Ga naar inhoud

KelsHoe

Lid
  • Items

    6
  • Registratiedatum

  • Laatst bezocht

KelsHoe's prestaties

  1. 10:00:40.0140 3812 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32 10:00:40.0265 3812 ============================================================ 10:00:40.0265 3812 Current date / time: 2012/04/04 10:00:40.0265 10:00:40.0265 3812 SystemInfo: 10:00:40.0265 3812 10:00:40.0265 3812 OS Version: 5.1.2600 ServicePack: 3.0 10:00:40.0265 3812 Product type: Workstation 10:00:40.0265 3812 ComputerName: COMPUTER 10:00:40.0265 3812 UserName: Admin 10:00:40.0265 3812 Windows directory: C:\WINDOWS 10:00:40.0265 3812 System windows directory: C:\WINDOWS 10:00:40.0265 3812 Processor architecture: Intel x86 10:00:40.0265 3812 Number of processors: 1 10:00:40.0265 3812 Page size: 0x1000 10:00:40.0265 3812 Boot type: Normal boot 10:00:40.0265 3812 ============================================================ 10:00:42.0453 3812 Drive \Device\Harddisk0\DR0 - Size: 0x1BF08EB000 (111.76 Gb), SectorSize: 0x200, Cylinders: 0x38FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 10:00:42.0453 3812 Drive \Device\Harddisk1\DR4 - Size: 0xEE200000 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 10:00:42.0453 3812 \Device\Harddisk0\DR0: 10:00:42.0453 3812 MBR used 10:00:42.0453 3812 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x3AB97B9 10:00:42.0453 3812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3ACD17E, BlocksNum 0xA4B6B3F 10:00:42.0453 3812 \Device\Harddisk1\DR4: 10:00:42.0453 3812 MBR used 10:00:42.0453 3812 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x14B8, BlocksNum 0x76FB48 10:00:42.0531 3812 Initialize success 10:00:42.0531 3812 ============================================================ 10:00:51.0421 3348 ============================================================ 10:00:51.0421 3348 Scan started 10:00:51.0421 3348 Mode: Manual; 10:00:51.0421 3348 ============================================================ 10:00:51.0796 3348 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys 10:00:51.0812 3348 Aavmker4 - ok 10:00:51.0875 3348 Abiosdsk - ok 10:00:51.0906 3348 abp480n5 - ok 10:00:51.0968 3348 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 10:00:51.0968 3348 ACPI - ok 10:00:52.0062 3348 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 10:00:52.0062 3348 ACPIEC - ok 10:00:52.0140 3348 adpu160m - ok 10:00:52.0187 3348 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys 10:00:52.0187 3348 aeaudio - ok 10:00:52.0296 3348 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 10:00:52.0296 3348 aec - ok 10:00:52.0390 3348 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 10:00:52.0406 3348 AFD - ok 10:00:52.0484 3348 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 10:00:52.0500 3348 agp440 - ok 10:00:52.0640 3348 Aha154x - ok 10:00:52.0703 3348 aic78u2 - ok 10:00:52.0718 3348 aic78xx - ok 10:00:52.0765 3348 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll 10:00:52.0765 3348 Alerter - ok 10:00:52.0890 3348 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe 10:00:52.0921 3348 ALG - ok 10:00:52.0984 3348 AliIde - ok 10:00:53.0000 3348 amsint - ok 10:00:53.0062 3348 AppMgmt (434a70fa278eb3c42140e3755c2fa4f8) C:\WINDOWS\System32\appmgmts.dll 10:00:53.0062 3348 AppMgmt - ok 10:00:53.0140 3348 asc - ok 10:00:53.0171 3348 asc3350p - ok 10:00:53.0187 3348 asc3550 - ok 10:00:53.0281 3348 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 10:00:53.0296 3348 aspnet_state - ok 10:00:53.0375 3348 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys 10:00:53.0390 3348 aswFsBlk - ok 10:00:53.0484 3348 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys 10:00:53.0484 3348 aswMon2 - ok 10:00:53.0625 3348 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys 10:00:53.0625 3348 aswRdr - ok 10:00:53.0734 3348 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys 10:00:53.0750 3348 aswSnx - ok 10:00:53.0906 3348 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys 10:00:53.0921 3348 aswSP - ok 10:00:54.0015 3348 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys 10:00:54.0015 3348 aswTdi - ok 10:00:54.0125 3348 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 10:00:54.0125 3348 AsyncMac - ok 10:00:54.0234 3348 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 10:00:54.0234 3348 atapi - ok 10:00:54.0296 3348 Atdisk - ok 10:00:54.0343 3348 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 10:00:54.0359 3348 Atmarpc - ok 10:00:54.0453 3348 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll 10:00:54.0453 3348 AudioSrv - ok 10:00:54.0546 3348 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 10:00:54.0546 3348 audstub - ok 10:00:54.0656 3348 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 10:00:54.0656 3348 avast! Antivirus - ok 10:00:54.0750 3348 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 10:00:54.0750 3348 Beep - ok 10:00:54.0843 3348 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll 10:00:54.0906 3348 BITS - ok 10:00:54.0984 3348 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll 10:00:55.0031 3348 Browser - ok 10:00:55.0093 3348 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 10:00:55.0093 3348 cbidf2k - ok 10:00:55.0156 3348 cd20xrnt - ok 10:00:55.0203 3348 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 10:00:55.0218 3348 Cdaudio - ok 10:00:55.0312 3348 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 10:00:55.0312 3348 Cdfs - ok 10:00:55.0406 3348 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 10:00:55.0421 3348 Cdrom - ok 10:00:55.0484 3348 Changer - ok 10:00:55.0546 3348 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe 10:00:55.0546 3348 CiSvc - ok 10:00:55.0625 3348 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe 10:00:55.0625 3348 ClipSrv - ok 10:00:55.0750 3348 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:00:55.0828 3348 clr_optimization_v2.0.50727_32 - ok 10:00:55.0890 3348 CmdIde - ok 10:00:55.0921 3348 COMSysApp - ok 10:00:55.0953 3348 Cpqarray - ok 10:00:56.0015 3348 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll 10:00:56.0015 3348 CryptSvc - ok 10:00:56.0109 3348 dac2w2k - ok 10:00:56.0140 3348 dac960nt - ok 10:00:56.0203 3348 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 10:00:56.0218 3348 DcomLaunch - ok 10:00:56.0312 3348 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll 10:00:56.0328 3348 Dhcp - ok 10:00:56.0421 3348 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 10:00:56.0421 3348 Disk - ok 10:00:56.0468 3348 dmadmin - ok 10:00:56.0531 3348 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 10:00:56.0562 3348 dmboot - ok 10:00:56.0656 3348 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 10:00:56.0656 3348 dmio - ok 10:00:56.0750 3348 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 10:00:56.0765 3348 dmload - ok 10:00:56.0843 3348 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll 10:00:56.0843 3348 dmserver - ok 10:00:56.0921 3348 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 10:00:56.0937 3348 DMusic - ok 10:00:57.0031 3348 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll 10:00:57.0031 3348 Dnscache - ok 10:00:57.0156 3348 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll 10:00:57.0171 3348 Dot3svc - ok 10:00:57.0234 3348 dpti2o - ok 10:00:57.0281 3348 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 10:00:57.0281 3348 drmkaud - ok 10:00:57.0390 3348 E100B (98ed0bea10477b0f252cca35eb50f838) C:\WINDOWS\system32\DRIVERS\e100b325.sys 10:00:57.0390 3348 E100B - ok 10:00:57.0484 3348 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll 10:00:57.0484 3348 EapHost - ok 10:00:57.0531 3348 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll 10:00:57.0531 3348 ERSvc - ok 10:00:57.0625 3348 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 10:00:57.0640 3348 Eventlog - ok 10:00:57.0750 3348 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll 10:00:57.0750 3348 EventSystem - ok 10:00:57.0875 3348 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 10:00:57.0875 3348 Fastfat - ok 10:00:57.0953 3348 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 10:00:57.0968 3348 FastUserSwitchingCompatibility - ok 10:00:58.0031 3348 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 10:00:58.0031 3348 Fdc - ok 10:00:58.0218 3348 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 10:00:58.0250 3348 Fips - ok 10:00:58.0359 3348 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 10:00:58.0359 3348 Flpydisk - ok 10:00:58.0453 3348 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 10:00:58.0453 3348 FltMgr - ok 10:00:58.0625 3348 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 10:00:58.0625 3348 FontCache3.0.0.0 - ok 10:00:58.0703 3348 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 10:00:58.0718 3348 Fs_Rec - ok 10:00:58.0734 3348 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 10:00:58.0750 3348 Ftdisk - ok 10:00:58.0843 3348 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 10:00:58.0843 3348 Gpc - ok 10:00:58.0984 3348 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 10:00:58.0984 3348 gupdate - ok 10:00:59.0000 3348 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 10:00:59.0000 3348 gupdatem - ok 10:00:59.0140 3348 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 10:00:59.0156 3348 gusvc - ok 10:00:59.0265 3348 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 10:00:59.0312 3348 helpsvc - ok 10:00:59.0359 3348 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll 10:00:59.0359 3348 HidServ - ok 10:00:59.0453 3348 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 10:00:59.0453 3348 hidusb - ok 10:00:59.0546 3348 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll 10:00:59.0562 3348 hkmsvc - ok 10:00:59.0609 3348 hpn - ok 10:00:59.0765 3348 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 10:00:59.0765 3348 hpqcxs08 - ok 10:00:59.0906 3348 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 10:00:59.0921 3348 hpqddsvc - ok 10:01:00.0015 3348 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 10:01:00.0031 3348 HPZid412 - ok 10:01:00.0250 3348 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 10:01:00.0250 3348 HPZipr12 - ok 10:01:00.0359 3348 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 10:01:00.0375 3348 HPZius12 - ok 10:01:00.0484 3348 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 10:01:00.0484 3348 HTTP - ok 10:01:00.0578 3348 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll 10:01:00.0593 3348 HTTPFilter - ok 10:01:00.0625 3348 i2omgmt - ok 10:01:00.0687 3348 i2omp - ok 10:01:00.0750 3348 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 10:01:00.0750 3348 i8042prt - ok 10:01:00.0937 3348 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 10:01:00.0953 3348 idsvc - ok 10:01:01.0046 3348 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 10:01:01.0062 3348 Imapi - ok 10:01:01.0187 3348 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe 10:01:01.0187 3348 ImapiService - ok 10:01:01.0250 3348 ini910u - ok 10:01:01.0312 3348 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 10:01:01.0328 3348 IntelIde - ok 10:01:01.0421 3348 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 10:01:01.0437 3348 intelppm - ok 10:01:01.0515 3348 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 10:01:01.0515 3348 Ip6Fw - ok 10:01:01.0578 3348 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 10:01:01.0578 3348 IpFilterDriver - ok 10:01:01.0687 3348 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 10:01:01.0687 3348 IpInIp - ok 10:01:01.0781 3348 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 10:01:01.0796 3348 IpNat - ok 10:01:01.0906 3348 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 10:01:01.0906 3348 IPSec - ok 10:01:02.0000 3348 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 10:01:02.0015 3348 IRENUM - ok 10:01:02.0140 3348 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 10:01:02.0140 3348 isapnp - ok 10:01:02.0265 3348 JavaQuickStarterService (11c3efb4bac41175d03b1595db1a4a4f) C:\Program Files\Java\jre6\bin\jqs.exe 10:01:02.0265 3348 JavaQuickStarterService - ok 10:01:02.0343 3348 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 10:01:02.0359 3348 Kbdclass - ok 10:01:02.0453 3348 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 10:01:02.0468 3348 kbdhid - ok 10:01:02.0593 3348 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 10:01:02.0593 3348 kmixer - ok 10:01:02.0687 3348 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 10:01:02.0687 3348 KSecDD - ok 10:01:02.0781 3348 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll 10:01:02.0796 3348 lanmanserver - ok 10:01:02.0859 3348 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll 10:01:02.0875 3348 lanmanworkstation - ok 10:01:02.0937 3348 lbrtfdc - ok 10:01:03.0015 3348 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll 10:01:03.0015 3348 LmHosts - ok 10:01:03.0125 3348 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll 10:01:03.0140 3348 Messenger - ok 10:01:03.0234 3348 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 10:01:03.0234 3348 mnmdd - ok 10:01:03.0328 3348 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe 10:01:03.0328 3348 mnmsrvc - ok 10:01:03.0406 3348 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 10:01:03.0406 3348 Modem - ok 10:01:03.0500 3348 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 10:01:03.0515 3348 Mouclass - ok 10:01:03.0640 3348 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 10:01:03.0640 3348 mouhid - ok 10:01:03.0734 3348 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 10:01:03.0750 3348 MountMgr - ok 10:01:03.0812 3348 mraid35x - ok 10:01:03.0875 3348 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 10:01:03.0875 3348 MRxDAV - ok 10:01:03.0984 3348 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 10:01:04.0000 3348 MRxSmb - ok 10:01:04.0093 3348 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe 10:01:04.0093 3348 MSDTC - ok 10:01:04.0203 3348 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 10:01:04.0203 3348 Msfs - ok 10:01:04.0265 3348 MSIServer - ok 10:01:04.0312 3348 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 10:01:04.0328 3348 MSKSSRV - ok 10:01:04.0406 3348 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 10:01:04.0406 3348 MSPCLOCK - ok 10:01:04.0468 3348 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 10:01:04.0468 3348 MSPQM - ok 10:01:04.0656 3348 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 10:01:04.0656 3348 mssmbios - ok 10:01:04.0875 3348 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 10:01:04.0906 3348 Mup - ok 10:01:05.0203 3348 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll 10:01:05.0234 3348 napagent - ok 10:01:05.0515 3348 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 10:01:05.0625 3348 NDIS - ok 10:01:05.0734 3348 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 10:01:05.0750 3348 NdisTapi - ok 10:01:05.0859 3348 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 10:01:05.0859 3348 Ndisuio - ok 10:01:05.0953 3348 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 10:01:05.0953 3348 NdisWan - ok 10:01:06.0062 3348 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 10:01:06.0062 3348 NDProxy - ok 10:01:06.0250 3348 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 10:01:06.0281 3348 Nero BackItUp Scheduler 4.0 - ok 10:01:06.0359 3348 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\WINDOWS\system32\HPZinw12.dll 10:01:06.0375 3348 Net Driver HPZ12 - ok 10:01:06.0468 3348 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 10:01:06.0468 3348 NetBIOS - ok 10:01:06.0562 3348 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 10:01:06.0578 3348 NetBT - ok 10:01:06.0671 3348 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 10:01:06.0687 3348 NetDDE - ok 10:01:06.0718 3348 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 10:01:06.0781 3348 NetDDEdsdm - ok 10:01:06.0890 3348 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 10:01:06.0906 3348 Netlogon - ok 10:01:07.0000 3348 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll 10:01:07.0000 3348 Netman - ok 10:01:07.0187 3348 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 10:01:07.0187 3348 NetTcpPortSharing - ok 10:01:07.0296 3348 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll 10:01:07.0312 3348 Nla - ok 10:01:07.0406 3348 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 10:01:07.0406 3348 Npfs - ok 10:01:07.0515 3348 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 10:01:07.0531 3348 Ntfs - ok 10:01:07.0640 3348 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 10:01:07.0640 3348 NtLmSsp - ok 10:01:07.0750 3348 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll 10:01:07.0765 3348 NtmsSvc - ok 10:01:07.0890 3348 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 10:01:07.0890 3348 Null - ok 10:01:08.0281 3348 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 10:01:08.0343 3348 nv - ok 10:01:08.0437 3348 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 10:01:08.0437 3348 NwlnkFlt - ok 10:01:08.0546 3348 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 10:01:08.0546 3348 NwlnkFwd - ok 10:01:08.0687 3348 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 10:01:08.0687 3348 odserv - ok 10:01:08.0781 3348 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS 10:01:08.0781 3348 OMCI - ok 10:01:08.0875 3348 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:01:08.0890 3348 ose - ok 10:01:08.0968 3348 p695x9cu.sys - ok 10:01:09.0015 3348 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 10:01:09.0015 3348 Parport - ok 10:01:09.0125 3348 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 10:01:09.0125 3348 PartMgr - ok 10:01:09.0218 3348 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 10:01:09.0218 3348 ParVdm - ok 10:01:09.0265 3348 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 10:01:09.0281 3348 PCI - ok 10:01:09.0359 3348 PCIDump - ok 10:01:09.0484 3348 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\drivers\PCIIde.sys 10:01:09.0500 3348 PCIIde - ok 10:01:09.0765 3348 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 10:01:09.0781 3348 Pcmcia - ok 10:01:09.0843 3348 PDCOMP - ok 10:01:09.0859 3348 PDFRAME - ok 10:01:09.0890 3348 PDRELI - ok 10:01:09.0906 3348 PDRFRAME - ok 10:01:09.0937 3348 perc2 - ok 10:01:09.0968 3348 perc2hib - ok 10:01:10.0062 3348 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 10:01:10.0078 3348 PlugPlay - ok 10:01:10.0187 3348 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\WINDOWS\system32\HPZipm12.dll 10:01:10.0187 3348 Pml Driver HPZ12 - ok 10:01:10.0281 3348 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 10:01:10.0281 3348 PolicyAgent - ok 10:01:10.0359 3348 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 10:01:10.0359 3348 PptpMiniport - ok 10:01:10.0437 3348 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 10:01:10.0453 3348 ProtectedStorage - ok 10:01:10.0500 3348 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 10:01:10.0500 3348 PSched - ok 10:01:10.0609 3348 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 10:01:10.0609 3348 Ptilink - ok 10:01:10.0687 3348 ql1080 - ok 10:01:10.0703 3348 Ql10wnt - ok 10:01:10.0718 3348 ql12160 - ok 10:01:10.0750 3348 ql1240 - ok 10:01:10.0765 3348 ql1280 - ok 10:01:10.0828 3348 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 10:01:10.0828 3348 RasAcd - ok 10:01:10.0890 3348 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll 10:01:10.0890 3348 RasAuto - ok 10:01:10.0984 3348 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 10:01:10.0984 3348 Rasl2tp - ok 10:01:11.0125 3348 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll 10:01:11.0140 3348 RasMan - ok 10:01:11.0234 3348 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 10:01:11.0250 3348 RasPppoe - ok 10:01:11.0343 3348 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 10:01:11.0343 3348 Raspti - ok 10:01:11.0468 3348 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 10:01:11.0468 3348 Rdbss - ok 10:01:11.0562 3348 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 10:01:11.0562 3348 RDPCDD - ok 10:01:11.0687 3348 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 10:01:11.0703 3348 rdpdr - ok 10:01:11.0796 3348 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 10:01:11.0812 3348 RDPWD - ok 10:01:11.0906 3348 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe 10:01:11.0921 3348 RDSessMgr - ok 10:01:12.0000 3348 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 10:01:12.0015 3348 redbook - ok 10:01:12.0046 3348 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll 10:01:12.0062 3348 RemoteAccess - ok 10:01:12.0171 3348 RemoteRegistry (2fd5b89bf9289c774c5c730dea96cd91) C:\WINDOWS\system32\regsvc.dll 10:01:12.0203 3348 RemoteRegistry - ok 10:01:12.0281 3348 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe 10:01:12.0296 3348 RpcLocator - ok 10:01:12.0359 3348 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 10:01:12.0375 3348 RpcSs - ok 10:01:12.0468 3348 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe 10:01:12.0484 3348 RSVP - ok 10:01:12.0562 3348 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 10:01:12.0562 3348 SamSs - ok 10:01:12.0625 3348 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe 10:01:12.0640 3348 SCardSvr - ok 10:01:12.0718 3348 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll 10:01:12.0734 3348 Schedule - ok 10:01:12.0843 3348 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 10:01:12.0843 3348 Secdrv - ok 10:01:12.0906 3348 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll 10:01:12.0921 3348 seclogon - ok 10:01:13.0000 3348 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll 10:01:13.0015 3348 SENS - ok 10:01:13.0078 3348 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 10:01:13.0078 3348 serenum - ok 10:01:13.0234 3348 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 10:01:13.0250 3348 Serial - ok 10:01:13.0359 3348 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 10:01:13.0375 3348 Sfloppy - ok 10:01:13.0468 3348 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll 10:01:13.0484 3348 SharedAccess - ok 10:01:13.0609 3348 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 10:01:13.0625 3348 ShellHWDetection - ok 10:01:13.0687 3348 Simbad - ok 10:01:13.0765 3348 smwdm (70b8dd8707dbf6142530c106365df67d) C:\WINDOWS\system32\drivers\smwdm.sys 10:01:13.0781 3348 smwdm - ok 10:01:13.0843 3348 Sparrow - ok 10:01:13.0906 3348 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 10:01:13.0906 3348 splitter - ok 10:01:13.0984 3348 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 10:01:14.0000 3348 Spooler - ok 10:01:14.0062 3348 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 10:01:14.0062 3348 sr - ok 10:01:14.0171 3348 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll 10:01:14.0187 3348 srservice - ok 10:01:14.0281 3348 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 10:01:14.0312 3348 Srv - ok 10:01:14.0406 3348 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll 10:01:14.0421 3348 SSDPSRV - ok 10:01:14.0468 3348 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll 10:01:14.0500 3348 stisvc - ok 10:01:14.0593 3348 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 10:01:14.0593 3348 swenum - ok 10:01:14.0656 3348 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 10:01:14.0656 3348 swmidi - ok 10:01:14.0718 3348 SwPrv - ok 10:01:14.0750 3348 symc810 - ok 10:01:14.0781 3348 symc8xx - ok 10:01:14.0796 3348 sym_hi - ok 10:01:14.0828 3348 sym_u3 - ok 10:01:14.0875 3348 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 10:01:14.0890 3348 sysaudio - ok 10:01:14.0984 3348 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe 10:01:14.0984 3348 SysmonLog - ok 10:01:15.0062 3348 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll 10:01:15.0078 3348 TapiSrv - ok 10:01:15.0343 3348 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 10:01:15.0437 3348 Tcpip - ok 10:01:15.0609 3348 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 10:01:15.0609 3348 TDPIPE - ok 10:01:15.0765 3348 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 10:01:15.0765 3348 TDTCP - ok 10:01:15.0859 3348 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 10:01:15.0859 3348 TermDD - ok 10:01:15.0984 3348 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll 10:01:16.0015 3348 TermService - ok 10:01:16.0156 3348 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 10:01:16.0171 3348 Themes - ok 10:01:16.0250 3348 TlntSvr (78a2fe13662a119875f10e9ffcb49a8f) C:\WINDOWS\system32\tlntsvr.exe 10:01:16.0281 3348 TlntSvr - ok 10:01:16.0421 3348 TosIde - ok 10:01:16.0500 3348 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll 10:01:17.0296 3348 TrkWks - ok 10:01:17.0421 3348 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 10:01:17.0437 3348 Udfs - ok 10:01:17.0843 3348 ultra - ok 10:01:17.0937 3348 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 10:01:18.0281 3348 Update - ok 10:01:18.0359 3348 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll 10:01:19.0140 3348 upnphost - ok 10:01:19.0250 3348 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe 10:01:20.0453 3348 UPS - ok 10:01:20.0531 3348 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 10:01:20.0796 3348 usbccgp - ok 10:01:20.0906 3348 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 10:01:21.0109 3348 usbehci - ok 10:01:21.0328 3348 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 10:01:21.0625 3348 usbhub - ok 10:01:21.0828 3348 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 10:01:21.0937 3348 usbprint - ok 10:01:22.0250 3348 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 10:01:22.0265 3348 usbscan - ok 10:01:22.0546 3348 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 10:01:22.0578 3348 USBSTOR - ok 10:01:22.0750 3348 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 10:01:22.0750 3348 usbuhci - ok 10:01:22.0843 3348 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 10:01:22.0843 3348 VgaSave - ok 10:01:22.0906 3348 ViaIde - ok 10:01:22.0968 3348 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 10:01:22.0968 3348 VolSnap - ok 10:01:23.0078 3348 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe 10:01:23.0093 3348 VSS - ok 10:01:23.0281 3348 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll 10:01:23.0296 3348 W32Time - ok 10:01:23.0406 3348 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 10:01:23.0406 3348 Wanarp - ok 10:01:23.0468 3348 WDICA - ok 10:01:23.0515 3348 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 10:01:23.0531 3348 wdmaud - ok 10:01:23.0625 3348 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll 10:01:23.0656 3348 WebClient - ok 10:01:23.0828 3348 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll 10:01:23.0828 3348 winmgmt - ok 10:01:23.0953 3348 WmdmPmSN (2628076412ec86c92827ae5202501e5d) C:\WINDOWS\system32\mspmsnsv.dll 10:01:23.0953 3348 WmdmPmSN - ok 10:01:24.0062 3348 Wmi (93f8eb8c7cd4e325ec92edbfc545103d) C:\WINDOWS\System32\advapi32.dll 10:01:24.0078 3348 Wmi - ok 10:01:24.0250 3348 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe 10:01:24.0250 3348 WmiApSrv - ok 10:01:24.0359 3348 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll 10:01:24.0359 3348 wscsvc - ok 10:01:24.0453 3348 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll 10:01:24.0468 3348 wuauserv - ok 10:01:24.0531 3348 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll 10:01:24.0562 3348 WZCSVC - ok 10:01:24.0625 3348 xcpip - ok 10:01:24.0703 3348 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll 10:01:24.0718 3348 xmlprov - ok 10:01:24.0781 3348 xpsec - ok 10:01:24.0828 3348 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0 10:01:24.0828 3348 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected 10:01:24.0828 3348 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0) 10:01:24.0843 3348 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4 10:01:28.0812 3348 \Device\Harddisk1\DR4 - ok 10:01:28.0843 3348 Boot (0x1200) (eaa7511aad5f67d48329524711e0cdfd) \Device\Harddisk0\DR0\Partition0 10:01:28.0843 3348 \Device\Harddisk0\DR0\Partition0 - ok 10:01:28.0875 3348 Boot (0x1200) (97337f8e7248d485b0a45553a8d2bd96) \Device\Harddisk0\DR0\Partition1 10:01:28.0875 3348 \Device\Harddisk0\DR0\Partition1 - ok 10:01:28.0875 3348 Boot (0x1200) (ffe9445d9b5adb98550c2e732878c1a0) \Device\Harddisk1\DR4\Partition0 10:01:28.0890 3348 \Device\Harddisk1\DR4\Partition0 - ok 10:01:28.0890 3348 ============================================================ 10:01:28.0890 3348 Scan finished 10:01:28.0890 3348 ============================================================ 10:01:28.0906 1688 Detected object count: 1 10:01:28.0906 1688 Actual detected object count: 1 10:01:51.0203 1688 \Device\Harddisk0\DR0\# - copied to quarantine 10:01:51.0203 1688 \Device\Harddisk0\DR0 - copied to quarantine 10:01:51.0234 1688 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot 10:01:51.0234 1688 \Device\Harddisk0\DR0 - ok 10:01:51.0234 1688 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure 10:02:11.0937 0984 Deinitialize success
  2. aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-04-03 09:56:25 ----------------------------- 09:56:25.656 OS Version: Windows 5.1.2600 Service Pack 3 09:56:25.656 Number of processors: 1 586 0x207 09:56:25.656 ComputerName: COMPUTER UserName: Admin 09:56:27.109 Initialize success 09:56:27.625 AVAST engine defs: 12040201 09:56:45.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 09:56:45.781 Disk 0 Vendor: IC35L120AVVA07-0 VA6OA51A Size: 114440MB BusType: 3 09:56:45.781 Device owAZEVAoRGRCZ -> DriverStartIo RGRCZ@J@ f75f8864 09:56:45.796 Disk 0 MBR read successfully 09:56:45.796 Disk 0 MBR scan 09:56:45.796 Disk 0 Win32:MBRoot-J [Trj] 09:56:45.796 Disk 0 Windows XP default MBR code found via API 09:56:45.796 Disk 0 MBR hidden 09:56:45.812 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63 09:56:45.812 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 30066 MB offset 80325 09:56:45.828 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 84333 MB offset 61657470 09:56:45.828 Disk 0 MBR [Win32:MBRoot] **ROOTKIT** 09:56:45.843 Disk 0 trace - called modules: 09:56:46.343 ntoskrnl.exe CLASSPNP.SYS disk.sys aswSP.SYS >>UNKNOWN [0x83bdb000]<< 09:56:46.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83b63ab8] 09:56:46.343 3 CLASSPNP.SYS[f76effd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83bdad98] 09:56:46.421 AVAST engine scan C:\WINDOWS 09:56:48.890 AVAST engine scan C:\WINDOWS\system32 09:58:51.171 AVAST engine scan C:\WINDOWS\system32\drivers 09:59:03.046 AVAST engine scan C:\Documents and Settings\Admin 10:02:29.375 AVAST engine scan C:\Documents and Settings\All Users 10:03:22.046 Scan finished successfully 10:04:40.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Mijn documenten\MBR.dat" 10:04:40.312 The log file has been saved successfully to "C:\Documents and Settings\Admin\Mijn documenten\aswMBR.txt"
  3. Mijn Avastscanner geeft nu dit aan: Bedreiging gedetecteerd! Bestandsnaam: MBR: \\.\PHYSICALDRIVE0 Nauwgezetheid: Hoog Status: Bedreiging: Win32:MBROOT-J [Trj] Die kan ik dus ook niet verwijderen want dan slaat mijn pc vast bij het opstarten
  4. Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.04.02.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Admin :: COMPUTER [administrator] 2-4-2012 10:53:44 mbam-log-2012-04-02 (10-53-44).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 212384 Verstreken tijd: 8 minuut/minuten, 3 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:03:07, on 2-4-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe D:\Anti Virus\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\winmine.exe C:\WINDOWS\notepad.exe D:\Anti Virus\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Anti Virus\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/MSNPUpld.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- End of file - 8035 bytes
  5. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:28:53, on 1-4-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe D:\Anti Virus\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: AFAS Personal Bijwerk Assistent - {0DFC36E8-EAE8-484F-A89C-F565849A210F} - mscoree.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start Free Uninstall Survey | AVG Nederland O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/MSNPUpld.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- End of file - 9434 bytes
  6. AVG scanner zegt dat ik en Trojaans paard heb, maar nu verwijderd de scan heb zelf niet. Hoe kan ik dit virus verwijderen?
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.