Vraag & Antwoord

Beveiliging & privacy

trage pc

21 antwoorden
  • hoi d pc van mijn vrouw is zeer traag en heeft veel problemen met opstarten wie kan me helpen hier hijackthjis log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:38:01, on 24-6-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe C:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=ixtreme_m3720&r=173605100406p03f5x175y4821923q R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=ixtreme_m3720&r=173605100406p03f5x175y4821923q R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=ixtreme_m3720&r=173605100406p03f5x175y4821923q R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10738 bytes
  • Hoi kloassie, dan wil ik graag, dat jij bgint met onderstaande opdrachten: [color=#FF0000:aa51b13219][b:aa51b13219]Stap •1•[/b:aa51b13219][/color:aa51b13219] [b:aa51b13219]Welk programma[/b:aa51b13219]: MBRCheck.exe [b:aa51b13219]Waarvoor/waarom[/b:aa51b13219]: speciale scan op mbr-rootkits [b:aa51b13219]Moeilijkheidsgraad[/b:aa51b13219]: geen. [b:aa51b13219]Download [url=http://ad13.geekstogo.com/MBRCheck.exe]MBRCheck.exe[/url][/b:aa51b13219] [b:aa51b13219]MBRCheck.exe opstarten[/b:aa51b13219]: Windows 2000 en Windows XP: start "MBRCheck.exe" middels dubbelklik op "MBRCheck.exe". Windows Vista en Windows 7: start "MBRCheck.exe" middels rechtsklik op "MBRCheck.exe" en dan kiezen voor "Als Administrator uitvoeren". [img:aa51b13219]http://i677.photobucket.com/albums/vv132/RPMcMurphy_album_photos/mbrcheck.png[/img:aa51b13219] [list:aa51b13219][*:aa51b13219]een zwart scherm toont zich met enkele data erin. [*:aa51b13219]Op je bureaublad zal een logbestand met de naam "MBRcheckxxxx.txt" verschijnen. [*:aa51b13219]Kopieer nu de inhoud van dat log in je volgende post.[/list:u:aa51b13219] [color=#FF0000:aa51b13219][b:aa51b13219]Stap •2•[/b:aa51b13219][/color:aa51b13219] [[b:aa51b13219]Welk programma[/b:aa51b13219]: Kaspersky [b:aa51b13219]TDSSKiller[/b:aa51b13219] [b:aa51b13219]Waarvoor/waarom[/b:aa51b13219]: Rootkitscanner [b:aa51b13219]Moeilijkheidsgraad[/b:aa51b13219]: geen [b:aa51b13219]Downloadlokatie[/b:aa51b13219]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:aa51b13219]Download[/b:aa51b13219] [b:aa51b13219]TDSSKiller[/b:aa51b13219] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:aa51b13219]hier[/b:aa51b13219][/url]. [b:aa51b13219]Installatie[/b:aa51b13219]: [list:aa51b13219][*:aa51b13219] pak het bestand uit op je bureaublad.[/list:u:aa51b13219] [b:aa51b13219]TDSSKiller gebruiken[/b:aa51b13219]: [list:aa51b13219][*:aa51b13219]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:aa51b13219]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:aa51b13219]Als Administrator uitvoeren[/b:aa51b13219]. [*:aa51b13219]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:aa51b13219] [img:aa51b13219]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:aa51b13219] [list:aa51b13219][*:aa51b13219]Klik vervolgens op de knop [b:aa51b13219]"Start Scan"[/b:aa51b13219] en volg de instructies. [*:aa51b13219] Nadat de scan klaar is klik je op de knop [b:aa51b13219]"Report"[/b:aa51b13219]. [*:aa51b13219]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:aa51b13219][*:aa51b13219][b:aa51b13219]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:aa51b13219] [*:aa51b13219]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:aa51b13219]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:aa51b13219][/list:u:aa51b13219][/list:u:aa51b13219] [color=#FF0000:aa51b13219][b:aa51b13219]Stap •3•[/b:aa51b13219][/color:aa51b13219] [b:aa51b13219]Welk programma[/b:aa51b13219]: Malwarebytes MBAM [b:aa51b13219]Waarvoor/waarom[/b:aa51b13219]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:aa51b13219]Moeilijkheidsgraad[/b:aa51b13219]: geen. [b:aa51b13219]Download Malwarebytes MBAM via één van deze locaties[/b:aa51b13219]: [list:aa51b13219][*:aa51b13219][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:aa51b13219]Download.com[/b:aa51b13219][/url] [*:aa51b13219][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:aa51b13219]Softpedia.com[/b:aa51b13219][/url][*:aa51b13219][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:aa51b13219]Majorgeeks.com[/b:aa51b13219][/url][/list:u:aa51b13219] [b:aa51b13219]Allereerst[/b:aa51b13219]:[list:aa51b13219][*:aa51b13219] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:aa51b13219] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:aa51b13219] [b:aa51b13219]Malwarebytes MBAM opstarten[/b:aa51b13219]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [b:aa51b13219]Scannen[/b:aa51b13219]: [list:aa51b13219][*:aa51b13219] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:aa51b13219]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:aa51b13219]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:aa51b13219] [b:aa51b13219]Infecties gevonden[/b:aa51b13219]: [list:aa51b13219][*:aa51b13219]Klik nu eerst op OK om de melding weg te klikken [*:aa51b13219]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:aa51b13219]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:aa51b13219]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:aa51b13219]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:aa51b13219]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:aa51b13219] [b:aa51b13219]MBAM-Log[/b:aa51b13219]: [list:aa51b13219][*:aa51b13219] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:aa51b13219] [b:aa51b13219]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:aa51b13219] [color=#FF0000:aa51b13219][b:aa51b13219]Stap •4•[/b:aa51b13219][/color:aa51b13219] [b:aa51b13219]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:aa51b13219] [list:aa51b13219][*:aa51b13219] MBRCheck-log [*:aa51b13219] TDSSKiller-log [*:aa51b13219] MBAM scanlog [*:aa51b13219] Laat ook weten wanneer je ergens een probleem mee hebt[/list:u:aa51b13219]
  • MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: (build 7600), 64-bit Base Board Manufacturer: Packard Bell BIOS Manufacturer: AMI System Manufacturer: Packard Bell System Product Name: ixtreme M3720 Logical Drives Mask: 0x00000fdc Kernel Drivers (total 154): 0x0321F000 \SystemRoot\system32\ntoskrnl.exe 0x037FB000 \SystemRoot\system32\hal.dll 0x00BBC000 \SystemRoot\system32\kdcom.dll 0x00CD3000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00D17000 \SystemRoot\system32\PSHED.dll 0x00D2B000 \SystemRoot\system32\CLFS.SYS 0x00C00000 \SystemRoot\system32\CI.dll 0x00E0A000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00EAE000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00EBD000 \SystemRoot\System32\Drivers\spcm.sys 0x00FE3000 \SystemRoot\System32\Drivers\WMILIB.SYS 0x00D89000 \SystemRoot\System32\Drivers\SCSIPORT.SYS 0x01027000 \SystemRoot\system32\DRIVERS\ACPI.sys 0x0107E000 \SystemRoot\system32\DRIVERS\msisadrv.sys 0x01088000 \SystemRoot\system32\DRIVERS\vdrvroot.sys 0x01095000 \SystemRoot\system32\DRIVERS\pci.sys 0x010C8000 \SystemRoot\System32\drivers\partmgr.sys 0x010DD000 \SystemRoot\system32\DRIVERS\volmgr.sys 0x010F2000 \SystemRoot\System32\drivers\volmgrx.sys 0x0114E000 \SystemRoot\system32\DRIVERS\pciide.sys 0x01155000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x01165000 \SystemRoot\System32\drivers\mountmgr.sys 0x0117F000 \SystemRoot\system32\DRIVERS\atapi.sys 0x01188000 \SystemRoot\system32\DRIVERS\ataport.SYS 0x011B2000 \SystemRoot\system32\DRIVERS\nvstor64.sys 0x01206000 \SystemRoot\system32\DRIVERS\storport.sys 0x01268000 \SystemRoot\system32\drivers\amdxata.sys 0x01273000 \SystemRoot\system32\drivers\fltmgr.sys 0x012BF000 \SystemRoot\system32\drivers\fileinfo.sys 0x01455000 \SystemRoot\System32\Drivers\Ntfs.sys 0x012D3000 \SystemRoot\System32\Drivers\msrpc.sys 0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys 0x01331000 \SystemRoot\System32\Drivers\cng.sys 0x0141A000 \SystemRoot\System32\drivers\pcw.sys 0x0142B000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01626000 \SystemRoot\system32\drivers\ndis.sys 0x01718000 \SystemRoot\system32\drivers\NETIO.SYS 0x01778000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01803000 \SystemRoot\System32\drivers\tcpip.sys 0x017A3000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x013A4000 \SystemRoot\system32\DRIVERS\volsnap.sys 0x017ED000 \SystemRoot\System32\Drivers\spldr.sys 0x00DB8000 \SystemRoot\System32\drivers\rdyboost.sys 0x01600000 \SystemRoot\System32\Drivers\mup.sys 0x01612000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01A2C000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x01A66000 \SystemRoot\system32\DRIVERS\disk.sys 0x01A7C000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x01B15000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x01B3F000 \SystemRoot\System32\Drivers\aswSnx.SYS 0x01BD7000 \SystemRoot\System32\Drivers\Null.SYS 0x01BE0000 \SystemRoot\System32\Drivers\Beep.SYS 0x01BE7000 \SystemRoot\System32\drivers\vga.sys 0x01A00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x01435000 \SystemRoot\System32\drivers\watchdog.sys 0x01BF5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x0161B000 \SystemRoot\system32\drivers\rdpencdd.sys 0x017F5000 \SystemRoot\system32\drivers\rdprefmp.sys 0x01445000 \SystemRoot\System32\Drivers\Msfs.SYS 0x01000000 \SystemRoot\System32\Drivers\Npfs.SYS 0x02EBB000 \SystemRoot\system32\DRIVERS\tdx.sys 0x02ED9000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x02EE6000 \SystemRoot\System32\Drivers\aswTdi.SYS 0x02EF6000 \SystemRoot\system32\drivers\afd.sys 0x02F7F000 \SystemRoot\System32\Drivers\aswRdr.SYS 0x02F89000 \SystemRoot\System32\DRIVERS\netbt.sys 0x02FCE000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x02FD7000 \SystemRoot\system32\DRIVERS\pacer.sys 0x02E00000 \SystemRoot\system32\DRIVERS\netbios.sys 0x02E0F000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x02E2A000 \SystemRoot\system32\DRIVERS\termdd.sys 0x02E3E000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x02E8F000 \SystemRoot\system32\drivers\nsiproxy.sys 0x02E9B000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x02EA6000 \SystemRoot\System32\drivers\discache.sys 0x03C37000 \SystemRoot\System32\Drivers\dfsc.sys 0x03C55000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x03C66000 \SystemRoot\System32\Drivers\aswSP.SYS 0x03CB3000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x03CD9000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x03CEF000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x03D0D000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x03D1C000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x03D2B000 \SystemRoot\system32\DRIVERS\usbohci.sys 0x03D36000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x03D8C000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x03D9D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x04A9A000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x05598000 \SystemRoot\system32\DRIVERS\nvBridge.kmd 0x03E58000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x03F4C000 \SystemRoot\System32\drivers\dxgmms1.sys 0x03F92000 \SystemRoot\system32\DRIVERS\Rt64win7.sys 0x03E00000 \SystemRoot\System32\Drivers\a2fuu0nm.SYS 0x03E45000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x03FC4000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x03FD4000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x0559A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x03FEA000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x055BE000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x04A00000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x04A1B000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x04A3C000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x03FF6000 \SystemRoot\system32\DRIVERS\swenum.sys 0x04A56000 \SystemRoot\system32\DRIVERS\ks.sys 0x055ED000 \SystemRoot\system32\DRIVERS\umbus.sys 0x04451000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x044AB000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x0462E000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x044C0000 \SystemRoot\system32\drivers\portcls.sys 0x04600000 \SystemRoot\system32\drivers\drmk.sys 0x04622000 \SystemRoot\system32\drivers\ksthunk.sys 0x047DF000 \SystemRoot\system32\drivers\nvhda64v.sys 0x044FD000 \SystemRoot\System32\Drivers\crashdmp.sys 0x0450B000 \SystemRoot\System32\Drivers\dump_diskdump.sys 0x04515000 \SystemRoot\System32\Drivers\dump_nvstor64.sys 0x04553000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x04566000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x047F7000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x04583000 \SystemRoot\system32\drivers\USBSTOR.SYS 0x0459E000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x045AC000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x045C5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x000C0000 \SystemRoot\System32\win32k.sys 0x045CE000 \SystemRoot\System32\drivers\Dxapi.sys 0x045DA000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00410000 \SystemRoot\System32\TSDDD.dll 0x00680000 \SystemRoot\System32\ATMFD.DLL 0x009B0000 \SystemRoot\System32\cdd.dll 0x04400000 \SystemRoot\system32\drivers\luafv.sys 0x03DC1000 \??\C:\Windows\system32\drivers\aswMonFlt.sys 0x04423000 \SystemRoot\System32\Drivers\aswFsBlk.SYS 0x0442C000 \SystemRoot\system32\drivers\WudfPf.sys 0x045E8000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x03C00000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x06CD4000 \SystemRoot\system32\drivers\HTTP.sys 0x06D9C000 \SystemRoot\system32\DRIVERS\bowser.sys 0x06DBA000 \SystemRoot\System32\drivers\mpsdrv.sys 0x06DD2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x06C00000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x06C4E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x08276000 \SystemRoot\system32\drivers\peauth.sys 0x0831C000 \SystemRoot\System32\Drivers\secdrv.SYS 0x08327000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x08354000 \SystemRoot\System32\drivers\tcpipreg.sys 0x08366000 \SystemRoot\System32\DRIVERS\srv2.sys 0x0881E000 \SystemRoot\System32\DRIVERS\srv.sys 0x088B3000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0x088E4000 \SystemRoot\system32\DRIVERS\psi_mf.sys 0x77140000 \Windows\System32\ntdll.dll 0x478E0000 \Windows\System32\smss.exe 0xFF460000 \Windows\System32\apisetschema.dll 0xFF320000 \Windows\System32\autochk.exe 0xFF370000 \Windows\System32\oleaut32.dll 0xFF360000 \Windows\System32\lpk.dll Processes (total 64): 0 System Idle Process 4 System 276 C:\Windows\System32\smss.exe 428 csrss.exe 484 C:\Windows\System32\wininit.exe 500 csrss.exe 536 C:\Windows\System32\services.exe 564 C:\Windows\System32\lsass.exe 572 C:\Windows\System32\lsm.exe 652 C:\Windows\System32\winlogon.exe 728 C:\Windows\System32\svchost.exe 812 C:\Windows\System32\nvvsvc.exe 852 C:\Windows\System32\svchost.exe 980 C:\Windows\System32\svchost.exe 1012 C:\Windows\System32\svchost.exe 308 C:\Windows\System32\svchost.exe 476 C:\Windows\System32\svchost.exe 1044 C:\Windows\System32\svchost.exe 1108 C:\Program Files\AVAST Software\Avast\AvastSvc.exe 1132 C:\Windows\System32\nvvsvc.exe 1340 C:\Windows\System32\dwm.exe 1364 C:\Windows\explorer.exe 1636 C:\Windows\System32\spoolsv.exe 1684 C:\Windows\System32\svchost.exe 1720 C:\Windows\System32\taskhost.exe 1880 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1932 C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe 560 C:\Program Files (x86)\Secunia\PSI\psia.exe 1912 C:\Windows\SysWOW64\nvSCPAPISvr.exe 2040 C:\Windows\System32\svchost.exe 2120 C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe 2152 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2312 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2508 C:\Windows\System32\svchost.exe 2588 WUDFHost.exe 2676 C:\Windows\System32\svchost.exe 2924 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 3048 C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe 2864 C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 2848 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 964 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2220 C:\Program Files (x86)\Secunia\PSI\psi_tray.exe 3088 C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe 3096 C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe 3128 C:\Program Files\AVAST Software\Avast\AvastUI.exe 3288 C:\Windows\System32\SearchIndexer.exe 3916 C:\Windows\System32\svchost.exe 2960 C:\Program Files\Windows Media Player\wmpnetwk.exe 2412 C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe 3552 C:\Program Files (x86)\Secunia\PSI\sua.exe 5096 dllhost.exe 2456 C:\Windows\System32\svchost.exe 3044 C:\Windows\System32\wuauclt.exe 4060 C:\Program Files (x86)\Internet Explorer\iexplore.exe 3628 C:\Program Files (x86)\Internet Explorer\iexplore.exe 3368 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe 3036 C:\Windows\System32\taskeng.exe 4724 C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe 4272 C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe 1244 C:\Windows\System32\audiodg.exe 3860 taskhost.exe 3160 C:\Users\cynthia\Desktop\MBRCheck.exe 5048 C:\Windows\System32\conhost.exe 4884 C:\Windows\System32\dllhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`c6500000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000076`43300000 (NTFS) PhysicalDrive0 Model Number: WDC WD10EADS-22M2B0, Rev: 01.0 Size Device Name MBR Status -------------------------------------------- 931 GB \\.\PhysicalDrive0 RE: Acer MBR code detected SHA1: 3183CBF02DD9B39C5FF84F50BA2419D633E30179 Done! 2011/06/24 12:04:49.0574 4784 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15 2011/06/24 12:04:50.0167 4784 ================================================================================ 2011/06/24 12:04:50.0167 4784 SystemInfo: 2011/06/24 12:04:50.0167 4784 2011/06/24 12:04:50.0167 4784 OS Version: 6.1.7600 ServicePack: 0.0 2011/06/24 12:04:50.0168 4784 Product type: Workstation 2011/06/24 12:04:50.0168 4784 ComputerName: CYNTHIA-PC 2011/06/24 12:04:50.0168 4784 UserName: cynthia 2011/06/24 12:04:50.0168 4784 Windows directory: C:\Windows 2011/06/24 12:04:50.0168 4784 System windows directory: C:\Windows 2011/06/24 12:04:50.0168 4784 Running under WOW64 2011/06/24 12:04:50.0168 4784 Processor architecture: Intel x64 2011/06/24 12:04:50.0168 4784 Number of processors: 2 2011/06/24 12:04:50.0168 4784 Page size: 0x1000 2011/06/24 12:04:50.0168 4784 Boot type: Normal boot 2011/06/24 12:04:50.0168 4784 ================================================================================ 2011/06/24 12:04:51.0452 4784 Initialize success 2011/06/24 12:04:56.0535 0864 ================================================================================ 2011/06/24 12:04:56.0535 0864 Scan started 2011/06/24 12:04:56.0535 0864 Mode: Manual; 2011/06/24 12:04:56.0535 0864 ================================================================================ 2011/06/24 12:04:57.0632 0864 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/06/24 12:04:57.0696 0864 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/06/24 12:04:57.0739 0864 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/06/24 12:04:57.0838 0864 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/06/24 12:04:57.0869 0864 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/06/24 12:04:57.0905 0864 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/06/24 12:04:57.0988 0864 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys 2011/06/24 12:04:58.0023 0864 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/06/24 12:04:58.0082 0864 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/06/24 12:04:58.0095 0864 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/06/24 12:04:58.0132 0864 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/06/24 12:04:58.0148 0864 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/06/24 12:04:58.0193 0864 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 2011/06/24 12:04:58.0233 0864 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/06/24 12:04:58.0265 0864 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 2011/06/24 12:04:58.0317 0864 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/06/24 12:04:58.0345 0864 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/06/24 12:04:58.0367 0864 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/06/24 12:04:58.0426 0864 aswFsBlk (f1dbe3d02ffcdee5246f29b0ecebe6e0) C:\Windows\system32\drivers\aswFsBlk.sys 2011/06/24 12:04:58.0510 0864 aswMonFlt (f3e75dd1bcc358fb4629357ad09e7c84) C:\Windows\system32\drivers\aswMonFlt.sys 2011/06/24 12:04:58.0557 0864 aswRdr (fccbdc045dc12afd1508205117e7ed11) C:\Windows\system32\drivers\aswRdr.sys 2011/06/24 12:04:58.0606 0864 aswSnx (5824dca602a0a30e866bc2ac98c6d970) C:\Windows\system32\drivers\aswSnx.sys 2011/06/24 12:04:58.0631 0864 aswSP (af07b4bef920f90205148f3a05e2974c) C:\Windows\system32\drivers\aswSP.sys 2011/06/24 12:04:58.0660 0864 aswTdi (a3eca5af3b4823a523c285a8df0f9e4f) C:\Windows\system32\drivers\aswTdi.sys 2011/06/24 12:04:58.0682 0864 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/24 12:04:58.0722 0864 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/06/24 12:04:58.0790 0864 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/06/24 12:04:58.0822 0864 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/06/24 12:04:58.0856 0864 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/06/24 12:04:58.0917 0864 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/06/24 12:04:58.0957 0864 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/24 12:04:58.0980 0864 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/06/24 12:04:59.0003 0864 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/06/24 12:04:59.0032 0864 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/06/24 12:04:59.0058 0864 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/06/24 12:04:59.0076 0864 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/06/24 12:04:59.0106 0864 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/06/24 12:04:59.0121 0864 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/06/24 12:04:59.0162 0864 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/24 12:04:59.0221 0864 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/24 12:04:59.0249 0864 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/06/24 12:04:59.0291 0864 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/06/24 12:04:59.0348 0864 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/06/24 12:04:59.0365 0864 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/06/24 12:04:59.0406 0864 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/06/24 12:04:59.0429 0864 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/06/24 12:04:59.0448 0864 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/06/24 12:04:59.0466 0864 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/06/24 12:04:59.0551 0864 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 2011/06/24 12:04:59.0585 0864 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/06/24 12:04:59.0630 0864 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/06/24 12:04:59.0672 0864 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/06/24 12:04:59.0721 0864 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/24 12:04:59.0836 0864 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/06/24 12:04:59.0954 0864 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/06/24 12:04:59.0986 0864 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/06/24 12:05:00.0043 0864 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/06/24 12:05:00.0078 0864 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/06/24 12:05:00.0126 0864 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/24 12:05:00.0177 0864 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/06/24 12:05:00.0200 0864 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/06/24 12:05:00.0238 0864 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/24 12:05:00.0288 0864 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/06/24 12:05:00.0335 0864 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/06/24 12:05:00.0376 0864 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 2011/06/24 12:05:00.0403 0864 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/24 12:05:00.0448 0864 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/06/24 12:05:00.0475 0864 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/06/24 12:05:00.0557 0864 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/06/24 12:05:00.0612 0864 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/06/24 12:05:00.0637 0864 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/24 12:05:00.0661 0864 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/06/24 12:05:00.0684 0864 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/06/24 12:05:00.0699 0864 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/06/24 12:05:00.0757 0864 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/24 12:05:00.0819 0864 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/06/24 12:05:00.0871 0864 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/06/24 12:05:00.0899 0864 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/06/24 12:05:01.0156 0864 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/24 12:05:01.0205 0864 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 2011/06/24 12:05:01.0243 0864 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/06/24 12:05:01.0327 0864 IntcAzAudAddService (135856ac71116ccff05ed8481745241b) C:\Windows\system32\drivers\RTKVHD64.sys 2011/06/24 12:05:01.0350 0864 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/06/24 12:05:01.0372 0864 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/24 12:05:01.0406 0864 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/06/24 12:05:01.0426 0864 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/06/24 12:05:01.0443 0864 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/06/24 12:05:01.0469 0864 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/06/24 12:05:01.0487 0864 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/06/24 12:05:01.0521 0864 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/24 12:05:01.0567 0864 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/24 12:05:01.0603 0864 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/24 12:05:01.0636 0864 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/24 12:05:01.0683 0864 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2011/06/24 12:05:01.0702 0864 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/06/24 12:05:01.0769 0864 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/24 12:05:01.0832 0864 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/06/24 12:05:01.0855 0864 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/06/24 12:05:01.0878 0864 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/06/24 12:05:01.0898 0864 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/06/24 12:05:01.0922 0864 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/06/24 12:05:01.0953 0864 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/06/24 12:05:01.0970 0864 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/06/24 12:05:02.0002 0864 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/06/24 12:05:02.0029 0864 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/24 12:05:02.0050 0864 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/24 12:05:02.0079 0864 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/24 12:05:02.0111 0864 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/06/24 12:05:02.0137 0864 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/06/24 12:05:02.0165 0864 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/24 12:05:02.0185 0864 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/06/24 12:05:02.0240 0864 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/24 12:05:02.0273 0864 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/24 12:05:02.0290 0864 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/24 12:05:02.0322 0864 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/06/24 12:05:02.0338 0864 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/06/24 12:05:02.0380 0864 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/06/24 12:05:02.0404 0864 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/06/24 12:05:02.0432 0864 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/06/24 12:05:02.0486 0864 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/24 12:05:02.0504 0864 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/24 12:05:02.0521 0864 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/06/24 12:05:02.0552 0864 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/06/24 12:05:02.0584 0864 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/24 12:05:02.0597 0864 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/06/24 12:05:02.0625 0864 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/06/24 12:05:02.0673 0864 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/06/24 12:05:02.0720 0864 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/24 12:05:02.0786 0864 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/06/24 12:05:02.0864 0864 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/06/24 12:05:02.0909 0864 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/24 12:05:02.0958 0864 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/24 12:05:02.0987 0864 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/24 12:05:03.0012 0864 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/06/24 12:05:03.0072 0864 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/24 12:05:03.0095 0864 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/24 12:05:03.0160 0864 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/06/24 12:05:03.0220 0864 nmwcdcx64 (2c761cc067acf0fb4ea13930b09bfeea) C:\Windows\system32\drivers\ccdcmbox64.sys 2011/06/24 12:05:03.0282 0864 nmwcdx64 (63051819d5cac0fa49c425fc5e1a2b5c) C:\Windows\system32\drivers\ccdcmbx64.sys 2011/06/24 12:05:03.0295 0864 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/06/24 12:05:03.0327 0864 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/24 12:05:03.0400 0864 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 2011/06/24 12:05:03.0433 0864 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/06/24 12:05:03.0496 0864 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys 2011/06/24 12:05:03.0735 0864 nvlddmkm (d7a2cd1d76e6cc996a0852d566af2f73) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/06/24 12:05:03.0860 0864 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 2011/06/24 12:05:03.0908 0864 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 2011/06/24 12:05:03.0952 0864 nvstor64 (ebfe363aab0d6e4086adbf04c41ebdf8) C:\Windows\system32\DRIVERS\nvstor64.sys 2011/06/24 12:05:03.0995 0864 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/06/24 12:05:04.0026 0864 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/06/24 12:05:04.0070 0864 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/06/24 12:05:04.0103 0864 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/06/24 12:05:04.0194 0864 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 2011/06/24 12:05:04.0229 0864 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/06/24 12:05:04.0253 0864 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/06/24 12:05:04.0277 0864 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/06/24 12:05:04.0300 0864 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/06/24 12:05:04.0329 0864 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/06/24 12:05:04.0434 0864 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/24 12:05:04.0463 0864 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/06/24 12:05:04.0513 0864 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/24 12:05:04.0573 0864 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys 2011/06/24 12:05:04.0621 0864 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/06/24 12:05:04.0663 0864 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/06/24 12:05:04.0690 0864 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/24 12:05:04.0711 0864 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/24 12:05:04.0760 0864 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/06/24 12:05:04.0782 0864 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/24 12:05:04.0815 0864 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/24 12:05:04.0853 0864 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/06/24 12:05:04.0877 0864 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/24 12:05:04.0903 0864 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/06/24 12:05:04.0931 0864 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/24 12:05:04.0950 0864 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/24 12:05:04.0976 0864 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/06/24 12:05:05.0003 0864 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/06/24 12:05:05.0024 0864 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/06/24 12:05:05.0127 0864 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/24 12:05:05.0170 0864 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 2011/06/24 12:05:05.0191 0864 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/06/24 12:05:05.0217 0864 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/06/24 12:05:05.0251 0864 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/06/24 12:05:05.0344 0864 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/06/24 12:05:05.0360 0864 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/06/24 12:05:05.0377 0864 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/06/24 12:05:05.0444 0864 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/06/24 12:05:05.0464 0864 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/06/24 12:05:05.0493 0864 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/06/24 12:05:05.0507 0864 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/06/24 12:05:05.0538 0864 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/06/24 12:05:05.0560 0864 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/06/24 12:05:05.0607 0864 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/06/24 12:05:05.0666 0864 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/06/24 12:05:05.0750 0864 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 2011/06/24 12:05:05.0750 0864 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 2011/06/24 12:05:05.0757 0864 sptd - detected LockedFile.Multi.Generic (1) 2011/06/24 12:05:05.0806 0864 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 2011/06/24 12:05:05.0837 0864 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/24 12:05:05.0869 0864 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/24 12:05:05.0928 0864 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/06/24 12:05:05.0955 0864 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/24 12:05:06.0051 0864 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys 2011/06/24 12:05:06.0151 0864 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/24 12:05:06.0190 0864 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/24 12:05:06.0214 0864 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/06/24 12:05:06.0237 0864 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/06/24 12:05:06.0272 0864 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/24 12:05:06.0298 0864 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/24 12:05:06.0367 0864 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/24 12:05:06.0406 0864 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/24 12:05:06.0427 0864 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/06/24 12:05:06.0453 0864 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/24 12:05:06.0483 0864 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/06/24 12:05:06.0517 0864 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/24 12:05:06.0531 0864 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/06/24 12:05:06.0607 0864 upperdev (bcd611d240604ceee7f90805361fab50) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 2011/06/24 12:05:06.0653 0864 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/24 12:05:06.0703 0864 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/06/24 12:05:06.0741 0864 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/24 12:05:06.0787 0864 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/24 12:05:06.0812 0864 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys 2011/06/24 12:05:06.0854 0864 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/24 12:05:06.0900 0864 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 2011/06/24 12:05:06.0968 0864 usbser (0f0c72a657c622286013788b886968ad) C:\Windows\system32\drivers\usbser.sys 2011/06/24 12:05:06.0997 0864 UsbserFilt (d91be2644b18b4e3c69982fe0e1e97d6) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys 2011/06/24 12:05:07.0039 0864 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS 2011/06/24 12:05:07.0067 0864 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 2011/06/24 12:05:07.0118 0864 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/06/24 12:05:07.0161 0864 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/24 12:05:07.0180 0864 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/06/24 12:05:07.0204 0864 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/06/24 12:05:07.0229 0864 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/06/24 12:05:07.0251 0864 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/06/24 12:05:07.0282 0864 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/06/24 12:05:07.0302 0864 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/06/24 12:05:07.0332 0864 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/06/24 12:05:07.0368 0864 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2011/06/24 12:05:07.0404 0864 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/06/24 12:05:07.0446 0864 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/24 12:05:07.0469 0864 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/24 12:05:07.0533 0864 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/06/24 12:05:07.0570 0864 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/24 12:05:07.0639 0864 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/06/24 12:05:07.0666 0864 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/06/24 12:05:07.0752 0864 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/06/24 12:05:07.0816 0864 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/06/24 12:05:07.0888 0864 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/24 12:05:07.0928 0864 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/06/24 12:05:07.0979 0864 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/24 12:05:08.0019 0864 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR0 2011/06/24 12:05:08.0074 0864 ================================================================================ 2011/06/24 12:05:08.0074 0864 Scan finished 2011/06/24 12:05:08.0074 0864 ================================================================================ 2011/06/24 12:05:08.0086 5116 Detected object count: 1 2011/06/24 12:05:08.0086 5116 Actual detected object count: 1 2011/06/24 12:05:18.0191 5116 LockedFile.Multi.Generic(sptd) - User select action: Skip Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Databaseversie: 6936 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 24-6-2011 12:09:32 mbam-log-2011-06-24 (12-09-32).txt Scantype: Snelle scan Objecten gescand: 162335 Verstreken tijd: 2 minuut/minuten, 20 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) het probleem is voornamelijk het opstartenb,en herstellen lukt niet zegt hiuj dan,na diverse pogingen gaat hij dan toch doorstarten en start windows op. alvast bedankt voor je hulp
  • Hoi kloassie, de MBR van de HD is in ieder geval gezond. Als je het notebook dus aanzet dan gebeurt er initieel dus weinig. Wat zie je dan op het beeldscherm? Een knipperende cursur in de linker bovenhoek? En wat als Windows uiteindelijk doorstart, gaat dat dan ook traag?
  • als windows doorstart dan is dit ook traag ,alles reageert traag als je hem dan even met rust laat en 10 min later weer probeert is het tamelijk normaal het probleem is dat hij wel 20 keer opnieuw probeert op te starten en dan telkens vraagt om te herstellen of normaal opstarten,herstellen lukt dan niet en normaal starten werkt dan ook niet gaat dan steeds weer in herhaling met het bekende scherm herstellen of normaal starten
  • Doe het volgende: download en installeer [b:c1e5123360]CrystalDiskInfo 4[/b:c1e5123360] om inzicht te krijgen in de gezondheid van de HD! Is de kleur blauw, dan is de HD gezond; geel betekent problemen. http://crystalmark.info/software/CrystalDiskInfo/index-e.html
  • ja gedaan staat op geel waarschuwing
  • In de lijst van de gegevens: wat zijn daar de geel vermerkte regels?
  • current pending sector count
  • Hmmm, dat is in ieder geval geen oppervlakte beschadiging! Dat notebook, is dat met Windows 7 gekomen of is Windows 7 er later pas in geïnstalleerd?
  • windows 7 stond er op vanaf de winkel,en er zit geen schijfje bij met 7 erop. zij heeft deze pc destijds gekregen
  • Dan adviseer ik je eerst een recovery naar nieuwstaat uit te voeren. Omdat daarbij de systeempartitie geformatteerd wordt, wordt alles daarop gewist. Dus wel eventuele dokumenten enz, eerst veiligstellen.
  • hoi alles is veilig gesteld en opgeslagen ,hoe ga ik nu verder. kjan even duren voor je weer antwoord krijgt ben weekend aan het werk alvast bedankt weer voor je hulp
  • Het is een Acer-notebook? Dan al tijdens de bootfase van het bios op de toetsen ALT + F10 gelijktijdig tokkelen.
  • hoi ben er weer,nee het is geen acer notebook is een gewone pc packerd bell p8
  • Als het een PB is, dan is het mogelijk dat het nog steeds de funktietoets F11 is, waarop je al tijdens de bootfase van het bios moet gaan tokkelen.
  • hoi met f11 gebeurt er niets en start gewoon weer op ,met f12 kom ik het menu heb ik gezien
  • Hoi kloassie, is een en ander inmiddels gelukt?
  • nou klinkt misschien stom maar weet eigenlijk niet wat ik moet doen met f 12 kom ik in een klein menu van alle hardware en del kom ik in het menu met bios enz
  • Probeer dan als alternatief dan funktietoets F10. Want F12 is standaard eigenlijk een bootmenu om snel te kunnen instellen waarvan je wil booten, zonder dat daardoor de biosinstellingen veranderen.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.