Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Zeer trage laptop

Abraham54
12 antwoorden
  • Goedemiddag,
    Sinds een paar dagen is mijn laptop zeer traag. Heb inmidels tdsskiller laten scannen en daarna combofix. De laptop is inmiddels een stuk sneller, maar ik ben bang dat als ik deze opnieuw opstart dat hij weer even traag zal zijn. Iemand misschien advies. Ik heb de logs hieronder geplaatst. Alvast bedankt voor de hulp.
    Groeten,
    Niels

    11:32:10.0250 1424 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    11:32:10.0890 1424 ============================================================
    11:32:10.0890 1424 Current date / time: 2013/01/26 11:32:10.0890
    11:32:10.0890 1424 SystemInfo:
    11:32:10.0906 1424
    11:32:10.0906 1424 OS Version: 5.1.2600 ServicePack: 3.0
    11:32:10.0906 1424 Product type: Workstation
    11:32:10.0906 1424 ComputerName: GMB_LT_R010
    11:32:10.0906 1424 UserName: nielsho
    11:32:10.0906 1424 Windows directory: C:\WINDOWS
    11:32:10.0906 1424 System windows directory: C:\WINDOWS
    11:32:10.0906 1424 Processor architecture: Intel x86
    11:32:10.0906 1424 Number of processors: 2
    11:32:10.0921 1424 Page size: 0x1000
    11:32:10.0921 1424 Boot type: Normal boot
    11:32:10.0921 1424 ============================================================
    11:32:35.0390 1424 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    11:32:35.0484 1424 ============================================================
    11:32:35.0484 1424 \Device\Harddisk0\DR0:
    11:32:35.0484 1424 MBR partitions:
    11:32:35.0484 1424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
    11:32:35.0484 1424 ============================================================
    11:32:35.0531 1424 C: <-> \Device\Harddisk0\DR0\Partition1
    11:32:35.0546 1424 ============================================================
    11:32:35.0546 1424 Initialize success
    11:32:35.0562 1424 ============================================================
    11:33:07.0937 0504 ============================================================
    11:33:07.0953 0504 Scan started
    11:33:07.0953 0504 Mode: Manual; SigCheck; TDLFS;
    11:33:07.0953 0504 ============================================================
    11:33:11.0703 0504 ================ Scan system memory ========================
    11:33:11.0828 0504 System memory - ok
    11:33:11.0828 0504 ================ Scan services =============================
    11:33:12.0687 0504 Abiosdsk - ok
    11:33:12.0859 0504 abp480n5 - ok
    11:33:13.0093 0504 [ 558A0039F0EF634397E1F61055504478 ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
    11:33:18.0250 0504 Accelerometer - ok
    11:33:18.0500 0504 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
    11:33:22.0843 0504 ACPI - ok
    11:33:23.0015 0504 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    11:33:27.0125 0504 ACPIEC - ok
    11:33:27.0375 0504 [ 7356EFF52AD50B8946D346002118CE62 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
    11:33:28.0046 0504 ADIHdAudAddService - ok
    11:33:28.0312 0504 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    11:33:29.0093 0504 AdobeFlashPlayerUpdateSvc - ok
    11:33:29.0203 0504 adpu160m - ok
    11:33:29.0421 0504 [ FFF87A9B1AB36EE4B7BEC98A4CB01B79 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
    11:33:30.0031 0504 AEAudio - ok
    11:33:30.0234 0504 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
    11:33:34.0593 0504 aec - ok
    11:33:34.0859 0504 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
    11:33:35.0718 0504 AFD - ok
    11:33:35.0890 0504 [ 9C9D3B7A05445B1AB2DF4D0C4D6B77E8 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
    11:33:36.0375 0504 AgereModemAudio - ok
    11:33:36.0968 0504 [ 3712986CC3ABF0DC656B43525B9D1279 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    11:33:38.0062 0504 AgereSoftModem - ok
    11:33:38.0203 0504 Aha154x - ok
    11:33:38.0359 0504 aic78u2 - ok
    11:33:38.0500 0504 aic78xx - ok
    11:33:38.0687 0504 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll
    11:33:43.0046 0504 Alerter - ok
    11:33:43.0265 0504 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe
    11:33:47.0562 0504 ALG - ok
    11:33:47.0812 0504 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
    11:33:51.0968 0504 AliIde - ok
    11:33:52.0156 0504 amsint - ok
    11:33:52.0359 0504 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    11:33:52.0937 0504 Apple Mobile Device - ok
    11:33:53.0140 0504 [ 434A70FA278EB3C42140E3755C2FA4F8 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
    11:33:57.0531 0504 AppMgmt - ok
    11:33:57.0750 0504 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
    11:34:01.0875 0504 Arp1394 - ok
    11:34:02.0015 0504 asc - ok
    11:34:02.0140 0504 asc3350p - ok
    11:34:02.0328 0504 asc3550 - ok
    11:34:02.0687 0504 ASPI32 - ok
    11:34:02.0953 0504 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    11:34:03.0515 0504 aspnet_state - ok
    11:34:03.0734 0504 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    11:34:08.0140 0504 AsyncMac - ok
    11:34:08.0312 0504 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
    11:34:12.0781 0504 atapi - ok
    11:34:12.0921 0504 Atdisk - ok
    11:34:13.0125 0504 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    11:34:17.0328 0504 Atmarpc - ok
    11:34:17.0546 0504 [ 3EF1DB7F168851914517D4ED36B57C04 ] ATMhelpr C:\WINDOWS\system32\drivers\ATMhelpr.sys
    11:34:17.0656 0504 ATMhelpr ( UnsignedFile.Multi.Generic ) - warning
    11:34:17.0671 0504 ATMhelpr - detected UnsignedFile.Multi.Generic (1)
    11:34:17.0890 0504 [ 293E8CC3C246A89F4CCA75B024AD757F ] ATSWPDRV C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
    11:34:20.0046 0504 ATSWPDRV - ok
    11:34:20.0265 0504 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
    11:34:24.0609 0504 AudioSrv - ok
    11:34:24.0812 0504 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
    11:34:29.0156 0504 audstub - ok
    11:34:29.0421 0504 [ 74A65415DFAAD20F06E7550FA9B6E012 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
    11:34:30.0109 0504 b57w2k - ok
    11:34:30.0312 0504 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
    11:34:34.0703 0504 Beep - ok
    11:34:35.0000 0504 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll
    11:34:39.0484 0504 BITS - ok
    11:34:39.0718 0504 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
    11:34:44.0328 0504 Bridge - ok
    11:34:44.0515 0504 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
    11:34:48.0687 0504 BridgeMP - ok
    11:34:48.0921 0504 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll
    11:34:49.0531 0504 Browser - ok
    11:34:49.0859 0504 [ 3AA4BF555C00C5B87FD48DD7BDBD4E97 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
    11:34:50.0625 0504 btaudio - ok
    11:34:50.0765 0504 [ 07F0A66CFA550B13AD0674AE09E3CBA0 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
    11:34:51.0265 0504 BTDriver - ok
    11:34:51.0750 0504 [ BA57F31EAB93DC597D772F6F5B9ED54F ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
    11:34:52.0765 0504 BTKRNL - ok
    11:34:53.0000 0504 [ 0ECE2B1910527AE85691151D56621891 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    11:34:53.0234 0504 btwdins ( UnsignedFile.Multi.Generic ) - warning
    11:34:53.0234 0504 btwdins - detected UnsignedFile.Multi.Generic (1)
    11:34:53.0453 0504 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
    11:34:54.0062 0504 BTWDNDIS - ok
    11:34:54.0234 0504 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
    11:34:54.0812 0504 BTWUSB - ok
    11:34:54.0968 0504 catchme - ok
    11:34:55.0203 0504 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
    11:34:59.0406 0504 cbidf2k - ok
    11:34:59.0562 0504 [ 20F89E232173985A455BC9A5F70D1166 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
    11:34:59.0796 0504 CCALib8 ( UnsignedFile.Multi.Generic ) - warning
    11:34:59.0796 0504 CCALib8 - detected UnsignedFile.Multi.Generic (1)
    11:34:59.0937 0504 cd20xrnt - ok
    11:35:00.0125 0504 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
    11:35:04.0312 0504 Cdaudio - ok
    11:35:04.0500 0504 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
    11:35:08.0484 0504 Cdfs - ok
    11:35:08.0671 0504 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
    11:35:12.0734 0504 Cdrom - ok
    11:35:12.0875 0504 Changer - ok
    11:35:13.0046 0504 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe
    11:35:16.0968 0504 CiSvc - ok
    11:35:17.0140 0504 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
    11:35:21.0062 0504 ClipSrv - ok
    11:35:21.0296 0504 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    11:35:21.0875 0504 clr_optimization_v2.0.50727_32 - ok
    11:35:22.0062 0504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    11:35:22.0640 0504 clr_optimization_v4.0.30319_32 - ok
    11:35:22.0828 0504 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    11:35:26.0937 0504 CmBatt - ok
    11:35:27.0109 0504 CmdIde - ok
    11:35:27.0328 0504 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
    11:35:31.0375 0504 Compbatt - ok
    11:35:31.0515 0504 COMSysApp - ok
    11:35:31.0875 0504 Cpqarray - ok
    11:35:32.0000 0504 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
    11:35:32.0609 0504 cpudrv - ok
    11:35:32.0796 0504 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
    11:35:36.0921 0504 CryptSvc - ok
    11:35:37.0093 0504 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
    11:35:37.0640 0504 ctxusbm - ok
    11:35:37.0765 0504 dac2w2k - ok
    11:35:37.0937 0504 dac960nt - ok
    11:35:38.0203 0504 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
    11:35:38.0984 0504 DcomLaunch - ok
    11:35:39.0203 0504 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
    11:35:43.0187 0504 Dhcp - ok
    11:35:43.0359 0504 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
    11:35:47.0453 0504 Disk - ok
    11:35:47.0593 0504 dmadmin - ok
    11:35:48.0046 0504 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
    11:35:52.0421 0504 dmboot - ok
    11:35:52.0656 0504 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
    11:35:56.0734 0504 dmio - ok
    11:35:56.0921 0504 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
    11:36:01.0156 0504 dmload - ok
    11:36:01.0328 0504 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll
    11:36:05.0328 0504 dmserver - ok
    11:36:05.0500 0504 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
    11:36:09.0515 0504 DMusic - ok
    11:36:09.0796 0504 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
    11:36:10.0375 0504 Dnscache - ok
    11:36:10.0593 0504 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
    11:36:14.0890 0504 Dot3svc - ok
    11:36:15.0046 0504 dpti2o - ok
    11:36:15.0234 0504 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
    11:36:19.0234 0504 drmkaud - ok
    11:36:19.0406 0504 [ E88B0CFCECF745211BBA87F44F85D0DD ] eabfiltr C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
    11:36:19.0890 0504 eabfiltr - ok
    11:36:20.0125 0504 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll
    11:36:24.0156 0504 EapHost - ok
    11:36:24.0359 0504 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll
    11:36:28.0312 0504 ERSvc - ok
    11:36:28.0515 0504 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe
    11:36:29.0125 0504 Eventlog - ok
    11:36:29.0328 0504 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll
    11:36:29.0984 0504 EventSystem - ok
    11:36:30.0171 0504 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
    11:36:34.0234 0504 Fastfat - ok
    11:36:34.0453 0504 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
    11:36:35.0109 0504 FastUserSwitchingCompatibility - ok
    11:36:35.0328 0504 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
    11:36:39.0296 0504 Fdc - ok
    11:36:39.0531 0504 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
    11:36:43.0562 0504 Fips - ok
    11:36:43.0718 0504 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    11:36:47.0703 0504 Flpydisk - ok
    11:36:47.0890 0504 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
    11:36:52.0078 0504 FltMgr - ok
    11:36:52.0265 0504 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    11:36:52.0859 0504 FontCache3.0.0.0 - ok
    11:36:53.0109 0504 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
    11:36:57.0453 0504 Fs_Rec - ok
    11:36:57.0656 0504 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    11:37:02.0031 0504 Ftdisk - ok
    11:37:02.0234 0504 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    11:37:02.0656 0504 GEARAspiWDM - ok
    11:37:02.0859 0504 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
    11:37:06.0890 0504 Gpc - ok
    11:37:07.0109 0504 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    11:37:07.0671 0504 gupdate - ok
    11:37:07.0796 0504 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    11:37:08.0328 0504 gupdatem - ok
    11:37:08.0578 0504 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    11:37:09.0171 0504 gusvc - ok
    11:37:09.0343 0504 [ 407E41DDB2BFECE109132AEC296E0D98 ] HBtnKey C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
    11:37:09.0890 0504 HBtnKey - ok
    11:37:10.0125 0504 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    11:37:14.0156 0504 HDAudBus - ok
    11:37:14.0343 0504 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    11:37:18.0296 0504 helpsvc - ok
    11:37:18.0468 0504 HidServ - ok
    11:37:18.0656 0504 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
    11:37:22.0562 0504 HidUsb - ok
    11:37:22.0750 0504 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
    11:37:26.0687 0504 hkmsvc - ok
    11:37:26.0875 0504 [ 5953C0952E4DD2B25B9ADEF05AB0285C ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
    11:37:27.0312 0504 hpdskflt - ok
    11:37:27.0437 0504 hpn - ok
    11:37:27.0640 0504 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    11:37:27.0859 0504 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
    11:37:27.0859 0504 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
    11:37:28.0109 0504 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
    11:37:28.0750 0504 HTTP - ok
    11:37:28.0921 0504 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
    11:37:32.0890 0504 HTTPFilter - ok
    11:37:33.0109 0504 [ 2310CA92D37D97C9231ADF1796B47B9D ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
    11:37:33.0718 0504 hwdatacard - ok
    11:37:33.0859 0504 i2omgmt - ok
    11:37:34.0000 0504 i2omp - ok
    11:37:34.0234 0504 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    11:37:38.0453 0504 i8042prt - ok
    11:37:40.0359 0504 [ 200CCA76CD0E0F7EEC78FA56C29B4D67 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
    11:37:43.0765 0504 ialm - ok
    11:37:44.0093 0504 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
    11:37:44.0812 0504 iaStor - ok
    11:37:45.0015 0504 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    11:37:45.0140 0504 IDriverT ( UnsignedFile.Multi.Generic ) - warning
    11:37:45.0156 0504 IDriverT - detected UnsignedFile.Multi.Generic (1)
    11:37:45.0546 0504 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    11:37:46.0609 0504 idsvc - ok
    11:37:46.0890 0504 [ F67554DA27D5B55EFCB6C7CB4818FBFD ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
    11:37:47.0375 0504 IFXTPM - ok
    11:37:47.0593 0504 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
    11:37:51.0515 0504 Imapi - ok
    11:37:51.0765 0504 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe
    11:37:55.0890 0504 ImapiService - ok
    11:37:56.0078 0504 ini910u - ok
    11:37:56.0312 0504 [ 72C63AD984D427D34BD5B9DB838D88EB ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
    11:38:00.0281 0504 IntelIde - ok
    11:38:00.0531 0504 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
    11:38:04.0390 0504 intelppm - ok
    11:38:04.0578 0504 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
    11:38:08.0578 0504 Ip6Fw - ok
    11:38:08.0781 0504 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    11:38:12.0953 0504 IpFilterDriver - ok
    11:38:13.0156 0504 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
    11:38:17.0296 0504 IpInIp - ok
    11:38:17.0531 0504 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
    11:38:21.0718 0504 IpNat - ok
    11:38:22.0000 0504 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    11:38:22.0781 0504 iPod Service - ok
    11:38:22.0968 0504 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
    11:38:26.0859 0504 IPSec - ok
    11:38:27.0046 0504 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
    11:38:30.0890 0504 IRENUM - ok
    11:38:31.0109 0504 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
    11:38:35.0046 0504 isapnp - ok
    11:38:35.0234 0504 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    11:38:35.0828 0504 IviRegMgr - ok
    11:38:36.0015 0504 [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
    11:38:36.0656 0504 JavaQuickStarterService - ok
    11:38:36.0859 0504 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    11:38:40.0765 0504 Kbdclass - ok
    11:38:40.0937 0504 [ B833B70FE639F01FB36CEDABE57EF031 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    11:38:45.0000 0504 kbdhid - ok
    11:38:45.0203 0504 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
    11:38:49.0203 0504 kmixer - ok
    11:38:49.0375 0504 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
    11:38:49.0937 0504 KSecDD - ok
    11:38:50.0156 0504 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
    11:38:50.0765 0504 lanmanserver - ok
    11:38:50.0953 0504 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
    11:38:51.0515 0504 lanmanworkstation - ok
    11:38:51.0640 0504 lbrtfdc - ok
    11:38:52.0000 0504 [ 31D8B705DCD5F2366186E731F87C7A71 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    11:38:52.0515 0504 LightScribeService - ok
    11:38:52.0734 0504 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
    11:38:56.0718 0504 LmHosts - ok
    11:38:56.0953 0504 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    11:38:57.0203 0504 MDM ( UnsignedFile.Multi.Generic ) - warning
    11:38:57.0203 0504 MDM - detected UnsignedFile.Multi.Generic (1)
    11:38:57.0359 0504 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll
    11:39:01.0421 0504 Messenger - ok
    11:39:01.0609 0504 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
    11:39:06.0234 0504 mnmdd - ok
    11:39:06.0406 0504 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
    11:39:10.0484 0504 mnmsrvc - ok
    11:39:10.0703 0504 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys
    11:39:14.0656 0504 Modem - ok
    11:39:14.0843 0504 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
    11:39:18.0843 0504 Mouclass - ok
    11:39:19.0062 0504 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
    11:39:23.0187 0504 mouhid - ok
    11:39:23.0343 0504 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
    11:39:27.0296 0504 MountMgr - ok
    11:39:27.0484 0504 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
    11:39:28.0375 0504 MpFilter - ok
    11:39:28.0640 0504 [ A69630D039C38018689190234F866D77 ] MpKsl1b87c517 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F6E0F18-04BA-4939-BFDB-034BA7EC37B6}\MpKsl1b87c517.sys
    11:39:29.0156 0504 MpKsl1b87c517 - ok
    11:39:29.0343 0504 [ 70C14F5CCA5CF73F8A645C73A01D8726 ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
    11:39:33.0281 0504 MQAC - ok
    11:39:33.0406 0504 mraid35x - ok
    11:39:33.0640 0504 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    11:39:37.0531 0504 MRxDAV - ok
    11:39:37.0843 0504 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    11:39:38.0515 0504 MRxSmb - ok
    11:39:38.0750 0504 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe
    11:39:42.0796 0504 MSDTC - ok
    11:39:43.0093 0504 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
    11:39:47.0343 0504 Msfs - ok
    11:39:47.0500 0504 MSIServer - ok
    11:39:47.0687 0504 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
    11:39:51.0765 0504 MSKSSRV - ok
    11:39:51.0984 0504 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
    11:39:52.0625 0504 MsMpSvc - ok
    11:39:52.0812 0504 [ F5F2E7EA537F60A4FD35079BDBCD7899 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
    11:39:56.0765 0504 MSMQ - ok
    11:39:56.0953 0504 [ 0EADA80C26343A8FB3880FE95881338B ] MSMQTriggers C:\WINDOWS\system32\mqtgsvc.exe
    11:40:00.0953 0504 MSMQTriggers - ok
    11:40:01.0140 0504 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    11:40:05.0343 0504 MSPCLOCK - ok
    11:40:05.0531 0504 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
    11:40:09.0437 0504 MSPQM - ok
    11:40:09.0609 0504 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    11:40:13.0515 0504 mssmbios - ok
    11:40:13.0734 0504 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
    11:40:14.0218 0504 Mup - ok
    11:40:14.0453 0504 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll
    11:40:18.0656 0504 napagent - ok
    11:40:19.0000 0504 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
    11:40:19.0750 0504 NAUpdate - ok
    11:40:19.0968 0504 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
    11:40:23.0953 0504 NDIS - ok
    11:40:24.0156 0504 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS
    distapi.sys
    11:40:24.0640 0504 NdisTapi - ok
    11:40:24.0843 0504 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS
    disuio.sys
    11:40:29.0046 0504 Ndisuio - ok
    11:40:29.0234 0504 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS
    diswan.sys
    11:40:33.0234 0504 NdisWan - ok
    11:40:33.0421 0504 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
    11:40:33.0953 0504 NDProxy - ok
    11:40:34.0187 0504 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS
    etbios.sys
    11:40:38.0109 0504 NetBIOS - ok
    11:40:38.0328 0504 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS
    etbt.sys
    11:40:42.0406 0504 NetBT - ok
    11:40:42.0609 0504 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32
    etdde.exe
    11:40:46.0734 0504 NetDDE - ok
    11:40:46.0843 0504 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32
    etdde.exe
    11:40:50.0796 0504 NetDDEdsdm - ok
    11:40:50.0953 0504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe
    11:40:54.0859 0504 Netlogon - ok
    11:40:55.0109 0504 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32
    etman.dll
    11:40:59.0156 0504 Netman - ok
    11:40:59.0375 0504 [ 562E15CE8A98282F241E03829657E344 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    11:41:00.0000 0504 NetTcpPortSharing - ok
    11:41:00.0843 0504 [ D57258165ABA8162DE8E29D71487FC4B ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
    11:41:02.0687 0504 NETw4x32 - ok
    11:41:04.0109 0504 [ 91F027C242D3FF6E5C09F92A0518297F ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
    11:41:06.0781 0504 NETw5x32 - ok
    11:41:06.0984 0504 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS
    ic1394.sys
    11:41:10.0890 0504 NIC1394 - ok
    11:41:11.0125 0504 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll
    11:41:11.0812 0504 Nla - ok
    11:41:12.0015 0504 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
    11:41:16.0000 0504 Npfs - ok
    11:41:16.0328 0504 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
    11:41:20.0390 0504 Ntfs - ok
    11:41:20.0562 0504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
    11:41:24.0656 0504 NtLmSsp - ok
    11:41:24.0968 0504 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32
    tmssvc.dll
    11:41:29.0250 0504 NtmsSvc - ok
    11:41:29.0421 0504 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
    11:41:33.0640 0504 Null - ok
    11:41:33.0812 0504 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS
    wlnkflt.sys
    11:41:37.0812 0504 NwlnkFlt - ok
    11:41:38.0000 0504 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS
    wlnkfwd.sys
    11:41:41.0984 0504 NwlnkFwd - ok
    11:41:42.0328 0504 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    11:41:43.0093 0504 odserv - ok
    11:41:43.0281 0504 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    11:41:47.0484 0504 ohci1394 - ok
    11:41:47.0656 0504 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    11:41:48.0203 0504 ose - ok
    11:41:48.0437 0504 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
    11:41:52.0343 0504 Parport - ok
    11:41:52.0500 0504 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
    11:41:56.0515 0504 PartMgr - ok
    11:41:56.0718 0504 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
    11:42:00.0921 0504 ParVdm - ok
    11:42:01.0078 0504 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
    11:42:04.0968 0504 PCI - ok
    11:42:05.0109 0504 PCIDump - ok
    11:42:05.0312 0504 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
    11:42:09.0328 0504 PCIIde - ok
    11:42:09.0500 0504 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    11:42:13.0500 0504 Pcmcia - ok
    11:42:13.0640 0504 PDCOMP - ok
    11:42:13.0796 0504 pdfcDispatcher - ok
    11:42:13.0953 0504 PDFRAME - ok
    11:42:14.0093 0504 PDRELI - ok
    11:42:14.0250 0504 PDRFRAME - ok
    11:42:14.0390 0504 perc2 - ok
    11:42:14.0531 0504 perc2hib - ok
    11:42:15.0031 0504 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe
    11:42:15.0703 0504 PlugPlay - ok
    11:42:15.0906 0504 [ 3CECDA26586CA4DB9BE51241A6DB7C3C ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
    11:42:17.0953 0504 Pml Driver HPZ12 - ok
    11:42:18.0109 0504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
    11:42:22.0000 0504 PolicyAgent - ok
    11:42:22.0203 0504 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
    11:42:26.0093 0504 PptpMiniport - ok
    11:42:26.0234 0504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
    11:42:30.0453 0504 ProtectedStorage - ok
    11:42:30.0640 0504 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
    11:42:34.0703 0504 PSched - ok
    11:42:34.0875 0504 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
    11:42:38.0828 0504 Ptilink - ok
    11:42:38.0953 0504 ql1080 - ok
    11:42:39.0109 0504 Ql10wnt - ok
    11:42:39.0265 0504 ql12160 - ok
    11:42:39.0406 0504 ql1240 - ok
    11:42:39.0546 0504 ql1280 - ok
    11:42:39.0765 0504 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
    11:42:43.0765 0504 RasAcd - ok
    11:42:43.0953 0504 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll
    11:42:48.0000 0504 RasAuto - ok
    11:42:48.0203 0504 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
    11:42:50.0437 0504 Rasirda - ok
    11:42:50.0609 0504 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    11:42:54.0765 0504 Rasl2tp - ok
    11:42:54.0953 0504 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll
    11:42:58.0984 0504 RasMan - ok
    11:42:59.0171 0504 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    11:43:04.0218 0504 RasPppoe - ok
    11:43:04.0390 0504 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
    11:43:08.0250 0504 Raspti - ok
    11:43:08.0500 0504 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
    11:43:13.0234 0504 Rdbss - ok
    11:43:13.0406 0504 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    11:43:19.0015 0504 RDPCDD - ok
    11:43:19.0312 0504 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    11:43:23.0421 0504 rdpdr - ok
    11:43:23.0718 0504 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
    11:43:24.0406 0504 RDPWD - ok
    11:43:24.0625 0504 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
    11:43:28.0718 0504 RDSessMgr - ok
    11:43:28.0890 0504 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
    11:43:32.0875 0504 redbook - ok
    11:43:33.0078 0504 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
    11:43:37.0000 0504 RemoteAccess - ok
    11:43:37.0203 0504 [ 2FD5B89BF9289C774C5C730DEA96CD91 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
    11:43:41.0187 0504 RemoteRegistry - ok
    11:43:41.0375 0504 [ 96F7A9A7BF0C9C0440A967440065D33C ] RMCAST C:\WINDOWS\system32\drivers\RMCast.sys
    11:43:42.0000 0504 RMCAST - ok
    11:43:42.0171 0504 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe
    11:43:46.0187 0504 RpcLocator - ok
    11:43:46.0468 0504 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\System32\rpcss.dll
    11:43:47.0250 0504 RpcSs - ok
    11:43:47.0437 0504 [ A3B23FB3F295694091F51865F98588B2 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
    11:43:47.0578 0504 rspndr ( UnsignedFile.Multi.Generic ) - warning
    11:43:47.0578 0504 rspndr - detected UnsignedFile.Multi.Generic (1)
    11:43:47.0781 0504 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe
    11:43:51.0953 0504 RSVP - ok
    11:43:52.0156 0504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe
    11:43:56.0109 0504 SamSs - ok
    11:43:56.0312 0504 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
    11:44:00.0406 0504 SCardSvr - ok
    11:44:00.0640 0504 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll
    11:44:04.0765 0504 Schedule - ok
    11:44:05.0062 0504 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
    11:44:09.0031 0504 Secdrv - ok
    11:44:09.0203 0504 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll
    11:44:13.0171 0504 seclogon - ok
    11:44:13.0312 0504 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll
    11:44:17.0562 0504 SENS - ok
    11:44:17.0734 0504 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
    11:44:21.0562 0504 serenum - ok
    11:44:21.0734 0504 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
    11:44:25.0625 0504 Serial - ok
    11:44:26.0203 0504 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
    11:44:30.0109 0504 Sfloppy - ok
    11:44:30.0406 0504 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
    11:44:34.0500 0504 SharedAccess - ok
    11:44:34.0671 0504 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    11:44:35.0328 0504 ShellHWDetection - ok
    11:44:35.0437 0504 Simbad - ok
    11:44:35.0640 0504 [ F8BE8E1588AEFE40F2B219BF7AA632EF ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys
    11:44:37.0906 0504 SMCIRDA - ok
    11:44:38.0203 0504 Sparrow - ok
    11:44:38.0343 0504 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
    11:44:42.0281 0504 splitter - ok
    11:44:42.0500 0504 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
    11:44:43.0093 0504 Spooler - ok
    11:44:43.0312 0504 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
    11:44:47.0453 0504 sr - ok
    11:44:47.0703 0504 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll
    11:44:51.0781 0504 srservice - ok
    11:44:52.0062 0504 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
    11:44:52.0703 0504 Srv - ok
    11:44:52.0859 0504 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
    11:44:56.0828 0504 SSDPSRV - ok
    11:44:57.0156 0504 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll
    11:45:01.0281 0504 stisvc - ok
    11:45:01.0453 0504 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
    11:45:05.0296 0504 swenum - ok
    11:45:05.0546 0504 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
    11:45:09.0484 0504 swmidi - ok
    11:45:09.0625 0504 SwPrv - ok
    11:45:09.0828 0504 symc810 - ok
    11:45:10.0000 0504 symc8xx - ok
    11:45:10.0156 0504 sym_hi - ok
    11:45:10.0343 0504 sym_u3 - ok
    11:45:10.0906 0504 [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
    11:45:12.0218 0504 SynTP - ok
    11:45:12.0500 0504 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
    11:45:16.0562 0504 sysaudio - ok
    11:45:16.0781 0504 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
    11:45:20.0875 0504 SysmonLog - ok
    11:45:21.0093 0504 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
    11:45:25.0343 0504 TapiSrv - ok
    11:45:25.0687 0504 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
    11:45:26.0390 0504 Tcpip - ok
    11:45:26.0593 0504 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
    11:45:30.0593 0504 TDPIPE - ok
    11:45:30.0781 0504 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
    11:45:34.0718 0504 TDTCP - ok
    11:45:34.0968 0504 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
    11:45:38.0984 0504 TermDD - ok
    11:45:39.0234 0504 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll
    11:45:43.0375 0504 TermService - ok
    11:45:43.0593 0504 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll
    11:45:44.0281 0504 Themes - ok
    11:45:44.0468 0504 [ 78A2FE13662A119875F10E9FFCB49A8F ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
    11:45:48.0484 0504 TlntSvr - ok
    11:45:48.0625 0504 TosIde - ok
    11:45:48.0859 0504 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll
    11:45:52.0750 0504 TrkWks - ok
    11:45:53.0078 0504 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
    11:45:57.0062 0504 Udfs - ok
    11:45:57.0187 0504 ultra - ok
    11:45:57.0359 0504 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
    11:45:57.0937 0504 UMWdf - ok
    11:45:58.0203 0504 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
    11:46:02.0375 0504 Update - ok
    11:46:02.0593 0504 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll
    11:46:06.0734 0504 upnphost - ok
    11:46:06.0921 0504 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe
    11:46:11.0078 0504 UPS - ok
    11:46:11.0328 0504 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    11:46:15.0390 0504 usbccgp - ok
    11:46:15.0562 0504 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
    11:46:19.0562 0504 usbehci - ok
    11:46:19.0765 0504 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
    11:46:23.0984 0504 usbhub - ok
    11:46:24.0234 0504 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
    11:46:28.0187 0504 usbprint - ok
    11:46:28.0390 0504 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
    11:46:32.0296 0504 usbscan - ok
    11:46:32.0484 0504 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    11:46:36.0406 0504 USBSTOR - ok
    11:46:36.0578 0504 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    11:46:40.0500 0504 usbuhci - ok
    11:46:40.0671 0504 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
    11:46:44.0625 0504 usb_rndisx - ok
    11:46:44.0781 0504 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
    11:46:48.0921 0504 VgaSave - ok
    11:46:49.0109 0504 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
    11:46:53.0140 0504 ViaIde - ok
    11:46:53.0359 0504 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
    11:46:57.0281 0504 VolSnap - ok
    11:46:57.0593 0504 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe
    11:47:01.0750 0504 VSS - ok
    11:47:02.0000 0504 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll
    11:47:06.0046 0504 W32Time - ok
    11:47:06.0281 0504 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
    11:47:10.0093 0504 Wanarp - ok
    11:47:10.0406 0504 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
    11:47:11.0187 0504 Wdf01000 - ok
    11:47:11.0328 0504 WDICA - ok
    11:47:11.0546 0504 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
    11:47:15.0625 0504 wdmaud - ok
    11:47:15.0843 0504 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll
    11:47:19.0875 0504 WebClient - ok
    11:47:20.0312 0504 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
    11:47:24.0203 0504 winmgmt - ok
    11:47:24.0609 0504 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
    11:47:25.0156 0504 WmdmPmSN - ok
    11:47:25.0515 0504 [ 93F8EB8C7CD4E325EC92EDBFC545103D ] Wmi C:\WINDOWS\System32\advapi32.dll
    11:47:26.0375 0504 Wmi - ok
    11:47:26.0562 0504 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    11:47:30.0578 0504 WmiAcpi - ok
    11:47:30.0859 0504 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
    11:47:34.0968 0504 WmiApSrv - ok
    11:47:35.0453 0504 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    11:47:36.0453 0504 WPFFontCache_v0400 - ok
    11:47:36.0656 0504 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
    11:47:41.0000 0504 WS2IFSL - ok
    11:47:41.0281 0504 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
    11:47:45.0359 0504 wscsvc - ok
    11:47:45.0515 0504 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
    11:47:49.0375 0504 wuauserv - ok
    11:47:49.0562 0504 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    11:47:50.0140 0504 WudfPf - ok
    11:47:50.0328 0504 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    11:47:50.0968 0504 WudfRd - ok
    11:47:51.0156 0504 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
    11:47:51.0750 0504 WudfSvc - ok
    11:47:52.0062 0504 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
    11:47:56.0218 0504 WZCSVC - ok
    11:47:56.0437 0504 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
    11:48:00.0406 0504 xmlprov - ok
    11:48:00.0750 0504 ================ Scan global ===============================
    11:48:01.0000 0504 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll
    11:48:01.0281 0504 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
    11:48:01.0609 0504 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
    11:48:01.0859 0504 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe
    11:48:01.0953 0504 [Global] - ok
    11:48:01.0968 0504 ================ Scan MBR ==================================
    11:48:02.0109 0504 [ D0531855B1068A1C2BE746F73C551399 ] \Device\Harddisk0\DR0
    11:48:03.0562 0504 \Device\Harddisk0\DR0 - ok
    11:48:03.0578 0504 ================ Scan VBR ==================================
    11:48:03.0640 0504 [ 23C345BFA1784C2E7AEF9D8F7E009FAC ] \Device\Harddisk0\DR0\Partition1
    11:48:03.0687 0504 \Device\Harddisk0\DR0\Partition1 - ok
    11:48:03.0687 0504 ============================================================
    11:48:03.0687 0504 Scan finished
    11:48:03.0703 0504 ============================================================
    11:48:04.0015 3032 Detected object count: 7
    11:48:04.0015 3032 Actual detected object count: 7
    11:50:56.0234 3032 ATMhelpr ( UnsignedFile.Multi.Generic ) - skipped by user
    11:50:56.0250 3032 ATMhelpr ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:50:56.0265 3032 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
    11:50:56.0281 3032 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:50:56.0328 3032 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
    11:50:56.0328 3032 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:50:56.0375 3032 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
    11:50:56.0390 3032 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:50:56.0437 3032 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
    11:50:56.0437 3032 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:50:56.0484 3032 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
    11:50:56.0484 3032 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:50:56.0546 3032 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
    11:50:56.0546 3032 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:51:32.0640 2084 Deinitialize success

    En de ComboFix:


    ComboFix 13-01-26.02 - nielsho 26-01-2013 12:57:30.3.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1015.523 [GMT 1:00]
    Gestart vanuit: c:\documents and settings
    ielsho\Bureaublad\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-26 to 2013-01-26 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-26 13:55 . 2013-01-26 13:55 ——– d—–w- C:\216b416395a91a98e494
    2013-01-26 11:21 . 2013-01-26 11:21 ——– d–h–r- c:\documents and settings
    ielsho\Onlangs geopend
    2013-01-26 10:13 . 2013-01-26 10:13 29904 —-a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F6E0F18-04BA-4939-BFDB-034BA7EC37B6}\MpKsl1b87c517.sys
    2013-01-26 08:22 . 2013-01-26 11:19 ——– d—–w- c:\documents and settings
    ielsho\Application Data\Systweak
    2013-01-26 08:22 . 2012-12-10 11:01 18360 —-a-w- c:\windows\system32\roboot.exe
    2013-01-25 18:28 . 2013-01-25 18:28 60872 —-a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F6E0F18-04BA-4939-BFDB-034BA7EC37B6}\offreg.dll
    2013-01-25 18:04 . 2013-01-08 04:57 6991832 —-a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F6E0F18-04BA-4939-BFDB-034BA7EC37B6}\mpengine.dll
    2013-01-24 19:33 . 2013-01-08 04:57 6991832 —-a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-01-24 19:29 . 2013-01-25 17:44 ——– d—–w- c:\program files\CodeStuff
    2013-01-24 14:45 . 2013-01-24 14:46 ——– d—–w- C:\87bc6957fc66038ef47a4ed331092c66
    2013-01-20 16:23 . 2013-01-20 16:23 ——– d—–w- c:\program files\CCleaner
    2013-01-13 16:11 . 2013-01-14 01:33 ——– d—–w- C:\36cd03e572844ed81686e9151e6f1f
    2013-01-13 15:21 . 2013-01-14 01:33 ——– d—–w- C:\e3a056e9c5c326fc1935fb88
    2013-01-09 16:43 . 2013-01-09 16:43 16369160 —-a-w- c:\windows\system32\FlashPlayerInstaller.exe
    2012-12-30 15:10 . 2012-12-30 15:10 ——– d—–w- c:\documents and settings
    ielsho\triplea
    2012-12-29 20:41 . 2013-01-17 07:45 ——– d—–w- C:\tmp
    2012-12-29 20:36 . 2012-12-29 20:36 ——– d—–w- c:\program files\TripleA
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-01-09 16:43 . 2012-04-01 10:51 697864 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-01-09 16:43 . 2011-06-01 18:37 74248 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-12-16 12:23 . 2004-08-04 08:00 290560 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-14 15:49 . 2012-05-31 20:14 21104 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-11-13 11:55 . 2004-08-04 08:00 1866496 —-a-w- c:\windows\system32\win32k.sys
    2012-11-06 02:00 . 2007-05-15 14:43 1371648 —-a-w- c:\windows\system32\msxml6.dll
    2012-11-02 02:03 . 2004-08-04 08:00 375296 —-a-w- c:\windows\system32\dpnet.dll
    2012-11-01 12:12 . 2004-08-04 08:00 916992 —-a-w- c:\windows\system32\wininet.dll
    2012-11-01 12:12 . 2004-08-04 08:00 43520 ——w- c:\windows\system32\licmgr10.dll
    2012-11-01 12:12 . 2004-08-04 08:00 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
    2012-11-01 00:35 . 2004-08-04 08:00 385024 ——w- c:\windows\system32\html.iec
    2012-01-22 10:57 . 2012-01-22 10:57 22796304 —-a-w- c:\program files\Video-Converter-Platinum.exe
    2011-04-24 23:58 . 2011-04-24 23:58 124864 —-a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
    2011-04-25 00:48 . 2011-04-25 00:48 13760 —-a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
    2011-04-25 00:00 . 2011-04-25 00:00 71104 —-a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
    2011-04-24 23:59 . 2011-04-24 23:59 92096 —-a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
    2011-04-24 23:58 . 2011-04-24 23:58 22976 —-a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
    2011-04-24 23:57 . 2011-04-24 23:57 255936 —-a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
    2011-04-24 23:58 . 2011-04-24 23:58 32192 —-a-w- c:\program files\mozilla firefox\plugins\icafile.dll
    2011-04-24 23:58 . 2011-04-24 23:58 40896 —-a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
    2011-04-24 23:51 . 2011-04-24 23:51 898480 —-a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
    2011-04-25 00:00 . 2011-04-25 00:00 24512 —-a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
    "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
    "ISUSPM"="c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-29 68856]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsmqIntCert"="mqrt.dll" [2008-04-14 177152]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-05-11 472632]
    "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
    "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
    backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BTTray.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk
    backup=c:\windows\pss\BTTray.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^DVD Check.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\DVD Check.lnk
    backup=c:\windows\pss\DVD Check.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
    2007-05-03 09:52 57344 —-a-w- c:\program files\Hewlett-Packard\Default Settings\Cpqset.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX7400 Series]
    2007-04-12 06:00 182272 —-a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATICDE.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
    2006-11-13 12:39 1289000 —-a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
    2007-03-29 13:41 222128 ——w- c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2008-11-20 12:20 290088 —-a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    2007-04-19 11:26 484904 —-a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2008-04-14 17:03 1695232 ——w- c:\program files\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
    2010-03-26 08:52 1234216 —-a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
    2007-05-08 06:38 331552 —-a-w- c:\program files\PDF Complete\pdfsty.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2008-11-04 09:30 413696 —-a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-05-14 09:44 248552 —-a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2008-01-29 14:43 68856 —-a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WatchDog]
    2007-05-23 10:00 192512 —-a-w- c:\program files\InterVideo\DVD Check\DVDCheck.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    2006-11-03 17:20 866584 —-a-w- c:\program files\Windows Defender\MSASCui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
    .
    R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [4-1-2011 14:29 4064]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [25-4-2011 0:49 65584]
    R1 MpKsl1b87c517;MpKsl1b87c517;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F6E0F18-04BA-4939-BFDB-034BA7EC37B6}\MpKsl1b87c517.sys [26-1-2013 11:13 29904]
    R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [25-3-2010 13:39 490280]
    R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [24-7-2007 8:14 540448]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [19-9-2006 17:58 36608]
    S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18-12-2009 9:58 11336]
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 04385087
    *NewlyCreated* - 49176666
    *NewlyCreated* - MPKSL1B87C517
    *Deregistered* - 04385087
    *Deregistered* - 49176666
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2007-04-19 11:23 452136 —-a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:43]
    .
    2013-01-26 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-29 09:59]
    .
    2013-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 19:53]
    .
    2013-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 19:53]
    .
    2013-01-26 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
    - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 15:25]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyServer = isa01:8080
    uInternet Settings,ProxyOverride = hxxp://*.gmb.eu;<local>
    TCP: DhcpNameServer = 192.168.1.1
    DPF: {DC8B04D7-DFBE-46B4-BAB6-61981E896C64} - hxxp://www.virtuocity.eu/download/v223/virtuocity.cab
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2013-01-26 15:32
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
    "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'explorer.exe'(708)
    c:\windows\system32\msi.dll
    c:\windows\system32\webcheck.dll
    .
    Voltooingstijd: 2013-01-26 15:36:40
    ComboFix-quarantined-files.txt 2013-01-26 14:36
    ComboFix2.txt 2013-01-24 19:14
    .
    Pre-Run: 81.639.665.664 bytes beschikbaar
    Post-Run: 81.633.062.912 bytes beschikbaar
    .
    - - End Of File - - C8FA2C3498D55446CD3001CFEE9875F2

    Hoop dat iemand raad heeft!















  • Net zoals ik zal je even geduld moeten hebben voordat Abraham54 een reactie kan geven.
    Abraham54 is heel erg druk en is ook actief op andere fora!!
  • [quote:f0fe79c883="Jos H"]Net zoals ik zal je even geduld moeten hebben voordat Abraham54 een reactie kan geven.
    Abraham54 is heel erg druk en is ook actief op andere fora!![/quote:f0fe79c883]

    Heel aardig van Jos.

    Donderdag mijn nieuwe notebook ontvangen, enkel had ik de grootste moeite om de LAN-verbinding te installeren!
    Want ik heb zelf geen WLAN!
    Dus was ik even heel stil.
    Inmiddels draait alles als een zonnetje!


    On Topic.

    Het in eigen regie tools zoals ComboFix en TDSSKiller gebruiken is af te raden!
    Deze tools zware tools zijn daarvoor niet bedoeld, want verkeerde beslissingen kunnen leiden tot een kapotte Windows.

    Doe het volgende:

    [b:f0fe79c883]Welk programma[/b:f0fe79c883]:
  • Beste Abraham,
    Bedankt voor je reactie.
    Hier komen de scans van OTL:

    OTL logfile created on: 27-1-2013 17:22:18 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings
    ielsho\Bureaublad
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    1015,23 Mb Total Physical Memory | 590,94 Mb Available Physical Memory | 58,21% Memory free
    2,38 Gb Paging File | 2,09 Gb Available in Paging File | 87,53% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 111,79 Gb Total Space | 75,56 Gb Free Space | 67,59% Space Free | Partition Type: NTFS

    Computer Name: GMB_LT_R010 | User Name: nielsho | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days


  • …. en het laatste deel van OTL.Txt


  • … en hierbij Extra.Txt:

    OTL Extras logfile created on: 27-1-2013 17:22:18 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings
    ielsho\Bureaublad
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    1015,23 Mb Total Physical Memory | 590,94 Mb Available Physical Memory | 58,21% Memory free
    2,38 Gb Paging File | 2,09 Gb Available in Paging File | 87,53% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 111,79 Gb Total Space | 75,56 Gb Free Space | 67,59% Space Free | Partition Type: NTFS

    Computer Name: GMB_LT_R010 | User Name: nielsho | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days


  • Twee scans:

  • Hierbij het logbestand van AdwCleaner:

    # AdwCleaner v2.109 - Verslag gemaakt op 27/01/2013 om 18:35:55
    # Geactualiseerd op 26/01/2013 door Xplode
    # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
    # Gebruiker : nielsho - GMB_LT_R010
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Documents and Settings
    ielsho\Bureaublad\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    File Verwijdert : C:\Documents and Settings
    ielsho\Local Settings\Application Data\funmoods-speeddial.crx
    File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
    File Verwijdert : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
    File Verwijdert : C:\user.js
    File Verwijdert : C:\WINDOWS\system32\conduitEngine.tmp
    Map Verwijdert : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
    Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Babylon
    Map Verwijdert : C:\Documents and Settings\All Users\Application Data\boost_interprocess
    Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Tarma Installer
    Map Verwijdert : C:\Documents and Settings
    ielsho\Application Data\Babylon
    Map Verwijdert : C:\Documents and Settings
    ielsho\Application Data\searchquband
    Map Verwijdert : C:\Documents and Settings
    ielsho\Application Data\yourfiledownloader
    Map Verwijdert : C:\Documents and Settings
    ielsho\Local Settings\Application Data\Babylon
    Map Verwijdert : C:\Documents and Settings
    ielsho\Local Settings\Application Data\Conduit
    Map Verwijdert : C:\Documents and Settings\Nielsk\Local Settings\Application Data\Conduit
    Map Verwijdert : C:\Program Files\1ClickDownload
    Map Verwijdert : C:\Program Files\Conduit
    Map Verwijdert : C:\Program Files\Free Offers from Freeze.com
    Map Verwijdert : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
    Map Verwijdert : C:\Program Files\OApps
    Verwijdert bij het opstarten : C:\Documents and Settings
    ielsho\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
    Verwijdert bij het opstarten : C:\Documents and Settings
    ielsho\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\1ClickDownload
    Sleutel Verwijdert : HKCU\Software\AppDataLow\AskToolbarInfo
    Sleutel Verwijdert : HKCU\Software\Ask.com
    Sleutel Verwijdert : HKCU\Software\AskToolbar
    Sleutel Verwijdert : HKCU\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\Crossrider
    Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82EA3E77-7BD2-4744-A8F2-670770767EC5}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Sleutel Verwijdert : HKCU\Software\Need2Find
    Sleutel Verwijdert : HKCU\Software\YourFileDownloader
    Sleutel Verwijdert : HKLM\Software\Babylon
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\Freeze.com
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
    Sleutel Verwijdert : HKLM\Software\Iminent
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
    Sleutel Verwijdert : HKLM\Software\Need2Find
    Sleutel Verwijdert : HKLM\Software\P2P Networking
    Sleutel Verwijdert : HKLM\Software\YourFileDownloader
    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

    ***** [Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

    File : C:\Documents and Settings
    ielsho\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[S1].txt - [6173 octets] - [27/01/2013 18:35:55]

    ########## EOF - C:\AdwCleaner[S1].txt - [6233 octets] ##########









  • Goed gedaan, datr ruimt al op.
    Nu ComboFix doen.
  • … en tenslotte het CombiFix log bestand:

    ComboFix 13-01-27.03 - nielsho 27-01-2013 19:02:07.4.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1015.583 [GMT 1:00]
    Gestart vanuit: c:\documents and settings
    ielsho\Bureaublad\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-27 to 2013-01-27 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-27 13:28 . 2013-01-27 13:28 ——– d—–w- c:\documents and settings
    ielsho\Local Settings\Application Data\Nero_AG
    2013-01-26 19:12 . 2013-01-08 04:57 6991832 —-a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1BE839BB-19D9-45B6-B246-F8DBE18D479B}\mpengine.dll
    2013-01-26 11:21 . 2013-01-27 15:22 ——– d–h–r- c:\documents and settings
    ielsho\Onlangs geopend
    2013-01-26 08:22 . 2013-01-26 11:19 ——– d—–w- c:\documents and settings
    ielsho\Application Data\Systweak
    2013-01-26 08:22 . 2012-12-10 11:01 18360 —-a-w- c:\windows\system32\roboot.exe
    2013-01-25 18:04 . 2013-01-08 04:57 6991832 —-a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-01-24 19:29 . 2013-01-25 17:44 ——– d—–w- c:\program files\CodeStuff
    2013-01-24 14:45 . 2013-01-24 14:46 ——– d—–w- C:\87bc6957fc66038ef47a4ed331092c66
    2013-01-20 16:23 . 2013-01-20 16:23 ——– d—–w- c:\program files\CCleaner
    2013-01-13 16:11 . 2013-01-14 01:33 ——– d—–w- C:\36cd03e572844ed81686e9151e6f1f
    2013-01-13 15:21 . 2013-01-14 01:33 ——– d—–w- C:\e3a056e9c5c326fc1935fb88
    2013-01-09 16:43 . 2013-01-09 16:43 16369160 —-a-w- c:\windows\system32\FlashPlayerInstaller.exe
    2012-12-30 15:10 . 2012-12-30 15:10 ——– d—–w- c:\documents and settings
    ielsho\triplea
    2012-12-29 20:41 . 2013-01-17 07:45 ——– d—–w- C:\tmp
    2012-12-29 20:36 . 2012-12-29 20:36 ——– d—–w- c:\program files\TripleA
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-01-09 16:43 . 2012-04-01 10:51 697864 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-01-09 16:43 . 2011-06-01 18:37 74248 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-12-16 12:23 . 2004-08-04 08:00 290560 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-14 15:49 . 2012-05-31 20:14 21104 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-11-13 11:55 . 2004-08-04 08:00 1866496 —-a-w- c:\windows\system32\win32k.sys
    2012-11-06 02:00 . 2007-05-15 14:43 1371648 —-a-w- c:\windows\system32\msxml6.dll
    2012-11-02 02:03 . 2004-08-04 08:00 375296 —-a-w- c:\windows\system32\dpnet.dll
    2012-11-01 12:12 . 2004-08-04 08:00 916992 —-a-w- c:\windows\system32\wininet.dll
    2012-11-01 12:12 . 2004-08-04 08:00 43520 ——w- c:\windows\system32\licmgr10.dll
    2012-11-01 12:12 . 2004-08-04 08:00 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
    2012-11-01 00:35 . 2004-08-04 08:00 385024 ——w- c:\windows\system32\html.iec
    2012-01-22 10:57 . 2012-01-22 10:57 22796304 —-a-w- c:\program files\Video-Converter-Platinum.exe
    2011-04-24 23:58 . 2011-04-24 23:58 124864 —-a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
    2011-04-25 00:48 . 2011-04-25 00:48 13760 —-a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
    2011-04-25 00:00 . 2011-04-25 00:00 71104 —-a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
    2011-04-24 23:59 . 2011-04-24 23:59 92096 —-a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
    2011-04-24 23:58 . 2011-04-24 23:58 22976 —-a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
    2011-04-24 23:57 . 2011-04-24 23:57 255936 —-a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
    2011-04-24 23:58 . 2011-04-24 23:58 32192 —-a-w- c:\program files\mozilla firefox\plugins\icafile.dll
    2011-04-24 23:58 . 2011-04-24 23:58 40896 —-a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
    2011-04-24 23:51 . 2011-04-24 23:51 898480 —-a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
    2011-04-25 00:00 . 2011-04-25 00:00 24512 —-a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
    "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
    "ISUSPM"="c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-29 68856]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsmqIntCert"="mqrt.dll" [2008-04-14 177152]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-05-11 472632]
    "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
    "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
    backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BTTray.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk
    backup=c:\windows\pss\BTTray.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^DVD Check.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\DVD Check.lnk
    backup=c:\windows\pss\DVD Check.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
    2007-05-03 09:52 57344 —-a-w- c:\program files\Hewlett-Packard\Default Settings\Cpqset.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX7400 Series]
    2007-04-12 06:00 182272 —-a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATICDE.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
    2006-11-13 12:39 1289000 —-a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
    2007-03-29 13:41 222128 ——w- c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2008-11-20 12:20 290088 —-a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    2007-04-19 11:26 484904 —-a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2008-04-14 17:03 1695232 ——w- c:\program files\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
    2010-03-26 08:52 1234216 —-a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
    2007-05-08 06:38 331552 —-a-w- c:\program files\PDF Complete\pdfsty.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2008-11-04 09:30 413696 —-a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-05-14 09:44 248552 —-a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2008-01-29 14:43 68856 —-a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WatchDog]
    2007-05-23 10:00 192512 —-a-w- c:\program files\InterVideo\DVD Check\DVDCheck.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    2006-11-03 17:20 866584 —-a-w- c:\program files\Windows Defender\MSASCui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
    .
    R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [4-1-2011 14:29 4064]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [25-4-2011 0:49 65584]
    R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [25-3-2010 13:39 490280]
    R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [24-7-2007 8:14 540448]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [19-9-2006 17:58 36608]
    S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18-12-2009 9:58 11336]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2007-04-19 11:23 452136 —-a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:43]
    .
    2013-01-27 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-29 09:59]
    .
    2013-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 19:53]
    .
    2013-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 19:53]
    .
    2013-01-27 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
    - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 15:25]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyServer = isa01:8080
    uInternet Settings,ProxyOverride = hxxp://*.gmb.eu;<local>
    TCP: DhcpNameServer = 192.168.1.1
    DPF: {DC8B04D7-DFBE-46B4-BAB6-61981E896C64} - hxxp://www.virtuocity.eu/download/v223/virtuocity.cab
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2013-01-27 19:10
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
    "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'explorer.exe'(1100)
    c:\windows\system32\msi.dll
    c:\windows\system32\webcheck.dll
    .
    Voltooingstijd: 2013-01-27 19:12:21
    ComboFix-quarantined-files.txt 2013-01-27 18:12
    ComboFix2.txt 2013-01-26 14:36
    ComboFix3.txt 2013-01-24 19:14
    .
    Pre-Run: 81.213.210.624 bytes beschikbaar
    Post-Run: 81.443.635.200 bytes beschikbaar
    .
    - - End Of File - - 97746AC91D3908C23E0C91F8561D2796




  • Download naar je bureaublad [b:5235811bb5].
    [list:5235811bb5][*:5235811bb5] Klik/dubbelklik op [b:5235811bb5]SecurityCheck.exe[/b:5235811bb5] en let op de instrukties in het zwarte venster.
    [*:5235811bb5] Een Kladblok document genaamd [b:5235811bb5]checkup.txt[/b:5235811bb5] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:5235811bb5] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:5235811bb5]
    Post de inhoud van [b:5235811bb5]checkup.txt [/b:5235811bb5]in je volgende post.
  • Hallo Abraham,
    Hierbij de Security Check:

    Results of screen317's Security Check version 0.99.57
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    [b:19c4e42c8d][u:19c4e42c8d]``````````````Antivirus/Firewall Check:``````````````[/b:19c4e42c8d][/u:19c4e42c8d]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.