Vraag & Antwoord

Beveiliging & privacy

Virus en trojans. Wie helpt me? Zie het Hijack log

50 antwoorden
  • Hoi , jij hebt Wegener nieuwssites bezocht? [b:baabc323d1]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:baabc323d1] [color=#0000FF:baabc323d1][list:baabc323d1][*:baabc323d1]Lees alle instrukties goed door. [*:baabc323d1]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:baabc323d1]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:baabc323d1]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:baabc323d1]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:baabc323d1]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:baabc323d1][/color:baabc323d1] [color=#FF0000:baabc323d1][b:baabc323d1]Stap •1•[/b:baabc323d1][/color:baabc323d1] sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:baabc323d1]Fix checked[/b:baabc323d1] klikt! Start nu HijackThis en klik op de knop [b:baabc323d1]Do a Scan only, O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file) O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKCU\..\Run: [CkMsLJkFgtF.exe] C:\Documents and Settings\All Users\Application Data\CkMsLJkFgtF.exe [/b:baabc323d1] [list:baabc323d1][*:baabc323d1] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen [*:baabc323d1] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:baabc323d1]Fix checked[/b:baabc323d1] [*:baabc323d1] Klik hierna HijackThis op uit.[/list:u:baabc323d1] [b:baabc323d1] Start de computer na de fix opnieuw op[/b:baabc323d1] [color=#FF0000:baabc323d1][b:baabc323d1]Stap •2•[/b:baabc323d1][/color:baabc323d1] [b:baabc323d1]Welk programma[/b:baabc323d1]: Microsoft Safety Scanner [b:baabc323d1]Waarvoor/waarom[/b:baabc323d1]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:baabc323d1]Moeilijkheidsgraad[/b:baabc323d1]: geen. [quote:baabc323d1][b:baabc323d1][color=#0000FF:baabc323d1]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload. Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software, downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/color:baabc323d1][/b:baabc323d1][/quote:baabc323d1] Dowload de [b:baabc323d1]Microsoft Safety Scanner [/b:baabc323d1][url=http://www.microsoft.com/security/scanner/nl-nl/default.aspx]hier[/url]. Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst". [b:baabc323d1]Scannen[/b:baabc323d1]: [list:baabc323d1][*:baabc323d1] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'. [*:baabc323d1]Het scannen duurt wel even, dus wees geduldig.[/list:u:baabc323d1] [color=#FF0000:baabc323d1][b:baabc323d1]Stap •3•[/b:baabc323d1][/color:baabc323d1] [b:baabc323d1]Welk programma[/b:baabc323d1]: Malwarebytes MBAM [b:baabc323d1]Waarvoor/waarom[/b:baabc323d1]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:baabc323d1]Moeilijkheidsgraad[/b:baabc323d1]: geen. [b:baabc323d1]Malwarebytes MBAM opstarten[/b:baabc323d1]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [b:baabc323d1]Let op:[/b:baabc323d1] [list:baabc323d1][*:baabc323d1]Malwarebytes MBAM nu eerst updaten[/list:u:baabc323d1] [b:baabc323d1]Scannen[/b:baabc323d1]: [list:baabc323d1][*:baabc323d1] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:baabc323d1]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:baabc323d1]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:baabc323d1] [b:baabc323d1]Infecties gevonden[/b:baabc323d1]: [list:baabc323d1][*:baabc323d1]Klik nu eerst op OK om de melding weg te klikken [*:baabc323d1]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:baabc323d1]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:baabc323d1]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:baabc323d1]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:baabc323d1]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:baabc323d1] [b:baabc323d1]MBAM-Log[/b:baabc323d1]: [list:baabc323d1][*:baabc323d1] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken.[/list:u:baabc323d1] [b:baabc323d1]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:baabc323d1] [color=#FF0000:baabc323d1][b:baabc323d1]Stap •4•[/b:baabc323d1][/color:baabc323d1] [b:baabc323d1]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:baabc323d1] [list:baabc323d1][*:baabc323d1] een nieuw Hijackthis-log [*:baabc323d1] MBAM scanlog[/list:u:baabc323d1]
  • Bedankt voor het advies. Ik heb de procedure doorlopen. Alles is nog niet bij het oude, maar de PC ratelt al veel minder en ik zie weer iets van het bureaublad. Het Hijack log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:55:52, on 5-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\stsystra.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Packard Bell\Software Suite\pbDevDetect.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070104 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070104 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110915083724.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file) O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CkMsLJkFgtF.exe] C:\Documents and Settings\All Users\Application Data\CkMsLJkFgtF.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://ponltbc.onl.motive.com O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 15431 bytes Het mbam log Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 7856 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4-10-2011 11:43:07 mbam-log-2011-10-04 (11-43-07).txt Scantype: Volledige scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|) Objecten gescand: 277837 Verstreken tijd: 14 uur/uren, 1 minuut/minuten, 14 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 1 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\program files\alcohol soft\alcohol 120\Langs\AX_RU.dll (Malware.Packer.GenX) -> Quarantined and deleted successfully. Graag weer advies!
  • Je mag nu het volgende doen: [color=#FF0000:12aeae56b8][b:12aeae56b8]Stap •1•[/b:12aeae56b8][/color:12aeae56b8] [[b:12aeae56b8]Welk programma[/b:12aeae56b8]: Kaspersky [b:12aeae56b8]TDSSKiller[/b:12aeae56b8] [b:12aeae56b8]Waarvoor/waarom[/b:12aeae56b8]: Rootkitscanner [b:12aeae56b8]Moeilijkheidsgraad[/b:12aeae56b8]: geen [b:12aeae56b8]Downloadlokatie[/b:12aeae56b8]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:12aeae56b8]Download[/b:12aeae56b8] [b:12aeae56b8]TDSSKiller[/b:12aeae56b8] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:12aeae56b8]hier[/b:12aeae56b8][/url]. [b:12aeae56b8]Installatie[/b:12aeae56b8]: [list:12aeae56b8][*:12aeae56b8] pak het bestand uit op je bureaublad.[/list:u:12aeae56b8] [b:12aeae56b8]TDSSKiller gebruiken[/b:12aeae56b8]: [list:12aeae56b8][*:12aeae56b8]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:12aeae56b8]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:12aeae56b8]Als Administrator uitvoeren[/b:12aeae56b8]. [*:12aeae56b8]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:12aeae56b8] [img:12aeae56b8]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:12aeae56b8] [list:12aeae56b8][*:12aeae56b8]Klik vervolgens op de knop [b:12aeae56b8]"Start Scan"[/b:12aeae56b8] en volg de instructies. [*:12aeae56b8] Nadat de scan klaar is klik je op de knop [b:12aeae56b8]"Report"[/b:12aeae56b8]. [*:12aeae56b8]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:12aeae56b8][*:12aeae56b8][b:12aeae56b8]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:12aeae56b8] [*:12aeae56b8]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:12aeae56b8]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:12aeae56b8][/list:u:12aeae56b8][/list:u:12aeae56b8] [color=#FF0000:12aeae56b8][b:12aeae56b8]Stap •2•[/b:12aeae56b8][/color:12aeae56b8] [b:12aeae56b8]Welk programma[/b:12aeae56b8]: "aswMBR.exe' [b:12aeae56b8]Waarvoor/waarom[/b:12aeae56b8]: MBR-Rootkitscanner [b:12aeae56b8]Moeilijkheidsgraad[/b:12aeae56b8]: geen [b:12aeae56b8]Downloadlokatie[/b:12aeae56b8]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:12aeae56b8]Download[/b:12aeae56b8] [b:12aeae56b8]aswMBR.exe[/b:12aeae56b8] [url=http://public.avast.com/~gmerek/aswMBR.exe][b:12aeae56b8]hier[/b:12aeae56b8][/url]. [b:12aeae56b8]aswMBR.exe gebruiken[/b:12aeae56b8]: [list:12aeae56b8][*:12aeae56b8]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe". [*:12aeae56b8]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:12aeae56b8]Als Administrator uitvoeren[/b:12aeae56b8].[/list:u:12aeae56b8] [img:12aeae56b8]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:12aeae56b8] [list:12aeae56b8][*:12aeae56b8] Klik nu in het zwarte scherm op de knop [b:12aeae56b8]Scan[/b:12aeae56b8] [*:12aeae56b8] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:12aeae56b8]Save log[/b:12aeae56b8][/list:u:12aeae56b8] [img:12aeae56b8]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:12aeae56b8] [list:12aeae56b8][*:12aeae56b8] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen. [*:12aeae56b8] Tevens vindt je nu op het bureaublad ook het bestand [b:12aeae56b8]MBR.dat[/b:12aeae56b8]! [*:12aeae56b8] [b:12aeae56b8]MBR.dat[/b:12aeae56b8] is een backupbestand, bewaar dat dus voorlopig. [*:12aeae56b8] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:12aeae56b8]aswMBR.txt[/b:12aeae56b8] [*:12aeae56b8] Post de inhoud van [b:12aeae56b8]aswMBR.txt[/b:12aeae56b8] in jouw volgende bericht.[/list:u:12aeae56b8] [color=#FF0000:12aeae56b8][b:12aeae56b8]Stap •3•[/b:12aeae56b8][/color:12aeae56b8] [b:12aeae56b8]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:12aeae56b8] [list:12aeae56b8][*:12aeae56b8] TDSSKiller-log [*:12aeae56b8] aswMBR.txt-log [/list:u:12aeae56b8]
  • Hallo, De stappen doorlopen. Bij de vorige stappen viel me op dat Spybot vaak aangaf dat er registerwaarden gingen veranderen. Hierop heb ik steeds akkoord gegeven. Ik vond het toen opmerkelijk dat er een paar minuten later meldingen kwamen dezelfde waarden weer terug te zetten. Hierop heb ik toen Spybot afgezet. Dit keer hetzelfde verhaal, maar nu heb ik alle verwijderingen toegestaan en de toevoegingen niet. Dat waren de volgende: - user specific browser toolbar - NoDesktop - NT Startup - UserInit - Taskman -Disable taskMgr diverse firewall autorized applications Leek mij dat door deze waarden te acceptere veel eerder succesvol verwijderde problemen weer terug zouden komen. Beide logs kan ik niet zien of ophalen, lijken verscholen te zijn. Vandaar nog een nieuw Hijack log. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:08:37, on 6-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Packard Bell\Software Suite\pbDevDetect.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Alexander\Bureaublad\tdsskiller\TDSSKiller.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070104 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070104 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110915083724.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file) O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CkMsLJkFgtF.exe] C:\Documents and Settings\All Users\Application Data\CkMsLJkFgtF.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://ponltbc.onl.motive.com O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 15760 bytes
  • Nog een aanvulling TDSSkiller vond 2 dingen en stelde voor een niet te verwijderen. Dit heb ik zojuist met een tweede scan alsnog wel gedaan.
  • Echt opschieten doet het zo niet, temeer ook omdat ik geen logs van je krijg. Ik hoop dan ook dat onderstaande beter gaat! [b:f5afff95bb]Welk programma[/b:f5afff95bb]: ComboFix [b:f5afff95bb]Waarvoor/waarom[/b:f5afff95bb]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:f5afff95bb]Moeilijkheidsgraad[/b:f5afff95bb]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:f5afff95bb]Downloadlokatie[/b:f5afff95bb]: Dit programma absoluut naar het bureaublad downloaden! [b:f5afff95bb]Download ComboFix via één van deze locaties[/b:f5afff95bb]: [list:f5afff95bb][*:f5afff95bb][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:f5afff95bb]Bleepingcomputer[/b:f5afff95bb][/url] [*:f5afff95bb][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:f5afff95bb]ForoSpyware[/b:f5afff95bb][/url] [*:f5afff95bb][url=http://subs.geekstogo.com/ComboFix.exe][b:f5afff95bb]Geekstogo[/b:f5afff95bb][/url][/list:u:f5afff95bb] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:f5afff95bb]Hier[/b:f5afff95bb][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:f5afff95bb]Hier[/b:f5afff95bb][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:f5afff95bb]hier[/b:f5afff95bb][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:f5afff95bb]Voor alle duidelijkheid nogmaals[/b:f5afff95bb]: ComboFix dient vanaf het bureaublad gestart te worden. [b:f5afff95bb]Opmerkingen[/b:f5afff95bb]: [list:f5afff95bb][*:f5afff95bb] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:f5afff95bb]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:f5afff95bb]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:f5afff95bb] [b:f5afff95bb]ComboFix is opgestart[/b:f5afff95bb]: [list:f5afff95bb][*:f5afff95bb]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:f5afff95bb]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:f5afff95bb]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:f5afff95bb]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:f5afff95bb]Post de inhoud van dit logbestand in je volgende bericht. [*:f5afff95bb]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:f5afff95bb] [b:f5afff95bb]Belangrijke opmerking[/b:f5afff95bb]: [list:f5afff95bb][*:f5afff95bb][b:f5afff95bb][color=Red:f5afff95bb]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:f5afff95bb][/b:f5afff95bb] [*:f5afff95bb][b:f5afff95bb][color=blue:f5afff95bb]Illegal operation attempted on a registery key that has been marked for deletion.[/color:f5afff95bb][/b:f5afff95bb] [*:f5afff95bb][b:f5afff95bb][color=Red:f5afff95bb]Start dan de computer opnieuw op.[/color:f5afff95bb][/b:f5afff95bb][/list:u:f5afff95bb]
  • Het duurde even omdat ik weer terug bij af was en bijna niets meer kon. Hieronder vast het report van TDSSKiller. Die van aswMBR volgt later, als het nu wel lukt. 22:09:40.0484 5212 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24 22:09:42.0484 5212 ============================================================ 22:09:42.0484 5212 Current date / time: 2011/10/07 22:09:42.0484 22:09:42.0484 5212 SystemInfo: 22:09:42.0484 5212 22:09:42.0484 5212 OS Version: 5.1.2600 ServicePack: 3.0 22:09:42.0484 5212 Product type: Workstation 22:09:42.0484 5212 ComputerName: VOORKAMER 22:09:42.0500 5212 UserName: Alexander 22:09:42.0500 5212 Windows directory: C:\WINDOWS 22:09:42.0500 5212 System windows directory: C:\WINDOWS 22:09:42.0500 5212 Processor architecture: Intel x86 22:09:42.0500 5212 Number of processors: 2 22:09:42.0500 5212 Page size: 0x1000 22:09:42.0500 5212 Boot type: Normal boot 22:09:42.0500 5212 ============================================================ 22:09:46.0484 5212 Initialize success 22:09:50.0203 5424 ============================================================ 22:09:50.0203 5424 Scan started 22:09:50.0203 5424 Mode: Manual; 22:09:50.0203 5424 ============================================================ 22:09:53.0234 5424 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 22:09:53.0250 5424 61883 - ok 22:09:53.0468 5424 Abiosdsk - ok 22:09:53.0765 5424 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 22:09:53.0828 5424 abp480n5 - ok 22:09:54.0062 5424 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:09:54.0359 5424 ACPI - ok 22:09:54.0546 5424 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 22:09:54.0625 5424 ACPIEC - ok 22:09:54.0765 5424 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 22:09:54.0843 5424 adpu160m - ok 22:09:54.0906 5424 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 22:09:54.0921 5424 aec - ok 22:09:55.0234 5424 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 22:09:56.0156 5424 AFD - ok 22:09:56.0359 5424 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 22:09:56.0375 5424 agp440 - ok 22:09:56.0437 5424 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 22:09:56.0453 5424 agpCPQ - ok 22:09:56.0515 5424 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 22:09:56.0593 5424 Aha154x - ok 22:09:56.0703 5424 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 22:09:56.0796 5424 aic78u2 - ok 22:09:56.0890 5424 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 22:09:56.0953 5424 aic78xx - ok 22:09:57.0062 5424 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 22:09:57.0156 5424 AliIde - ok 22:09:57.0296 5424 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 22:09:57.0328 5424 alim1541 - ok 22:09:57.0421 5424 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 22:09:57.0468 5424 amdagp - ok 22:09:57.0578 5424 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 22:09:57.0656 5424 amsint - ok 22:09:57.0750 5424 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 22:09:57.0750 5424 Arp1394 - ok 22:09:57.0765 5424 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys 22:09:57.0843 5424 ASAPIW2k - ok 22:09:57.0953 5424 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 22:09:58.0031 5424 asc - ok 22:09:58.0093 5424 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 22:09:58.0171 5424 asc3350p - ok 22:09:58.0234 5424 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 22:09:58.0296 5424 asc3550 - ok 22:09:58.0468 5424 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:09:58.0484 5424 AsyncMac - ok 22:09:58.0546 5424 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:09:58.0546 5424 atapi - ok 22:09:58.0593 5424 Atdisk - ok 22:09:58.0625 5424 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:09:58.0640 5424 Atmarpc - ok 22:09:58.0656 5424 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:09:58.0671 5424 audstub - ok 22:09:58.0703 5424 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 22:09:58.0703 5424 Avc - ok 22:09:58.0750 5424 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:09:58.0765 5424 Beep - ok 22:09:58.0843 5424 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 22:09:58.0843 5424 cbidf - ok 22:09:58.0859 5424 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:09:58.0859 5424 cbidf2k - ok 22:09:58.0890 5424 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 22:09:58.0890 5424 CCDECODE - ok 22:09:58.0937 5424 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 22:09:59.0015 5424 cd20xrnt - ok 22:09:59.0046 5424 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:09:59.0046 5424 Cdaudio - ok 22:09:59.0062 5424 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 22:09:59.0093 5424 Cdfs - ok 22:09:59.0125 5424 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:09:59.0140 5424 Cdrom - ok 22:09:59.0156 5424 cfwids (142e4e00ad91600a2d20692ed52fafc8) C:\WINDOWS\system32\drivers\cfwids.sys 22:09:59.0281 5424 cfwids - ok 22:09:59.0281 5424 Changer - ok 22:09:59.0421 5424 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 22:09:59.0562 5424 CmdIde - ok 22:09:59.0687 5424 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 22:09:59.0703 5424 Cpqarray - ok 22:09:59.0796 5424 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys 22:09:59.0875 5424 ctxusbm - ok 22:09:59.0906 5424 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 22:09:59.0921 5424 dac2w2k - ok 22:09:59.0968 5424 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 22:10:00.0031 5424 dac960nt - ok 22:10:00.0109 5424 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 22:10:00.0109 5424 Disk - ok 22:10:00.0156 5424 DLABOIOM (a14524d3f130a57163e0b3e057fc85d5) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 22:10:00.0234 5424 DLABOIOM - ok 22:10:00.0250 5424 DLACDBHM (7581407a6a3c56860ae31e6e423fe824) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 22:10:00.0312 5424 DLACDBHM - ok 22:10:00.0359 5424 DLADResN (458c83fd5c0deb55a48ec6f9d3816acb) C:\WINDOWS\system32\DLA\DLADResN.SYS 22:10:00.0437 5424 DLADResN - ok 22:10:00.0468 5424 DLAIFS_M (97bca2aac06a9fea56615b4b15bdb9b8) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 22:10:00.0531 5424 DLAIFS_M - ok 22:10:00.0562 5424 DLAOPIOM (be8d558cf749424f0de612813f7c6725) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 22:10:00.0625 5424 DLAOPIOM - ok 22:10:00.0656 5424 DLAPoolM (7e5277cb45dc5e2a86af8ce093c7ef31) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 22:10:00.0718 5424 DLAPoolM - ok 22:10:00.0781 5424 DLARTL_N (693dfd92d41a3d270053cd97834e4960) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 22:10:00.0843 5424 DLARTL_N - ok 22:10:00.0875 5424 DLAUDFAM (d886b6d02b51e5bd61b8a571a16d5ca2) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 22:10:00.0953 5424 DLAUDFAM - ok 22:10:00.0984 5424 DLAUDF_M (2c0ecf7a9d5162d87c64e2ae868b5039) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 22:10:01.0062 5424 DLAUDF_M - ok 22:10:01.0156 5424 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 22:10:01.0359 5424 dmboot - ok 22:10:01.0390 5424 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 22:10:01.0406 5424 dmio - ok 22:10:01.0406 5424 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:10:01.0421 5424 dmload - ok 22:10:01.0437 5424 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 22:10:01.0453 5424 DMusic - ok 22:10:01.0515 5424 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 22:10:01.0531 5424 dpti2o - ok 22:10:01.0578 5424 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 22:10:01.0578 5424 drmkaud - ok 22:10:01.0593 5424 DRVMCDB (73623d89faef4d1aa600edee8b490bc5) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 22:10:01.0671 5424 DRVMCDB - ok 22:10:01.0687 5424 DRVNDDM (2aeee1600d0f14ba535f90a1f4411b54) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 22:10:01.0781 5424 DRVNDDM - ok 22:10:01.0859 5424 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys 22:10:01.0937 5424 DSproct - ok 22:10:02.0015 5424 E100B (be27de641e52d8b295dea40b213318f7) C:\WINDOWS\system32\DRIVERS\e100b325.sys 22:10:02.0093 5424 E100B - ok 22:10:02.0140 5424 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys 22:10:02.0312 5424 e1express - ok 22:10:02.0546 5424 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys 22:10:02.0703 5424 epmntdrv - ok 22:10:02.0718 5424 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys 22:10:02.0890 5424 EuGdiDrv - ok 22:10:02.0968 5424 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 22:10:02.0984 5424 Fastfat - ok 22:10:03.0015 5424 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 22:10:03.0015 5424 Fdc - ok 22:10:03.0062 5424 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 22:10:03.0203 5424 Fips - ok 22:10:03.0218 5424 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 22:10:03.0218 5424 Flpydisk - ok 22:10:03.0265 5424 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 22:10:03.0296 5424 FltMgr - ok 22:10:03.0406 5424 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 22:10:03.0468 5424 fssfltr - ok 22:10:03.0546 5424 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:10:03.0546 5424 Fs_Rec - ok 22:10:03.0671 5424 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:10:03.0750 5424 Ftdisk - ok 22:10:03.0843 5424 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 22:10:03.0906 5424 GearAspiWDM - ok 22:10:04.0203 5424 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:10:04.0203 5424 Gpc - ok 22:10:04.0875 5424 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 22:10:04.0890 5424 HDAudBus - ok 22:10:05.0109 5424 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:10:05.0156 5424 HidUsb - ok 22:10:05.0484 5424 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 22:10:05.0562 5424 hpn - ok 22:10:05.0781 5424 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 22:10:05.0796 5424 HTTP - ok 22:10:06.0171 5424 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 22:10:06.0187 5424 i2omgmt - ok 22:10:06.0250 5424 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 22:10:06.0265 5424 i2omp - ok 22:10:06.0281 5424 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:10:06.0375 5424 i8042prt - ok 22:10:06.0687 5424 iastor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iastor.sys 22:10:06.0703 5424 iastor - ok 22:10:07.0281 5424 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:10:07.0343 5424 Imapi - ok 22:10:07.0859 5424 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 22:10:08.0078 5424 ini910u - ok 22:10:08.0546 5424 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 22:10:08.0718 5424 IntelIde - ok 22:10:08.0968 5424 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:10:09.0343 5424 intelppm - ok 22:10:09.0609 5424 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 22:10:09.0625 5424 Ip6Fw - ok 22:10:10.0046 5424 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:10:10.0171 5424 IpFilterDriver - ok 22:10:10.0625 5424 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:10:10.0640 5424 IpInIp - ok 22:10:11.0156 5424 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:10:11.0187 5424 IpNat - ok 22:10:11.0281 5424 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:10:11.0281 5424 IPSec - ok 22:10:11.0406 5424 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:10:11.0421 5424 IRENUM - ok 22:10:11.0531 5424 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:10:11.0781 5424 isapnp - ok 22:10:11.0906 5424 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:10:11.0984 5424 Kbdclass - ok 22:10:12.0046 5424 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 22:10:12.0109 5424 kbdhid - ok 22:10:12.0234 5424 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 22:10:12.0234 5424 kmixer - ok 22:10:12.0390 5424 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 22:10:12.0406 5424 KSecDD - ok 22:10:12.0687 5424 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys 22:10:12.0765 5424 Lavasoft Kernexplorer - ok 22:10:12.0953 5424 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys 22:10:13.0203 5424 Lbd - ok 22:10:13.0281 5424 lbrtfdc - ok 22:10:13.0328 5424 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys 22:10:13.0484 5424 MarvinBus - ok 22:10:13.0593 5424 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys 22:10:13.0718 5424 MBAMProtector - ok 22:10:13.0750 5424 MBAMSwissArmy - ok 22:10:13.0828 5424 mfeapfk (c373a719d704d12f5a4503f6f10239ff) C:\WINDOWS\system32\drivers\mfeapfk.sys 22:10:13.0906 5424 mfeapfk - ok 22:10:14.0046 5424 mfeavfk (851ad52871b62457152a8acaff0c632d) C:\WINDOWS\system32\drivers\mfeavfk.sys 22:10:14.0140 5424 mfeavfk - ok 22:10:14.0265 5424 mfeavfk01 - ok 22:10:14.0343 5424 mfebopk (5b9ffb027669a8ac30aac0b4996bc603) C:\WINDOWS\system32\drivers\mfebopk.sys 22:10:14.0421 5424 mfebopk - ok 22:10:14.0500 5424 mfefirek (2cabe72e53365834cb9969dde47bd690) C:\WINDOWS\system32\drivers\mfefirek.sys 22:10:14.0671 5424 mfefirek - ok 22:10:14.0718 5424 mfehidk (46db8f041e928bdc17b8daba249a2148) C:\WINDOWS\system32\drivers\mfehidk.sys 22:10:14.0953 5424 mfehidk - ok 22:10:15.0000 5424 mfendisk (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 22:10:15.0171 5424 mfendisk - ok 22:10:15.0171 5424 mfendiskmp (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 22:10:15.0187 5424 mfendiskmp - ok 22:10:15.0312 5424 mferkdet (316fd7c31cd57ca793fb10912aeeb2d2) C:\WINDOWS\system32\drivers\mferkdet.sys 22:10:15.0421 5424 mferkdet - ok 22:10:15.0625 5424 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 22:10:15.0734 5424 mferkdk - ok 22:10:15.0953 5424 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys 22:10:16.0109 5424 mfesmfk - ok 22:10:16.0171 5424 mfetdi2k (2026fe7c9e6b26ffeb08cd89c6326b91) C:\WINDOWS\system32\drivers\mfetdi2k.sys 22:10:16.0359 5424 mfetdi2k - ok 22:10:16.0453 5424 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 22:10:16.0578 5424 MHNDRV - ok 22:10:16.0640 5424 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:10:16.0640 5424 mnmdd - ok 22:10:16.0703 5424 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 22:10:16.0718 5424 Modem - ok 22:10:16.0781 5424 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:10:16.0890 5424 Mouclass - ok 22:10:16.0984 5424 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 22:10:17.0046 5424 mouhid - ok 22:10:17.0125 5424 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 22:10:17.0156 5424 MountMgr - ok 22:10:17.0203 5424 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 22:10:17.0312 5424 mraid35x - ok 22:10:17.0421 5424 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS 22:10:17.0500 5424 MREMP50 - ok 22:10:17.0546 5424 MREMP50a64 - ok 22:10:17.0562 5424 MREMPR5 - ok 22:10:17.0562 5424 MRENDIS5 - ok 22:10:17.0593 5424 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS 22:10:17.0671 5424 MRESP50 - ok 22:10:17.0703 5424 MRESP50a64 - ok 22:10:17.0781 5424 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:10:17.0796 5424 MRxDAV - ok 22:10:17.0843 5424 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:10:17.0984 5424 MRxSmb - ok 22:10:18.0015 5424 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 22:10:18.0031 5424 MSDV - ok 22:10:18.0046 5424 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 22:10:18.0046 5424 Msfs - ok 22:10:18.0093 5424 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:10:18.0093 5424 MSKSSRV - ok 22:10:18.0156 5424 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:10:18.0171 5424 MSPCLOCK - ok 22:10:18.0203 5424 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 22:10:18.0203 5424 MSPQM - ok 22:10:18.0250 5424 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:10:18.0250 5424 mssmbios - ok 22:10:18.0312 5424 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 22:10:18.0328 5424 MSTEE - ok 22:10:18.0375 5424 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 22:10:18.0437 5424 Mup - ok 22:10:18.0515 5424 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 22:10:18.0515 5424 NABTSFEC - ok 22:10:18.0562 5424 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys 22:10:18.0687 5424 NAL - ok 22:10:18.0734 5424 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 22:10:18.0750 5424 NDIS - ok 22:10:18.0765 5424 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 22:10:18.0765 5424 NdisIP - ok 22:10:18.0828 5424 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:10:18.0921 5424 NdisTapi - ok 22:10:18.0984 5424 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:10:18.0984 5424 Ndisuio - ok 22:10:19.0031 5424 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:10:19.0031 5424 NdisWan - ok 22:10:19.0109 5424 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 22:10:19.0171 5424 NDProxy - ok 22:10:19.0203 5424 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 22:10:19.0203 5424 NetBIOS - ok 22:10:19.0281 5424 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:10:19.0296 5424 NetBT - ok 22:10:19.0343 5424 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 22:10:19.0359 5424 NIC1394 - ok 22:10:19.0375 5424 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 22:10:19.0390 5424 Npfs - ok 22:10:19.0453 5424 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 22:10:19.0468 5424 Ntfs - ok 22:10:19.0531 5424 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:10:19.0546 5424 Null - ok 22:10:19.0859 5424 nv (5950e6cc9fb3fabb61604d395dbc8550) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 22:10:20.0156 5424 nv - ok 22:10:20.0187 5424 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:10:20.0203 5424 NwlnkFlt - ok 22:10:20.0234 5424 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:10:20.0234 5424 NwlnkFwd - ok 22:10:20.0296 5424 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 22:10:20.0296 5424 ohci1394 - ok 22:10:20.0375 5424 Packet (8f856dae19383bd69db444004d5d4f50) C:\WINDOWS\system32\DRIVERS\packet.sys 22:10:20.0437 5424 Packet - ok 22:10:20.0515 5424 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 22:10:20.0671 5424 Parport - ok 22:10:20.0718 5424 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 22:10:20.0734 5424 PartMgr - ok 22:10:20.0765 5424 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 22:10:20.0906 5424 ParVdm - ok 22:10:21.0062 5424 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 22:10:21.0093 5424 PCI - ok 22:10:21.0187 5424 PCIDump - ok 22:10:21.0296 5424 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 22:10:21.0375 5424 PCIIde - ok 22:10:21.0531 5424 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 22:10:21.0703 5424 Pcmcia - ok 22:10:21.0781 5424 PDCOMP - ok 22:10:22.0031 5424 PDFRAME - ok 22:10:22.0156 5424 PDRELI - ok 22:10:22.0296 5424 PDRFRAME - ok 22:10:22.0812 5424 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 22:10:22.0875 5424 perc2 - ok 22:10:22.0937 5424 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 22:10:22.0953 5424 perc2hib - ok 22:10:23.0218 5424 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\WINDOWS\system32\drivers\pfc.sys 22:10:23.0296 5424 pfc - ok 22:10:23.0359 5424 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:10:23.0375 5424 PptpMiniport - ok 22:10:23.0515 5424 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 22:10:23.0515 5424 PSched - ok 22:10:23.0578 5424 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:10:23.0578 5424 Ptilink - ok 22:10:23.0843 5424 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys 22:10:23.0968 5424 PxHelp20 - ok 22:10:24.0062 5424 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 22:10:24.0062 5424 ql1080 - ok 22:10:24.0125 5424 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 22:10:24.0125 5424 Ql10wnt - ok 22:10:24.0203 5424 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 22:10:24.0234 5424 ql12160 - ok 22:10:24.0343 5424 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 22:10:24.0359 5424 ql1240 - ok 22:10:24.0421 5424 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 22:10:24.0500 5424 ql1280 - ok 22:10:24.0562 5424 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:10:24.0578 5424 RasAcd - ok 22:10:24.0640 5424 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:10:24.0640 5424 Rasl2tp - ok 22:10:24.0750 5424 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:10:24.0765 5424 RasPppoe - ok 22:10:24.0781 5424 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:10:24.0781 5424 Raspti - ok 22:10:24.0859 5424 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:10:24.0890 5424 Rdbss - ok 22:10:25.0000 5424 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:10:25.0000 5424 RDPCDD - ok 22:10:25.0062 5424 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 22:10:25.0078 5424 rdpdr - ok 22:10:25.0171 5424 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 22:10:25.0312 5424 RDPWD - ok 22:10:25.0484 5424 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:10:25.0640 5424 redbook - ok 22:10:25.0765 5424 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 22:10:25.0875 5424 SASDIFSV - ok 22:10:25.0984 5424 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 22:10:26.0062 5424 SASKUTIL - ok 22:10:26.0296 5424 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:10:26.0296 5424 Secdrv - ok 22:10:26.0421 5424 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 22:10:26.0437 5424 serenum - ok 22:10:26.0484 5424 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 22:10:26.0593 5424 Serial - ok 22:10:26.0875 5424 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 22:10:26.0890 5424 Sfloppy - ok 22:10:27.0015 5424 Simbad - ok 22:10:27.0109 5424 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 22:10:27.0140 5424 sisagp - ok 22:10:27.0468 5424 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 22:10:27.0484 5424 SLIP - ok 22:10:27.0890 5424 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 22:10:27.0937 5424 Sparrow - ok 22:10:28.0343 5424 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 22:10:28.0375 5424 splitter - ok 22:10:28.0703 5424 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 22:10:28.0734 5424 sr - ok 22:10:28.0921 5424 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 22:10:29.0015 5424 Srv - ok 22:10:29.0140 5424 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys 22:10:29.0281 5424 STHDA - ok 22:10:29.0375 5424 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 22:10:29.0390 5424 streamip - ok 22:10:29.0437 5424 SunkFilt6 - ok 22:10:29.0531 5424 SunkFilt62 (38cc705ff41cc49daed796cfb419bea2) C:\WINDOWS\System32\Drivers\sunkfilt62.sys 22:10:29.0625 5424 SunkFilt62 - ok 22:10:29.0687 5424 Sunkfiltp - ok 22:10:29.0734 5424 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:10:29.0734 5424 swenum - ok 22:10:29.0875 5424 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 22:10:29.0875 5424 swmidi - ok 22:10:29.0984 5424 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 22:10:30.0078 5424 symc810 - ok 22:10:30.0171 5424 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 22:10:30.0265 5424 symc8xx - ok 22:10:30.0453 5424 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 22:10:30.0453 5424 sym_hi - ok 22:10:30.0562 5424 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 22:10:30.0625 5424 sym_u3 - ok 22:10:30.0687 5424 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 22:10:30.0687 5424 sysaudio - ok 22:10:30.0781 5424 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:10:30.0812 5424 Tcpip - ok 22:10:30.0859 5424 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:10:30.0875 5424 TDPIPE - ok 22:10:30.0937 5424 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 22:10:30.0953 5424 TDTCP - ok 22:10:30.0984 5424 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:10:30.0984 5424 TermDD - ok 22:10:31.0031 5424 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 22:10:31.0093 5424 TosIde - ok 22:10:31.0234 5424 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 22:10:31.0234 5424 Udfs - ok 22:10:31.0343 5424 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 22:10:31.0437 5424 ultra - ok 22:10:31.0578 5424 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 22:10:31.0656 5424 Update - ok 22:10:31.0718 5424 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 22:10:31.0859 5424 USBAAPL - ok 22:10:31.0984 5424 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 22:10:32.0000 5424 usbccgp - ok 22:10:32.0031 5424 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:10:32.0031 5424 usbehci - ok 22:10:32.0125 5424 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:10:32.0140 5424 usbhub - ok 22:10:32.0203 5424 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 22:10:32.0218 5424 usbprint - ok 22:10:32.0375 5424 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 22:10:32.0390 5424 usbscan - ok 22:10:32.0546 5424 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 22:10:32.0546 5424 USBSTOR - ok 22:10:32.0609 5424 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 22:10:32.0609 5424 usbuhci - ok 22:10:32.0687 5424 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys 22:10:32.0687 5424 usb_rndisx - ok 22:10:32.0812 5424 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys 22:10:33.0078 5424 vaxscsi - ok 22:10:33.0156 5424 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 22:10:33.0171 5424 VgaSave - ok 22:10:33.0218 5424 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 22:10:33.0234 5424 viaagp - ok 22:10:33.0359 5424 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 22:10:33.0359 5424 ViaIde - ok 22:10:33.0421 5424 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 22:10:33.0500 5424 VolSnap - ok 22:10:33.0593 5424 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:10:33.0593 5424 Wanarp - ok 22:10:33.0609 5424 WDICA - ok 22:10:33.0640 5424 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 22:10:33.0640 5424 wdmaud - ok 22:10:33.0828 5424 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 22:10:33.0828 5424 WSTCODEC - ok 22:10:33.0984 5424 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 22:10:34.0000 5424 WudfPf - ok 22:10:34.0109 5424 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 22:10:34.0109 5424 WudfRd - ok 22:10:34.0171 5424 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0 22:10:34.0187 5424 \Device\Harddisk0\DR0 - ok 22:10:34.0187 5424 Boot (0x1200) (757d37f277f591e57867f840bee9a59a) \Device\Harddisk0\DR0\Partition0 22:10:34.0218 5424 \Device\Harddisk0\DR0\Partition0 - ok 22:10:34.0218 5424 ============================================================ 22:10:34.0218 5424 Scan finished 22:10:34.0218 5424 ============================================================ 22:10:34.0281 5416 Detected object count: 0 22:10:34.0281 5416 Actual detected object count: 0 22:11:28.0218 5676 ============================================================ 22:11:28.0218 5676 Scan started 22:11:28.0218 5676 Mode: Manual; 22:11:28.0218 5676 ============================================================ 22:11:29.0234 5676 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 22:11:29.0250 5676 61883 - ok 22:11:29.0453 5676 Abiosdsk - ok 22:11:29.0625 5676 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 22:11:29.0640 5676 abp480n5 - ok 22:11:30.0015 5676 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:11:30.0093 5676 ACPI - ok 22:11:30.0343 5676 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 22:11:30.0359 5676 ACPIEC - ok 22:11:30.0625 5676 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 22:11:30.0640 5676 adpu160m - ok 22:11:31.0062 5676 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 22:11:31.0125 5676 aec - ok 22:11:31.0468 5676 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 22:11:31.0546 5676 AFD - ok 22:11:31.0734 5676 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 22:11:31.0734 5676 agp440 - ok 22:11:32.0062 5676 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 22:11:32.0062 5676 agpCPQ - ok 22:11:32.0500 5676 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 22:11:32.0500 5676 Aha154x - ok 22:11:32.0890 5676 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 22:11:32.0890 5676 aic78u2 - ok 22:11:33.0203 5676 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 22:11:33.0203 5676 aic78xx - ok 22:11:33.0343 5676 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 22:11:33.0343 5676 AliIde - ok 22:11:33.0468 5676 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 22:11:33.0468 5676 alim1541 - ok 22:11:33.0625 5676 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 22:11:33.0625 5676 amdagp - ok 22:11:33.0687 5676 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 22:11:33.0703 5676 amsint - ok 22:11:33.0765 5676 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 22:11:33.0765 5676 Arp1394 - ok 22:11:33.0859 5676 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys 22:11:33.0859 5676 ASAPIW2k - ok 22:11:33.0937 5676 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 22:11:33.0937 5676 asc - ok 22:11:34.0156 5676 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 22:11:34.0156 5676 asc3350p - ok 22:11:34.0312 5676 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 22:11:34.0312 5676 asc3550 - ok 22:11:34.0406 5676 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:11:34.0437 5676 AsyncMac - ok 22:11:34.0843 5676 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:11:34.0890 5676 atapi - ok 22:11:35.0265 5676 Atdisk - ok 22:11:35.0640 5676 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:11:35.0640 5676 Atmarpc - ok 22:11:36.0093 5676 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:11:36.0093 5676 audstub - ok 22:11:36.0515 5676 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 22:11:36.0531 5676 Avc - ok 22:11:36.0875 5676 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:11:36.0906 5676 Beep - ok 22:11:37.0359 5676 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 22:11:37.0390 5676 cbidf - ok 22:11:37.0640 5676 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:11:37.0640 5676 cbidf2k - ok 22:11:37.0859 5676 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 22:11:37.0875 5676 CCDECODE - ok 22:11:37.0984 5676 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 22:11:37.0984 5676 cd20xrnt - ok 22:11:38.0046 5676 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:11:38.0093 5676 Cdaudio - ok 22:11:38.0125 5676 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 22:11:38.0125 5676 Cdfs - ok 22:11:38.0140 5676 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:11:38.0156 5676 Cdrom - ok 22:11:38.0203 5676 cfwids (142e4e00ad91600a2d20692ed52fafc8) C:\WINDOWS\system32\drivers\cfwids.sys 22:11:38.0265 5676 cfwids - ok 22:11:38.0312 5676 Changer - ok 22:11:38.0406 5676 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 22:11:38.0421 5676 CmdIde - ok 22:11:38.0484 5676 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 22:11:38.0484 5676 Cpqarray - ok 22:11:38.0546 5676 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys 22:11:38.0546 5676 ctxusbm - ok 22:11:38.0625 5676 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 22:11:38.0625 5676 dac2w2k - ok 22:11:38.0718 5676 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 22:11:38.0718 5676 dac960nt - ok 22:11:38.0750 5676 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 22:11:38.0750 5676 Disk - ok 22:11:38.0812 5676 DLABOIOM (a14524d3f130a57163e0b3e057fc85d5) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 22:11:38.0875 5676 DLABOIOM - ok 22:11:38.0875 5676 DLACDBHM (7581407a6a3c56860ae31e6e423fe824) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 22:11:38.0875 5676 DLACDBHM - ok 22:11:38.0921 5676 DLADResN (458c83fd5c0deb55a48ec6f9d3816acb) C:\WINDOWS\system32\DLA\DLADResN.SYS 22:11:38.0937 5676 DLADResN - ok 22:11:38.0984 5676 DLAIFS_M (97bca2aac06a9fea56615b4b15bdb9b8) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 22:11:38.0984 5676 DLAIFS_M - ok 22:11:39.0015 5676 DLAOPIOM (be8d558cf749424f0de612813f7c6725) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 22:11:39.0062 5676 DLAOPIOM - ok 22:11:39.0093 5676 DLAPoolM (7e5277cb45dc5e2a86af8ce093c7ef31) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 22:11:39.0093 5676 DLAPoolM - ok 22:11:39.0171 5676 DLARTL_N (693dfd92d41a3d270053cd97834e4960) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 22:11:39.0203 5676 DLARTL_N - ok 22:11:39.0250 5676 DLAUDFAM (d886b6d02b51e5bd61b8a571a16d5ca2) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 22:11:39.0250 5676 DLAUDFAM - ok 22:11:39.0328 5676 DLAUDF_M (2c0ecf7a9d5162d87c64e2ae868b5039) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 22:11:39.0328 5676 DLAUDF_M - ok 22:11:39.0421 5676 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 22:11:39.0453 5676 dmboot - ok 22:11:39.0468 5676 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 22:11:39.0468 5676 dmio - ok 22:11:39.0484 5676 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:11:39.0484 5676 dmload - ok 22:11:39.0562 5676 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 22:11:39.0578 5676 DMusic - ok 22:11:39.0656 5676 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 22:11:39.0656 5676 dpti2o - ok 22:11:39.0765 5676 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 22:11:39.0765 5676 drmkaud - ok 22:11:39.0828 5676 DRVMCDB (73623d89faef4d1aa600edee8b490bc5) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 22:11:39.0828 5676 DRVMCDB - ok 22:11:39.0828 5676 DRVNDDM (2aeee1600d0f14ba535f90a1f4411b54) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 22:11:39.0843 5676 DRVNDDM - ok 22:11:39.0937 5676 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys 22:11:39.0937 5676 DSproct - ok 22:11:40.0000 5676 E100B (be27de641e52d8b295dea40b213318f7) C:\WINDOWS\system32\DRIVERS\e100b325.sys 22:11:40.0000 5676 E100B - ok 22:11:40.0125 5676 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys 22:11:40.0140 5676 e1express - ok 22:11:40.0187 5676 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys 22:11:40.0187 5676 epmntdrv - ok 22:11:40.0234 5676 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys 22:11:40.0234 5676 EuGdiDrv - ok 22:11:40.0281 5676 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 22:11:40.0281 5676 Fastfat - ok 22:11:40.0296 5676 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 22:11:40.0296 5676 Fdc - ok 22:11:40.0375 5676 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 22:11:40.0375 5676 Fips - ok 22:11:40.0437 5676 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 22:11:40.0515 5676 Flpydisk - ok 22:11:40.0531 5676 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 22:11:40.0531 5676 FltMgr - ok 22:11:40.0593 5676 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 22:11:40.0609 5676 fssfltr - ok 22:11:40.0671 5676 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:11:40.0671 5676 Fs_Rec - ok 22:11:40.0703 5676 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:11:40.0734 5676 Ftdisk - ok 22:11:40.0812 5676 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 22:11:40.0812 5676 GearAspiWDM - ok 22:11:40.0875 5676 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:11:40.0953 5676 Gpc - ok 22:11:41.0000 5676 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 22:11:41.0000 5676 HDAudBus - ok 22:11:41.0093 5676 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:11:41.0093 5676 HidUsb - ok 22:11:41.0140 5676 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 22:11:41.0203 5676 hpn - ok 22:11:41.0234 5676 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 22:11:41.0234 5676 HTTP - ok 22:11:41.0250 5676 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 22:11:41.0250 5676 i2omgmt - ok 22:11:41.0265 5676 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 22:11:41.0312 5676 i2omp - ok 22:11:41.0359 5676 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:11:41.0359 5676 i8042prt - ok 22:11:41.0406 5676 iastor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iastor.sys 22:11:41.0406 5676 iastor - ok 22:11:41.0468 5676 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:11:41.0468 5676 Imapi - ok 22:11:41.0484 5676 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 22:11:41.0484 5676 ini910u - ok 22:11:41.0515 5676 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 22:11:41.0562 5676 IntelIde - ok 22:11:41.0609 5676 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:11:41.0609 5676 intelppm - ok 22:11:41.0640 5676 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 22:11:41.0640 5676 Ip6Fw - ok 22:11:41.0656 5676 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:11:41.0656 5676 IpFilterDriver - ok 22:11:41.0703 5676 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:11:41.0703 5676 IpInIp - ok 22:11:41.0812 5676 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:11:41.0812 5676 IpNat - ok 22:11:41.0859 5676 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:11:41.0859 5676 IPSec - ok 22:11:41.0906 5676 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:11:41.0906 5676 IRENUM - ok 22:11:41.0921 5676 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:11:41.0921 5676 isapnp - ok 22:11:41.0937 5676 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:11:41.0937 5676 Kbdclass - ok 22:11:41.0953 5676 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 22:11:41.0953 5676 kbdhid - ok 22:11:41.0984 5676 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 22:11:41.0984 5676 kmixer - ok 22:11:42.0062 5676 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 22:11:42.0062 5676 KSecDD - ok 22:11:42.0234 5676 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys 22:11:42.0234 5676 Lavasoft Kernexplorer - ok 22:11:42.0468 5676 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys 22:11:42.0468 5676 Lbd - ok 22:11:42.0500 5676 lbrtfdc - ok 22:11:42.0562 5676 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys 22:11:42.0718 5676 MarvinBus - ok 22:11:42.0859 5676 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys 22:11:42.0859 5676 MBAMProtector - ok 22:11:42.0906 5676 MBAMSwissArmy - ok 22:11:43.0078 5676 mfeapfk (c373a719d704d12f5a4503f6f10239ff) C:\WINDOWS\system32\drivers\mfeapfk.sys 22:11:43.0078 5676 mfeapfk - ok 22:11:43.0125 5676 mfeavfk (851ad52871b62457152a8acaff0c632d) C:\WINDOWS\system32\drivers\mfeavfk.sys 22:11:43.0125 5676 mfeavfk - ok 22:11:43.0187 5676 mfeavfk01 - ok 22:11:43.0234 5676 mfebopk (5b9ffb027669a8ac30aac0b4996bc603) C:\WINDOWS\system32\drivers\mfebopk.sys 22:11:43.0234 5676 mfebopk - ok 22:11:43.0359 5676 mfefirek (2cabe72e53365834cb9969dde47bd690) C:\WINDOWS\system32\drivers\mfefirek.sys 22:11:43.0359 5676 mfefirek - ok 22:11:43.0453 5676 mfehidk (46db8f041e928bdc17b8daba249a2148) C:\WINDOWS\system32\drivers\mfehidk.sys 22:11:43.0453 5676 mfehidk - ok 22:11:43.0593 5676 mfendisk (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 22:11:43.0593 5676 mfendisk - ok 22:11:43.0609 5676 mfendiskmp (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 22:11:43.0609 5676 mfendiskmp - ok 22:11:43.0687 5676 mferkdet (316fd7c31cd57ca793fb10912aeeb2d2) C:\WINDOWS\system32\drivers\mferkdet.sys 22:11:43.0687 5676 mferkdet - ok 22:11:43.0843 5676 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 22:11:43.0843 5676 mferkdk - ok 22:11:44.0031 5676 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys 22:11:44.0031 5676 mfesmfk - ok 22:11:44.0140 5676 mfetdi2k (2026fe7c9e6b26ffeb08cd89c6326b91) C:\WINDOWS\system32\drivers\mfetdi2k.sys 22:11:44.0140 5676 mfetdi2k - ok 22:11:44.0218 5676 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 22:11:44.0218 5676 MHNDRV - ok 22:11:44.0296 5676 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:11:44.0296 5676 mnmdd - ok 22:11:44.0437 5676 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 22:11:44.0453 5676 Modem - ok 22:11:44.0531 5676 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:11:44.0531 5676 Mouclass - ok 22:11:44.0890 5676 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 22:11:44.0890 5676 mouhid - ok 22:11:45.0093 5676 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 22:11:45.0093 5676 MountMgr - ok 22:11:45.0453 5676 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 22:11:45.0453 5676 mraid35x - ok 22:11:45.0578 5676 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS 22:11:45.0578 5676 MREMP50 - ok 22:11:45.0656 5676 MREMP50a64 - ok 22:11:45.0656 5676 MREMPR5 - ok 22:11:45.0671 5676 MRENDIS5 - ok 22:11:45.0734 5676 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS 22:11:45.0734 5676 MRESP50 - ok 22:11:45.0734 5676 MRESP50a64 - ok 22:11:45.0890 5676 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:11:45.0890 5676 MRxDAV - ok 22:11:46.0234 5676 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:11:46.0250 5676 MRxSmb - ok 22:11:46.0609 5676 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 22:11:46.0609 5676 MSDV - ok 22:11:46.0843 5676 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 22:11:46.0843 5676 Msfs - ok 22:11:47.0171 5676 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:11:47.0171 5676 MSKSSRV - ok 22:11:47.0562 5676 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:11:47.0562 5676 MSPCLOCK - ok 22:11:47.0890 5676 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 22:11:47.0890 5676 MSPQM - ok 22:11:48.0156 5676 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:11:48.0171 5676 mssmbios - ok 22:11:48.0406 5676 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 22:11:48.0406 5676 MSTEE - ok 22:11:48.0796 5676 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 22:11:48.0796 5676 Mup - ok 22:11:49.0375 5676 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 22:11:49.0375 5676 NABTSFEC - ok 22:11:49.0765 5676 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys 22:11:49.0765 5676 NAL - ok 22:11:50.0390 5676 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 22:11:50.0390 5676 NDIS - ok 22:11:50.0703 5676 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 22:11:50.0703 5676 NdisIP - ok 22:11:51.0140 5676 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:11:51.0140 5676 NdisTapi - ok 22:11:51.0625 5676 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:11:51.0625 5676 Ndisuio - ok 22:11:51.0953 5676 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:11:51.0953 5676 NdisWan - ok 22:11:52.0281 5676 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 22:11:52.0281 5676 NDProxy - ok 22:11:52.0375 5676 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 22:11:52.0375 5676 NetBIOS - ok 22:11:52.0593 5676 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:11:52.0593 5676 NetBT - ok 22:11:53.0343 5676 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 22:11:53.0343 5676 NIC1394 - ok 22:11:53.0718 5676 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 22:11:53.0734 5676 Npfs - ok 22:11:54.0250 5676 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 22:11:54.0250 5676 Ntfs - ok 22:11:54.0562 5676 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:11:54.0562 5676 Null - ok 22:11:55.0875 5676 nv (5950e6cc9fb3fabb61604d395dbc8550) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 22:11:58.0687 5676 nv - ok 22:11:59.0296 5676 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:11:59.0343 5676 NwlnkFlt - ok 22:12:00.0234 5676 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:12:00.0265 5676 NwlnkFwd - ok 22:12:00.0437 5676 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 22:12:00.0437 5676 ohci1394 - ok 22:12:00.0515 5676 Packet (8f856dae19383bd69db444004d5d4f50) C:\WINDOWS\system32\DRIVERS\packet.sys 22:12:00.0531 5676 Packet - ok 22:12:00.0687 5676 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 22:12:00.0734 5676 Parport - ok 22:12:00.0875 5676 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 22:12:00.0875 5676 PartMgr - ok 22:12:00.0953 5676 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 22:12:00.0953 5676 ParVdm - ok 22:12:01.0093 5676 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 22:12:01.0109 5676 PCI - ok 22:12:01.0218 5676 PCIDump - ok 22:12:01.0468 5676 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 22:12:01.0468 5676 PCIIde - ok 22:12:01.0546 5676 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 22:12:01.0562 5676 Pcmcia - ok 22:12:01.0609 5676 PDCOMP - ok 22:12:01.0640 5676 PDFRAME - ok 22:12:01.0687 5676 PDRELI - ok 22:12:01.0734 5676 PDRFRAME - ok 22:12:01.0953 5676 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 22:12:01.0984 5676 perc2 - ok 22:12:02.0031 5676 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 22:12:02.0062 5676 perc2hib - ok 22:12:02.0125 5676 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\WINDOWS\system32\drivers\pfc.sys 22:12:02.0125 5676 pfc - ok 22:12:02.0171 5676 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:12:02.0171 5676 PptpMiniport - ok 22:12:02.0296 5676 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 22:12:02.0296 5676 PSched - ok 22:12:02.0375 5676 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:12:02.0375 5676 Ptilink - ok 22:12:02.0546 5676 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys 22:12:02.0546 5676 PxHelp20 - ok 22:12:02.0812 5676 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 22:12:02.0843 5676 ql1080 - ok 22:12:02.0906 5676 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 22:12:02.0921 5676 Ql10wnt - ok 22:12:03.0000 5676 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 22:12:03.0000 5676 ql12160 - ok 22:12:03.0140 5676 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 22:12:03.0156 5676 ql1240 - ok 22:12:03.0406 5676 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 22:12:03.0421 5676 ql1280 - ok 22:12:03.0609 5676 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:12:03.0625 5676 RasAcd - ok 22:12:03.0671 5676 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:12:03.0671 5676 Rasl2tp - ok 22:12:03.0703 5676 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:12:03.0703 5676 RasPppoe - ok 22:12:03.0734 5676 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:12:03.0734 5676 Raspti - ok 22:12:03.0781 5676 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:12:03.0781 5676 Rdbss - ok 22:12:04.0000 5676 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:12:04.0000 5676 RDPCDD - ok 22:12:04.0156 5676 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 22:12:04.0171 5676 rdpdr - ok 22:12:04.0218 5676 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 22:12:04.0218 5676 RDPWD - ok 22:12:04.0265 5676 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:12:04.0265 5676 redbook - ok 22:12:04.0406 5676 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 22:12:04.0406 5676 SASDIFSV - ok 22:12:04.0421 5676 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 22:12:04.0421 5676 SASKUTIL - ok 22:12:04.0484 5676 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:12:04.0500 5676 Secdrv - ok 22:12:04.0531 5676 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 22:12:04.0531 5676 serenum - ok 22:12:04.0562 5676 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 22:12:04.0562 5676 Serial - ok 22:12:04.0609 5676 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 22:12:04.0625 5676 Sfloppy - ok 22:12:04.0640 5676 Simbad - ok 22:12:04.0671 5676 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 22:12:04.0671 5676 sisagp - ok 22:12:04.0703 5676 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 22:12:04.0718 5676 SLIP - ok 22:12:04.0796 5676 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 22:12:04.0796 5676 Sparrow - ok 22:12:04.0812 5676 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 22:12:04.0812 5676 splitter - ok 22:12:04.0843 5676 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 22:12:04.0843 5676 sr - ok 22:12:04.0859 5676 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 22:12:04.0875 5676 Srv - ok 22:12:05.0031 5676 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys 22:12:05.0062 5676 STHDA - ok 22:12:05.0093 5676 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 22:12:05.0125 5676 streamip - ok 22:12:05.0140 5676 SunkFilt6 - ok 22:12:05.0187 5676 SunkFilt62 (38cc705ff41cc49daed796cfb419bea2) C:\WINDOWS\System32\Drivers\sunkfilt62.sys 22:12:05.0187 5676 SunkFilt62 - ok 22:12:05.0203 5676 Sunkfiltp - ok 22:12:05.0421 5676 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:12:05.0437 5676 swenum - ok 22:12:05.0546 5676 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 22:12:05.0546 5676 swmidi - ok 22:12:05.0750 5676 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 22:12:05.0765 5676 symc810 - ok 22:12:05.0890 5676 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 22:12:05.0890 5676 symc8xx - ok 22:12:05.0937 5676 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 22:12:05.0953 5676 sym_hi - ok 22:12:06.0046 5676 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 22:12:06.0046 5676 sym_u3 - ok 22:12:06.0109 5676 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 22:12:06.0109 5676 sysaudio - ok 22:12:06.0265 5676 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:12:06.0265 5676 Tcpip - ok 22:12:06.0328 5676 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:12:06.0328 5676 TDPIPE - ok 22:12:06.0453 5676 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 22:12:06.0453 5676 TDTCP - ok 22:12:06.0500 5676 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:12:06.0500 5676 TermDD - ok 22:12:06.0578 5676 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 22:12:06.0593 5676 TosIde - ok 22:12:06.0750 5676 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 22:12:06.0750 5676 Udfs - ok 22:12:06.0812 5676 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 22:12:06.0828 5676 ultra - ok 22:12:06.0937 5676 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 22:12:06.0968 5676 Update - ok 22:12:07.0046 5676 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 22:12:07.0046 5676 USBAAPL - ok 22:12:07.0109 5676 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 22:12:07.0125 5676 usbccgp - ok 22:12:07.0203 5676 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:12:07.0218 5676 usbehci - ok 22:12:07.0296 5676 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:12:07.0296 5676 usbhub - ok 22:12:07.0343 5676
  • Dat TDSSKiller-log is dus niet compleet! Doe nu eerst maar datgene wat ik in mijn vorige bericht hebt gepost! En nog even dit: jouw Windows heeft een enorme omvang, daarom zullen de logs ook groter uitvallen dan normaal het geval is! Dus is het zaak echt alles van die logs te kopiëren.
  • Hierbij het Combofix log. ComboFix 11-10-07.04 - Alexander 07-10-2011 23:53:22.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1022.424 [GMT 2:00] Gestart vanuit: c:\documents and settings\Alexander\Bureaublad\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} AV: McAfeeAntivirus en antispyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfeeFirewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Alexander\Application Data\inst.exe c:\documents and settings\Alexander\Application Data\vso_ts_preview.xml c:\documents and settings\Alexander\Menu Start\Programma's\Data Restore c:\documents and settings\Alexander\Menu Start\Programma's\Data Restore\Data Restore.lnk c:\documents and settings\Alexander\Menu Start\Programma's\Data Restore\Uninstall Data Restore.lnk c:\documents and settings\Alexander\WINDOWS c:\program files\google\common\google updater\googleupdaterservice.exe c:\windows\IsUn0413.exe c:\windows\kb913800.exe c:\windows\system32\comct332.ocx c:\windows\system32\d3d9caps.dat c:\windows\system32\logs . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-07 to 2011-10-07 )))))))))))))))))))))))))))))) . . 2011-10-07 22:28 . 2011-10-07 22:28 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{9F4319D4-9CA3-491C-834F-1D06DA1203F9}\offreg.dll 2011-10-05 21:31 . 2011-10-05 21:31 -------- d-----w- C:\TDSSKiller_Quarantine 2011-10-05 21:01 . 2011-08-18 13:25 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-10-04 09:51 . 2011-10-07 20:08 -------- d--h--r- c:\documents and settings\Alexander\Onlangs geopend 2011-10-03 22:08 . 2011-10-03 22:08 -------- d-----w- c:\documents and settings\Alexander\Application Data\SUPERAntiSpyware.com 2011-10-03 21:40 . 2011-10-03 22:08 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-10-03 21:40 . 2011-10-03 21:40 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-10-03 17:35 . 2011-10-03 17:35 -------- d-----w- c:\documents and settings\Alexander\Application Data\Malwarebytes 2011-10-03 17:35 . 2011-10-03 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-10-03 17:35 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-03 17:35 . 2011-10-04 16:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-03 17:29 . 2011-10-03 17:29 388096 ----a-r- c:\documents and settings\Alexander\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-03 17:29 . 2011-10-03 17:29 -------- d-----w- c:\program files\Trend Micro 2011-10-01 19:59 . 2011-10-05 21:01 -------- d--h--w- c:\documents and settings\All Users\Bureaublad 2011-09-28 05:12 . 2011-09-12 23:14 7269712 ---ha-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{9F4319D4-9CA3-491C-834F-1D06DA1203F9}\mpengine.dll 2011-09-15 06:37 . 2011-08-19 13:56 28504 ---ha-w- c:\program files\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-07 22:33 . 2011-10-07 22:33 1188692 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-09-27 05:01 . 2005-09-02 02:05 26112 ---ha-w- c:\windows\system32\userinit.exe 2011-09-25 08:28 . 2011-05-17 04:50 404640 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-12 23:14 . 2007-02-28 18:47 7269712 ---ha-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2011-09-09 09:12 . 2005-09-02 02:04 602624 ---ha-w- c:\windows\system32\crypt32.dll 2011-08-15 08:00 . 2010-04-20 05:03 9344 ---ha-w- c:\windows\system32\drivers\mfeclnk.sys 2011-08-15 08:00 . 2010-04-20 05:02 89624 ---ha-w- c:\windows\system32\drivers\mfetdi2k.sys 2011-08-15 08:00 . 2010-04-20 05:02 83688 ---ha-w- c:\windows\system32\drivers\mfendisk.sys 2011-08-15 08:00 . 2010-04-20 05:02 87808 ---ha-w- c:\windows\system32\drivers\mferkdet.sys 2011-08-15 08:00 . 2010-04-20 05:02 338040 ---ha-w- c:\windows\system32\drivers\mfefirek.sys 2011-08-15 08:00 . 2010-04-20 05:02 57432 ---ha-w- c:\windows\system32\drivers\cfwids.sys 2011-08-15 08:00 . 2010-04-20 05:02 180072 ---ha-w- c:\windows\system32\drivers\mfeavfk.sys 2011-08-15 08:00 . 2010-04-20 05:02 119808 ---ha-w- c:\windows\system32\drivers\mfeapfk.sys 2011-08-15 08:00 . 2009-11-04 15:54 461864 ---ha-w- c:\windows\system32\drivers\mfehidk.sys 2011-08-15 08:00 . 2007-03-01 18:48 59288 ---ha-w- c:\windows\system32\drivers\mfebopk.sys 2011-07-15 13:29 . 2007-01-04 22:31 456320 ---ha-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-12 09:20 . 2011-07-12 09:20 83816 ---ha-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ---ha-w- c:\windows\system32\dnssd.dll 2009-04-17 19:15 . 2009-04-17 19:16 2180096 ---ha-w- c:\program files\Multimedia Card Reader.msi 2009-09-12 22:05 . 2009-09-12 22:05 124240 ---ha-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll 2009-09-12 22:06 . 2009-09-12 22:06 13136 ---ha-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2009-09-12 22:06 . 2009-09-12 22:06 70488 ---ha-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2009-09-12 22:06 . 2009-09-12 22:06 91480 ---ha-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2009-09-12 22:06 . 2009-09-12 22:06 22360 ---ha-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll 2009-09-12 22:07 . 2009-09-12 22:07 255312 ---ha-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2009-09-12 22:06 . 2009-09-12 22:06 31064 ---ha-w- c:\program files\mozilla firefox\plugins\icafile.dll 2009-09-12 22:06 . 2009-09-12 22:06 40280 ---ha-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2009-08-14 12:33 . 2009-08-14 12:33 652640 ---ha-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2009-09-12 22:06 . 2009-09-12 22:06 23896 ---ha-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll 2011-02-07 19:59 . 2011-02-07 19:59 119808 ---ha-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2011-04-14 12:01 . 2010-04-20 05:03 24376 ---ha-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Packard Bell Software Suite"="c:\program files\Packard Bell\Software Suite\PBSoftSuite.exe" [2009-04-10 2901024] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 68856] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 59392] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008] "SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-12 103768] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-09 1317016] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-02-07 30192] "Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-02-06 478800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^Alexander^Menu Start^Programma's^Opstarten^Mediacontrole Picture Motion Browser.lnk] path=c:\documents and settings\Alexander\Menu Start\Programma's\Opstarten\Mediacontrole Picture Motion Browser.lnk backup=c:\windows\pss\Mediacontrole Picture Motion Browser.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Gamma Loader.exe.lnk backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Dell Network Assistant.lnk] backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup backupExtension=Common Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UniblueSpeedUpMyPC . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-03-09 09:09 63712 ---ha-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 21:16 39792 ---ha-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-09-18 15:34 205976 ---ha-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] 2006-08-28 21:57 395776 ---ha-w- c:\program files\Dell Support\DSAgnt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter] 2009-05-21 08:55 206064 ---ha-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 18:56 1230704 ---ha-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] 2007-11-15 08:24 16384 ---ha-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaCie Backup] 2006-01-24 08:55 2633728 ---ha-w- c:\program files\LaCie\Backup Software\LacieBackup.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnlineAssistent_McciTrayApp] 2007-11-29 08:28 1454080 ---ha-w- c:\program files\OnlineAssistent\OnlineAssistent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-02-21 01:18 366400 ---ha-w- c:\program files\Picasa2\PicasaMediaDetector.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-12-04 11:34 406016 ---ha-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ---ha-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k] 2004-09-03 15:16 139264 ---ha-w- c:\program files\Multimedia Card Reader\shwicon2k.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-07-16 19:47 68856 ---ha-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26447:TCP"= 26447:TCP:limewire . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5-10-2011 23:01 64512] R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [8-9-2009 19:13 65584] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [20-4-2010 7:02 89624] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12-7-2011 23:55 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12-8-2011 1:38 116608] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18-8-2011 15:25 2151640] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3-10-2011 19:35 366152] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [8-1-2010 8:25 203280] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [20-4-2010 7:02 214904] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [20-4-2010 7:02 214904] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [20-4-2010 7:03 160344] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [20-4-2010 7:02 148520] R2 PowerSave;PowerSave Service;c:\program files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe [6-4-2009 11:35 1002016] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [20-4-2010 7:02 57432] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3-10-2011 19:35 22216] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [20-4-2010 7:02 338040] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [20-4-2010 7:02 83688] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 13:16 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30-1-2010 19:05 135664] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [24-11-2010 22:34 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [24-11-2010 22:34 8456] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [7-2-2011 21:58 30192] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [30-1-2010 19:05 135664] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18-8-2011 15:25 15232] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [20-4-2010 7:02 83688] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [20-4-2010 7:02 87808] S3 SunkFilt6;Alcor Micro Corp - 6360;\??\c:\windows\System32\Drivers\sunkfilt6.sys --> c:\windows\System32\Drivers\sunkfilt6.sys [?] S3 SunkFilt62;Alcor Micro Corp - 6362;c:\windows\system32\drivers\sunkfilt62.sys [23-7-2004 14:55 46536] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [20-1-2007 14:19 223128] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 . Inhoud van de 'Gedeelde Taken' map . 2011-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2011-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:05] . 2011-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:05] . 2011-10-07 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html Trusted Zone: offlineregistration Trusted Zone: sms.cz.nl DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - ProfilePath - c:\documents and settings\Alexander\Application Data\Mozilla\Firefox\Profiles\7x9dw63d.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.vinden.nl/ FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} . - - - - ORPHANS VERWIJDERD - - - - . BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll HKCU-Run-CkMsLJkFgtF.exe - c:\documents and settings\All Users\Application Data\CkMsLJkFgtF.exe SafeBoot-92782341.sys MSConfigStartUp-CkMsLJkFgtF - c:\documents and settings\All Users\Application Data\CkMsLJkFgtF.exe AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0413.EXE AddRemove-Disney's Magic Artist 2 - c:\windows\IsUn0413.exe AddRemove-Mijn Baby en ik - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-10-08 00:30 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–¤|ÿÿÿÿ¤•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1088) c:\program files\SUPERAntiSpyware\SASWINLO.DLL . - - - - - - - > 'explorer.exe'(448) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Windows Defender\MsMpEng.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Dell Network Assistant\hnm_svc.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Motive\McciCMService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PSIService.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\SearchIndexer.exe c:\windows\ehome\mcrdsvc.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\stsystra.exe c:\windows\eHome\ehmsas.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe c:\program files\Citrix\ICA Client\wfcrun32.exe c:\windows\system32\SearchProtocolHost.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\dllhost.exe c:\program files\Packard Bell\Software Suite\pbDevDetect.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************** . Voltooingstijd: 2011-10-08 01:39:58 - machine werd herstart ComboFix-quarantined-files.txt 2011-10-07 23:39 . Pre-Run: 52.003.012.608 bytes beschikbaar Post-Run: 63.725.228.032 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect . Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 89C6156D7C945371BC2D429E6164E6DA
  • Hoi, verwijder geheel Lavasoft AdAware. Die software zit jouw andere geïnstalleerde antivirus dwars, met als gevolg dat het beveiligingsniveau minder is dan wat jij ervan verwacht!
  • AdAware is verwijderd. Ik kreeg wel heel veel nieuwe registerwijzigingen, maar ik kan inmiddels weer bij mijn mappen en programma´s. Hoe nu verder?
  • Doe de ComboFix scan nogmaals. Het kan na opstarten van ComboFix gebeuren dat er een melding komt: - of ComboFix wil geupdated worden; - of ComboFix wil opnieuw gedownload worden. Krijg je dus zo'n melding, dan dit ook uitvoeren. Post wederom de inhoud van het log in je volgende bericht.
  • Hierbij het nieuwe Combofic log ComboFix 11-10-08.01 - Alexander 08-10-2011 13:04:50.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1022.429 [GMT 2:00] Gestart vanuit: c:\documents and settings\Alexander\Bureaublad\ComboFix.exe AV: McAfeeAntivirus en antispyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfeeFirewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-08 to 2011-10-08 )))))))))))))))))))))))))))))) . . 2011-10-08 10:41 . 2011-10-08 10:41 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{FDF6EE11-25FD-4635-9291-AC3FF52B1F62}\offreg.dll 2011-10-08 07:28 . 2011-10-08 07:28 -------- d--h--r- c:\documents and settings\Alexander\Onlangs geopend 2011-10-08 06:27 . 2011-09-12 23:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{FDF6EE11-25FD-4635-9291-AC3FF52B1F62}\mpengine.dll 2011-10-07 22:33 . 2011-10-07 22:33 1188692 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-10-05 21:31 . 2011-10-05 21:31 -------- d-----w- C:\TDSSKiller_Quarantine 2011-10-03 22:08 . 2011-10-03 22:08 -------- d-----w- c:\documents and settings\Alexander\Application Data\SUPERAntiSpyware.com 2011-10-03 21:40 . 2011-10-03 22:08 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-10-03 21:40 . 2011-10-03 21:40 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-10-03 17:35 . 2011-10-03 17:35 -------- d-----w- c:\documents and settings\Alexander\Application Data\Malwarebytes 2011-10-03 17:35 . 2011-10-03 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-10-03 17:35 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-03 17:35 . 2011-10-04 16:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-03 17:29 . 2011-10-03 17:29 388096 ----a-r- c:\documents and settings\Alexander\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-03 17:29 . 2011-10-03 17:29 -------- d-----w- c:\program files\Trend Micro 2011-10-01 19:59 . 2011-10-08 09:31 -------- d-----w- c:\documents and settings\All Users\Bureaublad 2011-09-19 07:00 . 2011-09-19 07:00 -------- d-----w- c:\windows\system32\AAB4~1 2011-09-15 06:37 . 2011-08-19 13:56 28504 ----a-w- c:\program files\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-27 05:01 . 2005-09-02 02:05 26112 ----a-w- c:\windows\system32\userinit.exe 2011-09-25 08:28 . 2011-05-17 04:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-12 23:14 . 2007-02-28 18:47 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2011-09-09 09:12 . 2005-09-02 02:04 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-08-15 08:00 . 2010-04-20 05:03 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2011-08-15 08:00 . 2010-04-20 05:02 89624 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2011-08-15 08:00 . 2010-04-20 05:02 83688 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2011-08-15 08:00 . 2010-04-20 05:02 87808 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2011-08-15 08:00 . 2010-04-20 05:02 338040 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2011-08-15 08:00 . 2010-04-20 05:02 57432 ----a-w- c:\windows\system32\drivers\cfwids.sys 2011-08-15 08:00 . 2010-04-20 05:02 180072 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2011-08-15 08:00 . 2010-04-20 05:02 119808 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2011-08-15 08:00 . 2009-11-04 15:54 461864 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2011-08-15 08:00 . 2007-03-01 18:48 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2011-07-15 13:29 . 2007-01-04 22:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2009-04-17 19:15 . 2009-04-17 19:16 2180096 ----a-w- c:\program files\Multimedia Card Reader.msi 2009-09-12 22:05 . 2009-09-12 22:05 124240 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll 2009-09-12 22:06 . 2009-09-12 22:06 13136 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2009-09-12 22:06 . 2009-09-12 22:06 70488 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2009-09-12 22:06 . 2009-09-12 22:06 91480 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2009-09-12 22:06 . 2009-09-12 22:06 22360 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll 2009-09-12 22:07 . 2009-09-12 22:07 255312 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2009-09-12 22:06 . 2009-09-12 22:06 31064 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll 2009-09-12 22:06 . 2009-09-12 22:06 40280 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2009-08-14 12:33 . 2009-08-14 12:33 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2009-09-12 22:06 . 2009-09-12 22:06 23896 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll 2011-02-07 19:59 . 2011-02-07 19:59 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2011-04-14 12:01 . 2010-04-20 05:03 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll 2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Packard Bell Software Suite"="c:\program files\Packard Bell\Software Suite\PBSoftSuite.exe" [2009-04-10 2901024] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 68856] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 59392] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008] "SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-12 103768] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-09 1317016] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-02-07 30192] "Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-02-06 478800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^Alexander^Menu Start^Programma's^Opstarten^Mediacontrole Picture Motion Browser.lnk] path=c:\documents and settings\Alexander\Menu Start\Programma's\Opstarten\Mediacontrole Picture Motion Browser.lnk backup=c:\windows\pss\Mediacontrole Picture Motion Browser.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Gamma Loader.exe.lnk backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Dell Network Assistant.lnk] backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup backupExtension=Common Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-03-09 09:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-09-18 15:34 205976 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] 2006-08-28 21:57 395776 ----a-w- c:\program files\Dell Support\DSAgnt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter] 2009-05-21 08:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] 2007-11-15 08:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaCie Backup] 2006-01-24 08:55 2633728 ----a-w- c:\program files\LaCie\Backup Software\LacieBackup.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnlineAssistent_McciTrayApp] 2007-11-29 08:28 1454080 ----a-w- c:\program files\OnlineAssistent\OnlineAssistent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-02-21 01:18 366400 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-12-04 11:34 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k] 2004-09-03 15:16 139264 ----a-w- c:\program files\Multimedia Card Reader\shwicon2k.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-07-16 19:47 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26447:TCP"= 26447:TCP:limewire . R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [8-9-2009 19:13 65584] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [20-4-2010 7:02 89624] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12-7-2011 23:55 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12-8-2011 1:38 116608] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3-10-2011 19:35 366152] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [8-1-2010 8:25 203280] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [20-4-2010 7:02 214904] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [20-4-2010 7:02 214904] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [20-4-2010 7:03 160344] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [20-4-2010 7:02 148520] R2 PowerSave;PowerSave Service;c:\program files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe [6-4-2009 11:35 1002016] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 19:19 13592] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [20-4-2010 7:02 57432] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3-10-2011 19:35 22216] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [20-4-2010 7:02 338040] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [20-4-2010 7:02 83688] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 13:16 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30-1-2010 19:05 135664] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [24-11-2010 22:34 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [24-11-2010 22:34 8456] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [7-2-2011 21:58 30192] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [30-1-2010 19:05 135664] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [20-4-2010 7:02 83688] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [20-4-2010 7:02 87808] S3 SunkFilt6;Alcor Micro Corp - 6360;\??\c:\windows\System32\Drivers\sunkfilt6.sys --> c:\windows\System32\Drivers\sunkfilt6.sys [?] S3 SunkFilt62;Alcor Micro Corp - 6362;c:\windows\system32\drivers\sunkfilt62.sys [23-7-2004 14:55 46536] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [20-1-2007 14:19 223128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 13:16 753504] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 . Inhoud van de 'Gedeelde Taken' map . 2011-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2011-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:05] . 2011-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:05] . 2011-10-08 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html Trusted Zone: offlineregistration Trusted Zone: sms.cz.nl DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - ProfilePath - c:\documents and settings\Alexander\Application Data\Mozilla\Firefox\Profiles\7x9dw63d.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.vinden.nl/ FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} . - - - - ORPHANS VERWIJDERD - - - - . BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-10-08 13:27 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–¤|ÿÿÿÿ¤•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1088) c:\program files\SUPERAntiSpyware\SASWINLO.DLL . - - - - - - - > 'explorer.exe'(2128) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2011-10-08 13:31:48 ComboFix-quarantined-files.txt 2011-10-08 11:31 ComboFix2.txt 2011-10-07 23:40 . Pre-Run: 68.585.988.096 bytes beschikbaar Post-Run: 68.576.542.720 bytes beschikbaar . Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - A8281CD22B51C4A911D87B7B8EBA76F9
  • Hoi, ik kwan een melding tegen, vermoedelijk dat daardoor ook TDSSKiller en aswMBR niet goed funktioneerden! [b:11c8e50a73]Deaktiveer [color=blue:11c8e50a73]TeaTimer en SDHelper[/color:11c8e50a73] van Spybot tijdens de fix want deze onderdelen kunnen veranderingen ongedaan maken[/b:11c8e50a73]. [list:11c8e50a73][*:11c8e50a73] Start Spybot S&D [*:11c8e50a73] Ga naar het Mode menu en selecteer "Advanced Mode" [*:11c8e50a73] In de linker kolom kies [b:11c8e50a73]"Tools"[/b:11c8e50a73] (of gereedschap ) en klik op > [b:11c8e50a73]Resident[/b:11c8e50a73] [*:11c8e50a73] Uitvinken [color=blue:11c8e50a73]"Resident TeaTimer en SDHelper[/color:11c8e50a73]" en sluit Spybot S&D. [*:11c8e50a73] [b:11c8e50a73]Start de computer hierna opnieuw op[/b:11c8e50a73].[/list:u:11c8e50a73] Daarna ga je verder met onderstaande: open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:11c8e50a73]Kladblok[/b:11c8e50a73]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:11c8e50a73][color=Blue:11c8e50a73]KILLALL:: Registry:: [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="" [/color:11c8e50a73][/b:11c8e50a73] Sla dit kladblokbestand op je bureaublad op als [b:11c8e50a73]CFScript.txt[/b:11c8e50a73]. [b:11c8e50a73][color=Red:11c8e50a73]Nu eerst de antivirus deaktiveren![/color:11c8e50a73][/b:11c8e50a73] Sleep CFScript.txt in ComboFix.exe [img:11c8e50a73]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:11c8e50a73] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix-log dat na het opnieuw starten wordt getoond
  • Wederom het log ComboFix 11-10-08.01 - Alexander 08-10-2011 17:36:10.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1022.347 [GMT 2:00] Gestart vanuit: c:\documents and settings\Alexander\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Alexander\Bureaublad\CFScript.txt AV: McAfeeAntivirus en antispyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfeeFirewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-08 to 2011-10-08 )))))))))))))))))))))))))))))) . . 2011-10-08 15:54 . 2011-10-08 15:54 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{FDF6EE11-25FD-4635-9291-AC3FF52B1F62}\offreg.dll 2011-10-08 07:28 . 2011-10-08 15:29 -------- d--h--r- c:\documents and settings\Alexander\Onlangs geopend 2011-10-08 06:27 . 2011-09-12 23:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{FDF6EE11-25FD-4635-9291-AC3FF52B1F62}\mpengine.dll 2011-10-07 22:33 . 2011-10-07 22:33 1188692 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-10-05 21:31 . 2011-10-05 21:31 -------- d-----w- C:\TDSSKiller_Quarantine 2011-10-03 22:08 . 2011-10-03 22:08 -------- d-----w- c:\documents and settings\Alexander\Application Data\SUPERAntiSpyware.com 2011-10-03 21:40 . 2011-10-03 22:08 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-10-03 21:40 . 2011-10-03 21:40 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-10-03 17:35 . 2011-10-03 17:35 -------- d-----w- c:\documents and settings\Alexander\Application Data\Malwarebytes 2011-10-03 17:35 . 2011-10-03 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-10-03 17:35 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-03 17:35 . 2011-10-04 16:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-03 17:29 . 2011-10-03 17:29 388096 ----a-r- c:\documents and settings\Alexander\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-03 17:29 . 2011-10-03 17:29 -------- d-----w- c:\program files\Trend Micro 2011-10-01 19:59 . 2011-10-08 09:31 -------- d-----w- c:\documents and settings\All Users\Bureaublad 2011-09-19 07:00 . 2011-09-19 07:00 -------- d-----w- c:\windows\system32\AAB4~1 2011-09-15 06:37 . 2011-08-19 13:56 28504 ----a-w- c:\program files\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-27 05:01 . 2005-09-02 02:05 26112 ----a-w- c:\windows\system32\userinit.exe 2011-09-25 08:28 . 2011-05-17 04:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-12 23:14 . 2007-02-28 18:47 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2011-09-09 09:12 . 2005-09-02 02:04 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-08-15 08:00 . 2010-04-20 05:03 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2011-08-15 08:00 . 2010-04-20 05:02 89624 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2011-08-15 08:00 . 2010-04-20 05:02 83688 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2011-08-15 08:00 . 2010-04-20 05:02 87808 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2011-08-15 08:00 . 2010-04-20 05:02 338040 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2011-08-15 08:00 . 2010-04-20 05:02 57432 ----a-w- c:\windows\system32\drivers\cfwids.sys 2011-08-15 08:00 . 2010-04-20 05:02 180072 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2011-08-15 08:00 . 2010-04-20 05:02 119808 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2011-08-15 08:00 . 2009-11-04 15:54 461864 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2011-08-15 08:00 . 2007-03-01 18:48 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2011-07-15 13:29 . 2007-01-04 22:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2009-04-17 19:15 . 2009-04-17 19:16 2180096 ----a-w- c:\program files\Multimedia Card Reader.msi 2009-09-12 22:05 . 2009-09-12 22:05 124240 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll 2009-09-12 22:06 . 2009-09-12 22:06 13136 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2009-09-12 22:06 . 2009-09-12 22:06 70488 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2009-09-12 22:06 . 2009-09-12 22:06 91480 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2009-09-12 22:06 . 2009-09-12 22:06 22360 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll 2009-09-12 22:07 . 2009-09-12 22:07 255312 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2009-09-12 22:06 . 2009-09-12 22:06 31064 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll 2009-09-12 22:06 . 2009-09-12 22:06 40280 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2009-08-14 12:33 . 2009-08-14 12:33 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2009-09-12 22:06 . 2009-09-12 22:06 23896 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll 2011-02-07 19:59 . 2011-02-07 19:59 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2011-04-14 12:01 . 2010-04-20 05:03 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Packard Bell Software Suite"="c:\program files\Packard Bell\Software Suite\PBSoftSuite.exe" [2009-04-10 2901024] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 68856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 59392] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008] "SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-12 103768] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-09 1317016] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-02-07 30192] "Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-02-06 478800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^Alexander^Menu Start^Programma's^Opstarten^Mediacontrole Picture Motion Browser.lnk] path=c:\documents and settings\Alexander\Menu Start\Programma's\Opstarten\Mediacontrole Picture Motion Browser.lnk backup=c:\windows\pss\Mediacontrole Picture Motion Browser.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Gamma Loader.exe.lnk backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Dell Network Assistant.lnk] backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup backupExtension=Common Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-03-09 09:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-09-18 15:34 205976 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] 2006-08-28 21:57 395776 ----a-w- c:\program files\Dell Support\DSAgnt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter] 2009-05-21 08:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] 2007-11-15 08:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaCie Backup] 2006-01-24 08:55 2633728 ----a-w- c:\program files\LaCie\Backup Software\LacieBackup.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnlineAssistent_McciTrayApp] 2007-11-29 08:28 1454080 ----a-w- c:\program files\OnlineAssistent\OnlineAssistent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-02-21 01:18 366400 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-12-04 11:34 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k] 2004-09-03 15:16 139264 ----a-w- c:\program files\Multimedia Card Reader\shwicon2k.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-07-16 19:47 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26447:TCP"= 26447:TCP:limewire . R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [8-9-2009 19:13 65584] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [20-4-2010 7:02 89624] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12-7-2011 23:55 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12-8-2011 1:38 116608] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3-10-2011 19:35 366152] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [8-1-2010 8:25 203280] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [20-4-2010 7:02 214904] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [20-4-2010 7:02 214904] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [20-4-2010 7:03 160344] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [20-4-2010 7:02 148520] R2 PowerSave;PowerSave Service;c:\program files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe [6-4-2009 11:35 1002016] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 19:19 13592] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [20-4-2010 7:02 57432] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3-10-2011 19:35 22216] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [20-4-2010 7:02 338040] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [20-4-2010 7:02 83688] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 13:16 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30-1-2010 19:05 135664] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [24-11-2010 22:34 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [24-11-2010 22:34 8456] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [7-2-2011 21:58 30192] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [30-1-2010 19:05 135664] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [20-4-2010 7:02 83688] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [20-4-2010 7:02 87808] S3 SunkFilt6;Alcor Micro Corp - 6360;\??\c:\windows\System32\Drivers\sunkfilt6.sys --> c:\windows\System32\Drivers\sunkfilt6.sys [?] S3 SunkFilt62;Alcor Micro Corp - 6362;c:\windows\system32\drivers\sunkfilt62.sys [23-7-2004 14:55 46536] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [20-1-2007 14:19 223128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 13:16 753504] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 . Inhoud van de 'Gedeelde Taken' map . 2011-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2011-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:05] . 2011-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 17:05] . 2011-10-08 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html Trusted Zone: offlineregistration Trusted Zone: sms.cz.nl DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - ProfilePath - c:\documents and settings\Alexander\Application Data\Mozilla\Firefox\Profiles\7x9dw63d.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.vinden.nl/ FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} . - - - - ORPHANS VERWIJDERD - - - - . BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-10-08 17:55 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–¤|ÿÿÿÿ¤•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1084) c:\program files\SUPERAntiSpyware\SASWINLO.DLL . - - - - - - - > 'explorer.exe'(360) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Dell Network Assistant\hnm_svc.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Motive\McciCMService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PSIService.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\ehome\mcrdsvc.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\dllhost.exe c:\windows\stsystra.exe c:\windows\eHome\ehmsas.exe c:\program files\Citrix\ICA Client\wfcrun32.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Packard Bell\Software Suite\pbDevDetect.exe . ************************************************************************** . Voltooingstijd: 2011-10-08 18:06:53 - machine werd herstart ComboFix-quarantined-files.txt 2011-10-08 16:06 ComboFix2.txt 2011-10-08 11:31 ComboFix3.txt 2011-10-07 23:40 . Pre-Run: 68.588.765.184 bytes beschikbaar Post-Run: 68.576.714.752 bytes beschikbaar . - - End Of File - - 7FD56F1A3EC14599A1DD3567B443E927
  • Nu AdAware verwijderd is, hoe draait jouw Windows inmiddels?
  • De PC draait rustig en heeft geen geheugen tekort meer. Ik ervaar geen beperkingen meer met toegang tot onderdelen van de PC. Volgens mij ben ik geen bestanden kwijt, maar veel systeemmappen zijn leeg. De bijbehorende programma´s lijken nog wel op de PC aanwezig. Zo is de map Mozilla Firefox leeg, maar als ik bij Start, Uitvoeren, Firefox ingeef dan start dit wel op. Ander lastig aspect is dat de leestekens nog steeds op andere plaatsen onder het toetsenbord zitten dan de toetsen aangeven. Zou ik systeemherstel kunnen uitvoeren, naar een datum een aantal dagen voordat het probleem begon?
  • De rust in jouw Windows zal deels terug te voeren zijn op het gegeven dat er geen conflict meer is tussen beide antivirusprogramma's van McAfee en AdAware! Nu over je mappen. Ik wil graag dat je nu TDSSKiller en aswMBR alsnog weer gaat uitvoeren. Download de tools ook opnieuw. En post de logs ervan.
  • Het TDSSKiller log. Ga nu aswMBR opnieuw instaleren 09:47:24.0343 5312 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24 09:47:25.0031 5312 ============================================================ 09:47:25.0031 5312 Current date / time: 2011/10/09 09:47:25.0031 09:47:25.0031 5312 SystemInfo: 09:47:25.0031 5312 09:47:25.0031 5312 OS Version: 5.1.2600 ServicePack: 3.0 09:47:25.0031 5312 Product type: Workstation 09:47:25.0031 5312 ComputerName: VOORKAMER 09:47:25.0031 5312 UserName: Alexander 09:47:25.0031 5312 Windows directory: C:\WINDOWS 09:47:25.0031 5312 System windows directory: C:\WINDOWS 09:47:25.0031 5312 Processor architecture: Intel x86 09:47:25.0031 5312 Number of processors: 2 09:47:25.0031 5312 Page size: 0x1000 09:47:25.0031 5312 Boot type: Normal boot 09:47:25.0031 5312 ============================================================ 09:47:28.0921 5312 Initialize success 09:47:35.0375 5740 ============================================================ 09:47:35.0375 5740 Scan started 09:47:35.0375 5740 Mode: Manual; 09:47:35.0375 5740 ============================================================ 09:48:14.0421 4728 ============================================================ 09:48:14.0421 4728 Scan started 09:48:14.0421 4728 Mode: Manual; SigCheck; TDLFS; 09:48:14.0421 4728 ============================================================ 09:48:30.0250 4728 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 09:50:09.0109 4728 61883 - ok 09:50:09.0531 4728 Abiosdsk - ok 09:50:10.0250 4728 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 09:50:10.0796 4728 abp480n5 - ok 09:50:11.0250 4728 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 09:50:11.0953 4728 ACPI - ok 09:50:12.0703 4728 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 09:50:13.0343 4728 ACPIEC - ok 09:50:14.0000 4728 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 09:50:14.0375 4728 adpu160m - ok 09:50:15.0015 4728 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 09:50:15.0640 4728 aec - ok 09:50:16.0421 4728 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 09:50:16.0859 4728 AFD - ok 09:50:17.0453 4728 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 09:50:17.0875 4728 agp440 - ok 09:50:18.0937 4728 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 09:50:19.0203 4728 agpCPQ - ok 09:50:20.0093 4728 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 09:50:20.0265 4728 Aha154x - ok 09:50:21.0015 4728 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 09:50:21.0359 4728 aic78u2 - ok 09:50:22.0000 4728 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 09:50:22.0265 4728 aic78xx - ok 09:50:22.0953 4728 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 09:50:23.0171 4728 AliIde - ok 09:50:23.0687 4728 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 09:50:23.0937 4728 alim1541 - ok 09:50:24.0671 4728 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 09:50:25.0625 4728 amdagp - ok 09:50:26.0265 4728 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 09:50:27.0015 4728 amsint - ok 09:50:28.0031 4728 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 09:50:28.0312 4728 Arp1394 - ok 09:50:29.0187 4728 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys 09:50:29.0828 4728 ASAPIW2k ( UnsignedFile.Multi.Generic ) - warning 09:50:29.0828 4728 ASAPIW2k - detected UnsignedFile.Multi.Generic (1) 09:50:30.0578 4728 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 09:50:30.0843 4728 asc - ok 09:50:31.0578 4728 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 09:50:31.0781 4728 asc3350p - ok 09:50:32.0453 4728 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 09:50:32.0656 4728 asc3550 - ok 09:50:33.0578 4728 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 09:50:33.0765 4728 AsyncMac - ok 09:50:34.0671 4728 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 09:50:34.0984 4728 atapi - ok 09:50:35.0437 4728 Atdisk - ok 09:50:36.0125 4728 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 09:50:36.0781 4728 Atmarpc - ok 09:50:37.0531 4728 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 09:50:37.0781 4728 audstub - ok 09:50:38.0640 4728 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 09:50:38.0875 4728 Avc - ok 09:50:39.0890 4728 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 09:50:40.0140 4728 Beep - ok 09:50:40.0140 4728 catchme - ok 09:50:41.0015 4728 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 09:50:41.0328 4728 cbidf - ok 09:50:42.0625 4728 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 09:50:42.0750 4728 cbidf2k - ok 09:50:43.0671 4728 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 09:50:43.0890 4728 CCDECODE - ok 09:50:44.0703 4728 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 09:50:45.0312 4728 cd20xrnt - ok 09:50:45.0734 4728 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 09:50:45.0953 4728 Cdaudio - ok 09:50:46.0906 4728 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 09:50:47.0359 4728 Cdfs - ok 09:50:48.0531 4728 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 09:50:48.0875 4728 Cdrom - ok 09:50:49.0562 4728 cfwids (142e4e00ad91600a2d20692ed52fafc8) C:\WINDOWS\system32\drivers\cfwids.sys 09:50:51.0546 4728 cfwids - ok 09:50:51.0921 4728 Changer - ok 09:50:52.0531 4728 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 09:50:52.0859 4728 CmdIde - ok 09:50:53.0187 4728 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 09:50:53.0421 4728 Cpqarray - ok 09:50:53.0984 4728 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys 09:50:54.0093 4728 ctxusbm - ok 09:50:54.0437 4728 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 09:50:54.0687 4728 dac2w2k - ok 09:50:55.0109 4728 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 09:50:55.0312 4728 dac960nt - ok 09:50:55.0750 4728 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 09:50:56.0000 4728 Disk - ok 09:50:56.0421 4728 DLABOIOM (a14524d3f130a57163e0b3e057fc85d5) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 09:50:56.0562 4728 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning 09:50:56.0562 4728 DLABOIOM - detected UnsignedFile.Multi.Generic (1) 09:50:57.0250 4728 DLACDBHM (7581407a6a3c56860ae31e6e423fe824) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 09:50:57.0390 4728 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning 09:50:57.0390 4728 DLACDBHM - detected UnsignedFile.Multi.Generic (1) 09:50:57.0875 4728 DLADResN (458c83fd5c0deb55a48ec6f9d3816acb) C:\WINDOWS\system32\DLA\DLADResN.SYS 09:50:57.0968 4728 DLADResN ( UnsignedFile.Multi.Generic ) - warning 09:50:57.0968 4728 DLADResN - detected UnsignedFile.Multi.Generic (1) 09:50:58.0421 4728 DLAIFS_M (97bca2aac06a9fea56615b4b15bdb9b8) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 09:50:58.0546 4728 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning 09:50:58.0546 4728 DLAIFS_M - detected UnsignedFile.Multi.Generic (1) 09:50:58.0937 4728 DLAOPIOM (be8d558cf749424f0de612813f7c6725) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 09:50:59.0343 4728 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning 09:50:59.0343 4728 DLAOPIOM - detected UnsignedFile.Multi.Generic (1) 09:51:00.0031 4728 DLAPoolM (7e5277cb45dc5e2a86af8ce093c7ef31) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 09:51:00.0109 4728 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning 09:51:00.0109 4728 DLAPoolM - detected UnsignedFile.Multi.Generic (1) 09:51:00.0437 4728 DLARTL_N (693dfd92d41a3d270053cd97834e4960) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 09:51:00.0515 4728 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning 09:51:00.0515 4728 DLARTL_N - detected UnsignedFile.Multi.Generic (1) 09:51:00.0750 4728 DLAUDFAM (d886b6d02b51e5bd61b8a571a16d5ca2) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 09:51:00.0812 4728 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning 09:51:00.0812 4728 DLAUDFAM - detected UnsignedFile.Multi.Generic (1) 09:51:01.0265 4728 DLAUDF_M (2c0ecf7a9d5162d87c64e2ae868b5039) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 09:51:01.0406 4728 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning 09:51:01.0406 4728 DLAUDF_M - detected UnsignedFile.Multi.Generic (1) 09:51:02.0015 4728 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 09:51:02.0937 4728 dmboot - ok 09:51:03.0312 4728 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 09:51:03.0546 4728 dmio - ok 09:51:03.0968 4728 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 09:51:04.0140 4728 dmload - ok 09:51:04.0406 4728 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 09:51:04.0578 4728 DMusic - ok 09:51:04.0875 4728 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 09:51:05.0078 4728 dpti2o - ok 09:51:05.0390 4728 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 09:51:05.0609 4728 drmkaud - ok 09:51:06.0296 4728 DRVMCDB (73623d89faef4d1aa600edee8b490bc5) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 09:51:06.0531 4728 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning 09:51:06.0531 4728 DRVMCDB - detected UnsignedFile.Multi.Generic (1) 09:51:06.0906 4728 DRVNDDM (2aeee1600d0f14ba535f90a1f4411b54) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 09:51:06.0968 4728 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning 09:51:06.0968 4728 DRVNDDM - detected UnsignedFile.Multi.Generic (1) 09:51:07.0265 4728 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys 09:51:07.0312 4728 DSproct ( UnsignedFile.Multi.Generic ) - warning 09:51:07.0312 4728 DSproct - detected UnsignedFile.Multi.Generic (1) 09:51:07.0781 4728 E100B (be27de641e52d8b295dea40b213318f7) C:\WINDOWS\system32\DRIVERS\e100b325.sys 09:51:07.0953 4728 E100B - ok 09:51:08.0312 4728 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys 09:51:08.0687 4728 e1express - ok 09:51:08.0921 4728 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys 09:51:08.0984 4728 epmntdrv ( UnsignedFile.Multi.Generic ) - warning 09:51:08.0984 4728 epmntdrv - detected UnsignedFile.Multi.Generic (1) 09:51:09.0015 4728 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys 09:51:09.0046 4728 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning 09:51:09.0046 4728 EuGdiDrv - detected UnsignedFile.Multi.Generic (1) 09:51:09.0156 4728 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 09:51:09.0359 4728 Fastfat - ok 09:51:09.0468 4728 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 09:51:09.0781 4728 Fdc - ok 09:51:10.0000 4728 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 09:51:10.0156 4728 Fips - ok 09:51:10.0531 4728 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 09:51:10.0703 4728 Flpydisk - ok 09:51:10.0859 4728 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 09:51:11.0046 4728 FltMgr - ok 09:51:11.0296 4728 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 09:51:11.0343 4728 fssfltr - ok 09:51:11.0531 4728 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 09:51:11.0687 4728 Fs_Rec - ok 09:51:12.0078 4728 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 09:51:12.0281 4728 Ftdisk - ok 09:51:12.0671 4728 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 09:51:12.0718 4728 GearAspiWDM - ok 09:51:13.0015 4728 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 09:51:13.0187 4728 Gpc - ok 09:51:13.0406 4728 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 09:51:13.0578 4728 HDAudBus - ok 09:51:13.0937 4728 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 09:51:14.0109 4728 HidUsb - ok 09:51:14.0359 4728 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 09:51:14.0500 4728 hpn - ok 09:51:14.0875 4728 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 09:51:15.0109 4728 HTTP - ok 09:51:15.0484 4728 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 09:51:15.0671 4728 i2omgmt - ok 09:51:16.0031 4728 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 09:51:16.0187 4728 i2omp - ok 09:51:16.0234 4728 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 09:51:16.0375 4728 i8042prt - ok 09:51:16.0500 4728 iastor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iastor.sys 09:51:16.0625 4728 iastor - ok 09:51:16.0687 4728 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 09:51:16.0812 4728 Imapi - ok 09:51:16.0906 4728 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 09:51:17.0031 4728 ini910u - ok 09:51:17.0078 4728 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 09:51:17.0203 4728 IntelIde - ok 09:51:17.0312 4728 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 09:51:17.0437 4728 intelppm - ok 09:51:17.0468 4728 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 09:51:17.0593 4728 Ip6Fw - ok 09:51:17.0671 4728 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 09:51:17.0796 4728 IpFilterDriver - ok 09:51:17.0843 4728 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 09:51:17.0968 4728 IpInIp - ok 09:51:18.0078 4728 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 09:51:18.0218 4728 IpNat - ok 09:51:18.0343 4728 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 09:51:18.0484 4728 IPSec - ok 09:51:18.0531 4728 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 09:51:18.0625 4728 IRENUM - ok 09:51:18.0750 4728 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 09:51:18.0890 4728 isapnp - ok 09:51:18.0906 4728 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 09:51:19.0031 4728 Kbdclass - ok 09:51:19.0140 4728 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 09:51:19.0312 4728 kbdhid - ok 09:51:19.0359 4728 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 09:51:19.0484 4728 kmixer - ok 09:51:19.0562 4728 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 09:51:19.0671 4728 KSecDD - ok 09:51:19.0859 4728 Lbd - ok 09:51:19.0906 4728 lbrtfdc - ok 09:51:19.0968 4728 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys 09:51:19.0968 4728 MarvinBus ( UnsignedFile.Multi.Generic ) - warning 09:51:19.0968 4728 MarvinBus - detected UnsignedFile.Multi.Generic (1) 09:51:20.0031 4728 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys 09:51:20.0062 4728 MBAMProtector - ok 09:51:20.0218 4728 mfeapfk (c373a719d704d12f5a4503f6f10239ff) C:\WINDOWS\system32\drivers\mfeapfk.sys 09:51:20.0250 4728 mfeapfk - ok 09:51:20.0406 4728 mfeavfk (851ad52871b62457152a8acaff0c632d) C:\WINDOWS\system32\drivers\mfeavfk.sys 09:51:20.0421 4728 mfeavfk - ok 09:51:20.0484 4728 mfeavfk01 - ok 09:51:20.0500 4728 mfebopk (5b9ffb027669a8ac30aac0b4996bc603) C:\WINDOWS\system32\drivers\mfebopk.sys 09:51:20.0515 4728 mfebopk - ok 09:51:20.0578 4728 mfefirek (2cabe72e53365834cb9969dde47bd690) C:\WINDOWS\system32\drivers\mfefirek.sys 09:51:20.0609 4728 mfefirek - ok 09:51:20.0687 4728 mfehidk (46db8f041e928bdc17b8daba249a2148) C:\WINDOWS\system32\drivers\mfehidk.sys 09:51:20.0718 4728 mfehidk - ok 09:51:20.0781 4728 mfendisk (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 09:51:20.0812 4728 mfendisk - ok 09:51:20.0828 4728 mfendiskmp (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 09:51:20.0859 4728 mfendiskmp - ok 09:51:20.0937 4728 mferkdet (316fd7c31cd57ca793fb10912aeeb2d2) C:\WINDOWS\system32\drivers\mferkdet.sys 09:51:20.0953 4728 mferkdet - ok 09:51:21.0015 4728 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 09:51:21.0031 4728 mferkdk - ok 09:51:21.0109 4728 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys 09:51:21.0125 4728 mfesmfk - ok 09:51:21.0203 4728 mfetdi2k (2026fe7c9e6b26ffeb08cd89c6326b91) C:\WINDOWS\system32\drivers\mfetdi2k.sys 09:51:21.0234 4728 mfetdi2k - ok 09:51:21.0437 4728 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 09:51:21.0468 4728 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 09:51:21.0468 4728 MHNDRV - detected UnsignedFile.Multi.Generic (1) 09:51:21.0796 4728 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 09:51:21.0937 4728 mnmdd - ok 09:51:21.0984 4728 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 09:51:22.0109 4728 Modem - ok 09:51:22.0125 4728 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 09:51:22.0265 4728 Mouclass - ok 09:51:22.0343 4728 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 09:51:22.0484 4728 mouhid - ok 09:51:22.0500 4728 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 09:51:22.0625 4728 MountMgr - ok 09:51:22.0656 4728 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 09:51:22.0781 4728 mraid35x - ok 09:51:22.0890 4728 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS 09:51:22.0906 4728 MREMP50 ( UnsignedFile.Multi.Generic ) - warning 09:51:22.0906 4728 MREMP50 - detected UnsignedFile.Multi.Generic (1) 09:51:22.0921 4728 MREMP50a64 - ok 09:51:22.0921 4728 MREMPR5 - ok 09:51:22.0937 4728 MRENDIS5 - ok 09:51:23.0015 4728 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS 09:51:23.0046 4728 MRESP50 ( UnsignedFile.Multi.Generic ) - warning 09:51:23.0046 4728 MRESP50 - detected UnsignedFile.Multi.Generic (1) 09:51:23.0109 4728 MRESP50a64 - ok 09:51:23.0359 4728 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 09:51:23.0531 4728 MRxDAV - ok 09:51:23.0593 4728 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 09:51:23.0671 4728 MRxSmb - ok 09:51:23.0765 4728 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 09:51:23.0906 4728 MSDV - ok 09:51:23.0953 4728 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 09:51:24.0093 4728 Msfs - ok 09:51:24.0187 4728 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 09:51:24.0328 4728 MSKSSRV - ok 09:51:24.0390 4728 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 09:51:24.0515 4728 MSPCLOCK - ok 09:51:24.0578 4728 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 09:51:24.0718 4728 MSPQM - ok 09:51:25.0000 4728 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 09:51:25.0140 4728 mssmbios - ok 09:51:25.0640 4728 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 09:51:25.0859 4728 MSTEE - ok 09:51:26.0281 4728 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 09:51:26.0453 4728 Mup - ok 09:51:26.0703 4728 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 09:51:26.0937 4728 NABTSFEC - ok 09:51:27.0078 4728 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys 09:51:27.0109 4728 NAL ( UnsignedFile.Multi.Generic ) - warning 09:51:27.0109 4728 NAL - detected UnsignedFile.Multi.Generic (1) 09:51:27.0312 4728 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 09:51:27.0593 4728 NDIS - ok 09:51:27.0828 4728 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 09:51:27.0984 4728 NdisIP - ok 09:51:28.0203 4728 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 09:51:28.0375 4728 NdisTapi - ok 09:51:28.0453 4728 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 09:51:28.0703 4728 Ndisuio - ok 09:51:28.0843 4728 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:51:29.0000 4728 NdisWan - ok 09:51:29.0343 4728 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 09:51:29.0484 4728 NDProxy - ok 09:51:29.0734 4728 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 09:51:29.0906 4728 NetBIOS - ok 09:51:30.0140 4728 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 09:51:30.0328 4728 NetBT - ok 09:51:30.0562 4728 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 09:51:30.0718 4728 NIC1394 - ok 09:51:30.0828 4728 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 09:51:30.0953 4728 Npfs - ok 09:51:30.0984 4728 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 09:51:31.0109 4728 Ntfs - ok 09:51:31.0171 4728 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 09:51:31.0343 4728 Null - ok 09:51:31.0718 4728 nv (5950e6cc9fb3fabb61604d395dbc8550) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 09:51:32.0406 4728 nv - ok 09:51:32.0593 4728 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 09:51:32.0750 4728 NwlnkFlt - ok 09:51:32.0843 4728 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 09:51:32.0984 4728 NwlnkFwd - ok 09:51:33.0421 4728 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 09:51:33.0640 4728 ohci1394 - ok 09:51:33.0937 4728 Packet (8f856dae19383bd69db444004d5d4f50) C:\WINDOWS\system32\DRIVERS\packet.sys 09:51:34.0000 4728 Packet ( UnsignedFile.Multi.Generic ) - warning 09:51:34.0000 4728 Packet - detected UnsignedFile.Multi.Generic (1) 09:51:34.0296 4728 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 09:51:34.0515 4728 Parport - ok 09:51:34.0984 4728 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 09:51:35.0156 4728 PartMgr - ok 09:51:35.0343 4728 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 09:51:35.0500 4728 ParVdm - ok 09:51:35.0578 4728 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 09:51:35.0718 4728 PCI - ok 09:51:35.0765 4728 PCIDump - ok 09:51:35.0828 4728 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 09:51:35.0984 4728 PCIIde - ok 09:51:36.0062 4728 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 09:51:36.0312 4728 Pcmcia - ok 09:51:36.0687 4728 PDCOMP - ok 09:51:36.0875 4728 PDFRAME - ok 09:51:37.0078 4728 PDRELI - ok 09:51:37.0187 4728 PDRFRAME - ok 09:51:37.0562 4728 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 09:51:37.0718 4728 perc2 - ok 09:51:38.0125 4728 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 09:51:38.0281 4728 perc2hib - ok 09:51:38.0890 4728 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\WINDOWS\system32\drivers\pfc.sys 09:51:38.0953 4728 pfc ( UnsignedFile.Multi.Generic ) - warning 09:51:38.0953 4728 pfc - detected UnsignedFile.Multi.Generic (1) 09:51:39.0484 4728 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 09:51:39.0687 4728 PptpMiniport - ok 09:51:40.0218 4728 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 09:51:40.0468 4728 PSched - ok 09:51:41.0171 4728 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 09:51:41.0406 4728 Ptilink - ok 09:51:41.0937 4728 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys 09:51:41.0968 4728 PxHelp20 - ok 09:51:42.0843 4728 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 09:51:43.0031 4728 ql1080 - ok 09:51:43.0328 4728 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 09:51:43.0484 4728 Ql10wnt - ok 09:51:43.0796 4728 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 09:51:43.0968 4728 ql12160 - ok 09:51:44.0312 4728 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 09:51:44.0468 4728 ql1240 - ok 09:51:44.0906 4728 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 09:51:45.0140 4728 ql1280 - ok 09:51:45.0875 4728 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 09:51:46.0015 4728 RasAcd - ok 09:51:46.0234 4728 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 09:51:46.0390 4728 Rasl2tp - ok 09:51:46.0437 4728 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 09:51:46.0578 4728 RasPppoe - ok 09:51:46.0671 4728 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 09:51:46.0796 4728 Raspti - ok 09:51:46.0875 4728 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 09:51:47.0015 4728 Rdbss - ok 09:51:47.0062 4728 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 09:51:47.0187 4728 RDPCDD - ok 09:51:47.0500 4728 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 09:51:47.0703 4728 rdpdr - ok 09:51:47.0843 4728 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 09:51:47.0921 4728 RDPWD - ok 09:51:48.0015 4728 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 09:51:48.0171 4728 redbook - ok 09:51:48.0281 4728 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 09:51:48.0296 4728 SASDIFSV - ok 09:51:48.0500 4728 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 09:51:48.0593 4728 SASKUTIL - ok 09:51:48.0812 4728 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 09:51:48.0906 4728 Secdrv - ok 09:51:49.0000 4728 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 09:51:49.0265 4728 serenum - ok 09:51:49.0593 4728 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 09:51:49.0781 4728 Serial - ok 09:51:49.0937 4728 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 09:51:50.0062 4728 Sfloppy - ok 09:51:50.0687 4728 Simbad - ok 09:51:50.0906 4728 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 09:51:51.0156 4728 sisagp - ok 09:51:51.0765 4728 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 09:51:51.0953 4728 SLIP - ok 09:51:52.0750 4728 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 09:51:52.0890 4728 Sparrow - ok 09:51:53.0812 4728 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 09:51:54.0000 4728 splitter - ok 09:51:54.0640 4728 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 09:51:54.0843 4728 sr - ok 09:51:55.0125 4728 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 09:51:55.0718 4728 Srv - ok 09:51:56.0265 4728 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys 09:51:57.0421 4728 STHDA - ok 09:51:57.0859 4728 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 09:51:58.0312 4728 streamip - ok 09:51:58.0609 4728 SunkFilt6 - ok 09:51:58.0937 4728 SunkFilt62 (38cc705ff41cc49daed796cfb419bea2) C:\WINDOWS\System32\Drivers\sunkfilt62.sys 09:51:59.0015 4728 SunkFilt62 ( UnsignedFile.Multi.Generic ) - warning 09:51:59.0015 4728 SunkFilt62 - detected UnsignedFile.Multi.Generic (1) 09:51:59.0281 4728 Sunkfiltp - ok 09:51:59.0625 4728 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 09:51:59.0781 4728 swenum - ok 09:52:00.0234 4728 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 09:52:00.0437 4728 swmidi - ok 09:52:00.0796 4728 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 09:52:00.0953 4728 symc810 - ok 09:52:01.0156 4728 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 09:52:01.0359 4728 symc8xx - ok 09:52:01.0468 4728 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 09:52:01.0609 4728 sym_hi - ok 09:52:01.0750 4728 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 09:52:01.0953 4728 sym_u3 - ok 09:52:02.0234 4728 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 09:52:02.0421 4728 sysaudio - ok 09:52:02.0765 4728 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 09:52:02.0906 4728 Tcpip - ok 09:52:03.0015 4728 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 09:52:03.0156 4728 TDPIPE - ok 09:52:03.0406 4728 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 09:52:04.0031 4728 TDTCP - ok 09:52:04.0265 4728 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 09:52:04.0421 4728 TermDD - ok 09:52:04.0500 4728 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 09:52:04.0640 4728 TosIde - ok 09:52:05.0062 4728 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 09:52:05.0218 4728 Udfs - ok 09:52:05.0656 4728 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 09:52:05.0796 4728 ultra - ok 09:52:06.0156 4728 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 09:52:06.0343 4728 Update - ok 09:52:06.0906 4728 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 09:52:07.0062 4728 USBAAPL - ok 09:52:07.0234 4728 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 09:52:07.0421 4728 usbccgp - ok 09:52:07.0828 4728 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 09:52:08.0078 4728 usbehci - ok 09:52:08.0375 4728 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 09:52:08.0562 4728 usbhub - ok 09:52:08.0906 4728 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 09:52:09.0125 4728 usbprint - ok 09:52:09.0609 4728 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 09:52:09.0812 4728 usbscan - ok 09:52:09.0906 4728 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 09:52:10.0062 4728 USBSTOR - ok 09:52:10.0796 4728 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 09:52:10.0968 4728 usbuhci - ok 09:52:11.0703 4728 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys 09:52:11.0953 4728 usb_rndisx - ok 09:52:12.0578 4728 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys 09:52:12.0875 4728 vaxscsi - ok 09:52:13.0390 4728 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 09:52:13.0546 4728 VgaSave - ok 09:52:14.0234 4728 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 09:52:14.0468 4728 viaagp - ok 09:52:14.0968 4728 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 09:52:15.0125 4728 ViaIde - ok 09:52:15.0609 4728 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 09:52:15.0812 4728 VolSnap - ok 09:52:16.0281 4728 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:52:16.0453 4728 Wanarp - ok 09:52:16.0812 4728 WDICA - ok 09:52:17.0375 4728 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 09:52:17.0671 4728 wdmaud - ok 09:52:18.0328 4728 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 09:52:19.0000 4728 WSTCODEC - ok 09:52:19.0312 4728 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 09:52:19.0500 4728 WudfPf - ok 09:52:20.0062 4728 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 09:52:20.0109 4728 WudfRd - ok 09:52:20.0218 4728 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0 09:52:20.0718 4728 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 09:52:20.0718 4728 \Device\Harddisk0\DR0 - detected TDSS File System (1) 09:52:20.0734 4728 Boot (0x1200) (757d37f277f591e57867f840bee9a59a) \Device\Harddisk0\DR0\Partition0 09:52:20.0750 4728 \Device\Harddisk0\DR0\Partition0 - ok 09:52:20.0750 4728 ============================================================ 09:52:20.0750 4728 Scan finished 09:52:20.0750 4728 ============================================================ 09:52:20.0859 4680 Detected object count: 24 09:52:20.0859 4680 Actual detected object count: 24 09:53:18.0640 4680 ASAPIW2k ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0640 4680 ASAPIW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0640 4680 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0640 4680 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0640 4680 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0640 4680 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0640 4680 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0656 4680 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0656 4680 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0656 4680 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0656 4680 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0656 4680 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0656 4680 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0656 4680 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0671 4680 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0671 4680 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0671 4680 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0671 4680 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0671 4680 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0671 4680 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0671 4680 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0671 4680 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 NAL ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 NAL ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 Packet ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 Packet ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 pfc ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0687 4680 SunkFilt62 ( UnsignedFile.Multi.Generic ) - skipped by user 09:53:18.0687 4680 SunkFilt62 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:53:18.0703 4680 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 09:53:18.0703 4680 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • Er gebeuren vreemde dingen met mijn PC... Hieronder het Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:52:25, on 4-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Packard Bell\Software Suite\pbDevDetect.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\MsiExec.exe C:\WINDOWS\system32\MsiExec.exe C:\WINDOWS\system32\MsiExec.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070104 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070104 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110915083724.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file) O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CkMsLJkFgtF.exe] C:\Documents and Settings\All Users\Application Data\CkMsLJkFgtF.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://ponltbc.onl.motive.com O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 16357 bytes Graag advies!

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.