.0703 3260 ultra - ok

18:48:57.0859 3260 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:48:58.0390 3260 Update - ok

18:48:58.0437 3260 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll

18:48:59.0078 3260 upnphost - ok

18:48:59.0093 3260 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe

18:48:59.0625 3260 UPS - ok

18:48:59.0671 3260 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:49:00.0062 3260 usbccgp - ok

18:49:00.0109 3260 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:49:00.0578 3260 usbehci - ok

18:49:00.0640 3260 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:49:01.0171 3260 usbhub - ok

18:49:01.0218 3260 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

18:49:01.0750 3260 usbohci - ok

18:49:01.0796 3260 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:49:02.0390 3260 usbprint - ok

18:49:02.0421 3260 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:49:03.0703 3260 usbscan - ok

18:49:03.0796 3260 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:49:04.0343 3260 USBSTOR - ok

18:49:04.0375 3260 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:49:04.0828 3260 VgaSave - ok

18:49:04.0843 3260 ViaIde - ok

18:49:04.0890 3260 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:49:05.0281 3260 VolSnap - ok

18:49:05.0328 3260 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe

18:49:05.0734 3260 VSS - ok

18:49:05.0765 3260 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll

18:49:06.0296 3260 W32Time - ok

18:49:06.0328 3260 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:49:06.0828 3260 Wanarp - ok

18:49:06.0843 3260 WDICA - ok

18:49:06.0859 3260 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:49:07.0359 3260 wdmaud - ok

18:49:07.0437 3260 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll

18:49:07.0953 3260 WebClient - ok

18:49:08.0109 3260 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:49:08.0656 3260 winmgmt - ok

18:49:08.0718 3260 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:49:08.0875 3260 WmdmPmSN - ok

18:49:08.0921 3260 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:49:10.0687 3260 WmiApSrv - ok

18:49:11.0187 3260 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:49:12.0640 3260 WMPNetworkSvc - ok

18:49:12.0921 3260 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:49:14.0718 3260 WS2IFSL - ok

18:49:14.0859 3260 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:49:16.0234 3260 wscsvc - ok

18:49:16.0265 3260 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:49:16.0656 3260 wuauserv - ok

18:49:16.0750 3260 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:49:16.0828 3260 WudfPf - ok

18:49:16.0843 3260 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:49:16.0937 3260 WudfRd - ok

18:49:16.0968 3260 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:49:17.0046 3260 WudfSvc - ok

18:49:17.0140 3260 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:49:17.0562 3260 WZCSVC - ok

18:49:17.0609 3260 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:49:18.0015 3260 xmlprov - ok

18:49:18.0031 3260 ================ Scan global ===============================

18:49:18.0078 3260 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll

18:49:18.0109 3260 [ 6D43938F4980D62E091AE2F755FC259B ] C:\WINDOWS\system32\winsrv.dll

18:49:18.0140 3260 [ 6D43938F4980D62E091AE2F755FC259B ] C:\WINDOWS\system32\winsrv.dll

18:49:18.0171 3260 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe

18:49:18.0187 3260 [Global] - ok

18:49:18.0187 3260 ================ Scan MBR ==================================

18:49:18.0203 3260 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0

18:49:18.0453 3260 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

18:49:18.0453 3260 \Device\Harddisk0\DR0 - detected TDSS File System (1)

18:49:18.0453 3260 ================ Scan VBR ==================================

18:49:18.0468 3260 [ A6D810D90453049E63E9A4C4B54DC3D8 ] \Device\Harddisk0\DR0\Partition1

18:49:18.0468 3260 \Device\Harddisk0\DR0\Partition1 - ok

18:49:18.0500 3260 [ 6E82B092BF0E74F58A62EB517BFB1668 ] \Device\Harddisk0\DR0\Partition2

18:49:18.0500 3260 \Device\Harddisk0\DR0\Partition2 - ok

18:49:18.0515 3260 ============================================================

18:49:18.0515 3260 Scan finished

18:49:18.0515 3260 ============================================================

18:49:19.0062 4016 Detected object count: 3

18:49:19.0062 4016 Actual detected object count: 3

18:49:25.0250 4016 DKbFltr ( UnsignedFile.Multi.Generic ) - skipped by user

18:49:25.0250 4016 DKbFltr ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:49:25.0250 4016 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

18:49:25.0250 4016 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:49:25.0343 4016 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

18:49:25.0343 4016 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

18:49:25.0359 4016 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

18:49:25.0453 4016 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

18:49:25.0453 4016 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

18:49:25.0484 4016 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

18:49:25.0546 4016 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

18:49:25.0609 4016 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

18:49:25.0656 4016 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

18:49:25.0671 4016 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

18:49:25.0687 4016 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine

18:49:25.0703 4016 \Device\Harddisk0\DR0\TDLFS\socks.dll - copied to quarantine

18:49:25.0703 4016 \Device\Harddisk0\DR0\TDLFS - deleted

18:49:25.0703 4016 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

Jion · 4 juli 2013

De rootkit is netjes verwijderd nu. Maar laat ons voor de zekerheid nog eens om een second opinion vragen. ;-)

Download Malwarebytes Anti-Rootkit naar het bureaublad.

Klik hier voor de complete handleiding.

Pak het ZIP bestand uit en dubbelklik hierna op "mbar.exe" om de tool te starten.
Let op! Malwarebytes Anti-Rootkit dient onder een account met administrator rechten te worden uitgevoerd.
Klik in het introductiescherm op "next" om door te gaan.
Klik in het volgende scherm op Update om Malwarebytes Anti-Rootkit van de laatste definities te voorzien.
Klik als de update gereed is op "Next" en klik hierna op "Scan".
Als de scan gereed is en er geen malware is gedetecteerd klik dan op "Exit"
Indien er malware wordt gedetecteerd zorg dat de items zijn aangevinkt en klik op "Cleanup" en herstart de computer.
Open na de herstart de map van MBAR en plaats de twee onderstaande log bestanden als bijlage in het volgende bericht
"mbar-log-{datum} (xx-xx-xx).txt" & "system-log.txt"

steven02 · 5 juli 2013

Hoi,

Onderstaand de logs uit mbar. Er werd geen malware gedetecteerd.

Malwarebytes Anti-Rootkit BETA 1.06.0.1004

www.malwarebytes.org

Database version: v2013.07.05.02

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Mijzelf :: ACER1705SCI [administrator]

5/07/2013 18:01:27

mbar-log-2013-07-05 (18-01-27).txt

Scan type: Quick scan

Scan options disabled: PUP

Objects scanned: 227443

Time elapsed: 38 minute(s), 55 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.0.1004

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_20

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.066000 GHz

Memory total: 1071099904, free: 456122368

Downloaded database version: v2013.07.04.08

Initializing...

------------ Kernel report ------------

07/04/2013 22:03:08

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

compbatt.sys

\WINDOWS\system32\DRIVERS\BATTC.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

pcmcia.sys

MountMgr.sys

ftdisk.sys

ACPIEC.sys

\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

aswNdis2.sys

aswNdis.sys

SISAGPX.sys

Mup.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\System32\Drivers\DKbFltr.sys

\SystemRoot\System32\Drivers\aswKbd.SYS

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\AGRSM.sys

\SystemRoot\System32\Drivers\Modem.SYS

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\EXPRESS.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\System32\Drivers\aswFW.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\System32\Drivers\aswRdr.SYS

\SystemRoot\System32\drivers\ws2ifsl.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\System32\Drivers\Aavmker4.SYS

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\??\C:\WINDOWS\system32\drivers\mbam.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\System32\Drivers\aswMon2.SYS

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff86f71ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-e\

Lower Device Object: 0xffffffff86fd1940

Lower Device Driver Name: \Driver\atapi\

<<<2>>>

Device number: 0, partition: 1

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff86f71ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86fd4e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff86f71ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff86fd61a8, DeviceName: \Device\00000079\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff86fd1940, DeviceName: \Device\Ide\IdeDeviceP1T0L0-e\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\system32\drivers...

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scan Interrupted

Scan was aborted.

=======================================

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.0.1004

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_20

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.066000 GHz

Memory total: 1071099904, free: 805076992

=======================================

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.0.1004

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_20

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.066000 GHz

Memory total: 1071099904, free: 59092992

=======================================

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.0.1004

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_20

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.066000 GHz

Memory total: 1071099904, free: 107020288

Downloaded database version: v2013.07.04.09

Downloaded database version: v2013.07.04.10

Downloaded database version: v2013.07.05.01

Downloaded database version: v2013.07.05.02

Initializing...

------------ Kernel report ------------

07/05/2013 18:00:31

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

compbatt.sys

\WINDOWS\system32\DRIVERS\BATTC.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

pcmcia.sys

MountMgr.sys

ftdisk.sys

ACPIEC.sys

\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

aswNdis2.sys

aswNdis.sys

SISAGPX.sys

Mup.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\System32\Drivers\DKbFltr.sys

\SystemRoot\System32\Drivers\aswKbd.SYS

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\AGRSM.sys

\SystemRoot\System32\Drivers\Modem.SYS

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\EXPRESS.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\System32\Drivers\aswFW.SYS

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\System32\Drivers\aswRdr.SYS

\SystemRoot\System32\drivers\ws2ifsl.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\Drivers\Aavmker4.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\??\C:\WINDOWS\system32\drivers\mbam.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\System32\Drivers\aswMon2.SYS

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff86f71ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-e\

Lower Device Object: 0xffffffff86fd1940

Lower Device Driver Name: \Driver\atapi\

<<<2>>>

Device number: 0, partition: 1

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff86f71ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86fd4e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff86f71ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff86fd61a8, DeviceName: \Device\00000079\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff86fd1940, DeviceName: \Device\Ide\IdeDeviceP1T0L0-e\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\system32\drivers...

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 15C615C5

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 63 Numsec = 199286262

Partition file system is NTFS

Partition is bootable

Partition 1 type is Extended with LBA (0xf)

Partition is NOT ACTIVE.

Partition starts at LBA: 199286325 Numsec = 35150220

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 120034123776 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-234421648-234441648)...

Done!

Scan finished

=======================================

Removal queue found; removal started

Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...

Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...

Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...

Removal finished

Jion · 5 juli 2013

Heb je nu nog steeds die vastlopers?

steven02 · 6 juli 2013

MJa, ik heb niet de indruk dat het na alle scan's en opkuisen van besmette bestanden veel verbeterd is? Het surfen op internet ging voorheen veel vlotter. Ik merk ook dat heel frequent het max cpu vermogen benut wordt. grtn

Jion · 6 juli 2013

Post alvast ook eens een Speccy logje als je wilt.

Dan laat ik dat nakijken door een hardware specialist.

Download en installeer Speccy.

Tijdens de installatie heb je nu de mogelijkheid om Nederlands als taal te selecteren.

Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is.

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware

steven02 · 8 juli 2013

hopelijk levert dit nog iets op...

http://speccy.piriform.com/results/4fewp22WbIucmxaJhbyWLDJ

Jion · 8 juli 2013

Je Speccy logje is doorgestuurd naar de hardware specialisten.

Voer in afwachting van hun controle het volgende uit als je wilt:

Download de 32 of 64 bit versie van HitmanPro naar het bureaublad.

Klik hier voor een uitgebreide handleiding van HitmanPro.

Dubbelklik op "HitmanPro.exe" en klik op "volgende"
Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
Klik in het setup scherm nu nogmaals op "Volgende", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is.
Als de scan klaar is klik je op "volgende"
Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen.
Note: indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen.
Als het verwijderen gereed is klik je onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
Post dit logje.
Klik nu op de knop "Herstarten".

Jion · 8 juli 2013

Dit mag je ook nog doen:

Druk gelijktijdig de toetsen Ctrl-Alt en Delete in en kies nu "Taakbeheer starten".

Selecteer de Tab Processen en klik vervolgens onderaan op "Processen van alle gebruikers weergeven".

Klik nu op de hoofding van de kolom "processor" tot de processen die cpu verbruiken bovenaan staan.

Zo zie je welk proces het meeste van je cpu kracht vraagt.

Maak nu van je Taakbeheer een afbeelding en voeg dit toe als bijlage in je volgende bericht zodat wij kunnen zien welk Proces/Processen zorgt voor de hoge CPU belasting.;-)

Inloggen

langdurige opstart

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie