Vraag & Antwoord

Beveiliging & privacy

Hijackthis log - Computercrashes

19 antwoorden
  • Hallo, Kan iemand deze aub controleren? [b:65808e459f]EDIT: Raar genoeg, meteen nadat ik dit poste, 10 min ong, kreeg ik een Blue Screen. De computer sloot zichzelf ineens af. Dit heb ik al vaker meegemaakt. Wat is er aan de hand? Kun je dat aan deze logfile zien? Toen ik weer opstartte kreeg ik de melding Windows is onverwachts afgesloten en weer hersteld. Daarbij stond informatie. Ik denk dat het belangrijkste dit is (meer weten moet je even vragen) Bestanden die helpen bij het beschrijven van het probleem: C:\Windows\Minidump\052411-37580-01.dmp C:\Users\Nico\AppData\Local\Temp\WER-62119-0.sysdata.xml[/b:65808e459f] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:49:01, on 24-5-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\PokerStars\PokerStars.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1454723#1454723 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110516171514.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Nico\PartyPoker.lnk O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Nico\PartyPoker.lnk O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15400 bytes Alvast bedankt. NvdM
  • Hoi NvdM, drie logs wil ik de volgende keer van jou: 1) [url=http://www.resplendence.com/whocrashed]WhoCrashed introductie[/url] [url=http://www.softpedia.com/get/Antivirus/WhoCrashed.shtml]WhoCrashed beschrijving[/url] Download de [i:35937f28d7]free home edition[/i:35937f28d7] van [b:35937f28d7]WhoCrashed[/b:35937f28d7] naar je bureaublad via [url=http://www.resplendence.com/downloads]klik hier[/url] [img:35937f28d7]http://i65.servimg.com/u/f65/11/35/67/12/whocra10.png[/img:35937f28d7] en installeer het tool via klikken/dubbelklikken op "[b:35937f28d7]whocrashedSetup.exe[/b:35937f28d7]" Nadat 'WhoCrashed' is opgestart, klik je op de "[b:35937f28d7]Analyze[/b:35937f28d7]" knop. Selekteer nu de inhoud van het venster, kopieer dit en post het resultaat in je volgende post. 2) [b:35937f28d7]Welk programma[/b:35937f28d7]: MBRCheck.exe [b:35937f28d7]Waarvoor/waarom[/b:35937f28d7]: speciale scan op mbr-rootkits [b:35937f28d7]Moeilijkheidsgraad[/b:35937f28d7]: geen. [b:35937f28d7]Download [url=http://ad13.geekstogo.com/MBRCheck.exe]MBRCheck.exe[/url][/b:35937f28d7] [b:35937f28d7]MBRCheck.exe opstarten[/b:35937f28d7]: Windows 2000 en Windows XP: start "MBRCheck.exe" middels dubbelklik op "MBRCheck.exe". Windows Vista en Windows 7: start "MBRCheck.exe" middels rechtsklik op "MBRCheck.exe" en dan kiezen voor "Als Administrator uitvoeren". [list:35937f28d7][*:35937f28d7]een zwart scherm toont zich met enkele data erin. [*:35937f28d7]Op je bureaublad zal een logbestand met de naam "MBRcheckxxxx.txt" verschijnen. [*:35937f28d7]Kopieer nu de inhoud van dat log in je volgende post.[/list:u:35937f28d7] 3) [b:35937f28d7]Welk programma[/b:35937f28d7]: Kaspersky [b:35937f28d7]TDSSKiller[/b:35937f28d7] [b:35937f28d7]Waarvoor/waarom[/b:35937f28d7]: Rootkitscanner [b:35937f28d7]Moeilijkheidsgraad[/b:35937f28d7]: geen [b:35937f28d7]Downloadlokatie[/b:35937f28d7]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:35937f28d7]Download[/b:35937f28d7] [b:35937f28d7]TDSSKiller[/b:35937f28d7] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:35937f28d7]hier[/b:35937f28d7][/url]. [b:35937f28d7]Installatie[/b:35937f28d7]: [list:35937f28d7][*:35937f28d7] pak het bestand uit op je bureaublad.[/list:u:35937f28d7] [b:35937f28d7]TDSSKiller gebruiken[/b:35937f28d7]: [list:35937f28d7][*:35937f28d7]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:35937f28d7]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:35937f28d7]Als Administrator uitvoeren[/b:35937f28d7]. [*:35937f28d7] Nadat de scan klaar is, vindt je het log in de C:\ partitie [*:35937f28d7] Post de inhoud van dat log[/list:u:35937f28d7]
  • [b:482ff8e8fa]Welcome to WhoCrashed HOME EDITION v 3.01[/b:482ff8e8fa]-------------------------------------------------------------------------------- This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution. Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice. This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems. To obtain technical support visit www.resplendence.com/support To check if an update of this program is available, click here. Just click the Analyze button for a comprehensible report ... -------------------------------------------------------------------------------- Home Edition Notice -------------------------------------------------------------------------------- This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should ge the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features. Click here for more information on the professional edition. Click here to buy the the professional edition of WhoCrashed. -------------------------------------------------------------------------------- System Information (local) -------------------------------------------------------------------------------- computer name: NICO-LAPTOP windows version: Windows 7 Service Pack 1, 6.1, build: 7601 windows dir: C:\Windows CPU: GenuineIntel Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz Intel586, level: 6 4 logical processors, active mask: 15 RAM: 4151148544 total VM: 2147352576, free: 1961287680 -------------------------------------------------------------------------------- Crash Dump Analysis -------------------------------------------------------------------------------- Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Tue 24-5-2011 15:25:32 GMT your computer crashed crash dump file: C:\Windows\Minidump\052411-37580-01.dmp This was probably caused by the following module: ntoskrnl.exe (nt+0x7FD00) Bugcheck code: 0x19 (0x22, 0x480000000000, 0x0, 0x0) Error: BAD_POOL_HEADER file path: C:\Windows\system32\ntoskrnl.exe product: Microsoft® Windows® Operating System company: Microsoft Corporation description: NT Kernel & System Bug check description: This indicates that a pool header is corrupt. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules. The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time. On Tue 24-5-2011 15:25:32 GMT your computer crashed crash dump file: C:\Windows\memory.dmp This was probably caused by the following module: win32k.sys (win32k!memset+0x235A) Bugcheck code: 0x19 (0x22, 0x480000000000, 0x0, 0x0) Error: BAD_POOL_HEADER file path: C:\Windows\system32\win32k.sys product: Besturingssysteem Microsoft® Windows® company: Microsoft Corporation description: Multi-User Win32-stuurprogramma Bug check description: This indicates that a pool header is corrupt. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules. The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time. On Sat 7-5-2011 12:33:15 GMT your computer crashed crash dump file: C:\Windows\Minidump\050711-21902-01.dmp This was probably caused by the following module: atikmpag.sys (atikmpag+0x640C) Bugcheck code: 0x116 (0xFFFFFA8006995370, 0xFFFFF88002EBC40C, 0x0, 0x2) Error: VIDEO_TDR_ERROR file path: C:\Windows\system32\drivers\atikmpag.sys product: AMD driver company: Advanced Micro Devices, Inc. description: AMD multi-vendor Miniport Driver Bug check description: This indicates that an attempt to reset the display driver and recover from a timeout failed. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: atikmpag.sys (AMD multi-vendor Miniport Driver, Advanced Micro Devices, Inc.). Google query: atikmpag.sys Advanced Micro Devices, Inc. VIDEO_TDR_ERROR [b:482ff8e8fa]2[/b:482ff8e8fa]On Mon 2-5-2011 13:10:09 GMT your computer crashed crash dump file: C:\Windows\Minidump\050211-17331-01.dmp This was probably caused by the following module: ntoskrnl.exe (nt+0x70740) Bugcheck code: 0x1A (0x41790, 0xFFFFFA80008D0000, 0xFFFF, 0x0) Error: MEMORY_MANAGEMENT file path: C:\Windows\system32\ntoskrnl.exe product: Microsoft® Windows® Operating System company: Microsoft Corporation description: NT Kernel & System Bug check description: This indicates that a severe memory management error occurred. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules. The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time. -------------------------------------------------------------------------------- Conclusion -------------------------------------------------------------------------------- 4 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers: atikmpag.sys (AMD multi-vendor Miniport Driver, Advanced Micro Devices, Inc.) If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems. Read the topic general suggestions for troubleshooting system crashes for more information. Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further. MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: TOSHIBA BIOS Manufacturer: INSYDE System Manufacturer: TOSHIBA System Product Name: Satellite L650 Logical Drives Mask: 0x0000001c Kernel Drivers (total 202): 0x03062000 \SystemRoot\system32\ntoskrnl.exe 0x03019000 \SystemRoot\system32\hal.dll 0x00BB7000 \SystemRoot\system32\kdcom.dll 0x00CE1000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00D30000 \SystemRoot\system32\PSHED.dll 0x00D44000 \SystemRoot\system32\CLFS.SYS 0x00C00000 \SystemRoot\system32\CI.dll 0x00E19000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00EBD000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00ECC000 \SystemRoot\system32\drivers\ACPI.sys 0x00F23000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00F2C000 \SystemRoot\system32\drivers\msisadrv.sys 0x00F36000 \SystemRoot\system32\drivers\pci.sys 0x00F69000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00F76000 \SystemRoot\System32\drivers\partmgr.sys 0x00F8B000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x00F94000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x00FA0000 \SystemRoot\system32\drivers\volmgr.sys 0x00DA2000 \SystemRoot\System32\drivers\volmgrx.sys 0x00FB5000 \SystemRoot\System32\drivers\mountmgr.sys 0x00FCF000 \SystemRoot\system32\drivers\pciide.sys 0x00FD6000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x01002000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x0120A000 \SystemRoot\system32\drivers\atapi.sys 0x01213000 \SystemRoot\system32\drivers\ataport.SYS 0x0123D000 \SystemRoot\system32\drivers\msahci.sys 0x01248000 \SystemRoot\system32\drivers\amdxata.sys 0x01253000 \SystemRoot\system32\drivers\fltmgr.sys 0x0129F000 \SystemRoot\system32\drivers\fileinfo.sys 0x012B3000 \SystemRoot\system32\drivers\mfehidk.sys 0x01459000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01333000 \SystemRoot\System32\Drivers\msrpc.sys 0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0167C000 \SystemRoot\System32\Drivers\cng.sys 0x016EE000 \SystemRoot\System32\drivers\pcw.sys 0x016FF000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01709000 \SystemRoot\system32\drivers\ndis.sys 0x01600000 \SystemRoot\system32\drivers\NETIO.SYS 0x0141B000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x018D1000 \SystemRoot\System32\drivers\tcpip.sys 0x01AD5000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01B1F000 \SystemRoot\system32\drivers\mfewfpk.sys 0x01B63000 \SystemRoot\system32\drivers\TDI.SYS 0x01B70000 \SystemRoot\system32\DRIVERS\wd.sys 0x01B78000 \SystemRoot\system32\drivers\volsnap.sys 0x01BC4000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS 0x01BC9000 \SystemRoot\System32\Drivers\spldr.sys 0x01800000 \SystemRoot\System32\drivers\rdyboost.sys 0x0183A000 \SystemRoot\System32\Drivers\mup.sys 0x0184C000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01855000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x0188F000 \SystemRoot\system32\DRIVERS\disk.sys 0x01391000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x04458000 \SystemRoot\system32\drivers\cdrom.sys 0x04482000 \SystemRoot\System32\Drivers\Null.SYS 0x0448B000 \SystemRoot\System32\Drivers\Beep.SYS 0x04492000 \SystemRoot\System32\drivers\vga.sys 0x044A0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x044C5000 \SystemRoot\System32\drivers\watchdog.sys 0x044D5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x044DE000 \SystemRoot\system32\drivers\rdpencdd.sys 0x044E7000 \SystemRoot\system32\drivers\rdprefmp.sys 0x044F0000 \SystemRoot\System32\Drivers\Msfs.SYS 0x044FB000 \SystemRoot\System32\Drivers\Npfs.SYS 0x0450C000 \SystemRoot\system32\DRIVERS\tdx.sys 0x0452E000 \SystemRoot\System32\DRIVERS\netbt.sys 0x04573000 \SystemRoot\system32\drivers\afd.sys 0x04200000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x04209000 \SystemRoot\system32\DRIVERS\pacer.sys 0x018B3000 \SystemRoot\system32\DRIVERS\mfenlfk.sys 0x01BD1000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x01BE7000 \SystemRoot\system32\DRIVERS\netbios.sys 0x01660000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x013C1000 \SystemRoot\system32\drivers\termdd.sys 0x040EB000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x0413C000 \SystemRoot\system32\drivers\nsiproxy.sys 0x04148000 \SystemRoot\system32\drivers\mssmbios.sys 0x04153000 \SystemRoot\System32\drivers\discache.sys 0x04162000 \SystemRoot\System32\Drivers\dfsc.sys 0x04180000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x04191000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x041B7000 \SystemRoot\system32\DRIVERS\TVALZFL.sys 0x041BE000 \SystemRoot\system32\DRIVERS\FwLnk.sys 0x041C6000 \SystemRoot\system32\DRIVERS\atikmpag.sys 0x04A02000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x050AD000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x051A1000 \SystemRoot\System32\drivers\dxgmms1.sys 0x04000000 \SystemRoot\system32\drivers\HDAudBus.sys 0x051E7000 \SystemRoot\system32\DRIVERS\HECIx64.sys 0x04024000 \SystemRoot\system32\drivers\usbehci.sys 0x04035000 \SystemRoot\system32\drivers\USBPORT.SYS 0x0408B000 \SystemRoot\system32\DRIVERS\L1C62x64.sys 0x04609000 \SystemRoot\system32\DRIVERS\rtl8192se.sys 0x04736000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x04743000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x04748000 \SystemRoot\system32\drivers\i8042prt.sys 0x04766000 \SystemRoot\system32\drivers\kbdclass.sys 0x04775000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x047C7000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x047C9000 \SystemRoot\system32\drivers\mouclass.sys 0x047D8000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys 0x040A0000 \SystemRoot\system32\DRIVERS\Impcd.sys 0x047E2000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x040C7000 \SystemRoot\system32\drivers\CompositeBus.sys 0x013D5000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x00FE6000 \SystemRoot\system32\DRIVERS\HssDrv.sys 0x05237000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x0525B000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x05267000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x05296000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x052B1000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x052D2000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x052EC000 \SystemRoot\system32\DRIVERS\taphss.sys 0x052F9000 \SystemRoot\system32\drivers\swenum.sys 0x052FB000 \SystemRoot\system32\drivers\ks.sys 0x0533E000 \SystemRoot\system32\drivers\umbus.sys 0x05350000 \SystemRoot\system32\drivers\usbhub.sys 0x053AA000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x05A7C000 \SystemRoot\system32\drivers\CHDMI64.sys 0x05B30000 \SystemRoot\system32\drivers\portcls.sys 0x05B6D000 \SystemRoot\system32\drivers\drmk.sys 0x05B8F000 \SystemRoot\system32\drivers\ksthunk.sys 0x05C42000 \SystemRoot\system32\drivers\CHDRT64.sys 0x05CF5000 \SystemRoot\system32\drivers\mfeavfk.sys 0x05D22000 \SystemRoot\system32\drivers\mfefirek.sys 0x00050000 \SystemRoot\System32\win32k.sys 0x05D8C000 \SystemRoot\System32\drivers\Dxapi.sys 0x05D98000 \SystemRoot\System32\Drivers\crashdmp.sys 0x0422F000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x05DA6000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x05DB9000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x05DD6000 \SystemRoot\system32\drivers\hidusb.sys 0x05DE4000 \SystemRoot\system32\drivers\HIDCLASS.SYS 0x05C00000 \SystemRoot\system32\drivers\HIDPARSE.SYS 0x05C09000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x05C16000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00400000 \SystemRoot\System32\TSDDD.dll 0x006D0000 \SystemRoot\System32\cdd.dll 0x05B95000 \SystemRoot\System32\Drivers\usbvideo.sys 0x00860000 \SystemRoot\System32\ATMFD.DLL 0x05C24000 \SystemRoot\system32\DRIVERS\pgeffect.sys 0x05BC3000 \SystemRoot\system32\drivers\luafv.sys 0x05A00000 \SystemRoot\system32\drivers\WudfPf.sys 0x05C2B000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x05A21000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x05BE6000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x053BF000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x03A0C000 \SystemRoot\system32\drivers\HTTP.sys 0x03AD5000 \SystemRoot\system32\DRIVERS\bowser.sys 0x03AF3000 \SystemRoot\System32\drivers\mpsdrv.sys 0x03B0B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x03B38000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x03B85000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x03BA9000 \SystemRoot\System32\Drivers\adfs.SYS 0x05E9C000 \SystemRoot\system32\drivers\peauth.sys 0x05F42000 \SystemRoot\System32\Drivers\secdrv.SYS 0x05F4D000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x05F7E000 \SystemRoot\System32\drivers\tcpipreg.sys 0x05F90000 \SystemRoot\System32\DRIVERS\srv2.sys 0x0709C000 \SystemRoot\System32\DRIVERS\srv.sys 0x07134000 \SystemRoot\system32\drivers\cfwids.sys 0x07142000 \SystemRoot\system32\drivers\mfeapfk.sys 0x771A0000 \Windows\System32\ntdll.dll 0x47BF0000 \Windows\System32\smss.exe 0xFF4C0000 \Windows\System32\apisetschema.dll 0xFF6A0000 \Windows\System32\autochk.exe 0x77370000 \Windows\System32\psapi.dll 0x770A0000 \Windows\System32\user32.dll 0x76F40000 \Windows\System32\wininet.dll 0xFF450000 \Windows\System32\Wldap32.dll 0xFF270000 \Windows\System32\setupapi.dll 0xFF1D0000 \Windows\System32\clbcatq.dll 0xFF0A0000 \Windows\System32\rpcrt4.dll 0xFF030000 \Windows\System32\gdi32.dll 0xFF010000 \Windows\System32\imagehlp.dll 0xFEF40000 \Windows\System32\usp10.dll 0xFEE30000 \Windows\System32\msctf.dll 0xFED50000 \Windows\System32\advapi32.dll 0xFEB40000 \Windows\System32\ole32.dll 0xFEB10000 \Windows\System32\imm32.dll 0xFEAF0000 \Windows\System32\sechost.dll 0x76E20000 \Windows\System32\kernel32.dll 0xFEAE0000 \Windows\System32\nsi.dll 0x76C10000 \Windows\System32\iertutil.dll 0xFEA60000 \Windows\System32\shlwapi.dll 0xFE9C0000 \Windows\System32\msvcrt.dll 0x77360000 \Windows\System32\normaliz.dll 0xFDC30000 \Windows\System32\shell32.dll 0xFDBB0000 \Windows\System32\difxapi.dll 0xFDB60000 \Windows\System32\ws2_32.dll 0xFDAC0000 \Windows\System32\comdlg32.dll 0xFDAB0000 \Windows\System32\lpk.dll 0xFD9D0000 \Windows\System32\oleaut32.dll 0x76AC0000 \Windows\System32\urlmon.dll 0xFD860000 \Windows\System32\crypt32.dll 0xFD7F0000 \Windows\System32\KernelBase.dll 0xFD7D0000 \Windows\System32\devobj.dll 0xFD790000 \Windows\System32\wintrust.dll 0xFD6F0000 \Windows\System32\comctl32.dll 0xFD6B0000 \Windows\System32\cfgmgr32.dll 0xFD6A0000 \Windows\System32\msasn1.dll 0x77350000 \Windows\SysWOW64\normaliz.dll Processes (total 98): 0 System Idle Process 4 System 336 C:\Windows\System32\smss.exe 540 csrss.exe 592 C:\Windows\System32\wininit.exe 612 csrss.exe 664 C:\Windows\System32\services.exe 688 C:\Windows\System32\winlogon.exe 700 C:\Windows\System32\lsass.exe 728 C:\Windows\System32\lsm.exe 816 C:\Windows\System32\svchost.exe 908 C:\Windows\System32\svchost.exe 956 C:\Windows\System32\atiesrxx.exe 120 C:\Windows\System32\svchost.exe 360 C:\Windows\System32\svchost.exe 460 C:\Windows\System32\svchost.exe 768 C:\Windows\System32\audiodg.exe 1036 C:\Windows\System32\svchost.exe 1120 C:\Windows\System32\svchost.exe 1360 C:\Windows\System32\spoolsv.exe 1388 C:\Windows\System32\svchost.exe 1428 C:\Windows\System32\atieclxx.exe 1584 C:\Windows\System32\svchost.exe 1612 C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe 1736 C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe 1772 C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe 1812 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 1840 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe 1864 C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe 1956 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 1988 C:\Windows\System32\rundll32.exe 1996 C:\Windows\SysWOW64\rundll32.exe 1232 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1608 C:\Windows\System32\svchost.exe 1680 C:\Windows\System32\svchost.exe 1236 C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe 1904 C:\Windows\System32\TODDSrv.exe 1112 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 2116 C:\Program Files\TOSHIBA\TECO\TecoService.exe 2168 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe 2228 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe 2876 C:\Windows\System32\svchost.exe 2896 C:\Windows\System32\taskhost.exe 3212 C:\Windows\System32\dwm.exe 3272 C:\Windows\explorer.exe 3424 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3476 C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe 3488 C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe 3500 C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe 3588 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe 3604 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe 3700 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe 3740 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe 3832 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3860 C:\Program Files\TOSHIBA\TECO\Teco.exe 3944 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 3968 C:\Program Files\Windows Sidebar\sidebar.exe 4068 C:\Program Files (x86)\uTorrent\uTorrent.exe 3156 C:\Windows\System32\StikyNot.exe 512 C:\Windows\System32\SearchIndexer.exe 992 C:\Program Files\mcafee.com\agent\mcagent.exe 1004 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe 3688 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 3108 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 4188 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 4548 C:\Program Files\Windows Media Player\wmpnetwk.exe 4316 C:\Windows\System32\taskeng.exe 4516 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe 5104 C:\Windows\System32\svchost.exe 4792 C:\Program Files (x86)\PokerStars\PokerStars.exe 5148 C:\Program Files (x86)\Mozilla Firefox\firefox.exe 5188 C:\PROGRA~2\INTERN~1\iexplore.exe 5288 C:\PROGRA~2\INTERN~1\iexplore.exe 5184 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe 2780 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe 4780 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 5708 C:\Program Files (x86)\Nero\Update\NASvc.exe 6076 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 3916 C:\Windows\System32\svchost.exe 5172 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 2796 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe 5440 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 6676 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe 6836 C:\Windows\servicing\TrustedInstaller.exe 6980 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 7140 C:\PROGRA~2\INTERN~1\iexplore.exe 4812 C:\Windows\System32\svchost.exe 3748 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe 5384 C:\Windows\System32\SearchProtocolHost.exe 5444 C:\Windows\System32\SearchFilterHost.exe 6232 C:\Windows\System32\SearchProtocolHost.exe 3088 C:\Program Files\WhoCrashed\whocrashedex.exe 6008 C:\Windows\System32\svchost.exe 1352 C:\PROGRA~2\INTERN~1\iexplore.exe 5668 dllhost.exe 7068 dllhost.exe 5540 C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNW5WDL0\MBRCheck.exe 6052 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`19100000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000025`4d300000 (NTFS) PhysicalDrive0 Model Number: HitachiHTS545032B9A300, Rev: PB3OC64G Size Device Name MBR Status -------------------------------------------- 298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 Done! [b:482ff8e8fa] 3[/b:482ff8e8fa] 2011/05/25 15:57:11.0700 1560 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24 2011/05/25 15:57:13.0701 1560 ================================================================================ 2011/05/25 15:57:13.0701 1560 SystemInfo: 2011/05/25 15:57:13.0701 1560 2011/05/25 15:57:13.0701 1560 OS Version: 6.1.7601 ServicePack: 1.0 2011/05/25 15:57:13.0701 1560 Product type: Workstation 2011/05/25 15:57:13.0701 1560 ComputerName: NICO-LAPTOP 2011/05/25 15:57:13.0701 1560 UserName: Nico 2011/05/25 15:57:13.0701 1560 Windows directory: C:\Windows 2011/05/25 15:57:13.0701 1560 System windows directory: C:\Windows 2011/05/25 15:57:13.0701 1560 Running under WOW64 2011/05/25 15:57:13.0701 1560 Processor architecture: Intel x64 2011/05/25 15:57:13.0701 1560 Number of processors: 4 2011/05/25 15:57:13.0701 1560 Page size: 0x1000 2011/05/25 15:57:13.0701 1560 Boot type: Normal boot 2011/05/25 15:57:13.0701 1560 ================================================================================ 2011/05/25 15:57:14.0294 1560 Initialize success 2011/05/25 15:58:37.0308 4808 ================================================================================ 2011/05/25 15:58:37.0308 4808 Scan started 2011/05/25 15:58:37.0308 4808 Mode: Manual; 2011/05/25 15:58:37.0308 4808 ================================================================================ 2011/05/25 15:58:37.0838 4808 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 2011/05/25 15:58:37.0948 4808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 2011/05/25 15:58:38.0078 4808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 2011/05/25 15:58:38.0268 4808 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 2011/05/25 15:58:38.0358 4808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/05/25 15:58:38.0488 4808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/05/25 15:58:38.0548 4808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/05/25 15:58:38.0638 4808 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys 2011/05/25 15:58:38.0748 4808 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys 2011/05/25 15:58:38.0918 4808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 2011/05/25 15:58:38.0978 4808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 2011/05/25 15:58:39.0128 4808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 2011/05/25 15:58:39.0188 4808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/05/25 15:58:39.0368 4808 amdkmdag (f05b22ce901fc26ae55a1a27aa674d96) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/05/25 15:58:39.0498 4808 amdkmdap (ed25d58581b5a28593c277f482fccd62) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/05/25 15:58:39.0548 4808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/05/25 15:58:39.0698 4808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 2011/05/25 15:58:39.0778 4808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/05/25 15:58:39.0898 4808 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 2011/05/25 15:58:39.0958 4808 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 2011/05/25 15:58:40.0118 4808 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/05/25 15:58:40.0138 4808 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/05/25 15:58:40.0198 4808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/05/25 15:58:40.0318 4808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 2011/05/25 15:58:40.0538 4808 atikmdag (f05b22ce901fc26ae55a1a27aa674d96) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/05/25 15:58:40.0718 4808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/05/25 15:58:40.0838 4808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/05/25 15:58:40.0888 4808 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/05/25 15:58:41.0008 4808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/05/25 15:58:41.0058 4808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 2011/05/25 15:58:41.0088 4808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/05/25 15:58:41.0170 4808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/05/25 15:58:41.0233 4808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/05/25 15:58:41.0264 4808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/05/25 15:58:41.0295 4808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/05/25 15:58:41.0311 4808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/05/25 15:58:41.0326 4808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/05/25 15:58:41.0438 4808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/05/25 15:58:41.0508 4808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 2011/05/25 15:58:41.0638 4808 cfwids (676535b3156fecf7133cf80b4d2f6cf7) C:\Windows\system32\drivers\cfwids.sys 2011/05/25 15:58:41.0778 4808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/05/25 15:58:41.0828 4808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/05/25 15:58:41.0938 4808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/05/25 15:58:41.0998 4808 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 2011/05/25 15:58:42.0048 4808 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 2011/05/25 15:58:42.0178 4808 CnxtHdAudService (25c58ee97be0416a373e3e4f855206b5) C:\Windows\system32\drivers\CHDRT64.sys 2011/05/25 15:58:42.0288 4808 CnxtHdmiAudService (89c99ab4ae9535f727791592d84d4821) C:\Windows\system32\drivers\CHDMI64.sys 2011/05/25 15:58:42.0428 4808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/05/25 15:58:42.0458 4808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 2011/05/25 15:58:42.0508 4808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/05/25 15:58:42.0648 4808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 2011/05/25 15:58:42.0708 4808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/05/25 15:58:42.0838 4808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/05/25 15:58:42.0928 4808 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/05/25 15:58:43.0018 4808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 2011/05/25 15:58:43.0208 4808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/05/25 15:58:43.0468 4808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/05/25 15:58:43.0588 4808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 2011/05/25 15:58:43.0639 4808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/05/25 15:58:43.0670 4808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/05/25 15:58:43.0789 4808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/05/25 15:58:43.0859 4808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/05/25 15:58:43.0949 4808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/05/25 15:58:44.0109 4808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/05/25 15:58:44.0159 4808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 2011/05/25 15:58:44.0209 4808 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/05/25 15:58:44.0349 4808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/05/25 15:58:44.0419 4808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/05/25 15:58:44.0539 4808 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\Windows\system32\DRIVERS\FwLnk.sys 2011/05/25 15:58:44.0609 4808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/05/25 15:58:44.0669 4808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/05/25 15:58:44.0829 4808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 2011/05/25 15:58:44.0899 4808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 2011/05/25 15:58:44.0939 4808 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 2011/05/25 15:58:45.0049 4808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/05/25 15:58:45.0079 4808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/05/25 15:58:45.0119 4808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/05/25 15:58:45.0189 4808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 2011/05/25 15:58:45.0349 4808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 2011/05/25 15:58:45.0439 4808 HssDrv (a60c877e1cd3aa2e4e5ccd8af305c0f1) C:\Windows\system32\DRIVERS\HssDrv.sys 2011/05/25 15:58:45.0649 4808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 2011/05/25 15:58:45.0749 4808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 2011/05/25 15:58:45.0789 4808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 2011/05/25 15:58:45.0839 4808 iaStor (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys 2011/05/25 15:58:45.0949 4808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 2011/05/25 15:58:46.0049 4808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/05/25 15:58:46.0169 4808 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys 2011/05/25 15:58:46.0229 4808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 2011/05/25 15:58:46.0269 4808 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/05/25 15:58:46.0389 4808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/05/25 15:58:46.0479 4808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 2011/05/25 15:58:46.0629 4808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/05/25 15:58:46.0669 4808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/05/25 15:58:46.0719 4808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 2011/05/25 15:58:46.0839 4808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 2011/05/25 15:58:46.0929 4808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 2011/05/25 15:58:47.0039 4808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 2011/05/25 15:58:47.0119 4808 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 2011/05/25 15:58:47.0159 4808 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 2011/05/25 15:58:47.0269 4808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/05/25 15:58:47.0319 4808 L1C (55480b9c63f3f91a8ebbadcbf28fe581) C:\Windows\system32\DRIVERS\L1C62x64.sys 2011/05/25 15:58:47.0469 4808 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/05/25 15:58:47.0619 4808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/05/25 15:58:47.0639 4808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/05/25 15:58:47.0659 4808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/05/25 15:58:47.0669 4808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/05/25 15:58:47.0699 4808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/05/25 15:58:47.0859 4808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/05/25 15:58:47.0899 4808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/05/25 15:58:47.0969 4808 mfeapfk (31338e489314ae2a29534fbaa7ad2f1b) C:\Windows\system32\drivers\mfeapfk.sys 2011/05/25 15:58:48.0089 4808 mfeavfk (5822e70233218bcf22a65fcea74d012d) C:\Windows\system32\drivers\mfeavfk.sys 2011/05/25 15:58:48.0329 4808 mfefirek (5a24e7c834576313d8c5eaf0825da844) C:\Windows\system32\drivers\mfefirek.sys 2011/05/25 15:58:48.0429 4808 mfehidk (a2607740bb18d631da01e01dcb81843b) C:\Windows\system32\drivers\mfehidk.sys 2011/05/25 15:58:48.0559 4808 mfenlfk (50c3a9d7465d385061c0601deefb5a8e) C:\Windows\system32\DRIVERS\mfenlfk.sys 2011/05/25 15:58:48.0589 4808 mferkdet (edf5ee799a0b3ed6dce8bb16a51f3d1f) C:\Windows\system32\drivers\mferkdet.sys 2011/05/25 15:58:48.0689 4808 mfewfpk (9182faf9addd5ea6308d155ceb502c6f) C:\Windows\system32\drivers\mfewfpk.sys 2011/05/25 15:58:48.0799 4808 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/05/25 15:58:48.0829 4808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/05/25 15:58:48.0949 4808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 2011/05/25 15:58:49.0029 4808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/05/25 15:58:49.0129 4808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 2011/05/25 15:58:49.0179 4808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 2011/05/25 15:58:49.0249 4808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/05/25 15:58:49.0289 4808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 2011/05/25 15:58:49.0459 4808 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/05/25 15:58:49.0489 4808 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/05/25 15:58:49.0529 4808 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/05/25 15:58:49.0579 4808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 2011/05/25 15:58:49.0689 4808 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 2011/05/25 15:58:49.0799 4808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/05/25 15:58:49.0829 4808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/05/25 15:58:49.0929 4808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 2011/05/25 15:58:49.0989 4808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/05/25 15:58:50.0099 4808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/05/25 15:58:50.0139 4808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/05/25 15:58:50.0179 4808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 2011/05/25 15:58:50.0219 4808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 2011/05/25 15:58:50.0339 4808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/05/25 15:58:50.0359 4808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/05/25 15:58:50.0399 4808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/05/25 15:58:50.0509 4808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/05/25 15:58:50.0599 4808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 2011/05/25 15:58:50.0719 4808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/05/25 15:58:50.0759 4808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/05/25 15:58:50.0799 4808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/05/25 15:58:50.0899 4808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/05/25 15:58:50.0949 4808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 2011/05/25 15:58:51.0039 4808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/05/25 15:58:51.0159 4808 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 2011/05/25 15:58:51.0249 4808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/05/25 15:58:51.0359 4808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/05/25 15:58:51.0389 4808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/05/25 15:58:51.0469 4808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 2011/05/25 15:58:51.0569 4808 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/05/25 15:58:51.0619 4808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 2011/05/25 15:58:51.0689 4808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 2011/05/25 15:58:51.0819 4808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 2011/05/25 15:58:51.0869 4808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 2011/05/25 15:58:51.0989 4808 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/05/25 15:58:52.0049 4808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 2011/05/25 15:58:52.0099 4808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 2011/05/25 15:58:52.0169 4808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 2011/05/25 15:58:52.0229 4808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/05/25 15:58:52.0269 4808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/05/25 15:58:52.0299 4808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/05/25 15:58:52.0459 4808 PGEffect (663962900e7fea522126ba287715bb4a) C:\Windows\system32\DRIVERS\pgeffect.sys 2011/05/25 15:58:52.0549 4808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 2011/05/25 15:58:52.0649 4808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/05/25 15:58:52.0719 4808 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 2011/05/25 15:58:52.0849 4808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/05/25 15:58:53.0009 4808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/05/25 15:58:53.0039 4808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/05/25 15:58:53.0089 4808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/05/25 15:58:53.0149 4808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/05/25 15:58:53.0289 4808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/05/25 15:58:53.0389 4808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/05/25 15:58:53.0459 4808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/05/25 15:58:53.0529 4808 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 2011/05/25 15:58:53.0569 4808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/05/25 15:58:53.0639 4808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/05/25 15:58:53.0699 4808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/05/25 15:58:53.0729 4808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/05/25 15:58:53.0769 4808 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 2011/05/25 15:58:53.0909 4808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 2011/05/25 15:58:54.0009 4808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/05/25 15:58:54.0089 4808 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys 2011/05/25 15:58:54.0219 4808 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\Windows\system32\DRIVERS\rtl8192se.sys 2011/05/25 15:58:54.0309 4808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 2011/05/25 15:58:54.0419 4808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 2011/05/25 15:58:54.0559 4808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/05/25 15:58:54.0629 4808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/05/25 15:58:54.0649 4808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/05/25 15:58:54.0699 4808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/05/25 15:58:54.0799 4808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 2011/05/25 15:58:54.0869 4808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 2011/05/25 15:58:54.0889 4808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 2011/05/25 15:58:54.0959 4808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/05/25 15:58:55.0029 4808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/05/25 15:58:55.0079 4808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/05/25 15:58:55.0119 4808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/05/25 15:58:55.0189 4808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/05/25 15:58:55.0259 4808 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys 2011/05/25 15:58:55.0369 4808 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys 2011/05/25 15:58:55.0419 4808 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys 2011/05/25 15:58:55.0609 4808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/05/25 15:58:55.0699 4808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 2011/05/25 15:58:55.0769 4808 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\Windows\system32\DRIVERS\SynTP.sys 2011/05/25 15:58:55.0869 4808 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys 2011/05/25 15:58:55.0979 4808 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys 2011/05/25 15:58:56.0139 4808 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys 2011/05/25 15:58:56.0269 4808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 2011/05/25 15:58:56.0339 4808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys 2011/05/25 15:58:56.0429 4808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/05/25 15:58:56.0459 4808 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/05/25 15:58:56.0499 4808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 2011/05/25 15:58:56.0639 4808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 2011/05/25 15:58:56.0839 4808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/05/25 15:58:56.0949 4808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 2011/05/25 15:58:57.0109 4808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 2011/05/25 15:58:57.0179 4808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 2011/05/25 15:58:57.0219 4808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys 2011/05/25 15:58:57.0309 4808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/05/25 15:58:57.0369 4808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 2011/05/25 15:58:57.0549 4808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 2011/05/25 15:58:57.0589 4808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 2011/05/25 15:58:57.0629 4808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/05/25 15:58:57.0749 4808 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/05/25 15:58:57.0799 4808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 2011/05/25 15:58:57.0909 4808 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys 2011/05/25 15:58:57.0949 4808 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys 2011/05/25 15:58:57.0979 4808 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 2011/05/25 15:58:58.0089 4808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/05/25 15:58:58.0129 4808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS 2011/05/25 15:58:58.0199 4808 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 2011/05/25 15:58:58.0309 4808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 2011/05/25 15:58:58.0369 4808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 2011/05/25 15:58:58.0419 4808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/05/25 15:58:58.0509 4808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/05/25 15:58:58.0559 4808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 2011/05/25 15:58:58.0669 4808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 2011/05/25 15:58:58.0709 4808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 2011/05/25 15:58:58.0829 4808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 2011/05/25 15:58:58.0869 4808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 2011/05/25 15:58:58.0999 4808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/05/25 15:58:59.0049 4808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/05/25 15:58:59.0179 4808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/05/25 15:58:59.0219 4808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/05/25 15:58:59.0289 4808 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/25 15:58:59.0309 4808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/25 15:58:59.0449 4808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/05/25 15:58:59.0489 4808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/05/25 15:58:59.0619 4808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/05/25 15:58:59.0659 4808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/05/25 15:58:59.0809 4808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 2011/05/25 15:58:59.0879 4808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/05/25 15:58:59.0949 4808 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 2011/05/25 15:59:00.0079 4808 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/05/25 15:59:00.0179 4808 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/05/25 15:59:00.0189 4808 ================================================================================ 2011/05/25 15:59:00.0189 4808 Scan finished 2011/05/25 15:59:00.0189 4808 ================================================================================ 2011/05/25 15:59:00.0199 0892 Detected object count: 0 2011/05/25 15:59:00.0199 0892 Actual detected object count: 0 [b:482ff8e8fa]ALVAST BEDANKT VOOR HET KIJKEN! [/b:482ff8e8fa]
  • Hoi Nico, hoe oud zijn de Ati-drivers al? En doe ook het volgende: ga naar [b:2cadb64c80]Start[/b:2cadb64c80] en typ [in de zoekregel [b:2cadb64c80]cmd[/b:2cadb64c80]; bovenaan het startmenu zie je nu de betreffende snelkoppeling. Klik deze snelkoppeling met rechts aan en kies voor [b:2cadb64c80]Als administrator uitvoeren[/b:2cadb64c80]. In het zwarte venster typ je nu [b:2cadb64c80]sfc /scannow[/b:2cadb64c80] gevolgd door indrukken van de Entertoets. Denk wel aan de spatie na 'sfc'. In het zwarte venster zie nu de voortgang van de scan. Is de scan klaar, typ je [b:2cadb64c80]Exit[/b:2cadb64c80] gevolgd door indrukken van de Entertoets. SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zonodig volgt reparatie. Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan.
  • Hallo, Deze zijn nog geen jaar oud! Ik kocht deze laptop in September 2010, maar ik ondervind al af en toe problemen. Zoals het Blue Screen wat ik al een paar keer heb gehad. Heeft u iets kunnen vinden? Want bij cmd kwam dit eruit: Er zijn geen schendingen van de integriteit gevonden.
  • Hoi Nico, wat is de precieze type-aanduiding van jouw Toshiba notebook?
  • [quote:9ce35a2aff="Abraham54"]Hoi Nico, wat is de precieze type-aanduiding van jouw Toshiba notebook?[/quote:9ce35a2aff] Als ik het goed heb is het deze: http://www.bcc.nl/product/toshiba-l650-1q3
  • Hoi Nico, ik adviseer je de videokaartdrivers opnieuw te installeren. Want mogelijk zijn de huidige drivers beschadigd. Je gaat naar - http://nl.computers.toshiba-europe.com/innovation/windows7_drivers.jsp?macId=&LNG=3&mode=allMachines&userOS=&action=search&selCategory=2&selFamily=2&selSeries=178&selProduct=5376&selShortMod=-1&selOS=30&selType=all&country=24&language=12&search= - en dan zoek je daar naar [b:15f64b3b08]Display Driver[/b:15f64b3b08] en klik je daar op. Vervolgens kan je het bestand downloaden - het makkelijkst is het, daarbij deze keer het bureaublad te kiezen! Na de download ga je eerst naar "Start\Configuratiescherm\Programma's en onderdelen" en in de lijst verwijder je dan ATI. Na het opnieuw opstarten van jouw notebook mag je de nieuwe driver (na uitpakken) gaan installeren. Doe dit overigens met administratorrechten (rechtsklik).
  • Hallo, toen ik het wou verwijderen kreeg ik dit: (klik om print screen te zien) [url]http://imageshack.us/photo/my-images/545/ativerwijderen.png/[/url] Kan ik dan niet beter eerst herstellen proberen of zo, of moet ik hem gewoon verwijderen? Want mijn vraag is dan, als ik mijn laptop opnieuw opstart, krijg je dan geen problemen omdat er niks van ATI is geinstalleerd? Kan dat geen kwaad?
  • De onderste optie kiezen!
  • [quote:29fff84fd9="Abraham54"]De onderste optie kiezen![/quote:29fff84fd9] Hij is uitgepakt in C:\Users\Nico\AppData\Local\Temp\TC50068800G.temp en vervolgens geinstalleerd. Dit is toch goed neem ik aan? En ontzettend bedankt, maar als ik vragen mag, wat was er verkeerd met mijn laptop? de videokaart werkte niet goed, alleen dat of nog meer dingen? Kwam die Blue Screen daardoor?
  • Inderdaad vermoed ik dat het door de vorige drivers van ATI kwam!
  • [quote:4630d658b2="Abraham54"]Inderdaad vermoed ik dat het door de vorige drivers van ATI kwam![/quote:4630d658b2] Oke bedankt, maar je hebt geen hardware fout gezien ofzo? Of iets aan McAfee? Want mijn internet valt dagelijks gemiddeld zon 10x uit, en soms duurt het een paar minuten, soms wel een half uur. Zover je kan zien, kan je niet weten waar het aan ligt? Of er iets met netwerkkaart is of dat McAfee iets tegenhoud?
  • De melding dat je draadloze verbinding regelmatig voor langere perioden uitvalt is nieuw voor mij! Hoe heb jij in Windows deze verbinding geregeld? Via de Windows netwerkbeheer zelf of via Toshiba software? Wat betreft hardwarefouten, nee want een en ander kan ook door rootkits veroorzaakt worden. McAfee is nu eenmaal niet de meest betrouwbare antivirussoftware! Dus nu gaan we dieper kijken: [b:cbe9628d63]Welk programma[/b:cbe9628d63]: ComboFix [b:cbe9628d63]Waarvoor/waarom[/b:cbe9628d63]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:cbe9628d63]Moeilijkheidsgraad[/b:cbe9628d63]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:cbe9628d63]Downloadlokatie[/b:cbe9628d63]: Dit programma absoluut naar het bureaublad downloaden! [b:cbe9628d63]Download ComboFix via één van deze locaties[/b:cbe9628d63]: [list:cbe9628d63][*:cbe9628d63][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:cbe9628d63]Bleepingcomputer[/b:cbe9628d63][/url] [*:cbe9628d63][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:cbe9628d63]ForoSpyware[/b:cbe9628d63][/url] [*:cbe9628d63][url=http://subs.geekstogo.com/ComboFix.exe][b:cbe9628d63]Geekstogo[/b:cbe9628d63][/url][/list:u:cbe9628d63] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:cbe9628d63]Hier[/b:cbe9628d63][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:cbe9628d63]Hier[/b:cbe9628d63][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:cbe9628d63]hier[/b:cbe9628d63][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:cbe9628d63]Voor alle duidelijkheid nogmaals[/b:cbe9628d63]: ComboFix dient vanaf het bureaublad gestart te worden. [b:cbe9628d63]Opmerkingen[/b:cbe9628d63]: [list:cbe9628d63][*:cbe9628d63] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:cbe9628d63]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:cbe9628d63]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:cbe9628d63] [b:cbe9628d63]ComboFix is opgestart[/b:cbe9628d63]: [list:cbe9628d63][*:cbe9628d63]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:cbe9628d63]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:cbe9628d63]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:cbe9628d63]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:cbe9628d63]Post de inhoud van dit logbestand in je volgende bericht. [*:cbe9628d63]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:cbe9628d63] [b:cbe9628d63]Belangrijke opmerking[/b:cbe9628d63]: [list:cbe9628d63][*:cbe9628d63][b:cbe9628d63][color=Red:cbe9628d63]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:cbe9628d63][/b:cbe9628d63] [*:cbe9628d63][b:cbe9628d63][color=blue:cbe9628d63]Illegal operation attempted on a registery key that has been marked for deletion.[/color:cbe9628d63][/b:cbe9628d63] [*:cbe9628d63][b:cbe9628d63][color=Red:cbe9628d63]Start dan de computer opnieuw op.[/color:cbe9628d63][/b:cbe9628d63][/list:u:cbe9628d63]
  • Omdat ik het deze week nogal druk heb en dit mij een lange scan lijkt, duurt het even voor ik de resultaten post. Verwacht is dat ik het donderdag wel post of vrijdag. Alvast bedankt dat je me weer verder helpt!
  • Indien je hardware niet al te oud is, zal de scantijd een tien- tot vijftein minuten duren of korter! Dus dat valt wel mee.
  • [quote:09c49e54bd="Abraham54"]Indien je hardware niet al te oud is, zal de scantijd een tien- tot vijftein minuten duren of korter! Dus dat valt wel mee.[/quote:09c49e54bd] Oke, ,maar u zegt dat ik antivirus allemaal moet uitschakelen. Ik ben daar niet zo vertrouwt over en weet niet precies hoe het werkt, die sites zijn in het engels en ik begrijp het wel grotendeels, maar ik weet niet zeker of ik het goed doe, want die site werkt ook nog met een andere beschrijving (waarschijnlijk van een verouderde mcafee versie?) Ik heb windows malware scanner + mcafee Wat moet ik uitschakelen? alles van mcafee, of realtime scannen en de firewall? en hoe van windows malware?
  • Hoi Nico, twee dingen eerst. 1) jij mag ook jijen tegen mij! 2) ik hoef niet telkens terug te te lezen wat ik al gepost heb! Ontopic. Omdat Windows Defender voor stoorzender kan spelen - deze deaktiveren: [list:849d6691b5][*:849d6691b5] Open Windows Defender Klik op [b:849d6691b5]Tools[/b:849d6691b5] [*:849d6691b5] Klik op [b:849d6691b5]General Settings[/b:849d6691b5] of[b:849d6691b5] Options[/b:849d6691b5] [*:849d6691b5] Scroll naar [b:849d6691b5]Real Time Protection Options[/b:849d6691b5] [*:849d6691b5] Haal het vinkje weg bij [b:849d6691b5]Turn on Real Time Protection (recommended)[/b:849d6691b5] Klik vervolgens op [b:849d6691b5]Save[/b:849d6691b5] [*:849d6691b5] Sluit Windows Defender[/list:u:849d6691b5] Indien de problemen over zijn, dus nadat je log weer schoon verklaard is, kan je Defender weer aktiveren. Wat McAfee betreft: van mij mag je alleen dit onderdeel - "realtime scannen" - deaktiveren.
  • Hallo, haha oke. :P Ik wil je heel erg bedanken dat je voor me even alles nakeek, maar dit is niet nodig. Er is een upc monteur langs geweest en deze heeft een nieuwe modem geplaatst. als het goed is zijn de problemen nu verholpen. Dus lijkt het me niet nodig deze scan uit te voeren.. Ontzettend bedankt voor de tijd die je voor me nam! Mvg, Nico

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.