Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Virus Alureon weg? maar mappen blijven onzichtbaar etc.

wendyk
101 antwoorden
  • Mijn computer gaf vorige week ineens problemen (alle mappen weg (onzichtbaar), melding Catalys Control Center werkt niet meer, beveiligingsmeldingen internet). Na een scan met Microsoft Security Essentials werden de volgende virussen gevonden:
    Trojan:Win32/FakeSysdef ernstig 19-8-2011 17.16 verwijderd
    Trojan:Win32/Alureon.FE ernstig 19-8-2011 17.16 verwijderd
    Trojan:Win32/FakeSysdef ernstig 18-8-2011 21.40 verwijderd
    Trojan:Win32/FakeSysdef ernstig 18-8-2011 20.12 verwijderd
    Trojan:Win32/FakeSysdef ernstig 18-8-2011 20.01 In quarantaine…
    Trojan:Win32/FakeSysdef ernstig 18-8-2011 19.49

    Daarna nog een paar keer een scan gedaan en ook met Mbam (zie scanlog hieronder) maar er werden geen virussen meer gevonden.
    Kan ik er nu van uitgaan dat echt alle virussen weg zijn?
    Ik blijf nog wel de volgende problemen hebben:
    - melding Catalyst Control Center werkt niet meer (heb ik opgelost door het te verwijderen maar ik weet niet of dit later problemen kan geven)
    - bij alle mappen heb ik verborgen bestanden weer uitgezet alleen bij de hoofdmappen in Bibliotheken (Afbeeldingen/Video/Documenten/Muziek) kan dit niet, dus die zijn nog onzichtbaar/licht van kleur.
    - op Internet Explorer blijf ik meldingen krijgen over beveiliging en ook wordt ik soms naar een andere site gezet die ik niet heb aangeklikt (www.liutilities.com??)
    Als ik mijn beveiliging van Internet Explorer bij internetopties op Standaardniveau zet schiet hij zodra ik de computer opnieuw heb opgestart op Aangepast niveau.

    Ik zag op deze site dat sommige problemen met Combofix te verhelpen zijn. Is dit een optie, en zo ja, is er dan iemand die aan wil geven hoe dit te doen?

    Hieronder de MBam scanlog en Hijackthis-log:
    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Databaseversie: 7619

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    31-8-2011 13:19:55
    mbam-log-2011-08-31 (13-19-55).txt

    Scantype: Volledige scan (C:\|)
    Objecten gescand: 307844
    Verstreken tijd: 43 minuut/minuten, 44 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:42:54, on 31-8-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
    C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
    C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
    O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device… - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
    O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 13860 bytes
  • Hoi, de snelle scan van MBAM is doorgaans meer dan voldoende!

    [b:63f3d57486]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:63f3d57486]
    [list:63f3d57486][*:63f3d57486]Lees alle instrukties goed door.
    [*:63f3d57486]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken.
    [*:63f3d57486]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken.
    [*:63f3d57486]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken.
    [*:63f3d57486]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
    [*:63f3d57486]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:63f3d57486][/color:63f3d57486]

    [b:63f3d57486]Stap •1•[/b:63f3d57486][/color:63f3d57486]
    [[b:63f3d57486]Welk programma[/b:63f3d57486]: Kaspersky [b:63f3d57486]TDSSKiller[/b:63f3d57486]
    [b:63f3d57486]Waarvoor/waarom[/b:63f3d57486]: Rootkitscanner
    [b:63f3d57486]Moeilijkheidsgraad[/b:63f3d57486]: geen
    [b:63f3d57486]Downloadlokatie[/b:63f3d57486]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:63f3d57486]Download[/b:63f3d57486] [b:63f3d57486]TDSSKiller[/b:63f3d57486] [b:63f3d57486]hier[/b:63f3d57486].

    [b:63f3d57486]Installatie[/b:63f3d57486]:
    [list:63f3d57486][*:63f3d57486] pak het bestand uit op je bureaublad.[/list:u:63f3d57486]

    [b:63f3d57486]TDSSKiller gebruiken[/b:63f3d57486]:
    [list:63f3d57486][*:63f3d57486]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
    [*:63f3d57486]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:63f3d57486]Als Administrator uitvoeren[/b:63f3d57486].
    [*:63f3d57486]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:63f3d57486]
    [img:63f3d57486]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:63f3d57486]

    [list:63f3d57486][*:63f3d57486]Klik vervolgens op de knop [b:63f3d57486]"Start Scan"[/b:63f3d57486] en volg de instructies.
    [*:63f3d57486] Nadat de scan klaar is klik je op de knop [b:63f3d57486]"Report"[/b:63f3d57486].
    [*:63f3d57486]Er opent een kladblokbestand. Post de inhoud van dit bestand.
    [list:63f3d57486][*:63f3d57486][b:63f3d57486]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:63f3d57486]
    [*:63f3d57486]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:63f3d57486]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:63f3d57486][/list:u:63f3d57486][/list:u:63f3d57486]


    [b:63f3d57486]Stap •2•[/b:63f3d57486][/color:63f3d57486]
    [b:63f3d57486]Welk programma[/b:63f3d57486]: "aswMBR.exe'
    [b:63f3d57486]Waarvoor/waarom[/b:63f3d57486]: MBR-Rootkitscanner
    [b:63f3d57486]Moeilijkheidsgraad[/b:63f3d57486]: geen
    [b:63f3d57486]Downloadlokatie[/b:63f3d57486]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:63f3d57486]Download[/b:63f3d57486] [b:63f3d57486]aswMBR.exe[/b:63f3d57486] [b:63f3d57486]hier[/b:63f3d57486].


    [b:63f3d57486]aswMBR.exe gebruiken[/b:63f3d57486]:
    [list:63f3d57486][*:63f3d57486]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe".
    [*:63f3d57486]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:63f3d57486]Als Administrator uitvoeren[/b:63f3d57486].[/list:u:63f3d57486]

    [img:63f3d57486]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:63f3d57486]
    [list:63f3d57486][*:63f3d57486] Klik nu in het zwarte scherm op de knop [b:63f3d57486]Scan[/b:63f3d57486]
    [*:63f3d57486] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:63f3d57486]Save log[/b:63f3d57486][/list:u:63f3d57486]
    [img:63f3d57486]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:63f3d57486]
    [list:63f3d57486][*:63f3d57486] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen.
    [*:63f3d57486] Tevens vindt je nu op het bureaublad ook het bestand [b:63f3d57486]MBR.dat[/b:63f3d57486]!
    [*:63f3d57486] [b:63f3d57486]MBR.dat[/b:63f3d57486] is een backupbestand, bewaar dat dus voorlopig.
    [*:63f3d57486] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:63f3d57486]aswMBR.txt[/b:63f3d57486]
    [*:63f3d57486] Post de inhoud van [b:63f3d57486]aswMBR.txt[/b:63f3d57486] in jouw volgende bericht.[/list:u:63f3d57486]

    [b:63f3d57486]Stap •3•[/b:63f3d57486][/color:63f3d57486]
    [b:63f3d57486]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:63f3d57486]
    [list:63f3d57486][*:63f3d57486] TDSSKiller-log
    [*:63f3d57486] aswMBR.txt-log
    [/list:u:63f3d57486]
  • Bedankt voor de sneller reactie!
    Hierbij de logs:

    2011/08/31 17:54:10.0458 5000 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
    2011/08/31 17:54:10.0604 5000 ================================================================================
    2011/08/31 17:54:10.0604 5000 SystemInfo:
    2011/08/31 17:54:10.0604 5000
    2011/08/31 17:54:10.0604 5000 OS Version: 6.1.7601 ServicePack: 1.0
    2011/08/31 17:54:10.0604 5000 Product type: Workstation
    2011/08/31 17:54:10.0605 5000 ComputerName: RUTH-VAIO
    2011/08/31 17:54:10.0605 5000 UserName: Ruth
    2011/08/31 17:54:10.0605 5000 Windows directory: C:\Windows
    2011/08/31 17:54:10.0605 5000 System windows directory: C:\Windows
    2011/08/31 17:54:10.0605 5000 Running under WOW64
    2011/08/31 17:54:10.0605 5000 Processor architecture: Intel x64
    2011/08/31 17:54:10.0605 5000 Number of processors: 4
    2011/08/31 17:54:10.0605 5000 Page size: 0x1000
    2011/08/31 17:54:10.0605 5000 Boot type: Normal boot
    2011/08/31 17:54:10.0605 5000 ================================================================================
    2011/08/31 17:54:11.0137 5000 Initialize success
    2011/08/31 17:54:32.0833 4764 ================================================================================
    2011/08/31 17:54:32.0833 4764 Scan started
    2011/08/31 17:54:32.0833 4764 Mode: Manual;
    2011/08/31 17:54:32.0833 4764 ================================================================================
    2011/08/31 17:54:41.0913 4764 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    2011/08/31 17:54:42.0023 4764 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    2011/08/31 17:54:42.0123 4764 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    2011/08/31 17:54:42.0223 4764 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
    2011/08/31 17:54:42.0343 4764 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
    2011/08/31 17:54:42.0463 4764 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
    2011/08/31 17:54:42.0583 4764 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    2011/08/31 17:54:42.0693 4764 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    2011/08/31 17:54:42.0813 4764 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    2011/08/31 17:54:42.0923 4764 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    2011/08/31 17:54:43.0033 4764 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
    2011/08/31 17:54:43.0273 4764 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/08/31 17:54:43.0583 4764 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
    2011/08/31 17:54:43.0683 4764 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
    2011/08/31 17:54:43.0773 4764 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    2011/08/31 17:54:43.0873 4764 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
    2011/08/31 17:54:43.0973 4764 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    2011/08/31 17:54:44.0123 4764 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
    2011/08/31 17:54:44.0223 4764 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    2011/08/31 17:54:44.0343 4764 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
    2011/08/31 17:54:44.0443 4764 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
    2011/08/31 17:54:44.0523 4764 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
    2011/08/31 17:54:44.0623 4764 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/08/31 17:54:44.0723 4764 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    2011/08/31 17:54:44.0863 4764 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
    2011/08/31 17:54:45.0843 4764 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/08/31 17:54:46.0213 4764 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
    2011/08/31 17:54:46.0343 4764 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    2011/08/31 17:54:46.0453 4764 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    2011/08/31 17:54:46.0613 4764 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
    2011/08/31 17:54:46.0703 4764 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    2011/08/31 17:54:46.0813 4764 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
    2011/08/31 17:54:46.0893 4764 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
    2011/08/31 17:54:47.0013 4764 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    2011/08/31 17:54:47.0123 4764 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    2011/08/31 17:54:47.0223 4764 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2011/08/31 17:54:47.0313 4764 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    2011/08/31 17:54:47.0413 4764 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    2011/08/31 17:54:47.0513 4764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
    2011/08/31 17:54:47.0633 4764 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    2011/08/31 17:54:47.0753 4764 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
    2011/08/31 17:54:47.0883 4764 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
    2011/08/31 17:54:47.0983 4764 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
    2011/08/31 17:54:48.0113 4764 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
    2011/08/31 17:54:48.0223 4764 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
    2011/08/31 17:54:48.0373 4764 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
    2011/08/31 17:54:48.0483 4764 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
    2011/08/31 17:54:48.0593 4764 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/08/31 17:54:48.0693 4764 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    2011/08/31 17:54:48.0823 4764 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
    2011/08/31 17:54:48.0933 4764 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    2011/08/31 17:54:49.0083 4764 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
    2011/08/31 17:54:49.0173 4764 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    2011/08/31 17:54:49.0283 4764 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    2011/08/31 17:54:49.0393 4764 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
    2011/08/31 17:54:49.0523 4764 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    2011/08/31 17:54:49.0633 4764 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
    2011/08/31 17:54:49.0763 4764 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    2011/08/31 17:54:49.0863 4764 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    2011/08/31 17:54:49.0993 4764 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
    2011/08/31 17:54:50.0103 4764 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    2011/08/31 17:54:50.0213 4764 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/08/31 17:54:50.0353 4764 e.dentifier2 (a0d5450b3d4689dce4cbbc8268141c37) C:\Windows\system32\DRIVERS\aabed2.sys
    2011/08/31 17:54:50.0513 4764 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
    2011/08/31 17:54:50.0753 4764 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
    2011/08/31 17:54:50.0843 4764 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    2011/08/31 17:54:50.0963 4764 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    2011/08/31 17:54:51.0053 4764 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    2011/08/31 17:54:51.0163 4764 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
    2011/08/31 17:54:51.0273 4764 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    2011/08/31 17:54:51.0353 4764 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    2011/08/31 17:54:51.0453 4764 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
    2011/08/31 17:54:51.0553 4764 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    2011/08/31 17:54:51.0673 4764 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    2011/08/31 17:54:51.0783 4764 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
    2011/08/31 17:54:51.0883 4764 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/08/31 17:54:52.0013 4764 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    2011/08/31 17:54:52.0113 4764 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
    2011/08/31 17:54:52.0253 4764 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    2011/08/31 17:54:52.0363 4764 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    2011/08/31 17:54:52.0493 4764 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    2011/08/31 17:54:52.0603 4764 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    2011/08/31 17:54:52.0683 4764 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
    2011/08/31 17:54:52.0783 4764 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
    2011/08/31 17:54:52.0873 4764 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
    2011/08/31 17:54:52.0973 4764 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    2011/08/31 17:54:53.0073 4764 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    2011/08/31 17:54:53.0183 4764 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    2011/08/31 17:54:53.0313 4764 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    2011/08/31 17:54:53.0443 4764 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    2011/08/31 17:54:53.0543 4764 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
    2011/08/31 17:54:53.0653 4764 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    2011/08/31 17:54:53.0943 4764 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
    2011/08/31 17:54:54.0353 4764 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
    2011/08/31 17:54:54.0473 4764 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
    2011/08/31 17:54:54.0633 4764 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
    2011/08/31 17:54:54.0823 4764 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
    2011/08/31 17:54:54.0943 4764 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    2011/08/31 17:54:55.0063 4764 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
    2011/08/31 17:54:55.0193 4764 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/08/31 17:54:55.0243 4764 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    2011/08/31 17:54:55.0363 4764 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    2011/08/31 17:54:55.0453 4764 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    2011/08/31 17:54:55.0543 4764 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    2011/08/31 17:54:55.0583 4764 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    2011/08/31 17:54:55.0703 4764 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    2011/08/31 17:54:55.0793 4764 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    2011/08/31 17:54:55.0843 4764 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    2011/08/31 17:54:55.0943 4764 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    2011/08/31 17:54:56.0033 4764 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    2011/08/31 17:54:56.0163 4764 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/08/31 17:54:56.0283 4764 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
    2011/08/31 17:54:56.0383 4764 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
    2011/08/31 17:54:56.0493 4764 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
    2011/08/31 17:54:56.0593 4764 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/08/31 17:54:56.0713 4764 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    2011/08/31 17:54:56.0823 4764 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
    2011/08/31 17:54:56.0913 4764 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
    2011/08/31 17:54:57.0043 4764 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    2011/08/31 17:54:57.0163 4764 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    2011/08/31 17:54:57.0303 4764 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    2011/08/31 17:54:57.0423 4764 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/08/31 17:54:57.0523 4764 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    2011/08/31 17:54:57.0653 4764 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
    2011/08/31 17:54:57.0703 4764 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    2011/08/31 17:54:57.0813 4764 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
    2011/08/31 17:54:57.0853 4764 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    2011/08/31 17:54:57.0983 4764 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    2011/08/31 17:54:58.0023 4764 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/08/31 17:54:58.0123 4764 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/08/31 17:54:58.0213 4764 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/08/31 17:54:58.0313 4764 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    2011/08/31 17:54:58.0353 4764 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    2011/08/31 17:54:58.0453 4764 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    2011/08/31 17:54:58.0483 4764 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    2011/08/31 17:54:58.0563 4764 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    2011/08/31 17:54:58.0673 4764 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/08/31 17:54:58.0773 4764 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/08/31 17:54:58.0863 4764 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    2011/08/31 17:54:58.0923 4764 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    2011/08/31 17:54:59.0023 4764 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    2011/08/31 17:54:59.0123 4764 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    2011/08/31 17:54:59.0163 4764 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
    2011/08/31 17:54:59.0253 4764 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    2011/08/31 17:54:59.0363 4764 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
    wifi.sys
    2011/08/31 17:54:59.0523 4764 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers
    dis.sys
    2011/08/31 17:54:59.0653 4764 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
    discap.sys
    2011/08/31 17:54:59.0753 4764 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
    distapi.sys
    2011/08/31 17:54:59.0853 4764 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS
    disuio.sys
    2011/08/31 17:54:59.0893 4764 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS
    diswan.sys
    2011/08/31 17:54:59.0993 4764 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    2011/08/31 17:55:00.0053 4764 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
    etbios.sys
    2011/08/31 17:55:00.0143 4764 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS
    etbt.sys
    2011/08/31 17:55:00.0273 4764 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers
    frd960.sys
    2011/08/31 17:55:00.0373 4764 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    2011/08/31 17:55:00.0423 4764 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    2011/08/31 17:55:00.0513 4764 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
    siproxy.sys
    2011/08/31 17:55:00.0613 4764 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    2011/08/31 17:55:00.0753 4764 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    2011/08/31 17:55:00.0853 4764 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers
    vraid.sys
    2011/08/31 17:55:00.0883 4764 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers
    vstor.sys
    2011/08/31 17:55:01.0003 4764 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers
    v_agp.sys
    2011/08/31 17:55:01.0033 4764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    2011/08/31 17:55:01.0173 4764 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
    2011/08/31 17:55:01.0243 4764 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    2011/08/31 17:55:01.0283 4764 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    2011/08/31 17:55:01.0383 4764 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    2011/08/31 17:55:01.0433 4764 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
    2011/08/31 17:55:01.0573 4764 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    2011/08/31 17:55:01.0693 4764 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    2011/08/31 17:55:01.0863 4764 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/08/31 17:55:01.0953 4764 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
    2011/08/31 17:55:02.0068 4764 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    2011/08/31 17:55:02.0153 4764 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
    2011/08/31 17:55:02.0283 4764 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
    2011/08/31 17:55:02.0443 4764 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
    2011/08/31 17:55:02.0503 4764 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    2011/08/31 17:55:02.0523 4764 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/08/31 17:55:02.0613 4764 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2011/08/31 17:55:02.0723 4764 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/08/31 17:55:02.0793 4764 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/08/31 17:55:02.0903 4764 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/08/31 17:55:02.0943 4764 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/08/31 17:55:03.0023 4764 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
    2011/08/31 17:55:03.0083 4764 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/08/31 17:55:03.0123 4764 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    2011/08/31 17:55:03.0153 4764 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    2011/08/31 17:55:03.0233 4764 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    2011/08/31 17:55:03.0283 4764 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    2011/08/31 17:55:03.0403 4764 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    2011/08/31 17:55:03.0463 4764 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
    2011/08/31 17:55:03.0573 4764 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
    2011/08/31 17:55:03.0713 4764 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/08/31 17:55:03.0823 4764 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
    2011/08/31 17:55:03.0943 4764 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    2011/08/31 17:55:04.0063 4764 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    2011/08/31 17:55:04.0213 4764 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
    2011/08/31 17:55:04.0253 4764 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    2011/08/31 17:55:04.0363 4764 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
    2011/08/31 17:55:04.0463 4764 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
    2011/08/31 17:55:04.0523 4764 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
    2011/08/31 17:55:04.0643 4764 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
    2011/08/31 17:55:04.0733 4764 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    2011/08/31 17:55:04.0753 4764 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/08/31 17:55:04.0833 4764 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    2011/08/31 17:55:04.0883 4764 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
    2011/08/31 17:55:04.0993 4764 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
    2011/08/31 17:55:05.0043 4764 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
    2011/08/31 17:55:05.0153 4764 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    2011/08/31 17:55:05.0353 4764 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    2011/08/31 17:55:05.0433 4764 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    2011/08/31 17:55:05.0503 4764 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    2011/08/31 17:55:05.0593 4764 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/08/31 17:55:05.0713 4764 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
    2011/08/31 17:55:05.0763 4764 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    2011/08/31 17:55:05.0923 4764 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
    2011/08/31 17:55:06.0133 4764 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/08/31 17:55:06.0203 4764 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    2011/08/31 17:55:06.0243 4764 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    2011/08/31 17:55:06.0333 4764 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    2011/08/31 17:55:06.0383 4764 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    2011/08/31 17:55:06.0423 4764 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    2011/08/31 17:55:06.0603 4764 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/08/31 17:55:06.0663 4764 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    2011/08/31 17:55:06.0773 4764 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/08/31 17:55:06.0923 4764 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS
    2011/08/31 17:55:07.0033 4764 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
    2011/08/31 17:55:07.0133 4764 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    2011/08/31 17:55:07.0253 4764 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    2011/08/31 17:55:07.0363 4764 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    2011/08/31 17:55:07.0423 4764 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
    2011/08/31 17:55:07.0583 4764 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/08/31 17:55:07.0683 4764 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    2011/08/31 17:55:07.0773 4764 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
    2011/08/31 17:55:07.0883 4764 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/08/31 17:55:07.0973 4764 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    2011/08/31 17:55:08.0063 4764 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/08/31 17:55:08.0123 4764 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/08/31 17:55:08.0173 4764 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
    2011/08/31 17:55:08.0253 4764 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
    2011/08/31 17:55:08.0363 4764 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    2011/08/31 17:55:08.0543 4764 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    2011/08/31 17:55:08.0673 4764 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/08/31 17:55:08.0713 4764 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    2011/08/31 17:55:08.0753 4764 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    2011/08/31 17:55:08.0863 4764 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    2011/08/31 17:55:08.0943 4764 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    2011/08/31 17:55:09.0043 4764 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    2011/08/31 17:55:09.0103 4764 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    2011/08/31 17:55:09.0253 4764 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
    2011/08/31 17:55:09.0403 4764 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    2011/08/31 17:55:09.0443 4764 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    2011/08/31 17:55:09.0543 4764 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
    2011/08/31 17:55:09.0593 4764 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/08/31 17:55:09.0613 4764 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/08/31 17:55:09.0773 4764 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
    2011/08/31 17:55:09.0853 4764 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    2011/08/31 17:55:10.0023 4764 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    2011/08/31 17:55:10.0063 4764 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    2011/08/31 17:55:10.0203 4764 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    2011/08/31 17:55:10.0243 4764 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    2011/08/31 17:55:10.0313 4764 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/08/31 17:55:10.0423 4764 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    2011/08/31 17:55:10.0463 4764 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/08/31 17:55:10.0553 4764 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
    2011/08/31 17:55:10.0603 4764 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    2011/08/31 17:55:10.0633 4764 Boot (0x1200) (11df49247e523bd1a6467a837ba1c29c) \Device\Harddisk0\DR0\Partition0
    2011/08/31 17:55:10.0653 4764 Boot (0x1200) (5c779cb2c8735712f1aaa3f0527e399a) \Device\Harddisk0\DR0\Partition1
    2011/08/31 17:55:10.0653 4764 ================================================================================
    2011/08/31 17:55:10.0653 4764 Scan finished
    2011/08/31 17:55:10.0653 4764 ================================================================================
    2011/08/31 17:55:10.0663 1196 Detected object count: 0
    2011/08/31 17:55:10.0663 1196 Actual detected object count: 0


    aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
    Run date: 2011-08-31 17:58:50
    —————————–
    17:58:50.279 OS Version: Windows x64 6.1.7601 Service Pack 1
    17:58:50.279 Number of processors: 4 586 0x2502
    17:58:50.279 ComputerName: RUTH-VAIO UserName: Ruth
    17:58:51.579 Initialize success
    18:01:02.754 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    18:01:02.764 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
    18:01:02.764 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000062
    18:01:02.764 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0
    18:01:02.764 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000063
    18:01:02.774 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0
    18:01:02.774 Disk 0 MBR read successfully
    18:01:02.774 Disk 0 MBR scan
    18:01:02.784 Disk 0 TDL4@MBR code has been found
    18:01:02.784 Disk 0 Windows 7 default MBR code found via API
    18:01:02.784 Disk 0 MBR hidden
    18:01:02.794 Disk 0 MBR [TDL4] **ROOTKIT**
    18:01:02.794 Disk 0 trace - called modules:
    18:01:02.804 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80063af254]<<
    18:01:02.804 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006397060]
    18:01:02.814 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800433c6e0]
    18:01:02.814 5 ACPI.sys[fffff88000f397a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004341050]
    18:01:02.824 \Driver\iaStor[0xfffffa8004319060] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa80063af254
    18:01:02.824 Scan finished successfully
    18:01:57.891 Disk 0 MBR has been saved successfully to "C:\Users\Ruth\Desktop\MBR.dat"
    18:01:57.911 The log file has been saved successfully to "C:\Users\Ruth\Desktop\aswMBR.txt"


    Terwijl ik de laatste opdracht aan het doen was kreeg ik van Microsoft security Essentials de melding dat er weer een bedreiging was van Alureon
  • Dat MSE jou aangeeft dat Aulureon oftwel TDL4 aanwezig is in jouw Windows is correct!
    Zie ook http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=213620

    [b:51da98d832]Ik denk zelf dat jij TDSSKiller niet juist gebruikt hebt.[/b:51da98d832]
    Download het tool opnieuw naar je buraublad en pak het weer uit.
    Start vervolgens TDSSKiller opnieuw op.
    En NU met administratorrechten!

    Dus middels rechtsklik op TDSSKiller.exe klikkenen dan kiezen voor [b:51da98d832]Als Administrator uitvoeren. [/b:51da98d832]

    Post opnieuw de inhoud van het log.
  • Ik heb TDSSKiller opnieuw gebruikt. Hieronder de log.



    2011/08/31 20:11:37.0832 5252 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
    2011/08/31 20:11:37.0942 5252 ================================================================================
    2011/08/31 20:11:37.0942 5252 SystemInfo:
    2011/08/31 20:11:37.0942 5252
    2011/08/31 20:11:37.0942 5252 OS Version: 6.1.7601 ServicePack: 1.0
    2011/08/31 20:11:37.0942 5252 Product type: Workstation
    2011/08/31 20:11:37.0942 5252 ComputerName: RUTH-VAIO
    2011/08/31 20:11:37.0942 5252 UserName: Ruth
    2011/08/31 20:11:37.0942 5252 Windows directory: C:\Windows
    2011/08/31 20:11:37.0942 5252 System windows directory: C:\Windows
    2011/08/31 20:11:37.0942 5252 Running under WOW64
    2011/08/31 20:11:37.0942 5252 Processor architecture: Intel x64
    2011/08/31 20:11:37.0942 5252 Number of processors: 4
    2011/08/31 20:11:37.0942 5252 Page size: 0x1000
    2011/08/31 20:11:37.0942 5252 Boot type: Normal boot
    2011/08/31 20:11:37.0942 5252 ================================================================================
    2011/08/31 20:11:38.0312 5252 Initialize success
    2011/08/31 20:11:46.0862 4180 ================================================================================
    2011/08/31 20:11:46.0862 4180 Scan started
    2011/08/31 20:11:46.0862 4180 Mode: Manual;
    2011/08/31 20:11:46.0862 4180 ================================================================================
    2011/08/31 20:11:47.0422 4180 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    2011/08/31 20:11:47.0532 4180 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    2011/08/31 20:11:47.0642 4180 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    2011/08/31 20:11:47.0752 4180 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
    2011/08/31 20:11:47.0852 4180 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
    2011/08/31 20:11:47.0942 4180 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
    2011/08/31 20:11:48.0072 4180 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    2011/08/31 20:11:48.0172 4180 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    2011/08/31 20:11:48.0292 4180 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    2011/08/31 20:11:48.0782 4180 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    2011/08/31 20:11:48.0892 4180 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
    2011/08/31 20:11:49.0142 4180 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/08/31 20:11:49.0292 4180 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
    2011/08/31 20:11:49.0402 4180 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
    2011/08/31 20:11:49.0502 4180 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    2011/08/31 20:11:49.0582 4180 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
    2011/08/31 20:11:49.0622 4180 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    2011/08/31 20:11:49.0762 4180 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
    2011/08/31 20:11:49.0892 4180 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    2011/08/31 20:11:50.0032 4180 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
    2011/08/31 20:11:50.0122 4180 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
    2011/08/31 20:11:50.0212 4180 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
    2011/08/31 20:11:50.0302 4180 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/08/31 20:11:50.0402 4180 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    2011/08/31 20:11:50.0542 4180 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
    2011/08/31 20:11:50.0802 4180 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/08/31 20:11:50.0972 4180 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
    2011/08/31 20:11:51.0072 4180 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    2011/08/31 20:11:51.0172 4180 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    2011/08/31 20:11:51.0292 4180 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
    2011/08/31 20:11:51.0392 4180 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    2011/08/31 20:11:51.0502 4180 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
    2011/08/31 20:11:51.0592 4180 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
    2011/08/31 20:11:51.0682 4180 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    2011/08/31 20:11:51.0782 4180 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    2011/08/31 20:11:51.0882 4180 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2011/08/31 20:11:51.0972 4180 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    2011/08/31 20:11:52.0072 4180 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    2011/08/31 20:11:52.0172 4180 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
    2011/08/31 20:11:52.0272 4180 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    2011/08/31 20:11:52.0382 4180 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
    2011/08/31 20:11:52.0542 4180 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
    2011/08/31 20:11:52.0642 4180 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
    2011/08/31 20:11:52.0772 4180 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
    2011/08/31 20:11:52.0882 4180 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
    2011/08/31 20:11:53.0022 4180 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
    2011/08/31 20:11:53.0142 4180 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
    2011/08/31 20:11:53.0252 4180 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/08/31 20:11:53.0352 4180 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    2011/08/31 20:11:53.0482 4180 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
    2011/08/31 20:11:53.0592 4180 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    2011/08/31 20:11:53.0722 4180 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
    2011/08/31 20:11:53.0822 4180 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    2011/08/31 20:11:53.0942 4180 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    2011/08/31 20:11:54.0042 4180 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
    2011/08/31 20:11:54.0152 4180 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    2011/08/31 20:11:54.0252 4180 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
    2011/08/31 20:11:54.0402 4180 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    2011/08/31 20:11:54.0502 4180 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    2011/08/31 20:11:54.0622 4180 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
    2011/08/31 20:11:54.0722 4180 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    2011/08/31 20:11:54.0852 4180 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/08/31 20:11:54.0962 4180 e.dentifier2 (a0d5450b3d4689dce4cbbc8268141c37) C:\Windows\system32\DRIVERS\aabed2.sys
    2011/08/31 20:11:55.0132 4180 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
    2011/08/31 20:11:55.0312 4180 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
    2011/08/31 20:11:55.0402 4180 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    2011/08/31 20:11:55.0552 4180 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    2011/08/31 20:11:55.0652 4180 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    2011/08/31 20:11:55.0742 4180 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
    2011/08/31 20:11:55.0852 4180 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    2011/08/31 20:11:55.0962 4180 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    2011/08/31 20:11:56.0012 4180 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
    2011/08/31 20:11:56.0112 4180 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    2011/08/31 20:11:56.0232 4180 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    2011/08/31 20:11:56.0322 4180 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
    2011/08/31 20:11:56.0442 4180 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/08/31 20:11:56.0562 4180 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    2011/08/31 20:11:56.0672 4180 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
    2011/08/31 20:11:56.0792 4180 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    2011/08/31 20:11:56.0892 4180 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    2011/08/31 20:11:56.0982 4180 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    2011/08/31 20:11:57.0092 4180 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    2011/08/31 20:11:57.0182 4180 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
    2011/08/31 20:11:57.0282 4180 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
    2011/08/31 20:11:57.0382 4180 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
    2011/08/31 20:11:57.0482 4180 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    2011/08/31 20:11:57.0572 4180 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    2011/08/31 20:11:57.0682 4180 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    2011/08/31 20:11:57.0772 4180 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    2011/08/31 20:11:57.0892 4180 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    2011/08/31 20:11:58.0032 4180 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
    2011/08/31 20:11:58.0142 4180 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    2011/08/31 20:11:58.0392 4180 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
    2011/08/31 20:11:58.0622 4180 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
    2011/08/31 20:11:58.0762 4180 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
    2011/08/31 20:11:58.0942 4180 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
    2011/08/31 20:11:59.0082 4180 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
    2011/08/31 20:11:59.0192 4180 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    2011/08/31 20:11:59.0282 4180 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
    2011/08/31 20:11:59.0402 4180 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/08/31 20:11:59.0492 4180 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    2011/08/31 20:11:59.0602 4180 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    2011/08/31 20:11:59.0702 4180 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    2011/08/31 20:11:59.0822 4180 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    2011/08/31 20:11:59.0902 4180 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    2011/08/31 20:11:59.0992 4180 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    2011/08/31 20:12:00.0112 4180 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    2011/08/31 20:12:00.0232 4180 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    2011/08/31 20:12:00.0332 4180 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    2011/08/31 20:12:00.0432 4180 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    2011/08/31 20:12:00.0572 4180 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/08/31 20:12:00.0692 4180 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
    2011/08/31 20:12:00.0802 4180 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
    2011/08/31 20:12:00.0902 4180 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
    2011/08/31 20:12:01.0002 4180 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/08/31 20:12:01.0102 4180 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    2011/08/31 20:12:01.0182 4180 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
    2011/08/31 20:12:01.0282 4180 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
    2011/08/31 20:12:01.0392 4180 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    2011/08/31 20:12:01.0482 4180 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    2011/08/31 20:12:01.0592 4180 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    2011/08/31 20:12:01.0702 4180 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/08/31 20:12:01.0802 4180 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    2011/08/31 20:12:01.0922 4180 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
    2011/08/31 20:12:02.0002 4180 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    2011/08/31 20:12:02.0152 4180 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
    2011/08/31 20:12:02.0242 4180 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    2011/08/31 20:12:02.0352 4180 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    2011/08/31 20:12:02.0452 4180 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/08/31 20:12:02.0562 4180 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/08/31 20:12:02.0662 4180 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/08/31 20:12:02.0752 4180 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    2011/08/31 20:12:02.0832 4180 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    2011/08/31 20:12:02.0962 4180 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    2011/08/31 20:12:03.0092 4180 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    2011/08/31 20:12:03.0172 4180 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    2011/08/31 20:12:03.0292 4180 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/08/31 20:12:03.0422 4180 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/08/31 20:12:03.0522 4180 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    2011/08/31 20:12:03.0622 4180 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    2011/08/31 20:12:03.0742 4180 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    2011/08/31 20:12:03.0832 4180 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    2011/08/31 20:12:03.0922 4180 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
    2011/08/31 20:12:04.0002 4180 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    2011/08/31 20:12:04.0122 4180 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
    wifi.sys
    2011/08/31 20:12:04.0252 4180 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers
    dis.sys
    2011/08/31 20:12:04.0392 4180 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
    discap.sys
    2011/08/31 20:12:04.0482 4180 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
    distapi.sys
    2011/08/31 20:12:04.0862 4180 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS
    disuio.sys
    2011/08/31 20:12:04.0962 4180 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS
    diswan.sys
    2011/08/31 20:12:05.0012 4180 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    2011/08/31 20:12:05.0102 4180 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
    etbios.sys
    2011/08/31 20:12:05.0212 4180 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS
    etbt.sys
    2011/08/31 20:12:05.0362 4180 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers
    frd960.sys
    2011/08/31 20:12:05.0462 4180 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    2011/08/31 20:12:05.0572 4180 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    2011/08/31 20:12:05.0662 4180 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
    siproxy.sys
    2011/08/31 20:12:05.0802 4180 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    2011/08/31 20:12:05.0922 4180 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    2011/08/31 20:12:06.0032 4180 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers
    vraid.sys
    2011/08/31 20:12:06.0122 4180 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers
    vstor.sys
    2011/08/31 20:12:06.0222 4180 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers
    v_agp.sys
    2011/08/31 20:12:06.0302 4180 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    2011/08/31 20:12:06.0422 4180 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
    2011/08/31 20:12:06.0532 4180 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    2011/08/31 20:12:06.0622 4180 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    2011/08/31 20:12:06.0722 4180 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    2011/08/31 20:12:06.0822 4180 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
    2011/08/31 20:12:06.0922 4180 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    2011/08/31 20:12:07.0032 4180 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    2011/08/31 20:12:07.0262 4180 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/08/31 20:12:07.0352 4180 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
    2011/08/31 20:12:07.0492 4180 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    2011/08/31 20:12:07.0582 4180 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
    2011/08/31 20:12:07.0702 4180 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
    2011/08/31 20:12:07.0822 4180 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
    2011/08/31 20:12:07.0912 4180 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    2011/08/31 20:12:08.0002 4180 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/08/31 20:12:08.0112 4180 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2011/08/31 20:12:08.0252 4180 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/08/31 20:12:08.0342 4180 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/08/31 20:12:08.0462 4180 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/08/31 20:12:08.0562 4180 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/08/31 20:12:08.0642 4180 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
    2011/08/31 20:12:08.0752 4180 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/08/31 20:12:08.0852 4180 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    2011/08/31 20:12:08.0942 4180 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    2011/08/31 20:12:09.0042 4180 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    2011/08/31 20:12:09.0142 4180 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    2011/08/31 20:12:09.0262 4180 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    2011/08/31 20:12:09.0342 4180 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
    2011/08/31 20:12:09.0472 4180 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
    2011/08/31 20:12:09.0602 4180 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/08/31 20:12:09.0712 4180 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
    2011/08/31 20:12:09.0822 4180 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    2011/08/31 20:12:09.0932 4180 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    2011/08/31 20:12:10.0042 4180 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
    2011/08/31 20:12:10.0142 4180 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    2011/08/31 20:12:10.0242 4180 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
    2011/08/31 20:12:10.0372 4180 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
    2011/08/31 20:12:10.0452 4180 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
    2011/08/31 20:12:10.0862 4180 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
    2011/08/31 20:12:10.0942 4180 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    2011/08/31 20:12:11.0032 4180 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/08/31 20:12:11.0172 4180 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    2011/08/31 20:12:11.0262 4180 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
    2011/08/31 20:12:11.0392 4180 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
    2011/08/31 20:12:11.0472 4180 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
    2011/08/31 20:12:11.0612 4180 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    2011/08/31 20:12:11.0772 4180 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    2011/08/31 20:12:11.0922 4180 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    2011/08/31 20:12:11.0952 4180 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    2011/08/31 20:12:12.0062 4180 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/08/31 20:12:12.0192 4180 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
    2011/08/31 20:12:12.0222 4180 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    2011/08/31 20:12:12.0392 4180 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
    2011/08/31 20:12:12.0592 4180 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/08/31 20:12:12.0692 4180 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    2011/08/31 20:12:12.0792 4180 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    2011/08/31 20:12:12.0882 4180 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    2011/08/31 20:12:12.0992 4180 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    2011/08/31 20:12:13.0072 4180 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    2011/08/31 20:12:13.0232 4180 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/08/31 20:12:13.0322 4180 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    2011/08/31 20:12:13.0432 4180 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/08/31 20:12:13.0582 4180 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS
    2011/08/31 20:12:13.0722 4180 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
    2011/08/31 20:12:13.0822 4180 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    2011/08/31 20:12:13.0952 4180 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    2011/08/31 20:12:14.0062 4180 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    2011/08/31 20:12:14.0162 4180 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
    2011/08/31 20:12:14.0282 4180 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/08/31 20:12:14.0382 4180 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    2011/08/31 20:12:14.0472 4180 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
    2011/08/31 20:12:14.0582 4180 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/08/31 20:12:14.0672 4180 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    2011/08/31 20:12:14.0762 4180 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/08/31 20:12:14.0862 4180 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/08/31 20:12:14.0962 4180 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
    2011/08/31 20:12:15.0052 4180 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
    2011/08/31 20:12:15.0172 4180 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    2011/08/31 20:12:15.0332 4180 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    2011/08/31 20:12:15.0452 4180 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/08/31 20:12:15.0552 4180 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    2011/08/31 20:12:15.0642 4180 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    2011/08/31 20:12:15.0752 4180 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    2011/08/31 20:12:15.0822 4180 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    2011/08/31 20:12:15.0932 4180 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    2011/08/31 20:12:16.0022 4180 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    2011/08/31 20:12:16.0122 4180 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
    2011/08/31 20:12:16.0242 4180 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    2011/08/31 20:12:16.0332 4180 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    2011/08/31 20:12:16.0432 4180 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
    2011/08/31 20:12:16.0542 4180 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/08/31 20:12:16.0562 4180 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/08/31 20:12:16.0692 4180 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
    2011/08/31 20:12:16.0802 4180 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    2011/08/31 20:12:16.0972 4180 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    2011/08/31 20:12:17.0062 4180 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    2011/08/31 20:12:17.0232 4180 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    2011/08/31 20:12:17.0322 4180 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    2011/08/31 20:12:17.0472 4180 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/08/31 20:12:17.0612 4180 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    2011/08/31 20:12:17.0722 4180 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/08/31 20:12:17.0882 4180 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
    2011/08/31 20:12:17.0932 4180 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    2011/08/31 20:12:17.0952 4180 Boot (0x1200) (11df49247e523bd1a6467a837ba1c29c) \Device\Harddisk0\DR0\Partition0
    2011/08/31 20:12:18.0022 4180 Boot (0x1200) (5c779cb2c8735712f1aaa3f0527e399a) \Device\Harddisk0\DR0\Partition1
    2011/08/31 20:12:18.0022 4180 ================================================================================
    2011/08/31 20:12:18.0022 4180 Scan finished
    2011/08/31 20:12:18.0022 4180 ================================================================================
    2011/08/31 20:12:18.0042 5476 Detected object count: 0
    2011/08/31 20:12:18.0042 5476 Actual detected object count: 0
  • Vertel eens, is jouw Computer met Windows 7 gekomen of heb jijzelf Windows 7 in deze computer geïnstalleerd?
  • Windows 7 zat al op de computer toen ik hem kocht.
  • Dan hebben we op dit moment een echt probleem!

    De TDL-4 Aulureon rootkit is momenteel de meest intelligente malware die is uitgebracht.

    En in jouw Windows schijnt mij de allernieuwste versie te zitten.

    En ik kan jouw de MBR niet laten repareren, want dan werkt daarna de recovery-installatie van Windows 7 niet meer!


    Doe eens dit:
    [b:d30e15d581]Download LopSD of LOPSD naar je Bureaublad.[/b:d30e15d581]
    [list:d30e15d581][*:d30e15d581] [b:d30e15d581]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:d30e15d581]
    [list:d30e15d581][*:d30e15d581][b:d30e15d581]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"![/list:u:d30e15d581]
    [*:d30e15d581] Kies Optie N en Enter
    [*:d30e15d581] Klik OK bij het informatie venter
    [*:d30e15d581] Kies Optie 2 en Enter
    [*:d30e15d581] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:d30e15d581][/list:u:d30e15d581]
  • Dat klinkt niet best.

    Aan het eind van dat programmaatje krijg ik geen log maar de melding dat het programma mogelijk niet correct geinstalleerd is. Moet ik kiezen voor opnieuw installeren met aanbevolen instellingen of Dit programma is correct geinstalleerd?
  • Je gebruikt Windows 7 x64.

    Hoe installeer jij?

    Je dient dat namelijk met administratorrechten te doen, zoals ik al eerder dit vermelde.

    Dus: [b:826a452eca]middels rechtsklik op het installatiebestand klikken en dan kiezen voor Als Administrator uitvoeren[/color:826a452eca]/[/b:826a452eca]
  • Ja, dat doe ik ook.
  • Welnu probeer het dan nogmaals met LopSD
  • Ik heb het ook met LopSD geprobeerd, maar aan het eind krijg ik weer die melding van Assistent voor programmacompatibiliteit. Zou ik daar dan misschien Opnieuw installeren met aanbevolen instellingen kunnen kiezen?
  • Oké - [b:84a8be8d48]download CKScanner by askey 127 en sla het op je bureaublad op[/b:84a8be8d48].
    Vista en Win 7 gebruikers gebruiken dit tool via rechtsklik en kiezen voor Als Administrator uitvoeren.
    • Klik/dubbelklik op [b:84a8be8d48]CKScanner by askey 127[/b:84a8be8d48] om het tool te starten en klik op Search for Files.
    • Na een korte tijd, wanneer de zandloper verdwijnt, klik dan op Save List To File
    • Een berichtvenster zal bevestigen dat het dokument is opgelagen.
    • Klik/dubbelklik op de CKFiles.txt snelkoppeling op je bureaublad en kopiëer en plak de inhoud in je volgende post.
  • CKScanner - Additional Security Risks - These are not necessarily bad
    scanner sequence 3.RP.11.RUNABV
    —– EOF —–
  • Ik ben benieuwd:

    [b:055eabe324]Stap •1•[/b:055eabe324][/color:055eabe324]
    [b:055eabe324]Welk programma[/b:055eabe324]: Trend Micro [b:055eabe324]Hijack This Versie 2.0.4[/b:055eabe324]
    [b:055eabe324]Waarvoor/waarom[/b:055eabe324]: maakt een duidelijk overzicht van Windows door middel van een scan.
    [b:055eabe324]Moeilijkheidsgraad[/b:055eabe324]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven.

    [b:055eabe324]Download[/b:055eabe324] de [b:055eabe324]HijackThis Installer[/b:055eabe324]

    [b:055eabe324]Installatie[/b:055eabe324]:
    [list:055eabe324][*:055eabe324]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:055eabe324]
    Gebruikers van [b:055eabe324]Windows Vista[/b:055eabe324] en [b:055eabe324]Windows 7[/b:055eabe324] gaan daarna naar de installatielokatie van HijackThis.
    [list:055eabe324][*:055eabe324]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen.
    [*:055eabe324]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren".
    [*:055eabe324]Als laatste wordt dan nog op [b:055eabe324]Toepassen[/b:055eabe324] en [b:055eabe324]OK[/b:055eabe324] geklikt[/list:u:055eabe324]

    [b:055eabe324]Hijack This gebruiken[/b:055eabe324]:
    [list:055eabe324][*:055eabe324]Sluit eerst alle openstaande programma's en de webbrowsers.
    [*:055eabe324]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile'
    [list:055eabe324][*:055eabe324]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:055eabe324]
    [*:055eabe324]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'.
    [*:055eabe324]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht.
    [*:055eabe324]Hierna mag je Hijack This weer sluiten[/list:u:055eabe324]
    [b:055eabe324]Stap •2•[/b:055eabe324][/color:055eabe324]
    [b:055eabe324]Welk programma[/b:055eabe324]: Microsoft Safety Scanner
    [b:055eabe324]Waarvoor/waarom[/b:055eabe324]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:055eabe324]Moeilijkheidsgraad[/b:055eabe324]: geen.
    [quote:055eabe324]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload.
    Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software,
    downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/quote:055eabe324]
    Dowload de [b:055eabe324]Microsoft Safety Scanner [/b:055eabe324]hier.

    Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
    Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst".

    [b:055eabe324]Scannen[/b:055eabe324]:
    [list:055eabe324][*:055eabe324] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'.
    [*:055eabe324]Het scannen duurt wel even, dus wees geduldig.[/list:u:055eabe324]

    [b:055eabe324]Stap •3•[/b:055eabe324][/color:055eabe324]
    [b:055eabe324]Welk programma[/b:055eabe324]: Malwarebytes MBAM
    [b:055eabe324]Waarvoor/waarom[/b:055eabe324]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:055eabe324]Moeilijkheidsgraad[/b:055eabe324]: geen.

    [b:055eabe324]Download Malwarebytes MBAM via één van deze locaties[/b:055eabe324]:
    [list:055eabe324][*:055eabe324][b:055eabe324]Download.com[/b:055eabe324]
    [*:055eabe324][b:055eabe324]Softpedia.com[/b:055eabe324][*:055eabe324][b:055eabe324]Majorgeeks.com[/b:055eabe324][/list:u:055eabe324]
    [b:055eabe324]Allereerst[/b:055eabe324]:[list:055eabe324][*:055eabe324] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:055eabe324] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
    [/list:u:055eabe324]
    [b:055eabe324]Malwarebytes MBAM opstarten[/b:055eabe324]:
    Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
    [list:055eabe324][*:055eabe324][b:055eabe324]Let op:[/b:055eabe324]
    [list:055eabe324][*:055eabe324]Malwarebytes verstrekt nu de volledige versie van MBAM.
    [*:055eabe324]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
    [*:055eabe324]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
    [*:055eabe324]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:055eabe324][/list:u:055eabe324]
    [img:055eabe324]http://img30.imageshack.us/img30/3928/mbam2.png[/img:055eabe324]

    [list:055eabe324][*:055eabe324][b:055eabe324]Doe ook nog het volgende:[/b:055eabe324]
    [list:055eabe324][*:055eabe324]Zodra het programma gestart is, ga dan naar het tabblad "[b:055eabe324]Instellingen[/b:055eabe324]".
    [*:055eabe324]Vink hier aan: "[b:055eabe324]Sluit Internet Explorer tijdens verwijdering van malware[/b:055eabe324]".[/list:u:055eabe324][/list:u:055eabe324]

    [b:055eabe324]Scannen[/b:055eabe324]:
    [list:055eabe324][*:055eabe324] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:055eabe324]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:055eabe324]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:055eabe324]
    [b:055eabe324]Infecties gevonden[/b:055eabe324]:
    [list:055eabe324][*:055eabe324]Klik nu eerst op OK om de melding weg te klikken
    [*:055eabe324]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:055eabe324]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:055eabe324]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:055eabe324]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:055eabe324]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:055eabe324]
    [b:055eabe324]MBAM-Log[/b:055eabe324]:
    [list:055eabe324][*:055eabe324] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:055eabe324]
    [b:055eabe324]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:055eabe324]


    [b:055eabe324]Stap •4•[/b:055eabe324][/color:055eabe324]
    [b:055eabe324]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:055eabe324]
    [list:055eabe324][*:055eabe324] een nieuw Hijackthis-log
    [*:055eabe324] MBAM scanlog[/list:u:055eabe324]
    Tevens een Uninstall-lijst posten:
    [list:055eabe324][*:055eabe324] start HijackThis,
    [*:055eabe324] klik op de knop Open the Misc Tools section,
    [*:055eabe324] klik op de knop Open Uninstall Manager,
    [*:055eabe324] Klik op de knop Save.[/list:u:055eabe324]
  • Ik wilde de Hijack This gebruiken maar vond iets heel raars.
    Op mijn andere computer waarvan ik jouw bericht steeds lees als ik het op de virus-computer doe, staat in jouw bericht dat ik de logfile moet kopieëren in die DDRMMR's kleurcode. Nu kijk ik naar hetzelfde bericht van jou op de virus-computer en daar zijn de regels over DDRMMR's kleurcode weggelaten.
    Heeft dit iets met dat virus te maken of is dat omdat ik iets doms doe?
  • (Ik heb de site vanaf mijn oude computer even overgetypt zodat ik het wel in kleur kon doen) Hieronder dus vast het 1e log [hjt] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:48:09, on 31-8-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal [b:c15ca7b9ed]Running processes:[/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\google\googletoolbarnotifier\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbarnotifier.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\skype\phone\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skype.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) rapid storage technology\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]iastoricon.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\isb utility\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]isbmgr.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\pmb\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]pmbvolumewatcher.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\marketing tools\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]marketingtools.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]bluetoothheadsetproxy.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files\sony\vaio care\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]listener.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\trend micro\hijackthis\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]hijackthis.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbaruser_32.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],default_page_url = [u:c15ca7b9ed][noparse]http://nl.msn.com/?ocid=oie9hp[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],search page = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],start page = [u:c15ca7b9ed][noparse]http://www.google.nl/[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],default_page_url = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],default_search_url = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],search page = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],start page = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\search[/color:c15ca7b9ed],searchassistant = [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\search[/color:c15ca7b9ed],customizesearch = [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],local page = [color=teal:c15ca7b9ed]c:\windows\syswow64\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]blank.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],window title = windows internet explorer wordt aangeboden door msn and bing [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\toolbar[/color:c15ca7b9ed],linksfoldername = [color=silver:c15ca7b9ed]f2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]reg[/color:c15ca7b9ed]:system.ini: userinit=userinit.exe [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: acroiehelperstub - [color=orange:c15ca7b9ed]{18df081c-e8ad-4283-a596-fa578c2ebdc3}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\adobe\acrobat\activex\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]acroiehelpershim.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: (no name) - [color=orange:c15ca7b9ed]{5c255c8a-e604-49b4-9d64-90988571cecb}[/color:c15ca7b9ed] - (no file) [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: groove gfs browser helper - [color=orange:c15ca7b9ed]{72853161-30c5-4d22-b7f9-0bbc1d38a37e}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]grooveex.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: windows live aanmelden - help - [color=orange:c15ca7b9ed]{9030d464-4c02-4abf-8ecc-5164760863c6}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\microsoft shared\windows live\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]windowslivelogin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: google toolbar helper - [color=orange:c15ca7b9ed]{aa58ed58-01dd-4d91-8333-cf10577473f7}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbar_32.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: skypeiepluginbho - [color=orange:c15ca7b9ed]{ae805869-2e5c-4ed4-8f7b-f1f7851a4497}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: urlredirectionbho - [color=orange:c15ca7b9ed]{b4f3a835-0e21-4959-ba22-42b3008e02ff}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]urlredir.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: java(tm) plug-in 2 ssv helper - [color=orange:c15ca7b9ed]{dbc80044-a445-435b-bc74-9c25c1c588a9}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\java\jre6\bin\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]jp2ssv.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o3 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]toolbar[/color:c15ca7b9ed]: google toolbar - [color=orange:c15ca7b9ed]{2318c2b1-4965-11d4-9b18-009027a5cd4f}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbar_32.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][iastoricon][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) rapid storage technology\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]iastoricon.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][isbmgr.exe][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\isb utility\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]isbmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][pmbvolumewatcher][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\pmb\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]pmbvolumewatcher.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][marketingtools][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\marketing tools\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]marketingtools.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][swg][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\google\googletoolbarnotifier\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbarnotifier.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][skype][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\skype\phone\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skype.exe[/color:c15ca7b9ed] /nosplash /minimized [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]global startup[/color:c15ca7b9ed]: bluetooth.lnk = ? [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: &verzenden naar onenote - res://[color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnie.dll[/color:c15ca7b9ed]/105 [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: afbeelding verzenden naar &bluetooth-apparaat... - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie_ctx.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: e&xporteren naar microsoft excel - res://[color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]excel.exe[/color:c15ca7b9ed]/3000 [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: google sidewiki... - res://[color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\component\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbardynamic_mui_en_7461b1589e8b4fb7.dll[/color:c15ca7b9ed]/cmsidewiki.html [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: pagina verzenden naar &bluetooth-apparaat... - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: in weblog opnemen - [color=orange:c15ca7b9ed]{219c3416-8cb2-491a-a3c7-d9fcddc9d600}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\windows live\writer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]writerbrowserextension.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: &in weblog opnemen met windows live writer - [color=orange:c15ca7b9ed]{219c3416-8cb2-491a-a3c7-d9fcddc9d600}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\windows live\writer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]writerbrowserextension.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: verzenden naar onenote - [color=orange:c15ca7b9ed]{2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnie.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: &verzenden naar onenote - [color=orange:c15ca7b9ed]{2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnie.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: &gekoppelde notities van onenote - [color=orange:c15ca7b9ed]{789fe86f-6fc4-46a1-9849-ede0db0c95ca}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnielinkednotes.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: &gekoppelde notities van onenote - [color=orange:c15ca7b9ed]{789fe86f-6fc4-46a1-9849-ede0db0c95ca}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnielinkednotes.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: skype plug-in - [color=orange:c15ca7b9ed]{898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: skype plug-in - [color=orange:c15ca7b9ed]{898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: send to bluetooth - [color=orange:c15ca7b9ed]{cca281ca-c863-46ef-9331-5c8d4460577f}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: send to &bluetooth device... - [color=orange:c15ca7b9ed]{cca281ca-c863-46ef-9331-5c8d4460577f}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: add to evernote - [color=orange:c15ca7b9ed]{e0b8c461-f8fb-49b4-8373-fe32e92528a6}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\evernote\evernote3.5\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]enbar.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: add to evernote - [color=orange:c15ca7b9ed]{e0b8c461-f8fb-49b4-8373-fe32e92528a6}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\evernote\evernote3.5\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]enbar.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o11 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]options group[/color:c15ca7b9ed]: [b:c15ca7b9ed][accelerated_graphics][/b:c15ca7b9ed] accelerated graphics [color=silver:c15ca7b9ed]o16 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]dpf[/color:c15ca7b9ed]: [color=orange:c15ca7b9ed]{1fec8b6f-250a-4293-b12c-67a7ef0b758a}[/color:c15ca7b9ed] (sikn speler) - [u:c15ca7b9ed][noparse]http://www.kerkomroep.nl/ocx/siknplayer.cab[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]o18 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]protocol[/color:c15ca7b9ed]: skype-ie-addon-data - [color=orange:c15ca7b9ed]{91774881-d725-4e58-b298-07617b9b86a8}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o18 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]protocol[/color:c15ca7b9ed]: skype4com - [color=orange:c15ca7b9ed]{ffc8b962-9b40-4dff-9458-1830c7dd7f5d}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\progra~2\common~1\skype\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skype4~1.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o18 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]filter hijack[/color:c15ca7b9ed]: text/xml - [color=orange:c15ca7b9ed]{807573e5-5146-11d5-a672-00b0d022e945}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\microsoft shared\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]msoxmlmf.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: arcsoft connect daemon (acdaemon) - arcsoft inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\arcsoft\connection service\bin\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]acservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]alg.exe[/color:c15ca7b9ed],-112 (alg) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]alg.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: amd external events utility - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]atiesrxx.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: bluetooth service (btwdins) - broadcom corporation. - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btwdins.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: canon camera access library 8 (ccalib8) - canon inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\canon\cal\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]calmain.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]efssvc.dll[/color:c15ca7b9ed],-100 (efs) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]fxsresm.dll[/color:c15ca7b9ed],-118 (fax) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]fxssvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: google updateservice (gupdate) (gupdate) - google inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\google\update\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googleupdate.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: google update-service (gupdatem) (gupdatem) - google inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\google\update\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googleupdate.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: google software updater (gusvc) - google - [color=teal:c15ca7b9ed]c:\program files (x86)\google\common\google updater\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googleupdaterservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: intel(r) rapid storage technology (iastordatamgrsvc) - intel corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) rapid storage technology\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]iastordatamgrsvc.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @keyiso.dll,-100 (keyiso) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: intel(r) management and security application local management service (lms) - intel corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) management engine components\lms\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lms.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @comres.dll,-2797 (msdtc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]msdtc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]netlogon.dll[/color:c15ca7b9ed],-102 (netlogon) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: pmbdeviceinfoprovider - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\sony\pmb\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]pmbdeviceinfoprovider.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]psbase.dll[/color:c15ca7b9ed],-300 (protectedstorage) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: roxio upnp renderer 10 - sonic solutions - [color=teal:c15ca7b9ed]c:\program files (x86)\roxio\digital home 10\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]roxioupnprenderer10.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: roxio upnp server 10 - sonic solutions - [color=teal:c15ca7b9ed]c:\program files (x86)\roxio\digital home 10\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]roxioupnpservice10.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]locator.exe[/color:c15ca7b9ed],-2 (rpclocator) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]locator.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio care performance service (samplecollector) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio care\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcperfservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]samsrv.dll[/color:c15ca7b9ed],-1 (samss) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]snmptrap.exe[/color:c15ca7b9ed],-3 (snmptrap) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]snmptrap.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio media plus content importer (sohcimp) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\sohlib\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sohcimp.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio media plus digital media server (sohdms) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\sohlib\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sohdms.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio media plus device searcher (sohds) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\sohlib\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sohds.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio entertainment common service (spfservice) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\common files\sony shared\vaio entertainment platform\spf\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spfservice64.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spoolsv.exe[/color:c15ca7b9ed],-1 (spooler) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spoolsv.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sppsvc.exe[/color:c15ca7b9ed],-101 (sppsvc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sppsvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: cammonitor (ucammonitor) - arcsoft, inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\arcsoft\magic-i visual effects 2\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]ucammonitor.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]ui0detect.exe[/color:c15ca7b9ed],-101 (ui0detect) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]ui0detect.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: intel(r) management & security application user notification service (uns) - intel corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) management engine components\uns\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]uns.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio entertainment tv device arbitration service - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\vaio entertainment platform\vzhardwareresourcemanager\vzhardwareresourcemanager\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vzhardwareresourcemanager.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio event service - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\sony\vaio event service\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vesmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio power management - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio power management\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spmservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vaultsvc.dll[/color:c15ca7b9ed],-1003 (vaultsvc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content folder watcher (vcfw) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\vaio content folder watcher\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcfw.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content metadata intelligent analyzing manager (vcmialzmgr) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vcm intelligent analyzing manager\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcmialzmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content metadata intelligent network service manager (vcminsmgr) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vcm intelligent network service manager\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcminsmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content metadata xml interface (vcmxmlifhelper) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\common files\sony shared\vcmxml\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcmxmlifhelper64.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vcservice - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio care\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vds.exe[/color:c15ca7b9ed],-100 (vds) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vds.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vsnservice - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio smart network\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vsnservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vssvc.exe[/color:c15ca7b9ed],-102 (vss) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vssvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vuagent - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio update 5\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vuagent.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\wat\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]watux.exe[/color:c15ca7b9ed],-601 (watadminsvc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\wat\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]watadminsvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wbengine.exe[/color:c15ca7b9ed],-104 (wbengine) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wbengine.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\wbem\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmiapsrv.exe[/color:c15ca7b9ed],-110 (wmiapsrv) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\wbem\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmiapsrv.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%programfiles%\windows media player\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmpnetwk.exe[/color:c15ca7b9ed],-101 (wmpnetworksvc) - unknown owner - [color=teal:c15ca7b9ed]c:\program files (x86)\windows media player\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmpnetwk.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] -- end of file - 13846 bytes [/hjt]
  • Dat van die kleurcodeerder - die gebruik ik standaard op het NCF, maar elders dus niet.

    Maar door een foutje in mijn nieuwste script heb jij die dus al een keer wel gehad.

    Maar het is niet de bedoeling die kleurcodeerder hier te gebruiken.
    Ook omdat de forum software hier er anders mee omgaat.

    En nu ook nog het MBAM-log posten - ook al vindt MBAM mogelijk niks.
  • De computer is nu nog met Microsoft Safety Scanner aan het scannen. Zodra alles klaar is zal het Mbam log posten.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.