Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

babylon komt steeds terug.

None
81 antwoorden
  • Hallo,

    Ik zocht een nieuwe driver, dacht die te hebben gevonden en klikte op "installeren". Tja, geen nieuwe driver dus maar wel een opdringerige "Babylon" als toolbar. Ik heb het meeste eraf kunnen krijgen en Windows' zoekfunctie kan niets meer vinden met de naam Babylon erin, maar toch: Babylon is er dus nog altijd.
    Kan iemand me helpen ? Alvast bedankt.
  • Hoi Paul,

    [b:8beaa84d57]ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:8beaa84d57]
  • Stap 1:


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:16:23, on 30/12/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
    C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
    C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe
    C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
    C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\Program Files\ScanSoft\PDF Professional 3.0\PdfPro3Hook.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tijd.be/home
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=irn
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [Acronis Scheduler2Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
    view
    wiz.exe /installquiet
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)" -"http://www.hotelaquatel.be/html/nl/beschrijving.html"
    O4 - HKUS\S-1-5-21-842925246-1592454029-1417001333-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'arno')
    O4 - HKUS\S-1-5-21-842925246-1592454029-1417001333-1007\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'arno')
    O4 - HKUS\S-1-5-21-842925246-1592454029-1417001333-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: NaturalColorLoad.lnk = ?
    O8 - Extra context menu item: PDF in Word openen (PDF Converter 3.0) - res://C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /700
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3
    esources/MSNPUpld.cab
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.spector.be/DesktopModules/SpectorAlbum/ImageUploader5.cab
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224070674171
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} (MJPEGRender Control) - http://sligachanhotel.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Acronis Nonstop Backup-service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9c7b35e2a82cc) (gupdate1c9c7b35e2a82cc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpdj - HP - C:\DOCUME~1\paul\LOCALS~1\Temp\hpdj.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe


    End of file - 12319 bytes




  • P.S.
    Vooraleer hijackthis van start wou gaan werd blijkbaar eerst een recente printerdriver verwijderd.
  • Dat het niet helemaal lekker gaat met jouw Windows is min of meer duidelijk.

    Met en Avira Antivir en AVG 2012 als antivirussoftware in jouw Windows kan je problemen verwachten, doordat beide tools meer aandacht hebben voor de onderlingen conflicten!

    Dus één van de twee moet er uit!
  • Sorry voor mijn laat antwoord: scan Mbam duurde ruim 3 uur (2 HD).
    Log staat hieronder. (!)
    Wat virusscanners betreft: alleen Avira is actief. Ik heb onlangs AVG geinstalleerd maar er bleek nogal wat trager te lopen. Dan maar terug naar Avira maar AVG staat dus nog wel op mijn computer. Ondertussen ben ik er niet meer zo zeker van dat AVG de oorzaak was van de problemen…

    Malwarebytes Anti-Malware 1.60.0.1800
    www.malwarebytes.org

    Databaseversie: v2011.12.24.05

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    paul :: STILLEPC [administrator]

    30/12/2011 15:32:58
    mbam-log-2011-12-30 (15-32-58).txt

    Scantype: Volledige scan
    Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 825728
    Verstreken tijd: 3 uur/uren, 10 minuut/minuten,

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 1
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab FLV Player (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 6
    C:\Program Files\VideoConverterSetup.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files\IrfanView\Languages\Nederlands.dll (Trojan.ModifiedUPX) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files\FoxTabFLVPlayer\Uninstall\Uninstall.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    F:\Program Files\VideoConverterSetup.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    F:\Program Files\IrfanView\Languages\Nederlands.dll (Trojan.ModifiedUPX) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files\gb.dll (Spyware.OnlineGames) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)
  • Oke", dan gaan we nu eerst kijken of AVG zich volledig laat verwijderen:

    AVG Remover (32-bits) 2012: http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x86_2012_1796.exe

    Post hierna een nieuw Hijack This-log.

    En dan nog iets: ik had een snelle scan door MBAM gevraagd, jij hebt een volledige gedaan!
    Graag in het vervolg wel doen wat ik je vraag te doen.
  • Sorry, niet op gelet vrees ik. :oops:

    nieuwe log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:28:15, on 30/12/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
    C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe
    C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tijd.be/home
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=irn
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [Acronis Scheduler2Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
    view
    wiz.exe /installquiet
    O4 - HKLM\..\RunOnce: [AvgRemover] C:\Documents and Settings\paul\Local Settings\Temporary Internet Files\Content.IE5\W3Z5HZCH\avg_remover_stf_x86_2012_1796[1].exe
    un_number=2 /avgdir="C:\Program Files\AVG\AVG2012\" /avgdatadir="C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2012\"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)" -"http://www.hotelaquatel.be/html/nl/beschrijving.html"
    O4 - HKUS\S-1-5-21-842925246-1592454029-1417001333-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: NaturalColorLoad.lnk = ?
    O8 - Extra context menu item: PDF in Word openen (PDF Converter 3.0) - res://C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /700
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3
    esources/MSNPUpld.cab
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.spector.be/DesktopModules/SpectorAlbum/ImageUploader5.cab
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224070674171
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} (MJPEGRender Control) - http://sligachanhotel.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Acronis Nonstop Backup-service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9c7b35e2a82cc) (gupdate1c9c7b35e2a82cc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe


    End of file - 11886 bytes





  • Hoi, zo te zien heeft de remover goed werk verricht.

    [b:006356e2ed]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:006356e2ed]
  • Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:28:15, on 30/12/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
    C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe
    C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tijd.be/home
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=irn
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [Acronis Scheduler2Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
    view
    wiz.exe /installquiet
    O4 - HKLM\..\RunOnce: [AvgRemover] C:\Documents and Settings\paul\Local Settings\Temporary Internet Files\Content.IE5\W3Z5HZCH\avg_remover_stf_x86_2012_1796[1].exe
    un_number=2 /avgdir="C:\Program Files\AVG\AVG2012\" /avgdatadir="C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2012\"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)" -"http://www.hotelaquatel.be/html/nl/beschrijving.html"
    O4 - HKUS\S-1-5-21-842925246-1592454029-1417001333-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: NaturalColorLoad.lnk = ?
    O8 - Extra context menu item: PDF in Word openen (PDF Converter 3.0) - res://C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /700
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3
    esources/MSNPUpld.cab
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.spector.be/DesktopModules/SpectorAlbum/ImageUploader5.cab
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224070674171
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} (MJPEGRender Control) - http://sligachanhotel.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Acronis Nonstop Backup-service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9c7b35e2a82cc) (gupdate1c9c7b35e2a82cc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe


    End of file - 11886 bytes





  • ComboFix 11-12-30.01 - paul 30/12/2011 19:56:19.6.4 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3582.2821 [GMT 1:00]
    Gestart vanuit: c:\documents and settings\paul\Bureaublad\ComboFix.exe
    AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
    c:\documents and settings\All Users.WINDOWS\Application Data\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
    c:\documents and settings\All Users.WINDOWS\Application Data\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe
    c:\documents and settings\Default User\DelB0C.tmp
    c:\documents and settings\marijke\Favorieten\Thumbs.db
    c:\documents and settings\paul\Application Data\.#
    c:\documents and settings\paul\Favorieten\Thumbs.db
    c:\documents and settings\paul\Mijn documenten\~WRL0879.tmp
    c:\documents and settings\paul\Mijn documenten\DPE.DUS
    c:\documents and settings\paul\WINDOWS
    c:\program files\178.13_geforce_winxp_32bit_international_whql.exe
    c:\program files\285.58-desktop-winxp-32bit-international-whql.exe
    c:\program files\5100_nld_win2k_xp.exe
    c:\program files\ATIH2011_trial_nl-NL.exe
    c:\program files\ATIH2011Addons_nl-NL.exe
    c:\program files\avg_free_stb_eu_2012_1890_free.exe
    c:\program files\CyberLink.2504_trial_VDE101208-06.exe
    c:\program files\daemon4301-lite.exe
    c:\program files\DigiLeenSetup_v1.1.00.0027.exe
    c:\program files\Eraser 6.0.8.2273.exe
    c:\program files\Garmin - MapInstall_3121.exe
    c:\program files\Garmin - MapSource_6141.exe
    c:\program files\MediaMonkey_3.0.3.1183.exe
    c:\program files\PMB56_Updater1105a.exe
    c:\program files\PoiEdit2007-2-NLD.exe
    c:\program files\REST2514.EXE
    c:\program files\SPU_Upgrade0805a.exe
    c:\program files\WindowsXP-KB932716-v2-x86-NLD.exe
    c:\windows\IsUn0413.exe
    c:\windows\system32\PowerToyReadme.htm
    c:\windows\system32\SET73.tmp
    c:\windows\system32\Thumbs.db
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-11-28 to 2011-12-30 ))))))))))))))))))))))))))))))
    .
    .
    2011-12-30 18:26 . 2011-12-30 18:26 388096 —-a-r- c:\documents and settings\paul\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-30 14:13 . 2003-11-08 00:49 278528 —-a-w- c:\windows\system32\hpdj
    2011-12-30 14:08 . 2011-12-30 14:08 1402880 —-a-w- c:\program files\HiJackThis.msi
    2011-12-29 17:58 . 2011-12-29 18:18 2982 —-a-w- C:\user.js
    2011-12-29 17:58 . 2011-12-29 17:58 ——– d—–w- c:\documents and settings\paul\Local Settings\Application Data\Babylon
    2011-12-29 17:58 . 2011-12-29 17:58 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\Babylon
    2011-12-29 17:57 . 2011-12-29 17:57 ——– d—–w- c:\program files\FoxTabFLVPlayer
    2011-12-28 20:12 . 2003-09-24 08:44 44544 —-a-r- c:\windows\system32\MSXML4a.dll
    2011-12-28 20:12 . 2003-09-24 08:43 626960 —-a-r- c:\windows\system32\hpvaut32.dll
    2011-12-28 20:12 . 2003-09-24 08:43 487424 —-a-r- c:\windows\system32\hpvcp70.dll
    2011-12-28 20:12 . 2003-09-24 08:43 344064 —-a-r- c:\windows\system32\hpvcr70.dll
    2011-12-28 19:51 . 2011-12-28 19:51 ——– d—–w- c:\program files\HP
    2011-12-28 19:45 . 2011-12-28 19:45 ——– d—–w- c:\program files\5100
    2011-12-27 20:11 . 2011-12-27 20:11 ——– d—–w- c:\documents and settings\paul\Application Data\NVIDIA
    2011-12-27 20:00 . 2011-12-27 20:00 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\NVIDIA Corporation
    2011-12-26 16:15 . 2011-12-26 16:15 ——– d—–w- c:\documents and settings\Adobe CS5
    2011-12-26 07:07 . 2011-12-26 07:08 ——– d—–w- c:\documents and settings\paul\Application Data\vlc
    2011-12-26 07:01 . 2011-12-26 07:01 21073936 —-a-w- c:\program files\vlc-1.1.11-win32.exe
    2011-12-25 23:59 . 2011-12-26 00:00 ——– d—–w- c:\program files\Adobe Photoshop CS3
    2011-12-25 22:14 . 2011-12-25 22:14 ——– d—–w- c:\windows\system32\wbem\Repository
    2011-12-25 22:13 . 2011-12-30 18:38 ——– d–h–r- c:\documents and settings\paul\Onlangs geopend
    2011-12-25 21:19 . 2011-12-25 22:12 ——– d—–w- c:\documents and settings\paul\Local Settings\Application Data\Adobe(2)
    2011-12-25 21:19 . 2011-12-25 22:12 ——– d—–w- c:\documents and settings\paul\Application Data\Adobe(2)
    2011-12-25 21:14 . 2011-12-25 22:12 ——– d—–w- c:\program files\PhotoshopPortable
    2011-12-25 09:09 . 2011-12-25 09:09 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Mijn documenten
    2011-12-25 09:09 . 2011-12-25 22:13 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Adobe
    2011-12-17 21:17 . 2011-12-17 21:45 ——– d—–w- c:\documents and settings\paul\Application Data\AVG
    2011-12-17 19:22 . 2011-12-17 19:22 ——– d—–w- C:\$AVG
    2011-12-17 18:29 . 2011-12-17 18:29 ——– d–h–w- c:\documents and settings\All Users.WINDOWS\Application Data\Common Files
    2011-12-17 18:28 . 2011-12-30 18:18 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG2012
    2011-12-17 18:28 . 2011-12-17 21:15 ——– d—–w- c:\program files\AVG
    2011-12-17 18:26 . 2011-12-30 18:18 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\MFAData
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin7.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin6.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin5.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin4.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin3.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin2.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin.dll
    2011-12-05 21:13 . 2011-12-05 21:13 ——– d—–w- c:\program files\iPod
    2011-12-05 21:09 . 2011-12-05 21:09 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Apple Computer
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-25 23:16 . 2010-12-11 07:23 16400 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
    2011-12-11 22:41 . 2008-04-15 12:00 26112 —-a-w- c:\windows\system32\userinit.exe
    2011-12-10 14:24 . 2008-10-21 13:29 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-03 13:19 . 2011-12-03 13:19 74592 —-a-w- c:\documents and settings\bosch - garantiebewijs GOP 250 CE.zip
    2011-12-03 09:52 . 2011-06-10 07:15 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-23 14:40 . 2008-04-15 12:00 1859712 —-a-w- c:\windows\system32\win32k.sys
    2011-11-04 19:13 . 2008-04-15 12:00 916992 —-a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:13 . 2008-04-15 12:00 43520 —-a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:13 . 2008-04-15 12:00 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:25 . 2008-04-15 12:00 385024 —-a-w- c:\windows\system32\html.iec
    2011-11-01 16:07 . 2008-04-15 12:00 1288192 —-a-w- c:\windows\system32\ole32.dll
    2011-10-29 06:47 . 2011-10-29 11:01 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-10-28 15:52 . 2009-03-14 08:08 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-10-28 05:32 . 2008-04-15 12:00 33280 —-a-w- c:\windows\system32\csrsrv.dll
    2011-10-26 10:50 . 2008-04-15 12:00 2153472 —-a-w- c:\windows\system32
    toskrnl.exe
    2011-10-26 10:50 . 2008-04-14 22:11 2031616 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\system32\QuickTime.qts
    2011-10-18 16:51 . 2011-10-18 16:51 3687352 —-a-w- c:\program files\PMB.lnk
    2011-10-18 11:13 . 2008-04-15 12:00 186880 —-a-w- c:\windows\system32\encdec.dll
    2011-10-10 14:22 . 2008-10-02 21:09 692736 —-a-w- c:\windows\system32\inetcomm.dll
    2011-10-08 04:50 . 2008-09-17 07:55 5595136 —-a-w- c:\windows\system32
    vcuda.dll
    2011-10-08 04:50 . 2008-09-17 07:55 335872 —-a-w- c:\windows\system32
    vrsar.dll
    2011-10-08 04:50 . 2008-09-17 07:55 331776 —-a-w- c:\windows\system32
    vrshe.dll
    2011-10-08 04:50 . 2008-09-17 07:55 286720 —-a-w- c:\windows\system32
    vrsfr.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrsit.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrses.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrsel.dll
    2011-10-08 04:50 . 2008-09-17 07:55 278528 —-a-w- c:\windows\system32
    vrsde.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrspt.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrsnl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrsesm.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsru.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsptb.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsja.dll
    2011-10-08 04:50 . 2008-09-17 07:55 266240 —-a-w- c:\windows\system32
    vrsko.dll
    2011-10-08 04:50 . 2008-09-17 07:55 262144 —-a-w- c:\windows\system32
    vrshu.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrstr.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrssl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrssk.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrspl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsth.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrssv.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsno.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsda.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrsfi.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrseng.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrscs.dll
    2011-10-08 04:50 . 2008-09-17 07:55 229376 —-a-w- c:\windows\system32
    vrszhc.dll
    2011-10-08 04:50 . 2008-09-17 07:55 126976 —-a-w- c:\windows\system32
    vrszht.dll
    2011-10-08 04:50 . 2007-09-16 17:07 54272 —-a-w- c:\windows\system32
    vwddi.dll
    2011-10-08 04:50 . 2007-09-16 17:07 4226688 —-a-w- c:\windows\system32
    v4_disp.dll
    2011-10-08 04:50 . 2007-09-16 17:07 298304 —-a-w- c:\windows\system32
    vsvc32.exe
    2011-10-08 04:50 . 2007-09-16 17:07 2449408 —-a-w- c:\windows\system32
    vapi.dll
    2011-10-08 04:50 . 2007-09-16 17:07 220992 —-a-w- c:\windows\system32
    vcolor.exe
    2011-10-08 04:50 . 2007-09-16 17:07 203072 —-a-w- c:\windows\system32
    vmctray.dll
    2011-10-08 04:50 . 2007-09-16 17:07 17956864 —-a-w- c:\windows\system32
    voglnt.dll
    2011-10-08 04:50 . 2007-09-16 17:07 16744256 —-a-w- c:\windows\system32
    vcpl.dll
    2011-10-08 04:50 . 2007-09-16 17:07 12791488 —-a-w- c:\windows\system32\drivers
    v4_mini.sys
    2011-04-10 12:06 . 2011-04-10 12:06 20586196 —-a-w- c:\program files\vlc-1.1.8-win32.exe
    2011-04-10 12:03 . 2011-02-19 15:31 20364702 —-a-w- c:\program files\vlc-1.1.7-win32.exe
    2011-01-29 06:52 . 2011-01-29 06:52 200442456 —-a-w- c:\program files\vegaspro100c_32bit.exe
    2011-01-27 18:35 . 2011-01-27 18:35 1364522 —-a-w- c:\program files\wrar393.exe
    2011-01-16 09:27 . 2011-01-16 09:26 150446976 —-a-w- c:\program files\AVSVideoEditor.exe
    2011-01-12 02:33 . 2011-01-12 02:33 11008549 —-a-w- c:\program files\avidemux_2.5.4_win32.exe
    2011-01-11 17:21 . 2011-01-11 17:20 62701672 —-a-w- c:\program files\AVSVideoConverter.exe
    2010-12-30 16:59 . 2010-12-30 16:58 19985265 —-a-w- c:\program files\vlc-1.1.5-win32.exe
    2010-12-14 19:22 . 2010-12-14 19:22 338760 —-a-w- c:\program files\RegtaskTool_Installer.exe
    2010-12-13 18:03 . 2008-10-22 11:09 86016 —-a-w- c:\program files\setupenne.dll
    2010-12-11 07:22 . 2010-12-11 07:21 25188112 —-a-w- c:\program files\setpoint620.exe
    2010-12-08 18:15 . 2008-10-20 17:25 9039288 —-a-w- c:\program files\Vuze_Installer.exe
    2010-12-04 11:27 . 2010-07-04 06:54 13454568 —-a-w- c:\program files\RegistryReviverSetup.exe
    2010-08-29 11:47 . 2009-04-29 16:04 44089904 —-a-w- c:\program files\avira_antivir_personal_en.exe
    2010-08-29 11:37 . 2010-08-29 11:37 44153664 —-a-w- c:\program files\avira_antivir_personal_de.exe
    2010-08-29 11:23 . 2010-08-29 11:23 3427712 —-a-w- c:\program files\ccsetup235.exe
    2010-08-05 17:43 . 2010-08-05 17:43 3420304 —-a-w- c:\program files\ccsetup234.exe
    2010-03-20 17:37 . 2010-03-20 17:37 1103048 —-a-w- c:\program files\wpsetup.exe
    2010-03-12 12:28 . 2010-03-12 12:28 34506392 —-a-w- c:\program files\Nokia_PC_Suite_dut_web.exe
    2010-03-12 10:46 . 2010-03-12 10:39 98366952 —-a-w- c:\program files\Nokia_Ovi_Suite_webinstaller_ALL.exe
    2010-01-02 22:50 . 2009-10-16 05:08 13731712 —-a-w- c:\program files\AVSRegistryCleaner.exe
    2009-12-25 11:22 . 2009-12-25 11:22 6113439 —-a-w- c:\program files\pci_filerecovery.exe
    2009-10-25 11:52 . 2009-10-25 11:52 77086488 —-a-w- c:\program files\Ad-AwareInstallation.exe
    2009-09-02 18:54 . 2009-09-02 18:54 74160 —-a-w- c:\program files\irfanview_lang_nederlands.exe
    2009-09-02 18:52 . 2009-09-02 18:52 1359360 —-a-w- c:\program files\iview425_setup.exe
    2009-08-30 09:17 . 2009-08-30 09:16 3293088 —-a-w- c:\program files\ccsetup223.exe
    2009-05-28 18:34 . 2009-05-28 18:34 5076056 —-a-w- c:\program files
    uvi760_480.exe
    2009-03-22 12:11 . 2009-03-22 12:11 4310568 —-a-w- c:\program files\WebUpdater_241.exe
    2009-03-14 08:06 . 2009-03-14 08:06 37452296 —-a-w- c:\program files\Ad-AwareAE.exe
    2008-12-21 11:12 . 2008-12-21 11:11 5797488 —-a-w- c:\program files\GOMPLAYERENSETUP.EXE
    2008-12-21 08:57 . 2008-12-21 08:57 27288880 —-a-w- c:\program files\QuickTimeInstaller.exe
    2008-12-21 08:49 . 2008-12-21 08:49 12349806 —-a-w- c:\program files\dvdflick_setup_1.3.0.4.exe
    2008-11-30 11:51 . 2008-10-06 07:04 15083520 —-a-w- c:\program files\spybotsd160.exe
    2008-11-23 14:14 . 2008-10-02 17:20 25129080 —-a-w- c:\program files\antivir_workstation_winu_en_h.exe
    2008-11-23 12:02 . 2008-11-23 12:02 1958864 —-a-w- c:\program files\TrendMicro_Downloader.exe
    2008-11-11 14:44 . 2008-11-11 14:44 860391 —-a-w- c:\program files\7z457.exe
    2008-10-15 13:18 . 2008-10-15 13:18 2160115 —-a-w- c:\program files\NeatSetup.exe
    2008-10-15 11:48 . 2008-10-15 11:16 3172459 —-a-w- c:\program files\cdbxp_setup_4.2.2.984.exe
    2008-10-15 11:18 . 2008-10-15 11:18 2959376 —-a-w- c:\program files\dotnetfx35setup.exe
    2008-10-15 11:12 . 2008-10-15 11:12 4057200 —-a-w- c:\program files\wmfdist.exe
    2008-10-15 09:10 . 2008-10-15 09:10 359656 —-a-w- c:\program files\msicuu2.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-11-29 3908192]
    .
    [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeBridge"="c:\program files\Adobe\Adobe Bridge CS5\Bridge.exe" [2011-06-09 12002664]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinPatrol"="c:\progra~1\BILLPS~1\WINPAT~1\winpatrol.exe" [2005-09-26 222784]
    "RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
    "Acronis Scheduler2Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-20 390512]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
    "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
    "NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
    "nwiz"="c:\program files\NVIDIA Corporation
    view
    wiz.exe" [2011-10-08 1632360]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
    .
    c:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\
    NaturalColorLoad.lnk - c:\program files\SEC\Natural Color\NaturalColorLoad.exe [2008-12-4 155715]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\LBTWlgn]
    2010-10-28 10:13 64592 —-a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
    c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart]
    2007-03-04 21:08 1891416 —-a-w- c:\garmin\gStart.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2008-10-05 09:08 39408 —-a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Bonjour Service"=2 (0x2)
    "Apple Mobile Device"=2 (0x2)
    "iPod Service"=3 (0x3)
    "gusvc"=2 (0x2)
    "gupdate1c9c7b35e2a82cc"=2 (0x2)
    "GEST Service"=3 (0x3)
    "FLEXnet Licensing Service"=3 (0x3)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\GIGABYTE\\GEST\\run.exe"=
    "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\Avira\\AntiVir Desktop\\avscan.exe"=
    "c:\\Program Files\\Vuze\\Azureus.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
    "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
    "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
    "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
    "3192:TCP"= 3192:TCP:Akamai NetSession Interface
    "5000:UDP"= 5000:UDP:Akamai NetSession Interface
    .
    R0 hotcore;hotcore;c:\windows\system32\drivers\hotcore.sys [4/10/2008 12:21 30820]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [14/03/2009 9:08 64512]
    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/10/2008 19:41 717296]
    R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2/12/2010 19:22 752128]
    R2 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [29/12/2010 14:42 3246040]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [22/05/2009 18:54 136360]
    R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [11/12/2010 8:22 10448]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [27/12/2011 21:00 2253120]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [15/03/2011 13:44 428384]
    R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [29/12/2010 14:42 167968]
    S2 gupdate1c9c7b35e2a82cc;Google Update Service (gupdate1c9c7b35e2a82cc);c:\program files\Google\Update\GoogleUpdate.exe [28/04/2009 4:42 133104]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [28/10/2011 16:52 2152152]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [28/04/2009 4:42 133104]
    S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13:37 517096]
    S4 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [15/04/2008 13:00 14336]
    S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe –> c:\program files\AskBarDis\bar\bin\AskService.exe [?]
    S4 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\GEST\gsvr.exe [2/10/2008 23:16 55816]
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 15619617
    *Deregistered* - 15619617
    *Deregistered* - Lavasoft Kernexplorer
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-12-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-28 15:52]
    .
    2011-12-26 c:\windows\Tasks\AdobeAAMUpdater-1.0-STILLEPC-paul.job
    - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-22 02:44]
    .
    2011-09-17 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
    .
    2011-12-30 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-05 07:23]
    .
    2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-28 03:42]
    .
    2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-28 03:42]
    .
    2011-12-30 c:\windows\Tasks\User_Feed_Synchronization-{1CD3A718-4B83-444F-9C3D-CB870A64AC95}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.tijd.be/home
    mStart Page = hxxp://search.foxtab.com/?s=0&chnl=irn
    uInternet Settings,ProxyOverride = *.local
    IE: PDF in Word openen (PDF Converter 3.0) - c:\program files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /700
    TCP: DhcpNameServer = 192.168.1.1
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {96816368-C1E3-414D-A193-63C3CC921990} - hxxp://sligachanhotel.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    HKLM-RunOnce-AvgRemover - c:\documents and settings\paul\Local Settings\Temporary Internet Files\Content.IE5\W3Z5HZCH\avg_remover_stf_x86_2012_1796[1].exe
    AddRemove-Van Dale Grote woordenboeken Engels - c:\windows\ISUN0413.EXE
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-12-30 20:06
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
    "ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_d76cf65.dll"
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
    "ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_d76cf65.dll"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(996)
    c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    .
    Voltooingstijd: 2011-12-30 20:08:15
    ComboFix-quarantined-files.txt 2011-12-30 19:08
    ComboFix2.txt 2008-12-26 12:14
    .
    Pre-Run: 213.157.101.568 bytes beschikbaar
    Post-Run: 213.849.038.848 bytes beschikbaar
    .
    - - End Of File - - A926F19AC679978DA8C021ADB708623D


















































  • 20:15:07.0593 2628 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
    20:15:07.0703 2628 ============================================================
    20:15:07.0703 2628 Current date / time: 2011/12/30 20:15:07.0703
    20:15:07.0703 2628 SystemInfo:
    20:15:07.0703 2628
    20:15:07.0703 2628 OS Version: 5.1.2600 ServicePack: 3.0
    20:15:07.0703 2628 Product type: Workstation
    20:15:07.0703 2628 ComputerName: STILLEPC
    20:15:07.0703 2628 UserName: paul
    20:15:07.0703 2628 Windows directory: C:\WINDOWS
    20:15:07.0703 2628 System windows directory: C:\WINDOWS
    20:15:07.0703 2628 Processor architecture: Intel x86
    20:15:07.0703 2628 Number of processors: 4
    20:15:07.0703 2628 Page size: 0x1000
    20:15:07.0703 2628 Boot type: Normal boot
    20:15:07.0703 2628 ============================================================
    20:15:08.0890 2628 Initialize success
  • Hoi, geen logs posten waar ik niet om gevraagd heb graag.

    En het TDSSKiller-log is inkompleet.
    Graag het volledige log - C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
  • 19:39:10.0468 3100 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
    19:39:10.0593 3100 ============================================================
    19:39:10.0593 3100 Current date / time: 2011/12/30 19:39:10.0593
    19:39:10.0593 3100 SystemInfo:
    19:39:10.0593 3100
    19:39:10.0593 3100 OS Version: 5.1.2600 ServicePack: 3.0
    19:39:10.0593 3100 Product type: Workstation
    19:39:10.0593 3100 ComputerName: STILLEPC
    19:39:10.0593 3100 UserName: paul
    19:39:10.0593 3100 Windows directory: C:\WINDOWS
    19:39:10.0593 3100 System windows directory: C:\WINDOWS
    19:39:10.0593 3100 Processor architecture: Intel x86
    19:39:10.0593 3100 Number of processors: 4
    19:39:10.0593 3100 Page size: 0x1000
    19:39:10.0593 3100 Boot type: Normal boot
    19:39:10.0593 3100 ============================================================
    19:39:11.0703 3100 Initialize success
    19:39:34.0093 3276 ============================================================
    19:39:34.0093 3276 Scan started
    19:39:34.0093 3276 Mode: Manual;
    19:39:34.0093 3276 ============================================================
    19:39:34.0546 3276 Abiosdsk - ok
    19:39:34.0546 3276 abp480n5 - ok
    19:39:34.0593 3276 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    19:39:34.0593 3276 ACPI - ok
    19:39:34.0640 3276 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
    19:39:34.0640 3276 ACPIEC - ok
    19:39:34.0656 3276 adpu160m - ok
    19:39:34.0703 3276 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    19:39:34.0703 3276 aec - ok
    19:39:34.0718 3276 afcdp (53696ad8ffc5fac51949a525ff65a689) C:\WINDOWS\system32\DRIVERS\afcdp.sys
    19:39:34.0718 3276 afcdp - ok
    19:39:34.0781 3276 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    19:39:34.0781 3276 AFD - ok
    19:39:34.0812 3276 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys
    19:39:34.0828 3276 AFS2K - ok
    19:39:34.0828 3276 Aha154x - ok
    19:39:34.0843 3276 aic78u2 - ok
    19:39:34.0843 3276 aic78xx - ok
    19:39:34.0859 3276 AliIde - ok
    19:39:34.0859 3276 amsint - ok
    19:39:34.0890 3276 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    19:39:34.0890 3276 Arp1394 - ok
    19:39:34.0906 3276 asc - ok
    19:39:34.0906 3276 asc3350p - ok
    19:39:34.0906 3276 asc3550 - ok
    19:39:34.0953 3276 ASUSVRC (94442e3029ff6c9f08140fe6718af4fb) C:\WINDOWS\system32\DRIVERS\AsusVRC.sys
    19:39:34.0953 3276 ASUSVRC - ok
    19:39:34.0953 3276 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    19:39:34.0953 3276 AsyncMac - ok
    19:39:34.0968 3276 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    19:39:34.0968 3276 atapi - ok
    19:39:34.0968 3276 Atdisk - ok
    19:39:34.0984 3276 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    19:39:34.0984 3276 Atmarpc - ok
    19:39:35.0015 3276 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    19:39:35.0015 3276 audstub - ok
    19:39:35.0140 3276 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
    19:39:35.0140 3276 avgio - ok
    19:39:35.0171 3276 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
    19:39:35.0171 3276 avgntflt - ok
    19:39:35.0203 3276 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
    19:39:35.0203 3276 avipbb - ok
    19:39:35.0218 3276 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    19:39:35.0218 3276 Beep - ok
    19:39:35.0250 3276 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    19:39:35.0250 3276 cbidf2k - ok
    19:39:35.0265 3276 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    19:39:35.0265 3276 CCDECODE - ok
    19:39:35.0265 3276 cd20xrnt - ok
    19:39:35.0281 3276 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    19:39:35.0281 3276 Cdaudio - ok
    19:39:35.0281 3276 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    19:39:35.0296 3276 Cdfs - ok
    19:39:35.0343 3276 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    19:39:35.0343 3276 Cdrom - ok
    19:39:35.0343 3276 Changer - ok
    19:39:35.0359 3276 CmdIde - ok
    19:39:35.0375 3276 Cpqarray - ok
    19:39:35.0375 3276 dac2w2k - ok
    19:39:35.0390 3276 dac960nt - ok
    19:39:35.0406 3276 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    19:39:35.0406 3276 Disk - ok
    19:39:35.0453 3276 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
    19:39:35.0453 3276 dmboot - ok
    19:39:35.0484 3276 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
    19:39:35.0484 3276 dmio - ok
    19:39:35.0500 3276 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    19:39:35.0500 3276 dmload - ok
    19:39:35.0562 3276 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    19:39:35.0562 3276 DMusic - ok
    19:39:35.0562 3276 dpti2o - ok
    19:39:35.0578 3276 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    19:39:35.0578 3276 drmkaud - ok
    19:39:35.0609 3276 EIO (0daf3544804650526751c478aeccce63) C:\WINDOWS\system32\drivers\EIO.sys
    19:39:35.0609 3276 EIO - ok
    19:39:35.0625 3276 ET5Drv (e5030e34de21a6818e8586bfb7dd4b60) C:\WINDOWS\system32\Drivers\ET5Drv.sys
    19:39:35.0640 3276 ET5Drv - ok
    19:39:35.0640 3276 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    19:39:35.0671 3276 Fastfat - ok
    19:39:35.0671 3276 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    19:39:35.0671 3276 Fdc - ok
    19:39:35.0687 3276 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
    19:39:35.0687 3276 Fips - ok
    19:39:35.0703 3276 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    19:39:35.0703 3276 Flpydisk - ok
    19:39:35.0718 3276 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    19:39:35.0718 3276 FltMgr - ok
    19:39:35.0718 3276 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    19:39:35.0718 3276 Fs_Rec - ok
    19:39:35.0734 3276 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    19:39:35.0734 3276 Ftdisk - ok
    19:39:35.0765 3276 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys
    19:39:35.0812 3276 gdrv - ok
    19:39:35.0828 3276 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    19:39:35.0828 3276 GEARAspiWDM - ok
    19:39:35.0843 3276 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    19:39:35.0843 3276 Gpc - ok
    19:39:35.0875 3276 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINDOWS\system32\drivers\grmnusb.sys
    19:39:35.0875 3276 grmnusb - ok
    19:39:35.0937 3276 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    19:39:35.0937 3276 HDAudBus - ok
    19:39:35.0953 3276 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    19:39:35.0953 3276 hidusb - ok
    19:39:35.0984 3276 hotcore (adb2edb8f33ace78582303682ab81f25) C:\WINDOWS\system32\drivers\hotcore.sys
    19:39:35.0984 3276 hotcore - ok
    19:39:36.0000 3276 hpn - ok
    19:39:36.0046 3276 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    19:39:36.0046 3276 HTTP - ok
    19:39:36.0062 3276 i2omgmt - ok
    19:39:36.0062 3276 i2omp - ok
    19:39:36.0093 3276 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    19:39:36.0093 3276 i8042prt - ok
    19:39:36.0109 3276 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    19:39:36.0109 3276 Imapi - ok
    19:39:36.0109 3276 ini910u - ok
    19:39:36.0234 3276 IntcAzAudAddService (08baf30f6de95814f58af9ce7bbc5614) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    19:39:36.0265 3276 IntcAzAudAddService - ok
    19:39:36.0265 3276 IntelIde - ok
    19:39:36.0281 3276 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    19:39:36.0281 3276 intelppm - ok
    19:39:36.0312 3276 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    19:39:36.0312 3276 Ip6Fw - ok
    19:39:36.0328 3276 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    19:39:36.0328 3276 IpFilterDriver - ok
    19:39:36.0343 3276 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    19:39:36.0343 3276 IpInIp - ok
    19:39:36.0343 3276 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    19:39:36.0343 3276 IpNat - ok
    19:39:36.0359 3276 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    19:39:36.0375 3276 IPSec - ok
    19:39:36.0406 3276 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    19:39:36.0406 3276 IRENUM - ok
    19:39:36.0468 3276 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    19:39:36.0468 3276 isapnp - ok
    19:39:36.0515 3276 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    19:39:36.0515 3276 Kbdclass - ok
    19:39:36.0531 3276 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    19:39:36.0531 3276 kbdhid - ok
    19:39:36.0609 3276 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    19:39:36.0609 3276 kmixer - ok
    19:39:36.0625 3276 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    19:39:36.0625 3276 KSecDD - ok
    19:39:36.0750 3276 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
    19:39:36.0750 3276 Lavasoft Kernexplorer - ok
    19:39:36.0796 3276 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
    19:39:36.0796 3276 Lbd - ok
    19:39:36.0859 3276 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
    19:39:36.0859 3276 LBeepKE - ok
    19:39:36.0859 3276 lbrtfdc - ok
    19:39:36.0906 3276 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
    19:39:36.0906 3276 LHidFilt - ok
    19:39:36.0921 3276 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
    19:39:36.0921 3276 LMouFilt - ok
    19:39:36.0937 3276 LUsbFilt (81642f134929946ab4b9572c4c17298c) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
    19:39:36.0937 3276 LUsbFilt - ok
    19:39:36.0968 3276 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
    19:39:36.0968 3276 MarvinBus - ok
    19:39:37.0015 3276 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    19:39:37.0015 3276 mnmdd - ok
    19:39:37.0031 3276 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
    19:39:37.0046 3276 Modem - ok
    19:39:37.0062 3276 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    19:39:37.0062 3276 Mouclass - ok
    19:39:37.0078 3276 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    19:39:37.0078 3276 mouhid - ok
    19:39:37.0078 3276 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    19:39:37.0093 3276 MountMgr - ok
    19:39:37.0109 3276 mraid35x - ok
    19:39:37.0109 3276 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    19:39:37.0109 3276 MRxDAV - ok
    19:39:37.0156 3276 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    19:39:37.0156 3276 MRxSmb - ok
    19:39:37.0187 3276 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    19:39:37.0187 3276 Msfs - ok
    19:39:37.0234 3276 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    19:39:37.0234 3276 MSKSSRV - ok
    19:39:37.0234 3276 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    19:39:37.0234 3276 MSPCLOCK - ok
    19:39:37.0265 3276 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    19:39:37.0265 3276 MSPQM - ok
    19:39:37.0281 3276 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    19:39:37.0281 3276 mssmbios - ok
    19:39:37.0296 3276 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    19:39:37.0296 3276 MSTEE - ok
    19:39:37.0328 3276 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    19:39:37.0328 3276 Mup - ok
    19:39:37.0359 3276 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    19:39:37.0359 3276 NABTSFEC - ok
    19:39:37.0375 3276 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    19:39:37.0375 3276 NDIS - ok
    19:39:37.0406 3276 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    19:39:37.0406 3276 NdisIP - ok
    19:39:37.0453 3276 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
    distapi.sys
    19:39:37.0453 3276 NdisTapi - ok
    19:39:37.0468 3276 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
    disuio.sys
    19:39:37.0468 3276 Ndisuio - ok
    19:39:37.0468 3276 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
    diswan.sys
    19:39:37.0468 3276 NdisWan - ok
    19:39:37.0500 3276 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    19:39:37.0500 3276 NDProxy - ok
    19:39:37.0515 3276 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
    etbios.sys
    19:39:37.0515 3276 NetBIOS - ok
    19:39:37.0531 3276 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
    etbt.sys
    19:39:37.0531 3276 NetBT - ok
    19:39:37.0562 3276 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
    ic1394.sys
    19:39:37.0562 3276 NIC1394 - ok
    19:39:37.0578 3276 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    19:39:37.0578 3276 Npfs - ok
    19:39:37.0593 3276 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    19:39:37.0609 3276 Ntfs - ok
    19:39:37.0625 3276 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    19:39:37.0625 3276 Null - ok
    19:39:37.0937 3276 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS
    v4_mini.sys
    19:39:38.0187 3276 nv - ok
    19:39:38.0312 3276 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
    wlnkflt.sys
    19:39:38.0312 3276 NwlnkFlt - ok
    19:39:38.0328 3276 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
    wlnkfwd.sys
    19:39:38.0328 3276 NwlnkFwd - ok
    19:39:38.0390 3276 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    19:39:38.0390 3276 ohci1394 - ok
    19:39:38.0437 3276 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
    19:39:38.0437 3276 Parport - ok
    19:39:38.0453 3276 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    19:39:38.0453 3276 PartMgr - ok
    19:39:38.0531 3276 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
    19:39:38.0531 3276 ParVdm - ok
    19:39:38.0562 3276 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
    19:39:38.0562 3276 pccsmcfd - ok
    19:39:38.0578 3276 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
    19:39:38.0578 3276 PCI - ok
    19:39:38.0593 3276 PCIDump - ok
    19:39:38.0609 3276 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
    19:39:38.0609 3276 PCIIde - ok
    19:39:38.0640 3276 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
    19:39:38.0656 3276 Pcmcia - ok
    19:39:38.0671 3276 PDCOMP - ok
    19:39:38.0671 3276 PDFRAME - ok
    19:39:38.0671 3276 PDRELI - ok
    19:39:38.0687 3276 PDRFRAME - ok
    19:39:38.0687 3276 perc2 - ok
    19:39:38.0703 3276 perc2hib - ok
    19:39:38.0718 3276 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\WINDOWS\system32\drivers\pfc.sys
    19:39:38.0718 3276 pfc - ok
    19:39:38.0750 3276 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    19:39:38.0750 3276 PptpMiniport - ok
    19:39:38.0765 3276 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    19:39:38.0765 3276 PSched - ok
    19:39:38.0765 3276 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    19:39:38.0765 3276 Ptilink - ok
    19:39:38.0796 3276 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    19:39:38.0796 3276 PxHelp20 - ok
    19:39:38.0796 3276 ql1080 - ok
    19:39:38.0796 3276 Ql10wnt - ok
    19:39:38.0812 3276 ql12160 - ok
    19:39:38.0812 3276 ql1240 - ok
    19:39:38.0828 3276 ql1280 - ok
    19:39:38.0843 3276 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    19:39:38.0843 3276 RasAcd - ok
    19:39:38.0859 3276 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    19:39:38.0859 3276 Rasl2tp - ok
    19:39:38.0859 3276 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    19:39:38.0859 3276 RasPppoe - ok
    19:39:38.0875 3276 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    19:39:38.0875 3276 Raspti - ok
    19:39:38.0890 3276 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    19:39:38.0890 3276 Rdbss - ok
    19:39:38.0906 3276 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    19:39:38.0906 3276 RDPCDD - ok
    19:39:38.0937 3276 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    19:39:38.0937 3276 RDPWD - ok
    19:39:38.0968 3276 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
    19:39:38.0968 3276 redbook - ok
    19:39:39.0015 3276 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
    19:39:39.0015 3276 RTLE8023xp - ok
    19:39:39.0046 3276 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    19:39:39.0046 3276 Secdrv - ok
    19:39:39.0046 3276 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    19:39:39.0046 3276 serenum - ok
    19:39:39.0062 3276 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
    19:39:39.0062 3276 Serial - ok
    19:39:39.0078 3276 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
    19:39:39.0078 3276 Sfloppy - ok
    19:39:39.0093 3276 Simbad - ok
    19:39:39.0109 3276 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    19:39:39.0109 3276 SLIP - ok
    19:39:39.0140 3276 snapman (eb49860e776ce860dc3cfb9edb1ba517) C:\WINDOWS\system32\DRIVERS\snapman.sys
    19:39:39.0140 3276 snapman - ok
    19:39:39.0140 3276 Sparrow - ok
    19:39:39.0171 3276 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    19:39:39.0171 3276 splitter - ok
    19:39:39.0218 3276 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
    19:39:39.0218 3276 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
    19:39:39.0218 3276 sptd ( LockedFile.Multi.Generic ) - warning
    19:39:39.0218 3276 sptd - detected LockedFile.Multi.Generic (1)
    19:39:39.0234 3276 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
    19:39:39.0234 3276 sr - ok
    19:39:39.0250 3276 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    19:39:39.0265 3276 Srv - ok
    19:39:39.0312 3276 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    19:39:39.0312 3276 ssmdrv - ok
    19:39:39.0359 3276 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    19:39:39.0359 3276 streamip - ok
    19:39:39.0375 3276 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    19:39:39.0375 3276 swenum - ok
    19:39:39.0390 3276 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    19:39:39.0390 3276 swmidi - ok
    19:39:39.0390 3276 symc810 - ok
    19:39:39.0406 3276 symc8xx - ok
    19:39:39.0406 3276 sym_hi - ok
    19:39:39.0406 3276 sym_u3 - ok
    19:39:39.0421 3276 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    19:39:39.0421 3276 sysaudio - ok
    19:39:39.0468 3276 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    19:39:39.0468 3276 Tcpip - ok
    19:39:39.0500 3276 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    19:39:39.0500 3276 TDPIPE - ok
    19:39:39.0546 3276 tdrpman273 (431801fcc97034e04a6eff81136578d7) C:\WINDOWS\system32\DRIVERS\tdrpm273.sys
    19:39:39.0562 3276 tdrpman273 - ok
    19:39:39.0578 3276 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    19:39:39.0578 3276 TDTCP - ok
    19:39:39.0609 3276 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    19:39:39.0609 3276 TermDD - ok
    19:39:39.0640 3276 timounter (a34d7024bb7140ec785c86bc065d4f60) C:\WINDOWS\system32\DRIVERS\timntr.sys
    19:39:39.0656 3276 timounter - ok
    19:39:39.0703 3276 tmcomm (df8444a8fa8fd38d8848bdd40a8403b3) C:\WINDOWS\system32\drivers\tmcomm.sys
    19:39:39.0703 3276 tmcomm - ok
    19:39:39.0703 3276 TosIde - ok
    19:39:39.0750 3276 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    19:39:39.0765 3276 Udfs - ok
    19:39:39.0765 3276 ultra - ok
    19:39:39.0812 3276 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    19:39:39.0828 3276 Update - ok
    19:39:39.0843 3276 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    19:39:39.0843 3276 usbccgp - ok
    19:39:39.0890 3276 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    19:39:39.0890 3276 usbehci - ok
    19:39:39.0921 3276 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    19:39:39.0921 3276 usbhub - ok
    19:39:39.0953 3276 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    19:39:39.0953 3276 usbprint - ok
    19:39:39.0984 3276 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    19:39:39.0984 3276 usbscan - ok
    19:39:40.0046 3276 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    19:39:40.0046 3276 USBSTOR - ok
    19:39:40.0062 3276 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    19:39:40.0062 3276 usbuhci - ok
    19:39:40.0109 3276 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    19:39:40.0109 3276 VgaSave - ok
    19:39:40.0109 3276 ViaIde - ok
    19:39:40.0109 3276 Video3D - ok
    19:39:40.0125 3276 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
    19:39:40.0125 3276 VolSnap - ok
    19:39:40.0156 3276 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    19:39:40.0156 3276 Wanarp - ok
    19:39:40.0203 3276 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
    19:39:40.0203 3276 Wdf01000 - ok
    19:39:40.0203 3276 WDICA - ok
    19:39:40.0218 3276 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    19:39:40.0218 3276 wdmaud - ok
    19:39:40.0265 3276 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    19:39:40.0265 3276 WSTCODEC - ok
    19:39:40.0312 3276 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    19:39:40.0312 3276 WudfPf - ok
    19:39:40.0328 3276 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    19:39:40.0328 3276 WudfRd - ok
    19:39:40.0359 3276 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk1\DR1
    19:39:40.0500 3276 \Device\Harddisk1\DR1 - ok
    19:39:40.0500 3276 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
    19:39:40.0593 3276 \Device\Harddisk0\DR0 - ok
    19:39:40.0593 3276 Boot (0x1200) (00680790ed23e71617c72f56ee3ac366) \Device\Harddisk1\DR1\Partition0
    19:39:40.0593 3276 \Device\Harddisk1\DR1\Partition0 - ok
    19:39:40.0609 3276 Boot (0x1200) (2acbbbe1942906b6c4fdf3cb4f4a70ab) \Device\Harddisk0\DR0\Partition0
    19:39:40.0609 3276 \Device\Harddisk0\DR0\Partition0 - ok
    19:39:40.0609 3276 ============================================================
    19:39:40.0609 3276 Scan finished
    19:39:40.0609 3276 ============================================================
    19:39:40.0609 3200 Detected object count: 1
    19:39:40.0609 3200 Actual detected object count: 1
    19:40:34.0859 3200 sptd ( LockedFile.Multi.Generic ) - skipped by user
    19:40:34.0859 3200 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    19:41:09.0687 3000 ============================================================
    19:41:09.0687 3000 Scan started
    19:41:09.0687 3000 Mode: Manual; SigCheck; TDLFS;
    19:41:09.0687 3000 ============================================================
    19:41:10.0125 3000 Abiosdsk - ok
    19:41:10.0125 3000 abp480n5 - ok
    19:41:10.0140 3000 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    19:41:10.0406 3000 ACPI - ok
    19:41:10.0453 3000 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
    19:41:10.0531 3000 ACPIEC - ok
    19:41:10.0562 3000 adpu160m - ok
    19:41:10.0593 3000 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    19:41:10.0687 3000 aec - ok
    19:41:10.0734 3000 afcdp (53696ad8ffc5fac51949a525ff65a689) C:\WINDOWS\system32\DRIVERS\afcdp.sys
    19:41:10.0843 3000 afcdp - ok
    19:41:10.0906 3000 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    19:41:10.0968 3000 AFD - ok
    19:41:11.0015 3000 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys
    19:41:11.0031 3000 AFS2K ( UnsignedFile.Multi.Generic ) - warning
    19:41:11.0031 3000 AFS2K - detected UnsignedFile.Multi.Generic (1)
    19:41:11.0031 3000 Aha154x - ok
    19:41:11.0046 3000 aic78u2 - ok
    19:41:11.0046 3000 aic78xx - ok
    19:41:11.0062 3000 AliIde - ok
    19:41:11.0062 3000 amsint - ok
    19:41:11.0109 3000 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    19:41:11.0187 3000 Arp1394 - ok
    19:41:11.0187 3000 asc - ok
    19:41:11.0203 3000 asc3350p - ok
    19:41:11.0203 3000 asc3550 - ok
    19:41:11.0234 3000 ASUSVRC (94442e3029ff6c9f08140fe6718af4fb) C:\WINDOWS\system32\DRIVERS\AsusVRC.sys
    19:41:11.0250 3000 ASUSVRC ( UnsignedFile.Multi.Generic ) - warning
    19:41:11.0250 3000 ASUSVRC - detected UnsignedFile.Multi.Generic (1)
    19:41:11.0265 3000 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    19:41:11.0359 3000 AsyncMac - ok
    19:41:11.0375 3000 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    19:41:11.0453 3000 atapi - ok
    19:41:11.0468 3000 Atdisk - ok
    19:41:11.0484 3000 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    19:41:11.0562 3000 Atmarpc - ok
    19:41:11.0609 3000 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    19:41:11.0687 3000 audstub - ok
    19:41:11.0812 3000 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
    19:41:11.0828 3000 avgio - ok
    19:41:11.0890 3000 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
    19:41:11.0890 3000 avgntflt - ok
    19:41:11.0953 3000 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
    19:41:11.0953 3000 avipbb - ok
    19:41:11.0984 3000 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    19:41:12.0062 3000 Beep - ok
    19:41:12.0109 3000 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    19:41:12.0203 3000 cbidf2k - ok
    19:41:12.0234 3000 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    19:41:12.0312 3000 CCDECODE - ok
    19:41:12.0312 3000 cd20xrnt - ok
    19:41:12.0328 3000 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    19:41:12.0421 3000 Cdaudio - ok
    19:41:12.0453 3000 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    19:41:12.0546 3000 Cdfs - ok
    19:41:12.0640 3000 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    19:41:12.0671 3000 Cdrom - ok
    19:41:12.0671 3000 Changer - ok
    19:41:12.0687 3000 CmdIde - ok
    19:41:12.0703 3000 Cpqarray - ok
    19:41:12.0703 3000 dac2w2k - ok
    19:41:12.0718 3000 dac960nt - ok
    19:41:12.0734 3000 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    19:41:12.0828 3000 Disk - ok
    19:41:12.0859 3000 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
    19:41:12.0968 3000 dmboot - ok
    19:41:13.0000 3000 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
    19:41:13.0078 3000 dmio - ok
    19:41:13.0250 3000 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    19:41:13.0328 3000 dmload - ok
    19:41:13.0375 3000 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    19:41:13.0468 3000 DMusic - ok
    19:41:13.0468 3000 dpti2o - ok
    19:41:13.0484 3000 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    19:41:13.0562 3000 drmkaud - ok
    19:41:13.0609 3000 EIO (0daf3544804650526751c478aeccce63) C:\WINDOWS\system32\drivers\EIO.sys
    19:41:13.0609 3000 EIO ( UnsignedFile.Multi.Generic ) - warning
    19:41:13.0609 3000 EIO - detected UnsignedFile.Multi.Generic (1)
    19:41:13.0640 3000 ET5Drv (e5030e34de21a6818e8586bfb7dd4b60) C:\WINDOWS\system32\Drivers\ET5Drv.sys
    19:41:13.0656 3000 ET5Drv - ok
    19:41:13.0671 3000 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    19:41:13.0765 3000 Fastfat - ok
    19:41:13.0781 3000 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    19:41:13.0859 3000 Fdc - ok
    19:41:13.0859 3000 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
    19:41:13.0953 3000 Fips - ok
    19:41:13.0968 3000 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    19:41:14.0046 3000 Flpydisk - ok
    19:41:14.0093 3000 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    19:41:14.0171 3000 FltMgr - ok
    19:41:14.0187 3000 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    19:41:14.0265 3000 Fs_Rec - ok
    19:41:14.0265 3000 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    19:41:14.0343 3000 Ftdisk - ok
    19:41:14.0375 3000 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys
    19:41:14.0375 3000 gdrv - ok
    19:41:14.0406 3000 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    19:41:14.0406 3000 GEARAspiWDM - ok
    19:41:14.0453 3000 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    19:41:14.0531 3000 Gpc - ok
    19:41:14.0593 3000 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINDOWS\system32\drivers\grmnusb.sys
    19:41:14.0625 3000 grmnusb ( UnsignedFile.Multi.Generic ) - warning
    19:41:14.0625 3000 grmnusb - detected UnsignedFile.Multi.Generic (1)
    19:41:14.0671 3000 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    19:41:14.0750 3000 HDAudBus - ok
    19:41:14.0796 3000 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    19:41:14.0890 3000 hidusb - ok
    19:41:14.0921 3000 hotcore (adb2edb8f33ace78582303682ab81f25) C:\WINDOWS\system32\drivers\hotcore.sys
    19:41:14.0921 3000 hotcore ( UnsignedFile.Multi.Generic ) - warning
    19:41:14.0921 3000 hotcore - detected UnsignedFile.Multi.Generic (1)
    19:41:14.0937 3000 hpn - ok
    19:41:14.0984 3000 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    19:41:15.0046 3000 HTTP - ok
    19:41:15.0062 3000 i2omgmt - ok
    19:41:15.0078 3000 i2omp - ok
    19:41:15.0093 3000 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    19:41:15.0203 3000 i8042prt - ok
    19:41:15.0203 3000 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    19:41:15.0296 3000 Imapi - ok
    19:41:15.0296 3000 ini910u - ok
    19:41:15.0453 3000 IntcAzAudAddService (08baf30f6de95814f58af9ce7bbc5614) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    19:41:15.0609 3000 IntcAzAudAddService - ok
    19:41:15.0625 3000 IntelIde - ok
    19:41:15.0687 3000 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    19:41:15.0765 3000 intelppm - ok
    19:41:15.0796 3000 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    19:41:15.0890 3000 Ip6Fw - ok
    19:41:15.0921 3000 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    19:41:16.0015 3000 IpFilterDriver - ok
    19:41:16.0031 3000 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    19:41:16.0109 3000 IpInIp - ok
    19:41:16.0109 3000 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    19:41:16.0218 3000 IpNat - ok
    19:41:16.0250 3000 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    19:41:16.0343 3000 IPSec - ok
    19:41:16.0390 3000 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    19:41:16.0421 3000 IRENUM - ok
    19:41:16.0453 3000 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    19:41:16.0531 3000 isapnp - ok
    19:41:16.0562 3000 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    19:41:16.0640 3000 Kbdclass - ok
    19:41:16.0656 3000 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    19:41:16.0734 3000 kbdhid - ok
    19:41:16.0781 3000 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    19:41:16.0859 3000 kmixer - ok
    19:41:16.0890 3000 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    19:41:16.0953 3000 KSecDD - ok
    19:41:17.0078 3000 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
    19:41:17.0078 3000 Lavasoft Kernexplorer - ok
    19:41:17.0125 3000 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
    19:41:17.0125 3000 Lbd - ok
    19:41:17.0187 3000 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
    19:41:17.0187 3000 LBeepKE - ok
    19:41:17.0203 3000 lbrtfdc - ok
    19:41:17.0265 3000 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
    19:41:17.0265 3000 LHidFilt - ok
    19:41:17.0296 3000 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
    19:41:17.0296 3000 LMouFilt - ok
    19:41:17.0312 3000 LUsbFilt (81642f134929946ab4b9572c4c17298c) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
    19:41:17.0312 3000 LUsbFilt - ok
    19:41:17.0375 3000 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
    19:41:17.0390 3000 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
    19:41:17.0390 3000 MarvinBus - detected UnsignedFile.Multi.Generic (1)
    19:41:17.0437 3000 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    19:41:17.0515 3000 mnmdd - ok
    19:41:17.0531 3000 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
    19:41:17.0625 3000 Modem - ok
    19:41:17.0671 3000 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    19:41:17.0765 3000 Mouclass - ok
    19:41:17.0796 3000 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    19:41:17.0875 3000 mouhid - ok
    19:41:17.0890 3000 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    19:41:17.0984 3000 MountMgr - ok
    19:41:17.0984 3000 mraid35x - ok
    19:41:18.0000 3000 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    19:41:18.0078 3000 MRxDAV - ok
    19:41:18.0125 3000 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    19:41:18.0203 3000 MRxSmb - ok
    19:41:18.0234 3000 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    19:41:18.0296 3000 Msfs - ok
    19:41:18.0328 3000 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    19:41:18.0406 3000 MSKSSRV - ok
    19:41:18.0437 3000 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    19:41:18.0515 3000 MSPCLOCK - ok
    19:41:18.0515 3000 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    19:41:18.0609 3000 MSPQM - ok
    19:41:18.0625 3000 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    19:41:18.0703 3000 mssmbios - ok
    19:41:18.0750 3000 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    19:41:18.0843 3000 MSTEE - ok
    19:41:18.0875 3000 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    19:41:18.0890 3000 Mup - ok
    19:41:18.0906 3000 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    19:41:19.0000 3000 NABTSFEC - ok
    19:41:19.0015 3000 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    19:41:19.0093 3000 NDIS - ok
    19:41:19.0109 3000 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    19:41:19.0203 3000 NdisIP - ok
    19:41:19.0234 3000 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
    distapi.sys
    19:41:19.0250 3000 NdisTapi - ok
    19:41:19.0281 3000 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
    disuio.sys
    19:41:19.0359 3000 Ndisuio - ok
    19:41:19.0375 3000 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
    diswan.sys
    19:41:19.0453 3000 NdisWan - ok
    19:41:19.0468 3000 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    19:41:19.0500 3000 NDProxy - ok
    19:41:19.0531 3000 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
    etbios.sys
    19:41:19.0593 3000 NetBIOS - ok
    19:41:19.0625 3000 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
    etbt.sys
    19:41:19.0703 3000 NetBT - ok
    19:41:19.0734 3000 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
    ic1394.sys
    19:41:19.0828 3000 NIC1394 - ok
    19:41:19.0875 3000 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    19:41:19.0953 3000 Npfs - ok
    19:41:19.0984 3000 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    19:41:20.0109 3000 Ntfs - ok
    19:41:20.0125 3000 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    19:41:20.0203 3000 Null - ok
    19:41:20.0531 3000 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS
    v4_mini.sys
    19:41:20.0828 3000 nv - ok
    19:41:20.0937 3000 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
    wlnkflt.sys
    19:41:21.0031 3000 NwlnkFlt - ok
    19:41:21.0046 3000 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
    wlnkfwd.sys
    19:41:21.0125 3000 NwlnkFwd - ok
    19:41:21.0171 3000 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    19:41:21.0250 3000 ohci1394 - ok
    19:41:21.0296 3000 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
    19:41:21.0375 3000 Parport - ok
    19:41:21.0390 3000 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    19:41:21.0453 3000 PartMgr - ok
    19:41:21.0500 3000 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
    19:41:21.0578 3000 ParVdm - ok
    19:41:21.0609 3000 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
    19:41:21.0640 3000 pccsmcfd - ok
    19:41:21.0671 3000 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
    19:41:21.0765 3000 PCI - ok
    19:41:21.0781 3000 PCIDump - ok
    19:41:21.0781 3000 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
    19:41:21.0859 3000 PCIIde - ok
    19:41:21.0906 3000 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
    19:41:21.0984 3000 Pcmcia - ok
    19:41:21.0984 3000 PDCOMP - ok
    19:41:22.0000 3000 PDFRAME - ok
    19:41:22.0000 3000 PDRELI - ok
    19:41:22.0000 3000 PDRFRAME - ok
    19:41:22.0015 3000 perc2 - ok
    19:41:22.0015 3000 perc2hib - ok
    19:41:22.0046 3000 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\WINDOWS\system32\drivers\pfc.sys
    19:41:22.0062 3000 pfc ( UnsignedFile.Multi.Generic ) - warning
    19:41:22.0062 3000 pfc - detected UnsignedFile.Multi.Generic (1)
    19:41:22.0078 3000 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    19:41:22.0171 3000 PptpMiniport - ok
    19:41:22.0187 3000 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    19:41:22.0250 3000 PSched - ok
    19:41:22.0281 3000 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    19:41:22.0343 3000 Ptilink - ok
    19:41:22.0359 3000 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    19:41:22.0375 3000 PxHelp20 - ok
    19:41:22.0375 3000 ql1080 - ok
    19:41:22.0390 3000 Ql10wnt - ok
    19:41:22.0390 3000 ql12160 - ok
    19:41:22.0390 3000 ql1240 - ok
    19:41:22.0406 3000 ql1280 - ok
    19:41:22.0421 3000 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    19:41:22.0500 3000 RasAcd - ok
    19:41:22.0515 3000 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    19:41:22.0593 3000 Rasl2tp - ok
    19:41:22.0593 3000 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    19:41:22.0671 3000 RasPppoe - ok
    19:41:22.0671 3000 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    19:41:22.0750 3000 Raspti - ok
    19:41:22.0765 3000 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    19:41:22.0828 3000 Rdbss - ok
    19:41:22.0843 3000 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    19:41:22.0906 3000 RDPCDD - ok
    19:41:22.0937 3000 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    19:41:22.0968 3000 RDPWD - ok
    19:41:22.0984 3000 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
    19:41:23.0062 3000 redbook - ok
    19:41:23.0125 3000 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
    19:41:23.0156 3000 RTLE8023xp - ok
    19:41:23.0187 3000 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    19:41:23.0218 3000 Secdrv - ok
    19:41:23.0265 3000 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    19:41:23.0359 3000 serenum - ok
    19:41:23.0359 3000 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
    19:41:23.0437 3000 Serial - ok
    19:41:23.0453 3000 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
    19:41:23.0531 3000 Sfloppy - ok
    19:41:23.0546 3000 Simbad - ok
    19:41:23.0593 3000 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    19:41:23.0671 3000 SLIP - ok
    19:41:23.0703 3000 snapman (eb49860e776ce860dc3cfb9edb1ba517) C:\WINDOWS\system32\DRIVERS\snapman.sys
    19:41:23.0718 3000 snapman - ok
    19:41:23.0718 3000 Sparrow - ok
    19:41:23.0781 3000 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    19:41:23.0843 3000 splitter - ok
    19:41:23.0890 3000 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
    19:41:23.0890 3000 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
    19:41:23.0890 3000 sptd ( LockedFile.Multi.Generic ) - warning
    19:41:23.0890 3000 sptd - detected LockedFile.Multi.Generic (1)
    19:41:23.0906 3000 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
    19:41:23.0953 3000 sr - ok
    19:41:23.0968 3000 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    19:41:24.0015 3000 Srv - ok
    19:41:24.0062 3000 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    19:41:24.0078 3000 ssmdrv - ok
    19:41:24.0109 3000 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    19:41:24.0171 3000 streamip - ok
    19:41:24.0187 3000 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    19:41:24.0265 3000 swenum - ok
    19:41:24.0281 3000 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    19:41:24.0343 3000 swmidi - ok
    19:41:24.0359 3000 symc810 - ok
    19:41:24.0359 3000 symc8xx - ok
    19:41:24.0375 3000 sym_hi - ok
    19:41:24.0375 3000 sym_u3 - ok
    19:41:24.0390 3000 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    19:41:24.0468 3000 sysaudio - ok
    19:41:24.0515 3000 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    19:41:24.0609 3000 Tcpip - ok
    19:41:24.0656 3000 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    19:41:24.0734 3000 TDPIPE - ok
    19:41:24.0796 3000 tdrpman273 (431801fcc97034e04a6eff81136578d7) C:\WINDOWS\system32\DRIVERS\tdrpm273.sys
    19:41:24.0828 3000 tdrpman273 - ok
    19:41:24.0859 3000 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    19:41:24.0937 3000 TDTCP - ok
    19:41:24.0984 3000 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    19:41:25.0062 3000 TermDD - ok
    19:41:25.0078 3000 timounter (a34d7024bb7140ec785c86bc065d4f60) C:\WINDOWS\system32\DRIVERS\timntr.sys
    19:41:25.0109 3000 timounter - ok
    19:41:25.0156 3000 tmcomm (df8444a8fa8fd38d8848bdd40a8403b3) C:\WINDOWS\system32\drivers\tmcomm.sys
    19:41:25.0171 3000 tmcomm - ok
    19:41:25.0171 3000 TosIde - ok
    19:41:25.0218 3000 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    19:41:25.0281 3000 Udfs - ok
    19:41:25.0296 3000 ultra - ok
    19:41:25.0328 3000 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    19:41:25.0390 3000 Update - ok
    19:41:25.0437 3000 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    19:41:25.0500 3000 usbccgp - ok
    19:41:25.0546 3000 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    19:41:25.0609 3000 usbehci - ok
    19:41:25.0625 3000 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    19:41:25.0687 3000 usbhub - ok
    19:41:25.0734 3000 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    19:41:25.0812 3000 usbprint - ok
    19:41:25.0843 3000 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    19:41:25.0921 3000 usbscan - ok
    19:41:25.0953 3000 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    19:41:26.0015 3000 USBSTOR - ok
    19:41:26.0031 3000 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    19:41:26.0109 3000 usbuhci - ok
    19:41:26.0156 3000 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    19:41:26.0218 3000 VgaSave - ok
    19:41:26.0234 3000 ViaIde - ok
    19:41:26.0234 3000 Video3D - ok
    19:41:26.0265 3000 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
    19:41:26.0328 3000 VolSnap - ok
    19:41:26.0343 3000 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    19:41:26.0406 3000 Wanarp - ok
    19:41:26.0468 3000 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
    19:41:26.0500 3000 Wdf01000 - ok
    19:41:26.0515 3000 WDICA - ok
    19:41:26.0562 3000 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    19:41:26.0625 3000 wdmaud - ok
    19:41:26.0687 3000 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    19:41:26.0750 3000 WSTCODEC - ok
    19:41:26.0796 3000 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    19:41:26.0828 3000 WudfPf - ok
    19:41:26.0843 3000 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    19:41:26.0859 3000 WudfRd - ok
    19:41:26.0890 3000 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk1\DR1
    19:41:27.0078 3000 \Device\Harddisk1\DR1 - ok
    19:41:27.0078 3000 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
    19:41:27.0156 3000 \Device\Harddisk0\DR0 - ok
    19:41:27.0156 3000 Boot (0x1200) (00680790ed23e71617c72f56ee3ac366) \Device\Harddisk1\DR1\Partition0
    19:41:27.0171 3000 \Device\Harddisk1\DR1\Partition0 - ok
    19:41:27.0171 3000 Boot (0x1200) (2acbbbe1942906b6c4fdf3cb4f4a70ab) \Device\Harddisk0\DR0\Partition0
    19:41:27.0171 3000 \Device\Harddisk0\DR0\Partition0 - ok
    19:41:27.0171 3000 ============================================================
    19:41:27.0171 3000 Scan finished
    19:41:27.0171 3000 ============================================================
    19:41:27.0281 3008 Detected object count: 8
    19:41:27.0281 3008 Actual detected object count: 8
    19:42:59.0375 3008 AFS2K ( UnsignedFile.Multi.Generic ) - skipped by user
    19:42:59.0375 3008 AFS2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:42:59.0375 3008 ASUSVRC ( UnsignedFile.Multi.Generic ) - skipped by user
    19:42:59.0375 3008 ASUSVRC ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:42:59.0375 3008 EIO ( UnsignedFile.Multi.Generic ) - skipped by user
    19:42:59.0375 3008 EIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:42:59.0390 3008 grmnusb ( UnsignedFile.Multi.Generic ) - skipped by user
    19:42:59.0390 3008 grmnusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:42:59.0390 3008 hotcore ( UnsignedFile.Multi.Generic ) - skipped by user
    19:42:59.0390 3008 hotcore ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:42:59.0390 3008 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
    19:42:59.0390 3008 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:42:59.0390 3008 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
    19:42:59.0390 3008 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:42:59.0390 3008 sptd ( LockedFile.Multi.Generic ) - skipped by user
    19:42:59.0390 3008 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    19:46:56.0406 3912 Deinitialize success

















  • Heb je nog last van Babylon?
    Want ik heb nog steeds niks gevonden.

    Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:d2363e3412]Kladblok (of Notepad)[/b:d2363e3412]".

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:d2363e3412][/b:d2363e3412]


    Sla dit kladblokbestand op je bureaublad op als [b:d2363e3412]CFScript.txt[/b:d2363e3412].

    [b:d2363e3412][/b:d2363e3412]


    Sleep CFScript.txt in ComboFix.exe


    [img:d2363e3412]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:d2363e3412]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix-log dat na het opnieuw starten wordt getoond via de kleurcodeerder!


    [b:d2363e3412]Belangrijke opmerking[/b:d2363e3412]:
    [list:d2363e3412][*:d2363e3412][b:d2363e3412]
  • Als 't goed is, staat hier het gevraagde logbestand:

    ComboFix 11-12-30.01 - paul 30/12/2011 21:26:03.7.4 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3582.2779 [GMT 1:00]
    Gestart vanuit: c:\documents and settings\paul\Bureaublad\ComboFix.exe
    gebruikte Opdracht switches :: c:\documents and settings\paul\Bureaublad\CFScript.txt
    AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
    .
    FILE ::
    "c:\program files\Vuze_Remote\tbVuze.dll"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\Vuze_Remote\tbVuze.dll
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-11-28 to 2011-12-30 ))))))))))))))))))))))))))))))
    .
    .
    2011-12-30 18:26 . 2011-12-30 18:26 388096 —-a-r- c:\documents and settings\paul\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-30 14:13 . 2003-11-08 00:49 278528 —-a-w- c:\windows\system32\hpdj
    2011-12-30 14:08 . 2011-12-30 14:08 1402880 —-a-w- c:\program files\HiJackThis.msi
    2011-12-29 17:58 . 2011-12-29 18:18 2982 —-a-w- C:\user.js
    2011-12-29 17:58 . 2011-12-29 17:58 ——– d—–w- c:\documents and settings\paul\Local Settings\Application Data\Babylon
    2011-12-29 17:58 . 2011-12-29 17:58 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\Babylon
    2011-12-29 17:57 . 2011-12-29 17:57 ——– d—–w- c:\program files\FoxTabFLVPlayer
    2011-12-28 20:12 . 2003-09-24 08:44 44544 —-a-r- c:\windows\system32\MSXML4a.dll
    2011-12-28 20:12 . 2003-09-24 08:43 626960 —-a-r- c:\windows\system32\hpvaut32.dll
    2011-12-28 20:12 . 2003-09-24 08:43 487424 —-a-r- c:\windows\system32\hpvcp70.dll
    2011-12-28 20:12 . 2003-09-24 08:43 344064 —-a-r- c:\windows\system32\hpvcr70.dll
    2011-12-28 19:51 . 2011-12-28 19:51 ——– d—–w- c:\program files\HP
    2011-12-28 19:45 . 2011-12-28 19:45 ——– d—–w- c:\program files\5100
    2011-12-27 20:11 . 2011-12-27 20:11 ——– d—–w- c:\documents and settings\paul\Application Data\NVIDIA
    2011-12-27 20:00 . 2011-12-27 20:00 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\NVIDIA Corporation
    2011-12-26 16:15 . 2011-12-26 16:15 ——– d—–w- c:\documents and settings\Adobe CS5
    2011-12-26 07:07 . 2011-12-26 07:08 ——– d—–w- c:\documents and settings\paul\Application Data\vlc
    2011-12-26 07:01 . 2011-12-26 07:01 21073936 —-a-w- c:\program files\vlc-1.1.11-win32.exe
    2011-12-25 23:59 . 2011-12-26 00:00 ——– d—–w- c:\program files\Adobe Photoshop CS3
    2011-12-25 22:14 . 2011-12-25 22:14 ——– d—–w- c:\windows\system32\wbem\Repository
    2011-12-25 22:13 . 2011-12-30 20:19 ——– d–h–r- c:\documents and settings\paul\Onlangs geopend
    2011-12-25 21:19 . 2011-12-25 22:12 ——– d—–w- c:\documents and settings\paul\Local Settings\Application Data\Adobe(2)
    2011-12-25 21:19 . 2011-12-25 22:12 ——– d—–w- c:\documents and settings\paul\Application Data\Adobe(2)
    2011-12-25 21:14 . 2011-12-25 22:12 ——– d—–w- c:\program files\PhotoshopPortable
    2011-12-25 09:09 . 2011-12-25 09:09 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Mijn documenten
    2011-12-25 09:09 . 2011-12-25 22:13 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Adobe
    2011-12-17 21:17 . 2011-12-17 21:45 ——– d—–w- c:\documents and settings\paul\Application Data\AVG
    2011-12-17 19:22 . 2011-12-17 19:22 ——– d—–w- C:\$AVG
    2011-12-17 18:29 . 2011-12-17 18:29 ——– d–h–w- c:\documents and settings\All Users.WINDOWS\Application Data\Common Files
    2011-12-17 18:28 . 2011-12-30 18:18 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG2012
    2011-12-17 18:28 . 2011-12-30 20:24 ——– d—–w- c:\program files\AVG
    2011-12-17 18:26 . 2011-12-30 18:18 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\MFAData
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin7.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin6.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin5.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin4.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin3.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin2.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin.dll
    2011-12-05 21:13 . 2011-12-05 21:13 ——– d—–w- c:\program files\iPod
    2011-12-05 21:09 . 2011-12-05 21:09 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Apple Computer
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-25 23:16 . 2010-12-11 07:23 16400 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
    2011-12-11 22:41 . 2008-04-15 12:00 26112 —-a-w- c:\windows\system32\userinit.exe
    2011-12-10 14:24 . 2008-10-21 13:29 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-03 13:19 . 2011-12-03 13:19 74592 —-a-w- c:\documents and settings\bosch - garantiebewijs GOP 250 CE.zip
    2011-12-03 09:52 . 2011-06-10 07:15 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-23 14:40 . 2008-04-15 12:00 1859712 —-a-w- c:\windows\system32\win32k.sys
    2011-11-04 19:13 . 2008-04-15 12:00 916992 —-a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:13 . 2008-04-15 12:00 43520 —-a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:13 . 2008-04-15 12:00 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:25 . 2008-04-15 12:00 385024 —-a-w- c:\windows\system32\html.iec
    2011-11-01 16:07 . 2008-04-15 12:00 1288192 —-a-w- c:\windows\system32\ole32.dll
    2011-10-29 06:47 . 2011-10-29 11:01 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-10-28 15:52 . 2009-03-14 08:08 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-10-28 05:32 . 2008-04-15 12:00 33280 —-a-w- c:\windows\system32\csrsrv.dll
    2011-10-26 10:50 . 2008-04-15 12:00 2153472 —-a-w- c:\windows\system32
    toskrnl.exe
    2011-10-26 10:50 . 2008-04-14 22:11 2031616 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\system32\QuickTime.qts
    2011-10-18 16:51 . 2011-10-18 16:51 3687352 —-a-w- c:\program files\PMB.lnk
    2011-10-18 11:13 . 2008-04-15 12:00 186880 —-a-w- c:\windows\system32\encdec.dll
    2011-10-10 14:22 . 2008-10-02 21:09 692736 —-a-w- c:\windows\system32\inetcomm.dll
    2011-10-08 04:50 . 2008-09-17 07:55 5595136 —-a-w- c:\windows\system32
    vcuda.dll
    2011-10-08 04:50 . 2008-09-17 07:55 335872 —-a-w- c:\windows\system32
    vrsar.dll
    2011-10-08 04:50 . 2008-09-17 07:55 331776 —-a-w- c:\windows\system32
    vrshe.dll
    2011-10-08 04:50 . 2008-09-17 07:55 286720 —-a-w- c:\windows\system32
    vrsfr.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrsit.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrses.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrsel.dll
    2011-10-08 04:50 . 2008-09-17 07:55 278528 —-a-w- c:\windows\system32
    vrsde.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrspt.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrsnl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrsesm.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsru.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsptb.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsja.dll
    2011-10-08 04:50 . 2008-09-17 07:55 266240 —-a-w- c:\windows\system32
    vrsko.dll
    2011-10-08 04:50 . 2008-09-17 07:55 262144 —-a-w- c:\windows\system32
    vrshu.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrstr.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrssl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrssk.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrspl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsth.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrssv.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsno.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsda.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrsfi.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrseng.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrscs.dll
    2011-10-08 04:50 . 2008-09-17 07:55 229376 —-a-w- c:\windows\system32
    vrszhc.dll
    2011-10-08 04:50 . 2008-09-17 07:55 126976 —-a-w- c:\windows\system32
    vrszht.dll
    2011-10-08 04:50 . 2007-09-16 17:07 54272 —-a-w- c:\windows\system32
    vwddi.dll
    2011-10-08 04:50 . 2007-09-16 17:07 4226688 —-a-w- c:\windows\system32
    v4_disp.dll
    2011-10-08 04:50 . 2007-09-16 17:07 298304 —-a-w- c:\windows\system32
    vsvc32.exe
    2011-10-08 04:50 . 2007-09-16 17:07 2449408 —-a-w- c:\windows\system32
    vapi.dll
    2011-10-08 04:50 . 2007-09-16 17:07 220992 —-a-w- c:\windows\system32
    vcolor.exe
    2011-10-08 04:50 . 2007-09-16 17:07 203072 —-a-w- c:\windows\system32
    vmctray.dll
    2011-10-08 04:50 . 2007-09-16 17:07 17956864 —-a-w- c:\windows\system32
    voglnt.dll
    2011-10-08 04:50 . 2007-09-16 17:07 16744256 —-a-w- c:\windows\system32
    vcpl.dll
    2011-10-08 04:50 . 2007-09-16 17:07 12791488 —-a-w- c:\windows\system32\drivers
    v4_mini.sys
    2011-04-10 12:06 . 2011-04-10 12:06 20586196 —-a-w- c:\program files\vlc-1.1.8-win32.exe
    2011-04-10 12:03 . 2011-02-19 15:31 20364702 —-a-w- c:\program files\vlc-1.1.7-win32.exe
    2011-01-29 06:52 . 2011-01-29 06:52 200442456 —-a-w- c:\program files\vegaspro100c_32bit.exe
    2011-01-27 18:35 . 2011-01-27 18:35 1364522 —-a-w- c:\program files\wrar393.exe
    2011-01-16 09:27 . 2011-01-16 09:26 150446976 —-a-w- c:\program files\AVSVideoEditor.exe
    2011-01-12 02:33 . 2011-01-12 02:33 11008549 —-a-w- c:\program files\avidemux_2.5.4_win32.exe
    2011-01-11 17:21 . 2011-01-11 17:20 62701672 —-a-w- c:\program files\AVSVideoConverter.exe
    2010-12-30 16:59 . 2010-12-30 16:58 19985265 —-a-w- c:\program files\vlc-1.1.5-win32.exe
    2010-12-14 19:22 . 2010-12-14 19:22 338760 —-a-w- c:\program files\RegtaskTool_Installer.exe
    2010-12-13 18:03 . 2008-10-22 11:09 86016 —-a-w- c:\program files\setupenne.dll
    2010-12-11 07:22 . 2010-12-11 07:21 25188112 —-a-w- c:\program files\setpoint620.exe
    2010-12-08 18:15 . 2008-10-20 17:25 9039288 —-a-w- c:\program files\Vuze_Installer.exe
    2010-12-04 11:27 . 2010-07-04 06:54 13454568 —-a-w- c:\program files\RegistryReviverSetup.exe
    2010-08-29 11:47 . 2009-04-29 16:04 44089904 —-a-w- c:\program files\avira_antivir_personal_en.exe
    2010-08-29 11:37 . 2010-08-29 11:37 44153664 —-a-w- c:\program files\avira_antivir_personal_de.exe
    2010-08-29 11:23 . 2010-08-29 11:23 3427712 —-a-w- c:\program files\ccsetup235.exe
    2010-08-05 17:43 . 2010-08-05 17:43 3420304 —-a-w- c:\program files\ccsetup234.exe
    2010-03-20 17:37 . 2010-03-20 17:37 1103048 —-a-w- c:\program files\wpsetup.exe
    2010-03-12 12:28 . 2010-03-12 12:28 34506392 —-a-w- c:\program files\Nokia_PC_Suite_dut_web.exe
    2010-03-12 10:46 . 2010-03-12 10:39 98366952 —-a-w- c:\program files\Nokia_Ovi_Suite_webinstaller_ALL.exe
    2010-01-02 22:50 . 2009-10-16 05:08 13731712 —-a-w- c:\program files\AVSRegistryCleaner.exe
    2009-12-25 11:22 . 2009-12-25 11:22 6113439 —-a-w- c:\program files\pci_filerecovery.exe
    2009-10-25 11:52 . 2009-10-25 11:52 77086488 —-a-w- c:\program files\Ad-AwareInstallation.exe
    2009-09-02 18:54 . 2009-09-02 18:54 74160 —-a-w- c:\program files\irfanview_lang_nederlands.exe
    2009-09-02 18:52 . 2009-09-02 18:52 1359360 —-a-w- c:\program files\iview425_setup.exe
    2009-08-30 09:17 . 2009-08-30 09:16 3293088 —-a-w- c:\program files\ccsetup223.exe
    2009-05-28 18:34 . 2009-05-28 18:34 5076056 —-a-w- c:\program files
    uvi760_480.exe
    2009-03-22 12:11 . 2009-03-22 12:11 4310568 —-a-w- c:\program files\WebUpdater_241.exe
    2009-03-14 08:06 . 2009-03-14 08:06 37452296 —-a-w- c:\program files\Ad-AwareAE.exe
    2008-12-21 11:12 . 2008-12-21 11:11 5797488 —-a-w- c:\program files\GOMPLAYERENSETUP.EXE
    2008-12-21 08:57 . 2008-12-21 08:57 27288880 —-a-w- c:\program files\QuickTimeInstaller.exe
    2008-12-21 08:49 . 2008-12-21 08:49 12349806 —-a-w- c:\program files\dvdflick_setup_1.3.0.4.exe
    2008-11-30 11:51 . 2008-10-06 07:04 15083520 —-a-w- c:\program files\spybotsd160.exe
    2008-11-23 14:14 . 2008-10-02 17:20 25129080 —-a-w- c:\program files\antivir_workstation_winu_en_h.exe
    2008-11-23 12:02 . 2008-11-23 12:02 1958864 —-a-w- c:\program files\TrendMicro_Downloader.exe
    2008-11-11 14:44 . 2008-11-11 14:44 860391 —-a-w- c:\program files\7z457.exe
    2008-10-15 13:18 . 2008-10-15 13:18 2160115 —-a-w- c:\program files\NeatSetup.exe
    2008-10-15 11:48 . 2008-10-15 11:16 3172459 —-a-w- c:\program files\cdbxp_setup_4.2.2.984.exe
    2008-10-15 11:18 . 2008-10-15 11:18 2959376 —-a-w- c:\program files\dotnetfx35setup.exe
    2008-10-15 11:12 . 2008-10-15 11:12 4057200 —-a-w- c:\program files\wmfdist.exe
    2008-10-15 09:10 . 2008-10-15 09:10 359656 —-a-w- c:\program files\msicuu2.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeBridge"="c:\program files\Adobe\Adobe Bridge CS5\Bridge.exe" [2011-06-09 12002664]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinPatrol"="c:\progra~1\BILLPS~1\WINPAT~1\winpatrol.exe" [2005-09-26 222784]
    "RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
    "Acronis Scheduler2Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-20 390512]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
    "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
    "NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
    "nwiz"="c:\program files\NVIDIA Corporation
    view
    wiz.exe" [2011-10-08 1632360]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
    .
    c:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\
    NaturalColorLoad.lnk - c:\program files\SEC\Natural Color\NaturalColorLoad.exe [2008-12-4 155715]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\LBTWlgn]
    2010-10-28 10:13 64592 —-a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
    c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart]
    2007-03-04 21:08 1891416 —-a-w- c:\garmin\gStart.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2008-10-05 09:08 39408 —-a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Bonjour Service"=2 (0x2)
    "Apple Mobile Device"=2 (0x2)
    "iPod Service"=3 (0x3)
    "gusvc"=2 (0x2)
    "gupdate1c9c7b35e2a82cc"=2 (0x2)
    "GEST Service"=3 (0x3)
    "FLEXnet Licensing Service"=3 (0x3)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\GIGABYTE\\GEST\\run.exe"=
    "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\Avira\\AntiVir Desktop\\avscan.exe"=
    "c:\\Program Files\\Vuze\\Azureus.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
    "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
    "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
    "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
    "3192:TCP"= 3192:TCP:Akamai NetSession Interface
    "5000:UDP"= 5000:UDP:Akamai NetSession Interface
    .
    R0 hotcore;hotcore;c:\windows\system32\drivers\hotcore.sys [4/10/2008 12:21 30820]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [14/03/2009 9:08 64512]
    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/10/2008 19:41 717296]
    R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2/12/2010 19:22 752128]
    R2 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [29/12/2010 14:42 3246040]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [22/05/2009 18:54 136360]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [28/10/2011 16:52 2152152]
    R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [11/12/2010 8:22 10448]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [27/12/2011 21:00 2253120]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [15/03/2011 13:44 428384]
    R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [29/12/2010 14:42 167968]
    S2 gupdate1c9c7b35e2a82cc;Google Update Service (gupdate1c9c7b35e2a82cc);c:\program files\Google\Update\GoogleUpdate.exe [28/04/2009 4:42 133104]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [28/04/2009 4:42 133104]
    S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13:37 517096]
    S4 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [15/04/2008 13:00 14336]
    S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe –> c:\program files\AskBarDis\bar\bin\AskService.exe [?]
    S4 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\GEST\gsvr.exe [2/10/2008 23:16 55816]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-12-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-28 15:52]
    .
    2011-12-26 c:\windows\Tasks\AdobeAAMUpdater-1.0-STILLEPC-paul.job
    - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-22 02:44]
    .
    2011-09-17 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
    .
    2011-12-30 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-05 07:23]
    .
    2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-28 03:42]
    .
    2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-28 03:42]
    .
    2011-12-30 c:\windows\Tasks\User_Feed_Synchronization-{1CD3A718-4B83-444F-9C3D-CB870A64AC95}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.tijd.be/home
    mStart Page = hxxp://search.foxtab.com/?s=0&chnl=irn
    uInternet Settings,ProxyOverride = *.local
    IE: PDF in Word openen (PDF Converter 3.0) - c:\program files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /700
    TCP: DhcpNameServer = 192.168.1.1
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {96816368-C1E3-414D-A193-63C3CC921990} - hxxp://sligachanhotel.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-12-30 21:35
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
    "ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_d76cf65.dll"
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
    "ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_d76cf65.dll"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(1000)
    c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    .
    - - - - - - - > 'explorer.exe'(3108)
    c:\program files\NVIDIA Corporation
    view
    view.dll
    c:\program files\NVIDIA Corporation
    view\NVWRSNL.DLL
    c:\progra~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL
    c:\progra~1\WINDOW~2\wmpband.dll
    c:\windows\system32\msi.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files\Avira\AntiVir Desktop\avguard.exe
    c:\program files\Avira\AntiVir Desktop\avshadow.exe
    c:\program files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
    c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
    c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\CDBurnerXP\NMSAccessU.exe
    c:\windows\system32
    vsvc32.exe
    c:\windows\RTHDCPL.EXE
    c:\windows\system32\RunDLL32.exe
    c:\windows\system32\rundll32.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-12-30 21:42:30 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-12-30 20:42
    ComboFix2.txt 2011-12-30 19:08
    ComboFix3.txt 2008-12-26 12:14
    .
    Pre-Run: 213.857.906.688 bytes beschikbaar
    Post-Run: 213.861.183.488 bytes beschikbaar
    .
    - - End Of File - - BB11BE3696BBD1D01DCC64EE9E687C04






















































  • Ik wil graag dat je onderstaande in Veilige modus gaat uitvoeren.
    Want dan zit Lavasoft AdAware ook niet in de weg!

    Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:7e54407e14]Kladblok (of Notepad)[/b:7e54407e14]". .

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:7e54407e14]
  • Hallo,

    ook in veilige modus kreeg ik van Combofix het verzoek om Avira, AVG en Ad-aware af te sluiten - wat niet lukte.
    Dus toch maar doorgegaan…
    Zie ik het goed ? Onder "andere verwijderingen" staan nogal wat Babylon files.


    ComboFix 11-12-30.01 - paul 30/12/2011 22:32:23.8.4 - x86 MINIMAL
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3582.3133 [GMT 1:00]
    Gestart vanuit: c:\documents and settings\paul\Bureaublad\ComboFix.exe
    gebruikte Opdracht switches :: c:\documents and settings\paul\Bureaublad\CFScript.txt..txt
    AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\$AVG
    c:\$avg\$VAULT\V_00000001.fil
    c:\$avg\$VAULT\V_00000002.fil
    c:\$avg\$VAULT\V_00000005.fil
    c:\$avg\$VAULT\V_00000006.fil
    c:\$avg\$VAULT\vvfolder.idx
    c:\documents and settings\All Users.WINDOWS\Application Data\Babylon
    c:\documents and settings\paul\Application Data\AVG
    c:\documents and settings\paul\Application Data\AVG\PC Tuneup\Logs\PC Tuneup_SN.log
    c:\documents and settings\paul\Application Data\AVG\PC Tuneup\User Reports\Integrator_report.html
    c:\documents and settings\paul\Application Data\AVG\PC Tuneup\User Reports\Integrator_report.xml
    c:\documents and settings\paul\Application Data\AVG\Rescue\PC Tuneup 2011\111217221721765.rsc
    c:\documents and settings\paul\Application Data\AVG\Rescue\PC Tuneup 2011\111217221754453.rsc
    c:\documents and settings\paul\Local Settings\Application Data\Babylon
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\bab033.tbinst.dat
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\BExternal.dll
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\common.js
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\eula.html
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.css
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.html
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.js
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2Lrg.css
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page9.html
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\pBar.gif
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title2.png
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\HtmlScreens\toolBar.jpg
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\IECookieLow.dll
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\Setup-tbmntr903-9.0.3.32.zpb
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\Setup.exe
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\SetupStrings.dat
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\sqlite3.dll
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\user.js
    c:\documents and settings\paul\Local Settings\Application Data\Babylon\Setup\Welcome.html
    c:\program files\AVG
    c:\program files\AVG\AVG2012\awacs\dav\component\content.dat
    c:\program files\AVG\AVG2012\awacs\dav\component\image.bmp
    c:\program files\AVG\AVG2012\awacs\dav\sign.bin
    c:\program files\AVG\AVG2012\awacs\fas\component\content.dat
    c:\program files\AVG\AVG2012\awacs\fas\component\image.bmp
    c:\program files\AVG\AVG2012\awacs\fas\sign.bin
    c:\program files\AVG\AVG2012\awacs\obx\component\content.dat
    c:\program files\AVG\AVG2012\awacs\obx\component\image.bmp
    c:\program files\AVG\AVG2012\awacs\obx\sign.bin
    c:\program files\AVG\AVG2012\awacs\pct\component\content.dat
    c:\program files\AVG\AVG2012\awacs\pct\component\image.bmp
    c:\program files\AVG\AVG2012\awacs\pct\sign.bin
    c:\program files\AVG\AVG2012\awacs\rules.cat
    c:\program files\AVG\AVG2012\awacs\rules.js
    c:\program files\AVG\AVG2012\Firefox4\Chrome(2)\searchshield.jar
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-11-28 to 2011-12-30 ))))))))))))))))))))))))))))))
    .
    .
    2011-12-30 18:26 . 2011-12-30 18:26 388096 —-a-r- c:\documents and settings\paul\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-30 14:13 . 2003-11-08 00:49 278528 —-a-w- c:\windows\system32\hpdj
    2011-12-30 14:08 . 2011-12-30 14:08 1402880 —-a-w- c:\program files\HiJackThis.msi
    2011-12-29 17:58 . 2011-12-29 18:18 2982 —-a-w- C:\user.js
    2011-12-29 17:57 . 2011-12-29 17:57 ——– d—–w- c:\program files\FoxTabFLVPlayer
    2011-12-28 20:12 . 2003-09-24 08:44 44544 —-a-r- c:\windows\system32\MSXML4a.dll
    2011-12-28 20:12 . 2003-09-24 08:43 626960 —-a-r- c:\windows\system32\hpvaut32.dll
    2011-12-28 20:12 . 2003-09-24 08:43 487424 —-a-r- c:\windows\system32\hpvcp70.dll
    2011-12-28 20:12 . 2003-09-24 08:43 344064 —-a-r- c:\windows\system32\hpvcr70.dll
    2011-12-28 19:51 . 2011-12-28 19:51 ——– d—–w- c:\program files\HP
    2011-12-28 19:45 . 2011-12-28 19:45 ——– d—–w- c:\program files\5100
    2011-12-27 20:11 . 2011-12-27 20:11 ——– d—–w- c:\documents and settings\paul\Application Data\NVIDIA
    2011-12-27 20:00 . 2011-12-27 20:00 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\NVIDIA Corporation
    2011-12-26 16:15 . 2011-12-26 16:15 ——– d—–w- c:\documents and settings\Adobe CS5
    2011-12-26 07:07 . 2011-12-26 07:08 ——– d—–w- c:\documents and settings\paul\Application Data\vlc
    2011-12-26 07:01 . 2011-12-26 07:01 21073936 —-a-w- c:\program files\vlc-1.1.11-win32.exe
    2011-12-25 23:59 . 2011-12-26 00:00 ——– d—–w- c:\program files\Adobe Photoshop CS3
    2011-12-25 22:14 . 2011-12-25 22:14 ——– d—–w- c:\windows\system32\wbem\Repository
    2011-12-25 22:13 . 2011-12-30 20:19 ——– d–h–r- c:\documents and settings\paul\Onlangs geopend
    2011-12-25 22:13 . 2011-12-25 22:13 ——– d—–w- c:\documents and settings\paul\Application Data\AVG2012
    2011-12-25 21:19 . 2011-12-25 22:12 ——– d—–w- c:\documents and settings\paul\Local Settings\Application Data\Adobe(2)
    2011-12-25 21:19 . 2011-12-25 22:12 ——– d—–w- c:\documents and settings\paul\Application Data\Adobe(2)
    2011-12-25 21:14 . 2011-12-25 22:12 ——– d—–w- c:\program files\PhotoshopPortable
    2011-12-25 09:09 . 2011-12-25 09:09 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Mijn documenten
    2011-12-25 09:09 . 2011-12-25 22:13 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Adobe
    2011-12-17 18:29 . 2011-12-17 18:29 ——– d–h–w- c:\documents and settings\All Users.WINDOWS\Application Data\Common Files
    2011-12-17 18:28 . 2011-12-30 18:18 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG2012
    2011-12-17 18:26 . 2011-12-30 18:18 ——– d—–w- c:\documents and settings\All Users.WINDOWS\Application Data\MFAData
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin7.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin6.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin5.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin4.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin3.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin2.dll
    2011-12-05 21:17 . 2011-12-05 21:17 159744 —-a-w- c:\program files\Internet Explorer\PLUGINS
    pqtplugin.dll
    2011-12-05 21:13 . 2011-12-05 21:13 ——– d—–w- c:\program files\iPod
    2011-12-05 21:09 . 2011-12-05 21:09 ——– d—–w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Apple Computer
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-25 23:16 . 2010-12-11 07:23 16400 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
    2011-12-11 22:41 . 2008-04-15 12:00 26112 —-a-w- c:\windows\system32\userinit.exe
    2011-12-10 14:24 . 2008-10-21 13:29 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-03 13:19 . 2011-12-03 13:19 74592 —-a-w- c:\documents and settings\bosch - garantiebewijs GOP 250 CE.zip
    2011-12-03 09:52 . 2011-06-10 07:15 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-23 14:40 . 2008-04-15 12:00 1859712 —-a-w- c:\windows\system32\win32k.sys
    2011-11-04 19:13 . 2008-04-15 12:00 916992 —-a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:13 . 2008-04-15 12:00 43520 —-a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:13 . 2008-04-15 12:00 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:25 . 2008-04-15 12:00 385024 —-a-w- c:\windows\system32\html.iec
    2011-11-01 16:07 . 2008-04-15 12:00 1288192 —-a-w- c:\windows\system32\ole32.dll
    2011-10-29 06:47 . 2011-10-29 11:01 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-10-28 15:52 . 2009-03-14 08:08 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-10-28 05:32 . 2008-04-15 12:00 33280 —-a-w- c:\windows\system32\csrsrv.dll
    2011-10-26 10:50 . 2008-04-15 12:00 2153472 —-a-w- c:\windows\system32
    toskrnl.exe
    2011-10-26 10:50 . 2008-04-14 22:11 2031616 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\system32\QuickTime.qts
    2011-10-18 16:51 . 2011-10-18 16:51 3687352 —-a-w- c:\program files\PMB.lnk
    2011-10-18 11:13 . 2008-04-15 12:00 186880 —-a-w- c:\windows\system32\encdec.dll
    2011-10-10 14:22 . 2008-10-02 21:09 692736 —-a-w- c:\windows\system32\inetcomm.dll
    2011-10-08 04:50 . 2008-09-17 07:55 5595136 —-a-w- c:\windows\system32
    vcuda.dll
    2011-10-08 04:50 . 2008-09-17 07:55 335872 —-a-w- c:\windows\system32
    vrsar.dll
    2011-10-08 04:50 . 2008-09-17 07:55 331776 —-a-w- c:\windows\system32
    vrshe.dll
    2011-10-08 04:50 . 2008-09-17 07:55 286720 —-a-w- c:\windows\system32
    vrsfr.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrsit.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrses.dll
    2011-10-08 04:50 . 2008-09-17 07:55 282624 —-a-w- c:\windows\system32
    vrsel.dll
    2011-10-08 04:50 . 2008-09-17 07:55 278528 —-a-w- c:\windows\system32
    vrsde.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrspt.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrsnl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 274432 —-a-w- c:\windows\system32
    vrsesm.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsru.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsptb.dll
    2011-10-08 04:50 . 2008-09-17 07:55 270336 —-a-w- c:\windows\system32
    vrsja.dll
    2011-10-08 04:50 . 2008-09-17 07:55 266240 —-a-w- c:\windows\system32
    vrsko.dll
    2011-10-08 04:50 . 2008-09-17 07:55 262144 —-a-w- c:\windows\system32
    vrshu.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrstr.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrssl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrssk.dll
    2011-10-08 04:50 . 2008-09-17 07:55 258048 —-a-w- c:\windows\system32
    vrspl.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsth.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrssv.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsno.dll
    2011-10-08 04:50 . 2008-09-17 07:55 253952 —-a-w- c:\windows\system32
    vrsda.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrsfi.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrseng.dll
    2011-10-08 04:50 . 2008-09-17 07:55 249856 —-a-w- c:\windows\system32
    vrscs.dll
    2011-10-08 04:50 . 2008-09-17 07:55 229376 —-a-w- c:\windows\system32
    vrszhc.dll
    2011-10-08 04:50 . 2008-09-17 07:55 126976 —-a-w- c:\windows\system32
    vrszht.dll
    2011-10-08 04:50 . 2007-09-16 17:07 54272 —-a-w- c:\windows\system32
    vwddi.dll
    2011-10-08 04:50 . 2007-09-16 17:07 4226688 —-a-w- c:\windows\system32
    v4_disp.dll
    2011-10-08 04:50 . 2007-09-16 17:07 298304 —-a-w- c:\windows\system32
    vsvc32.exe
    2011-10-08 04:50 . 2007-09-16 17:07 2449408 —-a-w- c:\windows\system32
    vapi.dll
    2011-10-08 04:50 . 2007-09-16 17:07 220992 —-a-w- c:\windows\system32
    vcolor.exe
    2011-10-08 04:50 . 2007-09-16 17:07 203072 —-a-w- c:\windows\system32
    vmctray.dll
    2011-10-08 04:50 . 2007-09-16 17:07 17956864 —-a-w- c:\windows\system32
    voglnt.dll
    2011-10-08 04:50 . 2007-09-16 17:07 16744256 —-a-w- c:\windows\system32
    vcpl.dll
    2011-10-08 04:50 . 2007-09-16 17:07 12791488 —-a-w- c:\windows\system32\drivers
    v4_mini.sys
    2011-04-10 12:06 . 2011-04-10 12:06 20586196 —-a-w- c:\program files\vlc-1.1.8-win32.exe
    2011-04-10 12:03 . 2011-02-19 15:31 20364702 —-a-w- c:\program files\vlc-1.1.7-win32.exe
    2011-01-29 06:52 . 2011-01-29 06:52 200442456 —-a-w- c:\program files\vegaspro100c_32bit.exe
    2011-01-27 18:35 . 2011-01-27 18:35 1364522 —-a-w- c:\program files\wrar393.exe
    2011-01-16 09:27 . 2011-01-16 09:26 150446976 —-a-w- c:\program files\AVSVideoEditor.exe
    2011-01-12 02:33 . 2011-01-12 02:33 11008549 —-a-w- c:\program files\avidemux_2.5.4_win32.exe
    2011-01-11 17:21 . 2011-01-11 17:20 62701672 —-a-w- c:\program files\AVSVideoConverter.exe
    2010-12-30 16:59 . 2010-12-30 16:58 19985265 —-a-w- c:\program files\vlc-1.1.5-win32.exe
    2010-12-14 19:22 . 2010-12-14 19:22 338760 —-a-w- c:\program files\RegtaskTool_Installer.exe
    2010-12-13 18:03 . 2008-10-22 11:09 86016 —-a-w- c:\program files\setupenne.dll
    2010-12-11 07:22 . 2010-12-11 07:21 25188112 —-a-w- c:\program files\setpoint620.exe
    2010-12-08 18:15 . 2008-10-20 17:25 9039288 —-a-w- c:\program files\Vuze_Installer.exe
    2010-12-04 11:27 . 2010-07-04 06:54 13454568 —-a-w- c:\program files\RegistryReviverSetup.exe
    2010-08-29 11:47 . 2009-04-29 16:04 44089904 —-a-w- c:\program files\avira_antivir_personal_en.exe
    2010-08-29 11:37 . 2010-08-29 11:37 44153664 —-a-w- c:\program files\avira_antivir_personal_de.exe
    2010-08-29 11:23 . 2010-08-29 11:23 3427712 —-a-w- c:\program files\ccsetup235.exe
    2010-08-05 17:43 . 2010-08-05 17:43 3420304 —-a-w- c:\program files\ccsetup234.exe
    2010-03-20 17:37 . 2010-03-20 17:37 1103048 —-a-w- c:\program files\wpsetup.exe
    2010-03-12 12:28 . 2010-03-12 12:28 34506392 —-a-w- c:\program files\Nokia_PC_Suite_dut_web.exe
    2010-03-12 10:46 . 2010-03-12 10:39 98366952 —-a-w- c:\program files\Nokia_Ovi_Suite_webinstaller_ALL.exe
    2010-01-02 22:50 . 2009-10-16 05:08 13731712 —-a-w- c:\program files\AVSRegistryCleaner.exe
    2009-12-25 11:22 . 2009-12-25 11:22 6113439 —-a-w- c:\program files\pci_filerecovery.exe
    2009-10-25 11:52 . 2009-10-25 11:52 77086488 —-a-w- c:\program files\Ad-AwareInstallation.exe
    2009-09-02 18:54 . 2009-09-02 18:54 74160 —-a-w- c:\program files\irfanview_lang_nederlands.exe
    2009-09-02 18:52 . 2009-09-02 18:52 1359360 —-a-w- c:\program files\iview425_setup.exe
    2009-08-30 09:17 . 2009-08-30 09:16 3293088 —-a-w- c:\program files\ccsetup223.exe
    2009-05-28 18:34 . 2009-05-28 18:34 5076056 —-a-w- c:\program files
    uvi760_480.exe
    2009-03-22 12:11 . 2009-03-22 12:11 4310568 —-a-w- c:\program files\WebUpdater_241.exe
    2009-03-14 08:06 . 2009-03-14 08:06 37452296 —-a-w- c:\program files\Ad-AwareAE.exe
    2008-12-21 11:12 . 2008-12-21 11:11 5797488 —-a-w- c:\program files\GOMPLAYERENSETUP.EXE
    2008-12-21 08:57 . 2008-12-21 08:57 27288880 —-a-w- c:\program files\QuickTimeInstaller.exe
    2008-12-21 08:49 . 2008-12-21 08:49 12349806 —-a-w- c:\program files\dvdflick_setup_1.3.0.4.exe
    2008-11-30 11:51 . 2008-10-06 07:04 15083520 —-a-w- c:\program files\spybotsd160.exe
    2008-11-23 14:14 . 2008-10-02 17:20 25129080 —-a-w- c:\program files\antivir_workstation_winu_en_h.exe
    2008-11-23 12:02 . 2008-11-23 12:02 1958864 —-a-w- c:\program files\TrendMicro_Downloader.exe
    2008-11-11 14:44 . 2008-11-11 14:44 860391 —-a-w- c:\program files\7z457.exe
    2008-10-15 13:18 . 2008-10-15 13:18 2160115 —-a-w- c:\program files\NeatSetup.exe
    2008-10-15 11:48 . 2008-10-15 11:16 3172459 —-a-w- c:\program files\cdbxp_setup_4.2.2.984.exe
    2008-10-15 11:18 . 2008-10-15 11:18 2959376 —-a-w- c:\program files\dotnetfx35setup.exe
    2008-10-15 11:12 . 2008-10-15 11:12 4057200 —-a-w- c:\program files\wmfdist.exe
    2008-10-15 09:10 . 2008-10-15 09:10 359656 —-a-w- c:\program files\msicuu2.exe
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-12-30_19.06.16 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-04-15 12:00 . 2011-12-30 21:51 87930 c:\windows\system32\perfc013.dat
    - 2008-04-15 12:00 . 2011-12-30 18:25 87930 c:\windows\system32\perfc013.dat
    - 2008-04-15 12:00 . 2011-12-30 18:25 68980 c:\windows\system32\perfc009.dat
    + 2008-04-15 12:00 . 2011-12-30 21:51 68980 c:\windows\system32\perfc009.dat
    - 2008-10-02 21:15 . 2011-12-30 17:54 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2008-10-02 21:15 . 2011-12-30 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    - 2008-10-02 21:15 . 2011-12-30 17:54 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat
    + 2008-10-02 21:15 . 2011-12-30 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat
    - 2008-10-02 21:15 . 2011-12-30 17:54 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    + 2011-12-30 21:52 . 2011-12-30 21:52 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    + 2008-04-15 12:00 . 2011-12-30 21:51 503308 c:\windows\system32\perfh013.dat
    - 2008-04-15 12:00 . 2011-12-30 18:25 503308 c:\windows\system32\perfh013.dat
    - 2008-04-15 12:00 . 2011-12-30 18:25 436276 c:\windows\system32\perfh009.dat
    + 2008-04-15 12:00 . 2011-12-30 21:51 436276 c:\windows\system32\perfh009.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeBridge"="c:\program files\Adobe\Adobe Bridge CS5\Bridge.exe" [2011-06-09 12002664]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinPatrol"="c:\progra~1\BILLPS~1\WINPAT~1\winpatrol.exe" [2005-09-26 222784]
    "RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
    "Acronis Scheduler2Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-20 390512]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
    "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
    "NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
    "nwiz"="c:\program files\NVIDIA Corporation
    view
    wiz.exe" [2011-10-08 1632360]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
    .
    c:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\
    NaturalColorLoad.lnk - c:\program files\SEC\Natural Color\NaturalColorLoad.exe [2008-12-4 155715]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\LBTWlgn]
    2010-10-28 10:13 64592 —-a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
    c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart]
    2007-03-04 21:08 1891416 —-a-w- c:\garmin\gStart.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2008-10-05 09:08 39408 —-a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Bonjour Service"=2 (0x2)
    "Apple Mobile Device"=2 (0x2)
    "iPod Service"=3 (0x3)
    "gusvc"=2 (0x2)
    "gupdate1c9c7b35e2a82cc"=2 (0x2)
    "GEST Service"=3 (0x3)
    "FLEXnet Licensing Service"=3 (0x3)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\GIGABYTE\\GEST\\run.exe"=
    "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\Avira\\AntiVir Desktop\\avscan.exe"=
    "c:\\Program Files\\Vuze\\Azureus.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
    "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
    "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
    "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
    "3192:TCP"= 3192:TCP:Akamai NetSession Interface
    "5000:UDP"= 5000:UDP:Akamai NetSession Interface
    .
    R0 hotcore;hotcore;c:\windows\system32\drivers\hotcore.sys [4/10/2008 12:21 30820]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [14/03/2009 9:08 64512]
    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/10/2008 19:41 717296]
    R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2/12/2010 19:22 752128]
    R2 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [29/12/2010 14:42 3246040]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [22/05/2009 18:54 136360]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [28/10/2011 16:52 2152152]
    R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [11/12/2010 8:22 10448]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [27/12/2011 21:00 2253120]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [15/03/2011 13:44 428384]
    R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [29/12/2010 14:42 167968]
    S2 gupdate1c9c7b35e2a82cc;Google Update Service (gupdate1c9c7b35e2a82cc);c:\program files\Google\Update\GoogleUpdate.exe [28/04/2009 4:42 133104]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [28/04/2009 4:42 133104]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [28/10/2011 16:52 15232]
    S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13:37 517096]
    S4 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [15/04/2008 13:00 14336]
    S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe –> c:\program files\AskBarDis\bar\bin\AskService.exe [?]
    S4 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\GEST\gsvr.exe [2/10/2008 23:16 55816]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-12-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-28 15:52]
    .
    2011-12-26 c:\windows\Tasks\AdobeAAMUpdater-1.0-STILLEPC-paul.job
    - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-22 02:44]
    .
    2011-09-17 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
    .
    2011-12-30 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-05 07:23]
    .
    2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-28 03:42]
    .
    2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-28 03:42]
    .
    2011-12-30 c:\windows\Tasks\User_Feed_Synchronization-{1CD3A718-4B83-444F-9C3D-CB870A64AC95}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.tijd.be/
    mStart Page = hxxp://search.foxtab.com/?s=0&chnl=irn
    uInternet Settings,ProxyOverride = *.local
    IE: PDF in Word openen (PDF Converter 3.0) - c:\program files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /700
    TCP: DhcpNameServer = 192.168.1.1
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {96816368-C1E3-414D-A193-63C3CC921990} - hxxp://sligachanhotel.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-12-30 22:50
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
    "ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_d76cf65.dll"
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
    "ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_d76cf65.dll"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(1000)
    c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    .
    - - - - - - - > 'explorer.exe'(2380)
    c:\program files\NVIDIA Corporation
    view
    view.dll
    c:\program files\NVIDIA Corporation
    view\NVWRSNL.DLL
    c:\progra~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL
    c:\progra~1\WINDOW~2\wmpband.dll
    c:\windows\system32\msi.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files\Avira\AntiVir Desktop\avguard.exe
    c:\program files\Avira\AntiVir Desktop\avshadow.exe
    c:\program files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
    c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
    c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\CDBurnerXP\NMSAccessU.exe
    c:\windows\system32
    vsvc32.exe
    c:\windows\RTHDCPL.EXE
    c:\windows\system32\RunDLL32.exe
    c:\windows\system32\rundll32.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

    .
    **************************************************************************
    .
    Voltooingstijd: 2011-12-30 22:56:04 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-12-30 21:56
    ComboFix2.txt 2011-12-30 20:42
    ComboFix3.txt 2011-12-30 19:08
    ComboFix4.txt 2008-12-26 12:14
    .
    Pre-Run: 213.991.571.456 bytes beschikbaar
    Post-Run: 213.849.935.872 bytes beschikbaar
    .
    - - End Of File - - A64626B1023C200E1CEA18E274455EAF






















































  • En hoe gaat het ondertussen met jouw Windows?
  • Loopt prima, duidelijk sneller ook.
    Alleen mijn printer blijkt niet meer te werken. Wordt wel herkend maar een bepaalde file is verdwenen. Ik hoop dit te kunnen herstellen door het installeren van de vereiste ge-update driver. Hopelijk zonder toegevoegde rommel deze keer…

    Hartelijk dank voor de hulp ! :D

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.