Vraag & Antwoord
Hijackthis log - Computercrashes
19 antwoorden
- Hallo,
Kan iemand deze aub controleren?
[b:65808e459f]EDIT: Raar genoeg, meteen nadat ik dit poste, 10 min ong, kreeg ik een Blue Screen. De computer sloot zichzelf ineens af. Dit heb ik al vaker meegemaakt. Wat is er aan de hand? Kun je dat aan deze logfile zien?
Toen ik weer opstartte kreeg ik de melding Windows is onverwachts afgesloten en weer hersteld. Daarbij stond informatie. Ik denk dat het belangrijkste dit is (meer weten moet je even vragen)
Bestanden die helpen bij het beschrijven van het probleem:
C:\Windows\Minidump\052411-37580-01.dmp
C:\Users\Nico\AppData\Local\Temp\WER-62119-0.sysdata.xml[/b:65808e459f]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:49:01, on 24-5-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\PokerStars\PokerStars.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1454723#1454723
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110516171514.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Nico\PartyPoker.lnk
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Nico\PartyPoker.lnk
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 15400 bytes
Alvast bedankt.
NvdM - Hoi NvdM, drie logs wil ik de volgende keer van jou:
1) WhoCrashed introductie
WhoCrashed beschrijving
Download de [i:35937f28d7]free home edition[/i:35937f28d7] van [b:35937f28d7]WhoCrashed[/b:35937f28d7] naar je bureaublad via klik hier [img:35937f28d7]http://i65.servimg.com/u/f65/11/35/67/12/whocra10.png[/img:35937f28d7] en installeer het tool via klikken/dubbelklikken op "[b:35937f28d7]whocrashedSetup.exe[/b:35937f28d7]"
Nadat 'WhoCrashed' is opgestart, klik je op de "[b:35937f28d7]Analyze[/b:35937f28d7]" knop.
Selekteer nu de inhoud van het venster, kopieer dit en post het resultaat in je volgende post.
2) [b:35937f28d7]Welk programma[/b:35937f28d7]: MBRCheck.exe
[b:35937f28d7]Waarvoor/waarom[/b:35937f28d7]: speciale scan op mbr-rootkits
[b:35937f28d7]Moeilijkheidsgraad[/b:35937f28d7]: geen.
[b:35937f28d7]Download MBRCheck.exe[/b:35937f28d7]
[b:35937f28d7]MBRCheck.exe opstarten[/b:35937f28d7]:
Windows 2000 en Windows XP: start "MBRCheck.exe" middels dubbelklik op "MBRCheck.exe".
Windows Vista en Windows 7: start "MBRCheck.exe" middels rechtsklik op "MBRCheck.exe" en dan kiezen voor "Als Administrator uitvoeren".
[list:35937f28d7][*:35937f28d7]een zwart scherm toont zich met enkele data erin.
[*:35937f28d7]Op je bureaublad zal een logbestand met de naam "MBRcheckxxxx.txt" verschijnen.
[*:35937f28d7]Kopieer nu de inhoud van dat log in je volgende post.[/list:u:35937f28d7]
3) [b:35937f28d7]Welk programma[/b:35937f28d7]: Kaspersky [b:35937f28d7]TDSSKiller[/b:35937f28d7]
[b:35937f28d7]Waarvoor/waarom[/b:35937f28d7]: Rootkitscanner
[b:35937f28d7]Moeilijkheidsgraad[/b:35937f28d7]: geen
[b:35937f28d7]Downloadlokatie[/b:35937f28d7]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
[b:35937f28d7]Download[/b:35937f28d7] [b:35937f28d7]TDSSKiller[/b:35937f28d7] [b:35937f28d7]hier[/b:35937f28d7].
[b:35937f28d7]Installatie[/b:35937f28d7]:
[list:35937f28d7][*:35937f28d7] pak het bestand uit op je bureaublad.[/list:u:35937f28d7]
[b:35937f28d7]TDSSKiller gebruiken[/b:35937f28d7]:
[list:35937f28d7][*:35937f28d7]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
[*:35937f28d7]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:35937f28d7]Als Administrator uitvoeren[/b:35937f28d7].
[*:35937f28d7] Nadat de scan klaar is, vindt je het log in de C:\ partitie
[*:35937f28d7] Post de inhoud van dat log[/list:u:35937f28d7] - [b:482ff8e8fa]Welcome to WhoCrashed HOME EDITION v 3.01[/b:482ff8e8fa]——————————————————————————–
This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.
Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.
This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.
To obtain technical support visit www.resplendence.com/support
To check if an update of this program is available, click here.
Just click the Analyze button for a comprehensible report …
——————————————————————————–
Home Edition Notice
——————————————————————————–
This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should ge the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.
Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.
——————————————————————————–
System Information (local)
——————————————————————————–
computer name: NICO-LAPTOP
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: GenuineIntel Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz Intel586, level: 6
4 logical processors, active mask: 15
RAM: 4151148544 total
VM: 2147352576, free: 1961287680
——————————————————————————–
Crash Dump Analysis
——————————————————————————–
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
On Tue 24-5-2011 15:25:32 GMT your computer crashed
crash dump file: C:\Windows\Minidump\052411-37580-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x7FD00)
Bugcheck code: 0x19 (0x22, 0x480000000000, 0x0, 0x0)
Error: BAD_POOL_HEADER
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a pool header is corrupt.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.
On Tue 24-5-2011 15:25:32 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: win32k.sys (win32k!memset+0x235A)
Bugcheck code: 0x19 (0x22, 0x480000000000, 0x0, 0x0)
Error: BAD_POOL_HEADER
file path: C:\Windows\system32\win32k.sys
product: Besturingssysteem Microsoft® Windows®
company: Microsoft Corporation
description: Multi-User Win32-stuurprogramma
Bug check description: This indicates that a pool header is corrupt.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time.
On Sat 7-5-2011 12:33:15 GMT your computer crashed
crash dump file: C:\Windows\Minidump\050711-21902-01.dmp
This was probably caused by the following module: atikmpag.sys (atikmpag+0x640C)
Bugcheck code: 0x116 (0xFFFFFA8006995370, 0xFFFFF88002EBC40C, 0x0, 0x2)
Error: VIDEO_TDR_ERROR
file path: C:\Windows\system32\drivers\atikmpag.sys
product: AMD driver
company: Advanced Micro Devices, Inc.
description: AMD multi-vendor Miniport Driver
Bug check description: This indicates that an attempt to reset the display driver and recover from a timeout failed.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: atikmpag.sys (AMD multi-vendor Miniport Driver, Advanced Micro Devices, Inc.).
Google query: atikmpag.sys Advanced Micro Devices, Inc. VIDEO_TDR_ERROR
[b:482ff8e8fa]2[/b:482ff8e8fa]On Mon 2-5-2011 13:10:09 GMT your computer crashed
crash dump file: C:\Windows\Minidump\050211-17331-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x70740)
Bugcheck code: 0x1A (0x41790, 0xFFFFFA80008D0000, 0xFFFF, 0x0)
Error: MEMORY_MANAGEMENT
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.
——————————————————————————–
Conclusion
——————————————————————————–
4 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
atikmpag.sys (AMD multi-vendor Miniport Driver, Advanced Micro Devices, Inc.)
If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
MBRCheck, version 1.2.3
© 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: TOSHIBA
BIOS Manufacturer: INSYDE
System Manufacturer: TOSHIBA
System Product Name: Satellite L650
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 202):
0x03062000 \SystemRoot\system32\ntoskrnl.exe
0x03019000 \SystemRoot\system32\hal.dll
0x00BB7000 \SystemRoot\system32\kdcom.dll
0x00CE1000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D30000 \SystemRoot\system32\PSHED.dll
0x00D44000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E19000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EBD000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00ECC000 \SystemRoot\system32\drivers\ACPI.sys
0x00F23000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F2C000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F36000 \SystemRoot\system32\drivers\pci.sys
0x00F69000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F76000 \SystemRoot\System32\drivers\partmgr.sys
0x00F8B000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00F94000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FA0000 \SystemRoot\system32\drivers\volmgr.sys
0x00DA2000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FB5000 \SystemRoot\System32\drivers\mountmgr.sys
0x00FCF000 \SystemRoot\system32\drivers\pciide.sys
0x00FD6000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x01002000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0120A000 \SystemRoot\system32\drivers\atapi.sys
0x01213000 \SystemRoot\system32\drivers\ataport.SYS
0x0123D000 \SystemRoot\system32\drivers\msahci.sys
0x01248000 \SystemRoot\system32\drivers\amdxata.sys
0x01253000 \SystemRoot\system32\drivers\fltmgr.sys
0x0129F000 \SystemRoot\system32\drivers\fileinfo.sys
0x012B3000 \SystemRoot\system32\drivers\mfehidk.sys
0x01459000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01333000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0167C000 \SystemRoot\System32\Drivers\cng.sys
0x016EE000 \SystemRoot\System32\drivers\pcw.sys
0x016FF000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01709000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x0141B000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018D1000 \SystemRoot\System32\drivers\tcpip.sys
0x01AD5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01B1F000 \SystemRoot\system32\drivers\mfewfpk.sys
0x01B63000 \SystemRoot\system32\drivers\TDI.SYS
0x01B70000 \SystemRoot\system32\DRIVERS\wd.sys
0x01B78000 \SystemRoot\system32\drivers\volsnap.sys
0x01BC4000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x01BC9000 \SystemRoot\System32\Drivers\spldr.sys
0x01800000 \SystemRoot\System32\drivers\rdyboost.sys
0x0183A000 \SystemRoot\System32\Drivers\mup.sys
0x0184C000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01855000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0188F000 \SystemRoot\system32\DRIVERS\disk.sys
0x01391000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x04458000 \SystemRoot\system32\drivers\cdrom.sys
0x04482000 \SystemRoot\System32\Drivers\Null.SYS
0x0448B000 \SystemRoot\System32\Drivers\Beep.SYS
0x04492000 \SystemRoot\System32\drivers\vga.sys
0x044A0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x044C5000 \SystemRoot\System32\drivers\watchdog.sys
0x044D5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x044DE000 \SystemRoot\system32\drivers\rdpencdd.sys
0x044E7000 \SystemRoot\system32\drivers\rdprefmp.sys
0x044F0000 \SystemRoot\System32\Drivers\Msfs.SYS
0x044FB000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0450C000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0452E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04573000 \SystemRoot\system32\drivers\afd.sys
0x04200000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x04209000 \SystemRoot\system32\DRIVERS\pacer.sys
0x018B3000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x01BD1000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x01BE7000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01660000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x013C1000 \SystemRoot\system32\drivers\termdd.sys
0x040EB000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0413C000 \SystemRoot\system32\drivers\nsiproxy.sys
0x04148000 \SystemRoot\system32\drivers\mssmbios.sys
0x04153000 \SystemRoot\System32\drivers\discache.sys
0x04162000 \SystemRoot\System32\Drivers\dfsc.sys
0x04180000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04191000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x041B7000 \SystemRoot\system32\DRIVERS\TVALZFL.sys
0x041BE000 \SystemRoot\system32\DRIVERS\FwLnk.sys
0x041C6000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04A02000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x050AD000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x051A1000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04000000 \SystemRoot\system32\drivers\HDAudBus.sys
0x051E7000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x04024000 \SystemRoot\system32\drivers\usbehci.sys
0x04035000 \SystemRoot\system32\drivers\USBPORT.SYS
0x0408B000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x04609000 \SystemRoot\system32\DRIVERS\rtl8192se.sys
0x04736000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04743000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04748000 \SystemRoot\system32\drivers\i8042prt.sys
0x04766000 \SystemRoot\system32\drivers\kbdclass.sys
0x04775000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x047C7000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x047C9000 \SystemRoot\system32\drivers\mouclass.sys
0x047D8000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys
0x040A0000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x047E2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x040C7000 \SystemRoot\system32\drivers\CompositeBus.sys
0x013D5000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x00FE6000 \SystemRoot\system32\DRIVERS\HssDrv.sys
0x05237000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0525B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x05267000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05296000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x052B1000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x052D2000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x052EC000 \SystemRoot\system32\DRIVERS\taphss.sys
0x052F9000 \SystemRoot\system32\drivers\swenum.sys
0x052FB000 \SystemRoot\system32\drivers\ks.sys
0x0533E000 \SystemRoot\system32\drivers\umbus.sys
0x05350000 \SystemRoot\system32\drivers\usbhub.sys
0x053AA000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05A7C000 \SystemRoot\system32\drivers\CHDMI64.sys
0x05B30000 \SystemRoot\system32\drivers\portcls.sys
0x05B6D000 \SystemRoot\system32\drivers\drmk.sys
0x05B8F000 \SystemRoot\system32\drivers\ksthunk.sys
0x05C42000 \SystemRoot\system32\drivers\CHDRT64.sys
0x05CF5000 \SystemRoot\system32\drivers\mfeavfk.sys
0x05D22000 \SystemRoot\system32\drivers\mfefirek.sys
0x00050000 \SystemRoot\System32\win32k.sys
0x05D8C000 \SystemRoot\System32\drivers\Dxapi.sys
0x05D98000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0422F000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05DA6000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x05DB9000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05DD6000 \SystemRoot\system32\drivers\hidusb.sys
0x05DE4000 \SystemRoot\system32\drivers\HIDCLASS.SYS
0x05C00000 \SystemRoot\system32\drivers\HIDPARSE.SYS
0x05C09000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x05C16000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00400000 \SystemRoot\System32\TSDDD.dll
0x006D0000 \SystemRoot\System32\cdd.dll
0x05B95000 \SystemRoot\System32\Drivers\usbvideo.sys
0x00860000 \SystemRoot\System32\ATMFD.DLL
0x05C24000 \SystemRoot\system32\DRIVERS\pgeffect.sys
0x05BC3000 \SystemRoot\system32\drivers\luafv.sys
0x05A00000 \SystemRoot\system32\drivers\WudfPf.sys
0x05C2B000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x05A21000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05BE6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x053BF000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03A0C000 \SystemRoot\system32\drivers\HTTP.sys
0x03AD5000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03AF3000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03B0B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03B38000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03B85000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x03BA9000 \SystemRoot\System32\Drivers\adfs.SYS
0x05E9C000 \SystemRoot\system32\drivers\peauth.sys
0x05F42000 \SystemRoot\System32\Drivers\secdrv.SYS
0x05F4D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x05F7E000 \SystemRoot\System32\drivers\tcpipreg.sys
0x05F90000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0709C000 \SystemRoot\System32\DRIVERS\srv.sys
0x07134000 \SystemRoot\system32\drivers\cfwids.sys
0x07142000 \SystemRoot\system32\drivers\mfeapfk.sys
0x771A0000 \Windows\System32\ntdll.dll
0x47BF0000 \Windows\System32\smss.exe
0xFF4C0000 \Windows\System32\apisetschema.dll
0xFF6A0000 \Windows\System32\autochk.exe
0x77370000 \Windows\System32\psapi.dll
0x770A0000 \Windows\System32\user32.dll
0x76F40000 \Windows\System32\wininet.dll
0xFF450000 \Windows\System32\Wldap32.dll
0xFF270000 \Windows\System32\setupapi.dll
0xFF1D0000 \Windows\System32\clbcatq.dll
0xFF0A0000 \Windows\System32\rpcrt4.dll
0xFF030000 \Windows\System32\gdi32.dll
0xFF010000 \Windows\System32\imagehlp.dll
0xFEF40000 \Windows\System32\usp10.dll
0xFEE30000 \Windows\System32\msctf.dll
0xFED50000 \Windows\System32\advapi32.dll
0xFEB40000 \Windows\System32\ole32.dll
0xFEB10000 \Windows\System32\imm32.dll
0xFEAF0000 \Windows\System32\sechost.dll
0x76E20000 \Windows\System32\kernel32.dll
0xFEAE0000 \Windows\System32\nsi.dll
0x76C10000 \Windows\System32\iertutil.dll
0xFEA60000 \Windows\System32\shlwapi.dll
0xFE9C0000 \Windows\System32\msvcrt.dll
0x77360000 \Windows\System32\normaliz.dll
0xFDC30000 \Windows\System32\shell32.dll
0xFDBB0000 \Windows\System32\difxapi.dll
0xFDB60000 \Windows\System32\ws2_32.dll
0xFDAC0000 \Windows\System32\comdlg32.dll
0xFDAB0000 \Windows\System32\lpk.dll
0xFD9D0000 \Windows\System32\oleaut32.dll
0x76AC0000 \Windows\System32\urlmon.dll
0xFD860000 \Windows\System32\crypt32.dll
0xFD7F0000 \Windows\System32\KernelBase.dll
0xFD7D0000 \Windows\System32\devobj.dll
0xFD790000 \Windows\System32\wintrust.dll
0xFD6F0000 \Windows\System32\comctl32.dll
0xFD6B0000 \Windows\System32\cfgmgr32.dll
0xFD6A0000 \Windows\System32\msasn1.dll
0x77350000 \Windows\SysWOW64\normaliz.dll
Processes (total 98):
0 System Idle Process
4 System
336 C:\Windows\System32\smss.exe
540 csrss.exe
592 C:\Windows\System32\wininit.exe
612 csrss.exe
664 C:\Windows\System32\services.exe
688 C:\Windows\System32\winlogon.exe
700 C:\Windows\System32\lsass.exe
728 C:\Windows\System32\lsm.exe
816 C:\Windows\System32\svchost.exe
908 C:\Windows\System32\svchost.exe
956 C:\Windows\System32\atiesrxx.exe
120 C:\Windows\System32\svchost.exe
360 C:\Windows\System32\svchost.exe
460 C:\Windows\System32\svchost.exe
768 C:\Windows\System32\audiodg.exe
1036 C:\Windows\System32\svchost.exe
1120 C:\Windows\System32\svchost.exe
1360 C:\Windows\System32\spoolsv.exe
1388 C:\Windows\System32\svchost.exe
1428 C:\Windows\System32\atieclxx.exe
1584 C:\Windows\System32\svchost.exe
1612 C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
1736 C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
1772 C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
1812 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1840 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
1864 C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
1956 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
1988 C:\Windows\System32\rundll32.exe
1996 C:\Windows\SysWOW64\rundll32.exe
1232 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1608 C:\Windows\System32\svchost.exe
1680 C:\Windows\System32\svchost.exe
1236 C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
1904 C:\Windows\System32\TODDSrv.exe
1112 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
2116 C:\Program Files\TOSHIBA\TECO\TecoService.exe
2168 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
2228 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
2876 C:\Windows\System32\svchost.exe
2896 C:\Windows\System32\taskhost.exe
3212 C:\Windows\System32\dwm.exe
3272 C:\Windows\explorer.exe
3424 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3476 C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
3488 C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
3500 C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
3588 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
3604 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
3700 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
3740 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
3832 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3860 C:\Program Files\TOSHIBA\TECO\Teco.exe
3944 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
3968 C:\Program Files\Windows Sidebar\sidebar.exe
4068 C:\Program Files (x86)\uTorrent\uTorrent.exe
3156 C:\Windows\System32\StikyNot.exe
512 C:\Windows\System32\SearchIndexer.exe
992 C:\Program Files\mcafee.com\agent\mcagent.exe
1004 C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
3688 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3108 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
4188 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4548 C:\Program Files\Windows Media Player\wmpnetwk.exe
4316 C:\Windows\System32\taskeng.exe
4516 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
5104 C:\Windows\System32\svchost.exe
4792 C:\Program Files (x86)\PokerStars\PokerStars.exe
5148 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
5188 C:\PROGRA~2\INTERN~1\iexplore.exe
5288 C:\PROGRA~2\INTERN~1\iexplore.exe
5184 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
2780 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
4780 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
5708 C:\Program Files (x86)\Nero\Update\NASvc.exe
6076 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
3916 C:\Windows\System32\svchost.exe
5172 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
2796 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
5440 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
6676 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
6836 C:\Windows\servicing\TrustedInstaller.exe
6980 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
7140 C:\PROGRA~2\INTERN~1\iexplore.exe
4812 C:\Windows\System32\svchost.exe
3748 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe
5384 C:\Windows\System32\SearchProtocolHost.exe
5444 C:\Windows\System32\SearchFilterHost.exe
6232 C:\Windows\System32\SearchProtocolHost.exe
3088 C:\Program Files\WhoCrashed\whocrashedex.exe
6008 C:\Windows\System32\svchost.exe
1352 C:\PROGRA~2\INTERN~1\iexplore.exe
5668 dllhost.exe
7068 dllhost.exe
5540 C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNW5WDL0\MBRCheck.exe
6052 C:\Windows\System32\conhost.exe
\\.\C: –> \\.\PhysicalDrive0 at offset 0x00000000`19100000 (NTFS)
\\.\D: –> \\.\PhysicalDrive0 at offset 0x00000025`4d300000 (NTFS)
PhysicalDrive0 Model Number: HitachiHTS545032B9A300, Rev: PB3OC64G
Size Device Name MBR Status
——————————————–
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
[b:482ff8e8fa]
3[/b:482ff8e8fa]
2011/05/25 15:57:11.0700 1560 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/25 15:57:13.0701 1560 ================================================================================
2011/05/25 15:57:13.0701 1560 SystemInfo:
2011/05/25 15:57:13.0701 1560
2011/05/25 15:57:13.0701 1560 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/25 15:57:13.0701 1560 Product type: Workstation
2011/05/25 15:57:13.0701 1560 ComputerName: NICO-LAPTOP
2011/05/25 15:57:13.0701 1560 UserName: Nico
2011/05/25 15:57:13.0701 1560 Windows directory: C:\Windows
2011/05/25 15:57:13.0701 1560 System windows directory: C:\Windows
2011/05/25 15:57:13.0701 1560 Running under WOW64
2011/05/25 15:57:13.0701 1560 Processor architecture: Intel x64
2011/05/25 15:57:13.0701 1560 Number of processors: 4
2011/05/25 15:57:13.0701 1560 Page size: 0x1000
2011/05/25 15:57:13.0701 1560 Boot type: Normal boot
2011/05/25 15:57:13.0701 1560 ================================================================================
2011/05/25 15:57:14.0294 1560 Initialize success
2011/05/25 15:58:37.0308 4808 ================================================================================
2011/05/25 15:58:37.0308 4808 Scan started
2011/05/25 15:58:37.0308 4808 Mode: Manual;
2011/05/25 15:58:37.0308 4808 ================================================================================
2011/05/25 15:58:37.0838 4808 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/05/25 15:58:37.0948 4808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/25 15:58:38.0078 4808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/25 15:58:38.0268 4808 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/05/25 15:58:38.0358 4808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/25 15:58:38.0488 4808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/25 15:58:38.0548 4808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/25 15:58:38.0638 4808 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/25 15:58:38.0748 4808 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
2011/05/25 15:58:38.0918 4808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/25 15:58:38.0978 4808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/25 15:58:39.0128 4808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/25 15:58:39.0188 4808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/25 15:58:39.0368 4808 amdkmdag (f05b22ce901fc26ae55a1a27aa674d96) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/25 15:58:39.0498 4808 amdkmdap (ed25d58581b5a28593c277f482fccd62) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/05/25 15:58:39.0548 4808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/25 15:58:39.0698 4808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/05/25 15:58:39.0778 4808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/25 15:58:39.0898 4808 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/05/25 15:58:39.0958 4808 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/25 15:58:40.0118 4808 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/25 15:58:40.0138 4808 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/25 15:58:40.0198 4808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/25 15:58:40.0318 4808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/25 15:58:40.0538 4808 atikmdag (f05b22ce901fc26ae55a1a27aa674d96) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/25 15:58:40.0718 4808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/25 15:58:40.0838 4808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/25 15:58:40.0888 4808 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/25 15:58:41.0008 4808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/25 15:58:41.0058 4808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/25 15:58:41.0088 4808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/25 15:58:41.0170 4808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/25 15:58:41.0233 4808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/25 15:58:41.0264 4808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/25 15:58:41.0295 4808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/25 15:58:41.0311 4808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/25 15:58:41.0326 4808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/25 15:58:41.0438 4808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/25 15:58:41.0508 4808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/05/25 15:58:41.0638 4808 cfwids (676535b3156fecf7133cf80b4d2f6cf7) C:\Windows\system32\drivers\cfwids.sys
2011/05/25 15:58:41.0778 4808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/25 15:58:41.0828 4808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/25 15:58:41.0938 4808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/25 15:58:41.0998 4808 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/25 15:58:42.0048 4808 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/25 15:58:42.0178 4808 CnxtHdAudService (25c58ee97be0416a373e3e4f855206b5) C:\Windows\system32\drivers\CHDRT64.sys
2011/05/25 15:58:42.0288 4808 CnxtHdmiAudService (89c99ab4ae9535f727791592d84d4821) C:\Windows\system32\drivers\CHDMI64.sys
2011/05/25 15:58:42.0428 4808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/25 15:58:42.0458 4808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/25 15:58:42.0508 4808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/25 15:58:42.0648 4808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/25 15:58:42.0708 4808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/25 15:58:42.0838 4808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/25 15:58:42.0928 4808 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/25 15:58:43.0018 4808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/25 15:58:43.0208 4808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/25 15:58:43.0468 4808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/25 15:58:43.0588 4808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/25 15:58:43.0639 4808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/25 15:58:43.0670 4808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/25 15:58:43.0789 4808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/25 15:58:43.0859 4808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/25 15:58:43.0949 4808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/25 15:58:44.0109 4808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/25 15:58:44.0159 4808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/25 15:58:44.0209 4808 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/25 15:58:44.0349 4808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/25 15:58:44.0419 4808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/25 15:58:44.0539 4808 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\Windows\system32\DRIVERS\FwLnk.sys
2011/05/25 15:58:44.0609 4808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/25 15:58:44.0669 4808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/25 15:58:44.0829 4808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/25 15:58:44.0899 4808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/25 15:58:44.0939 4808 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/05/25 15:58:45.0049 4808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/25 15:58:45.0079 4808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/25 15:58:45.0119 4808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/25 15:58:45.0189 4808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/05/25 15:58:45.0349 4808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/25 15:58:45.0439 4808 HssDrv (a60c877e1cd3aa2e4e5ccd8af305c0f1) C:\Windows\system32\DRIVERS\HssDrv.sys
2011/05/25 15:58:45.0649 4808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/25 15:58:45.0749 4808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/25 15:58:45.0789 4808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/05/25 15:58:45.0839 4808 iaStor (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/25 15:58:45.0949 4808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/05/25 15:58:46.0049 4808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/25 15:58:46.0169 4808 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
2011/05/25 15:58:46.0229 4808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/25 15:58:46.0269 4808 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/25 15:58:46.0389 4808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/25 15:58:46.0479 4808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/25 15:58:46.0629 4808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/25 15:58:46.0669 4808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/25 15:58:46.0719 4808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/25 15:58:46.0839 4808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/25 15:58:46.0929 4808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/05/25 15:58:47.0039 4808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/05/25 15:58:47.0119 4808 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/25 15:58:47.0159 4808 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/25 15:58:47.0269 4808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/25 15:58:47.0319 4808 L1C (55480b9c63f3f91a8ebbadcbf28fe581) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/05/25 15:58:47.0469 4808 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/25 15:58:47.0619 4808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/25 15:58:47.0639 4808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/25 15:58:47.0659 4808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/25 15:58:47.0669 4808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/25 15:58:47.0699 4808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/25 15:58:47.0859 4808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/25 15:58:47.0899 4808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/25 15:58:47.0969 4808 mfeapfk (31338e489314ae2a29534fbaa7ad2f1b) C:\Windows\system32\drivers\mfeapfk.sys
2011/05/25 15:58:48.0089 4808 mfeavfk (5822e70233218bcf22a65fcea74d012d) C:\Windows\system32\drivers\mfeavfk.sys
2011/05/25 15:58:48.0329 4808 mfefirek (5a24e7c834576313d8c5eaf0825da844) C:\Windows\system32\drivers\mfefirek.sys
2011/05/25 15:58:48.0429 4808 mfehidk (a2607740bb18d631da01e01dcb81843b) C:\Windows\system32\drivers\mfehidk.sys
2011/05/25 15:58:48.0559 4808 mfenlfk (50c3a9d7465d385061c0601deefb5a8e) C:\Windows\system32\DRIVERS\mfenlfk.sys
2011/05/25 15:58:48.0589 4808 mferkdet (edf5ee799a0b3ed6dce8bb16a51f3d1f) C:\Windows\system32\drivers\mferkdet.sys
2011/05/25 15:58:48.0689 4808 mfewfpk (9182faf9addd5ea6308d155ceb502c6f) C:\Windows\system32\drivers\mfewfpk.sys
2011/05/25 15:58:48.0799 4808 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/25 15:58:48.0829 4808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/25 15:58:48.0949 4808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/05/25 15:58:49.0029 4808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/25 15:58:49.0129 4808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/25 15:58:49.0179 4808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/25 15:58:49.0249 4808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/25 15:58:49.0289 4808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/25 15:58:49.0459 4808 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/25 15:58:49.0489 4808 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/25 15:58:49.0529 4808 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/25 15:58:49.0579 4808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/25 15:58:49.0689 4808 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/25 15:58:49.0799 4808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/25 15:58:49.0829 4808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/25 15:58:49.0929 4808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/25 15:58:49.0989 4808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/25 15:58:50.0099 4808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/25 15:58:50.0139 4808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/25 15:58:50.0179 4808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/25 15:58:50.0219 4808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/25 15:58:50.0339 4808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/25 15:58:50.0359 4808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/25 15:58:50.0399 4808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/25 15:58:50.0509 4808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/25 15:58:50.0599 4808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/25 15:58:50.0719 4808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/25 15:58:50.0759 4808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/25 15:58:50.0799 4808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/25 15:58:50.0899 4808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/25 15:58:50.0949 4808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/25 15:58:51.0039 4808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/25 15:58:51.0159 4808 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/25 15:58:51.0249 4808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/25 15:58:51.0359 4808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/25 15:58:51.0389 4808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/25 15:58:51.0469 4808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/05/25 15:58:51.0569 4808 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/25 15:58:51.0619 4808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/05/25 15:58:51.0689 4808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/05/25 15:58:51.0819 4808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/25 15:58:51.0869 4808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/25 15:58:51.0989 4808 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/25 15:58:52.0049 4808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/25 15:58:52.0099 4808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/25 15:58:52.0169 4808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/25 15:58:52.0229 4808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/25 15:58:52.0269 4808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/25 15:58:52.0299 4808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/25 15:58:52.0459 4808 PGEffect (663962900e7fea522126ba287715bb4a) C:\Windows\system32\DRIVERS\pgeffect.sys
2011/05/25 15:58:52.0549 4808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/25 15:58:52.0649 4808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/25 15:58:52.0719 4808 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/25 15:58:52.0849 4808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/25 15:58:53.0009 4808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/25 15:58:53.0039 4808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/25 15:58:53.0089 4808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/25 15:58:53.0149 4808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/25 15:58:53.0289 4808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/25 15:58:53.0389 4808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/25 15:58:53.0459 4808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/25 15:58:53.0529 4808 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/25 15:58:53.0569 4808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/25 15:58:53.0639 4808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/25 15:58:53.0699 4808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/25 15:58:53.0729 4808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/25 15:58:53.0769 4808 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/25 15:58:53.0909 4808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/25 15:58:54.0009 4808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/25 15:58:54.0089 4808 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
2011/05/25 15:58:54.0219 4808 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\Windows\system32\DRIVERS\rtl8192se.sys
2011/05/25 15:58:54.0309 4808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/25 15:58:54.0419 4808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/25 15:58:54.0559 4808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/25 15:58:54.0629 4808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/25 15:58:54.0649 4808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/25 15:58:54.0699 4808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/25 15:58:54.0799 4808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/25 15:58:54.0869 4808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/25 15:58:54.0889 4808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/25 15:58:54.0959 4808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/25 15:58:55.0029 4808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/25 15:58:55.0079 4808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/25 15:58:55.0119 4808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/25 15:58:55.0189 4808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/25 15:58:55.0259 4808 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/25 15:58:55.0369 4808 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/25 15:58:55.0419 4808 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/25 15:58:55.0609 4808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/25 15:58:55.0699 4808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/25 15:58:55.0769 4808 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\Windows\system32\DRIVERS\SynTP.sys
2011/05/25 15:58:55.0869 4808 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
2011/05/25 15:58:55.0979 4808 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/25 15:58:56.0139 4808 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/25 15:58:56.0269 4808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/25 15:58:56.0339 4808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
2011/05/25 15:58:56.0429 4808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/25 15:58:56.0459 4808 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/25 15:58:56.0499 4808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/25 15:58:56.0639 4808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/25 15:58:56.0839 4808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/25 15:58:56.0949 4808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/25 15:58:57.0109 4808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/25 15:58:57.0179 4808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
2011/05/25 15:58:57.0219 4808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys
2011/05/25 15:58:57.0309 4808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/25 15:58:57.0369 4808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/25 15:58:57.0549 4808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/25 15:58:57.0589 4808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/05/25 15:58:57.0629 4808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/25 15:58:57.0749 4808 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/25 15:58:57.0799 4808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/25 15:58:57.0909 4808 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
2011/05/25 15:58:57.0949 4808 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/05/25 15:58:57.0979 4808 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
2011/05/25 15:58:58.0089 4808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/25 15:58:58.0129 4808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
2011/05/25 15:58:58.0199 4808 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
2011/05/25 15:58:58.0309 4808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/25 15:58:58.0369 4808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/25 15:58:58.0419 4808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/25 15:58:58.0509 4808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/25 15:58:58.0559 4808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/25 15:58:58.0669 4808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/25 15:58:58.0709 4808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/25 15:58:58.0829 4808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/25 15:58:58.0869 4808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/25 15:58:58.0999 4808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/25 15:58:59.0049 4808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/25 15:58:59.0179 4808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/25 15:58:59.0219 4808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/25 15:58:59.0289 4808 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/25 15:58:59.0309 4808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/25 15:58:59.0449 4808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/25 15:58:59.0489 4808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/25 15:58:59.0619 4808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/25 15:58:59.0659 4808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/25 15:58:59.0809 4808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/25 15:58:59.0879 4808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/25 15:58:59.0949 4808 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/25 15:59:00.0079 4808 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/25 15:59:00.0179 4808 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/05/25 15:59:00.0189 4808 ================================================================================
2011/05/25 15:59:00.0189 4808 Scan finished
2011/05/25 15:59:00.0189 4808 ================================================================================
2011/05/25 15:59:00.0199 0892 Detected object count: 0
2011/05/25 15:59:00.0199 0892 Actual detected object count: 0
[b:482ff8e8fa]ALVAST BEDANKT VOOR HET KIJKEN! [/b:482ff8e8fa] - Hoi Nico, hoe oud zijn de Ati-drivers al?
En doe ook het volgende:
ga naar [b:2cadb64c80]Start[/b:2cadb64c80] en typ [in de zoekregel [b:2cadb64c80]cmd[/b:2cadb64c80]; bovenaan het startmenu zie je nu de betreffende snelkoppeling.
Klik deze snelkoppeling met rechts aan en kies voor [b:2cadb64c80]Als administrator uitvoeren[/b:2cadb64c80].
In het zwarte venster typ je nu [b:2cadb64c80]sfc /scannow[/b:2cadb64c80] gevolgd door indrukken van de Entertoets.
Denk wel aan de spatie na 'sfc'.
In het zwarte venster zie nu de voortgang van de scan.
Is de scan klaar, typ je [b:2cadb64c80]Exit[/b:2cadb64c80] gevolgd door indrukken van de Entertoets.
SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zonodig volgt reparatie.
Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan. - Hallo,
Deze zijn nog geen jaar oud!
Ik kocht deze laptop in September 2010, maar ik ondervind al af en toe problemen. Zoals het Blue Screen wat ik al een paar keer heb gehad.
Heeft u iets kunnen vinden? Want bij cmd kwam dit eruit:
Er zijn geen schendingen van de integriteit gevonden. - Hoi Nico, wat is de precieze type-aanduiding van jouw Toshiba notebook?
- [quote:9ce35a2aff="Abraham54"]Hoi Nico, wat is de precieze type-aanduiding van jouw Toshiba notebook?[/quote:9ce35a2aff]
Als ik het goed heb is het deze:
http://www.bcc.nl/product/toshiba-l650-1q3 - Hoi Nico, ik adviseer je de videokaartdrivers opnieuw te installeren.
Want mogelijk zijn de huidige drivers beschadigd.
Je gaat naar - http://nl.computers.toshiba-europe.com/innovation/windows7_drivers.jsp?macId=&LNG=3&mode=allMachines&userOS=&action=search&selCategory=2&selFamily=2&selSeries=178&selProduct=5376&selShortMod=-1&selOS=30&selType=all&country=24&language=12&search= - en dan zoek je daar naar [b:15f64b3b08]Display Driver[/b:15f64b3b08] en klik je daar op.
Vervolgens kan je het bestand downloaden - het makkelijkst is het, daarbij deze keer het bureaublad te kiezen!
Na de download ga je eerst naar "Start\Configuratiescherm\Programma's en onderdelen" en in de lijst verwijder je dan ATI.
Na het opnieuw opstarten van jouw notebook mag je de nieuwe driver (na uitpakken) gaan installeren.
Doe dit overigens met administratorrechten (rechtsklik). - Hallo, toen ik het wou verwijderen kreeg ik dit:
(klik om print screen te zien)
http://imageshack.us/photo/my-images/545/ativerwijderen.png/
Kan ik dan niet beter eerst herstellen proberen of zo, of moet ik hem gewoon verwijderen?
Want mijn vraag is dan, als ik mijn laptop opnieuw opstart, krijg je dan geen problemen omdat er niks van ATI is geinstalleerd? Kan dat geen kwaad? - De onderste optie kiezen!
- [quote:29fff84fd9="Abraham54"]De onderste optie kiezen![/quote:29fff84fd9]
Hij is uitgepakt in C:\Users\Nico\AppData\Local\Temp\TC50068800G.temp en vervolgens geinstalleerd. Dit is toch goed neem ik aan?
En ontzettend bedankt, maar als ik vragen mag, wat was er verkeerd met mijn laptop? de videokaart werkte niet goed, alleen dat of nog meer dingen? Kwam die Blue Screen daardoor? - Inderdaad vermoed ik dat het door de vorige drivers van ATI kwam!
- [quote:4630d658b2="Abraham54"]Inderdaad vermoed ik dat het door de vorige drivers van ATI kwam![/quote:4630d658b2]
Oke bedankt, maar je hebt geen hardware fout gezien ofzo? Of iets aan McAfee?
Want mijn internet valt dagelijks gemiddeld zon 10x uit, en soms duurt het een paar minuten, soms wel een half uur.
Zover je kan zien, kan je niet weten waar het aan ligt? Of er iets met netwerkkaart is of dat McAfee iets tegenhoud? - De melding dat je draadloze verbinding regelmatig voor langere perioden uitvalt is nieuw voor mij!
Hoe heb jij in Windows deze verbinding geregeld?
Via de Windows netwerkbeheer zelf of via Toshiba software?
Wat betreft hardwarefouten, nee want een en ander kan ook door rootkits veroorzaakt worden.
McAfee is nu eenmaal niet de meest betrouwbare antivirussoftware!
Dus nu gaan we dieper kijken:
[b:cbe9628d63]Welk programma[/b:cbe9628d63]: ComboFix
[b:cbe9628d63]Waarvoor/waarom[/b:cbe9628d63]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
en zo mogelijk op te schonen.
[b:cbe9628d63]Moeilijkheidsgraad[/b:cbe9628d63]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
[b:cbe9628d63]Downloadlokatie[/b:cbe9628d63]: Dit programma absoluut naar het bureaublad downloaden!
[b:cbe9628d63]Download ComboFix via één van deze locaties[/b:cbe9628d63]:
[list:cbe9628d63][*:cbe9628d63][b:cbe9628d63]Bleepingcomputer[/b:cbe9628d63]
[*:cbe9628d63][b:cbe9628d63]ForoSpyware[/b:cbe9628d63]
[*:cbe9628d63][b:cbe9628d63]Geekstogo[/b:cbe9628d63][/list:u:cbe9628d63]
[b:cbe9628d63]Hier[/b:cbe9628d63] zie je hoe je ComboFix moet gebruiken.
Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
[b:cbe9628d63]Hier[/b:cbe9628d63] en [b:cbe9628d63]hier[/b:cbe9628d63] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
[b:cbe9628d63]Voor alle duidelijkheid nogmaals[/b:cbe9628d63]: ComboFix dient vanaf het bureaublad gestart te worden.
[b:cbe9628d63]Opmerkingen[/b:cbe9628d63]:
[list:cbe9628d63][*:cbe9628d63] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
[*:cbe9628d63]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
[*:cbe9628d63]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:cbe9628d63]
[b:cbe9628d63]ComboFix is opgestart[/b:cbe9628d63]:
[list:cbe9628d63][*:cbe9628d63]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
[*:cbe9628d63]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
[*:cbe9628d63]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
[*:cbe9628d63]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
[*:cbe9628d63]Post de inhoud van dit logbestand in je volgende bericht.
[*:cbe9628d63]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:cbe9628d63]
[b:cbe9628d63]Belangrijke opmerking[/b:cbe9628d63]:
[list:cbe9628d63][*:cbe9628d63][b:cbe9628d63] - Omdat ik het deze week nogal druk heb en dit mij een lange scan lijkt, duurt het even voor ik de resultaten post.
Verwacht is dat ik het donderdag wel post of vrijdag.
Alvast bedankt dat je me weer verder helpt! - Indien je hardware niet al te oud is, zal de scantijd een tien- tot vijftein minuten duren of korter!
Dus dat valt wel mee. - [quote:09c49e54bd="Abraham54"]Indien je hardware niet al te oud is, zal de scantijd een tien- tot vijftein minuten duren of korter!
Dus dat valt wel mee.[/quote:09c49e54bd]
Oke, ,maar u zegt dat ik antivirus allemaal moet uitschakelen. Ik ben daar niet zo vertrouwt over en weet niet precies hoe het werkt, die sites zijn in het engels en ik begrijp het wel grotendeels, maar ik weet niet zeker of ik het goed doe, want die site werkt ook nog met een andere beschrijving (waarschijnlijk van een verouderde mcafee versie?)
Ik heb windows malware scanner + mcafee
Wat moet ik uitschakelen? alles van mcafee, of realtime scannen en de firewall?
en hoe van windows malware? - Hoi Nico, twee dingen eerst.
1) jij mag ook jijen tegen mij!
2) ik hoef niet telkens terug te te lezen wat ik al gepost heb!
Ontopic.
Omdat Windows Defender voor stoorzender kan spelen - deze deaktiveren:
[list:849d6691b5][*:849d6691b5] Open Windows Defender Klik op [b:849d6691b5]Tools[/b:849d6691b5]
[*:849d6691b5] Klik op [b:849d6691b5]General Settings[/b:849d6691b5] of[b:849d6691b5] Options[/b:849d6691b5]
[*:849d6691b5] Scroll naar [b:849d6691b5]Real Time Protection Options[/b:849d6691b5]
[*:849d6691b5] Haal het vinkje weg bij [b:849d6691b5]Turn on Real Time Protection (recommended)[/b:849d6691b5] Klik vervolgens op [b:849d6691b5]Save[/b:849d6691b5]
[*:849d6691b5] Sluit Windows Defender[/list:u:849d6691b5]
Indien de problemen over zijn, dus nadat je log weer schoon verklaard is, kan je Defender weer aktiveren.
Wat McAfee betreft: van mij mag je alleen dit onderdeel - "realtime scannen" - deaktiveren. - Hallo,
haha oke.
Ik wil je heel erg bedanken dat je voor me even alles nakeek, maar dit is niet nodig. Er is een upc monteur langs geweest en deze heeft een nieuwe modem geplaatst. als het goed is zijn de problemen nu verholpen.
Dus lijkt het me niet nodig deze scan uit te voeren..
Ontzettend bedankt voor de tijd die je voor me nam!
Mvg,
Nico
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
