Pagina 1 van 6 123 ... LaatsteLaatste
Weergegeven resultaten: 1 t/m 10 van 58
  1. #1
    Up-to-date  
    Geregistreerd
    5 August 2010
    Berichten
    62
    Bedankjes
    8
    Bedankt
    7 keer in 7 posts

    Vertraagde laptop met popups.

    Hallo. ik post deze log omdat ik een aantal problemen heb ondervonden op mijn laptop.
    Hij opent spontaan een nieuwe tabblad (voor een niet laadbare site). grootste probleem is dat mijn laptop er waarschijnlijk traag van word, zodat ik mijn HD bestanden niet kan afspelen.
    Ik heb hiervoor me computer een aantal keer gescand met AVG antivirus. te vergeefs.
    Handig om te weten miss ik heb 2 of 3 weken terug een aantal keer trojan allert gehad als goed is heeft AVG deze verwijderd. maar ik deze allert wel heel vaak. (inmiddels niet meer)

    Ik heb volgens de handleiding gewerkt.
    hier is de Hijackthis log:

    EDIT PETERN: het topic ivm haperingen in HD weergave is hier terug te vinden


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:44:11, on 12-8-2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\AVG\AVG9\avgtray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\StikyNot.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=14542
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
    R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
    O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

    --
    End of file - 7583 bytes

  2. #2
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.
    "
    "

  3. De volgende 2 gebruikers bedanken Juisterr voor deze nuttige post:

    frankie3 (14 August 2010), PeterN (13 August 2010)

  4. #3
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Download ComboFix van één van deze locaties:
    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op
    • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
      Klik hier
      Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
    • Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.
    • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.
      **Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.
    • Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.



    Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:


    Klik op Ja om verder te gaan met het scannen naar malware.

    NOTE: Wanneer ComboFix start, kan het zijn dat je een Error melding krijgt dat de “contents of the ComboFix package has been compromised”
    Ga niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer.


    Blijf je die melding krijgen dan meld je dit.
    Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
    "
    "

  5. De volgende gebruiker bedankt Juisterr voor deze nuttige post:

    PeterN (13 August 2010)

  6. #4
    Up-to-date  
    Geregistreerd
    5 August 2010
    Berichten
    62
    Bedankjes
    8
    Bedankt
    7 keer in 7 posts
    dit is de log (hele waslijst respect dat jullie dit snappen)

    ComboFix 10-08-12.03 - Frank 14-08-2010 18:14:49.1.2 - x86
    Microsoft Windows 7 Professional 6.1.7600.0.1252.31.1043.18.3067.2062 [GMT 2:00]
    Gestart vanuit: c:\users\Frank\Desktop\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2010-07-14 to 2010-08-14 ))))))))))))))))))))))))))))))
    .

    2010-08-13 13:27 . 2010-08-13 13:32 -------- d-----w- c:\users\Frank\AppData\Roaming\vlc
    2010-08-13 13:27 . 2010-08-13 13:27 -------- d-----w- c:\program files\VideoLAN
    2010-08-12 13:33 . 2010-08-12 13:33 388096 ----a-r- c:\users\Frank\AppData\Roaming\Microsoft\Installer \{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-08-12 13:33 . 2010-08-12 13:33 -------- d-----w- c:\program files\Trend Micro
    2010-08-12 11:01 . 2010-08-12 13:31 -------- d-----w- c:\program files\Emsisoft Anti-Malware
    2010-08-05 20:56 . 2010-08-05 20:56 -------- d-----w- c:\programdata\NVIDIA Corporation
    2010-08-05 11:34 . 2010-04-21 10:06 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
    2010-08-05 11:34 . 2010-04-21 10:06 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
    2010-08-05 11:34 . 2010-08-05 11:34 -------- d-----w- c:\program files\myBabylon_English
    2010-08-04 21:02 . 2010-08-04 21:04 -------- d-----w- c:\users\Frank\AppData\Roaming\Media Player Classic
    2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Conduit
    2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Softonic-Eng7
    2010-07-31 23:41 . 2010-06-08 09:28 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
    2010-07-31 23:41 . 2010-06-08 09:28 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
    2010-07-31 23:41 . 2010-08-01 15:13 -------- d-----w- c:\program files\The KMPlayer
    2010-07-28 16:51 . 2010-07-28 16:51 -------- d-----w- c:\program files\iPod
    2010-07-28 16:51 . 2010-07-28 16:52 -------- d-----w- c:\program files\iTunes
    2010-07-28 16:48 . 2010-07-28 16:48 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
    2010-07-28 16:47 . 2010-07-28 16:47 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
    2010-07-25 17:01 . 2010-07-25 17:01 -------- d-----w- c:\program files\GrabIt
    2010-07-25 14:05 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
    2010-07-22 12:07 . 2010-07-25 12:22 -------- d-----w- c:\users\Frank\AppData\Local\Hema Album Software Advanced
    2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\programdata\Hema Album Software Advanced
    2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\program files\Hema Album Software Advanced
    2010-07-21 08:53 . 2010-07-21 08:53 1615200 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
    2010-07-21 08:52 . 2010-07-21 08:52 1373536 ----a-w- c:\programdata\avg9\update\backup\avgssff.dll
    2010-07-21 08:52 . 2010-07-21 08:52 1107296 ----a-w- c:\programdata\avg9\update\backup\avgxpl.dll
    2010-07-21 08:52 . 2010-07-21 08:52 921440 ----a-w- c:\programdata\avg9\update\backup\avgemc.exe
    2010-07-21 08:52 . 2010-07-21 08:52 4368224 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
    2010-07-20 10:45 . 2010-07-21 14:29 -------- d-----w- c:\programdata\FLEXnet
    2010-07-20 10:35 . 2010-07-20 10:35 -------- d-----w- c:\program files\Adobe Media Player
    2010-07-20 10:34 . 2010-07-20 10:34 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2010-07-20 10:31 . 2010-07-20 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
    2010-07-16 12:55 . 2010-07-16 12:55 242896 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
    2010-07-16 12:55 . 2010-07-16 12:55 216200 ----a-w- c:\programdata\avg9\update\backup\avgldx86.sys
    2010-07-16 12:55 . 2010-07-16 12:55 12536 ----a-w- c:\windows\system32\avgrsstx.dll
    2010-07-16 12:54 . 2010-07-16 12:54 813336 ----a-w- c:\programdata\avg9\update\backup\avginet.dll
    2010-07-16 12:54 . 2010-07-16 12:54 624920 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
    2010-07-16 12:54 . 2010-07-16 12:54 1690464 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
    2010-07-16 12:54 . 2010-07-16 12:54 1038688 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2010-08-14 16:18 . 2009-07-14 08:27 691728 ----a-w- c:\windows\system32\perfh013.dat
    2010-08-14 16:18 . 2009-07-14 08:27 130232 ----a-w- c:\windows\system32\perfc013.dat
    2010-08-14 16:04 . 2010-03-03 18:17 -------- d-----w- c:\users\Frank\AppData\Roaming\LimeWire
    2010-08-14 15:57 . 2010-03-04 15:16 -------- d-----w- c:\program files\Ask.com
    2010-08-14 10:41 . 2010-03-09 08:35 0 ----a-w- c:\users\Frank\AppData\Local\prvlcl.dat
    2010-08-10 10:10 . 2010-03-02 22:57 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-08-09 09:53 . 2010-03-03 09:52 -------- d-----w- c:\users\Frank\AppData\Roaming\GrabIt
    2010-08-05 20:59 . 2010-03-02 22:11 -------- d-----w- c:\programdata\NVIDIA
    2010-08-05 20:56 . 2010-03-02 22:09 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-08-05 08:55 . 2010-03-04 15:15 -------- d-----w- c:\users\Frank\AppData\Roaming\uTorrent
    2010-08-01 17:11 . 2010-04-12 10:43 -------- d-----w- c:\users\Frank\AppData\Roaming\dvdcss
    2010-08-01 15:22 . 2010-03-20 13:41 -------- d-----w- c:\programdata\DVD Shrink
    2010-07-28 16:51 . 2010-04-11 10:36 -------- d-----w- c:\program files\Common Files\Apple
    2010-07-28 16:48 . 2010-06-23 20:58 -------- d-----w- c:\program files\Safari
    2010-07-27 23:01 . 2010-03-02 18:53 -------- d-----w- c:\program files\Windows Live
    2010-07-25 14:05 . 2010-03-03 14:41 -------- d-----w- c:\program files\Java
    2010-07-20 10:45 . 2010-03-02 18:47 67856 ----a-w- c:\users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-07-20 10:36 . 2010-03-02 22:36 -------- d-----w- c:\program files\Common Files\Adobe
    2010-07-16 12:55 . 2010-03-02 22:24 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
    2010-07-16 12:54 . 2010-03-02 22:24 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2010-07-12 14:49 . 2010-03-20 13:47 -------- d-----w- c:\program files\DVD Shrink
    2010-07-09 14:20 . 2010-07-09 14:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
    2010-07-09 14:20 . 2010-07-09 14:20 261736 ----a-w- c:\windows\system32\nvhotkey.dll
    2010-07-09 14:20 . 2010-07-09 14:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
    2010-07-09 14:20 . 2010-07-09 14:20 1469544 ----a-w- c:\windows\system32\nvsvc.dll
    2010-07-09 14:20 . 2010-07-09 14:20 13939816 ----a-w- c:\windows\system32\nvcpl.dll
    2010-07-09 14:20 . 2010-07-09 14:20 129640 ----a-w- c:\windows\system32\nvvsvc.exe
    2010-06-24 09:45 . 2010-04-11 10:39 -------- d-----w- c:\users\Frank\AppData\Roaming\Apple Computer
    2010-06-23 20:59 . 2010-06-23 20:59 -------- d-----w- c:\program files\Bonjour
    2010-06-23 20:58 . 2010-06-23 20:58 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
    2010-06-21 22:07 . 2010-08-05 20:54 26216 ----a-w- c:\windows\system32\nvhdap32.dll
    2010-06-21 22:07 . 2010-03-02 22:09 232040 ----a-w- c:\windows\system32\nvcohda.dll
    2010-06-21 22:07 . 2010-08-05 20:54 64104 ----a-w- c:\windows\system32\nvapo32v.dll
    2010-06-21 22:07 . 2010-08-05 20:54 105576 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
    2010-06-03 09:03 . 2010-03-02 22:24 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2010-05-27 07:24 . 2010-06-11 10:48 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-05-27 03:49 . 2010-06-11 10:48 293888 ----a-w- c:\windows\system32\atmfd.dll
    2010-05-21 05:18 . 2010-06-11 10:48 977920 ----a-w- c:\windows\system32\wininet.dll
    2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
    2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
    2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
    "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]

    [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

    [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
    2010-06-03 16:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
    2010-06-13 17:10 2734688 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
    "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]

    [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

    [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
    "{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]

    [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

    [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "RESTART_STICKY_NOTES"="c:\windows\System32\StikyN ot.exe" [2009-07-14 354304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-16 2065760]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
    "Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-12-03 494112]
    "PLFSetI"="c:\windows\PLFSetI.exe" [2010-03-10 200704]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-10 7703072]
    "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]

    c:\users\Frank\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\
    LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dl l

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^VPN Client.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
    backup=c:\windows\pss\VPN Client.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^Users^Frank^AppData^Roamin g^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=c:\users\Frank\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
    2009-10-27 17:18 1103216 ----a-w- c:\program files\Download Manager\DLM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2010-07-21 13:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

    R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
    R3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
    R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-20 691696]
    S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-16 216400]
    S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-16 243024]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
    S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-16 308136]
    S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-12-03 690720]
    S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
    S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
    S3 NETw5s32;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

    .
    .
    ------- Bijkomende Scan -------
    .
    uStart Page = hxxp://search.babylon.com/home?AF=14542
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
    FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
    FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
    FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
    FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
    FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
    FF - plugin: c:\program files\Download Manager\npfpdlm.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

    ---- FIREFOX POLICIES ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    .
    - - - - ORPHANS VERWIJDERD - - - -

    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



    ************************************************** ************************

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86A75B4C]<<
    kernel: MBR read successfully
    detected MBR rootkit hooks:
    IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
    SecurityProcedure -> 0x857c1ad8
    QueryNameProcedure -> 0x857c1c68
    user & kernel MBR OK

    ************************************************** ************************
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2010-08-14 18:22:50
    ComboFix-quarantined-files.txt 2010-08-14 16:22

    Pre-Run: 389.725.761.536 bytes beschikbaar
    Post-Run: 389.723.942.912 bytes beschikbaar

    - - End Of File - - 4E8B78DFB1524CFABFD3DF127FB44E87

  7. #5
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    1.
    Download TDSSKiller.zip en plaats het op je bureaublad.
    Pak de bestanden uit.


    • Open een kladblokbestand.
    • Kopieer onderstaande code in dit kladblokbestand.
      Code:
      @ECHO OFF
      TDSSKiller.exe -l report.txt -v
      DEL %0
    • Ga naar Bestand > Opslaan als.
    • Bij "Opslaan in" kies je: de map waarin TDSSKiller.exe staat.
    • Bij "Bestandsnaam" zet je: start.bat
    • Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    • Klik op de knop Opslaan.




    • Dubbelklik op start.bat.
    • Dit zal de TDSSKiller.exe starten en een logfile (report.txt) maken in dezelfde map.
    • Wanneer TDSSKiller.exe klaar is post je de inhoud van report.txt.
    Laatst gewijzigd door Juisterr; 15 August 2010 om 16:12
    "
    "

  8. #6
    Up-to-date  
    Geregistreerd
    5 August 2010
    Berichten
    62
    Bedankjes
    8
    Bedankt
    7 keer in 7 posts
    Heb het geprobeerd. Alleen wanneer ik dubbel klik op start.bat geeft hij een error aan.
    Valid command line parameters:
    -I <file_name> (path to log file)
    -qpath <folder_name> (path to quarantine folder)
    -qall (copy all objects to quarantine)
    -qsus (copy all suspicious objects to quarantine)
    -qmbr (copy all mbr to quarantine)
    -qcscvc <service_name> (copy sefvice to quarantine)
    -dcsvc <service_name> (delete service)

    er is geen logfile aangemaakt.

  9. #7
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Download Gmer Rootkitscanner: naar het bureaublad.

    Het bestand dat je download bestaat uit een willekeurig gekozen combinatie van cijfers en letters. (vb jqb1jln3.exe of ubmp5cd5.exe steeds een combinatie van 8 cijfers en letters)


    • Dubbelklik op dit "bestand" om Gmer te starten.
    • Krijg je een melding dat er rootkits actief zijn en er wordt gevraagd om een scan uit te voeren, dan sta je dit niet toe.
    • Aan de rechterkant heb je een aantal opties die je kan uit- of aanvinken.
    • Standaard staat alles aangevinkt, dit laat je zo.
    • Onder Files moet enkel de systeempartitie aangevinkt zijn. ( De systeempartitie is die partitie waarop je windows geïnstalleerd is.)
    • Haal het vinkje weg bij "show all" ( dit mag niet aangevinkt zijn! )
    • Klik nu op de "Scan" knop om de rootkitscan met Gmer te starten.
    • Als de scan klaar is klik je op de knop "Save" en sla je het logje op op je bureaublad.
      ( Klik je op knop "Copy", dan wordt de volledige rapportje van de log naar het klembord gekopieerd en kan je via CTRL+V in je volgende post plakken. )
    • Om Gmer te sluiten, klik je op de knop "Cancel".
    "
    "

  10. #8
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Als je dit gedaan hebt voer dan deze geupdate versie uit.

    Downloadt TDSSKiller en plaats het op je bureaublad.
    Pak de bestanden in tdsskiller.zip uit.
    Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
    Klik op de knop "Start Scan" en volg de instructies.
    Wanneer de scan klaar is klik je op de knop "Report".
    Er opent een kladblokbestand. Post de inhoud van dit bestand.
    "
    "

  11. #9
    Up-to-date  
    Geregistreerd
    5 August 2010
    Berichten
    62
    Bedankjes
    8
    Bedankt
    7 keer in 7 posts
    Log van Gmer.


    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-08-15 22:03:23
    Windows 6.1.7600
    Running: dx3tdtrt.exe; Driver: C:\Users\Frank\AppData\Local\Temp\fwkcruoc.sys


    ---- System - GMER 1.0.15 ----

    INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323AAF8
    INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323A104
    INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323A3F4
    INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83222634
    INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83222898
    INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323A1DC
    INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323A958
    INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323A6F8
    INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323AF2C
    INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8323B1A8

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E53599 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E77F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text peauth.sys 9FB22C9D 28 Bytes [84, 63, B4, 61, C9, 87, AB, ...]
    .text peauth.sys 9FB22CC1 28 Bytes [84, 63, B4, 61, C9, 87, AB, ...]

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Windows\Explorer.EXE[432] ntdll.dll!NtProtectVirtualMemory 77765380 5 Bytes JMP 0028000A
    .text C:\Windows\Explorer.EXE[432] ntdll.dll!NtWriteVirtualMemory 77765F00 5 Bytes JMP 004A000A
    .text C:\Windows\Explorer.EXE[432] ntdll.dll!KiUserExceptionDispatcher 77766448 5 Bytes JMP 0027000A
    .text C:\Windows\system32\svchost.exe[964] ntdll.dll!NtProtectVirtualMemory 77765380 5 Bytes JMP 0025000A
    .text C:\Windows\system32\svchost.exe[964] ntdll.dll!NtWriteVirtualMemory 77765F00 5 Bytes JMP 0026000A
    .text C:\Windows\system32\svchost.exe[964] ntdll.dll!KiUserExceptionDispatcher 77766448 5 Bytes JMP 000D000A
    .text C:\Windows\system32\svchost.exe[964] ole32.dll!CoCreateInstance 75BC57FC 5 Bytes JMP 005A000A
    .text C:\Windows\system32\svchost.exe[964] USER32.dll!GetCursorPos 7701C198 5 Bytes JMP 00E1000A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2572] USER32.dll!TrackPopupMenu 77044B3B 5 Bytes JMP 6015721D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\firefox.exe[14332] ntdll.dll!NtProtectVirtualMemory 77765380 5 Bytes JMP 0038000A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[14332] ntdll.dll!NtWriteVirtualMemory 77765F00 5 Bytes JMP 0039000A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[14332] ntdll.dll!KiUserExceptionDispatcher 77766448 5 Bytes JMP 000E000A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[14332] ntdll.dll!LdrLoadDll 7777F625 5 Bytes JMP 012913F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[3276] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[3276] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[3276] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[3276] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[3276] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[3276] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[3276] @ C:\Windows\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[4244] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[4244] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[4244] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[4244] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[4244] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[4244] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[5756] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[5756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[5756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[5756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[5756] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[5756] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[5756] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [757C5E25] C:\Windows\system32\apphelp.dll (Toepassingscompatibiliteit van de client/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework-runtime/Microsoft Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework-runtime/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device \Driver\ACPI_HAL \Device\00000057 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Bestandssysteemfilterbeheer/Microsoft Corporation)

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\001583188aca
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x62 0x6F 0xE5 0x61 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\001583188aca (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@hdf12 0x62 0x6F 0xE5 0x61 ...

    ---- EOF - GMER 1.0.15 ----

  12. #10
    Up-to-date  
    Geregistreerd
    5 August 2010
    Berichten
    62
    Bedankjes
    8
    Bedankt
    7 keer in 7 posts
    Log van TDSSKiller

    2010/08/15 22:05:39.0498 TDSS rootkit removing tool 2.4.1.1 Aug 10 2010 14:48:09
    2010/08/15 22:05:39.0498 ================================================== ==============================
    2010/08/15 22:05:39.0498 SystemInfo:
    2010/08/15 22:05:39.0498
    2010/08/15 22:05:39.0498 OS Version: 6.1.7600 ServicePack: 0.0
    2010/08/15 22:05:39.0498 Product type: Workstation
    2010/08/15 22:05:39.0498 ComputerName: FRANKHOMELAPTOP
    2010/08/15 22:05:39.0499 UserName: Frank
    2010/08/15 22:05:39.0499 Windows directory: C:\Windows
    2010/08/15 22:05:39.0499 System windows directory: C:\Windows
    2010/08/15 22:05:39.0499 Processor architecture: Intel x86
    2010/08/15 22:05:39.0499 Number of processors: 2
    2010/08/15 22:05:39.0499 Page size: 0x1000
    2010/08/15 22:05:39.0499 Boot type: Normal boot
    2010/08/15 22:05:39.0499 ================================================== ==============================
    2010/08/15 22:05:39.0723 Initialize success
    2010/08/15 22:05:42.0425 ================================================== ==============================
    2010/08/15 22:05:42.0425 Scan started
    2010/08/15 22:05:42.0425 Mode: Manual;
    2010/08/15 22:05:42.0425 ================================================== ==============================
    2010/08/15 22:05:43.0729 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
    2010/08/15 22:05:43.0801 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
    2010/08/15 22:05:43.0837 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
    2010/08/15 22:05:43.0879 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
    2010/08/15 22:05:43.0938 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    2010/08/15 22:05:43.0975 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    2010/08/15 22:05:44.0003 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    2010/08/15 22:05:44.0067 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
    2010/08/15 22:05:44.0145 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
    2010/08/15 22:05:44.0186 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
    2010/08/15 22:05:44.0234 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    2010/08/15 22:05:44.0284 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
    2010/08/15 22:05:44.0317 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
    2010/08/15 22:05:44.0358 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
    2010/08/15 22:05:44.0403 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    2010/08/15 22:05:44.0439 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    2010/08/15 22:05:44.0478 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
    2010/08/15 22:05:44.0522 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    2010/08/15 22:05:44.0555 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
    2010/08/15 22:05:44.0598 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
    2010/08/15 22:05:44.0681 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    2010/08/15 22:05:44.0709 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    2010/08/15 22:05:44.0738 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    2010/08/15 22:05:44.0766 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    2010/08/15 22:05:44.0841 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
    2010/08/15 22:05:44.0868 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
    2010/08/15 22:05:44.0917 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\System32\Drivers\avgtdix.sys
    2010/08/15 22:05:44.0974 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    2010/08/15 22:05:45.0024 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    2010/08/15 22:05:45.0097 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    2010/08/15 22:05:45.0144 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    2010/08/15 22:05:45.0227 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
    2010/08/15 22:05:45.0260 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    2010/08/15 22:05:45.0284 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    2010/08/15 22:05:45.0322 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    2010/08/15 22:05:45.0356 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    2010/08/15 22:05:45.0386 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2010/08/15 22:05:45.0427 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    2010/08/15 22:05:45.0474 BthAvrcp (db99076533ffb38cbec8ac88e4535850) C:\Windows\system32\DRIVERS\BthAvrcp.sys
    2010/08/15 22:05:45.0561 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
    2010/08/15 22:05:45.0722 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    2010/08/15 22:05:45.0770 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
    2010/08/15 22:05:45.0818 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
    2010/08/15 22:05:45.0882 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
    2010/08/15 22:05:45.0988 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    2010/08/15 22:05:46.0065 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
    2010/08/15 22:05:46.0103 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    2010/08/15 22:05:46.0140 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    2010/08/15 22:05:46.0170 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    2010/08/15 22:05:46.0201 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
    2010/08/15 22:05:46.0243 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    2010/08/15 22:05:46.0278 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    2010/08/15 22:05:46.0321 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
    2010/08/15 22:05:46.0358 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    2010/08/15 22:05:46.0405 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
    2010/08/15 22:05:46.0473 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
    2010/08/15 22:05:46.0563 CVPNDRVA (abfc32542e2f283c7a1dc7a47467f967) C:\Windows\system32\Drivers\CVPNDRVA.sys
    2010/08/15 22:05:46.0629 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
    2010/08/15 22:05:46.0657 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    2010/08/15 22:05:46.0692 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    2010/08/15 22:05:46.0755 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
    2010/08/15 22:05:46.0837 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    2010/08/15 22:05:46.0899 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
    2010/08/15 22:05:47.0033 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    2010/08/15 22:05:47.0110 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    2010/08/15 22:05:47.0153 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
    2010/08/15 22:05:47.0213 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    2010/08/15 22:05:47.0241 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    2010/08/15 22:05:47.0279 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    2010/08/15 22:05:47.0327 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    2010/08/15 22:05:47.0349 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    2010/08/15 22:05:47.0393 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    2010/08/15 22:05:47.0428 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    2010/08/15 22:05:47.0462 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    2010/08/15 22:05:47.0498 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    2010/08/15 22:05:47.0529 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
    2010/08/15 22:05:47.0569 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    2010/08/15 22:05:47.0660 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2010/08/15 22:05:47.0690 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    2010/08/15 22:05:47.0741 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
    2010/08/15 22:05:47.0774 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2010/08/15 22:05:47.0815 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    2010/08/15 22:05:47.0856 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    2010/08/15 22:05:47.0892 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    2010/08/15 22:05:47.0941 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
    2010/08/15 22:05:48.0007 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
    2010/08/15 22:05:48.0063 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
    2010/08/15 22:05:48.0110 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
    2010/08/15 22:05:48.0149 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
    2010/08/15 22:05:48.0195 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
    2010/08/15 22:05:48.0229 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    2010/08/15 22:05:48.0274 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
    2010/08/15 22:05:48.0392 IntcAzAudAddService (b29e79c67f3779e70ba187e31b639ebc) C:\Windows\system32\drivers\RTKVHDA.sys
    2010/08/15 22:05:48.0445 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
    2010/08/15 22:05:48.0494 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    2010/08/15 22:05:48.0532 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2010/08/15 22:05:48.0572 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    2010/08/15 22:05:48.0594 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    2010/08/15 22:05:48.0651 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    2010/08/15 22:05:48.0681 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
    2010/08/15 22:05:48.0709 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
    2010/08/15 22:05:48.0788 k57nd60x (7ea81534e80570bdf6ee4a4248bba4d6) C:\Windows\system32\DRIVERS\k57nd60x.sys
    2010/08/15 22:05:48.0826 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2010/08/15 22:05:48.0865 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
    2010/08/15 22:05:48.0903 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
    2010/08/15 22:05:48.0930 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
    2010/08/15 22:05:48.0994 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    2010/08/15 22:05:49.0046 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    2010/08/15 22:05:49.0073 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    2010/08/15 22:05:49.0099 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    2010/08/15 22:05:49.0138 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    2010/08/15 22:05:49.0180 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    2010/08/15 22:05:49.0207 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    2010/08/15 22:05:49.0251 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    2010/08/15 22:05:49.0297 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    2010/08/15 22:05:49.0350 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    2010/08/15 22:05:49.0386 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    2010/08/15 22:05:49.0414 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    2010/08/15 22:05:49.0444 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
    2010/08/15 22:05:49.0473 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
    2010/08/15 22:05:49.0505 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    2010/08/15 22:05:49.0545 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
    2010/08/15 22:05:49.0600 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2010/08/15 22:05:49.0630 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2010/08/15 22:05:49.0667 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2010/08/15 22:05:49.0704 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
    2010/08/15 22:05:49.0746 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
    2010/08/15 22:05:49.0781 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    2010/08/15 22:05:49.0797 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    2010/08/15 22:05:49.0821 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
    2010/08/15 22:05:49.0885 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    2010/08/15 22:05:49.0909 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    2010/08/15 22:05:49.0927 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    2010/08/15 22:05:49.0964 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    2010/08/15 22:05:49.0991 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    2010/08/15 22:05:50.0008 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    2010/08/15 22:05:50.0044 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    2010/08/15 22:05:50.0067 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    2010/08/15 22:05:50.0118 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    2010/08/15 22:05:50.0181 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
    2010/08/15 22:05:50.0208 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    2010/08/15 22:05:50.0250 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    2010/08/15 22:05:50.0286 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
    2010/08/15 22:05:50.0312 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
    2010/08/15 22:05:50.0336 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
    2010/08/15 22:05:50.0404 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    2010/08/15 22:05:50.0439 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
    2010/08/15 22:05:50.0671 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\Windows\system32\DRIVERS\NETw5s32.sys
    2010/08/15 22:05:50.0889 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
    2010/08/15 22:05:51.0027 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    2010/08/15 22:05:51.0100 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    2010/08/15 22:05:51.0125 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    2010/08/15 22:05:51.0187 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
    2010/08/15 22:05:51.0221 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    2010/08/15 22:05:51.0272 NVHDA (b4f70fac4ea61cf150823aa063a39ff9) C:\Windows\system32\drivers\nvhda32v.sys
    2010/08/15 22:05:51.0536 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    2010/08/15 22:05:51.0672 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
    2010/08/15 22:05:51.0706 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
    2010/08/15 22:05:51.0745 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
    2010/08/15 22:05:51.0791 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
    2010/08/15 22:05:51.0840 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    2010/08/15 22:05:51.0887 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
    2010/08/15 22:05:51.0919 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    2010/08/15 22:05:51.0953 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
    2010/08/15 22:05:51.0978 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    2010/08/15 22:05:52.0028 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    2010/08/15 22:05:52.0054 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    2010/08/15 22:05:52.0093 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    2010/08/15 22:05:52.0199 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    2010/08/15 22:05:52.0226 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    2010/08/15 22:05:52.0281 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    2010/08/15 22:05:52.0334 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    2010/08/15 22:05:52.0405 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    2010/08/15 22:05:52.0440 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    2010/08/15 22:05:52.0486 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    2010/08/15 22:05:52.0553 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2010/08/15 22:05:52.0602 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2010/08/15 22:05:52.0674 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    2010/08/15 22:05:52.0727 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    2010/08/15 22:05:52.0757 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
    2010/08/15 22:05:52.0802 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    2010/08/15 22:05:52.0856 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2010/08/15 22:05:52.0940 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
    2010/08/15 22:05:52.0975 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    2010/08/15 22:05:53.0031 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    2010/08/15 22:05:53.0105 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
    2010/08/15 22:05:53.0140 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
    2010/08/15 22:05:53.0240 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
    2010/08/15 22:05:53.0377 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    2010/08/15 22:05:53.0420 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
    2010/08/15 22:05:53.0466 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
    2010/08/15 22:05:53.0513 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
    2010/08/15 22:05:53.0564 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2010/08/15 22:05:53.0615 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    2010/08/15 22:05:53.0657 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    2010/08/15 22:05:53.0684 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    2010/08/15 22:05:53.0742 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
    2010/08/15 22:05:53.0780 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    2010/08/15 22:05:53.0824 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
    2010/08/15 22:05:53.0854 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    2010/08/15 22:05:53.0901 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
    2010/08/15 22:05:53.0935 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    2010/08/15 22:05:53.0965 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    2010/08/15 22:05:54.0026 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    2010/08/15 22:05:54.0078 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    2010/08/15 22:05:54.0226 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
    2010/08/15 22:05:54.0294 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys
    2010/08/15 22:05:54.0360 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
    2010/08/15 22:05:54.0409 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys
    2010/08/15 22:05:54.0450 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    2010/08/15 22:05:54.0503 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
    2010/08/15 22:05:54.0550 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
    2010/08/15 22:05:54.0590 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    2010/08/15 22:05:54.0657 SynTP (6bef3acd6ee22eec55b68699e8aace09) C:\Windows\system32\DRIVERS\SynTP.sys
    2010/08/15 22:05:54.0746 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
    2010/08/15 22:05:54.0835 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
    2010/08/15 22:05:54.0882 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
    2010/08/15 22:05:54.0913 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
    2010/08/15 22:05:54.0939 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
    2010/08/15 22:05:54.0968 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
    2010/08/15 22:05:54.0991 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
    2010/08/15 22:05:55.0047 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2010/08/15 22:05:55.0090 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
    2010/08/15 22:05:55.0121 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    2010/08/15 22:05:55.0154 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
    2010/08/15 22:05:55.0190 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
    2010/08/15 22:05:55.0226 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
    2010/08/15 22:05:55.0277 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    2010/08/15 22:05:55.0353 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
    2010/08/15 22:05:55.0383 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
    2010/08/15 22:05:55.0413 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
    2010/08/15 22:05:55.0444 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
    2010/08/15 22:05:55.0476 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
    2010/08/15 22:05:55.0508 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
    2010/08/15 22:05:55.0552 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    2010/08/15 22:05:55.0595 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    2010/08/15 22:05:55.0623 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2010/08/15 22:05:55.0646 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
    2010/08/15 22:05:55.0700 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
    2010/08/15 22:05:55.0744 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
    2010/08/15 22:05:55.0780 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    2010/08/15 22:05:55.0813 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    2010/08/15 22:05:55.0848 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
    2010/08/15 22:05:55.0886 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
    2010/08/15 22:05:55.0915 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    2010/08/15 22:05:55.0949 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
    2010/08/15 22:05:55.0999 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
    2010/08/15 22:05:56.0032 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
    2010/08/15 22:05:56.0110 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
    2010/08/15 22:05:56.0152 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    2010/08/15 22:05:56.0183 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
    2010/08/15 22:05:56.0237 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    2010/08/15 22:05:56.0272 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
    2010/08/15 22:05:56.0312 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
    2010/08/15 22:05:56.0341 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
    2010/08/15 22:05:56.0388 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    2010/08/15 22:05:56.0422 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/08/15 22:05:56.0435 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/08/15 22:05:56.0498 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    2010/08/15 22:05:56.0531 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    2010/08/15 22:05:56.0609 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    2010/08/15 22:05:56.0641 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    2010/08/15 22:05:56.0725 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
    2010/08/15 22:05:56.0766 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2010/08/15 22:05:56.0822 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    2010/08/15 22:05:56.0876 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    2010/08/15 22:05:56.0919 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2010/08/15 22:05:57.0020 ================================================== ==============================
    2010/08/15 22:05:57.0020 Scan finished
    2010/08/15 22:05:57.0020 ================================================== ==============================

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. vertraagde laptop
    Door cawa in forum HijackThis
    Reacties: 7
    Laatste bericht: 11 February 2010, 12:40
  2. Popups
    Door ginodj in forum HijackThis
    Reacties: 8
    Laatste bericht: 3 May 2009, 10:31
  3. CID popups
    Door Colofon in forum Malware
    Reacties: 1
    Laatste bericht: 29 March 2008, 16:08
  4. Vertraagde pc (ErrorSafe en ?)
    Door kasparh in forum HijackThis
    Reacties: 6
    Laatste bericht: 16 April 2007, 00:20
  5. vertraagde pc
    Door cawa in forum HijackThis
    Reacties: 11
    Laatste bericht: 5 February 2007, 20:52

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •