Ga naar inhoud

KelsHoe

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    6

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door KelsHoe

    Trojaans Paard

    in Archief Bestrijding malware & virussen

    Geplaatst:

    10:00:40.0140 3812 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

    10:00:40.0265 3812 ============================================================

    10:00:40.0265 3812 Current date / time: 2012/04/04 10:00:40.0265

    10:00:40.0265 3812 SystemInfo:

    10:00:40.0265 3812

    10:00:40.0265 3812 OS Version: 5.1.2600 ServicePack: 3.0

    10:00:40.0265 3812 Product type: Workstation

    10:00:40.0265 3812 ComputerName: COMPUTER

    10:00:40.0265 3812 UserName: Admin

    10:00:40.0265 3812 Windows directory: C:\WINDOWS

    10:00:40.0265 3812 System windows directory: C:\WINDOWS

    10:00:40.0265 3812 Processor architecture: Intel x86

    10:00:40.0265 3812 Number of processors: 1

    10:00:40.0265 3812 Page size: 0x1000

    10:00:40.0265 3812 Boot type: Normal boot

    10:00:40.0265 3812 ============================================================

    10:00:42.0453 3812 Drive \Device\Harddisk0\DR0 - Size: 0x1BF08EB000 (111.76 Gb), SectorSize: 0x200, Cylinders: 0x38FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

    10:00:42.0453 3812 Drive \Device\Harddisk1\DR4 - Size: 0xEE200000 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

    10:00:42.0453 3812 \Device\Harddisk0\DR0:

    10:00:42.0453 3812 MBR used

    10:00:42.0453 3812 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x3AB97B9

    10:00:42.0453 3812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3ACD17E, BlocksNum 0xA4B6B3F

    10:00:42.0453 3812 \Device\Harddisk1\DR4:

    10:00:42.0453 3812 MBR used

    10:00:42.0453 3812 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x14B8, BlocksNum 0x76FB48

    10:00:42.0531 3812 Initialize success

    10:00:42.0531 3812 ============================================================

    10:00:51.0421 3348 ============================================================

    10:00:51.0421 3348 Scan started

    10:00:51.0421 3348 Mode: Manual;

    10:00:51.0421 3348 ============================================================

    10:00:51.0796 3348 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys

    10:00:51.0812 3348 Aavmker4 - ok

    10:00:51.0875 3348 Abiosdsk - ok

    10:00:51.0906 3348 abp480n5 - ok

    10:00:51.0968 3348 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

    10:00:51.0968 3348 ACPI - ok

    10:00:52.0062 3348 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys

    10:00:52.0062 3348 ACPIEC - ok

    10:00:52.0140 3348 adpu160m - ok

    10:00:52.0187 3348 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys

    10:00:52.0187 3348 aeaudio - ok

    10:00:52.0296 3348 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

    10:00:52.0296 3348 aec - ok

    10:00:52.0390 3348 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

    10:00:52.0406 3348 AFD - ok

    10:00:52.0484 3348 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

    10:00:52.0500 3348 agp440 - ok

    10:00:52.0640 3348 Aha154x - ok

    10:00:52.0703 3348 aic78u2 - ok

    10:00:52.0718 3348 aic78xx - ok

    10:00:52.0765 3348 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll

    10:00:52.0765 3348 Alerter - ok

    10:00:52.0890 3348 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe

    10:00:52.0921 3348 ALG - ok

    10:00:52.0984 3348 AliIde - ok

    10:00:53.0000 3348 amsint - ok

    10:00:53.0062 3348 AppMgmt (434a70fa278eb3c42140e3755c2fa4f8) C:\WINDOWS\System32\appmgmts.dll

    10:00:53.0062 3348 AppMgmt - ok

    10:00:53.0140 3348 asc - ok

    10:00:53.0171 3348 asc3350p - ok

    10:00:53.0187 3348 asc3550 - ok

    10:00:53.0281 3348 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

    10:00:53.0296 3348 aspnet_state - ok

    10:00:53.0375 3348 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys

    10:00:53.0390 3348 aswFsBlk - ok

    10:00:53.0484 3348 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys

    10:00:53.0484 3348 aswMon2 - ok

    10:00:53.0625 3348 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys

    10:00:53.0625 3348 aswRdr - ok

    10:00:53.0734 3348 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys

    10:00:53.0750 3348 aswSnx - ok

    10:00:53.0906 3348 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys

    10:00:53.0921 3348 aswSP - ok

    10:00:54.0015 3348 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys

    10:00:54.0015 3348 aswTdi - ok

    10:00:54.0125 3348 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

    10:00:54.0125 3348 AsyncMac - ok

    10:00:54.0234 3348 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

    10:00:54.0234 3348 atapi - ok

    10:00:54.0296 3348 Atdisk - ok

    10:00:54.0343 3348 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

    10:00:54.0359 3348 Atmarpc - ok

    10:00:54.0453 3348 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll

    10:00:54.0453 3348 AudioSrv - ok

    10:00:54.0546 3348 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

    10:00:54.0546 3348 audstub - ok

    10:00:54.0656 3348 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    10:00:54.0656 3348 avast! Antivirus - ok

    10:00:54.0750 3348 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

    10:00:54.0750 3348 Beep - ok

    10:00:54.0843 3348 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll

    10:00:54.0906 3348 BITS - ok

    10:00:54.0984 3348 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll

    10:00:55.0031 3348 Browser - ok

    10:00:55.0093 3348 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

    10:00:55.0093 3348 cbidf2k - ok

    10:00:55.0156 3348 cd20xrnt - ok

    10:00:55.0203 3348 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

    10:00:55.0218 3348 Cdaudio - ok

    10:00:55.0312 3348 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

    10:00:55.0312 3348 Cdfs - ok

    10:00:55.0406 3348 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

    10:00:55.0421 3348 Cdrom - ok

    10:00:55.0484 3348 Changer - ok

    10:00:55.0546 3348 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe

    10:00:55.0546 3348 CiSvc - ok

    10:00:55.0625 3348 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe

    10:00:55.0625 3348 ClipSrv - ok

    10:00:55.0750 3348 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

    10:00:55.0828 3348 clr_optimization_v2.0.50727_32 - ok

    10:00:55.0890 3348 CmdIde - ok

    10:00:55.0921 3348 COMSysApp - ok

    10:00:55.0953 3348 Cpqarray - ok

    10:00:56.0015 3348 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll

    10:00:56.0015 3348 CryptSvc - ok

    10:00:56.0109 3348 dac2w2k - ok

    10:00:56.0140 3348 dac960nt - ok

    10:00:56.0203 3348 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

    10:00:56.0218 3348 DcomLaunch - ok

    10:00:56.0312 3348 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll

    10:00:56.0328 3348 Dhcp - ok

    10:00:56.0421 3348 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

    10:00:56.0421 3348 Disk - ok

    10:00:56.0468 3348 dmadmin - ok

    10:00:56.0531 3348 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys

    10:00:56.0562 3348 dmboot - ok

    10:00:56.0656 3348 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys

    10:00:56.0656 3348 dmio - ok

    10:00:56.0750 3348 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

    10:00:56.0765 3348 dmload - ok

    10:00:56.0843 3348 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll

    10:00:56.0843 3348 dmserver - ok

    10:00:56.0921 3348 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

    10:00:56.0937 3348 DMusic - ok

    10:00:57.0031 3348 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll

    10:00:57.0031 3348 Dnscache - ok

    10:00:57.0156 3348 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll

    10:00:57.0171 3348 Dot3svc - ok

    10:00:57.0234 3348 dpti2o - ok

    10:00:57.0281 3348 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

    10:00:57.0281 3348 drmkaud - ok

    10:00:57.0390 3348 E100B (98ed0bea10477b0f252cca35eb50f838) C:\WINDOWS\system32\DRIVERS\e100b325.sys

    10:00:57.0390 3348 E100B - ok

    10:00:57.0484 3348 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll

    10:00:57.0484 3348 EapHost - ok

    10:00:57.0531 3348 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll

    10:00:57.0531 3348 ERSvc - ok

    10:00:57.0625 3348 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

    10:00:57.0640 3348 Eventlog - ok

    10:00:57.0750 3348 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll

    10:00:57.0750 3348 EventSystem - ok

    10:00:57.0875 3348 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

    10:00:57.0875 3348 Fastfat - ok

    10:00:57.0953 3348 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

    10:00:57.0968 3348 FastUserSwitchingCompatibility - ok

    10:00:58.0031 3348 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

    10:00:58.0031 3348 Fdc - ok

    10:00:58.0218 3348 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys

    10:00:58.0250 3348 Fips - ok

    10:00:58.0359 3348 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

    10:00:58.0359 3348 Flpydisk - ok

    10:00:58.0453 3348 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

    10:00:58.0453 3348 FltMgr - ok

    10:00:58.0625 3348 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

    10:00:58.0625 3348 FontCache3.0.0.0 - ok

    10:00:58.0703 3348 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

    10:00:58.0718 3348 Fs_Rec - ok

    10:00:58.0734 3348 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

    10:00:58.0750 3348 Ftdisk - ok

    10:00:58.0843 3348 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

    10:00:58.0843 3348 Gpc - ok

    10:00:58.0984 3348 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

    10:00:58.0984 3348 gupdate - ok

    10:00:59.0000 3348 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

    10:00:59.0000 3348 gupdatem - ok

    10:00:59.0140 3348 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    10:00:59.0156 3348 gusvc - ok

    10:00:59.0265 3348 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

    10:00:59.0312 3348 helpsvc - ok

    10:00:59.0359 3348 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll

    10:00:59.0359 3348 HidServ - ok

    10:00:59.0453 3348 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

    10:00:59.0453 3348 hidusb - ok

    10:00:59.0546 3348 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll

    10:00:59.0562 3348 hkmsvc - ok

    10:00:59.0609 3348 hpn - ok

    10:00:59.0765 3348 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

    10:00:59.0765 3348 hpqcxs08 - ok

    10:00:59.0906 3348 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

    10:00:59.0921 3348 hpqddsvc - ok

    10:01:00.0015 3348 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

    10:01:00.0031 3348 HPZid412 - ok

    10:01:00.0250 3348 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

    10:01:00.0250 3348 HPZipr12 - ok

    10:01:00.0359 3348 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

    10:01:00.0375 3348 HPZius12 - ok

    10:01:00.0484 3348 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

    10:01:00.0484 3348 HTTP - ok

    10:01:00.0578 3348 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll

    10:01:00.0593 3348 HTTPFilter - ok

    10:01:00.0625 3348 i2omgmt - ok

    10:01:00.0687 3348 i2omp - ok

    10:01:00.0750 3348 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

    10:01:00.0750 3348 i8042prt - ok

    10:01:00.0937 3348 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

    10:01:00.0953 3348 idsvc - ok

    10:01:01.0046 3348 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

    10:01:01.0062 3348 Imapi - ok

    10:01:01.0187 3348 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe

    10:01:01.0187 3348 ImapiService - ok

    10:01:01.0250 3348 ini910u - ok

    10:01:01.0312 3348 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys

    10:01:01.0328 3348 IntelIde - ok

    10:01:01.0421 3348 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys

    10:01:01.0437 3348 intelppm - ok

    10:01:01.0515 3348 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

    10:01:01.0515 3348 Ip6Fw - ok

    10:01:01.0578 3348 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

    10:01:01.0578 3348 IpFilterDriver - ok

    10:01:01.0687 3348 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

    10:01:01.0687 3348 IpInIp - ok

    10:01:01.0781 3348 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

    10:01:01.0796 3348 IpNat - ok

    10:01:01.0906 3348 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

    10:01:01.0906 3348 IPSec - ok

    10:01:02.0000 3348 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

    10:01:02.0015 3348 IRENUM - ok

    10:01:02.0140 3348 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys

    10:01:02.0140 3348 isapnp - ok

    10:01:02.0265 3348 JavaQuickStarterService (11c3efb4bac41175d03b1595db1a4a4f) C:\Program Files\Java\jre6\bin\jqs.exe

    10:01:02.0265 3348 JavaQuickStarterService - ok

    10:01:02.0343 3348 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

    10:01:02.0359 3348 Kbdclass - ok

    10:01:02.0453 3348 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

    10:01:02.0468 3348 kbdhid - ok

    10:01:02.0593 3348 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

    10:01:02.0593 3348 kmixer - ok

    10:01:02.0687 3348 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

    10:01:02.0687 3348 KSecDD - ok

    10:01:02.0781 3348 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll

    10:01:02.0796 3348 lanmanserver - ok

    10:01:02.0859 3348 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll

    10:01:02.0875 3348 lanmanworkstation - ok

    10:01:02.0937 3348 lbrtfdc - ok

    10:01:03.0015 3348 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll

    10:01:03.0015 3348 LmHosts - ok

    10:01:03.0125 3348 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll

    10:01:03.0140 3348 Messenger - ok

    10:01:03.0234 3348 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

    10:01:03.0234 3348 mnmdd - ok

    10:01:03.0328 3348 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe

    10:01:03.0328 3348 mnmsrvc - ok

    10:01:03.0406 3348 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys

    10:01:03.0406 3348 Modem - ok

    10:01:03.0500 3348 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys

    10:01:03.0515 3348 Mouclass - ok

    10:01:03.0640 3348 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

    10:01:03.0640 3348 mouhid - ok

    10:01:03.0734 3348 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

    10:01:03.0750 3348 MountMgr - ok

    10:01:03.0812 3348 mraid35x - ok

    10:01:03.0875 3348 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

    10:01:03.0875 3348 MRxDAV - ok

    10:01:03.0984 3348 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

    10:01:04.0000 3348 MRxSmb - ok

    10:01:04.0093 3348 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe

    10:01:04.0093 3348 MSDTC - ok

    10:01:04.0203 3348 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

    10:01:04.0203 3348 Msfs - ok

    10:01:04.0265 3348 MSIServer - ok

    10:01:04.0312 3348 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

    10:01:04.0328 3348 MSKSSRV - ok

    10:01:04.0406 3348 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

    10:01:04.0406 3348 MSPCLOCK - ok

    10:01:04.0468 3348 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

    10:01:04.0468 3348 MSPQM - ok

    10:01:04.0656 3348 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

    10:01:04.0656 3348 mssmbios - ok

    10:01:04.0875 3348 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

    10:01:04.0906 3348 Mup - ok

    10:01:05.0203 3348 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll

    10:01:05.0234 3348 napagent - ok

    10:01:05.0515 3348 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

    10:01:05.0625 3348 NDIS - ok

    10:01:05.0734 3348 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

    10:01:05.0750 3348 NdisTapi - ok

    10:01:05.0859 3348 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

    10:01:05.0859 3348 Ndisuio - ok

    10:01:05.0953 3348 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

    10:01:05.0953 3348 NdisWan - ok

    10:01:06.0062 3348 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

    10:01:06.0062 3348 NDProxy - ok

    10:01:06.0250 3348 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    10:01:06.0281 3348 Nero BackItUp Scheduler 4.0 - ok

    10:01:06.0359 3348 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\WINDOWS\system32\HPZinw12.dll

    10:01:06.0375 3348 Net Driver HPZ12 - ok

    10:01:06.0468 3348 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

    10:01:06.0468 3348 NetBIOS - ok

    10:01:06.0562 3348 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

    10:01:06.0578 3348 NetBT - ok

    10:01:06.0671 3348 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

    10:01:06.0687 3348 NetDDE - ok

    10:01:06.0718 3348 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

    10:01:06.0781 3348 NetDDEdsdm - ok

    10:01:06.0890 3348 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

    10:01:06.0906 3348 Netlogon - ok

    10:01:07.0000 3348 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll

    10:01:07.0000 3348 Netman - ok

    10:01:07.0187 3348 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

    10:01:07.0187 3348 NetTcpPortSharing - ok

    10:01:07.0296 3348 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll

    10:01:07.0312 3348 Nla - ok

    10:01:07.0406 3348 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

    10:01:07.0406 3348 Npfs - ok

    10:01:07.0515 3348 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

    10:01:07.0531 3348 Ntfs - ok

    10:01:07.0640 3348 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

    10:01:07.0640 3348 NtLmSsp - ok

    10:01:07.0750 3348 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll

    10:01:07.0765 3348 NtmsSvc - ok

    10:01:07.0890 3348 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

    10:01:07.0890 3348 Null - ok

    10:01:08.0281 3348 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

    10:01:08.0343 3348 nv - ok

    10:01:08.0437 3348 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

    10:01:08.0437 3348 NwlnkFlt - ok

    10:01:08.0546 3348 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

    10:01:08.0546 3348 NwlnkFwd - ok

    10:01:08.0687 3348 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

    10:01:08.0687 3348 odserv - ok

    10:01:08.0781 3348 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS

    10:01:08.0781 3348 OMCI - ok

    10:01:08.0875 3348 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

    10:01:08.0890 3348 ose - ok

    10:01:08.0968 3348 p695x9cu.sys - ok

    10:01:09.0015 3348 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys

    10:01:09.0015 3348 Parport - ok

    10:01:09.0125 3348 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

    10:01:09.0125 3348 PartMgr - ok

    10:01:09.0218 3348 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

    10:01:09.0218 3348 ParVdm - ok

    10:01:09.0265 3348 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys

    10:01:09.0281 3348 PCI - ok

    10:01:09.0359 3348 PCIDump - ok

    10:01:09.0484 3348 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\drivers\PCIIde.sys

    10:01:09.0500 3348 PCIIde - ok

    10:01:09.0765 3348 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys

    10:01:09.0781 3348 Pcmcia - ok

    10:01:09.0843 3348 PDCOMP - ok

    10:01:09.0859 3348 PDFRAME - ok

    10:01:09.0890 3348 PDRELI - ok

    10:01:09.0906 3348 PDRFRAME - ok

    10:01:09.0937 3348 perc2 - ok

    10:01:09.0968 3348 perc2hib - ok

    10:01:10.0062 3348 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

    10:01:10.0078 3348 PlugPlay - ok

    10:01:10.0187 3348 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\WINDOWS\system32\HPZipm12.dll

    10:01:10.0187 3348 Pml Driver HPZ12 - ok

    10:01:10.0281 3348 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

    10:01:10.0281 3348 PolicyAgent - ok

    10:01:10.0359 3348 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

    10:01:10.0359 3348 PptpMiniport - ok

    10:01:10.0437 3348 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

    10:01:10.0453 3348 ProtectedStorage - ok

    10:01:10.0500 3348 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

    10:01:10.0500 3348 PSched - ok

    10:01:10.0609 3348 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

    10:01:10.0609 3348 Ptilink - ok

    10:01:10.0687 3348 ql1080 - ok

    10:01:10.0703 3348 Ql10wnt - ok

    10:01:10.0718 3348 ql12160 - ok

    10:01:10.0750 3348 ql1240 - ok

    10:01:10.0765 3348 ql1280 - ok

    10:01:10.0828 3348 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

    10:01:10.0828 3348 RasAcd - ok

    10:01:10.0890 3348 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll

    10:01:10.0890 3348 RasAuto - ok

    10:01:10.0984 3348 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

    10:01:10.0984 3348 Rasl2tp - ok

    10:01:11.0125 3348 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll

    10:01:11.0140 3348 RasMan - ok

    10:01:11.0234 3348 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

    10:01:11.0250 3348 RasPppoe - ok

    10:01:11.0343 3348 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

    10:01:11.0343 3348 Raspti - ok

    10:01:11.0468 3348 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

    10:01:11.0468 3348 Rdbss - ok

    10:01:11.0562 3348 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

    10:01:11.0562 3348 RDPCDD - ok

    10:01:11.0687 3348 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

    10:01:11.0703 3348 rdpdr - ok

    10:01:11.0796 3348 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

    10:01:11.0812 3348 RDPWD - ok

    10:01:11.0906 3348 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe

    10:01:11.0921 3348 RDSessMgr - ok

    10:01:12.0000 3348 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys

    10:01:12.0015 3348 redbook - ok

    10:01:12.0046 3348 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll

    10:01:12.0062 3348 RemoteAccess - ok

    10:01:12.0171 3348 RemoteRegistry (2fd5b89bf9289c774c5c730dea96cd91) C:\WINDOWS\system32\regsvc.dll

    10:01:12.0203 3348 RemoteRegistry - ok

    10:01:12.0281 3348 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe

    10:01:12.0296 3348 RpcLocator - ok

    10:01:12.0359 3348 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

    10:01:12.0375 3348 RpcSs - ok

    10:01:12.0468 3348 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe

    10:01:12.0484 3348 RSVP - ok

    10:01:12.0562 3348 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

    10:01:12.0562 3348 SamSs - ok

    10:01:12.0625 3348 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe

    10:01:12.0640 3348 SCardSvr - ok

    10:01:12.0718 3348 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll

    10:01:12.0734 3348 Schedule - ok

    10:01:12.0843 3348 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

    10:01:12.0843 3348 Secdrv - ok

    10:01:12.0906 3348 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll

    10:01:12.0921 3348 seclogon - ok

    10:01:13.0000 3348 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll

    10:01:13.0015 3348 SENS - ok

    10:01:13.0078 3348 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

    10:01:13.0078 3348 serenum - ok

    10:01:13.0234 3348 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys

    10:01:13.0250 3348 Serial - ok

    10:01:13.0359 3348 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

    10:01:13.0375 3348 Sfloppy - ok

    10:01:13.0468 3348 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll

    10:01:13.0484 3348 SharedAccess - ok

    10:01:13.0609 3348 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

    10:01:13.0625 3348 ShellHWDetection - ok

    10:01:13.0687 3348 Simbad - ok

    10:01:13.0765 3348 smwdm (70b8dd8707dbf6142530c106365df67d) C:\WINDOWS\system32\drivers\smwdm.sys

    10:01:13.0781 3348 smwdm - ok

    10:01:13.0843 3348 Sparrow - ok

    10:01:13.0906 3348 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

    10:01:13.0906 3348 splitter - ok

    10:01:13.0984 3348 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

    10:01:14.0000 3348 Spooler - ok

    10:01:14.0062 3348 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys

    10:01:14.0062 3348 sr - ok

    10:01:14.0171 3348 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll

    10:01:14.0187 3348 srservice - ok

    10:01:14.0281 3348 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

    10:01:14.0312 3348 Srv - ok

    10:01:14.0406 3348 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll

    10:01:14.0421 3348 SSDPSRV - ok

    10:01:14.0468 3348 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll

    10:01:14.0500 3348 stisvc - ok

    10:01:14.0593 3348 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

    10:01:14.0593 3348 swenum - ok

    10:01:14.0656 3348 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

    10:01:14.0656 3348 swmidi - ok

    10:01:14.0718 3348 SwPrv - ok

    10:01:14.0750 3348 symc810 - ok

    10:01:14.0781 3348 symc8xx - ok

    10:01:14.0796 3348 sym_hi - ok

    10:01:14.0828 3348 sym_u3 - ok

    10:01:14.0875 3348 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

    10:01:14.0890 3348 sysaudio - ok

    10:01:14.0984 3348 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe

    10:01:14.0984 3348 SysmonLog - ok

    10:01:15.0062 3348 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll

    10:01:15.0078 3348 TapiSrv - ok

    10:01:15.0343 3348 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

    10:01:15.0437 3348 Tcpip - ok

    10:01:15.0609 3348 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

    10:01:15.0609 3348 TDPIPE - ok

    10:01:15.0765 3348 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

    10:01:15.0765 3348 TDTCP - ok

    10:01:15.0859 3348 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

    10:01:15.0859 3348 TermDD - ok

    10:01:15.0984 3348 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll

    10:01:16.0015 3348 TermService - ok

    10:01:16.0156 3348 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

    10:01:16.0171 3348 Themes - ok

    10:01:16.0250 3348 TlntSvr (78a2fe13662a119875f10e9ffcb49a8f) C:\WINDOWS\system32\tlntsvr.exe

    10:01:16.0281 3348 TlntSvr - ok

    10:01:16.0421 3348 TosIde - ok

    10:01:16.0500 3348 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll

    10:01:17.0296 3348 TrkWks - ok

    10:01:17.0421 3348 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

    10:01:17.0437 3348 Udfs - ok

    10:01:17.0843 3348 ultra - ok

    10:01:17.0937 3348 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

    10:01:18.0281 3348 Update - ok

    10:01:18.0359 3348 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll

    10:01:19.0140 3348 upnphost - ok

    10:01:19.0250 3348 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe

    10:01:20.0453 3348 UPS - ok

    10:01:20.0531 3348 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

    10:01:20.0796 3348 usbccgp - ok

    10:01:20.0906 3348 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

    10:01:21.0109 3348 usbehci - ok

    10:01:21.0328 3348 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

    10:01:21.0625 3348 usbhub - ok

    10:01:21.0828 3348 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

    10:01:21.0937 3348 usbprint - ok

    10:01:22.0250 3348 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

    10:01:22.0265 3348 usbscan - ok

    10:01:22.0546 3348 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

    10:01:22.0578 3348 USBSTOR - ok

    10:01:22.0750 3348 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

    10:01:22.0750 3348 usbuhci - ok

    10:01:22.0843 3348 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

    10:01:22.0843 3348 VgaSave - ok

    10:01:22.0906 3348 ViaIde - ok

    10:01:22.0968 3348 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys

    10:01:22.0968 3348 VolSnap - ok

    10:01:23.0078 3348 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe

    10:01:23.0093 3348 VSS - ok

    10:01:23.0281 3348 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll

    10:01:23.0296 3348 W32Time - ok

    10:01:23.0406 3348 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

    10:01:23.0406 3348 Wanarp - ok

    10:01:23.0468 3348 WDICA - ok

    10:01:23.0515 3348 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

    10:01:23.0531 3348 wdmaud - ok

    10:01:23.0625 3348 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll

    10:01:23.0656 3348 WebClient - ok

    10:01:23.0828 3348 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll

    10:01:23.0828 3348 winmgmt - ok

    10:01:23.0953 3348 WmdmPmSN (2628076412ec86c92827ae5202501e5d) C:\WINDOWS\system32\mspmsnsv.dll

    10:01:23.0953 3348 WmdmPmSN - ok

    10:01:24.0062 3348 Wmi (93f8eb8c7cd4e325ec92edbfc545103d) C:\WINDOWS\System32\advapi32.dll

    10:01:24.0078 3348 Wmi - ok

    10:01:24.0250 3348 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe

    10:01:24.0250 3348 WmiApSrv - ok

    10:01:24.0359 3348 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll

    10:01:24.0359 3348 wscsvc - ok

    10:01:24.0453 3348 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll

    10:01:24.0468 3348 wuauserv - ok

    10:01:24.0531 3348 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll

    10:01:24.0562 3348 WZCSVC - ok

    10:01:24.0625 3348 xcpip - ok

    10:01:24.0703 3348 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll

    10:01:24.0718 3348 xmlprov - ok

    10:01:24.0781 3348 xpsec - ok

    10:01:24.0828 3348 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0

    10:01:24.0828 3348 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

    10:01:24.0828 3348 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

    10:01:24.0843 3348 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4

    10:01:28.0812 3348 \Device\Harddisk1\DR4 - ok

    10:01:28.0843 3348 Boot (0x1200) (eaa7511aad5f67d48329524711e0cdfd) \Device\Harddisk0\DR0\Partition0

    10:01:28.0843 3348 \Device\Harddisk0\DR0\Partition0 - ok

    10:01:28.0875 3348 Boot (0x1200) (97337f8e7248d485b0a45553a8d2bd96) \Device\Harddisk0\DR0\Partition1

    10:01:28.0875 3348 \Device\Harddisk0\DR0\Partition1 - ok

    10:01:28.0875 3348 Boot (0x1200) (ffe9445d9b5adb98550c2e732878c1a0) \Device\Harddisk1\DR4\Partition0

    10:01:28.0890 3348 \Device\Harddisk1\DR4\Partition0 - ok

    10:01:28.0890 3348 ============================================================

    10:01:28.0890 3348 Scan finished

    10:01:28.0890 3348 ============================================================

    10:01:28.0906 1688 Detected object count: 1

    10:01:28.0906 1688 Actual detected object count: 1

    10:01:51.0203 1688 \Device\Harddisk0\DR0\# - copied to quarantine

    10:01:51.0203 1688 \Device\Harddisk0\DR0 - copied to quarantine

    10:01:51.0234 1688 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot

    10:01:51.0234 1688 \Device\Harddisk0\DR0 - ok

    10:01:51.0234 1688 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure

    10:02:11.0937 0984 Deinitialize success

    Trojaans Paard

    in Archief Bestrijding malware & virussen

    Geplaatst:

    aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

    Run date: 2012-04-03 09:56:25

    -----------------------------

    09:56:25.656 OS Version: Windows 5.1.2600 Service Pack 3

    09:56:25.656 Number of processors: 1 586 0x207

    09:56:25.656 ComputerName: COMPUTER UserName: Admin

    09:56:27.109 Initialize success

    09:56:27.625 AVAST engine defs: 12040201

    09:56:45.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

    09:56:45.781 Disk 0 Vendor: IC35L120AVVA07-0 VA6OA51A Size: 114440MB BusType: 3

    09:56:45.781 Device owAZEVAoRGRCZ -> DriverStartIo RGRCZ@J@ f75f8864

    09:56:45.796 Disk 0 MBR read successfully

    09:56:45.796 Disk 0 MBR scan

    09:56:45.796 Disk 0 Win32:MBRoot-J [Trj]

    09:56:45.796 Disk 0 Windows XP default MBR code found via API

    09:56:45.796 Disk 0 MBR hidden

    09:56:45.812 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63

    09:56:45.812 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 30066 MB offset 80325

    09:56:45.828 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 84333 MB offset 61657470

    09:56:45.828 Disk 0 MBR [Win32:MBRoot] **ROOTKIT**

    09:56:45.843 Disk 0 trace - called modules:

    09:56:46.343 ntoskrnl.exe CLASSPNP.SYS disk.sys aswSP.SYS >>UNKNOWN [0x83bdb000]<<

    09:56:46.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83b63ab8]

    09:56:46.343 3 CLASSPNP.SYS[f76effd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83bdad98]

    09:56:46.421 AVAST engine scan C:\WINDOWS

    09:56:48.890 AVAST engine scan C:\WINDOWS\system32

    09:58:51.171 AVAST engine scan C:\WINDOWS\system32\drivers

    09:59:03.046 AVAST engine scan C:\Documents and Settings\Admin

    10:02:29.375 AVAST engine scan C:\Documents and Settings\All Users

    10:03:22.046 Scan finished successfully

    10:04:40.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Mijn documenten\MBR.dat"

    10:04:40.312 The log file has been saved successfully to "C:\Documents and Settings\Admin\Mijn documenten\aswMBR.txt"

    Trojaans Paard

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Malwarebytes Anti-Malware 1.60.1.1000

    www.malwarebytes.org

    Databaseversie: v2012.04.02.03

    Windows XP Service Pack 3 x86 NTFS

    Internet Explorer 8.0.6001.18702

    Admin :: COMPUTER [administrator]

    2-4-2012 10:53:44

    mbam-log-2012-04-02 (10-53-44).txt

    Scantype: Snelle scan

    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

    Uitgeschakelde scanopties: P2P

    Objecten gescand: 212384

    Verstreken tijd: 8 minuut/minuten, 3 seconde(n)

    Geheugenprocessen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 11:03:07, on 2-4-2012

    Platform: Windows XP SP3 (WinNT 5.01.2600)

    MSIE: Internet Explorer v8.00 (8.00.6001.18702)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\AVAST Software\Avast\avastUI.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Java\jre6\bin\jqs.exe

    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

    D:\Anti Virus\Malwarebytes' Anti-Malware\mbam.exe

    C:\WINDOWS\system32\winmine.exe

    C:\WINDOWS\notepad.exe

    D:\Anti Virus\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel)

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Anti Virus\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/MSNPUpld.cab

    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    --

    End of file - 8035 bytes

    Trojaans Paard

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 21:28:53, on 1-4-2012

    Platform: Windows XP SP3 (WinNT 5.01.2600)

    MSIE: Internet Explorer v8.00 (8.00.6001.18702)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

    C:\Program Files\AVG\AVG2012\avgcsrvx.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\AVAST Software\Avast\avastUI.exe

    C:\Program Files\AVG\AVG2012\avgtray.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\AVG\AVG2012\avgwdsvc.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Java\jre6\bin\jqs.exe

    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    C:\Program Files\AVG\AVG2012\avgnsx.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

    C:\Program Files\AVG\AVG2012\avgcsrvx.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\WINDOWS\system32\msiexec.exe

    D:\Anti Virus\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel)

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O3 - Toolbar: AFAS Personal Bijwerk Assistent - {0DFC36E8-EAE8-484F-A89C-F565849A210F} - mscoree.dll (file missing)

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start Free Uninstall Survey | AVG Nederland

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/MSNPUpld.cab

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    --

    End of file - 9434 bytes

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.