Vraag & Antwoord

Beveiliging & privacy

Onregelmatigheden, vandaar Hijackthislog

40 antwoorden
  • Dag deskundigen, Gisteren viel opeens het beeld weg en kreeg ik het bericht dat windows gestopt was vanwege een fout, dat ik opnieuw moest opstarten en als dit bericht vaker zou komen ik de BIOS moest updaten. Verder komt AVG regelmatig met het bericht dat Mozilla Firefox veel geheugen verbruikt, en dat ik die moet afsluiten. Dat bericht kreeg ik tot voor kort nooit. Misschien heeft het ermee te maken dat ik een week Expat Shield had geinstalleerd, wat me veel reclame en ongewenste websites opleverde. Die heb ik daarna verwijderd en de computer schoongemaakt. Hoe dan ook, graag wil ik jullie vragen mijn Hijackthislog even na te kijken. Zodat ik weet dat die in elk geval schoon is. Hartelijk dank alvast, Diana. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:12:09, on 13-11-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ezSP_Px.exe C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Brownie\BrstsWnd.exe C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe C:\Program Files\Brownie\brpjp04a.exe C:\Program Files\Creative\Software Update 3\SoftAuto.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.expatshield.com/g/?c=h R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe" O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\RunOnce: [JWOSetup] JWOSetup.exe -u O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: PHOTOfunSTUDIO 5.0 HD Edition.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing) O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe -- End of file - 12733 bytes
  • Hallo Diana, gezien wat jij zoal met jouw XP doet, hoeveel werkgeheugen is aanwezig in jouw PC? [b:2ac8476f6a]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:2ac8476f6a] [color=#0000FF:2ac8476f6a][list:2ac8476f6a][*:2ac8476f6a]Lees alle instrukties goed door. [*:2ac8476f6a]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:2ac8476f6a]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:2ac8476f6a]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:2ac8476f6a]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:2ac8476f6a]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:2ac8476f6a][/color:2ac8476f6a] [color=#FF0000:2ac8476f6a][b:2ac8476f6a]Stap •1•[/b:2ac8476f6a][/color:2ac8476f6a] Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:2ac8476f6a]Fix checked[/b:2ac8476f6a] klikt! Start nu HijackThis en klik op de knop [b:2ac8476f6a]Do a Scan only, R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.expatshield.com/g/?c=h [/b:2ac8476f6a] [list:2ac8476f6a][*:2ac8476f6a] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen [*:2ac8476f6a] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:2ac8476f6a]Fix checked[/b:2ac8476f6a] [*:2ac8476f6a] Klik hierna HijackThis op uit.[/list:u:2ac8476f6a] [color=#FF0000:2ac8476f6a][b:2ac8476f6a]Stap •2•[/b:2ac8476f6a][/color:2ac8476f6a] [b:2ac8476f6a]Welk programma[/b:2ac8476f6a]: Malwarebytes MBAM [b:2ac8476f6a]Waarvoor/waarom[/b:2ac8476f6a]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:2ac8476f6a]Moeilijkheidsgraad[/b:2ac8476f6a]: geen. [b:2ac8476f6a]Download Malwarebytes MBAM via één van deze locaties[/b:2ac8476f6a]: [list:2ac8476f6a][*:2ac8476f6a][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:2ac8476f6a]Download.com[/b:2ac8476f6a][/url] [*:2ac8476f6a][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:2ac8476f6a]Softpedia.com[/b:2ac8476f6a][/url][*:2ac8476f6a][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:2ac8476f6a]Majorgeeks.com[/b:2ac8476f6a][/url][/list:u:2ac8476f6a] [b:2ac8476f6a]Allereerst[/b:2ac8476f6a]:[list:2ac8476f6a][*:2ac8476f6a] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:2ac8476f6a] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:2ac8476f6a] [b:2ac8476f6a]Malwarebytes MBAM opstarten[/b:2ac8476f6a]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:2ac8476f6a][*:2ac8476f6a][b:2ac8476f6a]Let op:[/b:2ac8476f6a] [list:2ac8476f6a][*:2ac8476f6a]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:2ac8476f6a]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:2ac8476f6a]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:2ac8476f6a]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:2ac8476f6a][/list:u:2ac8476f6a] [img:2ac8476f6a]http://img30.imageshack.us/img30/3928/mbam2.png[/img:2ac8476f6a] [list:2ac8476f6a][*:2ac8476f6a][b:2ac8476f6a]Doe ook nog het volgende:[/b:2ac8476f6a] [list:2ac8476f6a][*:2ac8476f6a]Zodra het programma gestart is, ga dan naar het tabblad "[b:2ac8476f6a]Instellingen[/b:2ac8476f6a]". [*:2ac8476f6a]Vink hier aan: "[b:2ac8476f6a]Sluit Internet Explorer tijdens verwijdering van malware[/b:2ac8476f6a]".[/list:u:2ac8476f6a][/list:u:2ac8476f6a] [b:2ac8476f6a]Scannen[/b:2ac8476f6a]: [list:2ac8476f6a][*:2ac8476f6a] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:2ac8476f6a]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:2ac8476f6a]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:2ac8476f6a] [b:2ac8476f6a]Infecties gevonden[/b:2ac8476f6a]: [list:2ac8476f6a][*:2ac8476f6a]Klik nu eerst op OK om de melding weg te klikken [*:2ac8476f6a]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:2ac8476f6a]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:2ac8476f6a]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:2ac8476f6a]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:2ac8476f6a]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:2ac8476f6a] [b:2ac8476f6a]MBAM-Log[/b:2ac8476f6a]: [list:2ac8476f6a][*:2ac8476f6a] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:2ac8476f6a] [b:2ac8476f6a]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:2ac8476f6a] [color=#FF0000:2ac8476f6a][b:2ac8476f6a]Stap •3•[/b:2ac8476f6a][/color:2ac8476f6a] [b:2ac8476f6a]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:2ac8476f6a] [list:2ac8476f6a][*:2ac8476f6a] een nieuw Hijackthis-log [*:2ac8476f6a] MBAM scanlog[/list:u:2ac8476f6a]
  • Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8158 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 14-11-2011 8:02:13 mbam-log-2011-11-14 (08-02-13).txt Scantype: Snelle scan Objecten gescand: 193469 Verstreken tijd: 3 minuut/minuten, 38 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:08:50, on 14-11-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ezSP_Px.exe C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Brownie\BrstsWnd.exe C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe C:\Program Files\Creative\Software Update 3\SoftAuto.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Brownie\brpjp04a.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe" O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: PHOTOfunSTUDIO 5.0 HD Edition.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing) O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe -- End of file - 11638 bytes Wat zou ik dan beter niet kunnen doen met mijn XP? Overigens is er nog iets vreemds: na het afsluiten twee updates die worden geinstalleerd. Dat is op zich niet vreemd, maar het gebeurt om de paar dagen, net alsof het updaten niet gelukt is de vorige keren.
  • Je mag het volgende gaan doen: [color=#FF0000:29897e794a][b:29897e794a]Stap •1•[/b:29897e794a][/color:29897e794a] [[b:29897e794a]Welk programma[/b:29897e794a]: Kaspersky [b:29897e794a]TDSSKiller[/b:29897e794a] [b:29897e794a]Waarvoor/waarom[/b:29897e794a]: Rootkitscanner [b:29897e794a]Moeilijkheidsgraad[/b:29897e794a]: geen [b:29897e794a]Downloadlokatie[/b:29897e794a]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:29897e794a]Download[/b:29897e794a] [b:29897e794a]TDSSKiller[/b:29897e794a] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:29897e794a]hier[/b:29897e794a][/url]. [b:29897e794a]Installatie[/b:29897e794a]: [list:29897e794a][*:29897e794a] pak het bestand uit op je bureaublad.[/list:u:29897e794a] [b:29897e794a]TDSSKiller gebruiken[/b:29897e794a]: [list:29897e794a][*:29897e794a]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:29897e794a]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:29897e794a]Als Administrator uitvoeren[/b:29897e794a]. [*:29897e794a]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:29897e794a] [img:29897e794a]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:29897e794a] [list:29897e794a][*:29897e794a]Klik vervolgens op de knop [b:29897e794a]"Start Scan"[/b:29897e794a] en volg de instructies. [*:29897e794a] Nadat de scan klaar is klik je op de knop [b:29897e794a]"Report"[/b:29897e794a]. [*:29897e794a]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:29897e794a][*:29897e794a][b:29897e794a]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:29897e794a] [*:29897e794a]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:29897e794a]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:29897e794a][/list:u:29897e794a][/list:u:29897e794a] [color=#FF0000:29897e794a][b:29897e794a]Stap •2•[/b:29897e794a][/color:29897e794a] [b:29897e794a]Welk programma[/b:29897e794a]: ComboFix [b:29897e794a]Waarvoor/waarom[/b:29897e794a]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:29897e794a]Moeilijkheidsgraad[/b:29897e794a]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:29897e794a]Downloadlokatie[/b:29897e794a]: Dit programma absoluut naar het bureaublad downloaden! [b:29897e794a]Download ComboFix via één van deze locaties[/b:29897e794a]: [list:29897e794a][*:29897e794a][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:29897e794a]Bleepingcomputer[/b:29897e794a][/url] [*:29897e794a][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:29897e794a]ForoSpyware[/b:29897e794a][/url] [*:29897e794a][url=http://subs.geekstogo.com/ComboFix.exe][b:29897e794a]Geekstogo[/b:29897e794a][/url][/list:u:29897e794a] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:29897e794a]Hier[/b:29897e794a][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:29897e794a]Hier[/b:29897e794a][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:29897e794a]hier[/b:29897e794a][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:29897e794a]Voor alle duidelijkheid nogmaals[/b:29897e794a]: ComboFix dient vanaf het bureaublad gestart te worden. [b:29897e794a]Opmerkingen[/b:29897e794a]: [list:29897e794a][*:29897e794a] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:29897e794a]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:29897e794a]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:29897e794a] [b:29897e794a]ComboFix is opgestart[/b:29897e794a]: [list:29897e794a][*:29897e794a]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:29897e794a]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:29897e794a]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:29897e794a]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:29897e794a]Post de inhoud van dit logbestand in je volgende bericht. [*:29897e794a]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:29897e794a] [b:29897e794a]Belangrijke opmerking[/b:29897e794a]: [list:29897e794a][*:29897e794a][b:29897e794a][color=Red:29897e794a]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:29897e794a][/b:29897e794a] [*:29897e794a][b:29897e794a][color=blue:29897e794a]Illegal operation attempted on a registery key that has been marked for deletion.[/color:29897e794a][/b:29897e794a] [*:29897e794a][b:29897e794a][color=Red:29897e794a]Start dan de computer opnieuw op.[/color:29897e794a][/b:29897e794a][/list:u:29897e794a] [color=#FF0000:29897e794a][b:29897e794a]Stap •3•[/b:29897e794a][/color:29897e794a] [b:29897e794a]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:29897e794a] [list:29897e794a][*:29897e794a] TDSSKiller-log [*:29897e794a] ComboFix.txt-log [/list:u:29897e794a]
  • [quote:3e8684757a="Abraham54"]Je mag het volgende gaan doen: [color=#FF0000:3e8684757a][b:3e8684757a]Stap •1•[/b:3e8684757a][/color:3e8684757a] [[b:3e8684757a]Welk programma[/b:3e8684757a]: Kaspersky [b:3e8684757a]TDSSKiller[/b:3e8684757a] [b:3e8684757a]Waarvoor/waarom[/b:3e8684757a]: Rootkitscanner [b:3e8684757a]Moeilijkheidsgraad[/b:3e8684757a]: geen [b:3e8684757a]Downloadlokatie[/b:3e8684757a]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:3e8684757a]Download[/b:3e8684757a] [b:3e8684757a]TDSSKiller[/b:3e8684757a] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:3e8684757a]hier[/b:3e8684757a][/url]. [b:3e8684757a]Installatie[/b:3e8684757a]: [list:3e8684757a][*:3e8684757a] pak het bestand uit op je bureaublad.[/list:u:3e8684757a] [b:3e8684757a]TDSSKiller gebruiken[/b:3e8684757a]: [list:3e8684757a][*:3e8684757a]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:3e8684757a]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:3e8684757a]Als Administrator uitvoeren[/b:3e8684757a]. [*:3e8684757a]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:3e8684757a] [img:3e8684757a]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:3e8684757a] [list:3e8684757a][*:3e8684757a]Klik vervolgens op de knop [b:3e8684757a]"Start Scan"[/b:3e8684757a] en volg de instructies. [*:3e8684757a] Nadat de scan klaar is klik je op de knop [b:3e8684757a]"Report"[/b:3e8684757a]. [*:3e8684757a]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:3e8684757a][*:3e8684757a][b:3e8684757a]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:3e8684757a] [*:3e8684757a]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:3e8684757a]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:3e8684757a][/list:u:3e8684757a][/list:u:3e8684757a] [color=#FF0000:3e8684757a][b:3e8684757a]Stap •2•[/b:3e8684757a][/color:3e8684757a] [b:3e8684757a]Welk programma[/b:3e8684757a]: ComboFix [b:3e8684757a]Waarvoor/waarom[/b:3e8684757a]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:3e8684757a]Moeilijkheidsgraad[/b:3e8684757a]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:3e8684757a]Downloadlokatie[/b:3e8684757a]: Dit programma absoluut naar het bureaublad downloaden! [b:3e8684757a]Download ComboFix via één van deze locaties[/b:3e8684757a]: [list:3e8684757a][*:3e8684757a][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:3e8684757a]Bleepingcomputer[/b:3e8684757a][/url] [*:3e8684757a][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:3e8684757a]ForoSpyware[/b:3e8684757a][/url] [*:3e8684757a][url=http://subs.geekstogo.com/ComboFix.exe][b:3e8684757a]Geekstogo[/b:3e8684757a][/url][/list:u:3e8684757a] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:3e8684757a]Hier[/b:3e8684757a][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:3e8684757a]Hier[/b:3e8684757a][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:3e8684757a]hier[/b:3e8684757a][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:3e8684757a]Voor alle duidelijkheid nogmaals[/b:3e8684757a]: ComboFix dient vanaf het bureaublad gestart te worden. [b:3e8684757a]Opmerkingen[/b:3e8684757a]: [list:3e8684757a][*:3e8684757a] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:3e8684757a]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:3e8684757a]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:3e8684757a] [b:3e8684757a]ComboFix is opgestart[/b:3e8684757a]: [list:3e8684757a][*:3e8684757a]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:3e8684757a]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:3e8684757a]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:3e8684757a]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:3e8684757a]Post de inhoud van dit logbestand in je volgende bericht. [*:3e8684757a]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:3e8684757a] [b:3e8684757a]Belangrijke opmerking[/b:3e8684757a]: [list:3e8684757a][*:3e8684757a][b:3e8684757a][color=Red:3e8684757a]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:3e8684757a][/b:3e8684757a] [*:3e8684757a][b:3e8684757a][color=blue:3e8684757a]Illegal operation attempted on a registery key that has been marked for deletion.[/color:3e8684757a][/b:3e8684757a] [*:3e8684757a][b:3e8684757a][color=Red:3e8684757a]Start dan de computer opnieuw op.[/color:3e8684757a][/b:3e8684757a][/list:u:3e8684757a] [color=#FF0000:3e8684757a][b:3e8684757a]Stap •3•[/b:3e8684757a][/color:3e8684757a] [b:3e8684757a]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:3e8684757a] [list:3e8684757a][*:3e8684757a] TDSSKiller-log [*:3e8684757a] ComboFix.txt-log [/list:u:3e8684757a][/quote:3e8684757a] Oke. Overigens denk ik dat ik de twee updates nu handmatig heb kunnen updaten. Ze zijn voltooid volgens mij. Maar ik ga evengoed het bovenste doen. Hier is alvast de TDS Killer, die ging snel: 10:16:28.0346 3644 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15 10:16:28.0612 3644 ============================================================ 10:16:28.0612 3644 Current date / time: 2011/11/14 10:16:28.0612 10:16:28.0612 3644 SystemInfo: 10:16:28.0612 3644 10:16:28.0612 3644 OS Version: 5.1.2600 ServicePack: 3.0 10:16:28.0612 3644 Product type: Workstation 10:16:28.0612 3644 ComputerName: UW-C5C0C24F5CAE 10:16:28.0612 3644 UserName: gebruiker 10:16:28.0612 3644 Windows directory: C:\WINDOWS 10:16:28.0612 3644 System windows directory: C:\WINDOWS 10:16:28.0612 3644 Processor architecture: Intel x86 10:16:28.0612 3644 Number of processors: 2 10:16:28.0612 3644 Page size: 0x1000 10:16:28.0612 3644 Boot type: Normal boot 10:16:28.0612 3644 ============================================================ 10:16:30.0315 3644 Initialize success 10:16:34.0221 2212 ============================================================ 10:16:34.0221 2212 Scan started 10:16:34.0221 2212 Mode: Manual; 10:16:34.0221 2212 ============================================================ 10:16:36.0643 2212 Abiosdsk - ok 10:16:36.0690 2212 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 10:16:36.0690 2212 abp480n5 - ok 10:16:36.0737 2212 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 10:16:36.0737 2212 ACPI - ok 10:16:36.0768 2212 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 10:16:36.0768 2212 ACPIEC - ok 10:16:36.0799 2212 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 10:16:36.0815 2212 adpu160m - ok 10:16:36.0846 2212 aeaudio2 (35186fe2b4d9b5fe5c52bcdf7dbda3a6) C:\WINDOWS\system32\drivers\aeaudio2.sys 10:16:36.0846 2212 aeaudio2 - ok 10:16:36.0862 2212 aeaudiol (18de69e6fafe3503fcfa2fef552a2228) C:\WINDOWS\system32\drivers\aeaudiol.sys 10:16:36.0862 2212 aeaudiol - ok 10:16:36.0893 2212 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 10:16:36.0893 2212 aec - ok 10:16:36.0924 2212 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 10:16:36.0955 2212 AFD - ok 10:16:37.0002 2212 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 10:16:37.0002 2212 agp440 - ok 10:16:37.0018 2212 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 10:16:37.0018 2212 agpCPQ - ok 10:16:37.0034 2212 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 10:16:37.0049 2212 Aha154x - ok 10:16:37.0065 2212 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 10:16:37.0065 2212 aic78u2 - ok 10:16:37.0080 2212 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 10:16:37.0080 2212 aic78xx - ok 10:16:37.0127 2212 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS 10:16:37.0127 2212 ALCXSENS - ok 10:16:37.0174 2212 ALCXWDM (391344370018a87a6c478ab76c7a47a8) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 10:16:37.0174 2212 ALCXWDM - ok 10:16:37.0205 2212 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 10:16:37.0205 2212 AliIde - ok 10:16:37.0221 2212 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 10:16:37.0221 2212 alim1541 - ok 10:16:37.0237 2212 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 10:16:37.0237 2212 amdagp - ok 10:16:37.0252 2212 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 10:16:37.0252 2212 amsint - ok 10:16:37.0284 2212 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 10:16:37.0284 2212 Arp1394 - ok 10:16:37.0299 2212 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 10:16:37.0299 2212 asc - ok 10:16:37.0315 2212 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 10:16:37.0315 2212 asc3350p - ok 10:16:37.0346 2212 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 10:16:37.0346 2212 asc3550 - ok 10:16:37.0393 2212 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 10:16:37.0393 2212 AsyncMac - ok 10:16:37.0424 2212 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 10:16:37.0424 2212 atapi - ok 10:16:37.0440 2212 Atdisk - ok 10:16:37.0502 2212 ati2mtag (aae41c74db4dd34e8e97cb3a7a92c0b6) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 10:16:37.0534 2212 ati2mtag - ok 10:16:37.0565 2212 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 10:16:37.0580 2212 Atmarpc - ok 10:16:37.0627 2212 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 10:16:37.0627 2212 audstub - ok 10:16:37.0659 2212 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 10:16:37.0659 2212 AVGIDSDriver - ok 10:16:37.0705 2212 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys 10:16:37.0705 2212 AVGIDSEH - ok 10:16:37.0721 2212 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 10:16:37.0721 2212 AVGIDSFilter - ok 10:16:37.0768 2212 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 10:16:37.0784 2212 AVGIDSShim - ok 10:16:37.0799 2212 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 10:16:37.0799 2212 Avgldx86 - ok 10:16:37.0830 2212 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 10:16:37.0846 2212 Avgmfx86 - ok 10:16:37.0862 2212 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 10:16:37.0862 2212 Avgrkx86 - ok 10:16:37.0893 2212 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys 10:16:37.0893 2212 Avgtdix - ok 10:16:37.0940 2212 b57w2k (b9543b0c771feab7ca095303007a159c) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 10:16:37.0955 2212 b57w2k - ok 10:16:38.0002 2212 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 10:16:38.0002 2212 Beep - ok 10:16:38.0049 2212 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 10:16:38.0049 2212 BthEnum - ok 10:16:38.0080 2212 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 10:16:38.0080 2212 BthPan - ok 10:16:38.0127 2212 BTHPORT (29ff6a865782d0f5b8e7fa1ffab4182b) C:\WINDOWS\system32\Drivers\BTHport.sys 10:16:38.0127 2212 BTHPORT - ok 10:16:38.0159 2212 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 10:16:38.0174 2212 BTHUSB - ok 10:16:38.0190 2212 catchme - ok 10:16:38.0221 2212 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 10:16:38.0221 2212 cbidf - ok 10:16:38.0237 2212 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 10:16:38.0237 2212 cbidf2k - ok 10:16:38.0268 2212 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 10:16:38.0268 2212 CCDECODE - ok 10:16:38.0299 2212 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 10:16:38.0299 2212 cd20xrnt - ok 10:16:38.0315 2212 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 10:16:38.0315 2212 Cdaudio - ok 10:16:38.0346 2212 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 10:16:38.0346 2212 Cdfs - ok 10:16:38.0377 2212 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 10:16:38.0377 2212 Cdrom - ok 10:16:38.0393 2212 Changer - ok 10:16:38.0424 2212 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 10:16:38.0424 2212 CmdIde - ok 10:16:38.0440 2212 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 10:16:38.0440 2212 Cpqarray - ok 10:16:38.0471 2212 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 10:16:38.0487 2212 dac2w2k - ok 10:16:38.0502 2212 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 10:16:38.0502 2212 dac960nt - ok 10:16:38.0549 2212 DCamUSBSQTECH (100ff3d9e16afb3163bd6f9aaaab7c55) C:\WINDOWS\system32\Drivers\SQcaptur.sys 10:16:38.0549 2212 DCamUSBSQTECH - ok 10:16:38.0580 2212 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 10:16:38.0580 2212 Disk - ok 10:16:38.0627 2212 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 10:16:38.0659 2212 dmboot - ok 10:16:38.0690 2212 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 10:16:38.0690 2212 dmio - ok 10:16:38.0737 2212 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 10:16:38.0737 2212 dmload - ok 10:16:38.0768 2212 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 10:16:38.0768 2212 DMusic - ok 10:16:38.0799 2212 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys 10:16:38.0799 2212 Dot4 - ok 10:16:38.0846 2212 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys 10:16:38.0846 2212 Dot4Print - ok 10:16:38.0877 2212 dot4usb (f48841c737d7dc9610bf5f49a76c2ed1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys 10:16:38.0877 2212 dot4usb - ok 10:16:38.0909 2212 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 10:16:38.0909 2212 dpti2o - ok 10:16:38.0924 2212 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 10:16:38.0924 2212 drmkaud - ok 10:16:38.0971 2212 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys 10:16:38.0971 2212 EL90XBC - ok 10:16:39.0002 2212 EMCR (48a85c0a5151c21be2dbaa3fc3a9c389) C:\WINDOWS\system32\DRIVERS\EMCR7SK.SYS 10:16:39.0002 2212 EMCR - ok 10:16:39.0034 2212 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 10:16:39.0034 2212 Fastfat - ok 10:16:39.0049 2212 fasttrak (f0196b7a8fe3098099721675db361272) C:\WINDOWS\system32\DRIVERS\FASTTRAK.SYS 10:16:39.0065 2212 fasttrak - ok 10:16:39.0080 2212 fasttx2k (3acbc73531dedd69837fe73b1623d49c) C:\WINDOWS\system32\DRIVERS\FASTTX2K.SYS 10:16:39.0096 2212 fasttx2k - ok 10:16:39.0112 2212 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 10:16:39.0112 2212 Fdc - ok 10:16:39.0143 2212 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 10:16:39.0143 2212 Fips - ok 10:16:39.0159 2212 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 10:16:39.0159 2212 Flpydisk - ok 10:16:39.0205 2212 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 10:16:39.0205 2212 FltMgr - ok 10:16:39.0221 2212 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 10:16:39.0221 2212 Fs_Rec - ok 10:16:39.0252 2212 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 10:16:39.0252 2212 Ftdisk - ok 10:16:39.0284 2212 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 10:16:39.0284 2212 GEARAspiWDM - ok 10:16:39.0315 2212 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 10:16:39.0315 2212 Gpc - ok 10:16:39.0346 2212 HidBth (d8cc702bb02ad520c3379e7ecb009ae1) C:\WINDOWS\system32\DRIVERS\hidbth.sys 10:16:39.0346 2212 HidBth - ok 10:16:39.0377 2212 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 10:16:39.0377 2212 HidUsb - ok 10:16:39.0409 2212 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 10:16:39.0409 2212 hpn - ok 10:16:39.0455 2212 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 10:16:39.0455 2212 HTTP - ok 10:16:39.0487 2212 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 10:16:39.0487 2212 i2omgmt - ok 10:16:39.0502 2212 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 10:16:39.0518 2212 i2omp - ok 10:16:39.0534 2212 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 10:16:39.0534 2212 i8042prt - ok 10:16:39.0549 2212 iaStor (50b56e7de809be4b8f4d24b3f0381520) C:\WINDOWS\system32\DRIVERS\IASTOR.SYS 10:16:39.0565 2212 iaStor - ok 10:16:39.0596 2212 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 10:16:39.0596 2212 Imapi - ok 10:16:39.0612 2212 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 10:16:39.0627 2212 ini910u - ok 10:16:39.0643 2212 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 10:16:39.0659 2212 IntelIde - ok 10:16:39.0690 2212 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 10:16:39.0690 2212 intelppm - ok 10:16:39.0721 2212 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 10:16:39.0721 2212 Ip6Fw - ok 10:16:39.0752 2212 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 10:16:39.0752 2212 IpFilterDriver - ok 10:16:39.0784 2212 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 10:16:39.0784 2212 IpInIp - ok 10:16:39.0815 2212 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 10:16:39.0815 2212 IpNat - ok 10:16:39.0830 2212 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 10:16:39.0830 2212 IPSec - ok 10:16:39.0862 2212 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 10:16:39.0877 2212 IRENUM - ok 10:16:39.0909 2212 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 10:16:39.0909 2212 isapnp - ok 10:16:39.0940 2212 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 10:16:39.0940 2212 Kbdclass - ok 10:16:39.0955 2212 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 10:16:39.0955 2212 kbdhid - ok 10:16:39.0987 2212 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 10:16:39.0987 2212 kmixer - ok 10:16:40.0018 2212 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 10:16:40.0018 2212 KSecDD - ok 10:16:40.0034 2212 lbrtfdc - ok 10:16:40.0049 2212 LHidFlt2 - ok 10:16:40.0065 2212 LHidUsbK - ok 10:16:40.0096 2212 LMouKE - ok 10:16:40.0112 2212 LUsbKbd - ok 10:16:40.0127 2212 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 10:16:40.0127 2212 mnmdd - ok 10:16:40.0159 2212 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 10:16:40.0159 2212 Modem - ok 10:16:40.0205 2212 motmodem (5023875a94b0766d98a62a72bc4cb055) C:\WINDOWS\system32\DRIVERS\motmodem.sys 10:16:40.0205 2212 motmodem - ok 10:16:40.0221 2212 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 10:16:40.0221 2212 Mouclass - ok 10:16:40.0252 2212 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 10:16:40.0252 2212 mouhid - ok 10:16:40.0268 2212 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 10:16:40.0284 2212 MountMgr - ok 10:16:40.0299 2212 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 10:16:40.0299 2212 mraid35x - ok 10:16:40.0315 2212 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 10:16:40.0330 2212 MRxDAV - ok 10:16:40.0377 2212 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 10:16:40.0377 2212 MRxSmb - ok 10:16:40.0409 2212 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 10:16:40.0424 2212 Msfs - ok 10:16:40.0455 2212 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 10:16:40.0455 2212 MSKSSRV - ok 10:16:40.0487 2212 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 10:16:40.0487 2212 MSPCLOCK - ok 10:16:40.0502 2212 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 10:16:40.0502 2212 MSPQM - ok 10:16:40.0534 2212 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 10:16:40.0534 2212 mssmbios - ok 10:16:40.0549 2212 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 10:16:40.0565 2212 MSTEE - ok 10:16:40.0580 2212 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 10:16:40.0596 2212 Mup - ok 10:16:40.0627 2212 MusCAudio (5d91f3641f1bf88ca9a9d558db82b87c) C:\WINDOWS\system32\drivers\MusCAudio.sys 10:16:40.0643 2212 MusCAudio - ok 10:16:40.0659 2212 MusCVideo (dc1f5f9b241159d8de5e2d494dc1ba77) C:\WINDOWS\system32\DRIVERS\MusCVideo.sys 10:16:40.0659 2212 MusCVideo - ok 10:16:40.0705 2212 MxlW2k (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys 10:16:40.0721 2212 MxlW2k - ok 10:16:40.0768 2212 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 10:16:40.0768 2212 NABTSFEC - ok 10:16:40.0799 2212 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 10:16:40.0815 2212 NDIS - ok 10:16:40.0846 2212 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 10:16:40.0846 2212 NdisIP - ok 10:16:40.0893 2212 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 10:16:40.0893 2212 NdisTapi - ok 10:16:40.0909 2212 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 10:16:40.0909 2212 Ndisuio - ok 10:16:40.0940 2212 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 10:16:40.0940 2212 NdisWan - ok 10:16:40.0971 2212 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 10:16:40.0971 2212 NDProxy - ok 10:16:40.0987 2212 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 10:16:41.0002 2212 NetBIOS - ok 10:16:41.0018 2212 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 10:16:41.0018 2212 NetBT - ok 10:16:41.0080 2212 NETMDUSB (55621d89ce500092cb3f136bed3c2854) C:\WINDOWS\system32\Drivers\NETMD052.sys 10:16:41.0080 2212 NETMDUSB - ok 10:16:41.0112 2212 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 10:16:41.0112 2212 NIC1394 - ok 10:16:41.0127 2212 Nmpdrv_N - ok 10:16:41.0143 2212 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 10:16:41.0143 2212 Npfs - ok 10:16:41.0174 2212 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 10:16:41.0190 2212 Ntfs - ok 10:16:41.0221 2212 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 10:16:41.0221 2212 Null - ok 10:16:41.0252 2212 nvatabus (06f86506555644cba020cd2cffe28668) C:\WINDOWS\system32\DRIVERS\NVATABUS.SYS 10:16:41.0252 2212 nvatabus - ok 10:16:41.0268 2212 nvraid (e182f94d65deda3668c23ee5bc8e980f) C:\WINDOWS\system32\DRIVERS\NVRAID.SYS 10:16:41.0284 2212 nvraid - ok 10:16:41.0315 2212 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 10:16:41.0315 2212 NwlnkFlt - ok 10:16:41.0330 2212 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 10:16:41.0330 2212 NwlnkFwd - ok 10:16:41.0362 2212 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 10:16:41.0362 2212 ohci1394 - ok 10:16:41.0377 2212 P3 (c6547b4d2394c254030299761ec97259) C:\WINDOWS\system32\DRIVERS\p3.sys 10:16:41.0377 2212 P3 - ok 10:16:41.0409 2212 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 10:16:41.0409 2212 Parport - ok 10:16:41.0424 2212 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 10:16:41.0424 2212 PartMgr - ok 10:16:41.0455 2212 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 10:16:41.0455 2212 ParVdm - ok 10:16:41.0471 2212 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 10:16:41.0471 2212 PCI - ok 10:16:41.0487 2212 PCIDump - ok 10:16:41.0502 2212 PCIIde - ok 10:16:41.0534 2212 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 10:16:41.0534 2212 Pcmcia - ok 10:16:41.0565 2212 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys 10:16:41.0580 2212 pcouffin - ok 10:16:41.0596 2212 PDCOMP - ok 10:16:41.0612 2212 PDFRAME - ok 10:16:41.0627 2212 PDRELI - ok 10:16:41.0643 2212 PDRFRAME - ok 10:16:41.0659 2212 PenClass (4a108cc9cc0e0605e68cce7021479879) C:\WINDOWS\system32\Drivers\penclass.sys 10:16:41.0674 2212 PenClass - ok 10:16:41.0705 2212 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 10:16:41.0705 2212 perc2 - ok 10:16:41.0721 2212 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 10:16:41.0721 2212 perc2hib - ok 10:16:41.0784 2212 Point32 (b4f59a953ef9e507f0d00c3a68580b8b) C:\WINDOWS\system32\DRIVERS\point32.sys 10:16:41.0784 2212 Point32 - ok 10:16:41.0815 2212 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 10:16:41.0815 2212 PptpMiniport - ok 10:16:41.0830 2212 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 10:16:41.0830 2212 PSched - ok 10:16:41.0846 2212 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 10:16:41.0862 2212 Ptilink - ok 10:16:41.0877 2212 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys 10:16:41.0877 2212 PxHelp20 - ok 10:16:41.0893 2212 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 10:16:41.0893 2212 ql1080 - ok 10:16:41.0924 2212 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 10:16:41.0924 2212 Ql10wnt - ok 10:16:41.0940 2212 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 10:16:41.0940 2212 ql12160 - ok 10:16:41.0971 2212 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 10:16:41.0971 2212 ql1240 - ok 10:16:41.0987 2212 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 10:16:41.0987 2212 ql1280 - ok 10:16:42.0018 2212 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 10:16:42.0018 2212 RasAcd - ok 10:16:42.0049 2212 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 10:16:42.0049 2212 Rasl2tp - ok 10:16:42.0065 2212 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 10:16:42.0065 2212 RasPppoe - ok 10:16:42.0080 2212 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 10:16:42.0080 2212 Raspti - ok 10:16:42.0112 2212 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 10:16:42.0127 2212 Rdbss - ok 10:16:42.0127 2212 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 10:16:42.0143 2212 RDPCDD - ok 10:16:42.0174 2212 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 10:16:42.0174 2212 rdpdr - ok 10:16:42.0221 2212 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 10:16:42.0221 2212 RDPWD - ok 10:16:42.0252 2212 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 10:16:42.0252 2212 redbook - ok 10:16:42.0299 2212 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 10:16:42.0299 2212 RFCOMM - ok 10:16:42.0362 2212 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 10:16:42.0377 2212 Secdrv - ok 10:16:42.0424 2212 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 10:16:42.0424 2212 serenum - ok 10:16:42.0440 2212 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 10:16:42.0440 2212 Serial - ok 10:16:42.0487 2212 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 10:16:42.0487 2212 Sfloppy - ok 10:16:42.0502 2212 Simbad - ok 10:16:42.0534 2212 SiS300i (c1e381b6e480dd936d92e1aed5be29c4) C:\WINDOWS\system32\DRIVERS\sis300ip.sys 10:16:42.0534 2212 SiS300i - ok 10:16:42.0580 2212 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 10:16:42.0580 2212 sisagp - ok 10:16:42.0612 2212 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys 10:16:42.0612 2212 SISNIC - ok 10:16:42.0659 2212 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 10:16:42.0659 2212 SLIP - ok 10:16:42.0690 2212 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 10:16:42.0690 2212 Sparrow - ok 10:16:42.0752 2212 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 10:16:42.0752 2212 splitter - ok 10:16:42.0815 2212 sptd (a7ab75cd9a97bd06b82c8359a86907d6) C:\WINDOWS\system32\Drivers\sptd.sys 10:16:42.0862 2212 sptd - ok 10:16:42.0877 2212 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 10:16:42.0877 2212 sr - ok 10:16:42.0924 2212 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 10:16:42.0924 2212 Srv - ok 10:16:42.0987 2212 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 10:16:42.0987 2212 streamip - ok 10:16:43.0018 2212 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 10:16:43.0018 2212 swenum - ok 10:16:43.0034 2212 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 10:16:43.0034 2212 swmidi - ok 10:16:43.0080 2212 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 10:16:43.0080 2212 symc810 - ok 10:16:43.0096 2212 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 10:16:43.0096 2212 symc8xx - ok 10:16:43.0112 2212 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 10:16:43.0112 2212 sym_hi - ok 10:16:43.0127 2212 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 10:16:43.0143 2212 sym_u3 - ok 10:16:43.0159 2212 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 10:16:43.0159 2212 sysaudio - ok 10:16:43.0190 2212 tap0901 (11d34fc869f5bda29949fe3858380894) C:\WINDOWS\system32\DRIVERS\tap0901.sys 10:16:43.0205 2212 tap0901 - ok 10:16:43.0237 2212 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys 10:16:43.0237 2212 taphss - ok 10:16:43.0284 2212 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 10:16:43.0284 2212 Tcpip - ok 10:16:43.0346 2212 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 10:16:43.0346 2212 TDPIPE - ok 10:16:43.0393 2212 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 10:16:43.0393 2212 TDTCP - ok 10:16:43.0424 2212 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 10:16:43.0424 2212 TermDD - ok 10:16:43.0455 2212 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 10:16:43.0455 2212 TosIde - ok 10:16:43.0502 2212 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 10:16:43.0502 2212 Udfs - ok 10:16:43.0518 2212 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 10:16:43.0518 2212 ultra - ok 10:16:43.0565 2212 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 10:16:43.0580 2212 Update - ok 10:16:43.0627 2212 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys 10:16:43.0627 2212 USBAAPL - ok 10:16:43.0659 2212 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 10:16:43.0674 2212 usbaudio - ok 10:16:43.0690 2212 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 10:16:43.0705 2212 usbccgp - ok 10:16:43.0721 2212 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 10:16:43.0721 2212 usbehci - ok 10:16:43.0737 2212 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 10:16:43.0737 2212 usbhub - ok 10:16:43.0768 2212 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 10:16:43.0768 2212 usbohci - ok 10:16:43.0815 2212 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 10:16:43.0815 2212 usbprint - ok 10:16:43.0846 2212 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 10:16:43.0846 2212 usbscan - ok 10:16:43.0877 2212 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys 10:16:43.0877 2212 usbser - ok 10:16:43.0909 2212 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 10:16:43.0909 2212 USBSTOR - ok 10:16:43.0940 2212 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 10:16:43.0940 2212 usbuhci - ok 10:16:43.0971 2212 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys 10:16:43.0987 2212 vaxscsi - ok 10:16:44.0018 2212 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 10:16:44.0018 2212 VgaSave - ok 10:16:44.0065 2212 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 10:16:44.0065 2212 viaagp - ok 10:16:44.0080 2212 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 10:16:44.0080 2212 ViaIde - ok 10:16:44.0112 2212 viasraid (ebe101c01d80a42868f57b327be1b564) C:\WINDOWS\system32\DRIVERS\VIASRAID.SYS 10:16:44.0112 2212 viasraid - ok 10:16:44.0127 2212 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 10:16:44.0127 2212 VolSnap - ok 10:16:44.0174 2212 vsdatant (3b169081214c8c39e0a36e590d934c32) C:\WINDOWS\system32\vsdatant.sys 10:16:44.0174 2212 vsdatant - ok 10:16:44.0221 2212 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 10:16:44.0221 2212 Wanarp - ok 10:16:44.0299 2212 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 10:16:44.0299 2212 Wdf01000 - ok 10:16:44.0330 2212 WDICA - ok 10:16:44.0362 2212 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 10:16:44.0362 2212 wdmaud - ok 10:16:44.0440 2212 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 10:16:44.0455 2212 WSTCODEC - ok 10:16:44.0487 2212 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 10:16:44.0502 2212 WudfPf - ok 10:16:44.0534 2212 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 10:16:44.0534 2212 WudfRd - ok 10:16:44.0596 2212 MBR (0x1B8) (318a7e11ce7d042a1572dc86d676a542) \Device\Harddisk0\DR0 10:16:44.0596 2212 \Device\Harddisk0\DR0 - ok 10:16:44.0612 2212 Boot (0x1200) (0740b193e745b233abf2a47e5a8496d9) \Device\Harddisk0\DR0\Partition0 10:16:44.0612 2212 \Device\Harddisk0\DR0\Partition0 - ok 10:16:44.0627 2212 Boot (0x1200) (942e7527b3cb7d95a373ea52eab6e0b6) \Device\Harddisk0\DR0\Partition1 10:16:44.0643 2212 \Device\Harddisk0\DR0\Partition1 - ok 10:16:44.0659 2212 Boot (0x1200) (280936318516fa5fac4c30777de99c37) \Device\Harddisk0\DR0\Partition2 10:16:44.0659 2212 \Device\Harddisk0\DR0\Partition2 - ok 10:16:44.0659 2212 ============================================================ 10:16:44.0659 2212 Scan finished 10:16:44.0659 2212 ============================================================ 10:16:44.0674 1888 Detected object count: 0 10:16:44.0674 1888 Actual detected object count: 0 10:16:52.0393 2004 ============================================================ 10:16:52.0393 2004 Scan started 10:16:52.0393 2004 Mode: Manual; 10:16:52.0393 2004 ============================================================ 10:16:53.0080 2004 Abiosdsk - ok 10:16:53.0112 2004 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 10:16:53.0112 2004 abp480n5 - ok 10:16:53.0127 2004 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 10:16:53.0127 2004 ACPI - ok 10:16:53.0174 2004 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 10:16:53.0174 2004 ACPIEC - ok 10:16:53.0190 2004 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 10:16:53.0190 2004 adpu160m - ok 10:16:53.0237 2004 aeaudio2 (35186fe2b4d9b5fe5c52bcdf7dbda3a6) C:\WINDOWS\system32\drivers\aeaudio2.sys 10:16:53.0237 2004 aeaudio2 - ok 10:16:53.0252 2004 aeaudiol (18de69e6fafe3503fcfa2fef552a2228) C:\WINDOWS\system32\drivers\aeaudiol.sys 10:16:53.0252 2004 aeaudiol - ok 10:16:53.0268 2004 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 10:16:53.0268 2004 aec - ok 10:16:53.0330 2004 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 10:16:53.0330 2004 AFD - ok 10:16:53.0377 2004 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 10:16:53.0377 2004 agp440 - ok 10:16:53.0393 2004 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 10:16:53.0393 2004 agpCPQ - ok 10:16:53.0424 2004 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 10:16:53.0424 2004 Aha154x - ok 10:16:53.0440 2004 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 10:16:53.0440 2004 aic78u2 - ok 10:16:53.0455 2004 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 10:16:53.0455 2004 aic78xx - ok 10:16:53.0487 2004 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS 10:16:53.0502 2004 ALCXSENS - ok 10:16:53.0565 2004 ALCXWDM (391344370018a87a6c478ab76c7a47a8) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 10:16:53.0565 2004 ALCXWDM - ok 10:16:53.0596 2004 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 10:16:53.0596 2004 AliIde - ok 10:16:53.0612 2004 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 10:16:53.0612 2004 alim1541 - ok 10:16:53.0627 2004 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 10:16:53.0627 2004 amdagp - ok 10:16:53.0643 2004 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 10:16:53.0643 2004 amsint - ok 10:16:53.0674 2004 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 10:16:53.0690 2004 Arp1394 - ok 10:16:53.0690 2004 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 10:16:53.0690 2004 asc - ok 10:16:53.0705 2004 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 10:16:53.0705 2004 asc3350p - ok 10:16:53.0737 2004 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 10:16:53.0737 2004 asc3550 - ok 10:16:53.0768 2004 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 10:16:53.0768 2004 AsyncMac - ok 10:16:53.0799 2004 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 10:16:53.0799 2004 atapi - ok 10:16:53.0815 2004 Atdisk - ok 10:16:53.0862 2004 ati2mtag (aae41c74db4dd34e8e97cb3a7a92c0b6) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 10:16:53.0877 2004 ati2mtag - ok 10:16:53.0909 2004 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 10:16:53.0909 2004 Atmarpc - ok 10:16:53.0940 2004 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 10:16:53.0940 2004 audstub - ok 10:16:53.0987 2004 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 10:16:53.0987 2004 AVGIDSDriver - ok 10:16:54.0018 2004 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys 10:16:54.0018 2004 AVGIDSEH - ok 10:16:54.0049 2004 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 10:16:54.0049 2004 AVGIDSFilter - ok 10:16:54.0065 2004 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 10:16:54.0065 2004 AVGIDSShim - ok 10:16:54.0096 2004 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 10:16:54.0096 2004 Avgldx86 - ok 10:16:54.0127 2004 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 10:16:54.0127 2004 Avgmfx86 - ok 10:16:54.0143 2004 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 10:16:54.0143 2004 Avgrkx86 - ok 10:16:54.0174 2004 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys 10:16:54.0174 2004 Avgtdix - ok 10:16:54.0221 2004 b57w2k (b9543b0c771feab7ca095303007a159c) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 10:16:54.0221 2004 b57w2k - ok 10:16:54.0252 2004 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 10:16:54.0252 2004 Beep - ok 10:16:54.0299 2004 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 10:16:54.0299 2004 BthEnum - ok 10:16:54.0330 2004 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 10:16:54.0330 2004 BthPan - ok 10:16:54.0377 2004 BTHPORT (29ff6a865782d0f5b8e7fa1ffab4182b) C:\WINDOWS\system32\Drivers\BTHport.sys 10:16:54.0377 2004 BTHPORT - ok 10:16:54.0409 2004 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 10:16:54.0409 2004 BTHUSB - ok 10:16:54.0424 2004 catchme - ok 10:16:54.0455 2004 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 10:16:54.0455 2004 cbidf - ok 10:16:54.0471 2004 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 10:16:54.0471 2004 cbidf2k - ok 10:16:54.0502 2004 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 10:16:54.0502 2004 CCDECODE - ok 10:16:54.0534 2004 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 10:16:54.0534 2004 cd20xrnt - ok 10:16:54.0549 2004 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 10:16:54.0549 2004 Cdaudio - ok 10:16:54.0565 2004 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 10:16:54.0565 2004 Cdfs - ok 10:16:54.0596 2004 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 10:16:54.0596 2004 Cdrom - ok 10:16:54.0612 2004 Changer - ok 10:16:54.0643 2004 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 10:16:54.0643 2004 CmdIde - ok 10:16:54.0659 2004 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 10:16:54.0659 2004 Cpqarray - ok 10:16:54.0690 2004 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 10:16:54.0690 2004 dac2w2k - ok 10:16:54.0721 2004 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 10:16:54.0721 2004 dac960nt - ok 10:16:54.0752 2004 DCamUSBSQTECH (100ff3d9e16afb3163bd6f9aaaab7c55) C:\WINDOWS\system32\Drivers\SQcaptur.sys 10:16:54.0752 2004 DCamUSBSQTECH - ok 10:16:54.0768 2004 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 10:16:54.0768 2004 Disk - ok 10:16:54.0830 2004 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 10:16:54.0830 2004 dmboot - ok 10:16:54.0877 2004 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 10:16:54.0877 2004 dmio - ok 10:16:54.0893 2004 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 10:16:54.0909 2004 dmload - ok 10:16:54.0924 2004 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 10:16:54.0940 2004 DMusic - ok 10:16:54.0971 2004 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys 10:16:54.0971 2004 Dot4 - ok 10:16:55.0018 2004 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys 10:16:55.0018 2004 Dot4Print - ok 10:16:55.0034 2004 dot4usb (f48841c737d7dc9610bf5f49a76c2ed1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys 10:16:55.0034 2004 dot4usb - ok 10:16:55.0049 2004 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 10:16:55.0049 2004 dpti2o - ok 10:16:55.0065 2004 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 10:16:55.0065 2004 drmkaud - ok 10:16:55.0096 2004 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys 10:16:55.0096 2004 EL90XBC - ok 10:16:55.0127 2004 EMCR (48a85c0a5151c21be2dbaa3fc3a9c389) C:\WINDOWS\system32\DRIVERS\EMCR7SK.SYS 10:16:55.0127 2004 EMCR - ok 10:16:55.0159 2004 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 10:16:55.0159 2004 Fastfat - ok 10:16:55.0174 2004 fasttrak (f0196b7a8fe3098099721675db361272) C:\WINDOWS\system32\DRIVERS\FASTTRAK.SYS 10:16:55.0174 2004 fasttrak - ok 10:16:55.0190 2004 fasttx2k (3acbc73531dedd69837fe73b1623d49c) C:\WINDOWS\system32\DRIVERS\FASTTX2K.SYS 10:16:55.0205 2004 fasttx2k - ok 10:16:55.0221 2004 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 10:16:55.0221 2004 Fdc - ok 10:16:55.0237 2004 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 10:16:55.0237 2004 Fips - ok 10:16:55.0268 2004 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 10:16:55.0268 2004 Flpydisk - ok 10:16:55.0299 2004 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 10:16:55.0299 2004 FltMgr - ok 10:16:55.0315 2004 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 10:16:55.0315 2004 Fs_Rec - ok 10:16:55.0346 2004 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 10:16:55.0346 2004 Ftdisk - ok 10:16:55.0377 2004 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 10:16:55.0377 2004 GEARAspiWDM - ok 10:16:55.0409 2004 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 10:16:55.0409 2004 Gpc - ok 10:16:55.0440 2004 HidBth (d8cc702bb02ad520c3379e7ecb009ae1) C:\WINDOWS\system32\DRIVERS\hidbth.sys 10:16:55.0440 2004 HidBth - ok 10:16:55.0471 2004 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 10:16:55.0471 2004 HidUsb - ok 10:16:55.0502 2004 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 10:16:55.0502 2004 hpn - ok 10:16:55.0549 2004 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 10:16:55.0549 2004 HTTP - ok 10:16:55.0596 2004 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 10:16:55.0596 2004 i2omgmt - ok 10:16:55.0627 2004 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 10:16:55.0627 2004 i2omp - ok 10:16:55.0643 2004 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 10:16:55.0643 2004 i8042prt - ok 10:16:55.0659 2004 iaStor (50b56e7de809be4b8f4d24b3f0381520) C:\WINDOWS\system32\DRIVERS\IASTOR.SYS 10:16:55.0659 2004 iaStor - ok 10:16:55.0690 2004 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 10:16:55.0690 2004 Imapi - ok 10:16:55.0705 2004 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 10:16:55.0721 2004 ini910u - ok 10:16:55.0737 2004 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 10:16:55.0737 2004 IntelIde - ok 10:16:55.0752 2004 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 10:16:55.0752 2004 intelppm - ok 10:16:55.0784 2004 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 10:16:55.0784 2004 Ip6Fw - ok 10:16:55.0815 2004 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 10:16:55.0815 2004 IpFilterDriver - ok 10:16:55.0830 2004 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 10:16:55.0830 2004 IpInIp - ok 10:16:55.0862 2004 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 10:16:55.0862 2004 IpNat - ok 10:16:55.0893 2004 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 10:16:55.0893 2004 IPSec - ok 10:16:55.0909 2004 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 10:16:55.0909 2004 IRENUM - ok 10:16:55.0940 2004 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 10:16:55.0940 2004 isapnp - ok 10:16:55.0971 2004 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 10:16:55.0971 2004 Kbdclass - ok 10:16:55.0987 2004 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 10:16:55.0987 2004 kbdhid - ok 10:16:56.0018 2004 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 10:16:56.0018 2004 kmixer - ok 10:16:56.0034 2004 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 10:16:56.0049 2004 KSecDD - ok 10:16:56.0065 2004 lbrtfdc - ok 10:16:56.0080 2004 LHidFlt2 - ok 10:16:56.0096 2004 LHidUsbK - ok 10:16:56.0112 2004 LMouKE - ok 10:16:56.0127 2004 LUsbKbd - ok 10:16:56.0159 2004 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 10:16:56.0159 2004 mnmdd - ok 10:16:56.0190 2004 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 10:16:56.0190 2004 Modem - ok 10:16:56.0237 2004 motmodem (5023875a94b0766d98a62a72bc4cb055) C:\WINDOWS\system32\DRIVERS\motmodem.sys 10:16:56.0237 2004 motmodem - ok 10:16:56.0252 2004 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 10:16:56.0252 2004 Mouclass - ok 10:16:56.0284 2004 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 10:16:56.0284 2004 mouhid - ok 10:16:56.0299 2004 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 10:16:56.0299 2004 MountMgr - ok 10:16:56.0315 2004 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 10:16:56.0315 2004 mraid35x - ok 10:16:56.0330 2004 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 10:16:56.0346 2004 MRxDAV - ok 10:16:56.0393 2004 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 10:16:56.0393 2004 MRxSmb - ok 10:16:56.0424 2004 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 10:16:56.0424 2004 Msfs - ok 10:16:56.0455 2004 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 10:16:56.0455 2004 MSKSSRV - ok 10:16:56.0487 2004 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 10:16:56.0487 2004 MSPCLOCK - ok 10:16:56.0502 2004 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 10:16:56.0502 2004 MSPQM - ok 10:16:56.0534 2004 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 10:16:56.0534 2004 mssmbios - ok 10:16:56.0565 2004 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 10:16:56.0565 2004 MSTEE - ok 10:16:56.0612 2004 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 10:16:56.0612 2004 Mup - ok 10:16:56.0659 2004 MusCAudio (5d91f3641f1bf88ca9a9d558db82b87c) C:\WINDOWS\system32\drivers\MusCAudio.sys 10:16:56.0659 2004 MusCAudio - ok 10:16:56.0674 2004 MusCVideo (dc1f5f9b241159d8de5e2d494dc1ba77) C:\WINDOWS\system32\DRIVERS\MusCVideo.sys 10:16:56.0674 2004 MusCVideo - ok 10:16:56.0721 2004 MxlW2k (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys 10:16:56.0721 2004 MxlW2k - ok 10:16:56.0752 2004 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 10:16:56.0752 2004 NABTSFEC - ok 10:16:56.0784 2004 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 10:16:56.0784 2004 NDIS - ok 10:16:56.0815 2004 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 10:16:56.0815 2004 NdisIP - ok 10:16:56.0846 2004 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 10:16:56.0846 2004 NdisTapi - ok 10:16:56.0862 2004 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 10:16:56.0862 2004 Ndisuio - ok 10:16:56.0877 2004 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 10:16:56.0893 2004 NdisWan - ok 10:16:56.0909 2004 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 10:16:56.0909 2004 NDProxy - ok 10:16:56.0940 2004 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 10:16:56.0940 2004 NetBIOS - ok 10:16:56.0955 2004 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 10:16:56.0971 2004 NetBT - ok 10:16:57.0018 2004 NETMDUSB (55621d89ce500092cb3f136bed3c2854) C:\WINDOWS\system32\Drivers\NETMD052.sys 10:16:57.0018 2004 NETMDUSB - ok 10:16:57.0049 2004 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 10:16:57.0049 2004 NIC1394 - ok 10:16:57.0065 2004 Nmpdrv_N - ok 10:16:57.0080 2004 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 10:16:57.0096 2004 Npfs - ok 10:16:57.0112 2004 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 10:16:57.0127 2004 Ntfs - ok 10:16:57.0159 2004 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 10:16:57.0159 2004 Null - ok 10:16:57.0190 2004 nvatabus (06f86506555644cba020cd2cffe28668) C:\WINDOWS\system32\DRIVERS\NVATABUS.SYS 10:16:57.0190 2004 nvatabus - ok 10:16:57.0205 2004 nvraid (e182f94d65deda3668c23ee5bc8e980f) C:\WINDOWS\system32\DRIVERS\NVRAID.SYS 10:16:57.0205 2004 nvraid - ok 10:16:57.0221 2004 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 10:16:57.0221 2004 NwlnkFlt - ok 10:16:57.0252 2004 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 10:16:57.0252 2004 NwlnkFwd - ok 10:16:57.0268 2004 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 10:16:57.0268 2004 ohci1394 - ok 10:16:57.0284 2004 P3 (c6547b4d2394c254030299761ec97259) C:\WINDOWS\system32\DRIVERS\p3.sys 10:16:57.0284 2004 P3 - ok 10:16:57.0330 2004 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 10:16:57.0330 2004 Parport - ok 10:16:57.0346 2004 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 10:16:57.0346 2004 PartMgr - ok 10:16:57.0377 2004 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 10:16:57.0377 2004 ParVdm - ok 10:16:57.0393 2004 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 10:16:57.0393 2004 PCI - ok 10:16:57.0409 2004 PCIDump - ok 10:16:57.0424 2004 PCIIde - ok 10:16:57.0455 2004 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 10:16:57.0455 2004 Pcmcia - ok 10:16:57.0487 2004 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys 10:16:57.0487 2004 pcouffin - ok 10:16:57.0502 2004 PDCOMP - ok 10:16:57.0534 2004 PDFRAME - ok 10:16:57.0549 2004 PDRELI - ok 10:16:57.0565 2004 PDRFRAME - ok 10:16:57.0580 2004 PenClass (4a108cc9cc0e0605e68cce7021479879) C:\WINDOWS\system32\Drivers\penclass.sys 10:16:57.0580 2004 PenClass - ok 10:16:57.0612 2004 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 10:16:57.0612 2004 perc2 - ok 10:16:57.0627 2004 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 10:16:57.0627 2004 perc2hib - ok 10:16:57.0690 2004 Point32 (b4f59a953ef9e507f0d00c3a68580b8b) C:\WINDOWS\system32\DRIVERS\point32.sys 10:16:57.0690 2004 Point32 - ok 10:16:57.0705 2004 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 10:16:57.0705 2004 PptpMiniport - ok 10:16:57.0737 2004 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 10:16:57.0737 2004 PSched - ok 10:16:57.0752 2004 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 10:16:57.0752 2004 Ptilink - ok 10:16:57.0784 2004 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys 10:16:57.0784 2004 PxHelp20 - ok 10:16:57.0799 2004 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 10:16:57.0799 2004 ql1080 - ok 10:16:57.0815 2004 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 10:16:57.0815 2004 Ql10wnt - ok 10:16:57.0830 2004 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 10:16:57.0830 2004 ql12160 - ok 10:16:57.0862 2004 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 10:16:57.0862 2004 ql1240 - ok 10:16:57.0877 2004 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 10:16:57.0877 2004 ql1280 - ok 10:16:57.0909 2004 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 10:16:57.0909 2004 RasAcd - ok 10:16:57.0940 2004 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 10:16:57.0940 2004 Rasl2tp - ok 10:16:57.0955 2004 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 10:16:57.0955 2004 RasPppoe - ok 10:16:57.0971 2004 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 10:16:57.0987 2004 Raspti - ok 10:16:58.0002 2004 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 10:16:58.0002 2004 Rdbss - ok 10:16:58.0018 2004 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 10:16:58.0018 2004 RDPCDD - ok 10:16:58.0065 2004 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 10:16:58.0065 2004 rdpdr - ok 10:16:58.0096 2004 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 10:16:58.0096 2004 RDPWD - ok 10:16:58.0127 2004 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 10:16:58.0127 2004 redbook - ok 10:16:58.0174 2004 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 10:16:58.0174 2004 RFCOMM - ok 10:16:58.0252 2004 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 10:16:58.0252 2004 Secdrv - ok 10:16:58.0284 2004 serenum (0f29512ccd6bead730039
  • Hoe krijg ik Combofix op het bureaublad?
  • Gewoon als downloadlokatie je bureaublad kiezen!
  • [quote:c67cff88f0="Abraham54"]Gewoon als downloadlokatie je bureaublad kiezen![/quote:c67cff88f0] Die optie is er niet. Vroeger wel, nu niet meer. Als je een van de opgegeven linken aanklikt, begint het downladen meteen.
  • Indien Firefox je standaardbrowser is, dan heeft FF een standaard downloadlokatie. Je hebt TDSSKiller toch ook eerst moeten downloaden.... Dus dan verplaats je vanuit die standaard downloadlokatie ComboFix eerst naar je bureaublad. (Verplaatsen dus, niet kopiëren!).
  • Hier is ie: ComboFix 11-11-14.01 - gebruiker 14-11-2011 13:26:50.21.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1465 [GMT 1:00] Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\windows\bwUnin-6.1.4.36-8876480L.exe c:\windows\bwUnin-7.2.0.137-8876480SL.exe c:\windows\system32\CF14009.exe c:\windows\system32\PowerToyReadme.htm . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-14 to 2011-11-14 )))))))))))))))))))))))))))))) . . 2011-11-14 06:18 . 2011-11-14 06:18 -------- d-----w- c:\windows\LastGood 2011-11-06 06:50 . 2010-08-27 08:03 119808 ----a-w- c:\windows\system32\t2embed.dll 2011-10-29 10:52 . 2011-11-14 06:57 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE 2011-10-27 18:22 . 2011-10-27 18:22 -------- d-----w- c:\program files\Common Files\Java 2011-10-27 10:47 . 2011-10-27 10:47 -------- d-----w- c:\documents and settings\gebruiker\Application Data\AVG2012 2011-10-27 10:46 . 2011-10-27 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 2011-10-20 10:21 . 2011-11-14 08:01 -------- d-----w- c:\program files\TunnelBear 2011-10-17 08:28 . 2011-10-17 08:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2011-10-16 18:47 . 2011-11-14 09:16 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-31 06:19 . 2011-05-19 07:22 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-10 14:22 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-10-07 05:23 . 2011-01-07 04:41 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2011-10-04 05:21 . 2011-02-10 05:53 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys 2011-10-03 03:06 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-03 00:37 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-09-28 07:06 . 2005-03-01 20:18 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2005-03-01 20:20 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2005-03-01 20:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-13 04:30 . 2011-03-16 14:03 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2011-09-06 14:09 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-31 15:00 . 2011-06-18 06:03 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-22 23:41 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:41 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:41 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-08-22 11:58 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec 2011-08-17 13:49 . 2005-03-01 20:17 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-11-10 06:22 . 2011-07-18 05:03 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640] "SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JWOSetup"="JWOSetup.exe -en" [X] "SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024] "ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256] "AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832] "AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376] "VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ PHOTOfunSTUDIO 5.0 HD Edition.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2011-8-4 170480] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0\0\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk backup=c:\windows\pss\Google Updater.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk] path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk backup=c:\windows\pss\Last.fm Helper.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] 2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Soulseek\\slsk.exe"= "c:\\Program Files\\DropUpload\\DropUpLoad.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\GigaTribe\\gigatribe.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4210:TCP"= 4210:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 7:13 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 15:03 32592] R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 16:52 70656] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 16:53 77312] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 5:41 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4-4-2011 23:59 295248] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 5:09 192776] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 20:28 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 6:53 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 6:53 16720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 13:16 130384] S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x] S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 16:18 113664] S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 16:18 15104] S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 16:52 68224] S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 16:11 23096] S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 16:11 3768] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [21-9-2008 15:19 47360] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 16:06 223128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 13:16 753504] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 16:00 642560] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - 30267546 *Deregistered* - 30267546 . Inhoud van de 'Gedeelde Taken' map . 2011-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57] . 2011-11-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 05:50] . 2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007Core.job - c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24] . 2011-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007UA.job - c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24] . . ------- Bijkomende Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost;*.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\ FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4e270951&i=23&tp=ab&nt=1&q= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-14 13:36 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1240) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2011-11-14 13:45:23 ComboFix-quarantined-files.txt 2011-11-14 12:45 ComboFix2.txt 2011-07-19 18:03 . Pre-Run: 15.750.148.096 bytes beschikbaar Post-Run: 15.984.013.312 bytes beschikbaar . - - End Of File - - 858FE40C1C27EF50789264F4B74689E9
  • Dat ziet er prima uit. Hoe draait jouw Windows inmiddels. Overigens: heb jij Norton in jouw Windows gehad?
  • [quote:f025a356e8="Abraham54"]Dat ziet er prima uit. Hoe draait jouw Windows inmiddels. Overigens: heb jij Norton in jouw Windows gehad?[/quote:f025a356e8] Ik heb nog geen problemen gehad na Combofix. Norton had ik een keer per ongeluk aangeklikt bij iets anders. Is zwaar programma, weet ik.
  • Oké, open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:312bc336be]Kladblok[/b:312bc336be]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:312bc336be][color=Blue:312bc336be]KILLALL:: Folder:: c:\program files\Norton c:\documents and settings\All Users\Application Data\Norton [/color:312bc336be][/b:312bc336be] Sla dit kladblokbestand op je bureaublad op als [b:312bc336be]CFScript.txt[/b:312bc336be]. [b:312bc336be][color=Red:312bc336be]Nu eerst de antivirus deaktiveren![/color:312bc336be][/b:312bc336be] Sleep CFScript.txt in ComboFix.exe [img:312bc336be]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:312bc336be] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!
  • Hierbij: ComboFix 11-11-14.01 - gebruiker 14-11-2011 15:13:34.22.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1461 [GMT 1:00] Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\gebruiker\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Norton c:\documents and settings\All Users\Application Data\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-14 to 2011-11-14 )))))))))))))))))))))))))))))) . . 2011-11-06 06:50 . 2010-08-27 08:03 119808 ----a-w- c:\windows\system32\t2embed.dll 2011-10-29 10:52 . 2011-11-14 06:57 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE 2011-10-27 18:22 . 2011-10-27 18:22 -------- d-----w- c:\program files\Common Files\Java 2011-10-27 10:47 . 2011-10-27 10:47 -------- d-----w- c:\documents and settings\gebruiker\Application Data\AVG2012 2011-10-27 10:46 . 2011-10-27 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 2011-10-20 10:21 . 2011-11-14 08:01 -------- d-----w- c:\program files\TunnelBear 2011-10-17 08:28 . 2011-10-17 08:28 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2011-10-16 18:47 . 2011-11-14 14:11 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-31 06:19 . 2011-05-19 07:22 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-10 14:22 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-10-07 05:23 . 2011-01-07 04:41 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2011-10-04 05:21 . 2011-02-10 05:53 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys 2011-10-03 03:06 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-03 00:37 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-09-28 07:06 . 2005-03-01 20:18 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2005-03-01 20:20 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2005-03-01 20:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-13 04:30 . 2011-03-16 14:03 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2011-09-06 14:09 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-31 15:00 . 2011-06-18 06:03 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-22 23:41 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:41 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:41 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-08-22 11:58 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec 2011-08-17 13:49 . 2005-03-01 20:17 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-11-10 06:22 . 2011-07-18 05:03 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-11-14_12.36.48 ))))))))))))))))))))))))))))))))))))))))) . + 2011-11-14 14:20 . 2011-11-14 14:20 16384 c:\windows\temp\Perflib_Perfdata_330.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640] "SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JWOSetup"="JWOSetup.exe -en" [X] "SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024] "ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256] "AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832] "AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376] "VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ PHOTOfunSTUDIO 5.0 HD Edition.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2011-8-4 170480] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0\0\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk backup=c:\windows\pss\Google Updater.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk] path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk backup=c:\windows\pss\Last.fm Helper.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] 2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Soulseek\\slsk.exe"= "c:\\Program Files\\DropUpload\\DropUpLoad.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\GigaTribe\\gigatribe.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4210:TCP"= 4210:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 7:13 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 15:03 32592] R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 16:52 70656] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 16:53 77312] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 5:41 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4-4-2011 23:59 295248] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 5:09 192776] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 20:28 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 6:53 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 6:53 16720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 13:16 130384] S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x] S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 16:18 113664] S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 16:18 15104] S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 16:52 68224] S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 16:11 23096] S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 16:11 3768] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [21-9-2008 15:19 47360] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 16:06 223128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 13:16 753504] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 16:00 642560] . Inhoud van de 'Gedeelde Taken' map . 2011-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57] . 2011-11-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 05:50] . 2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007Core.job - c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24] . 2011-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007UA.job - c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24] . . ------- Bijkomende Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost;*.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\ FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4e270951&i=23&tp=ab&nt=1&q= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-14 15:20 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1240) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3940) c:\windows\system32\tabhook.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\bgsvcgen.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\CTsvcCDA.exe c:\program files\Creative\Shared Files\CTDevSrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\Tablet.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\wscntfy.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\rundll32.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2011-11-14 15:27:25 - machine werd herstart ComboFix-quarantined-files.txt 2011-11-14 14:27 ComboFix2.txt 2011-11-14 12:45 ComboFix3.txt 2011-07-19 18:03 . Pre-Run: 15.894.847.488 bytes beschikbaar Post-Run: 15.904.473.088 bytes beschikbaar . - - End Of File - - EAE2EB76067DB63520192D7A6E9935DA AVG komt er nogal eens doorheen met toestaan of weigeren. Terwijl ik de scanner heb uitgezet.
  • Mooi zo. Dat ben je nu ook kwijt in Windows. Alles draait nu naar behoren?
  • [quote:c83990d6fb="Abraham54"]Mooi zo. Dat ben je nu ook kwijt in Windows. Alles draait nu naar behoren?[/quote:c83990d6fb] Ja, prima. Ik ben nog even aan het defragmenteren en dan kan ie er weer een tijdje tegenaan. Ik heb deze computer al sinds 2005 met hetzelfde windowsprogramma. Nooit opnieuw hoeven installeren, dankzij jullie! :D :D groetjes, diana
  • Welke defragmenteerder gebruik jij?
  • [quote:e51ce05bfa="Abraham54"]Welke defragmenteerder gebruik jij?[/quote:e51ce05bfa] Auslogics.
  • Niet slecht. Maar sinds kort heeft O&O ook een gratis defragmenteerder, die zodanig defragmenteert, dat veelgebruikte bestanden vooraan de HD komen te staan - Smart-defrag is dat. O&O Defrag Free Edition als 32-bit- dan wel 64-bit editie - [url=http://www.softpedia.com/progDownload/O-O-Defrag-Free-Download-179765.html]Downloadlink[/url]
  • [quote:8fd7894f51="Abraham54"]Niet slecht. Maar sinds kort heeft O&O ook een gratis defragmenteerder, die zodanig defragmenteert, dat veelgebruikte bestanden vooraan de HD komen te staan - Smart-defrag is dat. O&O Defrag Free Edition als 32-bit- dan wel 64-bit editie - [url=http://www.softpedia.com/progDownload/O-O-Defrag-Free-Download-179765.html]Downloadlink[/url][/quote:8fd7894f51] Ik vind die site te verwarrend. Ik heb per ongeluk de PDF-converter gedownload, geloof ik, en die kan ik niet meer vinden op mijn computer. Bij het downloaden van de defragmenter, kreeg ik een foutmelding, dus ik stop daarmee. Auslogics is ook goed. Merci!

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.