Vraag & Antwoord

Beveiliging & privacy

Virus Alureon weg? maar mappen blijven onzichtbaar etc.

101 antwoorden
  • Hoi, de snelle scan van MBAM is doorgaans meer dan voldoende! [b:63f3d57486]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:63f3d57486] [color=#0000BF:63f3d57486][list:63f3d57486][*:63f3d57486]Lees alle instrukties goed door. [*:63f3d57486]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:63f3d57486]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:63f3d57486]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:63f3d57486]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:63f3d57486]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:63f3d57486][/color:63f3d57486] [color=#FF0000:63f3d57486][b:63f3d57486]Stap •1•[/b:63f3d57486][/color:63f3d57486] [[b:63f3d57486]Welk programma[/b:63f3d57486]: Kaspersky [b:63f3d57486]TDSSKiller[/b:63f3d57486] [b:63f3d57486]Waarvoor/waarom[/b:63f3d57486]: Rootkitscanner [b:63f3d57486]Moeilijkheidsgraad[/b:63f3d57486]: geen [b:63f3d57486]Downloadlokatie[/b:63f3d57486]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:63f3d57486]Download[/b:63f3d57486] [b:63f3d57486]TDSSKiller[/b:63f3d57486] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:63f3d57486]hier[/b:63f3d57486][/url]. [b:63f3d57486]Installatie[/b:63f3d57486]: [list:63f3d57486][*:63f3d57486] pak het bestand uit op je bureaublad.[/list:u:63f3d57486] [b:63f3d57486]TDSSKiller gebruiken[/b:63f3d57486]: [list:63f3d57486][*:63f3d57486]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:63f3d57486]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:63f3d57486]Als Administrator uitvoeren[/b:63f3d57486]. [*:63f3d57486]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:63f3d57486] [img:63f3d57486]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:63f3d57486] [list:63f3d57486][*:63f3d57486]Klik vervolgens op de knop [b:63f3d57486]"Start Scan"[/b:63f3d57486] en volg de instructies. [*:63f3d57486] Nadat de scan klaar is klik je op de knop [b:63f3d57486]"Report"[/b:63f3d57486]. [*:63f3d57486]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:63f3d57486][*:63f3d57486][b:63f3d57486]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:63f3d57486] [*:63f3d57486]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:63f3d57486]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:63f3d57486][/list:u:63f3d57486][/list:u:63f3d57486] [color=#FF0000:63f3d57486][b:63f3d57486]Stap •2•[/b:63f3d57486][/color:63f3d57486] [b:63f3d57486]Welk programma[/b:63f3d57486]: "aswMBR.exe' [b:63f3d57486]Waarvoor/waarom[/b:63f3d57486]: MBR-Rootkitscanner [b:63f3d57486]Moeilijkheidsgraad[/b:63f3d57486]: geen [b:63f3d57486]Downloadlokatie[/b:63f3d57486]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:63f3d57486]Download[/b:63f3d57486] [b:63f3d57486]aswMBR.exe[/b:63f3d57486] [url=http://public.avast.com/~gmerek/aswMBR.exe][b:63f3d57486]hier[/b:63f3d57486][/url]. [b:63f3d57486]aswMBR.exe gebruiken[/b:63f3d57486]: [list:63f3d57486][*:63f3d57486]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe". [*:63f3d57486]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:63f3d57486]Als Administrator uitvoeren[/b:63f3d57486].[/list:u:63f3d57486] [img:63f3d57486]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:63f3d57486] [list:63f3d57486][*:63f3d57486] Klik nu in het zwarte scherm op de knop [b:63f3d57486]Scan[/b:63f3d57486] [*:63f3d57486] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:63f3d57486]Save log[/b:63f3d57486][/list:u:63f3d57486] [img:63f3d57486]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:63f3d57486] [list:63f3d57486][*:63f3d57486] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen. [*:63f3d57486] Tevens vindt je nu op het bureaublad ook het bestand [b:63f3d57486]MBR.dat[/b:63f3d57486]! [*:63f3d57486] [b:63f3d57486]MBR.dat[/b:63f3d57486] is een backupbestand, bewaar dat dus voorlopig. [*:63f3d57486] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:63f3d57486]aswMBR.txt[/b:63f3d57486] [*:63f3d57486] Post de inhoud van [b:63f3d57486]aswMBR.txt[/b:63f3d57486] in jouw volgende bericht.[/list:u:63f3d57486] [color=#FF0000:63f3d57486][b:63f3d57486]Stap •3•[/b:63f3d57486][/color:63f3d57486] [b:63f3d57486]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:63f3d57486] [list:63f3d57486][*:63f3d57486] TDSSKiller-log [*:63f3d57486] aswMBR.txt-log [/list:u:63f3d57486]
  • Bedankt voor de sneller reactie! Hierbij de logs: 2011/08/31 17:54:10.0458 5000 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/08/31 17:54:10.0604 5000 ================================================================================ 2011/08/31 17:54:10.0604 5000 SystemInfo: 2011/08/31 17:54:10.0604 5000 2011/08/31 17:54:10.0604 5000 OS Version: 6.1.7601 ServicePack: 1.0 2011/08/31 17:54:10.0604 5000 Product type: Workstation 2011/08/31 17:54:10.0605 5000 ComputerName: RUTH-VAIO 2011/08/31 17:54:10.0605 5000 UserName: Ruth 2011/08/31 17:54:10.0605 5000 Windows directory: C:\Windows 2011/08/31 17:54:10.0605 5000 System windows directory: C:\Windows 2011/08/31 17:54:10.0605 5000 Running under WOW64 2011/08/31 17:54:10.0605 5000 Processor architecture: Intel x64 2011/08/31 17:54:10.0605 5000 Number of processors: 4 2011/08/31 17:54:10.0605 5000 Page size: 0x1000 2011/08/31 17:54:10.0605 5000 Boot type: Normal boot 2011/08/31 17:54:10.0605 5000 ================================================================================ 2011/08/31 17:54:11.0137 5000 Initialize success 2011/08/31 17:54:32.0833 4764 ================================================================================ 2011/08/31 17:54:32.0833 4764 Scan started 2011/08/31 17:54:32.0833 4764 Mode: Manual; 2011/08/31 17:54:32.0833 4764 ================================================================================ 2011/08/31 17:54:41.0913 4764 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 2011/08/31 17:54:42.0023 4764 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 2011/08/31 17:54:42.0123 4764 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 2011/08/31 17:54:42.0223 4764 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 2011/08/31 17:54:42.0343 4764 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 2011/08/31 17:54:42.0463 4764 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 2011/08/31 17:54:42.0583 4764 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 2011/08/31 17:54:42.0693 4764 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 2011/08/31 17:54:42.0813 4764 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 2011/08/31 17:54:42.0923 4764 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 2011/08/31 17:54:43.0033 4764 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 2011/08/31 17:54:43.0273 4764 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/31 17:54:43.0583 4764 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/08/31 17:54:43.0683 4764 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 2011/08/31 17:54:43.0773 4764 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 2011/08/31 17:54:43.0873 4764 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 2011/08/31 17:54:43.0973 4764 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 2011/08/31 17:54:44.0123 4764 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys 2011/08/31 17:54:44.0223 4764 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 2011/08/31 17:54:44.0343 4764 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 2011/08/31 17:54:44.0443 4764 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 2011/08/31 17:54:44.0523 4764 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 2011/08/31 17:54:44.0623 4764 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/31 17:54:44.0723 4764 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 2011/08/31 17:54:44.0863 4764 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 2011/08/31 17:54:45.0843 4764 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/31 17:54:46.0213 4764 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 2011/08/31 17:54:46.0343 4764 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/08/31 17:54:46.0453 4764 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/08/31 17:54:46.0613 4764 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 2011/08/31 17:54:46.0703 4764 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/31 17:54:46.0813 4764 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 2011/08/31 17:54:46.0893 4764 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 2011/08/31 17:54:47.0013 4764 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/08/31 17:54:47.0123 4764 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/08/31 17:54:47.0223 4764 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/08/31 17:54:47.0313 4764 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/08/31 17:54:47.0413 4764 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 2011/08/31 17:54:47.0513 4764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 2011/08/31 17:54:47.0633 4764 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 2011/08/31 17:54:47.0753 4764 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 2011/08/31 17:54:47.0883 4764 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 2011/08/31 17:54:47.0983 4764 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 2011/08/31 17:54:48.0113 4764 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 2011/08/31 17:54:48.0223 4764 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys 2011/08/31 17:54:48.0373 4764 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 2011/08/31 17:54:48.0483 4764 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/08/31 17:54:48.0593 4764 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/31 17:54:48.0693 4764 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 2011/08/31 17:54:48.0823 4764 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 2011/08/31 17:54:48.0933 4764 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/08/31 17:54:49.0083 4764 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 2011/08/31 17:54:49.0173 4764 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 2011/08/31 17:54:49.0283 4764 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 2011/08/31 17:54:49.0393 4764 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 2011/08/31 17:54:49.0523 4764 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 2011/08/31 17:54:49.0633 4764 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 2011/08/31 17:54:49.0763 4764 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 2011/08/31 17:54:49.0863 4764 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/08/31 17:54:49.0993 4764 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 2011/08/31 17:54:50.0103 4764 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/08/31 17:54:50.0213 4764 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/31 17:54:50.0353 4764 e.dentifier2 (a0d5450b3d4689dce4cbbc8268141c37) C:\Windows\system32\DRIVERS\aabed2.sys 2011/08/31 17:54:50.0513 4764 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 2011/08/31 17:54:50.0753 4764 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 2011/08/31 17:54:50.0843 4764 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 2011/08/31 17:54:50.0963 4764 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/08/31 17:54:51.0053 4764 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/08/31 17:54:51.0163 4764 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 2011/08/31 17:54:51.0273 4764 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/08/31 17:54:51.0353 4764 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/08/31 17:54:51.0453 4764 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 2011/08/31 17:54:51.0553 4764 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 2011/08/31 17:54:51.0673 4764 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/08/31 17:54:51.0783 4764 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys 2011/08/31 17:54:51.0883 4764 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/31 17:54:52.0013 4764 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/08/31 17:54:52.0113 4764 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 2011/08/31 17:54:52.0253 4764 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/08/31 17:54:52.0363 4764 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 2011/08/31 17:54:52.0493 4764 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 2011/08/31 17:54:52.0603 4764 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 2011/08/31 17:54:52.0683 4764 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 2011/08/31 17:54:52.0783 4764 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 2011/08/31 17:54:52.0873 4764 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 2011/08/31 17:54:52.0973 4764 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 2011/08/31 17:54:53.0073 4764 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 2011/08/31 17:54:53.0183 4764 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 2011/08/31 17:54:53.0313 4764 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 2011/08/31 17:54:53.0443 4764 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 2011/08/31 17:54:53.0543 4764 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys 2011/08/31 17:54:53.0653 4764 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 2011/08/31 17:54:53.0943 4764 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/08/31 17:54:54.0353 4764 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 2011/08/31 17:54:54.0473 4764 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys 2011/08/31 17:54:54.0633 4764 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys 2011/08/31 17:54:54.0823 4764 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys 2011/08/31 17:54:54.0943 4764 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 2011/08/31 17:54:55.0063 4764 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 2011/08/31 17:54:55.0193 4764 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/31 17:54:55.0243 4764 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 2011/08/31 17:54:55.0363 4764 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/08/31 17:54:55.0453 4764 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/08/31 17:54:55.0543 4764 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 2011/08/31 17:54:55.0583 4764 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 2011/08/31 17:54:55.0703 4764 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 2011/08/31 17:54:55.0793 4764 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 2011/08/31 17:54:55.0843 4764 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/31 17:54:55.0943 4764 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 2011/08/31 17:54:56.0033 4764 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/08/31 17:54:56.0163 4764 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/31 17:54:56.0283 4764 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 2011/08/31 17:54:56.0383 4764 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 2011/08/31 17:54:56.0493 4764 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 2011/08/31 17:54:56.0593 4764 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 2011/08/31 17:54:56.0713 4764 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/08/31 17:54:56.0823 4764 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 2011/08/31 17:54:56.0913 4764 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 2011/08/31 17:54:57.0043 4764 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/08/31 17:54:57.0163 4764 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/31 17:54:57.0303 4764 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 2011/08/31 17:54:57.0423 4764 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/31 17:54:57.0523 4764 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 2011/08/31 17:54:57.0653 4764 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 2011/08/31 17:54:57.0703 4764 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 2011/08/31 17:54:57.0813 4764 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 2011/08/31 17:54:57.0853 4764 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/31 17:54:57.0983 4764 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 2011/08/31 17:54:58.0023 4764 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/31 17:54:58.0123 4764 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/31 17:54:58.0213 4764 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/31 17:54:58.0313 4764 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 2011/08/31 17:54:58.0353 4764 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 2011/08/31 17:54:58.0453 4764 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/08/31 17:54:58.0483 4764 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/08/31 17:54:58.0563 4764 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 2011/08/31 17:54:58.0673 4764 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/31 17:54:58.0773 4764 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/31 17:54:58.0863 4764 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/08/31 17:54:58.0923 4764 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 2011/08/31 17:54:59.0023 4764 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 2011/08/31 17:54:59.0123 4764 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/08/31 17:54:59.0163 4764 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 2011/08/31 17:54:59.0253 4764 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/08/31 17:54:59.0363 4764 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/31 17:54:59.0523 4764 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 2011/08/31 17:54:59.0653 4764 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/08/31 17:54:59.0753 4764 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/31 17:54:59.0853 4764 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/31 17:54:59.0893 4764 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/31 17:54:59.0993 4764 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 2011/08/31 17:55:00.0053 4764 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/31 17:55:00.0143 4764 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/31 17:55:00.0273 4764 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 2011/08/31 17:55:00.0373 4764 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 2011/08/31 17:55:00.0423 4764 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/08/31 17:55:00.0513 4764 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/31 17:55:00.0613 4764 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 2011/08/31 17:55:00.0753 4764 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/08/31 17:55:00.0853 4764 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 2011/08/31 17:55:00.0883 4764 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 2011/08/31 17:55:01.0003 4764 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 2011/08/31 17:55:01.0033 4764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 2011/08/31 17:55:01.0173 4764 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 2011/08/31 17:55:01.0243 4764 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 2011/08/31 17:55:01.0283 4764 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 2011/08/31 17:55:01.0383 4764 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 2011/08/31 17:55:01.0433 4764 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 2011/08/31 17:55:01.0573 4764 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/08/31 17:55:01.0693 4764 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/08/31 17:55:01.0863 4764 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/31 17:55:01.0953 4764 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 2011/08/31 17:55:02.0068 4764 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/31 17:55:02.0153 4764 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/08/31 17:55:02.0283 4764 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 2011/08/31 17:55:02.0443 4764 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 2011/08/31 17:55:02.0503 4764 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/31 17:55:02.0523 4764 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/31 17:55:02.0613 4764 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/08/31 17:55:02.0723 4764 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/31 17:55:02.0793 4764 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/31 17:55:02.0903 4764 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/31 17:55:02.0943 4764 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/31 17:55:03.0023 4764 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 2011/08/31 17:55:03.0083 4764 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/31 17:55:03.0123 4764 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/31 17:55:03.0153 4764 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/08/31 17:55:03.0233 4764 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 2011/08/31 17:55:03.0283 4764 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 2011/08/31 17:55:03.0403 4764 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/08/31 17:55:03.0463 4764 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys 2011/08/31 17:55:03.0573 4764 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys 2011/08/31 17:55:03.0713 4764 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/31 17:55:03.0823 4764 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys 2011/08/31 17:55:03.0943 4764 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 2011/08/31 17:55:04.0063 4764 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 2011/08/31 17:55:04.0213 4764 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 2011/08/31 17:55:04.0253 4764 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/08/31 17:55:04.0363 4764 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 2011/08/31 17:55:04.0463 4764 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 2011/08/31 17:55:04.0523 4764 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 2011/08/31 17:55:04.0643 4764 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys 2011/08/31 17:55:04.0733 4764 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 2011/08/31 17:55:04.0753 4764 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/31 17:55:04.0833 4764 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/31 17:55:04.0883 4764 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 2011/08/31 17:55:04.0993 4764 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 2011/08/31 17:55:05.0043 4764 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 2011/08/31 17:55:05.0153 4764 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/08/31 17:55:05.0353 4764 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/08/31 17:55:05.0433 4764 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 2011/08/31 17:55:05.0503 4764 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/31 17:55:05.0593 4764 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/31 17:55:05.0713 4764 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 2011/08/31 17:55:05.0763 4764 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 2011/08/31 17:55:05.0923 4764 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys 2011/08/31 17:55:06.0133 4764 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/31 17:55:06.0203 4764 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/31 17:55:06.0243 4764 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/08/31 17:55:06.0333 4764 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/08/31 17:55:06.0383 4764 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/31 17:55:06.0423 4764 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 2011/08/31 17:55:06.0603 4764 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/31 17:55:06.0663 4764 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 2011/08/31 17:55:06.0773 4764 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/31 17:55:06.0923 4764 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS 2011/08/31 17:55:07.0033 4764 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 2011/08/31 17:55:07.0133 4764 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/31 17:55:07.0253 4764 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/31 17:55:07.0363 4764 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 2011/08/31 17:55:07.0423 4764 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 2011/08/31 17:55:07.0583 4764 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/31 17:55:07.0683 4764 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 2011/08/31 17:55:07.0773 4764 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 2011/08/31 17:55:07.0883 4764 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/31 17:55:07.0973 4764 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 2011/08/31 17:55:08.0063 4764 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/08/31 17:55:08.0123 4764 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 2011/08/31 17:55:08.0173 4764 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS 2011/08/31 17:55:08.0253 4764 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 2011/08/31 17:55:08.0363 4764 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 2011/08/31 17:55:08.0543 4764 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 2011/08/31 17:55:08.0673 4764 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/31 17:55:08.0713 4764 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/08/31 17:55:08.0753 4764 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 2011/08/31 17:55:08.0863 4764 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 2011/08/31 17:55:08.0943 4764 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 2011/08/31 17:55:09.0043 4764 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 2011/08/31 17:55:09.0103 4764 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 2011/08/31 17:55:09.0253 4764 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 2011/08/31 17:55:09.0403 4764 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/08/31 17:55:09.0443 4764 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/08/31 17:55:09.0543 4764 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 2011/08/31 17:55:09.0593 4764 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/31 17:55:09.0613 4764 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/31 17:55:09.0773 4764 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 2011/08/31 17:55:09.0853 4764 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/31 17:55:10.0023 4764 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/08/31 17:55:10.0063 4764 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/08/31 17:55:10.0203 4764 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/08/31 17:55:10.0243 4764 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/31 17:55:10.0313 4764 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/31 17:55:10.0423 4764 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 2011/08/31 17:55:10.0463 4764 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/31 17:55:10.0553 4764 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys 2011/08/31 17:55:10.0603 4764 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/08/31 17:55:10.0633 4764 Boot (0x1200) (11df49247e523bd1a6467a837ba1c29c) \Device\Harddisk0\DR0\Partition0 2011/08/31 17:55:10.0653 4764 Boot (0x1200) (5c779cb2c8735712f1aaa3f0527e399a) \Device\Harddisk0\DR0\Partition1 2011/08/31 17:55:10.0653 4764 ================================================================================ 2011/08/31 17:55:10.0653 4764 Scan finished 2011/08/31 17:55:10.0653 4764 ================================================================================ 2011/08/31 17:55:10.0663 1196 Detected object count: 0 2011/08/31 17:55:10.0663 1196 Actual detected object count: 0 aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-08-31 17:58:50 ----------------------------- 17:58:50.279 OS Version: Windows x64 6.1.7601 Service Pack 1 17:58:50.279 Number of processors: 4 586 0x2502 17:58:50.279 ComputerName: RUTH-VAIO UserName: Ruth 17:58:51.579 Initialize success 18:01:02.754 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 18:01:02.764 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3 18:01:02.764 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000062 18:01:02.764 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0 18:01:02.764 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000063 18:01:02.774 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0 18:01:02.774 Disk 0 MBR read successfully 18:01:02.774 Disk 0 MBR scan 18:01:02.784 Disk 0 TDL4@MBR code has been found 18:01:02.784 Disk 0 Windows 7 default MBR code found via API 18:01:02.784 Disk 0 MBR hidden 18:01:02.794 Disk 0 MBR [TDL4] **ROOTKIT** 18:01:02.794 Disk 0 trace - called modules: 18:01:02.804 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80063af254]<< 18:01:02.804 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006397060] 18:01:02.814 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800433c6e0] 18:01:02.814 5 ACPI.sys[fffff88000f397a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004341050] 18:01:02.824 \Driver\iaStor[0xfffffa8004319060] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa80063af254 18:01:02.824 Scan finished successfully 18:01:57.891 Disk 0 MBR has been saved successfully to "C:\Users\Ruth\Desktop\MBR.dat" 18:01:57.911 The log file has been saved successfully to "C:\Users\Ruth\Desktop\aswMBR.txt" Terwijl ik de laatste opdracht aan het doen was kreeg ik van Microsoft security Essentials de melding dat er weer een bedreiging was van Alureon
  • Dat MSE jou aangeeft dat Aulureon oftwel TDL4 aanwezig is in jouw Windows is correct! Zie ook http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=213620 [b:51da98d832]Ik denk zelf dat jij TDSSKiller niet juist gebruikt hebt.[/b:51da98d832] Download het tool opnieuw naar je buraublad en pak het weer uit. Start vervolgens TDSSKiller opnieuw op. En NU met administratorrechten! Dus middels rechtsklik op TDSSKiller.exe klikkenen dan kiezen voor [b:51da98d832]Als Administrator uitvoeren. [/b:51da98d832] Post opnieuw de inhoud van het log.
  • Ik heb TDSSKiller opnieuw gebruikt. Hieronder de log. 2011/08/31 20:11:37.0832 5252 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/08/31 20:11:37.0942 5252 ================================================================================ 2011/08/31 20:11:37.0942 5252 SystemInfo: 2011/08/31 20:11:37.0942 5252 2011/08/31 20:11:37.0942 5252 OS Version: 6.1.7601 ServicePack: 1.0 2011/08/31 20:11:37.0942 5252 Product type: Workstation 2011/08/31 20:11:37.0942 5252 ComputerName: RUTH-VAIO 2011/08/31 20:11:37.0942 5252 UserName: Ruth 2011/08/31 20:11:37.0942 5252 Windows directory: C:\Windows 2011/08/31 20:11:37.0942 5252 System windows directory: C:\Windows 2011/08/31 20:11:37.0942 5252 Running under WOW64 2011/08/31 20:11:37.0942 5252 Processor architecture: Intel x64 2011/08/31 20:11:37.0942 5252 Number of processors: 4 2011/08/31 20:11:37.0942 5252 Page size: 0x1000 2011/08/31 20:11:37.0942 5252 Boot type: Normal boot 2011/08/31 20:11:37.0942 5252 ================================================================================ 2011/08/31 20:11:38.0312 5252 Initialize success 2011/08/31 20:11:46.0862 4180 ================================================================================ 2011/08/31 20:11:46.0862 4180 Scan started 2011/08/31 20:11:46.0862 4180 Mode: Manual; 2011/08/31 20:11:46.0862 4180 ================================================================================ 2011/08/31 20:11:47.0422 4180 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 2011/08/31 20:11:47.0532 4180 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 2011/08/31 20:11:47.0642 4180 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 2011/08/31 20:11:47.0752 4180 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 2011/08/31 20:11:47.0852 4180 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 2011/08/31 20:11:47.0942 4180 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 2011/08/31 20:11:48.0072 4180 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 2011/08/31 20:11:48.0172 4180 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 2011/08/31 20:11:48.0292 4180 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 2011/08/31 20:11:48.0782 4180 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 2011/08/31 20:11:48.0892 4180 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 2011/08/31 20:11:49.0142 4180 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/31 20:11:49.0292 4180 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/08/31 20:11:49.0402 4180 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 2011/08/31 20:11:49.0502 4180 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 2011/08/31 20:11:49.0582 4180 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 2011/08/31 20:11:49.0622 4180 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 2011/08/31 20:11:49.0762 4180 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys 2011/08/31 20:11:49.0892 4180 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 2011/08/31 20:11:50.0032 4180 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 2011/08/31 20:11:50.0122 4180 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 2011/08/31 20:11:50.0212 4180 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 2011/08/31 20:11:50.0302 4180 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/31 20:11:50.0402 4180 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 2011/08/31 20:11:50.0542 4180 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 2011/08/31 20:11:50.0802 4180 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/31 20:11:50.0972 4180 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 2011/08/31 20:11:51.0072 4180 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/08/31 20:11:51.0172 4180 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/08/31 20:11:51.0292 4180 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 2011/08/31 20:11:51.0392 4180 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/31 20:11:51.0502 4180 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 2011/08/31 20:11:51.0592 4180 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 2011/08/31 20:11:51.0682 4180 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/08/31 20:11:51.0782 4180 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/08/31 20:11:51.0882 4180 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/08/31 20:11:51.0972 4180 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/08/31 20:11:52.0072 4180 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 2011/08/31 20:11:52.0172 4180 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 2011/08/31 20:11:52.0272 4180 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 2011/08/31 20:11:52.0382 4180 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 2011/08/31 20:11:52.0542 4180 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 2011/08/31 20:11:52.0642 4180 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 2011/08/31 20:11:52.0772 4180 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 2011/08/31 20:11:52.0882 4180 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys 2011/08/31 20:11:53.0022 4180 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 2011/08/31 20:11:53.0142 4180 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/08/31 20:11:53.0252 4180 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/31 20:11:53.0352 4180 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 2011/08/31 20:11:53.0482 4180 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 2011/08/31 20:11:53.0592 4180 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/08/31 20:11:53.0722 4180 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 2011/08/31 20:11:53.0822 4180 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 2011/08/31 20:11:53.0942 4180 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 2011/08/31 20:11:54.0042 4180 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 2011/08/31 20:11:54.0152 4180 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 2011/08/31 20:11:54.0252 4180 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 2011/08/31 20:11:54.0402 4180 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 2011/08/31 20:11:54.0502 4180 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/08/31 20:11:54.0622 4180 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 2011/08/31 20:11:54.0722 4180 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/08/31 20:11:54.0852 4180 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/31 20:11:54.0962 4180 e.dentifier2 (a0d5450b3d4689dce4cbbc8268141c37) C:\Windows\system32\DRIVERS\aabed2.sys 2011/08/31 20:11:55.0132 4180 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 2011/08/31 20:11:55.0312 4180 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 2011/08/31 20:11:55.0402 4180 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 2011/08/31 20:11:55.0552 4180 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/08/31 20:11:55.0652 4180 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/08/31 20:11:55.0742 4180 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 2011/08/31 20:11:55.0852 4180 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/08/31 20:11:55.0962 4180 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/08/31 20:11:56.0012 4180 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 2011/08/31 20:11:56.0112 4180 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 2011/08/31 20:11:56.0232 4180 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/08/31 20:11:56.0322 4180 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys 2011/08/31 20:11:56.0442 4180 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/31 20:11:56.0562 4180 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/08/31 20:11:56.0672 4180 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 2011/08/31 20:11:56.0792 4180 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/08/31 20:11:56.0892 4180 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 2011/08/31 20:11:56.0982 4180 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 2011/08/31 20:11:57.0092 4180 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 2011/08/31 20:11:57.0182 4180 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 2011/08/31 20:11:57.0282 4180 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 2011/08/31 20:11:57.0382 4180 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 2011/08/31 20:11:57.0482 4180 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 2011/08/31 20:11:57.0572 4180 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 2011/08/31 20:11:57.0682 4180 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 2011/08/31 20:11:57.0772 4180 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 2011/08/31 20:11:57.0892 4180 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 2011/08/31 20:11:58.0032 4180 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys 2011/08/31 20:11:58.0142 4180 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 2011/08/31 20:11:58.0392 4180 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/08/31 20:11:58.0622 4180 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 2011/08/31 20:11:58.0762 4180 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys 2011/08/31 20:11:58.0942 4180 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys 2011/08/31 20:11:59.0082 4180 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys 2011/08/31 20:11:59.0192 4180 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 2011/08/31 20:11:59.0282 4180 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 2011/08/31 20:11:59.0402 4180 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/31 20:11:59.0492 4180 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 2011/08/31 20:11:59.0602 4180 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/08/31 20:11:59.0702 4180 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/08/31 20:11:59.0822 4180 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 2011/08/31 20:11:59.0902 4180 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 2011/08/31 20:11:59.0992 4180 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 2011/08/31 20:12:00.0112 4180 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 2011/08/31 20:12:00.0232 4180 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/31 20:12:00.0332 4180 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 2011/08/31 20:12:00.0432 4180 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/08/31 20:12:00.0572 4180 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/31 20:12:00.0692 4180 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 2011/08/31 20:12:00.0802 4180 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 2011/08/31 20:12:00.0902 4180 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 2011/08/31 20:12:01.0002 4180 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 2011/08/31 20:12:01.0102 4180 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/08/31 20:12:01.0182 4180 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 2011/08/31 20:12:01.0282 4180 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 2011/08/31 20:12:01.0392 4180 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/08/31 20:12:01.0482 4180 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/31 20:12:01.0592 4180 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 2011/08/31 20:12:01.0702 4180 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/31 20:12:01.0802 4180 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 2011/08/31 20:12:01.0922 4180 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 2011/08/31 20:12:02.0002 4180 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 2011/08/31 20:12:02.0152 4180 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 2011/08/31 20:12:02.0242 4180 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/31 20:12:02.0352 4180 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 2011/08/31 20:12:02.0452 4180 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/31 20:12:02.0562 4180 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/31 20:12:02.0662 4180 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/31 20:12:02.0752 4180 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 2011/08/31 20:12:02.0832 4180 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 2011/08/31 20:12:02.0962 4180 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/08/31 20:12:03.0092 4180 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/08/31 20:12:03.0172 4180 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 2011/08/31 20:12:03.0292 4180 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/31 20:12:03.0422 4180 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/31 20:12:03.0522 4180 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/08/31 20:12:03.0622 4180 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 2011/08/31 20:12:03.0742 4180 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 2011/08/31 20:12:03.0832 4180 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/08/31 20:12:03.0922 4180 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 2011/08/31 20:12:04.0002 4180 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/08/31 20:12:04.0122 4180 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/31 20:12:04.0252 4180 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 2011/08/31 20:12:04.0392 4180 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/08/31 20:12:04.0482 4180 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/31 20:12:04.0862 4180 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/31 20:12:04.0962 4180 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/31 20:12:05.0012 4180 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 2011/08/31 20:12:05.0102 4180 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/31 20:12:05.0212 4180 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/31 20:12:05.0362 4180 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 2011/08/31 20:12:05.0462 4180 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 2011/08/31 20:12:05.0572 4180 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/08/31 20:12:05.0662 4180 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/31 20:12:05.0802 4180 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 2011/08/31 20:12:05.0922 4180 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/08/31 20:12:06.0032 4180 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 2011/08/31 20:12:06.0122 4180 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 2011/08/31 20:12:06.0222 4180 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 2011/08/31 20:12:06.0302 4180 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 2011/08/31 20:12:06.0422 4180 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 2011/08/31 20:12:06.0532 4180 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 2011/08/31 20:12:06.0622 4180 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 2011/08/31 20:12:06.0722 4180 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 2011/08/31 20:12:06.0822 4180 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 2011/08/31 20:12:06.0922 4180 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/08/31 20:12:07.0032 4180 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/08/31 20:12:07.0262 4180 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/31 20:12:07.0352 4180 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 2011/08/31 20:12:07.0492 4180 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/31 20:12:07.0582 4180 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/08/31 20:12:07.0702 4180 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 2011/08/31 20:12:07.0822 4180 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 2011/08/31 20:12:07.0912 4180 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/31 20:12:08.0002 4180 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/31 20:12:08.0112 4180 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/08/31 20:12:08.0252 4180 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/31 20:12:08.0342 4180 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/31 20:12:08.0462 4180 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/31 20:12:08.0562 4180 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/31 20:12:08.0642 4180 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 2011/08/31 20:12:08.0752 4180 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/31 20:12:08.0852 4180 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/31 20:12:08.0942 4180 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/08/31 20:12:09.0042 4180 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 2011/08/31 20:12:09.0142 4180 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 2011/08/31 20:12:09.0262 4180 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/08/31 20:12:09.0342 4180 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys 2011/08/31 20:12:09.0472 4180 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys 2011/08/31 20:12:09.0602 4180 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/31 20:12:09.0712 4180 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys 2011/08/31 20:12:09.0822 4180 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 2011/08/31 20:12:09.0932 4180 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 2011/08/31 20:12:10.0042 4180 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 2011/08/31 20:12:10.0142 4180 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/08/31 20:12:10.0242 4180 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 2011/08/31 20:12:10.0372 4180 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 2011/08/31 20:12:10.0452 4180 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 2011/08/31 20:12:10.0862 4180 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys 2011/08/31 20:12:10.0942 4180 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 2011/08/31 20:12:11.0032 4180 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/31 20:12:11.0172 4180 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/31 20:12:11.0262 4180 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 2011/08/31 20:12:11.0392 4180 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 2011/08/31 20:12:11.0472 4180 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 2011/08/31 20:12:11.0612 4180 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/08/31 20:12:11.0772 4180 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/08/31 20:12:11.0922 4180 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 2011/08/31 20:12:11.0952 4180 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/31 20:12:12.0062 4180 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/31 20:12:12.0192 4180 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 2011/08/31 20:12:12.0222 4180 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 2011/08/31 20:12:12.0392 4180 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys 2011/08/31 20:12:12.0592 4180 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/31 20:12:12.0692 4180 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/31 20:12:12.0792 4180 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/08/31 20:12:12.0882 4180 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/08/31 20:12:12.0992 4180 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/31 20:12:13.0072 4180 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 2011/08/31 20:12:13.0232 4180 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/31 20:12:13.0322 4180 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 2011/08/31 20:12:13.0432 4180 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/31 20:12:13.0582 4180 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS 2011/08/31 20:12:13.0722 4180 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 2011/08/31 20:12:13.0822 4180 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/31 20:12:13.0952 4180 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/31 20:12:14.0062 4180 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 2011/08/31 20:12:14.0162 4180 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 2011/08/31 20:12:14.0282 4180 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/31 20:12:14.0382 4180 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 2011/08/31 20:12:14.0472 4180 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 2011/08/31 20:12:14.0582 4180 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/31 20:12:14.0672 4180 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 2011/08/31 20:12:14.0762 4180 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/08/31 20:12:14.0862 4180 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 2011/08/31 20:12:14.0962 4180 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS 2011/08/31 20:12:15.0052 4180 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 2011/08/31 20:12:15.0172 4180 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 2011/08/31 20:12:15.0332 4180 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 2011/08/31 20:12:15.0452 4180 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/31 20:12:15.0552 4180 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/08/31 20:12:15.0642 4180 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 2011/08/31 20:12:15.0752 4180 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 2011/08/31 20:12:15.0822 4180 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 2011/08/31 20:12:15.0932 4180 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 2011/08/31 20:12:16.0022 4180 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 2011/08/31 20:12:16.0122 4180 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 2011/08/31 20:12:16.0242 4180 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/08/31 20:12:16.0332 4180 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/08/31 20:12:16.0432 4180 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 2011/08/31 20:12:16.0542 4180 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/31 20:12:16.0562 4180 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/31 20:12:16.0692 4180 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 2011/08/31 20:12:16.0802 4180 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/31 20:12:16.0972 4180 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/08/31 20:12:17.0062 4180 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/08/31 20:12:17.0232 4180 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/08/31 20:12:17.0322 4180 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/31 20:12:17.0472 4180 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/31 20:12:17.0612 4180 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 2011/08/31 20:12:17.0722 4180 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/31 20:12:17.0882 4180 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys 2011/08/31 20:12:17.0932 4180 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/08/31 20:12:17.0952 4180 Boot (0x1200) (11df49247e523bd1a6467a837ba1c29c) \Device\Harddisk0\DR0\Partition0 2011/08/31 20:12:18.0022 4180 Boot (0x1200) (5c779cb2c8735712f1aaa3f0527e399a) \Device\Harddisk0\DR0\Partition1 2011/08/31 20:12:18.0022 4180 ================================================================================ 2011/08/31 20:12:18.0022 4180 Scan finished 2011/08/31 20:12:18.0022 4180 ================================================================================ 2011/08/31 20:12:18.0042 5476 Detected object count: 0 2011/08/31 20:12:18.0042 5476 Actual detected object count: 0
  • Vertel eens, is jouw Computer met Windows 7 gekomen of heb jijzelf Windows 7 in deze computer geïnstalleerd?
  • Windows 7 zat al op de computer toen ik hem kocht.
  • Dan hebben we op dit moment een echt probleem! De TDL-4 Aulureon rootkit is momenteel de meest intelligente malware die is uitgebracht. En in jouw Windows schijnt mij de allernieuwste versie te zitten. En ik kan jouw de MBR niet laten repareren, want dan werkt daarna de recovery-installatie van Windows 7 niet meer! Doe eens dit: [b:d30e15d581]Download [url=http://eric71.geekstogo.com/tools/LopSD.exe]LopSD[/url] of [url=http://eric.71.mespages.googlepages.com/LopSD.exe]LOPSD[/url] naar je Bureaublad.[/b:d30e15d581] [list:d30e15d581][*:d30e15d581] [b:d30e15d581]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:d30e15d581] [list:d30e15d581][*:d30e15d581][b:d30e15d581]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"![/list:u:d30e15d581] [*:d30e15d581] Kies Optie N en Enter [*:d30e15d581] Klik OK bij het informatie venter [*:d30e15d581] Kies Optie 2 en Enter [*:d30e15d581] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:d30e15d581][/list:u:d30e15d581]
  • Dat klinkt niet best. Aan het eind van dat programmaatje krijg ik geen log maar de melding dat het programma mogelijk niet correct geinstalleerd is. Moet ik kiezen voor opnieuw installeren met aanbevolen instellingen of Dit programma is correct geinstalleerd?
  • Je gebruikt Windows 7 x64. Hoe installeer jij? Je dient dat namelijk met administratorrechten te doen, zoals ik al eerder dit vermelde. Dus: [b:826a452eca]middels rechtsklik op het installatiebestand klikken en dan kiezen voor Als Administrator uitvoeren[color=darkblue:826a452eca][/color:826a452eca]/[b][/b:826a452eca]
  • Ja, dat doe ik ook.
  • Welnu probeer het dan nogmaals met LopSD
  • Ik heb het ook met LopSD geprobeerd, maar aan het eind krijg ik weer die melding van Assistent voor programmacompatibiliteit. Zou ik daar dan misschien Opnieuw installeren met aanbevolen instellingen kunnen kiezen?
  • Oké - [b:84a8be8d48]download [url=http://downloads.malwareremoval.com/CKScanner.exe]CKScanner by askey 127[/url] en sla het op je bureaublad op[/b:84a8be8d48]. Vista en Win 7 gebruikers gebruiken dit tool via rechtsklik en kiezen voor Als Administrator uitvoeren. • Klik/dubbelklik op [b:84a8be8d48]CKScanner by askey 127[/b:84a8be8d48] om het tool te starten en klik op Search for Files. • Na een korte tijd, wanneer de zandloper verdwijnt, klik dan op Save List To File • Een berichtvenster zal bevestigen dat het dokument is opgelagen. • Klik/dubbelklik op de CKFiles.txt snelkoppeling op je bureaublad en kopiëer en plak de inhoud in je volgende post.
  • CKScanner - Additional Security Risks - These are not necessarily bad scanner sequence 3.RP.11.RUNABV ----- EOF -----
  • Ik ben benieuwd: [color=#FF0000:055eabe324][b:055eabe324]Stap •1•[/b:055eabe324][/color:055eabe324] [b:055eabe324]Welk programma[/b:055eabe324]: Trend Micro [b:055eabe324]Hijack This Versie 2.0.4[/b:055eabe324] [b:055eabe324]Waarvoor/waarom[/b:055eabe324]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:055eabe324]Moeilijkheidsgraad[/b:055eabe324]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:055eabe324]Download[/b:055eabe324] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:055eabe324]HijackThis Installer[/b:055eabe324][/url] [b:055eabe324]Installatie[/b:055eabe324]: [list:055eabe324][*:055eabe324]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:055eabe324] Gebruikers van [b:055eabe324]Windows Vista[/b:055eabe324] en [b:055eabe324]Windows 7[/b:055eabe324] gaan daarna naar de installatielokatie van HijackThis. [list:055eabe324][*:055eabe324]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen. [*:055eabe324]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren". [*:055eabe324]Als laatste wordt dan nog op [b:055eabe324]Toepassen[/b:055eabe324] en [b:055eabe324]OK[/b:055eabe324] geklikt[/list:u:055eabe324] [b:055eabe324]Hijack This gebruiken[/b:055eabe324]: [list:055eabe324][*:055eabe324]Sluit eerst alle openstaande programma's en de webbrowsers. [*:055eabe324]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:055eabe324][*:055eabe324]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:055eabe324] [*:055eabe324]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:055eabe324]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht. [*:055eabe324]Hierna mag je Hijack This weer sluiten[/list:u:055eabe324] [color=#FF0000:055eabe324][b:055eabe324]Stap •2•[/b:055eabe324][/color:055eabe324] [b:055eabe324]Welk programma[/b:055eabe324]: Microsoft Safety Scanner [b:055eabe324]Waarvoor/waarom[/b:055eabe324]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:055eabe324]Moeilijkheidsgraad[/b:055eabe324]: geen. [quote:055eabe324]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload. Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software, downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/quote:055eabe324] Dowload de [b:055eabe324]Microsoft Safety Scanner [/b:055eabe324][url=http://www.microsoft.com/security/scanner/nl-nl/default.aspx]hier[/url]. Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst". [b:055eabe324]Scannen[/b:055eabe324]: [list:055eabe324][*:055eabe324] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'. [*:055eabe324]Het scannen duurt wel even, dus wees geduldig.[/list:u:055eabe324] [color=#FF0000:055eabe324][b:055eabe324]Stap •3•[/b:055eabe324][/color:055eabe324] [b:055eabe324]Welk programma[/b:055eabe324]: Malwarebytes MBAM [b:055eabe324]Waarvoor/waarom[/b:055eabe324]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:055eabe324]Moeilijkheidsgraad[/b:055eabe324]: geen. [b:055eabe324]Download Malwarebytes MBAM via één van deze locaties[/b:055eabe324]: [list:055eabe324][*:055eabe324][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:055eabe324]Download.com[/b:055eabe324][/url] [*:055eabe324][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:055eabe324]Softpedia.com[/b:055eabe324][/url][*:055eabe324][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:055eabe324]Majorgeeks.com[/b:055eabe324][/url][/list:u:055eabe324] [b:055eabe324]Allereerst[/b:055eabe324]:[list:055eabe324][*:055eabe324] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:055eabe324] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:055eabe324] [b:055eabe324]Malwarebytes MBAM opstarten[/b:055eabe324]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:055eabe324][*:055eabe324][b:055eabe324]Let op:[/b:055eabe324] [list:055eabe324][*:055eabe324]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:055eabe324]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:055eabe324]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:055eabe324]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:055eabe324][/list:u:055eabe324] [img:055eabe324]http://img30.imageshack.us/img30/3928/mbam2.png[/img:055eabe324] [list:055eabe324][*:055eabe324][b:055eabe324]Doe ook nog het volgende:[/b:055eabe324] [list:055eabe324][*:055eabe324]Zodra het programma gestart is, ga dan naar het tabblad "[b:055eabe324]Instellingen[/b:055eabe324]". [*:055eabe324]Vink hier aan: "[b:055eabe324]Sluit Internet Explorer tijdens verwijdering van malware[/b:055eabe324]".[/list:u:055eabe324][/list:u:055eabe324] [b:055eabe324]Scannen[/b:055eabe324]: [list:055eabe324][*:055eabe324] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:055eabe324]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:055eabe324]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:055eabe324] [b:055eabe324]Infecties gevonden[/b:055eabe324]: [list:055eabe324][*:055eabe324]Klik nu eerst op OK om de melding weg te klikken [*:055eabe324]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:055eabe324]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:055eabe324]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:055eabe324]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:055eabe324]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:055eabe324] [b:055eabe324]MBAM-Log[/b:055eabe324]: [list:055eabe324][*:055eabe324] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:055eabe324] [b:055eabe324]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:055eabe324] [color=#FF0000:055eabe324][b:055eabe324]Stap •4•[/b:055eabe324][/color:055eabe324] [b:055eabe324]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:055eabe324] [list:055eabe324][*:055eabe324] een nieuw Hijackthis-log [*:055eabe324] MBAM scanlog[/list:u:055eabe324] Tevens een Uninstall-lijst posten: [list:055eabe324][*:055eabe324] start HijackThis, [*:055eabe324] klik op de knop Open the Misc Tools section, [*:055eabe324] klik op de knop Open Uninstall Manager, [*:055eabe324] Klik op de knop Save.[/list:u:055eabe324]
  • Ik wilde de Hijack This gebruiken maar vond iets heel raars. Op mijn andere computer waarvan ik jouw bericht steeds lees als ik het op de virus-computer doe, staat in jouw bericht dat ik de logfile moet kopieëren in die DDRMMR's kleurcode. Nu kijk ik naar hetzelfde bericht van jou op de virus-computer en daar zijn de regels over DDRMMR's kleurcode weggelaten. Heeft dit iets met dat virus te maken of is dat omdat ik iets doms doe?
  • (Ik heb de site vanaf mijn oude computer even overgetypt zodat ik het wel in kleur kon doen) Hieronder dus vast het 1e log [hjt] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:48:09, on 31-8-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal [b:c15ca7b9ed]Running processes:[/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\google\googletoolbarnotifier\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbarnotifier.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\skype\phone\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skype.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) rapid storage technology\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]iastoricon.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\isb utility\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]isbmgr.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\pmb\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]pmbvolumewatcher.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\marketing tools\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]marketingtools.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]bluetoothheadsetproxy.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files\sony\vaio care\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]listener.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\trend micro\hijackthis\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]hijackthis.exe[/color:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbaruser_32.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],default_page_url = [u:c15ca7b9ed][noparse]http://nl.msn.com/?ocid=oie9hp[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],search page = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],start page = [u:c15ca7b9ed][noparse]http://www.google.nl/[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],default_page_url = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],default_search_url = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],search page = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],start page = [u:c15ca7b9ed][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\search[/color:c15ca7b9ed],searchassistant = [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\search[/color:c15ca7b9ed],customizesearch = [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\software\microsoft\internet explorer\main[/color:c15ca7b9ed],local page = [color=teal:c15ca7b9ed]c:\windows\syswow64\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]blank.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]r1 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\main[/color:c15ca7b9ed],window title = windows internet explorer wordt aangeboden door msn and bing [color=silver:c15ca7b9ed]r0 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\software\microsoft\internet explorer\toolbar[/color:c15ca7b9ed],linksfoldername = [color=silver:c15ca7b9ed]f2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]reg[/color:c15ca7b9ed]:system.ini: userinit=userinit.exe [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: acroiehelperstub - [color=orange:c15ca7b9ed]{18df081c-e8ad-4283-a596-fa578c2ebdc3}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\adobe\acrobat\activex\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]acroiehelpershim.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: (no name) - [color=orange:c15ca7b9ed]{5c255c8a-e604-49b4-9d64-90988571cecb}[/color:c15ca7b9ed] - (no file) [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: groove gfs browser helper - [color=orange:c15ca7b9ed]{72853161-30c5-4d22-b7f9-0bbc1d38a37e}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]grooveex.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: windows live aanmelden - help - [color=orange:c15ca7b9ed]{9030d464-4c02-4abf-8ecc-5164760863c6}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\microsoft shared\windows live\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]windowslivelogin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: google toolbar helper - [color=orange:c15ca7b9ed]{aa58ed58-01dd-4d91-8333-cf10577473f7}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbar_32.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: skypeiepluginbho - [color=orange:c15ca7b9ed]{ae805869-2e5c-4ed4-8f7b-f1f7851a4497}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: urlredirectionbho - [color=orange:c15ca7b9ed]{b4f3a835-0e21-4959-ba22-42b3008e02ff}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]urlredir.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o2 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]bho[/color:c15ca7b9ed]: java(tm) plug-in 2 ssv helper - [color=orange:c15ca7b9ed]{dbc80044-a445-435b-bc74-9c25c1c588a9}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\java\jre6\bin\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]jp2ssv.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o3 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]toolbar[/color:c15ca7b9ed]: google toolbar - [color=orange:c15ca7b9ed]{2318c2b1-4965-11d4-9b18-009027a5cd4f}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbar_32.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][iastoricon][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) rapid storage technology\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]iastoricon.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][isbmgr.exe][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\isb utility\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]isbmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][pmbvolumewatcher][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\pmb\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]pmbvolumewatcher.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hklm\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][marketingtools][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\sony\marketing tools\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]marketingtools.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][swg][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\google\googletoolbarnotifier\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbarnotifier.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]hkcu\..\run[/color:c15ca7b9ed]: [b:c15ca7b9ed][skype][/b:c15ca7b9ed] [color=teal:c15ca7b9ed]c:\program files (x86)\skype\phone\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skype.exe[/color:c15ca7b9ed] /nosplash /minimized [color=silver:c15ca7b9ed]o4 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]global startup[/color:c15ca7b9ed]: bluetooth.lnk = ? [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: &verzenden naar onenote - res://[color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnie.dll[/color:c15ca7b9ed]/105 [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: afbeelding verzenden naar &bluetooth-apparaat... - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie_ctx.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: e&xporteren naar microsoft excel - res://[color=teal:c15ca7b9ed]c:\progra~2\micros~1\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]excel.exe[/color:c15ca7b9ed]/3000 [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: google sidewiki... - res://[color=teal:c15ca7b9ed]c:\program files (x86)\google\google toolbar\component\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googletoolbardynamic_mui_en_7461b1589e8b4fb7.dll[/color:c15ca7b9ed]/cmsidewiki.html [color=silver:c15ca7b9ed]o8 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra context menu item[/color:c15ca7b9ed]: pagina verzenden naar &bluetooth-apparaat... - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: in weblog opnemen - [color=orange:c15ca7b9ed]{219c3416-8cb2-491a-a3c7-d9fcddc9d600}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\windows live\writer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]writerbrowserextension.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: &in weblog opnemen met windows live writer - [color=orange:c15ca7b9ed]{219c3416-8cb2-491a-a3c7-d9fcddc9d600}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\windows live\writer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]writerbrowserextension.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: verzenden naar onenote - [color=orange:c15ca7b9ed]{2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnie.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: &verzenden naar onenote - [color=orange:c15ca7b9ed]{2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnie.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: &gekoppelde notities van onenote - [color=orange:c15ca7b9ed]{789fe86f-6fc4-46a1-9849-ede0db0c95ca}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnielinkednotes.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: &gekoppelde notities van onenote - [color=orange:c15ca7b9ed]{789fe86f-6fc4-46a1-9849-ede0db0c95ca}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\microsoft office\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]onbttnielinkednotes.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: skype plug-in - [color=orange:c15ca7b9ed]{898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: skype plug-in - [color=orange:c15ca7b9ed]{898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: send to bluetooth - [color=orange:c15ca7b9ed]{cca281ca-c863-46ef-9331-5c8d4460577f}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: send to &bluetooth device... - [color=orange:c15ca7b9ed]{cca281ca-c863-46ef-9331-5c8d4460577f}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btsendto_ie.htm[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra button[/color:c15ca7b9ed]: add to evernote - [color=orange:c15ca7b9ed]{e0b8c461-f8fb-49b4-8373-fe32e92528a6}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\evernote\evernote3.5\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]enbar.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o9 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]extra 'tools' menuitem[/color:c15ca7b9ed]: add to evernote - [color=orange:c15ca7b9ed]{e0b8c461-f8fb-49b4-8373-fe32e92528a6}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\evernote\evernote3.5\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]enbar.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o11 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]options group[/color:c15ca7b9ed]: [b:c15ca7b9ed][accelerated_graphics][/b:c15ca7b9ed] accelerated graphics [color=silver:c15ca7b9ed]o16 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]dpf[/color:c15ca7b9ed]: [color=orange:c15ca7b9ed]{1fec8b6f-250a-4293-b12c-67a7ef0b758a}[/color:c15ca7b9ed] (sikn speler) - [u:c15ca7b9ed][noparse]http://www.kerkomroep.nl/ocx/siknplayer.cab[/noparse][/u:c15ca7b9ed] [color=silver:c15ca7b9ed]o18 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]protocol[/color:c15ca7b9ed]: skype-ie-addon-data - [color=orange:c15ca7b9ed]{91774881-d725-4e58-b298-07617b9b86a8}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\skype\toolbars\internet explorer\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skypeieplugin.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o18 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]protocol[/color:c15ca7b9ed]: skype4com - [color=orange:c15ca7b9ed]{ffc8b962-9b40-4dff-9458-1830c7dd7f5d}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\progra~2\common~1\skype\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]skype4~1.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o18 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]filter hijack[/color:c15ca7b9ed]: text/xml - [color=orange:c15ca7b9ed]{807573e5-5146-11d5-a672-00b0d022e945}[/color:c15ca7b9ed] - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\microsoft shared\office14\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]msoxmlmf.dll[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: arcsoft connect daemon (acdaemon) - arcsoft inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\arcsoft\connection service\bin\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]acservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]alg.exe[/color:c15ca7b9ed],-112 (alg) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]alg.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: amd external events utility - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]atiesrxx.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: bluetooth service (btwdins) - broadcom corporation. - [color=teal:c15ca7b9ed]c:\program files\widcomm\bluetooth software\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]btwdins.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: canon camera access library 8 (ccalib8) - canon inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\canon\cal\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]calmain.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]efssvc.dll[/color:c15ca7b9ed],-100 (efs) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]fxsresm.dll[/color:c15ca7b9ed],-118 (fax) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]fxssvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: google updateservice (gupdate) (gupdate) - google inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\google\update\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googleupdate.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: google update-service (gupdatem) (gupdatem) - google inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\google\update\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googleupdate.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: google software updater (gusvc) - google - [color=teal:c15ca7b9ed]c:\program files (x86)\google\common\google updater\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]googleupdaterservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: intel(r) rapid storage technology (iastordatamgrsvc) - intel corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) rapid storage technology\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]iastordatamgrsvc.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @keyiso.dll,-100 (keyiso) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: intel(r) management and security application local management service (lms) - intel corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) management engine components\lms\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lms.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @comres.dll,-2797 (msdtc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]msdtc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]netlogon.dll[/color:c15ca7b9ed],-102 (netlogon) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: pmbdeviceinfoprovider - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\sony\pmb\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]pmbdeviceinfoprovider.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]psbase.dll[/color:c15ca7b9ed],-300 (protectedstorage) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: roxio upnp renderer 10 - sonic solutions - [color=teal:c15ca7b9ed]c:\program files (x86)\roxio\digital home 10\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]roxioupnprenderer10.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: roxio upnp server 10 - sonic solutions - [color=teal:c15ca7b9ed]c:\program files (x86)\roxio\digital home 10\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]roxioupnpservice10.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]locator.exe[/color:c15ca7b9ed],-2 (rpclocator) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]locator.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio care performance service (samplecollector) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio care\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcperfservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]samsrv.dll[/color:c15ca7b9ed],-1 (samss) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]snmptrap.exe[/color:c15ca7b9ed],-3 (snmptrap) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]snmptrap.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio media plus content importer (sohcimp) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\sohlib\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sohcimp.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio media plus digital media server (sohdms) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\sohlib\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sohdms.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio media plus device searcher (sohds) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\sohlib\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sohds.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio entertainment common service (spfservice) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\common files\sony shared\vaio entertainment platform\spf\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spfservice64.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spoolsv.exe[/color:c15ca7b9ed],-1 (spooler) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spoolsv.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sppsvc.exe[/color:c15ca7b9ed],-101 (sppsvc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]sppsvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: cammonitor (ucammonitor) - arcsoft, inc. - [color=teal:c15ca7b9ed]c:\program files (x86)\arcsoft\magic-i visual effects 2\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]ucammonitor.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]ui0detect.exe[/color:c15ca7b9ed],-101 (ui0detect) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]ui0detect.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: intel(r) management & security application user notification service (uns) - intel corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\intel\intel(r) management engine components\uns\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]uns.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio entertainment tv device arbitration service - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\vaio entertainment platform\vzhardwareresourcemanager\vzhardwareresourcemanager\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vzhardwareresourcemanager.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio event service - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\sony\vaio event service\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vesmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio power management - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio power management\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]spmservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vaultsvc.dll[/color:c15ca7b9ed],-1003 (vaultsvc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]lsass.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content folder watcher (vcfw) - sony corporation - [color=teal:c15ca7b9ed]c:\program files (x86)\common files\sony shared\vaio content folder watcher\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcfw.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content metadata intelligent analyzing manager (vcmialzmgr) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vcm intelligent analyzing manager\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcmialzmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content metadata intelligent network service manager (vcminsmgr) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vcm intelligent network service manager\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcminsmgr.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vaio content metadata xml interface (vcmxmlifhelper) - sony corporation - [color=teal:c15ca7b9ed]c:\program files\common files\sony shared\vcmxml\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcmxmlifhelper64.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vcservice - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio care\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vcservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vds.exe[/color:c15ca7b9ed],-100 (vds) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vds.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vsnservice - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio smart network\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vsnservice.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vssvc.exe[/color:c15ca7b9ed],-102 (vss) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vssvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: vuagent - sony corporation - [color=teal:c15ca7b9ed]c:\program files\sony\vaio update 5\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]vuagent.exe[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\wat\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]watux.exe[/color:c15ca7b9ed],-601 (watadminsvc) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\wat\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]watadminsvc.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wbengine.exe[/color:c15ca7b9ed],-104 (wbengine) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wbengine.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%systemroot%\system32\wbem\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmiapsrv.exe[/color:c15ca7b9ed],-110 (wmiapsrv) - unknown owner - [color=teal:c15ca7b9ed]c:\windows\system32\wbem\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmiapsrv.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] [color=silver:c15ca7b9ed]o23 -[/color:c15ca7b9ed] [color=brown:c15ca7b9ed]service[/color:c15ca7b9ed]: @[color=teal:c15ca7b9ed]%programfiles%\windows media player\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmpnetwk.exe[/color:c15ca7b9ed],-101 (wmpnetworksvc) - unknown owner - [color=teal:c15ca7b9ed]c:\program files (x86)\windows media player\[/color:c15ca7b9ed][color=blue:c15ca7b9ed]wmpnetwk.exe[/color:c15ca7b9ed] [color=red:c15ca7b9ed](file missing)[/color:c15ca7b9ed] -- end of file - 13846 bytes [/hjt]
  • Dat van die kleurcodeerder - die gebruik ik standaard op het NCF, maar elders dus niet. Maar door een foutje in mijn nieuwste script heb jij die dus al een keer wel gehad. Maar het is niet de bedoeling die kleurcodeerder hier te gebruiken. Ook omdat de forum software hier er anders mee omgaat. En nu ook nog het MBAM-log posten - ook al vindt MBAM mogelijk niks.
  • De computer is nu nog met Microsoft Safety Scanner aan het scannen. Zodra alles klaar is zal het Mbam log posten.
  • Mijn computer gaf vorige week ineens problemen (alle mappen weg (onzichtbaar), melding Catalys Control Center werkt niet meer, beveiligingsmeldingen internet). Na een scan met Microsoft Security Essentials werden de volgende virussen gevonden: Trojan:Win32/FakeSysdef ernstig 19-8-2011 17.16 verwijderd Trojan:Win32/Alureon.FE ernstig 19-8-2011 17.16 verwijderd Trojan:Win32/FakeSysdef ernstig 18-8-2011 21.40 verwijderd Trojan:Win32/FakeSysdef ernstig 18-8-2011 20.12 verwijderd Trojan:Win32/FakeSysdef ernstig 18-8-2011 20.01 In quarantaine... Trojan:Win32/FakeSysdef ernstig 18-8-2011 19.49 Daarna nog een paar keer een scan gedaan en ook met Mbam (zie scanlog hieronder) maar er werden geen virussen meer gevonden. Kan ik er nu van uitgaan dat echt alle virussen weg zijn? Ik blijf nog wel de volgende problemen hebben: - melding Catalyst Control Center werkt niet meer (heb ik opgelost door het te verwijderen maar ik weet niet of dit later problemen kan geven) - bij alle mappen heb ik verborgen bestanden weer uitgezet alleen bij de hoofdmappen in Bibliotheken (Afbeeldingen/Video/Documenten/Muziek) kan dit niet, dus die zijn nog onzichtbaar/licht van kleur. - op Internet Explorer blijf ik meldingen krijgen over beveiliging en ook wordt ik soms naar een andere site gezet die ik niet heb aangeklikt (www.liutilities.com??) Als ik mijn beveiliging van Internet Explorer bij internetopties op Standaardniveau zet schiet hij zodra ik de computer opnieuw heb opgestart op Aangepast niveau. Ik zag op deze site dat sommige problemen met Combofix te verhelpen zijn. Is dit een optie, en zo ja, is er dan iemand die aan wil geven hoe dit te doen? Hieronder de MBam scanlog en Hijackthis-log: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Databaseversie: 7619 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 31-8-2011 13:19:55 mbam-log-2011-08-31 (13-19-55).txt Scantype: Volledige scan (C:\|) Objecten gescand: 307844 Verstreken tijd: 43 minuut/minuten, 44 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:42:54, on 31-8-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13860 bytes

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.