Vraag & Antwoord

Beveiliging & privacy

Download probleem

28 antwoorden
  • Hey iedereen, Ik heb net een verse Windows 7 Ultimate een week geleden op me Computer geinstalleerd nadat ik erachter kwam dat ik trojans en trojan downloaders had. Ik zit nu al een week te kutten, zowat elke .RAR bestand dat ik download (1gig bestanden meestal) Die worden automatisch gecancelled door de foutmelding: "(Directory/Filenaam) kon niet worden opgeslagen, omdat het bronbestand niet kon worden gelezen" Dat is de foutmelding die firefox me geeft. Dus ik dacht, nou kijken met andere browsers, maar die geven ook fouten aan, en Rapidshare downloader geeft de fout "Bad MAC Record" of iets in die richting. Ik zit nu al een week te kutten en het begint echt me strot uit te komen, ben me register een paar keer nagelopen en cCleaner gerund, NOD32 en Malwarebytes 80 keer laten scannen, maar vond helemaal niks, Heb [b:bb0a79a5c3]120mbit fiber[/b:bb0a79a5c3] van UPC, meld het er voor de zekerheid maar bij. Help a fellow geek out! [code:1:bb0a79a5c3] HiJack Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:13:05, on 7-9-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Megaupload\Mega Manager\MegaManager.exe C:\Program Files\ManyCam 2.4\ManyCam.exe C:\Program Files\Steam\Steam.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Search-Results Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Search-Results Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Users\Steffa\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Mega Manager] C:\Program Files\Megaupload\Mega Manager\MegaManager.exe /Tray O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Logitech . Productregistratie.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe -- End of file - 5132 bytes [/code:1:bb0a79a5c3] PS: Geen enkele browser download bestanden groter dan 100-200mb lijkt het wel. Vraag en suggereer er op los! Want ik wil zo snel mogelijk van dit irritante probleem afkomen zonder opnieuw te formatteren. Groeten, Stefan vd V
  • Is dat wel een legitieme Windows versie? [color=#FF0000:fc0d459905][b:fc0d459905]Stap •1•[/b:fc0d459905][/color:fc0d459905] Download [b:fc0d459905]MGADiag.exe[/b:fc0d459905] [url=http://go.microsoft.com/fwlink/?linkid=52012][COLOR="Blue"][b:fc0d459905]hier[/b:fc0d459905][/COLOR][/url] en sla het bestand op je bueaublad op. [list:fc0d459905][*:fc0d459905] Klik/dubbelklik op MGADiag.exe om het tool te starten. [*:fc0d459905] Het programma start - de analyze kan even duren, wees geduldig. [*:fc0d459905] Indien klaar klik dan op Copy. [*:fc0d459905] Open dan een nieuw kladblok document en kopieer de gegevens erin. [*:fc0d459905] Sla het kladblokdocument dan op je bureaublad op onder de naam MGADiag.txt en post de inhoud ervan in je volgende bericht.[/list:u:fc0d459905] [color=#FF0000:fc0d459905][b:fc0d459905]Stap •2•[/b:fc0d459905][/color:fc0d459905] Ga naar "Configuratiescherm\Programma's en ondelen" en verwijder daar de Ask-Toolbar. [color=#FF0000:fc0d459905][b:fc0d459905]Stap •3•[/b:fc0d459905][/color:fc0d459905] [b:fc0d459905]Download [url=http://eric71.geekstogo.com/tools/LopSD.exe]LopSD[/url] of [url=http://eric.71.mespages.googlepages.com/LopSD.exe]LOPSD[/url] naar je Bureaublad.[/b:fc0d459905] [list:fc0d459905][*:fc0d459905] [b:fc0d459905]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:fc0d459905] [list:fc0d459905][*:fc0d459905][b:fc0d459905]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"![/list:u:fc0d459905] [*:fc0d459905] Kies Optie N en Enter [*:fc0d459905] Klik OK bij het informatie venter [*:fc0d459905] Kies Optie 2 en Enter [*:fc0d459905] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:fc0d459905][/list:u:fc0d459905]
  • [code:1:47b8fa2f11] Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: N/A, hr = 0xc004f012 Windows Product Key: *****-*****-GJY49-VJBQ7-HYRR2 Windows Product Key Hash: W5/6nm6F2UPXrCkY5xUhXb/+21g= Windows Product ID: 00426-OEM-8992662-00006 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010100.1.0.001 ID: {08FDD541-A168-4BF8-AB1B-4B4B5A781B69}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Ultimate Architecture: 0x00000000 Build lab: 7601.win7sp1_gdr.110622-1506 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003] File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003] File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003] File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003] Other data--> Office Details: <GenuineResults><MachineData><UGUID>{08FDD541-A168-4BF8-AB1B-4B4B5A781B69}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-HYRR2</PKey><PID>00426-OEM-8992662-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-1277582859-287793874-3685577647</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0208 </Version><SMBIOSVersion major="2" minor="6"/><Date>20090929000000.000000+000</Date></BIOS><HWID>92713E07018400FC</HWID><UserLCID>0413</UserLCID><SystemLCID>0413</SystemLCID><TimeZone>West-Europa (standaardtijd)(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Versie van Software Licensing-service: 6.1.7601.17514 Naam: Windows(R) 7, Ultimate edition Beschrijving: Windows Operating System - Windows(R) 7, OEM_SLP channel Activerings-id: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8 Toepassings-id55c92734-d682-4d71-983e-d6ec3f16059f Uitgebreide PID: 00426-00178-926-600006-02-1043-7601.0000-2392011 Installatie-id013870231484519371745466914803514223466964149971258400 URL van processorcertificaat: http://go.microsoft.com/fwlink/?LinkID=88338 URL van computercertificaat: http://go.microsoft.com/fwlink/?LinkID=88339 URL van gebruikte licentie: http://go.microsoft.com/fwlink/?LinkID=88341 URL van productcodecertificaat: http://go.microsoft.com/fwlink/?LinkID=88340 Gedeeltelijke productcode: HYRR2 Licentiestatus: licentie Resterend aantal nieuwe Windows-activeringen: 3 Vertrouwde tijd: 7-9-2011 16:48:01 Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: N/A HealthStatus: 0x0000000000000000 Event Time Stamp: N/A ActiveX: Not Registered - 0x80040154 Admin Service: Not Registered - 0x80040154 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: PAAAAAIABgABAAEAAQADAAAAAQABAAEAeqiAH/yLj5+mdjYnQsaAlvTjkC+mMHTbwZxiPQjkefSAKFxd OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC 092909 APIC1122 FACP 092909 FACP1122 HPET 092909 OEMHPET MCFG 092909 OEMMCFG OEMB 092909 OEMB1122 SSDT DpgPmm CpuPm SLIC ACRSYS ACRPRDCT [/code:1:47b8fa2f11] [code:1:47b8fa2f11] --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows 7 Ultimate ( v6.1.7601 ) Service Pack 1 X86-based PC ( Multiprocessor Free : Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz ) BIOS : BIOS Date: 09/29/09 11:22:27 Ver: 08.00.15 USER : Steffa ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:545 Go (Free:476 Go) D:\ (Local Disk) - NTFS - Total:153 Go (Free:29 Go) E:\ (CD or DVD) - UDF - Total:2 Go (Free:0 Go) F:\ (CD or DVD) - UDF - Total:2 Go (Free:0 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( wo 07-09-2011|16:50 ) [ UAC => 0 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ HERSTEL - [ Hosts bestand ] .. Hersteld ! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Beschrijving van mappen in Local [29-08-2011|04:46] C:\Users\Steffa\AppData\Local\28050 [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\Application Data [28-08-2011|00:17] C:\Users\Steffa\AppData\Local\ATI [01-09-2011|22:12] C:\Users\Steffa\AppData\Local\dxhr [28-08-2011|23:18] C:\Users\Steffa\AppData\Local\ElevatedDiagnostics [29-08-2011|02:43] C:\Users\Steffa\AppData\Local\ESET [29-08-2011|03:46] C:\Users\Steffa\AppData\Local\GDIPFONTCACHEV1.DAT [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\Geschiedenis [28-08-2011|23:57] C:\Users\Steffa\AppData\Local\Google [07-09-2011|00:02] C:\Users\Steffa\AppData\Local\IconCache.db [29-08-2011|02:13] C:\Users\Steffa\AppData\Local\LogiShrd [31-08-2011|16:44] C:\Users\Steffa\AppData\Local\Microsoft [28-08-2011|00:04] C:\Users\Steffa\AppData\Local\Mozilla [28-08-2011|02:53] C:\Users\Steffa\AppData\Local\Sports Interactive [07-09-2011|16:50] C:\Users\Steffa\AppData\Local\Temp [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\Temporary Internet Files [28-08-2011|05:14] C:\Users\Steffa\AppData\Local\uTorrent [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\VirtualStore [2|bestand(en)] C:\Users\Steffa\AppData\Local\bytes [18|map(pen)] C:\Users\Steffa\AppData\Local\bytes beschikbaar --------------------\\ Geplande Taken gelocaliseerd in C:\Windows\Tasks [07-09-2011 16:43][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000UA.job [06-09-2011 00:02][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000Core.job [07-09-2011 00:03][--ah-----] C:\Windows\tasks\SA.DAT [14-07-2009 06:53][--a------] C:\Windows\tasks\SCHEDLGU.TXT --------------------\\ Beschrijving van mappen in C:\ProgramData [14-07-2009|06:53] C:\ProgramData\Application Data [28-08-2011|00:17] C:\ProgramData\ATI [27-08-2011|23:18] C:\ProgramData\Bureaublad [07-09-2011|00:03] C:\ProgramData\DAEMON Tools Lite [14-07-2009|06:53] C:\ProgramData\Desktop [27-08-2011|23:18] C:\ProgramData\Documenten [14-07-2009|06:53] C:\ProgramData\Documents [29-08-2011|01:59] C:\ProgramData\ESET [27-08-2011|23:18] C:\ProgramData\Favorieten [14-07-2009|06:53] C:\ProgramData\Favorites [29-08-2011|02:13] C:\ProgramData\LogiShrd [28-08-2011|00:20] C:\ProgramData\Malwarebytes [27-08-2011|23:18] C:\ProgramData\Menu Start [28-08-2011|23:05] C:\ProgramData\Microsoft [07-09-2011|16:47] C:\ProgramData\Office Genuine Advantage [27-08-2011|23:18] C:\ProgramData\Sjablonen [28-08-2011|01:12] C:\ProgramData\Skype [28-08-2011|02:13] C:\ProgramData\Sports Interactive [14-07-2009|06:53] C:\ProgramData\Start Menu [14-07-2009|06:53] C:\ProgramData\Templates [0|bestand(en)] C:\ProgramData\bytes [22|map(pen)] C:\ProgramData\bytes beschikbaar --------------------\\ Beschrijving van mappen in C:\Program Files [29-08-2011|03:01] C:\Program Files\7-Zip [28-08-2011|00:06] C:\Program Files\AMD APP [29-08-2011|03:53] C:\Program Files\Ask.com [28-08-2011|00:06] C:\Program Files\ATI [28-08-2011|00:06] C:\Program Files\ATI Technologies [04-09-2011|15:02] C:\Program Files\Audacity 1.3 Beta [29-08-2011|01:52] C:\Program Files\Black_Box [28-08-2011|22:45] C:\Program Files\BTNext Legacy [06-09-2011|23:57] C:\Program Files\CCleaner [01-09-2011|11:59] C:\Program Files\Cheat Engine 6.1 [04-09-2011|20:54] C:\Program Files\Common Files [28-08-2011|02:02] C:\Program Files\DAEMON Tools Lite [29-08-2011|04:46] C:\Program Files\Deus Ex HR [21-11-2010|02:06] C:\Program Files\DVD Maker [29-08-2011|01:59] C:\Program Files\ESET [29-08-2011|03:04] C:\Program Files\HashTab Shell Extension [29-08-2011|04:11] C:\Program Files\InstallShield Installation Information [29-08-2011|03:42] C:\Program Files\Internet Explorer [27-08-2011|23:22] C:\Program Files\Java [28-08-2011|01:32] C:\Program Files\K-Lite Codec Pack [04-09-2011|15:08] C:\Program Files\Lame For Audacity [29-08-2011|03:43] C:\Program Files\Logitech [29-08-2011|03:53] C:\Program Files\ManyCam 2.4 [29-08-2011|00:36] C:\Program Files\Megaupload [28-08-2011|00:12] C:\Program Files\Microsoft [30-08-2011|03:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [21-11-2010|02:06] C:\Program Files\Microsoft Games [30-08-2011|03:18] C:\Program Files\Microsoft Silverlight [28-08-2011|00:13] C:\Program Files\Microsoft SQL Server Compact Edition [27-08-2011|23:19] C:\Program Files\Microsoft.NET [07-09-2011|01:53] C:\Program Files\mIRC [07-09-2011|00:12] C:\Program Files\Mozilla Firefox [14-07-2009|06:52] C:\Program Files\MSBuild [27-08-2011|23:22] C:\Program Files\PlayReady [06-09-2011|23:39] C:\Program Files\RapidShareManager [29-08-2011|03:51] C:\Program Files\Realtek [14-07-2009|06:52] C:\Program Files\Reference Assemblies [28-08-2011|01:12] C:\Program Files\Skype [28-08-2011|02:36] C:\Program Files\Sports Interactive [07-09-2011|02:12] C:\Program Files\Steam [28-08-2011|23:16] C:\Program Files\Temp [07-09-2011|00:12] C:\Program Files\Trend Micro [14-07-2009|06:53] C:\Program Files\Uninstall Information [28-08-2011|05:14] C:\Program Files\uTorrent [29-08-2011|04:10] C:\Program Files\VIA [21-11-2010|01:57] C:\Program Files\Windows Defender [21-11-2010|02:06] C:\Program Files\Windows Journal [28-08-2011|00:13] C:\Program Files\Windows Live [28-08-2011|00:12] C:\Program Files\Windows Live SkyDrive [21-11-2010|01:57] C:\Program Files\Windows Mail [21-11-2010|01:57] C:\Program Files\Windows Media Player [27-08-2011|23:18] C:\Program Files\Windows NT [21-11-2010|01:57] C:\Program Files\Windows Photo Viewer [20-11-2010|23:33] C:\Program Files\Windows Portable Devices [21-11-2010|01:57] C:\Program Files\Windows Sidebar [29-08-2011|01:56] C:\Program Files\WinRAR [28-08-2011|02:11] C:\Program Files\Zero G Registry [0|bestand(en)] C:\Program Files\bytes [59|map(pen)] C:\Program Files\bytes beschikbaar --------------------\\ Beschrijving van mappen in C:\Program Files\Common Files [28-08-2011|00:06] C:\Program Files\Common Files\ATI Technologies [29-08-2011|04:10] C:\Program Files\Common Files\InstallShield [29-08-2011|02:13] C:\Program Files\Common Files\logishrd [28-08-2011|00:12] C:\Program Files\Common Files\microsoft shared [14-07-2009|04:37] C:\Program Files\Common Files\Services [14-07-2009|04:37] C:\Program Files\Common Files\SpeechEngines [04-09-2011|23:54] C:\Program Files\Common Files\Steam [21-11-2010|01:57] C:\Program Files\Common Files\System [28-08-2011|00:09] C:\Program Files\Common Files\Windows Live [0|bestand(en)] C:\Program Files\Common Files\bytes [11|map(pen)] C:\Program Files\Common Files\bytes beschikbaar --------------------\\ Process ( 65 Processes ) ... OK ! --------------------\\ Zoeken met S_Lop Geen Lop mappen gevonden ! --------------------\\ Zoeken naar Lop Bestanden - Mappen Geen Lop mappen gevonden ! --------------------\\ Zoeken doorheen het Register ..... OK ! --------------------\\ Nazicht van het Hosts bestand Hosts bestand IN ORDE --------------------\\ Zoeken naar verborgen bestanden met Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-09-07 16:50:42 Windows 6.1.7601 Service Pack 1 NTFS detected NTDLL code modification: ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error --------------------\\ Zoeken naar andere infecties Geen andere infecties gevonden ! [F:844][D:83]-> C:\Users\Steffa\AppData\Local\Temp [F:56][D:1]-> C:\Users\Steffa\AppData\Roaming\MICROS~1\Windows\Cookies [F:278][D:4]-> C:\Users\Steffa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:14][D:2]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - wo 07-09-2011|16:50 - Option : [2] --------------------\\ Scan voltooid om 16:50:52 [ UAC => 1 ] [/code:1:47b8fa2f11] Voor zo ver ik weet is dit een legitieme versie van windows, ik Download ook alle MS w7 Updates
  • Het LopSD-log is niet compleet! Speciale redenen?
  • Uhmm ik copy + paste m gewoon zoals alles in dat .txt bestand staat die automatisch opent. [code:1:e6c8397a13] --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows 7 Ultimate ( v6.1.7601 ) Service Pack 1 X86-based PC ( Multiprocessor Free : Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz ) BIOS : BIOS Date: 09/29/09 11:22:27 Ver: 08.00.15 USER : Steffa ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:545 Go (Free:476 Go) D:\ (Local Disk) - NTFS - Total:153 Go (Free:29 Go) E:\ (CD or DVD) - UDF - Total:2 Go (Free:0 Go) F:\ (CD or DVD) - UDF - Total:2 Go (Free:0 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( wo 07-09-2011|17:38 ) [ UAC => 1 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Beschrijving van mappen in Local [29-08-2011|04:46] C:\Users\Steffa\AppData\Local\28050 [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\Application Data [28-08-2011|00:17] C:\Users\Steffa\AppData\Local\ATI [01-09-2011|22:12] C:\Users\Steffa\AppData\Local\dxhr [28-08-2011|23:18] C:\Users\Steffa\AppData\Local\ElevatedDiagnostics [29-08-2011|02:43] C:\Users\Steffa\AppData\Local\ESET [29-08-2011|03:46] C:\Users\Steffa\AppData\Local\GDIPFONTCACHEV1.DAT [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\Geschiedenis [28-08-2011|23:57] C:\Users\Steffa\AppData\Local\Google [07-09-2011|00:02] C:\Users\Steffa\AppData\Local\IconCache.db [29-08-2011|02:13] C:\Users\Steffa\AppData\Local\LogiShrd [31-08-2011|16:44] C:\Users\Steffa\AppData\Local\Microsoft [28-08-2011|00:04] C:\Users\Steffa\AppData\Local\Mozilla [28-08-2011|02:53] C:\Users\Steffa\AppData\Local\Sports Interactive [07-09-2011|17:38] C:\Users\Steffa\AppData\Local\Temp [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\Temporary Internet Files [28-08-2011|05:14] C:\Users\Steffa\AppData\Local\uTorrent [27-08-2011|23:23] C:\Users\Steffa\AppData\Local\VirtualStore [2|bestand(en)] C:\Users\Steffa\AppData\Local\bytes [18|map(pen)] C:\Users\Steffa\AppData\Local\bytes beschikbaar --------------------\\ Geplande Taken gelocaliseerd in C:\Windows\Tasks [07-09-2011 17:02][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000UA.job [06-09-2011 00:02][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000Core.job [07-09-2011 00:03][--ah-----] C:\Windows\tasks\SA.DAT [14-07-2009 06:53][--a------] C:\Windows\tasks\SCHEDLGU.TXT --------------------\\ Beschrijving van mappen in C:\ProgramData [14-07-2009|06:53] C:\ProgramData\Application Data [28-08-2011|00:17] C:\ProgramData\ATI [27-08-2011|23:18] C:\ProgramData\Bureaublad [07-09-2011|00:03] C:\ProgramData\DAEMON Tools Lite [14-07-2009|06:53] C:\ProgramData\Desktop [27-08-2011|23:18] C:\ProgramData\Documenten [14-07-2009|06:53] C:\ProgramData\Documents [29-08-2011|01:59] C:\ProgramData\ESET [27-08-2011|23:18] C:\ProgramData\Favorieten [14-07-2009|06:53] C:\ProgramData\Favorites [29-08-2011|02:13] C:\ProgramData\LogiShrd [28-08-2011|00:20] C:\ProgramData\Malwarebytes [27-08-2011|23:18] C:\ProgramData\Menu Start [28-08-2011|23:05] C:\ProgramData\Microsoft [07-09-2011|16:47] C:\ProgramData\Office Genuine Advantage [27-08-2011|23:18] C:\ProgramData\Sjablonen [28-08-2011|01:12] C:\ProgramData\Skype [28-08-2011|02:13] C:\ProgramData\Sports Interactive [14-07-2009|06:53] C:\ProgramData\Start Menu [14-07-2009|06:53] C:\ProgramData\Templates [0|bestand(en)] C:\ProgramData\bytes [22|map(pen)] C:\ProgramData\bytes beschikbaar --------------------\\ Beschrijving van mappen in C:\Program Files [29-08-2011|03:01] C:\Program Files\7-Zip [28-08-2011|00:06] C:\Program Files\AMD APP [29-08-2011|03:53] C:\Program Files\Ask.com [28-08-2011|00:06] C:\Program Files\ATI [28-08-2011|00:06] C:\Program Files\ATI Technologies [04-09-2011|15:02] C:\Program Files\Audacity 1.3 Beta [29-08-2011|01:52] C:\Program Files\Black_Box [28-08-2011|22:45] C:\Program Files\BTNext Legacy [06-09-2011|23:57] C:\Program Files\CCleaner [01-09-2011|11:59] C:\Program Files\Cheat Engine 6.1 [04-09-2011|20:54] C:\Program Files\Common Files [28-08-2011|02:02] C:\Program Files\DAEMON Tools Lite [29-08-2011|04:46] C:\Program Files\Deus Ex HR [21-11-2010|02:06] C:\Program Files\DVD Maker [29-08-2011|01:59] C:\Program Files\ESET [29-08-2011|03:04] C:\Program Files\HashTab Shell Extension [29-08-2011|04:11] C:\Program Files\InstallShield Installation Information [29-08-2011|03:42] C:\Program Files\Internet Explorer [27-08-2011|23:22] C:\Program Files\Java [28-08-2011|01:32] C:\Program Files\K-Lite Codec Pack [04-09-2011|15:08] C:\Program Files\Lame For Audacity [29-08-2011|03:43] C:\Program Files\Logitech [29-08-2011|03:53] C:\Program Files\ManyCam 2.4 [29-08-2011|00:36] C:\Program Files\Megaupload [28-08-2011|00:12] C:\Program Files\Microsoft [30-08-2011|03:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [21-11-2010|02:06] C:\Program Files\Microsoft Games [30-08-2011|03:18] C:\Program Files\Microsoft Silverlight [28-08-2011|00:13] C:\Program Files\Microsoft SQL Server Compact Edition [27-08-2011|23:19] C:\Program Files\Microsoft.NET [07-09-2011|01:53] C:\Program Files\mIRC [07-09-2011|00:12] C:\Program Files\Mozilla Firefox [14-07-2009|06:52] C:\Program Files\MSBuild [27-08-2011|23:22] C:\Program Files\PlayReady [06-09-2011|23:39] C:\Program Files\RapidShareManager [29-08-2011|03:51] C:\Program Files\Realtek [14-07-2009|06:52] C:\Program Files\Reference Assemblies [28-08-2011|01:12] C:\Program Files\Skype [28-08-2011|02:36] C:\Program Files\Sports Interactive [07-09-2011|02:12] C:\Program Files\Steam [28-08-2011|23:16] C:\Program Files\Temp [07-09-2011|00:12] C:\Program Files\Trend Micro [14-07-2009|06:53] C:\Program Files\Uninstall Information [28-08-2011|05:14] C:\Program Files\uTorrent [29-08-2011|04:10] C:\Program Files\VIA [21-11-2010|01:57] C:\Program Files\Windows Defender [21-11-2010|02:06] C:\Program Files\Windows Journal [28-08-2011|00:13] C:\Program Files\Windows Live [28-08-2011|00:12] C:\Program Files\Windows Live SkyDrive [21-11-2010|01:57] C:\Program Files\Windows Mail [21-11-2010|01:57] C:\Program Files\Windows Media Player [27-08-2011|23:18] C:\Program Files\Windows NT [21-11-2010|01:57] C:\Program Files\Windows Photo Viewer [20-11-2010|23:33] C:\Program Files\Windows Portable Devices [21-11-2010|01:57] C:\Program Files\Windows Sidebar [29-08-2011|01:56] C:\Program Files\WinRAR [28-08-2011|02:11] C:\Program Files\Zero G Registry [0|bestand(en)] C:\Program Files\bytes [59|map(pen)] C:\Program Files\bytes beschikbaar --------------------\\ Beschrijving van mappen in C:\Program Files\Common Files [28-08-2011|00:06] C:\Program Files\Common Files\ATI Technologies [29-08-2011|04:10] C:\Program Files\Common Files\InstallShield [29-08-2011|02:13] C:\Program Files\Common Files\logishrd [28-08-2011|00:12] C:\Program Files\Common Files\microsoft shared [14-07-2009|04:37] C:\Program Files\Common Files\Services [14-07-2009|04:37] C:\Program Files\Common Files\SpeechEngines [04-09-2011|23:54] C:\Program Files\Common Files\Steam [21-11-2010|01:57] C:\Program Files\Common Files\System [28-08-2011|00:09] C:\Program Files\Common Files\Windows Live [0|bestand(en)] C:\Program Files\Common Files\bytes [11|map(pen)] C:\Program Files\Common Files\bytes beschikbaar --------------------\\ Process ( 60 Processes ) ... OK ! --------------------\\ Zoeken met S_Lop Geen Lop mappen gevonden ! --------------------\\ Zoeken naar Lop Bestanden - Mappen Geen Lop mappen gevonden ! --------------------\\ Zoeken doorheen het Register ..... OK ! --------------------\\ Nazicht van het Hosts bestand Hosts bestand IN ORDE --------------------\\ Zoeken naar verborgen bestanden met Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-09-07 17:38:07 Windows 6.1.7601 Service Pack 1 NTFS detected NTDLL code modification: ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error --------------------\\ Zoeken naar andere infecties Geen andere infecties gevonden ! [F:845][D:83]-> C:\Users\Steffa\AppData\Local\Temp [F:56][D:1]-> C:\Users\Steffa\AppData\Roaming\MICROS~1\Windows\Cookies [F:279][D:4]-> C:\Users\Steffa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:14][D:2]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - wo 07-09-2011|16:50 - Option : [2] 2 - "C:\Lop SD\LopR_2.txt" - wo 07-09-2011|17:38 - Option : [2] --------------------\\ Scan voltooid om 17:38:14 [ UAC => 1 ] [/code:1:e6c8397a13]
  • We gaan dieper in jouw Windows kijken: [b:d35dc65d2d]Welk programma[/b:d35dc65d2d]: ComboFix [b:d35dc65d2d]Waarvoor/waarom[/b:d35dc65d2d]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:d35dc65d2d]Moeilijkheidsgraad[/b:d35dc65d2d]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:d35dc65d2d]Downloadlokatie[/b:d35dc65d2d]: Dit programma absoluut naar het bureaublad downloaden! [b:d35dc65d2d]Download ComboFix via één van deze locaties[/b:d35dc65d2d]: [list:d35dc65d2d][*:d35dc65d2d][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:d35dc65d2d]Bleepingcomputer[/b:d35dc65d2d][/url] [*:d35dc65d2d][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:d35dc65d2d]ForoSpyware[/b:d35dc65d2d][/url] [*:d35dc65d2d][url=http://subs.geekstogo.com/ComboFix.exe][b:d35dc65d2d]Geekstogo[/b:d35dc65d2d][/url][/list:u:d35dc65d2d] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:d35dc65d2d]Hier[/b:d35dc65d2d][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:d35dc65d2d]Hier[/b:d35dc65d2d][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:d35dc65d2d]hier[/b:d35dc65d2d][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:d35dc65d2d]Voor alle duidelijkheid nogmaals[/b:d35dc65d2d]: ComboFix dient vanaf het bureaublad gestart te worden. [b:d35dc65d2d]Opmerkingen[/b:d35dc65d2d]: [list:d35dc65d2d][*:d35dc65d2d] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:d35dc65d2d]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:d35dc65d2d]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:d35dc65d2d] [b:d35dc65d2d]ComboFix is opgestart[/b:d35dc65d2d]: [list:d35dc65d2d][*:d35dc65d2d]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:d35dc65d2d]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:d35dc65d2d]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:d35dc65d2d]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:d35dc65d2d]Post de inhoud van dit logbestand in je volgende bericht. [*:d35dc65d2d]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:d35dc65d2d] [b:d35dc65d2d]Belangrijke opmerking[/b:d35dc65d2d]: [list:d35dc65d2d][*:d35dc65d2d][b:d35dc65d2d][color=Red:d35dc65d2d]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:d35dc65d2d][/b:d35dc65d2d] [*:d35dc65d2d][b:d35dc65d2d][color=blue:d35dc65d2d]Illegal operation attempted on a registery key that has been marked for deletion.[/color:d35dc65d2d][/b:d35dc65d2d] [*:d35dc65d2d][b:d35dc65d2d][color=Red:d35dc65d2d]Start dan de computer opnieuw op.[/color:d35dc65d2d][/b:d35dc65d2d][/list:u:d35dc65d2d]
  • [code:1:1ecb4790ab] ComboFix 11-09-08.03 - Steffa 08-09-2011 17:10:03.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3063.1473 [GMT 2:00] Gestart vanuit: D:\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\lvci12101110.dll c:\windows\system32\mfc100deu.dll c:\windows\TEMP\logishrd\LVPrcInj01.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-08 to 2011-09-08 )))))))))))))))))))))))))))))) . . 2011-09-08 15:13 . 2011-09-08 15:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-07 14:49 . 2011-09-07 15:38 -------- d-----w- C:\Lop SD 2011-09-07 14:48 . 2011-09-07 14:48 -------- d-----w- C:\MGADiagToolOutput 2011-09-07 14:47 . 2011-09-07 14:47 -------- d-----w- c:\programdata\Office Genuine Advantage 2011-09-06 22:12 . 2011-09-06 22:12 -------- d-----w- c:\program files\Trend Micro 2011-09-06 21:57 . 2011-09-06 21:57 -------- d-----w- c:\program files\CCleaner 2011-09-06 21:48 . 2011-09-06 21:48 -------- d-----w- c:\users\Nine or ten 2011-09-04 18:54 . 2011-09-04 21:54 -------- d-----w- c:\program files\Common Files\Steam 2011-09-04 18:54 . 2011-09-08 15:15 -------- d-----w- c:\program files\Steam 2011-09-04 13:08 . 2011-09-04 13:08 -------- d-----w- c:\program files\Lame For Audacity 2011-09-04 13:02 . 2011-09-04 13:02 -------- d-----w- c:\program files\Audacity 1.3 Beta 2011-09-03 20:51 . 2011-09-07 21:01 -------- d-----w- c:\program files\mIRC 2011-09-01 09:59 . 2011-09-01 09:59 -------- d-----w- c:\program files\Cheat Engine 6.1 2011-08-31 18:11 . 2011-08-31 18:11 -------- d-----w- C:\Fraps 2011-08-30 01:01 . 2011-08-30 01:01 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2011-08-29 02:39 . 2011-08-29 02:46 -------- d-----w- c:\program files\Deus Ex HR 2011-08-29 02:10 . 2011-08-29 02:10 -------- d-----w- c:\program files\VIA 2011-08-29 02:09 . 2011-03-29 08:03 895600 ----a-w- c:\windows\system32\VIAPropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 524400 ----a-w- c:\windows\system32\VIASysFx.dll 2011-08-29 02:09 . 2011-03-29 08:03 78960 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 191600 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll 2011-08-29 02:09 . 2011-03-29 08:03 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe 2011-08-29 02:09 . 2011-03-29 08:03 106608 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 1804400 ----a-w- c:\windows\system32\drivers\viahduaa.sys 2011-08-29 02:09 . 2011-03-29 08:03 1021552 ----a-w- c:\windows\system32\ViaKaraokeApo.dll 2011-08-29 02:09 . 2011-03-29 08:03 82544 ----a-w- c:\windows\system32\Dts2PropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 218224 ----a-w- c:\windows\system32\Dts2APO.dll 2011-08-29 02:09 . 2007-12-04 09:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll 2011-08-29 02:09 . 2007-12-04 09:28 71680 ----a-w- c:\windows\system32\nQAPO.dll 2011-08-29 01:53 . 2011-08-29 01:53 -------- d-----w- c:\program files\ManyCam 2.4 2011-08-29 01:51 . 2009-08-20 22:04 189440 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2011-08-29 01:51 . 2009-07-22 16:24 94208 ----a-w- c:\windows\system32\RTNUninst32.dll 2011-08-29 01:51 . 2009-03-05 12:54 73728 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-08-29 01:50 . 2009-11-05 07:53 -------- d-----w- C:\RTL8112L_V768202009_WIN7 2011-08-29 01:36 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe 2011-08-29 01:04 . 2011-08-29 01:04 -------- d-----w- c:\program files\HashTab Shell Extension 2011-08-29 01:01 . 2011-08-29 01:01 -------- d-----w- c:\program files\7-Zip 2011-08-29 00:13 . 2011-08-29 00:13 -------- d-----w- c:\programdata\LogiShrd 2011-08-29 00:13 . 2011-08-29 01:43 -------- d-----w- c:\program files\Logitech 2011-08-29 00:08 . 2011-08-29 00:13 -------- d-----w- c:\program files\Common Files\logishrd 2011-08-29 00:03 . 2011-06-15 08:55 86016 ----a-w- c:\windows\system32\odbccu32.dll 2011-08-29 00:01 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-08-29 00:01 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-08-29 00:01 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-08-29 00:01 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-08-28 23:59 . 2011-08-28 23:59 -------- d-----w- c:\program files\ESET 2011-08-28 23:51 . 2011-08-28 23:52 -------- d-----w- c:\program files\Black_Box 2011-08-28 22:36 . 2011-08-28 22:36 -------- d-----w- c:\program files\Megaupload 2011-08-28 22:03 . 2011-09-06 21:40 -------- d-----w- C:\RAPIDZ 2011-08-28 22:02 . 2011-09-06 21:39 -------- d-----w- c:\program files\RapidShareManager 2011-08-28 20:40 . 2011-08-28 20:41 -------- d-----w- C:\BTNext 2011-08-28 20:39 . 2011-08-28 20:45 -------- d-----w- c:\program files\BTNext Legacy 2011-08-28 03:14 . 2011-08-28 03:14 -------- d-----w- c:\program files\uTorrent 2011-08-28 00:17 . 2011-08-28 00:17 -------- d-----w- C:\BraCa Soft 2011-08-28 00:13 . 2011-08-28 00:13 -------- d-----w- c:\programdata\Sports Interactive 2011-08-28 00:10 . 2011-08-28 00:36 -------- d-----w- c:\program files\Sports Interactive 2011-08-28 00:10 . 2011-08-28 00:11 -------- d--h--w- c:\program files\Zero G Registry 2011-08-28 00:02 . 2011-08-28 00:02 -------- d-----w- c:\program files\DAEMON Tools Lite 2011-08-28 00:02 . 2011-09-06 22:03 -------- d-----w- c:\programdata\DAEMON Tools Lite 2011-08-27 23:32 . 2011-07-16 14:17 151552 ----a-w- c:\windows\system32\ac3acm.acm 2011-08-27 23:32 . 2011-06-24 14:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll 2011-08-27 23:32 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll 2011-08-27 23:32 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll 2011-08-27 23:32 . 2010-11-03 18:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll 2011-08-27 23:32 . 2008-09-24 18:41 839680 ----a-w- c:\windows\system32\lameACM.acm 2011-08-27 23:32 . 2011-08-08 08:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll 2011-08-27 23:32 . 2011-08-27 23:32 -------- d-----w- c:\program files\K-Lite Codec Pack 2011-08-27 23:27 . 2011-08-29 02:11 -------- d--h--w- c:\program files\InstallShield Installation Information 2011-08-27 23:27 . 2011-08-29 01:51 -------- d-----w- c:\program files\Realtek 2011-08-27 23:27 . 2011-08-28 21:16 -------- d--h--w- c:\program files\Temp 2011-08-27 23:27 . 2011-07-11 12:17 1698408 ----a-w- c:\windows\RtlExUpd.dll 2011-08-27 23:26 . 2011-08-29 02:10 -------- d-----w- c:\program files\Common Files\InstallShield 2011-08-27 23:12 . 2011-08-27 23:12 -------- d-----r- c:\program files\Skype 2011-08-27 23:12 . 2011-08-27 23:12 -------- d-----w- c:\programdata\Skype 2011-08-27 22:20 . 2011-08-27 22:20 -------- d-----w- c:\programdata\Malwarebytes 2011-08-27 22:17 . 2011-08-27 22:17 -------- d-----w- c:\programdata\ATI 2011-08-27 22:16 . 2011-08-27 22:16 0 ----a-w- c:\windows\ativpsrm.bin 2011-08-27 22:13 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2011-08-27 22:13 . 2011-08-27 22:13 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2011-08-27 22:12 . 2011-08-27 22:12 -------- d-----w- c:\program files\Microsoft 2011-08-27 22:12 . 2011-08-27 22:12 -------- d-----w- c:\program files\Windows Live SkyDrive 2011-08-27 22:12 . 2011-08-27 22:13 -------- d-----w- c:\program files\Windows Live 2011-08-27 22:12 . 2011-08-27 22:12 -------- d-----w- c:\windows\PCHEALTH 2011-08-27 22:09 . 2011-08-27 22:09 -------- d-----w- c:\program files\Common Files\Windows Live 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\AMD APP 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\Common Files\ATI Technologies 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\ATI Technologies 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\ATI 2011-08-27 22:05 . 2011-08-27 22:05 -------- d-----w- C:\ATI 2011-08-27 21:23 . 2011-08-28 00:09 -------- d-----w- c:\users\Steffa 2011-08-27 21:23 . 2011-08-28 00:02 443448 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-08-27 21:22 . 2011-08-30 01:18 -------- d-----w- c:\program files\Microsoft Silverlight 2011-08-27 21:22 . 2011-08-27 21:22 -------- d-----w- c:\windows\system32\Adobe 2011-08-27 21:22 . 2011-08-27 21:22 -------- d-----w- c:\program files\PlayReady 2011-08-27 21:22 . 2011-08-27 21:22 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-08-27 21:22 . 2011-08-27 21:22 -------- d-----w- c:\program files\Java 2011-08-27 21:19 . 2011-09-06 22:12 -------- d-sh--w- c:\windows\Installer 2011-08-27 21:19 . 2011-08-27 21:19 -------- d-----w- c:\windows\system32\Macromed 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Sjablonen 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Mijn documenten 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Menu Start 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Sjablonen 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Menu Start 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Favorieten 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Documenten 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Bureaublad 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-----w- C:\Recovery 2011-08-27 20:56 . 2011-08-27 21:23 -------- d-----w- c:\windows\Panther . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-31 06:51 . 2011-07-31 06:51 65536 ----a-w- c:\windows\system32\frapsvid.dll 2011-07-28 22:22 . 2011-07-28 22:22 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\system32\atioglxx.dll 2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe 2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\system32\aticfx32.dll 2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll 2011-07-28 21:35 . 2011-07-28 21:35 401408 ----a-w- c:\windows\system32\atieclxx.exe 2011-07-28 21:35 . 2011-07-28 21:35 176128 ----a-w- c:\windows\system32\atiesrxx.exe 2011-07-28 21:34 . 2011-07-28 21:34 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2011-07-28 21:33 . 2011-07-28 21:33 356352 ----a-w- c:\windows\system32\atipdlxx.dll 2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\system32\Oemdspif.dll 2011-07-28 21:33 . 2011-07-28 21:33 20992 ----a-w- c:\windows\system32\atimuixx.dll 2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2011-07-28 21:30 . 2011-07-28 21:30 4198912 ----a-w- c:\windows\system32\atidxx32.dll 2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\system32\aticalrt.dll 2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\system32\aticalcl.dll 2011-07-28 21:09 . 2011-07-28 21:09 4256768 ----a-w- c:\windows\system32\atiumdag.dll 2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\system32\aticaldd.dll 2011-07-28 21:03 . 2011-07-28 21:03 4056064 ----a-w- c:\windows\system32\atiumdva.dll 2011-07-28 21:01 . 2011-07-28 21:01 52736 ----a-w- c:\windows\system32\coinst.dll 2011-07-28 20:54 . 2011-07-28 20:54 266240 ----a-w- c:\windows\system32\atiadlxx.dll 2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll 2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\system32\atigktxx.dll 2011-07-28 20:53 . 2011-07-28 20:53 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\system32\atiuxpag.dll 2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\system32\atiu9pag.dll 2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\atimpc32.dll 2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\amdpcom32.dll 2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\system32\OVDecode.dll 2011-07-28 15:48 . 2011-07-28 15:48 43520 ----a-w- c:\windows\system32\OpenCL.dll 2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\system32\amdocl.dll 2011-06-16 01:34 . 2011-06-16 01:34 79872 ----a-w- c:\windows\system32\SlotMaximizerAg.dll 2011-06-16 01:34 . 2011-06-16 01:34 2117632 ----a-w- c:\windows\system32\SlotMaximizerBe.dll 2011-08-28 21:50 . 2011-08-28 21:50 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-08-18 17360520] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912] "Mega Manager"="c:\program files\Megaupload\Mega Manager\MegaManager.exe" [2011-07-29 2113536] "ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe" [2010-04-21 1824040] "Steam"="c:\program files\Steam\Steam.exe" [2011-09-04 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-04-06 2154096] . c:\users\Steffa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech . Productregistratie.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "FilterAdministratorToken"= 1 (0x1) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384] S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-03-29 27760] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-06-06 211984] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 1804400] . . Inhoud van de 'Gedeelde Taken' map . 2011-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000Core.job - c:\users\Steffa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-28 21:57] . 2011-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000UA.job - c:\users\Steffa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-28 21:57] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 FF - ProfilePath - c:\users\Steffa\AppData\Roaming\Mozilla\Firefox\Profiles\rn7sy827.default\ FF - prefs.js: network.proxy.ftp - 143.215.131.206 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - 143.215.131.206 FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - 143.215.131.206 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 143.215.131.206 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 143.215.131.206 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll Toolbar-Locked - (no file) Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll AddRemove-{173F2B02-2AAA-414F-A2D8-44870BB98F7A} - c:\program files (x86)\InstallShield Installation Information\{173F2B02-2AAA-414F-A2D8-44870BB98F7A}\setup.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\atieclxx.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\system32\taskmgr.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2011-09-08 17:17:49 - machine werd herstart ComboFix-quarantined-files.txt 2011-09-08 15:17 . Pre-Run: 510.848.831.488 bytes beschikbaar Post-Run: 511.573.377.024 bytes beschikbaar . - - End Of File - - 5A8C4D0D55C67C48EC8BEEB5AE8DDE31 [/code:1:1ecb4790ab] Alstu!
  • Wil jij in het vervolg de logs gewoon in jouw bericht posten en niet als "code". Da is een en ander iets duidelijker te lezen namelijk. Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:9f0766120a]Kladblok[/b:9f0766120a]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:9f0766120a][color=Blue:9f0766120a]Firefox:: FF - prefs.js: network.proxy.ftp - 143.215.131.206 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - 143.215.131.206 FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - 143.215.131.206 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 143.215.131.206 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 143.215.131.206 FF - prefs.js: network.proxy.ssl_port - 3128 [/color:9f0766120a][/b:9f0766120a] Sla dit kladblokbestand op je bureaublad op als [b:9f0766120a]CFScript.txt[/b:9f0766120a]. [b:9f0766120a][color=Red:9f0766120a]Nu eerst de antivirus deaktiveren![/color:9f0766120a][/b:9f0766120a] Sleep CFScript.txt in ComboFix.exe [img:9f0766120a]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:9f0766120a] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix-log dat na het opnieuw starten wordt getoond via de kleurcodeerder!
  • ComboFix 11-09-08.03 - Steffa 08-09-2011 19:55:26.2.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3063.1709 [GMT 2:00] Gestart vanuit: c:\users\Steffa\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Steffa\Desktop\CFScript.txt AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-08 to 2011-09-08 )))))))))))))))))))))))))))))) . . 2011-09-08 17:58 . 2011-09-08 17:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-07 14:49 . 2011-09-07 15:38 -------- d-----w- C:\Lop SD 2011-09-07 14:48 . 2011-09-07 14:48 -------- d-----w- C:\MGADiagToolOutput 2011-09-07 14:47 . 2011-09-07 14:47 -------- d-----w- c:\programdata\Office Genuine Advantage 2011-09-06 22:12 . 2011-09-06 22:12 -------- d-----w- c:\program files\Trend Micro 2011-09-06 21:57 . 2011-09-06 21:57 -------- d-----w- c:\program files\CCleaner 2011-09-06 21:48 . 2011-09-06 21:48 -------- d-----w- c:\users\Nine or ten 2011-09-04 18:54 . 2011-09-04 21:54 -------- d-----w- c:\program files\Common Files\Steam 2011-09-04 18:54 . 2011-09-08 15:43 -------- d-----w- c:\program files\Steam 2011-09-04 13:08 . 2011-09-04 13:08 -------- d-----w- c:\program files\Lame For Audacity 2011-09-04 13:02 . 2011-09-04 13:02 -------- d-----w- c:\program files\Audacity 1.3 Beta 2011-09-03 20:51 . 2011-09-07 21:01 -------- d-----w- c:\program files\mIRC 2011-09-01 09:59 . 2011-09-01 09:59 -------- d-----w- c:\program files\Cheat Engine 6.1 2011-08-31 18:11 . 2011-08-31 18:11 -------- d-----w- C:\Fraps 2011-08-30 01:01 . 2011-08-30 01:01 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2011-08-29 02:39 . 2011-08-29 02:46 -------- d-----w- c:\program files\Deus Ex HR 2011-08-29 02:10 . 2011-08-29 02:10 -------- d-----w- c:\program files\VIA 2011-08-29 02:09 . 2011-03-29 08:03 895600 ----a-w- c:\windows\system32\VIAPropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 524400 ----a-w- c:\windows\system32\VIASysFx.dll 2011-08-29 02:09 . 2011-03-29 08:03 78960 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 191600 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll 2011-08-29 02:09 . 2011-03-29 08:03 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe 2011-08-29 02:09 . 2011-03-29 08:03 106608 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 1804400 ----a-w- c:\windows\system32\drivers\viahduaa.sys 2011-08-29 02:09 . 2011-03-29 08:03 1021552 ----a-w- c:\windows\system32\ViaKaraokeApo.dll 2011-08-29 02:09 . 2011-03-29 08:03 82544 ----a-w- c:\windows\system32\Dts2PropPageExt.dll 2011-08-29 02:09 . 2011-03-29 08:03 218224 ----a-w- c:\windows\system32\Dts2APO.dll 2011-08-29 02:09 . 2007-12-04 09:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll 2011-08-29 02:09 . 2007-12-04 09:28 71680 ----a-w- c:\windows\system32\nQAPO.dll 2011-08-29 01:53 . 2011-08-29 01:53 -------- d-----w- c:\program files\ManyCam 2.4 2011-08-29 01:51 . 2009-08-20 22:04 189440 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2011-08-29 01:51 . 2009-07-22 16:24 94208 ----a-w- c:\windows\system32\RTNUninst32.dll 2011-08-29 01:51 . 2009-03-05 12:54 73728 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-08-29 01:50 . 2009-11-05 07:53 -------- d-----w- C:\RTL8112L_V768202009_WIN7 2011-08-29 01:36 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe 2011-08-29 01:04 . 2011-08-29 01:04 -------- d-----w- c:\program files\HashTab Shell Extension 2011-08-29 01:01 . 2011-08-29 01:01 -------- d-----w- c:\program files\7-Zip 2011-08-29 00:13 . 2011-08-29 00:13 -------- d-----w- c:\programdata\LogiShrd 2011-08-29 00:13 . 2011-08-29 01:43 -------- d-----w- c:\program files\Logitech 2011-08-29 00:08 . 2011-08-29 00:13 -------- d-----w- c:\program files\Common Files\logishrd 2011-08-29 00:03 . 2011-06-15 08:55 86016 ----a-w- c:\windows\system32\odbccu32.dll 2011-08-29 00:01 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-08-29 00:01 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-08-29 00:01 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-08-29 00:01 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-08-28 23:59 . 2011-08-28 23:59 -------- d-----w- c:\program files\ESET 2011-08-28 23:51 . 2011-08-28 23:52 -------- d-----w- c:\program files\Black_Box 2011-08-28 22:36 . 2011-08-28 22:36 -------- d-----w- c:\program files\Megaupload 2011-08-28 22:03 . 2011-09-06 21:40 -------- d-----w- C:\RAPIDZ 2011-08-28 22:02 . 2011-09-06 21:39 -------- d-----w- c:\program files\RapidShareManager 2011-08-28 20:40 . 2011-08-28 20:41 -------- d-----w- C:\BTNext 2011-08-28 20:39 . 2011-08-28 20:45 -------- d-----w- c:\program files\BTNext Legacy 2011-08-28 03:14 . 2011-08-28 03:14 -------- d-----w- c:\program files\uTorrent 2011-08-28 00:17 . 2011-08-28 00:17 -------- d-----w- C:\BraCa Soft 2011-08-28 00:13 . 2011-08-28 00:13 -------- d-----w- c:\programdata\Sports Interactive 2011-08-28 00:10 . 2011-08-28 00:36 -------- d-----w- c:\program files\Sports Interactive 2011-08-28 00:10 . 2011-08-28 00:11 -------- d--h--w- c:\program files\Zero G Registry 2011-08-28 00:02 . 2011-08-28 00:02 -------- d-----w- c:\program files\DAEMON Tools Lite 2011-08-28 00:02 . 2011-09-06 22:03 -------- d-----w- c:\programdata\DAEMON Tools Lite 2011-08-27 23:32 . 2011-07-16 14:17 151552 ----a-w- c:\windows\system32\ac3acm.acm 2011-08-27 23:32 . 2011-06-24 14:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll 2011-08-27 23:32 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll 2011-08-27 23:32 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll 2011-08-27 23:32 . 2010-11-03 18:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll 2011-08-27 23:32 . 2008-09-24 18:41 839680 ----a-w- c:\windows\system32\lameACM.acm 2011-08-27 23:32 . 2011-08-08 08:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll 2011-08-27 23:32 . 2011-08-27 23:32 -------- d-----w- c:\program files\K-Lite Codec Pack 2011-08-27 23:27 . 2011-08-29 02:11 -------- d--h--w- c:\program files\InstallShield Installation Information 2011-08-27 23:27 . 2011-08-29 01:51 -------- d-----w- c:\program files\Realtek 2011-08-27 23:27 . 2011-08-28 21:16 -------- d--h--w- c:\program files\Temp 2011-08-27 23:27 . 2011-07-11 12:17 1698408 ----a-w- c:\windows\RtlExUpd.dll 2011-08-27 23:26 . 2011-08-29 02:10 -------- d-----w- c:\program files\Common Files\InstallShield 2011-08-27 23:12 . 2011-08-27 23:12 -------- d-----r- c:\program files\Skype 2011-08-27 23:12 . 2011-08-27 23:12 -------- d-----w- c:\programdata\Skype 2011-08-27 22:20 . 2011-08-27 22:20 -------- d-----w- c:\programdata\Malwarebytes 2011-08-27 22:17 . 2011-08-27 22:17 -------- d-----w- c:\programdata\ATI 2011-08-27 22:16 . 2011-08-27 22:16 0 ----a-w- c:\windows\ativpsrm.bin 2011-08-27 22:13 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2011-08-27 22:13 . 2011-08-27 22:13 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2011-08-27 22:12 . 2011-08-27 22:12 -------- d-----w- c:\program files\Microsoft 2011-08-27 22:12 . 2011-08-27 22:12 -------- d-----w- c:\program files\Windows Live SkyDrive 2011-08-27 22:12 . 2011-08-27 22:13 -------- d-----w- c:\program files\Windows Live 2011-08-27 22:12 . 2011-08-27 22:12 -------- d-----w- c:\windows\PCHEALTH 2011-08-27 22:09 . 2011-08-27 22:09 -------- d-----w- c:\program files\Common Files\Windows Live 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\AMD APP 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\Common Files\ATI Technologies 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\ATI Technologies 2011-08-27 22:06 . 2011-08-27 22:06 -------- d-----w- c:\program files\ATI 2011-08-27 22:05 . 2011-08-27 22:05 -------- d-----w- C:\ATI 2011-08-27 21:23 . 2011-08-28 00:09 -------- d-----w- c:\users\Steffa 2011-08-27 21:23 . 2011-08-28 00:02 443448 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-08-27 21:22 . 2011-08-30 01:18 -------- d-----w- c:\program files\Microsoft Silverlight 2011-08-27 21:22 . 2011-08-27 21:22 -------- d-----w- c:\windows\system32\Adobe 2011-08-27 21:22 . 2011-08-27 21:22 -------- d-----w- c:\program files\PlayReady 2011-08-27 21:22 . 2011-08-27 21:22 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-08-27 21:22 . 2011-08-27 21:22 -------- d-----w- c:\program files\Java 2011-08-27 21:19 . 2011-09-06 22:12 -------- d-sh--w- c:\windows\Installer 2011-08-27 21:19 . 2011-08-27 21:19 -------- d-----w- c:\windows\system32\Macromed 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Sjablonen 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Mijn documenten 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\Menu Start 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Sjablonen 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Menu Start 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Favorieten 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Documenten 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-sh--we c:\programdata\Bureaublad 2011-08-27 21:18 . 2011-08-27 21:18 -------- d-----w- C:\Recovery 2011-08-27 20:56 . 2011-08-27 21:23 -------- d-----w- c:\windows\Panther . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-31 06:51 . 2011-07-31 06:51 65536 ----a-w- c:\windows\system32\frapsvid.dll 2011-07-28 22:22 . 2011-07-28 22:22 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\system32\atioglxx.dll 2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe 2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\system32\aticfx32.dll 2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll 2011-07-28 21:35 . 2011-07-28 21:35 401408 ----a-w- c:\windows\system32\atieclxx.exe 2011-07-28 21:35 . 2011-07-28 21:35 176128 ----a-w- c:\windows\system32\atiesrxx.exe 2011-07-28 21:34 . 2011-07-28 21:34 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2011-07-28 21:33 . 2011-07-28 21:33 356352 ----a-w- c:\windows\system32\atipdlxx.dll 2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\system32\Oemdspif.dll 2011-07-28 21:33 . 2011-07-28 21:33 20992 ----a-w- c:\windows\system32\atimuixx.dll 2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2011-07-28 21:30 . 2011-07-28 21:30 4198912 ----a-w- c:\windows\system32\atidxx32.dll 2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\system32\aticalrt.dll 2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\system32\aticalcl.dll 2011-07-28 21:09 . 2011-07-28 21:09 4256768 ----a-w- c:\windows\system32\atiumdag.dll 2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\system32\aticaldd.dll 2011-07-28 21:03 . 2011-07-28 21:03 4056064 ----a-w- c:\windows\system32\atiumdva.dll 2011-07-28 21:01 . 2011-07-28 21:01 52736 ----a-w- c:\windows\system32\coinst.dll 2011-07-28 20:54 . 2011-07-28 20:54 266240 ----a-w- c:\windows\system32\atiadlxx.dll 2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll 2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\system32\atigktxx.dll 2011-07-28 20:53 . 2011-07-28 20:53 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\system32\atiuxpag.dll 2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\system32\atiu9pag.dll 2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\atimpc32.dll 2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\amdpcom32.dll 2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\system32\OVDecode.dll 2011-07-28 15:48 . 2011-07-28 15:48 43520 ----a-w- c:\windows\system32\OpenCL.dll 2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\system32\amdocl.dll 2011-06-16 01:34 . 2011-06-16 01:34 79872 ----a-w- c:\windows\system32\SlotMaximizerAg.dll 2011-06-16 01:34 . 2011-06-16 01:34 2117632 ----a-w- c:\windows\system32\SlotMaximizerBe.dll 2011-08-28 21:50 . 2011-08-28 21:50 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-08-18 17360520] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912] "Mega Manager"="c:\program files\Megaupload\Mega Manager\MegaManager.exe" [2011-07-29 2113536] "ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe" [2010-04-21 1824040] "Steam"="c:\program files\Steam\Steam.exe" [2011-09-04 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-04-06 2154096] . c:\users\Steffa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech . Productregistratie.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "FilterAdministratorToken"= 1 (0x1) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384] S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-03-29 27760] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-06-06 211984] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 1804400] . . Inhoud van de 'Gedeelde Taken' map . 2011-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000Core.job - c:\users\Steffa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-28 21:57] . 2011-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1277582859-287793874-3685577647-1000UA.job - c:\users\Steffa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-28 21:57] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 FF - ProfilePath - c:\users\Steffa\AppData\Roaming\Mozilla\Firefox\Profiles\rn7sy827.default\ FF - prefs.js: network.proxy.ftp - 143.215.131.206 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - 143.215.131.206 FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - 143.215.131.206 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 143.215.131.206 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 143.215.131.206 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-09-08 19:59:33 ComboFix-quarantined-files.txt 2011-09-08 17:59 ComboFix2.txt 2011-09-08 15:17 . Pre-Run: 511.438.479.360 bytes beschikbaar Post-Run: 511.326.482.432 bytes beschikbaar . - - End Of File - - 82C045BD31D31E06ABBF05E96F9210D5 PS: De foutmelding in IE luidt: (Bestandsnaam) van (servernaam) kan niet worden gedownload. Het gegevensgebied dat aan een systeemoproep is doorgegeven, is te klein.
  • Doe het volgende: [b:3407b49ea8][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:3407b49ea8] [list:3407b49ea8] [*:3407b49ea8]Klik op de knop [b:3407b49ea8]ESET Online Scanner[/b:3407b49ea8] [*:3407b49ea8]Zet een vinkje bij [b:3407b49ea8]YES, I accept the Terms of Use[/b:3407b49ea8] [*:3407b49ea8]Klik op [b:3407b49ea8]Start[/b:3407b49ea8] [*:3407b49ea8]Sta het ActiveX control toe om te installeren. [*:3407b49ea8]Zet een vinkje bij de volgende opties: [list:3407b49ea8][*:3407b49ea8][b:3407b49ea8]Remove found threats[/b:3407b49ea8] [*:3407b49ea8][b:3407b49ea8]Scan archives[/b:3407b49ea8][/list:u:3407b49ea8] [*:3407b49ea8]Klik vervolgens op [b:3407b49ea8][COLOR="Blue"]"Advanced Settings"[/COLOR][/b:3407b49ea8] [list:3407b49ea8][*:3407b49ea8][b:3407b49ea8]Scan for potentially unwanted applications[/b:3407b49ea8] [*:3407b49ea8][b:3407b49ea8]Scan for potentially unsafe applications[/b:3407b49ea8] [*:3407b49ea8][b:3407b49ea8]Enable Anti-Stealth technology [/b:3407b49ea8][/list:u:3407b49ea8] [*:3407b49ea8]Klik op [b:3407b49ea8]Start[/b:3407b49ea8] [*:3407b49ea8]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:3407b49ea8]is de scan klaar, klik dan op [b:3407b49ea8][COLOR="Blue"]> List of found threats[/COLOR][/b:3407b49ea8] [*:3407b49ea8]Klik vervolgens op [COLOR="Blue"][b:3407b49ea8]> Export to text file....[/b:3407b49ea8][/COLOR] [*:3407b49ea8]Als opslaglokatie Bureaublad en geef het kladblokbestand een duidelijke titel. [*:3407b49ea8]Daarna mag jij het venster sluiten omdat de scan klaar is. [*:3407b49ea8]Open vervolgens het log dat op je bureaublad staat. [*:3407b49ea8]En kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:3407b49ea8] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Ik volg alles wat je zegt, maar ik krijg dit: [img:72848f07c2]http://i51.tinypic.com/2ijrd6o.png[/img:72848f07c2] Ook in Firefox scanned hij 0 files. PS: De foutmelding in IE luidt (Van mijn download probleem): (Bestandsnaam) van (servernaam) kan niet worden gedownload. Het gegevensgebied dat aan een systeemoproep is doorgegeven, is te klein. Dus FireFox en IE geven allebij een andere foutmelding aan.
  • Het is een heel apart probleem dat jij hebt. Daarom nu graag aandacht voor het volgende: [color=#FF0000:0443f92cd1][b:0443f92cd1]Stap •1•[/b:0443f92cd1][/color:0443f92cd1] [[b:0443f92cd1]Welk programma[/b:0443f92cd1]: Kaspersky [b:0443f92cd1]TDSSKiller[/b:0443f92cd1] [b:0443f92cd1]Waarvoor/waarom[/b:0443f92cd1]: Rootkitscanner [b:0443f92cd1]Moeilijkheidsgraad[/b:0443f92cd1]: geen [b:0443f92cd1]Downloadlokatie[/b:0443f92cd1]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:0443f92cd1]Download[/b:0443f92cd1] [b:0443f92cd1]TDSSKiller[/b:0443f92cd1] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:0443f92cd1]hier[/b:0443f92cd1][/url]. [b:0443f92cd1]Installatie[/b:0443f92cd1]: [list:0443f92cd1][*:0443f92cd1] pak het bestand uit op je bureaublad.[/list:u:0443f92cd1] [b:0443f92cd1]TDSSKiller gebruiken[/b:0443f92cd1]: [list:0443f92cd1][*:0443f92cd1]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:0443f92cd1]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:0443f92cd1]Als Administrator uitvoeren[/b:0443f92cd1]. [*:0443f92cd1]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:0443f92cd1] [img:0443f92cd1]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:0443f92cd1] [list:0443f92cd1][*:0443f92cd1]Klik vervolgens op de knop [b:0443f92cd1]"Start Scan"[/b:0443f92cd1] en volg de instructies. [*:0443f92cd1] Nadat de scan klaar is klik je op de knop [b:0443f92cd1]"Report"[/b:0443f92cd1]. [*:0443f92cd1]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:0443f92cd1][*:0443f92cd1][b:0443f92cd1]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:0443f92cd1] [*:0443f92cd1]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:0443f92cd1]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:0443f92cd1][/list:u:0443f92cd1][/list:u:0443f92cd1] [color=#FF0000:0443f92cd1][b:0443f92cd1]Stap •2•[/b:0443f92cd1][/color:0443f92cd1] [b:0443f92cd1]Welk programma[/b:0443f92cd1]: "aswMBR.exe' [b:0443f92cd1]Waarvoor/waarom[/b:0443f92cd1]: MBR-Rootkitscanner [b:0443f92cd1]Moeilijkheidsgraad[/b:0443f92cd1]: geen [b:0443f92cd1]Downloadlokatie[/b:0443f92cd1]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:0443f92cd1]Download[/b:0443f92cd1] [b:0443f92cd1]aswMBR.exe[/b:0443f92cd1] [url=http://public.avast.com/~gmerek/aswMBR.exe][b:0443f92cd1]hier[/b:0443f92cd1][/url]. [b:0443f92cd1]aswMBR.exe gebruiken[/b:0443f92cd1]: [list:0443f92cd1][*:0443f92cd1]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe". [*:0443f92cd1]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:0443f92cd1]Als Administrator uitvoeren[/b:0443f92cd1].[/list:u:0443f92cd1] [img:0443f92cd1]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:0443f92cd1] [list:0443f92cd1][*:0443f92cd1] Klik nu in het zwarte scherm op de knop [b:0443f92cd1]Scan[/b:0443f92cd1] [*:0443f92cd1] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:0443f92cd1]Save log[/b:0443f92cd1][/list:u:0443f92cd1] [img:0443f92cd1]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:0443f92cd1] [list:0443f92cd1][*:0443f92cd1] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen. [*:0443f92cd1] Tevens vindt je nu op het bureaublad ook het bestand [b:0443f92cd1]MBR.dat[/b:0443f92cd1]! [*:0443f92cd1] [b:0443f92cd1]MBR.dat[/b:0443f92cd1] is een backupbestand, bewaar dat dus voorlopig. [*:0443f92cd1] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:0443f92cd1]aswMBR.txt[/b:0443f92cd1] [*:0443f92cd1] Post de inhoud van [b:0443f92cd1]aswMBR.txt[/b:0443f92cd1] in jouw volgende bericht.[/list:u:0443f92cd1] [color=#FF0000:0443f92cd1][b:0443f92cd1]Stap •3•[/b:0443f92cd1][/color:0443f92cd1] [b:0443f92cd1]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:0443f92cd1] [list:0443f92cd1][*:0443f92cd1] TDSSKiller-log [*:0443f92cd1] aswMBR.txt-log [/list:u:0443f92cd1]
  • 2011/09/09 17:44:35.0365 5196 TDSS rootkit removing tool 2.5.20.0 Sep 7 2011 16:44:34 2011/09/09 17:44:35.0410 5196 ================================================================================ 2011/09/09 17:44:35.0410 5196 SystemInfo: 2011/09/09 17:44:35.0410 5196 2011/09/09 17:44:35.0410 5196 OS Version: 6.1.7601 ServicePack: 1.0 2011/09/09 17:44:35.0410 5196 Product type: Workstation 2011/09/09 17:44:35.0410 5196 ComputerName: COBAINMACHINEEE 2011/09/09 17:44:35.0411 5196 UserName: Steffa 2011/09/09 17:44:35.0411 5196 Windows directory: C:\Windows 2011/09/09 17:44:35.0411 5196 System windows directory: C:\Windows 2011/09/09 17:44:35.0411 5196 Processor architecture: Intel x86 2011/09/09 17:44:35.0411 5196 Number of processors: 4 2011/09/09 17:44:35.0411 5196 Page size: 0x1000 2011/09/09 17:44:35.0411 5196 Boot type: Normal boot 2011/09/09 17:44:35.0411 5196 ================================================================================ 2011/09/09 17:44:36.0841 5196 Initialize success 2011/09/09 17:45:16.0635 9896 ================================================================================ 2011/09/09 17:45:16.0635 9896 Scan started 2011/09/09 17:45:16.0635 9896 Mode: Manual; 2011/09/09 17:45:16.0635 9896 ================================================================================ 2011/09/09 17:45:17.0770 9896 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/09/09 17:45:17.0812 9896 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 2011/09/09 17:45:17.0838 9896 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 2011/09/09 17:45:17.0880 9896 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys 2011/09/09 17:45:17.0922 9896 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys 2011/09/09 17:45:17.0952 9896 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys 2011/09/09 17:45:18.0023 9896 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 2011/09/09 17:45:18.0098 9896 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 2011/09/09 17:45:18.0145 9896 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys 2011/09/09 17:45:18.0196 9896 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 2011/09/09 17:45:18.0243 9896 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 2011/09/09 17:45:18.0279 9896 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 2011/09/09 17:45:18.0319 9896 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys 2011/09/09 17:45:18.0466 9896 amdkmdag (68d791d78454684340433e52059eb45e) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/09/09 17:45:18.0534 9896 amdkmdap (96cd7053a516c30e61a05df9757da7de) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/09/09 17:45:18.0579 9896 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys 2011/09/09 17:45:18.0655 9896 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 2011/09/09 17:45:18.0689 9896 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys 2011/09/09 17:45:18.0722 9896 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 2011/09/09 17:45:18.0770 9896 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 2011/09/09 17:45:18.0831 9896 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys 2011/09/09 17:45:18.0861 9896 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys 2011/09/09 17:45:18.0912 9896 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/09/09 17:45:18.0946 9896 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 2011/09/09 17:45:18.0999 9896 AtiHDAudioService (84faf3d287d56d210f84db7c1349d43b) C:\Windows\system32\drivers\AtihdW73.sys 2011/09/09 17:45:19.0061 9896 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys 2011/09/09 17:45:19.0099 9896 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/09/09 17:45:19.0152 9896 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/09/09 17:45:19.0194 9896 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/09/09 17:45:19.0235 9896 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 2011/09/09 17:45:19.0277 9896 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys 2011/09/09 17:45:19.0297 9896 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys 2011/09/09 17:45:19.0323 9896 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/09/09 17:45:19.0343 9896 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/09/09 17:45:19.0368 9896 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/09/09 17:45:19.0382 9896 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/09/09 17:45:19.0407 9896 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys 2011/09/09 17:45:19.0514 9896 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/09/09 17:45:19.0562 9896 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 2011/09/09 17:45:19.0611 9896 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys 2011/09/09 17:45:19.0639 9896 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/09/09 17:45:19.0677 9896 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys 2011/09/09 17:45:19.0706 9896 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 2011/09/09 17:45:19.0743 9896 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/09/09 17:45:19.0770 9896 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys 2011/09/09 17:45:19.0807 9896 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/09/09 17:45:19.0844 9896 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys 2011/09/09 17:45:19.0894 9896 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 2011/09/09 17:45:19.0942 9896 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 2011/09/09 17:45:19.0972 9896 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/09/09 17:45:20.0009 9896 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys 2011/09/09 17:45:20.0038 9896 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys 2011/09/09 17:45:20.0102 9896 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/09/09 17:45:20.0139 9896 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 2011/09/09 17:45:20.0254 9896 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys 2011/09/09 17:45:20.0335 9896 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys 2011/09/09 17:45:20.0444 9896 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys 2011/09/09 17:45:20.0506 9896 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys 2011/09/09 17:45:20.0560 9896 epfwwfpr (ddb45f6371714601a43e8be38145be18) C:\Windows\system32\DRIVERS\epfwwfpr.sys 2011/09/09 17:45:20.0598 9896 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 2011/09/09 17:45:20.0645 9896 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/09/09 17:45:20.0676 9896 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/09/09 17:45:20.0723 9896 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys 2011/09/09 17:45:20.0770 9896 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/09/09 17:45:20.0802 9896 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/09/09 17:45:20.0830 9896 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys 2011/09/09 17:45:20.0865 9896 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/09/09 17:45:20.0901 9896 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/09/09 17:45:20.0927 9896 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/09/09 17:45:20.0964 9896 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 2011/09/09 17:45:21.0011 9896 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys 2011/09/09 17:45:21.0046 9896 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/09/09 17:45:21.0105 9896 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 2011/09/09 17:45:21.0161 9896 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/09/09 17:45:21.0186 9896 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys 2011/09/09 17:45:21.0218 9896 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys 2011/09/09 17:45:21.0261 9896 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys 2011/09/09 17:45:21.0299 9896 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 2011/09/09 17:45:21.0344 9896 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 2011/09/09 17:45:21.0391 9896 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 2011/09/09 17:45:21.0433 9896 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 2011/09/09 17:45:21.0468 9896 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 2011/09/09 17:45:21.0514 9896 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 2011/09/09 17:45:21.0547 9896 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys 2011/09/09 17:45:21.0583 9896 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 2011/09/09 17:45:21.0621 9896 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/09/09 17:45:21.0651 9896 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/09/09 17:45:21.0693 9896 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 2011/09/09 17:45:21.0721 9896 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/09/09 17:45:21.0768 9896 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/09/09 17:45:21.0808 9896 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 2011/09/09 17:45:21.0862 9896 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 2011/09/09 17:45:21.0903 9896 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/09/09 17:45:21.0945 9896 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/09/09 17:45:21.0979 9896 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 2011/09/09 17:45:22.0003 9896 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 2011/09/09 17:45:22.0068 9896 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/09/09 17:45:22.0112 9896 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys 2011/09/09 17:45:22.0139 9896 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys 2011/09/09 17:45:22.0177 9896 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys 2011/09/09 17:45:22.0212 9896 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys 2011/09/09 17:45:22.0252 9896 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/09/09 17:45:22.0318 9896 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys 2011/09/09 17:45:22.0451 9896 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys 2011/09/09 17:45:22.0508 9896 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys 2011/09/09 17:45:22.0539 9896 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys 2011/09/09 17:45:22.0584 9896 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys 2011/09/09 17:45:22.0622 9896 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/09/09 17:45:22.0655 9896 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/09/09 17:45:22.0705 9896 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/09/09 17:45:22.0734 9896 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/09/09 17:45:22.0768 9896 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 2011/09/09 17:45:22.0794 9896 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 2011/09/09 17:45:22.0837 9896 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/09/09 17:45:22.0872 9896 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 2011/09/09 17:45:22.0907 9896 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/09/09 17:45:22.0937 9896 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/09/09 17:45:22.0961 9896 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/09/09 17:45:22.0994 9896 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 2011/09/09 17:45:23.0020 9896 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 2011/09/09 17:45:23.0059 9896 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/09/09 17:45:23.0094 9896 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/09/09 17:45:23.0134 9896 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 2011/09/09 17:45:23.0198 9896 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/09/09 17:45:23.0230 9896 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/09/09 17:45:23.0265 9896 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/09/09 17:45:23.0285 9896 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/09/09 17:45:23.0318 9896 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/09/09 17:45:23.0366 9896 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/09/09 17:45:23.0396 9896 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys 2011/09/09 17:45:23.0446 9896 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys 2011/09/09 17:45:23.0472 9896 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/09/09 17:45:23.0517 9896 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/09/09 17:45:23.0567 9896 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 2011/09/09 17:45:23.0615 9896 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/09/09 17:45:23.0646 9896 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/09/09 17:45:23.0668 9896 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/09/09 17:45:23.0694 9896 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/09/09 17:45:23.0729 9896 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 2011/09/09 17:45:23.0778 9896 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/09/09 17:45:23.0812 9896 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 2011/09/09 17:45:23.0877 9896 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys 2011/09/09 17:45:23.0913 9896 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/09/09 17:45:23.0945 9896 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/09/09 17:45:24.0009 9896 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 2011/09/09 17:45:24.0044 9896 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/09/09 17:45:24.0084 9896 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 2011/09/09 17:45:24.0123 9896 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 2011/09/09 17:45:24.0166 9896 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 2011/09/09 17:45:24.0197 9896 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 2011/09/09 17:45:24.0235 9896 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/09/09 17:45:24.0284 9896 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 2011/09/09 17:45:24.0319 9896 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/09/09 17:45:24.0347 9896 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 2011/09/09 17:45:24.0365 9896 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 2011/09/09 17:45:24.0399 9896 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys 2011/09/09 17:45:24.0431 9896 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/09/09 17:45:24.0463 9896 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/09/09 17:45:24.0552 9896 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/09/09 17:45:24.0582 9896 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys 2011/09/09 17:45:24.0635 9896 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/09/09 17:45:24.0686 9896 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys 2011/09/09 17:45:24.0739 9896 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys 2011/09/09 17:45:24.0777 9896 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/09/09 17:45:24.0804 9896 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/09/09 17:45:24.0844 9896 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/09/09 17:45:24.0872 9896 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/09/09 17:45:24.0916 9896 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/09/09 17:45:24.0940 9896 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/09/09 17:45:24.0966 9896 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 2011/09/09 17:45:25.0008 9896 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/09/09 17:45:25.0035 9896 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/09/09 17:45:25.0069 9896 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 2011/09/09 17:45:25.0106 9896 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/09/09 17:45:25.0147 9896 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/09/09 17:45:25.0200 9896 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 2011/09/09 17:45:25.0233 9896 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 2011/09/09 17:45:25.0274 9896 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 2011/09/09 17:45:25.0322 9896 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/09/09 17:45:25.0386 9896 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\Windows\system32\DRIVERS\Rt86win7.sys 2011/09/09 17:45:25.0435 9896 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 2011/09/09 17:45:25.0480 9896 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 2011/09/09 17:45:25.0512 9896 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 2011/09/09 17:45:25.0552 9896 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/09/09 17:45:25.0605 9896 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/09/09 17:45:25.0635 9896 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/09/09 17:45:25.0662 9896 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys 2011/09/09 17:45:25.0705 9896 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 2011/09/09 17:45:25.0731 9896 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 2011/09/09 17:45:25.0761 9896 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 2011/09/09 17:45:25.0790 9896 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys 2011/09/09 17:45:25.0827 9896 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 2011/09/09 17:45:25.0861 9896 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys 2011/09/09 17:45:25.0897 9896 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys 2011/09/09 17:45:25.0944 9896 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/09/09 17:45:25.0990 9896 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/09/09 17:45:26.0024 9896 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys 2011/09/09 17:45:26.0025 9896 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9 2011/09/09 17:45:26.0028 9896 sptd - detected LockedFile.Multi.Generic (1) 2011/09/09 17:45:26.0060 9896 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 2011/09/09 17:45:26.0093 9896 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 2011/09/09 17:45:26.0122 9896 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 2011/09/09 17:45:26.0194 9896 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys 2011/09/09 17:45:26.0247 9896 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 2011/09/09 17:45:26.0291 9896 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 2011/09/09 17:45:26.0315 9896 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2011/09/09 17:45:26.0341 9896 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys 2011/09/09 17:45:26.0412 9896 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys 2011/09/09 17:45:26.0470 9896 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys 2011/09/09 17:45:26.0501 9896 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/09/09 17:45:26.0539 9896 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 2011/09/09 17:45:26.0567 9896 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 2011/09/09 17:45:26.0599 9896 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 2011/09/09 17:45:26.0646 9896 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys 2011/09/09 17:45:26.0672 9896 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys 2011/09/09 17:45:26.0735 9896 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/09/09 17:45:26.0785 9896 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 2011/09/09 17:45:26.0810 9896 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys 2011/09/09 17:45:26.0826 9896 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys 2011/09/09 17:45:26.0863 9896 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 2011/09/09 17:45:26.0896 9896 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys 2011/09/09 17:45:26.0923 9896 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 2011/09/09 17:45:26.0976 9896 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 2011/09/09 17:45:27.0008 9896 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 2011/09/09 17:45:27.0032 9896 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys 2011/09/09 17:45:27.0090 9896 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys 2011/09/09 17:45:27.0127 9896 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/09/09 17:45:27.0197 9896 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 2011/09/09 17:45:27.0233 9896 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/09/09 17:45:27.0271 9896 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 2011/09/09 17:45:27.0306 9896 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 2011/09/09 17:45:27.0335 9896 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys 2011/09/09 17:45:27.0365 9896 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS 2011/09/09 17:45:27.0395 9896 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 2011/09/09 17:45:27.0455 9896 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys 2011/09/09 17:45:27.0500 9896 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 2011/09/09 17:45:27.0538 9896 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/09/09 17:45:27.0566 9896 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/09/09 17:45:27.0616 9896 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 2011/09/09 17:45:27.0659 9896 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 2011/09/09 17:45:27.0684 9896 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys 2011/09/09 17:45:27.0756 9896 VIAHdAudAddService (035f2f7ca447056c27dae74538de90d5) C:\Windows\system32\drivers\viahduaa.sys 2011/09/09 17:45:27.0784 9896 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 2011/09/09 17:45:27.0816 9896 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 2011/09/09 17:45:27.0832 9896 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 2011/09/09 17:45:27.0853 9896 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 2011/09/09 17:45:27.0899 9896 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/09/09 17:45:27.0933 9896 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 2011/09/09 17:45:27.0981 9896 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys 2011/09/09 17:45:28.0012 9896 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2011/09/09 17:45:28.0052 9896 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys 2011/09/09 17:45:28.0090 9896 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/09 17:45:28.0110 9896 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/09 17:45:28.0142 9896 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys 2011/09/09 17:45:28.0185 9896 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/09/09 17:45:28.0273 9896 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/09/09 17:45:28.0308 9896 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/09/09 17:45:28.0375 9896 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 2011/09/09 17:45:28.0431 9896 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/09/09 17:45:28.0479 9896 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 2011/09/09 17:45:28.0526 9896 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/09/09 17:45:28.0565 9896 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/09/09 17:45:28.0583 9896 Boot (0x1200) (c1589cec79da8b492340096facbd605c) \Device\Harddisk0\DR0\Partition0 2011/09/09 17:45:28.0590 9896 Boot (0x1200) (4fa072309c1ad5db9012bc0191c3e35d) \Device\Harddisk0\DR0\Partition1 2011/09/09 17:45:28.0620 9896 Boot (0x1200) (b1885a112894ddd3b1f7db4619997a37) \Device\Harddisk0\DR0\Partition2 2011/09/09 17:45:28.0624 9896 ================================================================================ 2011/09/09 17:45:28.0624 9896 Scan finished 2011/09/09 17:45:28.0624 9896 ================================================================================ 2011/09/09 17:45:28.0631 0340 Detected object count: 1 2011/09/09 17:45:28.0631 0340 Actual detected object count: 1 2011/09/09 17:45:38.0381 0340 LockedFile.Multi.Generic(sptd) - User select action: Skip 2011/09/09 17:45:43.0384 7000 ================================================================================ 2011/09/09 17:45:43.0384 7000 Scan started 2011/09/09 17:45:43.0384 7000 Mode: Manual; 2011/09/09 17:45:43.0384 7000 ================================================================================ 2011/09/09 17:45:43.0759 7000 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/09/09 17:45:43.0775 7000 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 2011/09/09 17:45:43.0801 7000 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 2011/09/09 17:45:43.0827 7000 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys 2011/09/09 17:45:43.0845 7000 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys 2011/09/09 17:45:43.0861 7000 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys 2011/09/09 17:45:43.0903 7000 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 2011/09/09 17:45:43.0928 7000 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 2011/09/09 17:45:43.0959 7000 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys 2011/09/09 17:45:43.0984 7000 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 2011/09/09 17:45:44.0001 7000 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 2011/09/09 17:45:44.0025 7000 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 2011/09/09 17:45:44.0049 7000 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys 2011/09/09 17:45:44.0183 7000 amdkmdag (68d791d78454684340433e52059eb45e) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/09/09 17:45:44.0248 7000 amdkmdap (96cd7053a516c30e61a05df9757da7de) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/09/09 17:45:44.0262 7000 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys 2011/09/09 17:45:44.0293 7000 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 2011/09/09 17:45:44.0319 7000 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys 2011/09/09 17:45:44.0343 7000 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 2011/09/09 17:45:44.0367 7000 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 2011/09/09 17:45:44.0402 7000 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys 2011/09/09 17:45:44.0418 7000 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys 2011/09/09 17:45:44.0451 7000 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/09/09 17:45:44.0468 7000 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 2011/09/09 17:45:44.0496 7000 AtiHDAudioService (84faf3d287d56d210f84db7c1349d43b) C:\Windows\system32\drivers\AtihdW73.sys 2011/09/09 17:45:44.0533 7000 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys 2011/09/09 17:45:44.0554 7000 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/09/09 17:45:44.0582 7000 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/09/09 17:45:44.0607 7000 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/09/09 17:45:44.0640 7000 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 2011/09/09 17:45:44.0657 7000 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys 2011/09/09 17:45:44.0677 7000 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys 2011/09/09 17:45:44.0703 7000 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/09/09 17:45:44.0723 7000 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/09/09 17:45:44.0739 7000 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/09/09 17:45:44.0753 7000 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/09/09 17:45:44.0778 7000 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys 2011/09/09 17:45:44.0828 7000 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/09/09 17:45:44.0850 7000 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 2011/09/09 17:45:44.0874 7000 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys 2011/09/09 17:45:44.0911 7000 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/09/09 17:45:44.0940 7000 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys 2011/09/09 17:45:44.0961 7000 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 2011/09/09 17:45:44.0977 7000 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/09/09 17:45:45.0009 7000 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys 2011/09/09 17:45:45.0029 7000 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/09/09 17:45:45.0049 7000 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys 2011/09/09 17:45:45.0074 7000 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 2011/09/09 17:45:45.0101 7000 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 2011/09/09 17:45:45.0127 7000 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/09/09 17:45:45.0140 7000 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys 2011/09/09 17:45:45.0159 7000 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys 2011/09/09 17:45:45.0199 7000 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/09/09 17:45:45.0228 7000 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 2011/09/09 17:45:45.0268 7000 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys 2011/09/09 17:45:45.0332 7000 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys 2011/09/09 17:45:45.0391 7000 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys 2011/09/09 17:45:45.0428 7000 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys 2011/09/09 17:45:45.0449 7000 epfwwfpr (ddb45f6371714601a43e8be38145be18) C:\Windows\system32\DRIVERS\epfwwfpr.sys 2011/09/09 17:45:45.0470 7000 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 2011/09/09 17:45:45.0500 7000 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/09/09 17:45:45.0523 7000 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/09/09 17:45:45.0545 7000 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys 2011/09/09 17:45:45.0576 7000 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/09/09 17:45:45.0599 7000 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/09/09 17:45:45.0619 7000 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys 2011/09/09 17:45:45.0646 7000 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/09/09 17:45:45.0673 7000 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/09/09 17:45:45.0691 7000 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/09/09 17:45:45.0708 7000 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 2011/09/09 17:45:45.0724 7000 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys 2011/09/09 17:45:45.0743 7000 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/09/09 17:45:45.0768 7000 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 2011/09/09 17:45:45.0783 7000 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/09/09 17:45:45.0808 7000 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys 2011/09/09 17:45:45.0832 7000 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys 2011/09/09 17:45:45.0849 7000 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys 2011/09/09 17:45:45.0879 7000 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 2011/09/09 17:45:45.0908 7000 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 2011/09/09 17:45:45.0930 7000 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 2011/09/09 17:45:45.0955 7000 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 2011/09/09 17:45:45.0974 7000 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 2011/09/09 17:45:46.0011 7000 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 2011/09/09 17:45:46.0036 7000 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys 2011/09/09 17:45:46.0064 7000 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 2011/09/09 17:45:46.0085 7000 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/09/09 17:45:46.0106 7000 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/09/09 17:45:46.0132 7000 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 2011/09/09 17:45:46.0152 7000 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/09/09 17:45:46.0182 7000 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/09/09 17:45:46.0205 7000 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 2011/09/09 17:45:46.0234 7000 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 2011/09/09 17:45:46.0259 7000 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/09/09 17:45:46.0276 7000 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/09/09 17:45:46.0302 7000 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 2011/09/09 17:45:46.0325 7000 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 2011/09/09 17:45:46.0374 7000 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/09/09 17:45:46.0398 7000 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys 2011/09/09 17:45:46.0416 7000 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys 2011/09/09 17:45:46.0433 7000 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys 2011/09/09 17:45:46.0448 7000 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys 2011/09/09 17:45:46.0463 7000 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/09/09 17:45:46.0499 7000 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys 2011/09/09 17:45:46.0620 7000 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys 2011/09/09 17:45:46.0681 7000 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys 2011/09/09 17:45:46.0711 7000 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys 2011/09/09 17:45:46.0732 7000 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys 2011/09/09 17:45:46.0753 7000 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/09/09 17:45:46.0777 7000 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/09/09 17:45:46.0803 7000 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/09/09 17:45:46.0824 7000 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/09/09 17:45:46.0839 7000 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 2011/09/09 17:45:46.0857 7000 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 2011/09/09 17:45:46.0884 7000 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/09/09 17:45:46.0910 7000 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 2011/09/09 17:45:46.0937 7000 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/09/09 17:45:46.0958 7000 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/09/09 17:45:46.0981 7000 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/09/09 17:45:46.0999 7000 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 2011/09/09 17:45:47.0014 7000 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 2011/09/09 17:45:47.0039 7000 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/09/09 17:45:47.0065 7000 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/09/09 17:45:47.0089 7000 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 2011/09/09 17:45:47.0111 7000 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/09/09 17:45:47.0135 7000 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/09/09 17:45:47.0153 7000 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/09/09 17:45:47.0190 7000 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/09/09 17:45:47.0223 7000 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/09/09 17:45:47.0237 7000 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/09/09 17:45:47.0259 7000 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys 2011/09/09 17:45:47.0293 7000 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys 2011/09/09 17:45:47.0327 7000 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/09/09 17:45:47.0355 7000 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/09/09 17:45:47.0414 7000 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 2011/09/09 17:45:47.0445 7000 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/09/09 17:45:47.0468 7000 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/09/09 17:45:47.0506 7000 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/09/09 17:45:47.0546 7000 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/09/09 17:45:47.0567 7000 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 2011/09/09 17:45:47.0591 7000 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/09/09 17:45:47.0606 7000 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 2011/09/09 17:45:47.0649 7000 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys 2011/09/09 17:45:47.0677 7000 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/09/09 17:45:47.0700 7000 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/09/09 17:45:47.0748 7000 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 2011/09/09 17:45:47.0775 7000 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/09/09 17:45:47.0806 7000 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 2011/09/09 17:45:47.0828 7000 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 2011/09/09 17:45:47.0854 7000 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 2011/09/09 17:45:47.0877 7000 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 2011/09/09 17:45:47.0907 7000 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/09/09 17:45:47.0931 7000 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 2011/09/09 17:45:47.0949 7000 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/09/09 17:45:47.0968 7000 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 2011/09/09 17:45:47.0987 7000 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 2011/09/09 17:45:48.0012 7000 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys 2011/09/09 17:45:48.0036 7000 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/09/09 17:45:48.0068 7000 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/09/09 17:45:48.0132 7000 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/09/09 17:45:48.0154 7000 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys 2011/09/09 17:45:48.0182 7000 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/09/09 17:45:48.0217 7000 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys 2011/09/09 17:45:48.0236 7000 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys 2011/09/09 17:45:48.0257 7000 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/09/09 17:45:48.0276 7000 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/09/09 17:45:48.0307 7000 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/09/09 17:45:48.0324 7000 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/09/09 17:45:48.0355 7000 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/09/09 17:45:48.0376 7000 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/09/09 17:45:48.0393 7000 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 2011/09/09 17:45:48.0413 7000 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/09/09 17:45:48.0432 7000 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/09/09 17:45:48.0458 7000 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 2011/09/09 17:45:48.0478 7000 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/09/09 17:45:48.0501 7000 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/09/09 17:45:48.0522 7000 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 2011/09/09 17:45:48.0546 7000 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 2011/09/09 17:45:48.0580 7000 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 2011/09/09 17:45:48.0636 7000 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/09/09 17:45:48.0666 7000 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\Windows\system32\DRIVERS\Rt86win7.sys 2011/09/09 17:45:48.0691 7000 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 2011/09/09 17:45:48.0719 7000 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 2011/09/09 17:45:48.0742 7000 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 2011/09/09 17:45:48.0774 7000 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/09/09 17:45:48.0802 7000 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/09/09 17:45:48.0816 7000 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/09/09 17:45:48.0834 7000 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys 2011/09/09 17:45:48.0869 7000 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 2011/09/09 17:45:48.0887 7000 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 2011/09/09 17:45:48.0908 7000 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 2011/09/09 17:45:48.0929 7000 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys 2011/09/09 17:45:48.0957 7000 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 2011/09/09 17:45:48.0975 7000 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys 2011/09/09 17:45:48.0994 7000 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys 2011/09/09 17:45:49.0016 7000 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/09/09 17:45:49.0045 7000 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/09/09 17:45:49.0081 7000 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys 2011/09/09 17:45:49.0081 7000 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9 2011/09/09 17:45:49.0085 7000 sptd - detected LockedFile.Multi.Generic (1) 2011/09/09 17:45:49.0116 7000 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 2011/09/09 17:45:49.0140 7000 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 2011/09/09 17:45:49.0161 7000 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 2011/09/09 17:45:49.0224 7000 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys 2011/09/09 17:45:49.0260 7000 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 2011/09/09 17:45:49.0288 7000 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 2011/09/09 17:45:49.0302 7000 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2011/09/09 17:45:49.0329 7000 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys 2011/09/09 17:45:49.0393 7000 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys 2011/09/09 17:45:49.0434 7000 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys 2011/09/09 17:45:49.0465 7000 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/09/09 17:45:49.0482 7000 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 2011/09/09 17:45:49.0506 7000 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 2011/09/09 17:45:49.0530 7000 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 2011/09/09 17:45:49.0551 7000 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys 2011/09/09 17:45:49.0567 7000 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys 2011/09/09 17:45:49.0607 7000 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/09/09 17:45:49.0624 7000 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 2011/09/09 17:45:49.0637 7000 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys 2011/09/09 17:45:49.0653 7000 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys 2011/09/09 17:45:49.0677 7000 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 2011/09/09 17:45:49.0701 7000 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys 2011/09/09 17:45:49.0717 7000 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 2011/09/09 17:45:49.0741 7000 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 2011/09/09 17:45:49.0764 7000 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 2011/09/09 17:45:49.0778 7000 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys 2011/09/09 17:45:49.0821 7000 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys 2011/09/09 17:45:49.0849 7000 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/09/09 17:45:49.0863 7000 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 2011/09/09 17:45:49.0896 7000 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/09/09 17:45:49.0920 7000 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 2011/09/09 17:45:49.0936 7000 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 2011/09/09 17:45:49.0958 7000 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys 2011/09/09 17:45:49.0979 7000 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS 2011/09/09 17:45:50.0001 7000 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 2011/09/09 17:45:50.0035 7000 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys 2011/09/09 17:45:50.0072 7000 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 2011/09/09 17:45:50.0093 7000 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/09/09 17:45:50.0114 7000 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/09/09 17:45:50.0143 7000 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 2011/09/09 17:45:50.0169 7000 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 2011/09/09 17:45:50.0185 7000 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys 2011/09/09 17:45:50.0236 7000 VIAHdAudAddService (035f2f7ca447056c27dae74538de90d5) C:\Windows\system32\drivers\viahduaa.sys 2011/09/09 17:45:50.0265 7000 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 2011/09/09 17:45:50.0289 7000 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 2011/09/09 17:45:50.0303 7000 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 2011/09/09 17:45:50.0325 7000 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 2011/09/09 17:45:50.0342 7000 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/09/09 17:45:50.0358 7000 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 2011/09/09 17:45:50.0374 7000 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys 2011/09/09 17:45:50.0401 7000 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2011/09/09 17:45:50.0425 7000 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys 2011/09/09 17:45:50.0439 7000 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/09 17:45:50.0449 7000 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/09 17:45:50.0489 7000 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys 2011/09/09 17:45:50.0518 7000 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/09/09 17:45:50.0562 7000 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/09/09 17:45:50.0589 7000 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/09/09 17:45:50.0648 7000 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32
  • blijkbaar past alles niet op 1 post, dus ik verspreid het. Hier komt het laatste deel van de TDSSKiller log. 2011/09/09 17:45:50.0648 7000 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 2011/09/09 17:45:50.0687 7000 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/09/09 17:45:50.0718 7000 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 2011/09/09 17:45:50.0740 7000 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/09/09 17:45:50.0771 7000 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/09/09 17:45:50.0789 7000 Boot (0x1200) (c1589cec79da8b492340096facbd605c) \Device\Harddisk0\DR0\Partition0 2011/09/09 17:45:50.0801 7000 Boot (0x1200) (4fa072309c1ad5db9012bc0191c3e35d) \Device\Harddisk0\DR0\Partition1 2011/09/09 17:45:50.0826 7000 Boot (0x1200) (b1885a112894ddd3b1f7db4619997a37) \Device\Harddisk0\DR0\Partition2 2011/09/09 17:45:50.0830 7000 ================================================================================ 2011/09/09 17:45:50.0830 7000 Scan finished 2011/09/09 17:45:50.0830 7000 ================================================================================ 2011/09/09 17:45:50.0839 0628 Detected object count: 1 2011/09/09 17:45:50.0839 0628 Actual detected object count: 1 2011/09/09 17:45:54.0294 0628 LockedFile.Multi.Generic(sptd) - User select action: Skip
  • aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-09-09 17:46:36 ----------------------------- 17:46:36.012 OS Version: Windows 6.1.7601 Service Pack 1 17:46:36.012 Number of processors: 4 586 0x2502 17:46:36.013 ComputerName: COBAINMACHINEEE UserName: Steffa 17:46:38.774 Initialize success 17:47:09.340 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-6 17:47:09.343 Disk 0 Vendor: ST3750630AS SD1A Size: 715404MB BusType: 3 17:47:11.351 Disk 0 MBR read successfully 17:47:11.355 Disk 0 MBR scan 17:47:11.358 Disk 0 Windows 7 default MBR code 17:47:11.363 Disk 0 scanning sectors +1465143296 17:47:11.414 Disk 0 scanning C:\Windows\system32\drivers 17:47:20.114 Service scanning 17:47:20.715 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32 17:47:21.284 Modules scanning 17:47:27.399 Disk 0 trace - called modules: 17:47:27.417 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x8515c1e8]<< 17:47:27.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86036030] 17:47:27.425 3 CLASSPNP.SYS[8b6d559e] -> nt!IofCallDriver -> [0x85ed8930] 17:47:27.755 5 ACPI.sys[8afb53d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-6[0x85edf030] 17:47:27.763 \Driver\atapi[0x85ed93a8] -> IRP_MJ_CREATE -> 0x8515c1e8 17:47:27.770 Scan finished successfully 17:47:44.622 Disk 0 MBR has been saved successfully to "C:\Users\Steffa\Desktop\MBR.dat" 17:47:44.627 The log file has been saved successfully to "C:\Users\Steffa\Desktop\aswMBR.txt"
  • Mooi zo, alles wat dat betreft in orde. Alleen geeft het goede resultaat dus niet een verklaring voor de problemen! Doe het volgende: [b:2906d651a0][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:2906d651a0] [list:2906d651a0] [*:2906d651a0]Klik op de knop [b:2906d651a0]ESET Online Scanner[/b:2906d651a0] [*:2906d651a0]Zet een vinkje bij [b:2906d651a0]YES, I accept the Terms of Use[/b:2906d651a0] [*:2906d651a0]Klik op [b:2906d651a0]Start[/b:2906d651a0] [*:2906d651a0]Sta het ActiveX control toe om te installeren. [*:2906d651a0]Zet een vinkje bij de volgende opties: [list:2906d651a0][*:2906d651a0][b:2906d651a0]Remove found threats[/b:2906d651a0] [*:2906d651a0][b:2906d651a0]Scan archives[/b:2906d651a0][/list:u:2906d651a0] [*:2906d651a0]Klik vervolgens op [b:2906d651a0][COLOR="Blue"]"Advanced Settings"[/COLOR][/b:2906d651a0] [list:2906d651a0][*:2906d651a0][b:2906d651a0]Scan for potentially unwanted applications[/b:2906d651a0] [*:2906d651a0][b:2906d651a0]Scan for potentially unsafe applications[/b:2906d651a0] [*:2906d651a0][b:2906d651a0]Enable Anti-Stealth technology [/b:2906d651a0][/list:u:2906d651a0] [*:2906d651a0]Klik op [b:2906d651a0]Start[/b:2906d651a0] [*:2906d651a0]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:2906d651a0]is de scan klaar, klik dan op [b:2906d651a0][COLOR="Blue"]> List of found threats[/COLOR][/b:2906d651a0] [*:2906d651a0]Klik vervolgens op [COLOR="Blue"][b:2906d651a0]> Export to text file....[/b:2906d651a0][/COLOR] [*:2906d651a0]Als opslaglokatie Bureaublad en geef het kladblokbestand een duidelijke titel. [*:2906d651a0]Daarna mag jij het venster sluiten omdat de scan klaar is. [*:2906d651a0]Open vervolgens het log dat op je bureaublad staat. [*:2906d651a0]En kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:2906d651a0] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Nog steeds het zelfde probleem met de ESET Online scanner als voorheen. hij scant niks.
  • Dan gaan we wat anders proberen! Download [url=http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/][b:c92d69f217][color=Blue:c92d69f217]Kaspersky® Virus Removal Tool [/color:c92d69f217][/b:c92d69f217][/url] naar je [b:c92d69f217]Bureaublad[/b:c92d69f217]. Platform: Windows 2000 Professional (Service Pack 4 or higher) Windows XP (Service Pack 2 or higher) Windows Vista (32-Bit) Windows 7 Start op in veilige Modus. Weet je niet hoe in Veilige modus op te starten kijk dan hier: [url]http://www.nationaalcomputerforum.nl/showthread.php?t=27396[/url] Dubbelklik op het installatie bestand om het programma te installeren. Zorg ervoor dat de volgende items zijn aangevinkt[list:c92d69f217][*:c92d69f217]Hidden startup objects[*:c92d69f217]System memory[*:c92d69f217]Disk boot sectors[list:c92d69f217][*:c92d69f217]Deze Computer [*:c92d69f217]De schijf waar Windows is geïnstalleerd[*:c92d69f217]Alle verwisselbare schijven[/list:u:c92d69f217] Klik: [b:c92d69f217]Start scan[/b:c92d69f217][/list:u:c92d69f217] Wanneer de scanner blijft hangen bij C:\Program Files\Malwarebytes Anti-Malware\[b:c92d69f217]mbamext.dll[/b:c92d69f217] Stop dan vervolgens de scanner! Verwijder nu via Software [b:c92d69f217]Malwarebytes Anti-Malware[/b:c92d69f217] en start de PC [b:c92d69f217]NIET[/b:c92d69f217] opnieuw op Start de scanner weer en kies “[b:c92d69f217]Resume scan[/b:c92d69f217]” Bij een Infectie word door middel van een Pop-Up aangegeven wat te doen “[b:c92d69f217]Disinfect[/b:c92d69f217] (recommended)” en/of “[b:c92d69f217]Delete[/b:c92d69f217] (recommended)” Klik aan het eind van de scan op “Report” Klik op het plus([b:c92d69f217]+[/b:c92d69f217]) teken voor Autoscan Rechtermuisklik >>kies “select all” dan Rechtermuisklik >>kies “Copy” Ga via Start\Programma’s\Bureau accesoires naar Kladblok(Editor) Rechtermuisklik >>kies “Plakken” Geef het tekstbestandje een naam b.v [b:c92d69f217]kav.txt [/b:c92d69f217]en sla het op je Bureaublad op Sluit AVP en er komt de volgende vraag,klik [b:c92d69f217]Yes[/b:c92d69f217] Post de inhoud van het logje in je volgende bericht. [b:c92d69f217]Deaktiveer de aanwezige antivirussoftware - de scan kan lang duren dus heb geduld.[/b:c92d69f217]
  • Tijdens het installeren krijg ik deze fout: Extracting 4483576.exe Extracting 4483576.prg Extracting 4483576rar.exe CRC failed in 4483576rar.exe Extracting 4483576rar.prg Extracting background.png Extracting Drivers\Win32\1\kl1.cat Extracting Drivers\Win32\1\kl1.inf Extracting Drivers\Win32\1\kl1.sys Extracting Drivers\Win32\2\501\4483576drv.cat Extracting Drivers\Win32\2\501\4483576drv.inf Extracting Drivers\Win32\2\501\4483576drv.sys Extracting Drivers\Win32\2\600\4483576drv.cat Extracting Drivers\Win32\2\600\4483576drv.inf Extracting Drivers\Win32\2\600\4483576drv.sys Extracting Drivers\Win64\1\kl1.cat Extracting Drivers\Win64\1\kl1.inf Extracting Drivers\Win64\1\kl1.sys Extracting Drivers\Win64\2\501\4483576drv.cat Extracting Drivers\Win64\2\501\4483576drv.inf Extracting Drivers\Win64\2\501\4483576drv.sys Extracting Drivers\Win64\2\600\4483576drv.cat Extracting Drivers\Win64\2\600\4483576drv.inf Extracting Drivers\Win64\2\600\4483576drv.sys Extracting helper64.exe Extracting helper64.prg Extracting Drivers\Win32\2\501 Extracting Drivers\Win32\2\600 Extracting Drivers\Win64\2\501 Extracting Drivers\Win64\2\600 Extracting Drivers\Win32\1 Extracting Drivers\Win32\2 Extracting Drivers\Win64\1 Extracting Drivers\Win64\2 Extracting Drivers\Win32 Extracting Drivers\Win64 Extracting Drivers En wat ik in de begin post vergeet te zeggen is dat 90% van alle rar bestanden die ik wel kan downloaden bijna altijd een CRC32 error hebben. (en ja ik heb de tool al meerdere malen proberen te herdownloaden maar steeds dezelfde error) Ik zal de tool wel via een andere pc downloaden en dan met een usb sticky op de mijne zetten, maar dan duurt het eventjes wat langer voordat ik met de log kom.
  • Probeer dan eens 7Zip. Is gratis en minstens zo goed als WinRAR.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.