Vraag & Antwoord

Beveiliging & privacy

Toolbar moet weg, opstarten gaat niet goed, Panda weg soms

Anoniem
Abraham54
132 antwoorden
  • Hallo,

    daar ben ik weer eens op jullie goede forum. Ik heb hulp nodig denk ik!
    (laptop Compaq Pressario, met XP en GP12, MozillaFirefox)

    E.e.a. gaat toch weer niet goed met mijn laptop. Er is iets fout gegaan of ik heb iets fout gedaan. Dat weet ik niet, maar mijn problemen zijn:

    1) Het opstarten duurt heel lang en niet alles start goed op, er blijven programma's hangen bij t opstarten lijkt wel, waardoor er foutmeldingen komen en ik opnieuw moet rebooten. (TPSrv.exe is daar eentje van). De ventilator gaat heel hard draaien en CPU is hoog +/- 95%.

    2) Daarnaast heb ik een toolbar van vuze in mijn MozillaFirefox die ik niet wil, die is er bij een update opgekomen, terwijl ik toch echt het vinkje weg had gehaald bij de installatie van de update…?! En die krijg ik nu niet meer weg.

    3) Daarnaast floept het Panda hoofdje soms ineens van mijn scherm weg en als ik dan via configuratie via de beveiliging Panda open, staat er alles in rood van bedreiging en dat ik het moet oplossen…? Meestal op die button van 'oplossen' klikken en na 2 of 3x zegt ie rebooten. Daarna is het weer even goed.

    4) Ook Adobe geeft telkens een mislukte update aan. Heb dit al een paar keer handmatig dan via de site gedaan, maar dan geeft een schermpje aan dat deze al is geinstalleerd… Zo geeft de Plugincheck bij MozillaFirefox aan dat het okay is, zo staat er updaten ineens. Dit al een paar dagen. (install_flashplayer10_chra_aih).

    Dus weer een kreet om hulp van mij. MBAM geeft geen besmetting en Panda ook niet als ik die scan. HiJackThisLog hieronder.



    HJT-log:

    [hjt]
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:23:20, on 24-9-2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    [b:47bfb8d893]Running processes:[/b:47bfb8d893]
  • Hoi Holly, de kleurcodeerder hoef jij niet meer te gebruiken hoor, die gebruik ik in principe alleen op het NCF!

    We gaan meteen maar diep in jouw Windows kijken:

    [b:274e0a1718]Welk programma[/b:274e0a1718]: ComboFix
    [b:274e0a1718]Waarvoor/waarom[/b:274e0a1718]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:274e0a1718]Moeilijkheidsgraad[/b:274e0a1718]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:274e0a1718]Downloadlokatie[/b:274e0a1718]: Dit programma absoluut naar het bureaublad downloaden!
    [b:274e0a1718]Download ComboFix via één van deze locaties[/b:274e0a1718]:
    [list:274e0a1718][*:274e0a1718][b:274e0a1718]Bleepingcomputer[/b:274e0a1718]
    [*:274e0a1718][b:274e0a1718]ForoSpyware[/b:274e0a1718]
    [*:274e0a1718][b:274e0a1718]Geekstogo[/b:274e0a1718][/list:u:274e0a1718]
    [b:274e0a1718]Hier[/b:274e0a1718] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:274e0a1718]Hier[/b:274e0a1718] en [b:274e0a1718]hier[/b:274e0a1718] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:274e0a1718]Voor alle duidelijkheid nogmaals[/b:274e0a1718]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:274e0a1718]Opmerkingen[/b:274e0a1718]:
    [list:274e0a1718][*:274e0a1718] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:274e0a1718]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:274e0a1718]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:274e0a1718]
    [b:274e0a1718]ComboFix is opgestart[/b:274e0a1718]:
    [list:274e0a1718][*:274e0a1718]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:274e0a1718]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:274e0a1718]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:274e0a1718]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:274e0a1718]Post de inhoud van dit logbestand in je volgende bericht.
    [*:274e0a1718]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:274e0a1718]
    [b:274e0a1718]Belangrijke opmerking[/b:274e0a1718]:
    [list:274e0a1718][*:274e0a1718][b:274e0a1718]
  • Hallo Abraham54,

    … t lukt niet zo best… :cry:


    op bureaublad combofix gedownload
    internet uitgezet
    antivirus uitgeschakeld
    automatische updates van windows uit
    combofix gestart en schermpjes doorlopen, ging grotendeels vanzelf…tot laatste stukje, ruim 7,5 uur gewacht, dat leek me niet goed, omdat er stond ergens dat het niet zo lang zou duren…

    ben dus rond 13:35 begonnen, net pc uitgezet en opnieuw opgestart, was bang dat ie t niet meer zou doen omdat er iets stond dat Windows kon bevriezen. Ook stond er dat het even kon duren, maar dit was wel heel lang mijns inziens.

    Alles ging vrij snel, schermpjes met al die nummers, denk +/- 20 min, maar toen het blauwe scherm kwam met:
    "even geduld, Windows wordt opnieuw opgestart…" dat heeft dus ruim 7,5 uur geduurd,

    Wat is er misgegaan? Of wellicht: heb ik iets verkeerd gedaan?
    :oops:

    groetjes Holly
  • Heel vreemd allemaal.

    Doe onderstaande nu eerst:

  • Hallo Abraham54,

    gisteravond na mijn post nogmaals een poging gedaan met de combofix, maar tot vanmorgen stond er nog: ' Windows wordt herstart . . . geduld aub'

    De logs:

    11:16:52.0062 5928 TDSS rootkit removing tool 2.6.0.0 Sep 23 2011 07:42:37
    11:16:54.0078 5928 ============================================================
    11:16:54.0078 5928 Current date / time: 2011/09/25 11:16:54.0078
    11:16:54.0078 5928 SystemInfo:
    11:16:54.0078 5928
    11:16:54.0078 5928 OS Version: 5.1.2600 ServicePack: 3.0
    11:16:54.0078 5928 Product type: Workstation
    11:16:54.0078 5928 ComputerName: YOUR-D9E2434D81
    11:16:54.0078 5928 UserName: user
    11:16:54.0078 5928 Windows directory: C:\WINDOWS
    11:16:54.0078 5928 System windows directory: C:\WINDOWS
    11:16:54.0078 5928 Processor architecture: Intel x86
    11:16:54.0078 5928 Number of processors: 2
    11:16:54.0078 5928 Page size: 0x1000
    11:16:54.0078 5928 Boot type: Normal boot
    11:16:54.0078 5928 ============================================================
    11:16:54.0812 5928 Initialize success
    11:17:05.0859 3668 ============================================================
    11:17:05.0859 3668 Scan started
    11:17:05.0859 3668 Mode: Manual;
    11:17:05.0859 3668 ============================================================
    11:17:06.0500 3668 Abiosdsk - ok
    11:17:06.0546 3668 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
    11:17:06.0562 3668 abp480n5 - ok
    11:17:06.0609 3668 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    11:17:06.0609 3668 ACPI - ok
    11:17:06.0640 3668 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    11:17:06.0640 3668 ACPIEC - ok
    11:17:06.0687 3668 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
    11:17:06.0687 3668 adpu160m - ok
    11:17:06.0718 3668 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    11:17:06.0734 3668 aec - ok
    11:17:06.0781 3668 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
    11:17:06.0781 3668 Afc - ok
    11:17:06.0875 3668 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
    11:17:06.0890 3668 AFD - ok
    11:17:06.0921 3668 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    11:17:06.0921 3668 agp440 - ok
    11:17:06.0953 3668 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
    11:17:06.0968 3668 agpCPQ - ok
    11:17:07.0000 3668 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
    11:17:07.0000 3668 Aha154x - ok
    11:17:07.0031 3668 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
    11:17:07.0031 3668 aic78u2 - ok
    11:17:07.0062 3668 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
    11:17:07.0062 3668 aic78xx - ok
    11:17:07.0125 3668 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
    11:17:07.0125 3668 AliIde - ok
    11:17:07.0234 3668 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
    11:17:07.0234 3668 alim1541 - ok
    11:17:07.0281 3668 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
    11:17:07.0281 3668 amdagp - ok
    11:17:07.0343 3668 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
    11:17:07.0343 3668 AmdK8 - ok
    11:17:07.0390 3668 AmFSM (ef9dd27aa5a3baaf2fd2b44c08a3e622) C:\WINDOWS\system32\DRIVERS\amm8651.sys
    11:17:07.0390 3668 AmFSM - ok
    11:17:07.0437 3668 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
    11:17:07.0437 3668 amsint - ok
    11:17:07.0484 3668 APPFLT (6b467e791ec470d010bd50e5e98bf467) C:\WINDOWS\system32\Drivers\APPFLT.SYS
    11:17:07.0484 3668 APPFLT - ok
    11:17:07.0609 3668 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    11:17:07.0609 3668 Arp1394 - ok
    11:17:07.0640 3668 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
    11:17:07.0656 3668 asc - ok
    11:17:07.0687 3668 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
    11:17:07.0687 3668 asc3350p - ok
    11:17:07.0718 3668 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
    11:17:07.0718 3668 asc3550 - ok
    11:17:07.0781 3668 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    11:17:07.0781 3668 AsyncMac - ok
    11:17:07.0812 3668 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    11:17:07.0828 3668 atapi - ok
    11:17:07.0843 3668 Atdisk - ok
    11:17:07.0875 3668 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    11:17:07.0890 3668 Atmarpc - ok
    11:17:07.0937 3668 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    11:17:07.0937 3668 audstub - ok
    11:17:08.0000 3668 AvFlt - ok
    11:17:08.0078 3668 BCM43XX (114234fafec7060392195170e1c4d45e) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
    11:17:08.0078 3668 BCM43XX - ok
    11:17:08.0109 3668 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    11:17:08.0109 3668 Beep - ok
    11:17:08.0203 3668 catchme - ok
    11:17:08.0265 3668 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
    11:17:08.0265 3668 cbidf - ok
    11:17:08.0343 3668 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    11:17:08.0343 3668 cbidf2k - ok
    11:17:08.0421 3668 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    11:17:08.0437 3668 CCDECODE - ok
    11:17:08.0468 3668 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
    11:17:08.0468 3668 cd20xrnt - ok
    11:17:08.0500 3668 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    11:17:08.0500 3668 Cdaudio - ok
    11:17:08.0546 3668 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    11:17:08.0546 3668 Cdfs - ok
    11:17:08.0593 3668 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    11:17:08.0593 3668 Cdrom - ok
    11:17:08.0609 3668 Changer - ok
    11:17:08.0687 3668 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    11:17:08.0687 3668 CmBatt - ok
    11:17:08.0812 3668 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys
    11:17:08.0812 3668 CmdIde - ok
    11:17:08.0890 3668 ComFiltr (d9c33e68f61f27d8206f65b0190dc5cf) C:\WINDOWS\system32\DRIVERS\COMFiltr.sys
    11:17:08.0890 3668 ComFiltr - ok
    11:17:08.0984 3668 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    11:17:08.0984 3668 Compbatt - ok
    11:17:09.0281 3668 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
    11:17:09.0296 3668 Cpqarray - ok
    11:17:09.0359 3668 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
    11:17:09.0359 3668 dac2w2k - ok
    11:17:09.0406 3668 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
    11:17:09.0406 3668 dac960nt - ok
    11:17:09.0484 3668 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    11:17:09.0484 3668 Disk - ok
    11:17:09.0750 3668 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
    11:17:09.0765 3668 dmboot - ok
    11:17:09.0875 3668 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
    11:17:09.0875 3668 dmio - ok
    11:17:09.0968 3668 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    11:17:09.0968 3668 dmload - ok
    11:17:10.0046 3668 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    11:17:10.0046 3668 DMusic - ok
    11:17:10.0093 3668 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
    11:17:10.0093 3668 dpti2o - ok
    11:17:10.0109 3668 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    11:17:10.0125 3668 drmkaud - ok
    11:17:10.0171 3668 DSAFLT (5bb0f91ffd84057d094d106d9ff53298) C:\WINDOWS\system32\Drivers\DSAFLT.SYS
    11:17:10.0171 3668 DSAFLT - ok
    11:17:10.0218 3668 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
    11:17:10.0218 3668 eabfiltr - ok
    11:17:10.0281 3668 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
    11:17:10.0281 3668 eabusb - ok
    11:17:10.0359 3668 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    11:17:10.0375 3668 Fastfat - ok
    11:17:10.0500 3668 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    11:17:10.0500 3668 Fdc - ok
    11:17:10.0531 3668 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
    11:17:10.0531 3668 Fips - ok
    11:17:10.0562 3668 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    11:17:10.0562 3668 Flpydisk - ok
    11:17:10.0609 3668 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    11:17:10.0625 3668 FltMgr - ok
    11:17:10.0671 3668 FNETMON (a38b9ba7a4c17f7dce9ec4e8f7870026) C:\WINDOWS\system32\Drivers\fnetmon.SYS
    11:17:10.0671 3668 FNETMON - ok
    11:17:10.0703 3668 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    11:17:10.0703 3668 Fs_Rec - ok
    11:17:10.0750 3668 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    11:17:10.0750 3668 Ftdisk - ok
    11:17:10.0843 3668 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    11:17:10.0843 3668 Gpc - ok
    11:17:10.0906 3668 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
    11:17:10.0906 3668 HBtnKey - ok
    11:17:11.0031 3668 HdAudAddService (4905d28aa09f63e6a2f4e93ed6dd7d19) C:\WINDOWS\system32\drivers\CHDAud.sys
    11:17:11.0031 3668 HdAudAddService - ok
    11:17:11.0156 3668 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    11:17:11.0156 3668 HDAudBus - ok
    11:17:11.0218 3668 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    11:17:11.0218 3668 HidUsb - ok
    11:17:11.0265 3668 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
    11:17:11.0265 3668 hpn - ok
    11:17:11.0343 3668 HSFHWAZL (448c0fd272fe1b80046f4767db21eb8d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    11:17:11.0359 3668 HSFHWAZL - ok
    11:17:11.0421 3668 HSF_DPV (2715a27de9c17bdbaf6d6c79989a7b12) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    11:17:11.0453 3668 HSF_DPV - ok
    11:17:11.0578 3668 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    11:17:11.0593 3668 HTTP - ok
    11:17:11.0625 3668 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
    11:17:11.0640 3668 i2omgmt - ok
    11:17:11.0671 3668 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
    11:17:11.0671 3668 i2omp - ok
    11:17:11.0703 3668 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    11:17:11.0703 3668 i8042prt - ok
    11:17:11.0781 3668 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
    11:17:11.0796 3668 iaStor - ok
    11:17:11.0921 3668 IDSFLT (c4e887cf7ba2d3624233231aecd34c9d) C:\WINDOWS\system32\Drivers\IDSFLT.SYS
    11:17:11.0921 3668 IDSFLT - ok
    11:17:11.0968 3668 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    11:17:11.0984 3668 Imapi - ok
    11:17:12.0046 3668 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
    11:17:12.0046 3668 ini910u - ok
    11:17:12.0093 3668 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys
    11:17:12.0093 3668 IntelIde - ok
    11:17:12.0140 3668 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    11:17:12.0140 3668 Ip6Fw - ok
    11:17:12.0171 3668 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    11:17:12.0171 3668 IpFilterDriver - ok
    11:17:12.0281 3668 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    11:17:12.0281 3668 IpInIp - ok
    11:17:12.0359 3668 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    11:17:12.0359 3668 IpNat - ok
    11:17:12.0406 3668 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    11:17:12.0406 3668 IPSec - ok
    11:17:12.0437 3668 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    11:17:12.0453 3668 IRENUM - ok
    11:17:12.0484 3668 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    11:17:12.0500 3668 isapnp - ok
    11:17:12.0531 3668 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    11:17:12.0531 3668 Kbdclass - ok
    11:17:12.0562 3668 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    11:17:12.0562 3668 kbdhid - ok
    11:17:12.0593 3668 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    11:17:12.0609 3668 kmixer - ok
    11:17:12.0703 3668 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    11:17:12.0703 3668 KSecDD - ok
    11:17:12.0734 3668 lbrtfdc - ok
    11:17:12.0828 3668 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    11:17:12.0828 3668 mdmxsdk - ok
    11:17:12.0937 3668 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
    11:17:12.0937 3668 MHNDRV - ok
    11:17:13.0250 3668 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    11:17:13.0265 3668 mnmdd - ok
    11:17:13.0500 3668 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
    11:17:13.0500 3668 Modem - ok
    11:17:13.0640 3668 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    11:17:13.0656 3668 Mouclass - ok
    11:17:13.0781 3668 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    11:17:13.0781 3668 mouhid - ok
    11:17:13.0828 3668 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    11:17:13.0828 3668 MountMgr - ok
    11:17:13.0875 3668 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
    11:17:13.0890 3668 MPE - ok
    11:17:13.0921 3668 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
    11:17:13.0937 3668 mraid35x - ok
    11:17:13.0953 3668 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    11:17:13.0968 3668 MRxDAV - ok
    11:17:14.0062 3668 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    11:17:14.0062 3668 MRxSmb - ok
    11:17:14.0312 3668 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    11:17:14.0312 3668 Msfs - ok
    11:17:14.0406 3668 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    11:17:14.0406 3668 MSKSSRV - ok
    11:17:14.0609 3668 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    11:17:14.0625 3668 MSPCLOCK - ok
    11:17:14.0734 3668 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    11:17:14.0734 3668 MSPQM - ok
    11:17:14.0906 3668 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    11:17:14.0906 3668 mssmbios - ok
    11:17:15.0031 3668 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    11:17:15.0046 3668 MSTEE - ok
    11:17:15.0187 3668 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    11:17:15.0187 3668 Mup - ok
    11:17:15.0250 3668 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    11:17:15.0250 3668 NABTSFEC - ok
    11:17:15.0437 3668 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    11:17:15.0687 3668 NDIS - ok
    11:17:16.0171 3668 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    11:17:16.0171 3668 NdisIP - ok
    11:17:16.0234 3668 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    11:17:16.0234 3668 NdisTapi - ok
    11:17:16.0296 3668 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    11:17:16.0296 3668 Ndisuio - ok
    11:17:16.0359 3668 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    11:17:16.0375 3668 NdisWan - ok
    11:17:16.0421 3668 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    11:17:16.0437 3668 NDProxy - ok
    11:17:16.0578 3668 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    11:17:16.0578 3668 NetBIOS - ok
    11:17:16.0671 3668 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    11:17:16.0671 3668 NetBT - ok
    11:17:16.0781 3668 NETFLTDI (d8f44fc13db193c9379297973ee42272) C:\WINDOWS\system32\Drivers\NETFLTDI.SYS
    11:17:16.0781 3668 NETFLTDI - ok
    11:17:16.0843 3668 NETIMFLT01060044 (9dee136c4863d5065437d07262bb5c40) C:\WINDOWS\system32\DRIVERS\neti1644.sys
    11:17:16.0843 3668 NETIMFLT01060044 - ok
    11:17:16.0906 3668 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    11:17:16.0906 3668 NIC1394 - ok
    11:17:16.0953 3668 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    11:17:16.0968 3668 Npfs - ok
    11:17:17.0031 3668 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    11:17:17.0046 3668 Ntfs - ok
    11:17:17.0140 3668 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    11:17:17.0140 3668 Null - ok
    11:17:17.0375 3668 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    11:17:17.0437 3668 nv - ok
    11:17:17.0546 3668 nvata (3ac5eedd35b7437d53960f3998bfa462) C:\WINDOWS\system32\DRIVERS\nvata.sys
    11:17:17.0546 3668 nvata - ok
    11:17:17.0593 3668 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
    11:17:17.0593 3668 NVENETFD - ok
    11:17:17.0640 3668 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
    11:17:17.0640 3668 nvnetbus - ok
    11:17:17.0750 3668 nvsmu (e0f76fab86fec98778047d0c7c39cbb9) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
    11:17:17.0750 3668 nvsmu - ok
    11:17:17.0906 3668 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    11:17:17.0906 3668 NwlnkFlt - ok
    11:17:18.0046 3668 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    11:17:18.0046 3668 NwlnkFwd - ok
    11:17:18.0187 3668 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    11:17:18.0187 3668 ohci1394 - ok
    11:17:18.0281 3668 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\drivers\Parport.sys
    11:17:18.0281 3668 Parport - ok
    11:17:18.0312 3668 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    11:17:18.0312 3668 PartMgr - ok
    11:17:18.0375 3668 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
    11:17:18.0375 3668 ParVdm - ok
    11:17:18.0515 3668 pavboot (55d654258a9c509b671310c314bd30b4) C:\WINDOWS\system32\Drivers\pavboot.sys
    11:17:18.0515 3668 pavboot - ok
    11:17:18.0578 3668 PavProc (a110035fdc4b8f8f0cd5e71d031274e1) C:\WINDOWS\system32\DRIVERS\PavProc.sys
    11:17:18.0578 3668 PavProc - ok
    11:17:18.0609 3668 PavSRK.sys - ok
    11:17:18.0656 3668 PavTPK.sys - ok
    11:17:18.0703 3668 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
    11:17:18.0703 3668 PCI - ok
    11:17:18.0734 3668 PCIDump - ok
    11:17:18.0796 3668 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
    11:17:18.0796 3668 PCIIde - ok
    11:17:18.0843 3668 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    11:17:18.0843 3668 Pcmcia - ok
    11:17:18.0875 3668 PDCOMP - ok
    11:17:18.0906 3668 PDFRAME - ok
    11:17:18.0937 3668 PDRELI - ok
    11:17:18.0968 3668 PDRFRAME - ok
    11:17:19.0015 3668 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
    11:17:19.0015 3668 perc2 - ok
    11:17:19.0125 3668 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
    11:17:19.0125 3668 perc2hib - ok
    11:17:19.0234 3668 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    11:17:19.0234 3668 PptpMiniport - ok
    11:17:19.0265 3668 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    11:17:19.0265 3668 PSched - ok
    11:17:19.0312 3668 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    11:17:19.0312 3668 Ptilink - ok
    11:17:19.0343 3668 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    11:17:19.0343 3668 PxHelp20 - ok
    11:17:19.0390 3668 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
    11:17:19.0390 3668 ql1080 - ok
    11:17:19.0437 3668 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
    11:17:19.0437 3668 Ql10wnt - ok
    11:17:19.0484 3668 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
    11:17:19.0484 3668 ql12160 - ok
    11:17:19.0515 3668 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
    11:17:19.0515 3668 ql1240 - ok
    11:17:19.0562 3668 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
    11:17:19.0562 3668 ql1280 - ok
    11:17:19.0593 3668 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    11:17:19.0609 3668 RasAcd - ok
    11:17:19.0906 3668 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    11:17:19.0906 3668 Rasl2tp - ok
    11:17:19.0937 3668 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    11:17:19.0953 3668 RasPppoe - ok
    11:17:20.0046 3668 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    11:17:20.0046 3668 Raspti - ok
    11:17:20.0140 3668 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    11:17:20.0156 3668 Rdbss - ok
    11:17:20.0187 3668 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    11:17:20.0187 3668 RDPCDD - ok
    11:17:20.0265 3668 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    11:17:20.0281 3668 rdpdr - ok
    11:17:20.0359 3668 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    11:17:20.0359 3668 RDPWD - ok
    11:17:20.0437 3668 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
    11:17:20.0437 3668 redbook - ok
    11:17:20.0562 3668 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
    11:17:20.0562 3668 Revoflt - ok
    11:17:20.0625 3668 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
    11:17:20.0640 3668 rimmptsk - ok
    11:17:20.0656 3668 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
    11:17:20.0656 3668 rimsptsk - ok
    11:17:20.0718 3668 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
    11:17:20.0718 3668 rismxdp - ok
    11:17:20.0812 3668 RTL2832UBDA (afddcf65cc3245e477f31f180d75bc9e) C:\WINDOWS\system32\drivers\RTL2832UBDA.sys
    11:17:20.0828 3668 RTL2832UBDA - ok
    11:17:20.0875 3668 RTL2832UUSB (6adb7b70b4169e9845d5e70f5abeb997) C:\WINDOWS\system32\Drivers\RTL2832UUSB.sys
    11:17:20.0875 3668 RTL2832UUSB - ok
    11:17:20.0921 3668 RTL2832U_IRHID (d4489365be6e27f4bab4524aba5e4278) C:\WINDOWS\system32\DRIVERS\RTL2832U_IRHID.sys
    11:17:20.0921 3668 RTL2832U_IRHID - ok
    11:17:21.0031 3668 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    11:17:21.0031 3668 rtl8139 - ok
    11:17:21.0125 3668 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
    11:17:21.0125 3668 sdbus - ok
    11:17:21.0171 3668 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    11:17:21.0171 3668 Secdrv - ok
    11:17:21.0234 3668 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys
    11:17:21.0234 3668 Serial - ok
    11:17:21.0312 3668 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    11:17:21.0312 3668 sffdisk - ok
    11:17:21.0359 3668 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    11:17:21.0359 3668 sffp_sd - ok
    11:17:21.0437 3668 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    11:17:21.0437 3668 Sfloppy - ok
    11:17:21.0515 3668 ShldDrv (32d6f7632234f0354c79e915ca4613d4) C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys
    11:17:21.0515 3668 ShldDrv - ok
    11:17:21.0625 3668 Simbad - ok
    11:17:21.0671 3668 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
    11:17:21.0671 3668 sisagp - ok
    11:17:21.0734 3668 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    11:17:21.0734 3668 SLIP - ok
    11:17:21.0796 3668 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
    11:17:21.0796 3668 Sparrow - ok
    11:17:21.0859 3668 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    11:17:21.0859 3668 splitter - ok
    11:17:21.0921 3668 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
    11:17:21.0921 3668 sr - ok
    11:17:22.0031 3668 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    11:17:22.0046 3668 Srv - ok
    11:17:22.0125 3668 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    11:17:22.0125 3668 streamip - ok
    11:17:22.0156 3668 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    11:17:22.0156 3668 swenum - ok
    11:17:22.0187 3668 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    11:17:22.0187 3668 swmidi - ok
    11:17:22.0265 3668 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
    11:17:22.0265 3668 symc810 - ok
    11:17:22.0328 3668 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
    11:17:22.0328 3668 symc8xx - ok
    11:17:22.0359 3668 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
    11:17:22.0375 3668 sym_hi - ok
    11:17:22.0437 3668 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
    11:17:22.0437 3668 sym_u3 - ok
    11:17:22.0500 3668 SynTP (60cb9f7c95791fe56a6e86868f4467ba) C:\WINDOWS\system32\DRIVERS\SynTP.sys
    11:17:22.0515 3668 SynTP - ok
    11:17:22.0562 3668 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    11:17:22.0562 3668 sysaudio - ok
    11:17:22.0656 3668 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    11:17:22.0671 3668 Tcpip - ok
    11:17:22.0750 3668 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    11:17:22.0750 3668 TDPIPE - ok
    11:17:22.0812 3668 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    11:17:22.0812 3668 TDTCP - ok
    11:17:22.0859 3668 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    11:17:22.0859 3668 TermDD - ok
    11:17:22.0937 3668 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys
    11:17:22.0937 3668 TosIde - ok
    11:17:23.0015 3668 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    11:17:23.0015 3668 Udfs - ok
    11:17:23.0046 3668 UIUSys - ok
    11:17:23.0078 3668 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
    11:17:23.0078 3668 ultra - ok
    11:17:23.0156 3668 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    11:17:23.0156 3668 Update - ok
    11:17:23.0250 3668 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    11:17:23.0250 3668 usbccgp - ok
    11:17:23.0328 3668 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    11:17:23.0328 3668 usbehci - ok
    11:17:23.0390 3668 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    11:17:23.0406 3668 usbhub - ok
    11:17:23.0437 3668 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    11:17:23.0437 3668 usbohci - ok
    11:17:23.0484 3668 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    11:17:23.0484 3668 usbprint - ok
    11:17:23.0562 3668 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    11:17:23.0562 3668 USBSTOR - ok
    11:17:23.0625 3668 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    11:17:23.0625 3668 usbuhci - ok
    11:17:23.0703 3668 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    11:17:23.0703 3668 VgaSave - ok
    11:17:23.0750 3668 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
    11:17:23.0750 3668 viaagp - ok
    11:17:23.0796 3668 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
    11:17:23.0812 3668 ViaIde - ok
    11:17:23.0828 3668 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
    11:17:23.0843 3668 VolSnap - ok
    11:17:23.0906 3668 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    11:17:23.0906 3668 Wanarp - ok
    11:17:23.0953 3668 wceusbsh (849f89b23ff0841c9fe7939362f14348) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
    11:17:23.0953 3668 wceusbsh - ok
    11:17:24.0000 3668 WDICA - ok
    11:17:24.0046 3668 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    11:17:24.0062 3668 wdmaud - ok
    11:17:24.0171 3668 winachsf (7fe372b1ab60736cc67e8eb6f1fb1f5b) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    11:17:24.0187 3668 winachsf - ok
    11:17:24.0312 3668 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    11:17:24.0328 3668 WmiAcpi - ok
    11:17:24.0390 3668 WNMFLT (0411d0433e8c48ad24b2ef32d7c97ae0) C:\WINDOWS\system32\Drivers\WNMFLT.SYS
    11:17:24.0406 3668 WNMFLT - ok
    11:17:24.0468 3668 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    11:17:24.0468 3668 WS2IFSL - ok
    11:17:24.0562 3668 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    11:17:24.0562 3668 WSTCODEC - ok
    11:17:24.0625 3668 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    11:17:24.0625 3668 WudfPf - ok
    11:17:24.0671 3668 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    11:17:24.0671 3668 WudfRd - ok
    11:17:24.0765 3668 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
    11:17:24.0843 3668 \Device\Harddisk0\DR0 - ok
    11:17:24.0843 3668 Boot (0x1200) (d59887d8e38db793151a92526293045c) \Device\Harddisk0\DR0\Partition0
    11:17:24.0859 3668 \Device\Harddisk0\DR0\Partition0 - ok
    11:17:24.0890 3668 Boot (0x1200) (f0c27e94bd0b4bb26acc48acec63acc5) \Device\Harddisk0\DR0\Partition1
    11:17:24.0890 3668 \Device\Harddisk0\DR0\Partition1 - ok
    11:17:24.0890 3668 ============================================================
    11:17:24.0890 3668 Scan finished
    11:17:24.0890 3668 ============================================================
    11:17:24.0921 3548 Detected object count: 0
    11:17:24.0921 3548 Actual detected object count: 0





    en aswMBR log:




    aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
    Run date: 2011-09-25 11:29:01
    —————————–
    11:29:01.890 OS Version: Windows 5.1.2600 Service Pack 3
    11:29:01.890 Number of processors: 2 586 0x4802
    11:29:01.890 ComputerName: YOUR-D9E2434D81 UserName: user
    11:29:02.671 Initialize success
    11:29:11.843 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000008b
    11:29:11.843 Disk 0 Vendor: Size: 0MB BusType: 0
    11:29:11.875 Disk 0 MBR read successfully
    11:29:11.875 Disk 0 MBR scan
    11:29:11.875 Disk 0 Windows XP default MBR code
    11:29:11.875 Disk 0 MBR hidden
    11:29:11.953 Disk 0 scanning C:\WINDOWS\system32\drivers
    11:29:20.812 Service scanning
    11:29:22.718 Modules scanning
    11:29:30.546 Disk 0 trace - called modules:
    11:29:30.593 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
    11:29:30.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a70eab8]
    11:29:30.593 3 CLASSPNP.SYS[f74f7fd7] -> nt!IofCallDriver -> \Device\0000008c[0x8a779f18]
    11:29:30.609 5 ACPI.sys[f735d620] -> nt!IofCallDriver -> \Device\0000008b[0x8a7b1030]
    11:29:30.609 Scan finished successfully
    11:29:53.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Mijn documenten\MBR.dat"
    11:29:53.812 The log file has been saved successfully to "C:\Documents and Settings\user\Mijn documenten\aswMBR zondag.txt"
    11:30:04.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Bureaublad\MBR.dat"
    11:30:04.250 The log file has been saved successfully to "C:\Documents and Settings\user\Bureaublad\aswMBR zondag.txt"


    Had het opgeslagen in MijnDocumenten, maar die reageert niet…

    Groetjes Holly
  • De MBR van de HD is in ieder geval gezond!

    [b:6f31d4c68f]Doe de ESET online scan (Klik).[/b:6f31d4c68f]
    [list:6f31d4c68f]
    [*:6f31d4c68f]Klik op de knop [b:6f31d4c68f]ESET Online Scanner[/b:6f31d4c68f]
    [*:6f31d4c68f]Zet een vinkje bij [b:6f31d4c68f]YES, I accept the Terms of Use[/b:6f31d4c68f]
    [*:6f31d4c68f]Klik op [b:6f31d4c68f]Start[/b:6f31d4c68f]
    [*:6f31d4c68f]Sta het ActiveX control toe om te installeren.
    [*:6f31d4c68f]Zet een vinkje bij de volgende opties:
    [list:6f31d4c68f][*:6f31d4c68f][b:6f31d4c68f]Remove found threats[/b:6f31d4c68f]
    [*:6f31d4c68f][b:6f31d4c68f]Scan archives[/b:6f31d4c68f][/list:u:6f31d4c68f]
    [*:6f31d4c68f]Klik vervolgens op [b:6f31d4c68f]
  • Hallo Abraham54,

    die duurde inderdaad lang van Eset, had per ongeluk al finish geklikt, geen rapport nu :oops: maar had geen besmetting (no threats found) geconstateerd…

    opnieuw doen voor t report?

    groetjes Holly
  • Op dit moment niet hoor.

    We gaan nu voor het volgende:

    [b:39659d88da]Download LopSD of LOPSD naar je Bureaublad.[/b:39659d88da]
    [list:39659d88da][*:39659d88da] [b:39659d88da]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:39659d88da]
    [list:39659d88da][*:39659d88da][b:39659d88da]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"![/list:u:39659d88da]
    [*:39659d88da] Kies Optie N en Enter
    [*:39659d88da] Klik OK bij het informatie venter
    [*:39659d88da] Kies Optie 2 en Enter
    [*:39659d88da] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:39659d88da][/list:u:39659d88da]
  • Hallo Abraham54,

    hier het log:


    ——————–\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : AMD Turion™ 64 X2 Mobile Technology TL-50 )
    BIOS : PhoenixBIOS 4.0 Release 6.1
    USER : user ( Administrator )
    BOOT : Normal boot
    Antivirus : Panda Global Protection 2012 5.00.00 (Not Activated)
    Firewall : Panda Personal Firewall 2012 5.00.00 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:102 Go (Free:29 Go)
    D:\ (Local Disk) - FAT32 - Total:8 Go (Free:1 Go)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( zo 25-09-2011|18:22 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    ——————–\\ Beschrijving van mappen in APPLIC~1

    [28-02-2007|12:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [28-02-2007|12:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [28-02-2007|12:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [0|bestand(en)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes
    [5|map(pen)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar

    [20-06-2011|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08-05-2011|00:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [08-05-2011|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25-01-2011|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
    [19-08-2009|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [26-11-2010|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
    [22-11-2010|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [01-01-2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [11-05-2011|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [02-05-2011|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13-08-2011|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [22-11-2010|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [03-09-2011|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Security
    [09-06-2010|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Software
    [12-05-2011|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
    [22-11-2010|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [08-03-2007|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [12-05-2011|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [08-03-2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
    [25|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

    [28-02-2007|12:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [28-02-2007|12:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28-02-2007|12:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
    [5|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

    [24-06-2010|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
    [28-02-2007|12:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
    [4|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

    [09-11-2008|02:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
    [3|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar

    [07-05-2011|20:28] C:\DOCUME~1\user\APPLIC~1\Adobe
    [02-05-2011|21:07] C:\DOCUME~1\user\APPLIC~1\Akfood
    [18-09-2009|18:26] C:\DOCUME~1\user\APPLIC~1\Antispyware
    [08-07-2009|23:44] C:\DOCUME~1\user\APPLIC~1\Apple Computer
    [24-06-2010|21:03] C:\DOCUME~1\user\APPLIC~1\ArcSoft
    [04-05-2011|20:59] C:\DOCUME~1\user\APPLIC~1\Auslogics
    [25-09-2011|18:19] C:\DOCUME~1\user\APPLIC~1\Azureus
    [31-08-2011|01:09] C:\DOCUME~1\user\APPLIC~1\Belastingdienst
    [25-03-2007|18:02] C:\DOCUME~1\user\APPLIC~1\CyberLink
    [16-12-2007|23:44] C:\DOCUME~1\user\APPLIC~1\Help
    [05-04-2008|01:53] C:\DOCUME~1\user\APPLIC~1\HP
    [11-09-2011|22:32] C:\DOCUME~1\user\APPLIC~1\HpUpdate
    [28-02-2007|12:10] C:\DOCUME~1\user\APPLIC~1\Identities
    [24-06-2010|20:46] C:\DOCUME~1\user\APPLIC~1\InstallShield
    [11-03-2007|17:25] C:\DOCUME~1\user\APPLIC~1\Leadertech
    [28-02-2007|12:10] C:\DOCUME~1\user\APPLIC~1\Macromedia
    [02-05-2011|21:29] C:\DOCUME~1\user\APPLIC~1\Malwarebytes
    [14-06-2011|00:29] C:\DOCUME~1\user\APPLIC~1\Media Player Classic
    [07-05-2011|20:28] C:\DOCUME~1\user\APPLIC~1\Microsoft
    [05-05-2011|14:38] C:\DOCUME~1\user\APPLIC~1\Mozilla
    [02-05-2011|21:51] C:\DOCUME~1\user\APPLIC~1\Omde
    [03-09-2011|11:29] C:\DOCUME~1\user\APPLIC~1\Panda Security
    [18-12-2010|15:20] C:\DOCUME~1\user\APPLIC~1\Raptr
    [11-05-2011|22:25] C:\DOCUME~1\user\APPLIC~1\Similarity
    [25-09-2011|09:20] C:\DOCUME~1\user\APPLIC~1\Skype
    [15-07-2010|12:06] C:\DOCUME~1\user\APPLIC~1\skypePM
    [11-03-2007|17:25] C:\DOCUME~1\user\APPLIC~1\Sonic
    [25-03-2008|01:04] C:\DOCUME~1\user\APPLIC~1\Sun
    [08-03-2007|19:52] C:\DOCUME~1\user\APPLIC~1\Template
    [26-05-2011|12:09] C:\DOCUME~1\user\APPLIC~1\Uniblue
    [09-06-2011|12:50] C:\DOCUME~1\user\APPLIC~1\vlc
    [0|bestand(en)] C:\DOCUME~1\user\APPLIC~1\bytes
    [33|map(pen)] C:\DOCUME~1\user\APPLIC~1\bytes beschikbaar

    ——————–\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks

    [18-09-2011 00:02][–a——] C:\WINDOWS\tasks\Basis-opruiming.job
    [20-09-2011 13:37][–a——] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25-09-2011 18:23][–a——] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [25-09-2011 13:23][–a——] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [25-09-2011 09:16][–ah—–] C:\WINDOWS\tasks\SA.DAT
    [11-04-2006 13:00][-rah-c—] C:\WINDOWS\tasks\desktop.ini

    ——————–\\ Beschrijving van mappen in C:\Program Files

    [24-09-2011|09:40] C:\Program Files\Adobe
    [08-05-2011|00:10] C:\Program Files\Apple Software Update
    [24-06-2010|21:00] C:\Program Files\ArcSoft
    [04-05-2011|20:59] C:\Program Files\Auslogics
    [21-09-2010|17:53] C:\Program Files\Belastingdienst
    [25-09-2011|13:57] C:\Program Files\Ccleaner
    [25-05-2011|22:58] C:\Program Files\CDBurnerXP
    [24-09-2011|23:25] C:\Program Files\Common Files
    [28-02-2007|12:10] C:\Program Files\ComPlus Applications
    [28-02-2007|12:10] C:\Program Files\CONEXANT
    [09-05-2011|10:17] C:\Program Files\Dotnetfx Cleanup trouble Sp1 en Sp2
    [09-01-2010|15:46] C:\Program Files\Download-DU
    [28-07-2008|15:18] C:\Program Files\Encore
    [26-05-2011|21:52] C:\Program Files\ESET
    [29-11-2008|22:33] C:\Program Files\Frontura
    [24-09-2011|09:50] C:\Program Files\Google
    [05-05-2011|12:22] C:\Program Files\Hewlett-Packard
    [02-05-2011|22:07] C:\Program Files\HJT
    [07-09-2009|00:14] C:\Program Files\HP
    [28-02-2007|04:36] C:\Program Files\HPQ
    [27-11-2010|05:58] C:\Program Files\IEAK
    [06-06-2011|17:22] C:\Program Files\InstallShield Installation Information
    [11-08-2011|03:01] C:\Program Files\Internet Explorer
    [23-06-2011|22:38] C:\Program Files\Java
    [17-01-2010|16:09] C:\Program Files\K-Lite Codec Pack
    [25-01-2009|21:34] C:\Program Files\LGGSM
    [08-05-2011|13:29] C:\Program Files\MBAM Malwarebytes' Anti-Malware
    [09-10-2008|16:55] C:\Program Files\Messenger
    [26-08-2007|23:20] C:\Program Files\Microsoft ActiveSync
    [10-01-2010|21:13] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [28-02-2007|12:11] C:\Program Files\microsoft frontpage
    [26-05-2011|10:15] C:\Program Files\Microsoft Office
    [17-06-2011|16:55] C:\Program Files\Microsoft Silverlight
    [27-11-2010|05:51] C:\Program Files\Microsoft SQL Server
    [11-05-2011|13:24] C:\Program Files\microsoft technet dot com proc expl
    [28-02-2007|12:11] C:\Program Files\Microsoft Works
    [24-07-2010|00:58] C:\Program Files\Microsoft.NET
    [12-08-2010|03:09] C:\Program Files\Movie Maker
    [24-09-2011|09:50] C:\Program Files\Mozilla Firefox
    [28-05-2011|10:28] C:\Program Files\MSBuild
    [05-06-2009|08:47] C:\Program Files\MSECache
    [28-02-2007|12:11] C:\Program Files\MSN Gaming Zone
    [30-03-2007|18:12] C:\Program Files\MSXML 4.0
    [09-10-2008|16:49] C:\Program Files\NetMeeting
    [28-02-2007|12:11] C:\Program Files\NetWaiting
    [04-05-2011|22:15] C:\Program Files\NT Registry Optimizer
    [13-09-2011|20:23] C:\Program Files\O en O defrag
    [28-02-2007|12:11] C:\Program Files\Online Services
    [27-11-2010|05:58] C:\Program Files\ORKTools
    [16-12-2010|04:01] C:\Program Files\Outlook Express
    [06-05-2011|19:08] C:\Program Files\panda GP11 phjm punt NL
    [04-06-2011|12:10] C:\Program Files\Panda GP12 phjm dot com
    [03-09-2011|11:30] C:\Program Files\Panda Security
    [07-03-2011|22:46] C:\Program Files\Panda Security Notebook
    [08-05-2011|00:12] C:\Program Files\QuickTime
    [24-06-2010|20:47] C:\Program Files\Realtek
    [09-05-2011|10:46] C:\Program Files\Reference Assemblies
    [11-05-2011|20:35] C:\Program Files\Similarity
    [15-07-2010|12:08] C:\Program Files\skype
    [28-02-2007|12:11] C:\Program Files\Sonic
    [10-06-2011|02:03] C:\Program Files\SopCast
    [28-02-2007|12:11] C:\Program Files\Synaptics
    [02-05-2011|22:08] C:\Program Files\Trend Micro
    [27-11-2010|05:52] C:\Program Files\Uninstall Information
    [22-08-2011|21:30] C:\Program Files\VideoLAN
    [05-05-2011|20:28] C:\Program Files\VS Revo Group
    [24-09-2011|01:24] C:\Program Files\Vuze
    [26-05-2011|11:22] C:\Program Files\WinDirStat
    [21-01-2009|21:41] C:\Program Files\Windows Media Connect 2
    [21-01-2009|21:41] C:\Program Files\Windows Media Player
    [09-10-2008|16:49] C:\Program Files\Windows NT
    [28-02-2007|12:11] C:\Program Files\Windows Plus
    [28-02-2007|12:11] C:\Program Files\xerox
    [0|bestand(en)] C:\Program Files\bytes
    [75|map(pen)] C:\Program Files\bytes beschikbaar

    ——————–\\ Beschrijving van mappen in C:\Program Files\Common Files

    [20-06-2011|11:37] C:\Program Files\Common Files\Adobe
    [08-05-2011|00:11] C:\Program Files\Common Files\Apple
    [24-06-2010|21:01] C:\Program Files\Common Files\ArcSoft
    [26-08-2007|23:19] C:\Program Files\Common Files\Designer
    [28-02-2007|12:10] C:\Program Files\Common Files\HP
    [09-01-2010|17:01] C:\Program Files\Common Files\InstallShield
    [28-02-2007|12:10] C:\Program Files\Common Files\LightScribe
    [26-05-2011|10:15] C:\Program Files\Common Files\Microsoft Shared
    [28-02-2007|12:10] C:\Program Files\Common Files\MSSoap
    [28-02-2007|12:10] C:\Program Files\Common Files\ODBC
    [03-09-2011|11:29] C:\Program Files\Common Files\Panda Security
    [28-02-2007|12:10] C:\Program Files\Common Files\Services
    [15-07-2010|12:07] C:\Program Files\Common Files\Skype
    [28-02-2007|12:10] C:\Program Files\Common Files\Sonic Shared
    [28-02-2007|12:10] C:\Program Files\Common Files\SpeechEngines
    [28-02-2007|12:10] C:\Program Files\Common Files\SureThing Shared
    [08-03-2007|19:57] C:\Program Files\Common Files\Symantec Shared
    [27-11-2010|05:44] C:\Program Files\Common Files\System
    [28-02-2007|12:10] C:\Program Files\Common Files\TiVo Shared
    [0|bestand(en)] C:\Program Files\Common Files\bytes
    [21|map(pen)] C:\Program Files\Common Files\bytes beschikbaar

    ——————–\\ Process

    ( 61 Processes )

    … OK !

    ——————–\\ Zoeken met S_Lop

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken naar Lop Bestanden - Mappen

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken doorheen het Register

    ….. OK !

    ——————–\\ Nazicht van het Hosts bestand

    Hosts bestand IN ORDE


    ——————–\\ Zoeken naar verborgen bestanden met Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-09-25 18:25:16
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes …
    scanning hidden files …
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    ——————–\\ Zoeken naar andere infecties

    ——————–\\ Cracks & Keygens ..

    C:\DOCUME~1\user\Mijn documenten\Azureus Downloads\0001 new\0003 muziek\Mega Dance Top 100 Summer 2011\045_the_freestylers_ft_belle_humble_-_cracks_firebeatz_remix.mp3


    [F:12][D:16]-> C:\DOCUME~1\user\LOCALS~1\Temp
    [F:2][D:0]-> C:\DOCUME~1\user\Cookies
    [F:9][D:2]-> C:\DOCUME~1\user\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - zo 25-09-2011|18:26 - Option : [2]

    ——————–\\ Scan voltooid om 18:26:30

    Groetjes Holly

    ps in de task manager gaat IE tekeer, maar ik gebruik MozillaFirefox…? en die gekke Adobe probeert nog steeds telkens weer te installeren :( Misschien is het extra informatie.
  • Het log geeft aan dat

    [b:131398f8ad]Antivirus : Panda Global Protection 2012 5.00.00 (Not Activated)
    Firewall : Panda Personal Firewall 2012 5.00.00 (Not Activated)[/b:131398f8ad]

    De hoofdbeveiliging is!

    Ik vind namelijk ook nog:

    - McAfee
    - PC Tools (= Firewall)
    - Symantec

    Ik vermoed dat een en ander ComboFix goed in de weg zit!

    En gebruik jij de Uniblue registeropschoner?

    Wel Adobe programma wil installeren?
  • hallo Abraham54,

    Bij het laatste tool LopSD gaf u aan de antivirus enzo even te deaktiveren, dat heb ik gedaan. Maar direct na de scan en het gesave-de log heb ik die weer aangezet hoor. Niet zo prettig zonder bescherming&beveiliging op internet. Die was alleen op instructie tijdens de scan gedeactiveerd.

    Uniblue, heb ik ooit naar gekeken, maar niet gebruikt, leek me iets te drastisch! Na wat googlen begreep ik dat dat programma te veel zou weghalen, te veel wat je lief zou zijn, dus heb ik het (dacht ik) gedelete, maar er zijn dus resten? :o

    McAfee heb ik niet, maar die zou bijna bij een download van Adobe erbij komen, maar die had ik uitgevinkt…

    Symantec weet ik niet wat dat is, evenmin PC Tools. Geen idee eerlijk gezegd. Dat zijn dus ook iets van antivirussen? Zijn die stiekem met downloads dan meegekomen misschien? Zover ik weet heb ik Global Panda 2012 en de automatische updates van Windows. Hoe krijg ik mijn pc schoon van deze en waar vind ik die?

    De laatste zin in uw bericht begrijp ik niet goed. Maar wat betreft Adobe: die wil zichzelf telkens installeren. Het icoontje was van Adobe, ik kwam op de site, heb het al 3x handmatig geinstalleerd maar het blijft onregelmatig tevoorschijn komen en dan wil het zich installeren, dan verschijnt een pop-up dat de installatie mislukt is…?

    En de Explorer explodeert soms bijna, die neemt dan tussen 50 en 95 CPU in beslag.

    Dank,
    groetjes Holly
  • Hoi Holly, ik ben gewoon jij voor jou hoor.

    Verwijder de stukken ComboFix en download ComboFix opnieuw naar jouw bureaublad.

    Daarna herstart je jouw notebook naar veilige modus en voor je in die veilige modus ComboFix uit - wel eerst Panda deaktiveren!
  • Hallo Abraham54,

    het is gelukt! De pc protesteerde wel nogal en nu nog, maar ik heb het log. In de Save Modus lukte het wel.

    Het Combofix log:

    ComboFix 11-09-26.01 - user 26-09-2011 10:09:59.6.2 - x86 MINIMAL
    Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1983.1576 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe
    AV: Panda Global Protection 2012 *Disabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}
    FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
    FW: Panda Personal Firewall 2012 *Disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini
    c:\program files\Internet Explorer\SET51.tmp
    c:\program files\Internet Explorer\SET55.tmp
    c:\program files\Internet Explorer\SET56.tmp
    .
    —- Voorgaande Run ——-
    .
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini
    C:\Thumbs.db
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-08-26 to 2011-09-26 ))))))))))))))))))))))))))))))
    .
    .
    2011-09-26 07:50 . 2009-02-20 17:18 78336 —-a-w- c:\windows\system32\ieencode.dll
    2011-09-26 07:50 . 2009-02-20 17:18 78336 —-a-w- c:\windows\system32\dllcache\ieencode.dll
    2011-09-26 07:49 . 2011-09-26 07:49 ——– d—–w- c:\windows\LastGood
    2011-09-25 19:51 . 2011-09-25 19:51 ——– d—–w- c:\program files\Google
    2011-09-25 16:21 . 2011-09-25 16:26 ——– d—–w- C:\Lop SD
    2011-09-23 23:34 . 2011-09-23 23:34 ——– d—–w- c:\documents and settings\user\Local Settings\Application Data\O&O
    2011-09-23 23:26 . 2011-09-23 23:26 ——– d—–w- c:\documents and settings\user\.swt
    2011-09-23 23:23 . 2011-09-23 23:35 ——– d—–w- c:\documents and settings\user\Local Settings\Application Data\Conduit
    2011-09-13 18:21 . 2011-09-13 18:23 ——– d—–w- c:\program files\O en O defrag
    2011-09-03 10:17 . 2011-09-09 09:12 602624 ——w- c:\windows\system32\dllcache\crypt32.dll
    2011-09-03 09:36 . 2011-09-26 07:45 13880 —-a-w- c:\windows\system32\drivers\COMFiltr.sys
    2011-09-03 09:30 . 2011-09-25 16:28 254648 —-a-w- c:\windows\system32\drivers\APPFCONT.DAT
    2011-09-03 09:30 . 2010-09-09 14:23 193864 —-a-w- c:\windows\system32\drivers\idsflt.sys
    2011-09-03 09:30 . 2009-09-25 12:54 46856 —-a-w- c:\windows\system32\drivers\wnmflt.sys
    2011-09-03 09:30 . 2009-09-25 12:54 53256 —-a-w- c:\windows\system32\drivers\dsaflt.sys
    2011-09-03 09:30 . 2011-01-31 14:41 83528 —-a-w- c:\windows\system32\drivers\APPFLT.SYS
    2011-09-03 09:30 . 2009-09-25 12:54 159112 —-a-w- c:\windows\system32\drivers\NETFLTDI.SYS
    2011-09-03 09:30 . 2009-09-25 12:54 22024 —-a-w- c:\windows\system32\drivers\fnetmon.sys
    2011-09-03 09:30 . 2010-06-22 16:13 26696 —-a-w- c:\windows\system32\drivers\pavboot.sys
    2011-09-03 09:30 . 2007-03-15 17:38 54832 —-a-w- c:\windows\system32\pavcpl.cpl
    2011-08-29 11:51 . 2011-08-29 11:51 388096 —-a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-09-24 07:37 . 2011-06-02 14:14 404640 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-09 09:12 . 2006-04-11 11:00 602624 —-a-w- c:\windows\system32\crypt32.dll
    2011-08-31 15:00 . 2011-05-09 01:22 22216 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-15 13:29 . 2005-01-19 19:26 456320 —-a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-07-08 14:02 . 2006-04-11 11:00 10496 —-a-w- c:\windows\system32\drivers\ndistapi.sys
    2011-05-05 12:32 . 2011-05-05 12:32 12885904 —-a-w- c:\program files\Firefox Setup 4.0.1.exe
    2011-09-06 22:36 . 2011-05-05 12:38 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-18 64512]
    "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752]
    "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-27 61952]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 761946]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-11 102400]
    "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-30 40960]
    "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
    "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
    "nwiz"="nwiz.exe" [2006-07-20 1519616]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" [2011-04-13 1000768]
    "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2012\Inicio.exe" [2011-02-02 70464]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "IERESETATTRIB"="%SystemRoot%\system32\ieudinit.exe -ResetFileAttributes" [X]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    HP Photosmart Premier Snelstart.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632]
    TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2010-6-24 258048]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    2010-03-24 10:55 55552 —-a-w- c:\windows\system32\avldr.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "c:\\Program Files\\SopCast\\SopCast.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Vuze\\Azureus.exe"=
    .
    R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2012\psksvc.exe [3-9-2011 11:30 28992]
    S0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [3-9-2011 11:30 26696]
    S1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [3-9-2011 11:30 83528]
    S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [3-9-2011 11:30 53256]
    S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [3-9-2011 11:30 22024]
    S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [3-9-2011 11:30 193864]
    S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [3-9-2011 11:30 159112]
    S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [3-9-2011 11:29 37448]
    S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [3-9-2011 11:30 46856]
    S2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [3-9-2011 11:29 59080]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664]
    S2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [3-9-2011 11:29 163848]
    S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys –> c:\windows\system32\drivers\av5flt.sys [?]
    S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [3-9-2011 11:36 13880]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664]
    S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [3-9-2011 11:29 201032]
    S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys –> c:\windows\system32\PavSRK.sys [?]
    S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys –> c:\windows\system32\PavTPK.sys [?]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [5-5-2011 20:28 27064]
    S3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\drivers\RTL2832U_IRHID.sys [24-6-2010 20:47 41120]
    S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [24-6-2010 20:47 74912]
    S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [24-6-2010 20:47 32288]
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - MDMXSDK
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-09-20 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
    .
    2011-09-17 c:\windows\Tasks\Basis-opruiming.job
    - c:\program files\Panda Security\Panda Global Protection 2012\PlaTasks.exe [2011-09-03 12:23]
    .
    2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36]
    .
    2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\o2mvlgsk.default\
    FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
    FF - prefs.js: network.proxy.type - 0
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-09-26 10:15
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????<?@? ????f??????Y?@?????<?@
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(260)
    c:\windows\system32\avldr.dll
    .
    Voltooingstijd: 2011-09-26 10:16:52
    ComboFix-quarantined-files.txt 2011-09-26 08:16
    .
    Pre-Run: 38.848.012.288 bytes beschikbaar
    Post-Run: 38.838.358.016 bytes beschikbaar
    .
    - - End Of File - - 2BE893DDAB37CBF632FA207C40DAAAE4



    Groetjes Holly
  • Wederom in veilige modus doe je nu het volgende:

    open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:d7f5ce7a3e]Kladblok[/b:d7f5ce7a3e]".

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:d7f5ce7a3e]
  • Hallo Abraham54,

    weer gelukt :D


    Het log van het CFSript in de Combofix:

    ComboFix 11-09-26.01 - user 26-09-2011 12:06:45.7.2 - x86 MINIMAL
    Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1983.1661 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe
    gebruikte Opdracht switches :: c:\documents and settings\user\Bureaublad\CFScript.txt
    AV: Panda Global Protection 2012 *Disabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}
    FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
    FW: Panda Personal Firewall 2012 *Disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
    .
    FILE ::
    "c:\windows\system32\PavSRK.sys"
    "c:\windows\system32\PavTPK.sys"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse
    c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini
    c:\program files\Common Files\Symantec Shared
    c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-08-26 to 2011-09-26 ))))))))))))))))))))))))))))))
    .
    .
    2011-09-26 07:50 . 2011-06-21 18:37 78336 —-a-w- c:\windows\system32\ieencode.dll
    2011-09-26 07:50 . 2011-06-21 18:37 78336 —-a-w- c:\windows\system32\dllcache\ieencode.dll
    2011-09-25 19:51 . 2011-09-25 19:51 ——– d—–w- c:\program files\Google
    2011-09-25 16:21 . 2011-09-25 16:26 ——– d—–w- C:\Lop SD
    2011-09-23 23:34 . 2011-09-23 23:34 ——– d—–w- c:\documents and settings\user\Local Settings\Application Data\O&O
    2011-09-23 23:26 . 2011-09-23 23:26 ——– d—–w- c:\documents and settings\user\.swt
    2011-09-23 23:23 . 2011-09-23 23:35 ——– d—–w- c:\documents and settings\user\Local Settings\Application Data\Conduit
    2011-09-13 18:21 . 2011-09-13 18:23 ——– d—–w- c:\program files\O en O defrag
    2011-09-03 10:17 . 2011-09-09 09:12 602624 ——w- c:\windows\system32\dllcache\crypt32.dll
    2011-09-03 09:36 . 2011-09-26 08:36 13880 —-a-w- c:\windows\system32\drivers\COMFiltr.sys
    2011-09-03 09:30 . 2011-09-25 16:28 254648 —-a-w- c:\windows\system32\drivers\APPFCONT.DAT
    2011-09-03 09:30 . 2010-09-09 14:23 193864 —-a-w- c:\windows\system32\drivers\idsflt.sys
    2011-09-03 09:30 . 2009-09-25 12:54 46856 —-a-w- c:\windows\system32\drivers\wnmflt.sys
    2011-09-03 09:30 . 2009-09-25 12:54 53256 —-a-w- c:\windows\system32\drivers\dsaflt.sys
    2011-09-03 09:30 . 2011-01-31 14:41 83528 —-a-w- c:\windows\system32\drivers\APPFLT.SYS
    2011-09-03 09:30 . 2009-09-25 12:54 159112 —-a-w- c:\windows\system32\drivers\NETFLTDI.SYS
    2011-09-03 09:30 . 2009-09-25 12:54 22024 —-a-w- c:\windows\system32\drivers\fnetmon.sys
    2011-09-03 09:30 . 2010-06-22 16:13 26696 —-a-w- c:\windows\system32\drivers\pavboot.sys
    2011-09-03 09:30 . 2007-03-15 17:38 54832 —-a-w- c:\windows\system32\pavcpl.cpl
    2011-08-29 11:51 . 2011-08-29 11:51 388096 —-a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-09-24 07:37 . 2011-06-02 14:14 404640 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-09 09:12 . 2006-04-11 11:00 602624 —-a-w- c:\windows\system32\crypt32.dll
    2011-08-31 15:00 . 2011-05-09 01:22 22216 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-15 13:29 . 2005-01-19 19:26 456320 —-a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-07-08 14:02 . 2006-04-11 11:00 10496 —-a-w- c:\windows\system32\drivers\ndistapi.sys
    2011-05-05 12:32 . 2011-05-05 12:32 12885904 —-a-w- c:\program files\Firefox Setup 4.0.1.exe
    2011-09-06 22:36 . 2011-05-05 12:38 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-09-26_08.15.20 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2005-07-03 17:17 . 2011-06-21 18:37 44544 c:\windows\system32\pngfilt.dll
    - 2005-07-03 17:17 . 2009-02-20 17:18 44544 c:\windows\system32\pngfilt.dll
    + 2006-11-07 20:03 . 2011-06-21 18:37 52224 c:\windows\system32\msfeedsbs.dll
    - 2006-11-07 20:03 . 2009-02-20 17:18 52224 c:\windows\system32\msfeedsbs.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 27648 c:\windows\system32\jsproxy.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 27648 c:\windows\system32\jsproxy.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 44544 c:\windows\system32\iernonce.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 44544 c:\windows\system32\iernonce.dll
    + 2006-04-11 11:00 . 2011-06-21 11:46 70656 c:\windows\system32\ie4uinit.exe
    - 2006-04-11 11:00 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
    + 2006-10-17 10:58 . 2011-06-21 18:37 63488 c:\windows\system32\icardie.dll
    - 2006-10-17 10:58 . 2009-02-20 17:18 63488 c:\windows\system32\icardie.dll
    + 2006-10-17 10:58 . 2011-06-21 18:37 44544 c:\windows\system32\dllcache\pngfilt.dll
    - 2006-10-17 10:58 . 2009-02-20 17:18 44544 c:\windows\system32\dllcache\pngfilt.dll
    - 2007-06-07 20:46 . 2009-02-20 17:18 52224 c:\windows\system32\dllcache\msfeedsbs.dll
    + 2007-06-07 20:46 . 2011-06-21 18:37 52224 c:\windows\system32\dllcache\msfeedsbs.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 27648 c:\windows\system32\dllcache\jsproxy.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 27648 c:\windows\system32\dllcache\jsproxy.dll
    - 2007-06-07 20:46 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
    + 2007-06-07 20:46 . 2011-06-21 11:46 13824 c:\windows\system32\dllcache\ieudinit.exe
    + 2006-04-11 11:00 . 2011-06-21 18:37 44544 c:\windows\system32\dllcache\iernonce.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 44544 c:\windows\system32\dllcache\iernonce.dll
    + 2006-11-07 02:26 . 2011-06-21 11:46 70656 c:\windows\system32\dllcache\ie4uinit.exe
    - 2006-11-07 02:26 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
    + 2007-12-07 02:18 . 2011-06-21 18:37 63488 c:\windows\system32\dllcache\icardie.dll
    - 2007-12-07 02:18 . 2009-02-20 17:18 63488 c:\windows\system32\dllcache\icardie.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 17408 c:\windows\system32\dllcache\corpol.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 17408 c:\windows\system32\corpol.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 44544 c:\windows\ie7updates\KB2559049-IE7\pngfilt.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 52224 c:\windows\ie7updates\KB2559049-IE7\msfeedsbs.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 27648 c:\windows\ie7updates\KB2559049-IE7\jsproxy.dll
    + 2011-09-26 08:27 . 2009-02-20 10:20 13824 c:\windows\ie7updates\KB2559049-IE7\ieudinit.exe
    + 2011-09-26 08:27 . 2009-02-20 17:18 44544 c:\windows\ie7updates\KB2559049-IE7\iernonce.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 78336 c:\windows\ie7updates\KB2559049-IE7\ieencode.dll
    + 2011-09-26 08:27 . 2009-02-20 10:20 70656 c:\windows\ie7updates\KB2559049-IE7\ie4uinit.exe
    + 2011-09-26 08:27 . 2009-02-20 17:18 63488 c:\windows\ie7updates\KB2559049-IE7\icardie.dll
    + 2011-09-26 08:27 . 2008-04-14 17:02 35328 c:\windows\ie7updates\KB2559049-IE7\corpol.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 832512 c:\windows\system32\wininet.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 233472 c:\windows\system32\webcheck.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 233472 c:\windows\system32\webcheck.dll
    + 2006-04-11 11:00 . 2011-03-04 06:44 434176 c:\windows\system32\vbscript.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 106496 c:\windows\system32\url.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 102912 c:\windows\system32\occache.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 102912 c:\windows\system32\occache.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 671232 c:\windows\system32\mstime.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 671232 c:\windows\system32\mstime.dll
    + 2005-07-03 17:17 . 2011-06-21 18:37 193024 c:\windows\system32\msrating.dll
    - 2005-07-03 17:17 . 2009-02-20 17:18 193024 c:\windows\system32\msrating.dll
    + 2005-07-03 17:17 . 2011-06-21 18:37 478720 c:\windows\system32\mshtmled.dll
    + 2006-11-07 20:03 . 2011-06-21 18:37 468480 c:\windows\system32\msfeeds.dll
    + 2006-04-11 11:00 . 2011-03-04 06:44 512000 c:\windows\system32\jscript.dll
    - 2006-04-11 11:00 . 2008-05-09 10:56 512000 c:\windows\system32\jscript.dll
    + 2006-10-17 10:57 . 2011-06-21 18:37 268288 c:\windows\system32\iertutil.dll
    - 2006-10-17 10:57 . 2009-02-20 17:18 268288 c:\windows\system32\iertutil.dll
    + 2006-01-25 17:56 . 2011-06-21 18:37 192512 c:\windows\system32\iepeers.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 384512 c:\windows\system32\iedkcs32.dll
    + 2006-10-17 10:27 . 2011-06-21 18:37 380928 c:\windows\system32\ieapfltr.dll
    + 2006-04-11 11:00 . 2011-06-20 11:27 161792 c:\windows\system32\ieakui.dll
    - 2006-04-11 11:00 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 230400 c:\windows\system32\ieaksie.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 230400 c:\windows\system32\ieaksie.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 153088 c:\windows\system32\ieakeng.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 153088 c:\windows\system32\ieakeng.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 133120 c:\windows\system32\extmgr.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 133120 c:\windows\system32\extmgr.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 214528 c:\windows\system32\dxtrans.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 214528 c:\windows\system32\dxtrans.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 347136 c:\windows\system32\dxtmsft.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 347136 c:\windows\system32\dxtmsft.dll
    + 2006-11-07 20:03 . 2011-06-21 18:37 832512 c:\windows\system32\dllcache\wininet.dll
    - 2006-11-07 20:03 . 2009-02-20 17:18 233472 c:\windows\system32\dllcache\webcheck.dll
    + 2006-11-07 20:03 . 2011-06-21 18:37 233472 c:\windows\system32\dllcache\webcheck.dll
    + 2006-11-07 20:03 . 2011-04-30 08:50 766464 c:\windows\system32\dllcache\vgx.dll
    + 2008-05-09 10:56 . 2011-03-04 06:44 434176 c:\windows\system32\dllcache\vbscript.dll
    + 2006-10-17 11:05 . 2011-06-21 18:37 106496 c:\windows\system32\dllcache\url.dll
    + 2006-10-17 11:04 . 2011-06-21 18:37 102912 c:\windows\system32\dllcache\occache.dll
    - 2006-10-17 11:04 . 2009-02-20 17:18 102912 c:\windows\system32\dllcache\occache.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 671232 c:\windows\system32\dllcache\mstime.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 671232 c:\windows\system32\dllcache\mstime.dll
    + 2006-10-17 11:05 . 2011-06-21 18:37 193024 c:\windows\system32\dllcache\msrating.dll
    - 2006-10-17 11:05 . 2009-02-20 17:18 193024 c:\windows\system32\dllcache\msrating.dll
    + 2006-11-07 20:03 . 2011-06-21 18:37 478720 c:\windows\system32\dllcache\mshtmled.dll
    + 2007-06-07 20:46 . 2011-06-21 18:37 468480 c:\windows\system32\dllcache\msfeeds.dll
    + 2008-05-09 10:56 . 2011-03-04 06:44 512000 c:\windows\system32\dllcache\jscript.dll
    - 2008-05-09 10:56 . 2008-05-09 10:56 512000 c:\windows\system32\dllcache\jscript.dll
    + 2006-10-17 11:04 . 2011-06-20 11:29 634648 c:\windows\system32\dllcache\iexplore.exe
    + 2007-06-07 20:46 . 2011-06-21 18:37 268288 c:\windows\system32\dllcache\iertutil.dll
    - 2007-06-07 20:46 . 2009-02-20 17:18 268288 c:\windows\system32\dllcache\iertutil.dll
    + 2006-11-07 20:03 . 2011-06-21 18:37 192512 c:\windows\system32\dllcache\iepeers.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 384512 c:\windows\system32\dllcache\iedkcs32.dll
    + 2007-06-07 20:46 . 2011-06-21 18:37 380928 c:\windows\system32\dllcache\ieapfltr.dll
    + 2006-04-11 11:00 . 2011-06-20 11:27 161792 c:\windows\system32\dllcache\ieakui.dll
    - 2006-04-11 11:00 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 230400 c:\windows\system32\dllcache\ieaksie.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 230400 c:\windows\system32\dllcache\ieaksie.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 153088 c:\windows\system32\dllcache\ieakeng.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 153088 c:\windows\system32\dllcache\ieakeng.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 133120 c:\windows\system32\dllcache\extmgr.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 133120 c:\windows\system32\dllcache\extmgr.dll
    - 2006-10-17 10:57 . 2009-02-20 17:18 214528 c:\windows\system32\dllcache\dxtrans.dll
    + 2006-10-17 10:57 . 2011-06-21 18:37 214528 c:\windows\system32\dllcache\dxtrans.dll
    + 2006-10-17 10:58 . 2011-06-21 18:37 347136 c:\windows\system32\dllcache\dxtmsft.dll
    - 2006-10-17 10:58 . 2009-02-20 17:18 347136 c:\windows\system32\dllcache\dxtmsft.dll
    - 2006-11-07 02:26 . 2009-02-20 17:18 124928 c:\windows\system32\dllcache\advpack.dll
    + 2006-11-07 02:26 . 2011-06-21 18:37 124928 c:\windows\system32\dllcache\advpack.dll
    + 2006-04-11 11:00 . 2011-06-21 18:37 124928 c:\windows\system32\advpack.dll
    - 2006-04-11 11:00 . 2009-02-20 17:18 124928 c:\windows\system32\advpack.dll
    + 2011-09-26 08:27 . 2009-03-03 00:16 826368 c:\windows\ie7updates\KB2559049-IE7\wininet.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 233472 c:\windows\ie7updates\KB2559049-IE7\webcheck.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 105984 c:\windows\ie7updates\KB2559049-IE7\url.dll
    + 2011-09-26 08:27 . 2010-07-05 13:21 401272 c:\windows\ie7updates\KB2559049-IE7\spuninst\updspapi.dll
    + 2011-09-26 08:27 . 2010-07-05 13:21 234872 c:\windows\ie7updates\KB2559049-IE7\spuninst\spuninst.exe
    + 2011-09-26 08:27 . 2009-02-20 17:18 102912 c:\windows\ie7updates\KB2559049-IE7\occache.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 671232 c:\windows\ie7updates\KB2559049-IE7\mstime.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 193024 c:\windows\ie7updates\KB2559049-IE7\msrating.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 477696 c:\windows\ie7updates\KB2559049-IE7\mshtmled.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 459264 c:\windows\ie7updates\KB2559049-IE7\msfeeds.dll
    + 2011-09-26 08:27 . 2009-02-28 04:54 636072 c:\windows\ie7updates\KB2559049-IE7\iexplore.exe
    + 2011-09-26 08:27 . 2009-02-20 17:18 268288 c:\windows\ie7updates\KB2559049-IE7\iertutil.dll
    + 2011-09-26 08:27 . 2006-11-07 20:03 191488 c:\windows\ie7updates\KB2559049-IE7\iepeers.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 385024 c:\windows\ie7updates\KB2559049-IE7\iedkcs32.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 383488 c:\windows\ie7updates\KB2559049-IE7\ieapfltr.dll
    + 2011-09-26 08:27 . 2009-02-20 05:14 161792 c:\windows\ie7updates\KB2559049-IE7\ieakui.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 230400 c:\windows\ie7updates\KB2559049-IE7\ieaksie.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 153088 c:\windows\ie7updates\KB2559049-IE7\ieakeng.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 133120 c:\windows\ie7updates\KB2559049-IE7\extmgr.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 214528 c:\windows\ie7updates\KB2559049-IE7\dxtrans.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 347136 c:\windows\ie7updates\KB2559049-IE7\dxtmsft.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 124928 c:\windows\ie7updates\KB2559049-IE7\advpack.dll
    + 2011-09-26 08:28 . 2007-07-12 23:32 765952 c:\windows\ie7updates\KB2544521-IE7\vgx.dll
    + 2011-09-26 08:28 . 2010-07-05 13:21 401272 c:\windows\ie7updates\KB2544521-IE7\spuninst\updspapi.dll
    + 2011-09-26 08:28 . 2010-07-05 13:21 234872 c:\windows\ie7updates\KB2544521-IE7\spuninst\spuninst.exe
    + 2006-04-11 11:00 . 2011-06-21 18:37 1168896 c:\windows\system32\urlmon.dll
    + 2006-04-11 11:00 . 2011-07-22 16:30 3613696 c:\windows\system32\mshtml.dll
    + 2006-11-07 20:03 . 2011-06-21 18:37 6076416 c:\windows\system32\ieframe.dll
    + 2006-09-05 22:01 . 2010-07-05 20:32 2452872 c:\windows\system32\ieapfltr.dat
    + 2006-11-07 20:03 . 2011-06-21 18:37 1168896 c:\windows\system32\dllcache\urlmon.dll
    + 2006-11-07 20:03 . 2011-07-22 16:30 3613696 c:\windows\system32\dllcache\mshtml.dll
    + 2007-06-07 20:46 . 2011-06-21 18:37 6076416 c:\windows\system32\dllcache\ieframe.dll
    + 2007-06-07 20:46 . 2010-07-05 20:32 2452872 c:\windows\system32\dllcache\ieapfltr.dat
    + 2011-09-26 08:27 . 2009-02-20 17:18 1160192 c:\windows\ie7updates\KB2559049-IE7\urlmon.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 3595264 c:\windows\ie7updates\KB2559049-IE7\mshtml.dll
    + 2011-09-26 08:27 . 2009-02-20 17:18 6066176 c:\windows\ie7updates\KB2559049-IE7\ieframe.dll
    + 2011-09-26 08:27 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB2559049-IE7\ieapfltr.dat
    .
    – Snapshot teruggezet naar huidige datum –
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-18 64512]
    "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752]
    "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-27 61952]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 761946]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-11 102400]
    "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-30 40960]
    "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
    "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
    "nwiz"="nwiz.exe" [2006-07-20 1519616]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" [2011-04-13 1000768]
    "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2012\Inicio.exe" [2011-02-02 70464]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    HP Photosmart Premier Snelstart.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632]
    TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2010-6-24 258048]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    2010-03-24 10:55 55552 —-a-w- c:\windows\system32\avldr.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "c:\\Program Files\\SopCast\\SopCast.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Vuze\\Azureus.exe"=
    .
    R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2012\psksvc.exe [3-9-2011 11:30 28992]
    S0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [3-9-2011 11:30 26696]
    S1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [3-9-2011 11:30 83528]
    S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [3-9-2011 11:30 53256]
    S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [3-9-2011 11:30 22024]
    S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [3-9-2011 11:30 193864]
    S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [3-9-2011 11:30 159112]
    S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [3-9-2011 11:29 37448]
    S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [3-9-2011 11:30 46856]
    S2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [3-9-2011 11:29 59080]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664]
    S2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [3-9-2011 11:29 163848]
    S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys –> c:\windows\system32\drivers\av5flt.sys [?]
    S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [3-9-2011 11:36 13880]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664]
    S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [3-9-2011 11:29 201032]
    S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys –> c:\windows\system32\PavSRK.sys [?]
    S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys –> c:\windows\system32\PavTPK.sys [?]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [5-5-2011 20:28 27064]
    S3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\drivers\RTL2832U_IRHID.sys [24-6-2010 20:47 41120]
    S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [24-6-2010 20:47 74912]
    S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [24-6-2010 20:47 32288]
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - MDMXSDK
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-09-20 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
    .
    2011-09-17 c:\windows\Tasks\Basis-opruiming.job
    - c:\program files\Panda Security\Panda Global Protection 2012\PlaTasks.exe [2011-09-03 12:23]
    .
    2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36]
    .
    2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\o2mvlgsk.default\
    FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
    FF - prefs.js: network.proxy.type - 0
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-09-26 12:12
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????<?@? ????f??????Y?@?????<?@
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(256)
    c:\windows\system32\avldr.dll
    .
    Voltooingstijd: 2011-09-26 12:13:26
    ComboFix-quarantined-files.txt 2011-09-26 10:13
    ComboFix2.txt 2011-09-26 08:16
    .
    Pre-Run: 38.615.814.144 bytes beschikbaar
    Post-Run: 38.601.396.224 bytes beschikbaar
    .
    - - End Of File - - E035D72AE853D9ADD0522DA438C8F69C



    Dank, groetjes Holly
  • En als je nu weer naar de desktop opstart, hoe draait Windows dan nu?
  • Het lijkt nu rustiger zo op het eerste ogenblik. De pc blaast nog een beetje, maar niet meer zo'n erg protest als eerder en als zonet! En de Combofix runde wel goed in de Save Modus gelukkig, daar was ik blij om.

    De Adobe wil nog steeds installeren, gewoon negeren?

    De Toolbar van Vuze krijg ik ook niet weg, heb gezocht in de Software, maar daar staat ie niet bij.

    En onderaan bij de blauwe balk stond een figuurtje met een lettercombinatie, dat was iets voor het toetsenbord geloof ik,….die zijn weg valt me op, is dat erg?

    Kan er nog iets aan bovenstaande doen of is dat niet ernstig?

    Dank! Groetjes Holly
  • Post nu maar eerst een nieuw HijackThis-log.
  • ok, hier het HJT-log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 13:32:16, on 26-9-2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17099)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Global Protection 2012\TPSrv.exe
    C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2012\WebProxy.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Panda Security\Panda Global Protection 2012\PsCtrls.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Security\Panda Global Protection 2012\PavFnSvr.exe
    C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\panda security\panda global protection 2012\firewall\PSHOST.EXE
    C:\Program Files\Panda Security\Panda Global Protection 2012\PsImSvc.exe
    C:\Program Files\Panda Security\Panda Global Protection 2012\PskSvc.exe
    C:\Program Files\Panda Security\Panda Global Protection 2012\pavsrvx86.exe
    C:\Program Files\Panda Security\Panda Global Protection 2012\AVENGINE.EXE
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Panda Security\Panda Global Protection 2012\SRVLOAD.EXE
    C:\Program Files\Panda Security\Panda Global Protection 2012\PavBckPT.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2012\Inicio.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=64&bd=pavilion&pf=laptop
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\PsCtrls.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Global Protection 2012\PavFnSvr.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
    O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\pavsrvx86.exe
    O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda global protection 2012\firewall\PSHOST.EXE
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\PsImSvc.exe
    O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\PskSvc.exe
    O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\TPSrv.exe


    End of file - 11294 bytes


    Groetjes Holly
  • Waarom zit er nog steeds IE7 in jouw Windows XP?

    En doe eens het volgende:

    ga naar [b:af91de5d53]Start /Uitvoeren[/b:af91de5d53] en typ [b:af91de5d53]sfc /scannow[/b:af91de5d53] gevolgd door klikken op [b:af91de5d53]OK[/b:af91de5d53] of indrukken van de Entertoets.

    Denk wel aan de spatie na 'sfc'.

    SFC houdt in dat systeembestanden gecontroleerd worden op juist funktioneren; laat eten of er mogelijk reparaties moeten gebeuren?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.