Volledige versie bekijken : MSE vreet geheugen en processor zonder enige reden
Mrjraider 22 August 2011, 20:49 Hee,
Bij deze het betreffende log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:16, on 22-8-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Soluto\soluto.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Vuze\Azureus.exe
C:\Users\Jeroen\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
D:\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Progr am Files\Soluto\soluto.exe /userinit
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Azureus] C:\Program Files\Vuze\Azureus.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5 017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: WTService - Unknown owner - C:\Windows\system32\atwtusb.exe
--
End of file - 7640 bytes
Merci Beaucoup
Maxstar 23 August 2011, 10:14 Hoi,
1.) Download
MalwareBytes'
Anti-Malware (http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button) en sla het op je bureaublad op.Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg dat er na de installatie een vinkje is geplaatst bij:
Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
Bij problemen!!! (Lees de onderstaande instructies)
Problemen
bij het installeren van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3419)
Problemen
bij het updaten van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3420)
Problemen
bij het starten van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3421)
Het
venster met de vraag of je de "Evaluatie wil starten" mag je in
principe weigeren, deze kan je later ook nog inschakelen.
Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het
log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je
terugvinden door op de "Logs" tab te klikken in het programma.
2.) Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip)
en plaats het op je bureaublad.
Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Let op!!! Windows Vista & 7
gebruikers dienen TDSSkiller als administrator uit te voeren
"Rechtermuisknop uitvoeren als",
Klik op de knop "Start Scan" en volg de instructies.
Wanneer de scan klaar is klik je op de knop "Report".
Er opent een kladblokbestand. Post de inhoud van dit bestand.
3.) Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download (http://download.bleepingcomputer.com/sUBs/dds.com).
DDS - Bleeping Computer download (http://download.bleepingcomputer.com/sUBs/dds.scr).
DDS - Infospyware (http://www.infospyware.net/sUBs/dds).
http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif
DDS is een diagnosetool en maakt gebruik van scripts.
Schakel je beveiligings software uit voordat je DDS uitvoert!
Dubbelklik op DDS om de tool te starten.
DDS zal 2 logfiles openen:
* DDS.txt
* Attach.txt
Een scherm vraagt je om beide logjes op te slaan omdat de logjes weg zullen zijn als je ze sluit.
Sla de logjes op bijvoorbeeld op je bureaublad of een andere plaats waar je ze makkelijk terug vind.
Post het DDS.txt logje met je volgende antwoord. De Attach.txt post je alleen wanneer ik hier om vraag.
Plaats het logje van MBAM, TDSSkiller en DDS in het volgende bericht.
Groet Maxstar
Mrjraider 23 August 2011, 10:48 MSE heb ik dus verwijderd (Zoals je kan zien want nu draait er Avast! Free)
TDSSKiller log:
2011/08/23 10:40:07.0785 0992 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/23 10:40:08.0081 0992 ================================================== ==============================
2011/08/23 10:40:08.0081 0992 SystemInfo:
2011/08/23 10:40:08.0081 0992
2011/08/23 10:40:08.0081 0992 OS Version: 6.1.7601 ServicePack: 1.0
2011/08/23 10:40:08.0081 0992 Product type: Workstation
2011/08/23 10:40:08.0081 0992 ComputerName: JEROEN-LAPTOP
2011/08/23 10:40:08.0086 0992 UserName: Jeroen
2011/08/23 10:40:08.0086 0992 Windows directory: C:\Windows
2011/08/23 10:40:08.0086 0992 System windows directory: C:\Windows
2011/08/23 10:40:08.0086 0992 Processor architecture: Intel x86
2011/08/23 10:40:08.0086 0992 Number of processors: 2
2011/08/23 10:40:08.0086 0992 Page size: 0x1000
2011/08/23 10:40:08.0086 0992 Boot type: Normal boot
2011/08/23 10:40:08.0086 0992 ================================================== ==============================
2011/08/23 10:40:09.0356 0992 Initialize success
2011/08/23 10:40:10.0443 1124 ================================================== ==============================
2011/08/23 10:40:10.0443 1124 Scan started
2011/08/23 10:40:10.0443 1124 Mode: Manual;
2011/08/23 10:40:10.0443 1124 ================================================== ==============================
2011/08/23 10:40:11.0846 1124 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/08/23 10:40:11.0921 1124 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/08/23 10:40:11.0965 1124 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/08/23 10:40:12.0049 1124 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
2011/08/23 10:40:12.0083 1124 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
2011/08/23 10:40:12.0130 1124 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
2011/08/23 10:40:12.0206 1124 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
2011/08/23 10:40:12.0288 1124 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/08/23 10:40:12.0332 1124 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/08/23 10:40:12.0389 1124 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
2011/08/23 10:40:12.0652 1124 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/08/23 10:40:12.0715 1124 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/08/23 10:40:12.0764 1124 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/08/23 10:40:12.0803 1124 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
2011/08/23 10:40:12.0842 1124 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
2011/08/23 10:40:12.0897 1124 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
2011/08/23 10:40:12.0944 1124 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
2011/08/23 10:40:12.0973 1124 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
2011/08/23 10:40:13.0026 1124 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/08/23 10:40:13.0194 1124 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
2011/08/23 10:40:13.0405 1124 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
2011/08/23 10:40:13.0539 1124 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\Windows\system32\drivers\aswFsBlk.sys
2011/08/23 10:40:13.0617 1124 aswMonFlt (ff83c93aeee8b0cf4b464ca667a67acd) C:\Windows\system32\drivers\aswMonFlt.sys
2011/08/23 10:40:13.0663 1124 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\Windows\system32\drivers\aswRdr.sys
2011/08/23 10:40:13.0792 1124 aswSnx (17230708a2028cd995656df455f2e303) C:\Windows\system32\drivers\aswSnx.sys
2011/08/23 10:40:13.0839 1124 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\Windows\system32\drivers\aswSP.sys
2011/08/23 10:40:13.0926 1124 aswTdi (984cfce2168286c2511695c2f9621475) C:\Windows\system32\drivers\aswTdi.sys
2011/08/23 10:40:14.0099 1124 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/23 10:40:14.0149 1124 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/08/23 10:40:14.0216 1124 athr (b01751cc563aecac09bbe36aaa21fbef) C:\Windows\system32\DRIVERS\athr.sys
2011/08/23 10:40:14.0398 1124 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
2011/08/23 10:40:14.0451 1124 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/08/23 10:40:14.0500 1124 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/08/23 10:40:14.0630 1124 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/23 10:40:14.0706 1124 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/23 10:40:14.0802 1124 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
2011/08/23 10:40:14.0855 1124 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
2011/08/23 10:40:14.0914 1124 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/08/23 10:40:14.0965 1124 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/23 10:40:14.0997 1124 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/23 10:40:15.0047 1124 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/23 10:40:15.0078 1124 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
2011/08/23 10:40:15.0242 1124 Bulk (50f8483fbeab51809b643edaa6b38699) C:\Windows\system32\Drivers\HDJBulk.sys
2011/08/23 10:40:15.0317 1124 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/23 10:40:15.0389 1124 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/23 10:40:15.0690 1124 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
2011/08/23 10:40:15.0817 1124 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/08/23 10:40:15.0929 1124 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/23 10:40:15.0968 1124 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/08/23 10:40:16.0011 1124 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/08/23 10:40:16.0125 1124 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/23 10:40:16.0173 1124 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/08/23 10:40:16.0226 1124 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
2011/08/23 10:40:16.0282 1124 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
2011/08/23 10:40:16.0567 1124 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/08/23 10:40:16.0752 1124 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/08/23 10:40:16.0804 1124 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
2011/08/23 10:40:16.0861 1124 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
2011/08/23 10:40:16.0963 1124 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/08/23 10:40:17.0036 1124 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/23 10:40:17.0177 1124 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
2011/08/23 10:40:17.0293 1124 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
2011/08/23 10:40:17.0340 1124 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/08/23 10:40:17.0538 1124 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/08/23 10:40:17.0698 1124 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/08/23 10:40:17.0768 1124 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
2011/08/23 10:40:17.0818 1124 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/08/23 10:40:17.0922 1124 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/08/23 10:40:17.0979 1124 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
2011/08/23 10:40:18.0020 1124 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/08/23 10:40:18.0071 1124 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/08/23 10:40:18.0099 1124 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/23 10:40:18.0155 1124 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/23 10:40:18.0212 1124 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/23 10:40:18.0367 1124 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/08/23 10:40:18.0446 1124 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/23 10:40:18.0492 1124 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/08/23 10:40:18.0539 1124 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/23 10:40:18.0656 1124 HDJMidi (69af29573b2a54aa9b06411084e1ef41) C:\Windows\system32\DRIVERS\HDJMidi.sys
2011/08/23 10:40:18.0839 1124 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
2011/08/23 10:40:18.0894 1124 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
2011/08/23 10:40:18.0934 1124 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
2011/08/23 10:40:19.0098 1124 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/23 10:40:19.0177 1124 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/08/23 10:40:19.0224 1124 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/08/23 10:40:19.0275 1124 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/23 10:40:19.0363 1124 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/23 10:40:19.0454 1124 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
2011/08/23 10:40:19.0995 1124 igfx (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/08/23 10:40:20.0200 1124 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
2011/08/23 10:40:20.0436 1124 IntcAzAudAddService (febdd0310fba3da13f56ede2e9f7b5dc) C:\Windows\system32\drivers\RTKVHDA.sys
2011/08/23 10:40:20.0493 1124 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/08/23 10:40:20.0563 1124 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/23 10:40:20.0624 1124 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/23 10:40:20.0712 1124 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/08/23 10:40:20.0765 1124 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/08/23 10:40:20.0820 1124 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/08/23 10:40:20.0850 1124 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/08/23 10:40:20.0904 1124 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/08/23 10:40:20.0976 1124 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys
2011/08/23 10:40:21.0053 1124 JMCR (2254a5e78c55fd8f68f9676590468531) C:\Windows\system32\DRIVERS\jmcr.sys
2011/08/23 10:40:21.0116 1124 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/23 10:40:21.0168 1124 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/23 10:40:21.0313 1124 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/23 10:40:21.0361 1124 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/23 10:40:21.0461 1124 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/23 10:40:21.0544 1124 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/23 10:40:21.0621 1124 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/23 10:40:21.0645 1124 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
2011/08/23 10:40:21.0681 1124 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/23 10:40:21.0883 1124 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/08/23 10:40:22.0132 1124 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
2011/08/23 10:40:22.0203 1124 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\Windows\system32\drivers\mbamswissarmy.sys
2011/08/23 10:40:22.0353 1124 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
2011/08/23 10:40:22.0408 1124 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
2011/08/23 10:40:22.0461 1124 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/08/23 10:40:22.0517 1124 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/23 10:40:22.0546 1124 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/23 10:40:22.0585 1124 moufiltr (9b5d39ed7659ba9b38b64df2a83f1768) C:\Windows\system32\DRIVERS\moufiltr.sys
2011/08/23 10:40:22.0635 1124 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/23 10:40:22.0671 1124 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/08/23 10:40:22.0803 1124 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/08/23 10:40:22.0863 1124 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/23 10:40:22.0918 1124 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/08/23 10:40:22.0965 1124 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/23 10:40:23.0010 1124 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/23 10:40:23.0032 1124 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/23 10:40:23.0068 1124 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/08/23 10:40:23.0129 1124 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/08/23 10:40:23.0189 1124 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/08/23 10:40:23.0214 1124 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/23 10:40:23.0235 1124 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/08/23 10:40:23.0401 1124 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/23 10:40:23.0441 1124 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/23 10:40:23.0460 1124 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/08/23 10:40:23.0500 1124 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/08/23 10:40:23.0624 1124 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/23 10:40:23.0685 1124 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/08/23 10:40:23.0713 1124 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
2011/08/23 10:40:23.0740 1124 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/08/23 10:40:23.0804 1124 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/23 10:40:23.0851 1124 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/08/23 10:40:23.0889 1124 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/23 10:40:23.0926 1124 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/23 10:40:23.0956 1124 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/23 10:40:23.0978 1124 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/23 10:40:24.0016 1124 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/08/23 10:40:24.0044 1124 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/23 10:40:24.0071 1124 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/23 10:40:24.0280 1124 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
2011/08/23 10:40:24.0344 1124 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/08/23 10:40:24.0411 1124 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/23 10:40:24.0478 1124 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
2011/08/23 10:40:24.0546 1124 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/08/23 10:40:24.0596 1124 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
2011/08/23 10:40:24.0631 1124 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
2011/08/23 10:40:24.0675 1124 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/08/23 10:40:24.0716 1124 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/08/23 10:40:24.0790 1124 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
2011/08/23 10:40:24.0817 1124 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/08/23 10:40:24.0844 1124 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
2011/08/23 10:40:24.0874 1124 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/08/23 10:40:24.0921 1124 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/08/23 10:40:24.0959 1124 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
2011/08/23 10:40:24.0998 1124 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/08/23 10:40:25.0039 1124 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/08/23 10:40:25.0305 1124 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/23 10:40:25.0372 1124 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
2011/08/23 10:40:25.0569 1124 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/23 10:40:25.0687 1124 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
2011/08/23 10:40:25.0793 1124 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
2011/08/23 10:40:25.0853 1124 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/23 10:40:25.0906 1124 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/23 10:40:26.0053 1124 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/23 10:40:26.0121 1124 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/23 10:40:26.0290 1124 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/23 10:40:26.0382 1124 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/23 10:40:26.0484 1124 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/23 10:40:26.0539 1124 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/23 10:40:26.0623 1124 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/23 10:40:26.0723 1124 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
2011/08/23 10:40:26.0770 1124 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/23 10:40:26.0802 1124 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/23 10:40:26.0839 1124 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/08/23 10:40:26.0898 1124 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/08/23 10:40:27.0152 1124 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/08/23 10:40:27.0364 1124 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
2011/08/23 10:40:27.0495 1124 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/23 10:40:27.0538 1124 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
2011/08/23 10:40:27.0616 1124 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/08/23 10:40:27.0659 1124 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/23 10:40:27.0741 1124 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\DRIVERS\sdbus.sys
2011/08/23 10:40:27.0866 1124 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/08/23 10:40:28.0007 1124 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys
2011/08/23 10:40:28.0049 1124 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys
2011/08/23 10:40:28.0091 1124 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
2011/08/23 10:40:28.0248 1124 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/08/23 10:40:28.0310 1124 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/23 10:40:28.0388 1124 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/23 10:40:28.0434 1124 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
2011/08/23 10:40:28.0501 1124 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/08/23 10:40:28.0554 1124 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
2011/08/23 10:40:28.0597 1124 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
2011/08/23 10:40:28.0639 1124 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/08/23 10:40:28.0828 1124 Soluto (ff35c2d01ac36b446a1b997f305f0fc2) C:\Windows\system32\DRIVERS\Soluto.sys
2011/08/23 10:40:28.0887 1124 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/08/23 10:40:28.0980 1124 sptd (ca9a2690a2b53662565654b48f7ae68f) C:\Windows\System32\Drivers\sptd.sys
2011/08/23 10:40:28.0980 1124 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: ca9a2690a2b53662565654b48f7ae68f
2011/08/23 10:40:28.0990 1124 sptd - detected LockedFile.Multi.Generic (1)
2011/08/23 10:40:29.0094 1124 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
2011/08/23 10:40:29.0138 1124 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/23 10:40:29.0183 1124 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/23 10:40:29.0328 1124 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
2011/08/23 10:40:29.0398 1124 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
2011/08/23 10:40:29.0435 1124 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
2011/08/23 10:40:29.0466 1124 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/23 10:40:29.0648 1124 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys
2011/08/23 10:40:29.0769 1124 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
2011/08/23 10:40:29.0869 1124 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/23 10:40:29.0945 1124 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/23 10:40:29.0989 1124 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/08/23 10:40:30.0010 1124 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/08/23 10:40:30.0050 1124 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/23 10:40:30.0154 1124 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/23 10:40:30.0195 1124 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys
2011/08/23 10:40:30.0310 1124 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/23 10:40:30.0337 1124 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/08/23 10:40:30.0374 1124 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
2011/08/23 10:40:30.0420 1124 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys
2011/08/23 10:40:30.0509 1124 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
2011/08/23 10:40:30.0641 1124 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/23 10:40:30.0728 1124 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
2011/08/23 10:40:30.0822 1124 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/23 10:40:30.0893 1124 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/23 10:40:30.0946 1124 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/23 10:40:30.0995 1124 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
2011/08/23 10:40:31.0180 1124 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
2011/08/23 10:40:31.0297 1124 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/23 10:40:31.0356 1124 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/08/23 10:40:31.0431 1124 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/23 10:40:31.0483 1124 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/23 10:40:31.0625 1124 USBMULCD (7b9a398725011a2bd0d0753cd73301e5) C:\Windows\system32\drivers\CM106.sys
2011/08/23 10:40:31.0737 1124 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
2011/08/23 10:40:31.0810 1124 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
2011/08/23 10:40:31.0889 1124 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/23 10:40:32.0068 1124 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/08/23 10:40:32.0200 1124 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
2011/08/23 10:40:32.0459 1124 VBoxNetAdp (a708bbadde4e4374bf15b0c064b7e7ce) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
2011/08/23 10:40:32.0780 1124 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/08/23 10:40:32.0913 1124 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/23 10:40:32.0972 1124 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/08/23 10:40:33.0064 1124 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/08/23 10:40:33.0202 1124 vhidmini (2ab44be1479fdb6d99d3ad0e765ac233) C:\Windows\system32\DRIVERS\walvhid.sys
2011/08/23 10:40:33.0320 1124 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/08/23 10:40:33.0365 1124 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
2011/08/23 10:40:33.0498 1124 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/08/23 10:40:33.0555 1124 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
2011/08/23 10:40:33.0602 1124 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
2011/08/23 10:40:33.0669 1124 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/08/23 10:40:33.0831 1124 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/08/23 10:40:33.0889 1124 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/08/23 10:40:34.0074 1124 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
2011/08/23 10:40:34.0168 1124 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/08/23 10:40:34.0318 1124 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/08/23 10:40:34.0390 1124 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/08/23 10:40:34.0482 1124 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
2011/08/23 10:40:34.0553 1124 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/23 10:40:34.0578 1124 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/23 10:40:34.0703 1124 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
2011/08/23 10:40:34.0795 1124 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/23 10:40:35.0003 1124 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/23 10:40:35.0070 1124 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/08/23 10:40:35.0259 1124 WinDriver6 (032793a8e6288c4c60ff30542eeab22b) C:\Windows\system32\drivers\windrvr6.sys
2011/08/23 10:40:35.0555 1124 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/23 10:40:35.0722 1124 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/23 10:40:35.0897 1124 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/08/23 10:40:35.0928 1124 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/23 10:40:36.0070 1124 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/08/23 10:40:36.0124 1124 Boot (0x1200) (78660184a94507f82919a4a5b3bf6ab9) \Device\Harddisk0\DR0\Partition0
2011/08/23 10:40:36.0209 1124 Boot (0x1200) (19f2ebda24c11b8a69ce85f3b166897b) \Device\Harddisk0\DR0\Partition1
2011/08/23 10:40:36.0247 1124 Boot (0x1200) (ea718f73bc396380135bb43a8a09bb1b) \Device\Harddisk0\DR0\Partition2
2011/08/23 10:40:36.0256 1124 ================================================== ==============================
2011/08/23 10:40:36.0256 1124 Scan finished
2011/08/23 10:40:36.0256 1124 ================================================== ==============================
2011/08/23 10:40:36.0289 3284 Detected object count: 1
2011/08/23 10:40:36.0289 3284 Actual detected object count: 1
2011/08/23 10:40:44.0262 3284 LockedFile.Multi.Generic(sptd) - User select action: Skip
MalwareBytes log:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org (http://www.malwarebytes.org)
Databaseversie: 7543
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
23-8-2011 10:45:08
mbam-log-2011-08-23 (10-45-08).txt
Scantype: Snelle scan
Objecten gescand: 168197
Verstreken tijd: 5 minuut/minuten, 18 seconde(n)
Geheugenprocessen geïnfecteerd: 1
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 3
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1
Geheugenprocessen geïnfecteerd:
c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> 1844 -> Unloaded process successfully.
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
DDS Log:
.DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Jeroen at 10:46:40 on 2011-08-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2937.1821 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\srvany.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\rundll32.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Windows\system32\atwtusb.exe
C:\Windows\system32\atwtusb.exe
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\Jeroen\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.nl
uStart Page = hxxp://www.google.nl/
uDefault_Page_URL = www.google.nl (http://www.google.nl)
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\progr am files\soluto\soluto.exe /userinit,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [Azureus] c:\program files\vuze\Azureus.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [KeePass 2 PreLoad] "c:\program files\keepass password safe 2\KeePass.exe" --preload
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
uPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: &Verzenden naar OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\jeroen\appdata\roaming\dvdvideosoftiehelp ers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\jeroen\appdata\roaming\dvdvideosoftiehelp ers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5 017F567343CA.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{D156B3F5-4689-4118-ACF4-CD813BD24B56} : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{D156B3F5-4689-4118-ACF4-CD813BD24B56}\865796A7560267F6E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D156B3F5-4689-4118-ACF4-CD813BD24B56}\865796A75667F6E6B6 : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
IFEO: centrale.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: excel.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: groove.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: inetreg.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: infopath.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.s ys [2011-6-28 51144]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.s ys [2011-8-23 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-23 309848]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [2011-8-23 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\as wMonFlt.sys [2011-8-23 54104]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-23 42184]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2011-7-17 8192]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2011-8-17 94880]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2011-6-26 376352]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
R2 WTService;WTService;c:\windows\system32\atwtusb.ex e -s --> c:\windows\system32\atwtusb.exe -s [?]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2011-6-20 119408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-7 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
RUnknown MpKsl9b55e3d8;MpKsl9b55e3d8; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-20 135664]
S3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
S3 Bulk;HDJBulk;c:\windows\system32\drivers\HDJBulk.s ys [2011-7-21 127488]
S3 BXGAXH;BXGAXH;c:\users\jeroen\appdata\local\temp\B XGAXH.exe [2011-8-23 486272]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 GBRANOLLD;GBRANOLLD;c:\users\jeroen\appdata\local\ temp\GBRANOLLD.exe [2011-8-23 568192]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-20 135664]
S3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\drivers\HDJMidi.sys [2011-7-21 124416]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [2011-8-23 41272]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys [2010-11-20 15872]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revofl t.sys [2011-7-7 27192]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\ Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUs bFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsus bhub.sys [2010-11-21 112640]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [2011-7-21 1516544]
S4 CTUPnPSv;Creative Centrale Media Server;c:\program files\creative\creative centrale\CTUPnPSv.exe [2008-5-21 64000]
S4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\common files\magix services\database\bin\FABS.exe [2009-8-27 1253376]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\common files\magix services\database\bin\fbserver.exe [2008-8-7 3276800]
S4 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\hercules\audio\dj console series\HerculesDJControlMP3.EXE [2011-7-21 17408]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-12-27 31124344]
S4 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EX E [2010-1-9 4640000]
S4 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
SUnknown MpKsl18a6142c;MpKsl18a6142c; [x]
SUnknown MpKsla68b5ee4;MpKsla68b5ee4; [x]
SUnknown MpKsld9ef3404;MpKsld9ef3404; [x]
.
=============== Created Last 30 ================
.
2011-08-23 08:45:53 54016 ----a-w- c:\windows\system32\drivers\ncfb.sys
2011-08-23 08:39:11 -------- d-----w- c:\users\jeroen\appdata\roaming\Malwarebytes
2011-08-23 08:39:02 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-23 08:39:01 -------- d-----w- c:\programdata\Malwarebytes
2011-08-23 08:38:58 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-23 08:38:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-23 08:29:09 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-23 08:29:08 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-23 08:28:58 40112 ----a-w- c:\windows\avastSS.scr
2011-08-23 08:28:48 -------- d-----w- c:\programdata\AVAST Software
2011-08-23 08:28:48 -------- d-----w- c:\program files\AVAST Software
2011-08-22 18:28:21 -------- d-----w- c:\users\jeroen\appdata\roaming\DisneyInteractiveS tudios
2011-08-22 17:47:31 -------- d-----w- c:\program files\Rockstar Games
2011-08-22 15:19:38 -------- d-----w- c:\program files\Disney Interactive Studios
2011-08-21 16:34:36 -------- d-----w- c:\users\jeroen\appdata\roaming\Azureus
2011-08-21 16:34:15 -------- d-----w- c:\program files\Vuze
2011-08-20 10:26:18 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-20 10:26:18 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-17 19:14:10 195424 ----a-w- c:\windows\system32\drivers\windrvr6.sys
2011-08-17 19:13:55 -------- d-----w- c:\programdata\Medtronic
2011-08-17 12:23:20 -------- d-----w- c:\program files\common files\McAfee
2011-08-17 12:23:15 -------- d-----w- c:\program files\McAfee
2011-08-17 11:46:33 2616320 ----a-w- c:\windows\explorer.exe
2011-08-17 11:46:30 20268032 ----a-w- c:\windows\system32\imageres.dll
2011-08-17 11:46:30 1493504 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-08-17 11:46:28 1792000 ----a-w- c:\windows\system32\authui.dll
2011-08-15 11:11:07 -------- d-----w- c:\users\jeroen\appdata\roaming\AVG10
2011-08-15 11:10:47 -------- d--h--w- c:\programdata\Common Files
2011-08-15 11:09:15 -------- d-----w- c:\windows\system32\drivers\AVG
2011-08-15 11:09:15 -------- d-----w- c:\programdata\AVG10
2011-08-15 11:08:35 -------- d-----w- c:\programdata\MFAData
2011-08-14 19:45:20 -------- d-----w- c:\users\jeroen\appdata\roaming\KeePass
2011-08-14 19:32:53 -------- d-----w- c:\program files\KeePass Password Safe 2
2011-08-12 19:48:51 -------- d-----w- c:\users\jeroen\appdata\roaming\GrabIt
2011-08-12 12:12:30 -------- d-----w- c:\users\jeroen\appdata\roaming\Rovio
2011-08-10 18:45:00 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-08-09 22:07:11 -------- d-----w- c:\users\jeroen\appdata\roaming\IObit
2011-08-06 12:02:38 -------- d-----w- c:\programdata\Solidshield
2011-08-05 20:18:33 2755072 ----a-w- c:\windows\system32\themeui.dll.backup
2011-08-05 20:18:32 37376 ----a-w- c:\windows\system32\themeservice.dll.backup
2011-08-05 20:18:31 249856 ----a-w- c:\windows\system32\uxtheme.dll.backup
2011-08-04 20:04:19 -------- d-----w- c:\users\jeroen\appdata\roaming\MAGIX
2011-08-04 20:02:49 -------- d-----w- c:\program files\MAGIX
2011-08-04 20:02:35 -------- d-----w- c:\programdata\MAGIX
2011-08-04 20:02:34 -------- d-----w- c:\program files\common files\MAGIX Services
2011-08-01 16:30:14 -------- d-----w- c:\users\jeroen\appdata\local\EA Games
2011-07-29 14:05:46 -------- d-----w- c:\users\jeroen\appdata\roaming\uTorrent
2011-07-29 13:57:26 -------- d-----w- c:\program files\common files\DVDVideoSoft
2011-07-29 13:57:16 -------- d-----w- c:\program files\DVDVideoSoft
2011-07-28 17:34:00 -------- d-----w- c:\users\jeroen\appdata\roaming\MixMeister Technology
2011-07-26 19:12:54 -------- d-----w- C:\Fraps
2011-07-25 16:34:12 -------- d-----w- c:\users\jeroen\appdata\roaming\Any DVD Cloner Platinum
2011-07-25 13:22:04 -------- d-----w- c:\users\jeroen\appdata\local\Microsoft Games
.
==================== Find3M ====================
.
2011-08-20 14:51:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-10 18:45:03 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-08-05 20:18:33 2755072 ----a-w- c:\windows\system32\themeui.dll
2011-08-05 20:18:32 37376 ----a-w- c:\windows\system32\themeservice.dll
2011-08-05 20:18:31 249856 ----a-w- c:\windows\system32\uxtheme.dll
2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 14:57:05 309320 ------w- c:\windows\system32\drivers\TrufosAlt.sys
2011-07-13 14:57:03 327368 ------w- c:\windows\system32\drivers\avisfltr.sys
2011-07-09 02:30:00 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-30 07:39:58 6144 ------w- c:\windows\system32\BReWErS.dll
2011-06-26 11:34:52 51144 ------w- c:\windows\system32\drivers\Soluto.sys
2011-06-24 13:46:36 33072 ------w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-06-24 13:46:36 154416 ------w- c:\windows\system32\drivers\VBoxDrv.sys
2011-06-24 13:46:36 101680 ------w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-06-24 04:27:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22:20 271360 ----a-w- c:\windows\system32\conhost.exe
2011-06-23 04:33:57 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-06-23 04:33:57 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-21 15:39:56 319488 ------w- c:\windows\HideWin.exe
2011-06-21 05:34:23 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-20 19:06:35 233888 ------w- c:\windows\system32\DreamScene.dll
2011-06-20 17:47:30 428088 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-06-15 08:55:19 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-06-15 08:55:19 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-06-15 08:55:19 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-06-15 08:55:19 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-06-15 08:55:19 122880 ----a-w- c:\windows\system32\odbccp32.dll
2011-06-11 02:29:25 2334208 ------w- c:\windows\system32\win32k.sys
.
============= FINISH: 10:47:27,37 ===============
AstU!
Maxstar 23 August 2011, 10:51 Hoi,
De logjes zien er picobello uit hoor, maar hoe staat het nu met de problemen nadat je MSE hebt vervangen voor Avast?
Groet Maxstar
Mrjraider 23 August 2011, 11:07 Hee,
Verder is alles in orde. Processor is weer normaal en het geheugen ook.
Weet je misschien waarom MSE dit dan deed?
greets
Maxstar 23 August 2011, 11:12 Hoi,
De oorzaak is moeilijk te achterhalen, maar had je dit probleem al langer of pas sinds gisteren?
Groet Maxstar
Mrjraider 23 August 2011, 11:16 Al een aantal dagen ( ja ik weet kom er dan eerder mee :wall:)
Dit was trouwens niet het enige, ik had ook al ergens gevraagd waarom het kasteeltje altijd oranje bleef, dan opende ik de gebruikersinterface en stond er dat er een tijd geen scan was uitgevoerd. Dus ik doe volledige scan en een uurtje later is het kasteeltje weer oranje met exact dezelfde melding. Ik kwam daar ook al niet uit. Weet je misschien hoe dat kan komen?
Maxstar 23 August 2011, 11:37 Hoi,
Het probleem is moeilijk of eigenlijk beter gezegd niet meer te achterhalen, hoogstwaarschijnlijk had een herinstallatie van MSE ook het probleem verholpen.
Groet Maxstar
Mrjraider 23 August 2011, 11:40 Dat had ik al gedaan want het kwam al eerder naar voren. Maar dat mocht niet baten, heel erg bedankt en een slotje om het af te sluiten :D
Mrjraider 27 September 2011, 21:57 Slotje svp
|
|