Vraag & Antwoord
BrowserCompanium
42 antwoorden
- In eens staat BrowserCompanium in de software lijst die je via Configuratie scherm kan oproepen. Windows XP.
Volgens de datum zou deze 3 dagen geleden zijn geinstalleerd.
Maar het ziet er zo armzalig uit dus geen bedrijfslogo geeft verder geen info in de blauwe balk.
Ik vertrouw het niet als je als bedrijf zo armetierige bezig bent. Kan ik deze software wissen.
Alvast bedankt. - Hallo w.g.b., om je te kunnen helpen heb ik wel meer informatie nodig.
[b:64ac65af91]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:64ac65af91] - Bedankt voor het aanbod Abraham54. Ik was misschien iets te voorbarig. Via de de Verkenner kwam ik een bestand Uninstall……exe tegen en daarmee heb ik deze software verwijdert.
Zal wel zien wat voor een stukje onmisbaar stukje software heb gewist. Met de cursor over een bestand de maker is Blabbers Communication LTD. - Indien jij Blabbers niet gewild erbij hebt genomen dan is dit meegelift met een software installatie.
Mogelijk dat jij daardoor nog meer meelifters als toolbar e.d. in de browsers hebt zitten.
En dat kan dan toch beteken, dat je alsnog met de fix bezig gaat.
Kan namelijk zeer verhelderend zijn! - Hierbij de uitslag van HiJackthis.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:11:45, on 19-1-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\PROGRA~1\NORTON~4\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~4\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\UPC\bin\sprtcmd.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door chello broadband n.v.
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: IEComLS Class - {BFE90A83-BE7F-465F-BF14-FEBB82B76369} - C:\Program Files\Easy Computing\Multi Talen Woordenboek Pro 3\TTLSComIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [UPC] "C:\Program Files\UPC\bin\sprtcmd.exe" /P UPC
O4 - HKLM\..\Run: [NSWosCheck] "C:\Program Files\Norton SystemWorks Basic Edition\osCheck.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Office Opstarten.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\MIJNDO~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263149547500
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260302211343
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton Internet Security. (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~4\NORTON~1\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~4\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
–
End of file - 12904 bytes
Stap twee heb ik ook geprobeerd maar dat lukte van gaan kanten. Ik zag steeds iets van PRGT en geen MBAM :oops: - Hallo w.g.b. je hebt dus ook de vieze Babylon Toolbar in jouw Windows.
- Hoi Abraham54. In het Configuratiescherm, Software staat bij mij geen Babylon vermeld. Ik zie het wel in de Verkenner staan. Is het effect hetzelfde als ik Babylon daar verwijder. Zit er in Windows geen optie om een bestand te uninstallen. Lijkt mij beter dan verwijderen.
Waar is dit programma voor en van wie zou ik het gekregen kunnen hebben. - Babylon is oorspronkelijk een onlinehulpmiddel om te kunnen vertalen.
In de huidige vorm is het feitelijk een obscure en diep in Windows zetelende toolbar geworden.
Meegkomen als meelifter met andere software.
Het verdient dan ook altijd voorkeur om geavanceerde- dan custom optie te kiezen bij installeren.
Dan kan je meelifters of aanpassingen aan je browsers uitschakelen!
Je mag het volgende gaan doen:
[b:8a4fec0a05]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:8a4fec0a05] - Hoi Abraham54 Met klotsende oxels toch maar begonnen.
19:14:59.0734 4092 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
19:14:59.0734 4092 ============================================================
19:14:59.0734 4092 Current date / time: 2012/01/21 19:14:59.0734
19:14:59.0734 4092 SystemInfo:
19:14:59.0734 4092
19:14:59.0734 4092 OS Version: 5.1.2600 ServicePack: 3.0
19:14:59.0734 4092 Product type: Workstation
19:14:59.0734 4092 ComputerName: WIM
19:14:59.0734 4092 UserName: xxxxxxxx
19:14:59.0734 4092 Windows directory: C:\WINDOWS
19:14:59.0734 4092 System windows directory: C:\WINDOWS
19:14:59.0734 4092 Processor architecture: Intel x86
19:14:59.0734 4092 Number of processors: 2
19:14:59.0734 4092 Page size: 0x1000
19:14:59.0734 4092 Boot type: Normal boot
19:14:59.0734 4092 ============================================================
19:15:02.0234 4092 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E34000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
19:15:02.0343 4092 Initialize success
19:15:02.0531 3352 ============================================================
19:15:02.0531 3352 Scan started
19:15:02.0531 3352 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
19:15:02.0531 3352 ============================================================
19:15:04.0031 3352 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
19:15:09.0234 3352 61883 - ok
19:15:09.0328 3352 Abiosdsk - ok
19:15:09.0359 3352 abp480n5 - ok
19:15:09.0406 3352 acedrv10 (553ba53445795cbc0d4f9fa37eb855a6) C:\WINDOWS\system32\drivers\acedrv10.sys
19:15:10.0328 3352 acedrv10 - ok
19:15:10.0640 3352 acehlp10 (8ce00b6a46962a1808b19cd1dae5170c) C:\WINDOWS\system32\drivers\acehlp10.sys
19:15:10.0703 3352 acehlp10 - ok
19:15:10.0875 3352 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:15:11.0203 3352 ACPI - ok
19:15:11.0531 3352 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:15:11.0750 3352 ACPIEC - ok
19:15:11.0984 3352 adpu160m - ok
19:15:12.0093 3352 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
19:15:12.0171 3352 aeaudio - ok
19:15:12.0296 3352 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:15:12.0500 3352 aec - ok
19:15:13.0234 3352 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
19:15:13.0375 3352 AFD - ok
19:15:13.0812 3352 Aha154x - ok
19:15:14.0562 3352 aic78u2 - ok
19:15:14.0875 3352 aic78xx - ok
19:15:14.0921 3352 ALCXSENS - ok
19:15:14.0953 3352 ALCXWDM - ok
19:15:15.0000 3352 AliIde - ok
19:15:15.0046 3352 amsint - ok
19:15:15.0125 3352 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:15:15.0296 3352 Arp1394 - ok
19:15:15.0562 3352 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys
19:15:15.0656 3352 ASAPIW2k ( UnsignedFile.Multi.Generic ) - warning
19:15:15.0656 3352 ASAPIW2k - detected UnsignedFile.Multi.Generic (1)
19:15:15.0812 3352 asc - ok
19:15:15.0859 3352 asc3350p - ok
19:15:15.0906 3352 asc3550 - ok
19:15:16.0000 3352 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:15:16.0171 3352 AsyncMac - ok
19:15:16.0390 3352 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:15:16.0578 3352 atapi - ok
19:15:16.0781 3352 Atdisk - ok
19:15:16.0875 3352 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:15:17.0046 3352 Atmarpc - ok
19:15:17.0328 3352 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:15:17.0500 3352 audstub - ok
19:15:17.0828 3352 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
19:15:17.0984 3352 Avc - ok
19:15:18.0296 3352 AVCSTRM (e625773d7b950842d582f713656859c0) C:\WINDOWS\system32\DRIVERS\avcstrm.sys
19:15:18.0484 3352 AVCSTRM - ok
19:15:18.0687 3352 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:15:18.0843 3352 Beep - ok
19:15:19.0062 3352 BHDrvx86 (e685ba3267c5a4ec4ce9e2b4a1481725) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys
19:15:19.0140 3352 BHDrvx86 - ok
19:15:19.0203 3352 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
19:15:19.0343 3352 Bridge - ok
19:15:19.0375 3352 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
19:15:19.0500 3352 BridgeMP - ok
19:15:19.0671 3352 bsaspi32 - ok
19:15:19.0843 3352 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:15:20.0046 3352 BthEnum - ok
19:15:20.0437 3352 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
19:15:20.0593 3352 BTHMODEM - ok
19:15:20.0906 3352 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:15:21.0078 3352 BthPan - ok
19:15:21.0390 3352 BTHPORT (29ff6a865782d0f5b8e7fa1ffab4182b) C:\WINDOWS\system32\Drivers\BTHport.sys
19:15:21.0546 3352 BTHPORT - ok
19:15:21.0656 3352 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:15:21.0859 3352 BTHUSB - ok
19:15:22.0046 3352 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:15:22.0218 3352 cbidf2k - ok
19:15:22.0265 3352 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:15:22.0468 3352 CCDECODE - ok
19:15:22.0500 3352 cd20xrnt - ok
19:15:22.0546 3352 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:15:22.0703 3352 Cdaudio - ok
19:15:22.0796 3352 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:15:22.0968 3352 Cdfs - ok
19:15:23.0421 3352 cdrbsvsd (3fbf4ef2723b3c49dd5b13a9e35c3810) C:\WINDOWS\system32\drivers\cdrbsvsd.sys
19:15:23.0500 3352 cdrbsvsd ( UnsignedFile.Multi.Generic ) - warning
19:15:23.0500 3352 cdrbsvsd - detected UnsignedFile.Multi.Generic (1)
19:15:23.0593 3352 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:15:23.0765 3352 Cdrom - ok
19:15:24.0500 3352 Changer - ok
19:15:24.0671 3352 CmdIde - ok
19:15:24.0875 3352 Cpqarray - ok
19:15:24.0921 3352 dac2w2k - ok
19:15:24.0968 3352 dac960nt - ok
19:15:25.0015 3352 DC21x4 (bb005cb49d0638039703ac4f67fe0a05) C:\WINDOWS\system32\DRIVERS\dc21x4.sys
19:15:25.0156 3352 DC21x4 - ok
19:15:25.0203 3352 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:15:25.0343 3352 Disk - ok
19:15:25.0406 3352 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
19:15:25.0625 3352 dmboot - ok
19:15:25.0640 3352 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
19:15:25.0781 3352 dmio - ok
19:15:25.0828 3352 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:15:26.0000 3352 dmload - ok
19:15:26.0031 3352 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:15:26.0156 3352 DMusic - ok
19:15:26.0171 3352 dpti2o - ok
19:15:26.0171 3352 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:15:26.0328 3352 drmkaud - ok
19:15:26.0468 3352 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:15:26.0515 3352 eeCtrl - ok
19:15:26.0593 3352 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:15:26.0609 3352 EraserUtilRebootDrv - ok
19:15:26.0984 3352 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:15:27.0140 3352 Fastfat - ok
19:15:27.0281 3352 fasttx2k (3acbc73531dedd69837fe73b1623d49c) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
19:15:27.0375 3352 fasttx2k - ok
19:15:27.0718 3352 FCParPnP (98444637059dee0d6d2450875364a915) C:\WINDOWS\system32\Drivers\FCParPnP.sys
19:15:27.0750 3352 FCParPnP ( UnsignedFile.Multi.Generic ) - warning
19:15:27.0750 3352 FCParPnP - detected UnsignedFile.Multi.Generic (1)
19:15:27.0859 3352 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:15:28.0031 3352 Fdc - ok
19:15:28.0062 3352 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
19:15:28.0203 3352 Fips - ok
19:15:28.0218 3352 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:15:28.0343 3352 Flpydisk - ok
19:15:28.0375 3352 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:15:28.0515 3352 FltMgr - ok
19:15:28.0546 3352 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:15:28.0703 3352 Fs_Rec - ok
19:15:28.0718 3352 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:15:28.0843 3352 Ftdisk - ok
19:15:28.0890 3352 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:15:29.0015 3352 gameenum - ok
19:15:29.0046 3352 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
19:15:29.0093 3352 giveio ( UnsignedFile.Multi.Generic ) - warning
19:15:29.0093 3352 giveio - detected UnsignedFile.Multi.Generic (1)
19:15:29.0125 3352 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:15:29.0265 3352 Gpc - ok
19:15:29.0296 3352 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:15:29.0437 3352 HidUsb - ok
19:15:29.0437 3352 hpn - ok
19:15:29.0484 3352 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:15:29.0609 3352 HTTP - ok
19:15:29.0625 3352 i2omgmt - ok
19:15:29.0625 3352 i2omp - ok
19:15:29.0656 3352 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:15:29.0796 3352 i8042prt - ok
19:15:29.0984 3352 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20120120.002\IDSxpx86.sys
19:15:30.0000 3352 IDSxpx86 - ok
19:15:30.0046 3352 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:15:30.0187 3352 Imapi - ok
19:15:30.0203 3352 ini910u - ok
19:15:30.0234 3352 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:15:30.0390 3352 IntelIde - ok
19:15:30.0421 3352 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:15:30.0562 3352 intelppm - ok
19:15:30.0609 3352 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:15:30.0750 3352 Ip6Fw - ok
19:15:30.0781 3352 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:15:30.0921 3352 IpFilterDriver - ok
19:15:30.0937 3352 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:15:31.0078 3352 IpInIp - ok
19:15:31.0109 3352 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:15:31.0234 3352 IpNat - ok
19:15:31.0265 3352 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:15:31.0390 3352 IPSec - ok
19:15:31.0453 3352 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:15:31.0578 3352 IRENUM - ok
19:15:31.0625 3352 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:15:31.0765 3352 isapnp - ok
19:15:31.0812 3352 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:15:31.0953 3352 Kbdclass - ok
19:15:31.0984 3352 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:15:32.0140 3352 kmixer - ok
19:15:32.0156 3352 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:15:32.0250 3352 KSecDD - ok
19:15:32.0296 3352 L8042PR2 (0f8b7bf7097d1e8d78f2f52a2bea03cd) C:\WINDOWS\system32\Drivers\l8042pr2.sys
19:15:32.0359 3352 L8042PR2 - ok
19:15:32.0390 3352 lbrtfdc - ok
19:15:32.0421 3352 LHidFlt2 (3c357dfdbbf2b4b01aa4b9c8a26e4416) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
19:15:32.0453 3352 LHidFlt2 - ok
19:15:32.0484 3352 LHidUsb (ffb851b1b2f6596b7d3182b977a85206) C:\WINDOWS\system32\Drivers\LHidUsb.Sys
19:15:32.0531 3352 LHidUsb - ok
19:15:32.0562 3352 LMouFlt2 (aef09673376a4d93c09e8341854f1bf4) C:\WINDOWS\system32\Drivers\LMouFlt2.sys
19:15:32.0593 3352 LMouFlt2 - ok
19:15:32.0640 3352 MASPINT (a2ae666cee860babe7fa6f1662b71737) C:\WINDOWS\system32\drivers\MASPINT.sys
19:15:32.0656 3352 MASPINT ( UnsignedFile.Multi.Generic ) - warning
19:15:32.0656 3352 MASPINT - detected UnsignedFile.Multi.Generic (1)
19:15:32.0750 3352 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:15:32.0921 3352 mnmdd - ok
19:15:32.0953 3352 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
19:15:33.0093 3352 Modem - ok
19:15:33.0125 3352 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:15:33.0265 3352 Mouclass - ok
19:15:33.0312 3352 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:15:33.0453 3352 mouhid - ok
19:15:33.0484 3352 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:15:33.0640 3352 MountMgr - ok
19:15:33.0656 3352 mraid35x - ok
19:15:33.0656 3352 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:15:33.0828 3352 MRxDAV - ok
19:15:33.0890 3352 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:15:34.0000 3352 MRxSmb - ok
19:15:34.0031 3352 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
19:15:34.0171 3352 MSDV - ok
19:15:34.0187 3352 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:15:34.0312 3352 Msfs - ok
19:15:34.0359 3352 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:15:34.0484 3352 MSKSSRV - ok
19:15:34.0546 3352 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:15:34.0671 3352 MSPCLOCK - ok
19:15:34.0687 3352 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:15:34.0828 3352 MSPQM - ok
19:15:34.0890 3352 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:15:35.0015 3352 mssmbios - ok
19:15:35.0062 3352 MSTAPE (5c3f9bdf4db23b75306388fc26a0a8e5) C:\WINDOWS\system32\DRIVERS\mstape.sys
19:15:35.0187 3352 MSTAPE - ok
19:15:35.0234 3352 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:15:35.0375 3352 MSTEE - ok
19:15:35.0437 3352 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
19:15:35.0578 3352 ms_mpu401 - ok
19:15:35.0625 3352 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
19:15:35.0750 3352 Mup - ok
19:15:35.0796 3352 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:15:35.0921 3352 NABTSFEC - ok
19:15:36.0093 3352 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20120120.035\NAVENG.SYS
19:15:36.0109 3352 NAVENG - ok
19:15:36.0203 3352 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20120120.035\NAVEX15.SYS
19:15:36.0406 3352 NAVEX15 - ok
19:15:36.0453 3352 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:15:36.0593 3352 NDIS - ok
19:15:36.0640 3352 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:15:36.0750 3352 NdisIP - ok
19:15:36.0781 3352 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:15:36.0921 3352 NdisTapi - ok
19:15:36.0968 3352 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:15:37.0109 3352 Ndisuio - ok
19:15:37.0125 3352 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:15:37.0265 3352 NdisWan - ok
19:15:37.0296 3352 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
19:15:37.0421 3352 NDProxy - ok
19:15:37.0437 3352 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:15:37.0562 3352 NetBIOS - ok
19:15:37.0609 3352 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:15:37.0750 3352 NetBT - ok
19:15:37.0796 3352 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:15:37.0921 3352 NIC1394 - ok
19:15:37.0968 3352 NPDriver (57883a0c8ab1d93fce74d79b5fe8b4ff) C:\WINDOWS\system32\Drivers\NPDRIVER.SYS
19:15:38.0015 3352 NPDriver ( UnsignedFile.Multi.Generic ) - warning
19:15:38.0015 3352 NPDriver - detected UnsignedFile.Multi.Generic (1)
19:15:38.0015 3352 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:15:38.0156 3352 Npfs - ok
19:15:38.0187 3352 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:15:38.0328 3352 Ntfs - ok
19:15:38.0359 3352 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:15:38.0515 3352 Null - ok
19:15:38.0781 3352 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:15:39.0250 3352 nv - ok
19:15:39.0328 3352 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:15:39.0468 3352 NwlnkFlt - ok
19:15:39.0500 3352 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:15:39.0640 3352 NwlnkFwd - ok
19:15:39.0687 3352 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:15:39.0828 3352 ohci1394 - ok
19:15:39.0859 3352 OlCamudp (23f6b9e6d3a6f27571885d27f292fd91) C:\WINDOWS\system32\Drivers\olcamudp.sys
19:15:39.0890 3352 OlCamudp ( UnsignedFile.Multi.Generic ) - warning
19:15:39.0890 3352 OlCamudp - detected UnsignedFile.Multi.Generic (1)
19:15:39.0906 3352 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
19:15:40.0046 3352 Parport - ok
19:15:40.0062 3352 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:15:40.0187 3352 PartMgr - ok
19:15:40.0234 3352 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
19:15:40.0437 3352 ParVdm - ok
19:15:40.0453 3352 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
19:15:40.0625 3352 PCI - ok
19:15:40.0625 3352 PCIDump - ok
19:15:40.0640 3352 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:15:40.0781 3352 PCIIde - ok
19:15:40.0796 3352 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:15:40.0921 3352 Pcmcia - ok
19:15:40.0968 3352 pctvvbi (e388120616e1a104202bbf9dfab35bd2) C:\WINDOWS\system32\DRIVERS\pctvvbi.sys
19:15:41.0015 3352 pctvvbi ( UnsignedFile.Multi.Generic ) - warning
19:15:41.0015 3352 pctvvbi - detected UnsignedFile.Multi.Generic (1)
19:15:41.0031 3352 PDCOMP - ok
19:15:41.0031 3352 PDFRAME - ok
19:15:41.0046 3352 PDRELI - ok
19:15:41.0062 3352 PDRFRAME - ok
19:15:41.0078 3352 perc2 - ok
19:15:41.0078 3352 perc2hib - ok
19:15:41.0125 3352 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\WINDOWS\system32\drivers\pfc.sys
19:15:41.0156 3352 pfc ( UnsignedFile.Multi.Generic ) - warning
19:15:41.0156 3352 pfc - detected UnsignedFile.Multi.Generic (1)
19:15:41.0187 3352 PIXMC10 (a8b092017375e0f290cefd2814f02f9d) C:\WINDOWS\system32\Drivers\pixmc10c.sys
19:15:41.0234 3352 PIXMC10 ( UnsignedFile.Multi.Generic ) - warning
19:15:41.0234 3352 PIXMC10 - detected UnsignedFile.Multi.Generic (1)
19:15:41.0281 3352 PIXMC10A (a64872667b2271c9c14c4a889d32146c) C:\WINDOWS\system32\Drivers\pixmc10a.sys
19:15:41.0328 3352 PIXMC10A ( UnsignedFile.Multi.Generic ) - warning
19:15:41.0328 3352 PIXMC10A - detected UnsignedFile.Multi.Generic (1)
19:15:41.0375 3352 PIXMC10V (d734d6eff8790881d005fa18d1a92b80) C:\WINDOWS\system32\Drivers\pixmc10v.sys
19:15:41.0390 3352 PIXMC10V ( UnsignedFile.Multi.Generic ) - warning
19:15:41.0390 3352 PIXMC10V - detected UnsignedFile.Multi.Generic (1)
19:15:41.0437 3352 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:15:41.0562 3352 PptpMiniport - ok
19:15:41.0578 3352 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:15:41.0718 3352 PSched - ok
19:15:41.0750 3352 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:15:41.0890 3352 Ptilink - ok
19:15:41.0921 3352 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:15:41.0953 3352 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
19:15:41.0953 3352 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
19:15:41.0968 3352 ql1080 - ok
19:15:41.0968 3352 Ql10wnt - ok
19:15:41.0984 3352 ql12160 - ok
19:15:42.0000 3352 ql1240 - ok
19:15:42.0000 3352 ql1280 - ok
19:15:42.0046 3352 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:15:42.0203 3352 RasAcd - ok
19:15:42.0234 3352 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:15:42.0359 3352 Rasl2tp - ok
19:15:42.0375 3352 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:15:42.0515 3352 RasPppoe - ok
19:15:42.0515 3352 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:15:42.0671 3352 Raspti - ok
19:15:42.0703 3352 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:15:42.0828 3352 Rdbss - ok
19:15:42.0859 3352 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:15:43.0000 3352 RDPCDD - ok
19:15:43.0046 3352 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
19:15:43.0203 3352 RDPWD - ok
19:15:43.0234 3352 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:15:43.0375 3352 redbook - ok
19:15:43.0421 3352 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:15:43.0578 3352 RFCOMM - ok
19:15:43.0609 3352 ROB_A (a83370a87efc242f37855b9a82de8bc8) C:\WINDOWS\system32\DRIVERS\rob_a.sys
19:15:43.0625 3352 ROB_A ( UnsignedFile.Multi.Generic ) - warning
19:15:43.0625 3352 ROB_A - detected UnsignedFile.Multi.Generic (1)
19:15:43.0640 3352 ROB_V (28aa8e68b43df0954979565044fb8fd0) C:\WINDOWS\system32\drivers\rob_v.sys
19:15:43.0671 3352 ROB_V ( UnsignedFile.Multi.Generic ) - warning
19:15:43.0671 3352 ROB_V - detected UnsignedFile.Multi.Generic (1)
19:15:43.0718 3352 SDdriver (ac2e5fa94155bc0c4c7ab8f97e181f6f) C:\WINDOWS\system32\Drivers\sddriver.sys
19:15:43.0750 3352 SDdriver ( UnsignedFile.Multi.Generic ) - warning
19:15:43.0750 3352 SDdriver - detected UnsignedFile.Multi.Generic (1)
19:15:43.0781 3352 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:15:43.0906 3352 Secdrv - ok
19:15:43.0937 3352 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:15:44.0078 3352 serenum - ok
19:15:44.0125 3352 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
19:15:44.0265 3352 Serial - ok
19:15:44.0281 3352 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:15:44.0406 3352 Sfloppy - ok
19:15:44.0421 3352 Simbad - ok
19:15:44.0453 3352 SISAGP (61ca562def09a782d26b3e7edec5369a) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
19:15:44.0484 3352 SISAGP - ok
19:15:44.0500 3352 sisidex (ebe8e50647d0efef0abc8c2f717405d9) C:\WINDOWS\system32\drivers\sisidex.sys
19:15:44.0515 3352 sisidex ( UnsignedFile.Multi.Generic ) - warning
19:15:44.0515 3352 sisidex - detected UnsignedFile.Multi.Generic (1)
19:15:44.0546 3352 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys
19:15:44.0593 3352 SISNIC - ok
19:15:44.0593 3352 SiSRaid (4c597e4de6edf6453990059ba0eac7d0) C:\WINDOWS\system32\drivers\SiSRaid.sys
19:15:44.0656 3352 SiSRaid - ok
19:15:44.0671 3352 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:15:44.0796 3352 SLIP - ok
19:15:44.0843 3352 SMR250 (ecc0db3be1589dbb7e0fa7c1e0dda0e4) C:\WINDOWS\system32\drivers\SMR250.SYS
19:15:44.0859 3352 SMR250 - ok
19:15:44.0921 3352 smwdm (bf208c85119770e6a9b6577019a3d810) C:\WINDOWS\system32\drivers\smwdm.sys
19:15:44.0953 3352 smwdm - ok
19:15:44.0984 3352 Sparrow - ok
19:15:45.0109 3352 SPBBCDrv (cb5a4e90451d80d415f0a6dbb86d1d9f) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
19:15:45.0156 3352 SPBBCDrv - ok
19:15:45.0187 3352 speedfan (d703f972d23867dfd4ee9a9ef9cb767e) C:\WINDOWS\system32\speedfan.sys
19:15:45.0281 3352 speedfan ( UnsignedFile.Multi.Generic ) - warning
19:15:45.0281 3352 speedfan - detected UnsignedFile.Multi.Generic (1)
19:15:45.0312 3352 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:15:45.0437 3352 splitter - ok
19:15:45.0468 3352 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
19:15:45.0609 3352 sr - ok
19:15:45.0687 3352 SRTSP (83726cf02eced69138948083e06b6eac) C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SRTSP.SYS
19:15:45.0718 3352 SRTSP - ok
19:15:45.0750 3352 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\WINDOWS\system32\drivers\NIS\1206000.01D\SRTSPX.SYS
19:15:45.0765 3352 SRTSPX - ok
19:15:45.0812 3352 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
19:15:45.0937 3352 Srv - ok
19:15:45.0953 3352 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:15:46.0078 3352 streamip - ok
19:15:46.0125 3352 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:15:46.0250 3352 swenum - ok
19:15:46.0281 3352 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:15:46.0421 3352 swmidi - ok
19:15:46.0437 3352 symc810 - ok
19:15:46.0453 3352 symc8xx - ok
19:15:46.0468 3352 SYMDNS - ok
19:15:46.0500 3352 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMDS.SYS
19:15:46.0515 3352 SymDS - ok
19:15:46.0593 3352 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMEFA.SYS
19:15:46.0640 3352 SymEFA - ok
19:15:46.0687 3352 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
19:15:46.0703 3352 SymEvent - ok
19:15:46.0703 3352 SYMFW - ok
19:15:46.0718 3352 SYMIDS - ok
19:15:46.0734 3352 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\WINDOWS\system32\drivers\NIS\1206000.01D\Ironx86.SYS
19:15:46.0750 3352 SymIRON - ok
19:15:46.0765 3352 SYMNDIS - ok
19:15:46.0781 3352 SYMREDRV - ok
19:15:46.0796 3352 SYMTDI (dec35ccaf7a222df918306cd2fdfbd39) C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SYMTDI.SYS
19:15:46.0828 3352 SYMTDI - ok
19:15:46.0843 3352 sym_hi - ok
19:15:46.0843 3352 sym_u3 - ok
19:15:46.0875 3352 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:15:47.0015 3352 sysaudio - ok
19:15:47.0062 3352 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:15:47.0125 3352 Tcpip - ok
19:15:47.0156 3352 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:15:47.0281 3352 TDPIPE - ok
19:15:47.0312 3352 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:15:47.0437 3352 TDTCP - ok
19:15:47.0468 3352 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:15:47.0625 3352 TermDD - ok
19:15:47.0640 3352 TosIde - ok
19:15:47.0671 3352 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
19:15:47.0796 3352 uagp35 - ok
19:15:47.0828 3352 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:15:47.0968 3352 Udfs - ok
19:15:47.0984 3352 ultra - ok
19:15:47.0984 3352 UnlockerDriver5 - ok
19:15:48.0031 3352 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:15:48.0187 3352 Update - ok
19:15:48.0250 3352 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:15:48.0359 3352 usbaudio - ok
19:15:48.0406 3352 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:15:48.0562 3352 usbccgp - ok
19:15:48.0593 3352 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:15:48.0718 3352 usbehci - ok
19:15:48.0750 3352 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:15:48.0890 3352 usbhub - ok
19:15:48.0984 3352 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:15:49.0140 3352 usbohci - ok
19:15:49.0156 3352 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:15:49.0296 3352 usbprint - ok
19:15:49.0343 3352 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:15:49.0500 3352 usbscan - ok
19:15:49.0531 3352 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:15:49.0671 3352 USBSTOR - ok
19:15:49.0703 3352 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:15:49.0828 3352 usbuhci - ok
19:15:49.0875 3352 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:15:50.0000 3352 usbvideo - ok
19:15:50.0031 3352 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:15:50.0156 3352 VgaSave - ok
19:15:50.0156 3352 ViaIde - ok
19:15:50.0187 3352 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
19:15:50.0296 3352 VolSnap - ok
19:15:50.0343 3352 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:15:50.0453 3352 Wanarp - ok
19:15:50.0468 3352 WDICA - ok
19:15:50.0484 3352 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:15:50.0640 3352 wdmaud - ok
19:15:50.0687 3352 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:15:50.0812 3352 WSTCODEC - ok
19:15:50.0859 3352 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:15:50.0968 3352 WudfPf - ok
19:15:50.0984 3352 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:15:51.0015 3352 WudfRd - ok
19:15:51.0062 3352 yukonx86 (24143e06d15db866dea29258f77fd89d) C:\WINDOWS\system32\DRIVERS\yukonx86.sys
19:15:51.0093 3352 yukonx86 ( UnsignedFile.Multi.Generic ) - warning
19:15:51.0093 3352 yukonx86 - detected UnsignedFile.Multi.Generic (1)
19:15:51.0125 3352 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
19:15:51.0359 3352 \Device\Harddisk0\DR0 - ok
19:15:51.0359 3352 Boot (0x1200) (2bea655a191566f69e252d8a5750aafa) \Device\Harddisk0\DR0\Partition0
19:15:51.0359 3352 \Device\Harddisk0\DR0\Partition0 - ok
19:15:51.0359 3352 ============================================================
19:15:51.0359 3352 Scan finished
19:15:51.0359 3352 ============================================================
19:15:52.0015 2772 Deinitialize success
==============================================
Last Created System Restore Point
==============================================
RP1591: 21-1-2012 19:14:18 - TDSSKiller Starter Restore Point
==============================================
EOF
Bij het uitvoeren van Combofix kreeg ik de melding dat er een fout was met Internet Explorer ik kreeg heel even te zien dat scherm of ik het aan Windows wil vermelden dat viel ook weg.
20.26 Ik zie dat Norton uit staat ik zet hem gelijk weer aan. - Download ComboFix opnieuw naar het buraublad, nadat je de oude versie naar de prullenbak hebt verwijderd en deze vervolgens hebt leeggemaakt.
Herstart vervolgens naar Veilige modus, zorg ervoor dat Norton gedeaktiveerd is en probeer dan ComboFix nogmaals. - Pfff bijna een half uur verder ik hoop dat het allemaal is gelukt. Kreeg voor mij gevoel nogal wat meldingen of ik het aan Microsoft, Logitech en Symantic wilden melden.
ComboFix 12-01-21.02 - xxxxxxxxx 21-01-2012 19:34:18.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.235 [GMT 1:00]
Gestart vanuit: c:\documents and settings\xxxxxxxxx\Bureaublad\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\xxxxxxxxx\ntuser.tmp
c:\documents and settings\xxxxxxxxx\WINDOWS
c:\windows\Downloaded Program Files\ODCTOOLS
c:\windows\IsUn0413.exe
c:\windows\system32\SET92.tmp
c:\windows\system32\SET9E.tmp
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-21 to 2012-01-21 ))))))))))))))))))))))))))))))
.
.
2012-01-21 18:09 . 2012-01-21 18:15 ——– d—–w- C:\TDSSStarter
2012-01-21 16:31 . 2012-01-21 16:31 83064 —-a-w- c:\windows\system32\drivers\SMR250.SYS
2012-01-21 16:31 . 2012-01-21 16:34 ——– d—–w- c:\documents and settings\xxxxxxxxx\Local Settings\Application Data\NPE
2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- C:\usr
2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- c:\documents and settings\All Users\Application Data\Paessler
2012-01-19 15:32 . 2012-01-19 15:49 ——– d—–w- c:\program files\PRTG Network Monitor
2012-01-19 15:10 . 2012-01-19 15:10 388096 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\program files\BabylonToolbar
2012-01-14 20:17 . 2012-01-14 20:17 1255 —-a-w- C:\user.js
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\xxxxxxxxx\AppData
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\xxxxxxxx\Local Settings\Application Data\Babylon
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\xxxxxxxxx\Application Data\Babylon
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\All Users\Application Data\Babylon
2012-01-13 18:03 . 2012-01-13 18:03 ——– dc-h–w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-01-13 18:03 . 2012-01-13 18:03 ——– d—–w- c:\program files\Uniblue
2012-01-13 18:02 . 2012-01-13 18:02 ——– d—–w- c:\documents and settings\xxxxxxxx\Local Settings\Application Data\PackageAware
2011-12-30 12:05 . 2011-12-30 12:05 ——– d—–w- c:\documents and settings\xxxxxxxxx\Application Data\HotSync
2011-12-29 19:51 . 2012-01-19 15:30 ——– d—–w- C:\unzipped
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-14 19:31 . 2009-02-27 20:36 695642 —-a-w- c:\windows\unins000.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe
2011-11-28 14:03 . 2011-11-28 14:03 49152 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe
2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe
2011-11-28 10:26 . 2011-05-19 08:20 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-08-20 1912832]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-04 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"UPC"="c:\program files\UPC\bin\sprtcmd.exe" [2005-08-16 192512]
"NSWosCheck"="c:\program files\Norton SystemWorks Basic Edition\osCheck.exe" [2007-10-31 25424]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-09-06 115560]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-06 161336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Wim\Programma's\Opstarten\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Office Opstarten.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-2-19 51984]
PowerReg Scheduler.exe [2012-1-4 233472]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Wim^Programma's^Opstarten^HotSync Manager.lnk]
path=c:\documents and settings\Wim\Programma's\Opstarten\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 —-a-w- c:\windows\system32\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\PRTG Network Monitor\\PRTG Server Administrator.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 SMR250;Symantec SMR Utility Service 2.5.0;c:\windows\system32\drivers\SMR250.SYS [21-1-2012 17:31 83064]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SymDS.sys [9-9-2011 18:11 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SymEFA.sys [9-9-2011 18:11 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [1-12-2011 3:25 820344]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.sys [9-9-2011 18:11 136312]
R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [27-7-2007 9:13 330144]
R2 NIS;Norton Internet Security.;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [9-9-2011 18:11 130008]
R2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~4\NORTON~1\NPROTECT.EXE [9-12-2005 12:26 99976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9-11-2011 10:08 106104]
R3 FCParPnP;Freecom Parallel PnP Driver;c:\windows\system32\drivers\FCParPnP.sys [10-12-2001 16:56 10320]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20120120.002\IDSXpx86.sys [21-1-2012 11:04 356280]
S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [27-7-2007 11:46 251680]
S2 bsaspi32;bsaspi32; [x]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
S2 PRTGCoreService;PRTG Core Server Service;"c:\program files\PRTG Network Monitor\PRTG Server.exe" –> c:\program files\PRTG Network Monitor\PRTG Server.exe [?]
S2 PRTGProbeService;PRTG Probe Service;"c:\program files\PRTG Network Monitor\PRTG Probe.exe" –> c:\program files\PRTG Network Monitor\PRTG Probe.exe [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [20-1-2011 15:28 1527900]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [24-5-2005 18:18 10379]
S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [23-10-2004 9:08 6369]
S3 PIXMC10;JVC Communication PIX-MC10 Driver;c:\windows\system32\drivers\pixmc10c.sys [16-2-2006 12:27 31232]
S3 PIXMC10A;JVC PIX-MC10 Audio Capture;c:\windows\system32\drivers\pixmc10a.sys [16-2-2006 13:04 28060]
S3 PIXMC10V;JVC PIX-MC10 Video Capture;c:\windows\system32\drivers\pixmc10v.sys [16-2-2006 13:05 22652]
S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [19-10-2004 12:10 176256]
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - 22596305
*Deregistered* - 22596305
*Deregistered* - uphcleanhlp
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-04 19:20]
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
.
2012-01-21 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2012-01-13 08:26]
.
.
——- Bijkomende Scan ——-
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - c:\mijndo~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKLM-Run-RemoteAssist - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-YouSendIt - c:\program files\YouSendIt\Express\YouSendIt.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-21 19:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_USERS\S-1-5-21-3234667655-1940723367-1441234189-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Voltooingstijd: 2012-01-21 20:00:06
ComboFix-quarantined-files.txt 2012-01-21 19:00
.
Pre-Run: 74.616.205.312 bytes beschikbaar
Post-Run: 75.387.752.448 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /bootlog
.
- - End Of File - - 75632FA7CD36452C359564FCE364ABD6
20:55
Ik krijg Norton niet meer rechts onder het scherm. Daar is Windows voor gekomen. Normaal gebruik ik de Firewall van Norton en die van Windows heb ik uitgeschakeld. Dat lukt niet meer ik zit nu met een ingeschakelde Firewall van Windows. :cry:
21:13
Ik zit nu met twee Internet Explores op het bureaublad. Als ik op de laatst nieuwe klik eigenschappen krijk ik Eigenschappen voor het Internet. Die met de 7 tabbladen. Op het andere Eigenschappen voor Internet Explorer 8. Dat scherm kan je alleen zien wat de root is. 3 tabbladen.
21:43
Surfen op het Internet gaat best goed. Iets sneller dan voorheen. - Hoi w.g.b., je hebt uit voorzorg de gebruikersnaam verwijderd in het ComboFix-log verwijderd.
Weet, dat indien ik jouw middels een ComboFix scrpt jouw Windows laat opruimen, je eerst in dat script eventuele gebruikersnamen goed moet substitueren.
Want doe je dat niet goed, is de kans groot dat er iets verkeerd gaat!
Gaat het hierbij overigens om maar één gebruiker? - Mijn naam heb ik uit de log gehaald na dat ik het hier had geplaatst. Met de optie bewerken. Na het plaatsen van mijn log zag ik ineens mijn naam staan. Ik ben digitaal uitermate voorzichtig.
Hoe krijg ik deze twee programmas het beste van mijn computer verwijderd. - Je gebruikersnaam had je rustig in in het log kunnen laten staan.
Daar kan niemand wat mee.
Want wil je een schone Windows, moet ik de volgende scan van ComboFix via een script doen! - Hoi Abraham54
Alvast bedankt voor je geduld.
Toch vraag ik me af waarmee ik bezig ben. Ik betaal keurig een abonnement bij Norton. Is het eigenlijk niet hun probleem.
De software heb ik mijn computer opnieuw laten scannen. Dit keer ging het een stuk beter. Daar bedoel ik mee geen opmerkingen van Microsoft of ik het probleem aan hun wil vermelden.
ComboFix 12-01-21.02 - Beerends 22-01-2012 13:26:50.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.332 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Beerends\Bureaublad\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 ))))))))))))))))))))))))))))))
.
.
2012-01-21 18:09 . 2012-01-21 18:15 ——– d—–w- C:\TDSSStarter
2012-01-21 16:31 . 2012-01-21 16:34 ——– d—–w- c:\documents and settings\Beerends\Local Settings\Application Data\NPE
2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- C:\usr
2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- c:\documents and settings\All Users\Application Data\Paessler
2012-01-19 15:32 . 2012-01-19 15:49 ——– d—–w- c:\program files\PRTG Network Monitor
2012-01-19 15:10 . 2012-01-19 15:10 388096 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\program files\BabylonToolbar
2012-01-14 20:17 . 2012-01-14 20:17 1255 —-a-w- C:\user.js
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\Beerends\AppData
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\Beerends\Local Settings\Application Data\Babylon
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\Beerends\Application Data\Babylon
2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\All Users\Application Data\Babylon
2012-01-13 18:03 . 2012-01-13 18:03 ——– dc-h–w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-01-13 18:03 . 2012-01-13 18:03 ——– d—–w- c:\program files\Uniblue
2012-01-13 18:02 . 2012-01-13 18:02 ——– d—–w- c:\documents and settings\Beerends\Local Settings\Application Data\PackageAware
2011-12-30 12:05 . 2011-12-30 12:05 ——– d—–w- c:\documents and settings\Beerends\Application Data\HotSync
2011-12-29 19:51 . 2012-01-19 15:30 ——– d—–w- C:\unzipped
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-14 19:31 . 2009-02-27 20:36 695642 —-a-w- c:\windows\unins000.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe
2011-11-28 14:03 . 2011-11-28 14:03 49152 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe
2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe
2011-11-28 10:26 . 2011-05-19 08:20 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-21_18.53.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-22 09:41 . 2012-01-22 09:41 16384 c:\windows\Temp\Perflib_Perfdata_740.dat
+ 2012-01-22 09:39 . 2012-01-22 09:39 16384 c:\windows\Temp\Perflib_Perfdata_6f4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-08-20 1912832]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-04 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"UPC"="c:\program files\UPC\bin\sprtcmd.exe" [2005-08-16 192512]
"NSWosCheck"="c:\program files\Norton SystemWorks Basic Edition\osCheck.exe" [2007-10-31 25424]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-09-06 115560]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-06 161336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Wim\Programma's\Opstarten\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Office Opstarten.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-2-19 51984]
PowerReg Scheduler.exe [2012-1-4 233472]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Wim^Programma's^Opstarten^HotSync Manager.lnk]
path=c:\documents and settings\Wim\Programma's\Opstarten\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 —-a-w- c:\windows\system32\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\PRTG Network Monitor\\PRTG Server Administrator.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SymDS.sys [9-9-2011 18:11 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SymEFA.sys [9-9-2011 18:11 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [1-12-2011 3:25 820344]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.sys [9-9-2011 18:11 136312]
R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [27-7-2007 9:13 330144]
R2 NIS;Norton Internet Security.;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [9-9-2011 18:11 130008]
R2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~4\NORTON~1\NPROTECT.EXE [9-12-2005 12:26 99976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9-11-2011 10:08 106104]
R3 FCParPnP;Freecom Parallel PnP Driver;c:\windows\system32\drivers\FCParPnP.sys [10-12-2001 16:56 10320]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20120120.002\IDSXpx86.sys [21-1-2012 11:04 356280]
S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [27-7-2007 11:46 251680]
S2 bsaspi32;bsaspi32; [x]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
S2 PRTGCoreService;PRTG Core Server Service; [x]
S2 PRTGProbeService;PRTG Probe Service; [x]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [20-1-2011 15:28 1527900]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [24-5-2005 18:18 10379]
S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [23-10-2004 9:08 6369]
S3 PIXMC10;JVC Communication PIX-MC10 Driver;c:\windows\system32\drivers\pixmc10c.sys [16-2-2006 12:27 31232]
S3 PIXMC10A;JVC PIX-MC10 Audio Capture;c:\windows\system32\drivers\pixmc10a.sys [16-2-2006 13:04 28060]
S3 PIXMC10V;JVC PIX-MC10 Video Capture;c:\windows\system32\drivers\pixmc10v.sys [16-2-2006 13:05 22652]
S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [19-10-2004 12:10 176256]
.
— Andere Services/Drivers In Geheugen —
.
*Deregistered* - uphcleanhlp
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-04 19:20]
.
2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
.
2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
.
2012-01-22 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2012-01-13 08:26]
.
.
——- Bijkomende Scan ——-
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - c:\mijndo~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-22 13:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_USERS\S-1-5-21-3234667655-1940723367-1441234189-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
——————— DLLs Geladen Onder Lopende Processen ———————
.
- - - - - - - > 'explorer.exe'(3272)
c:\windows\system32\nview.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Voltooingstijd: 2012-01-22 13:55:27
ComboFix-quarantined-files.txt 2012-01-22 12:55
ComboFix2.txt 2012-01-21 19:00
.
Pre-Run: 75.434.119.168 bytes beschikbaar
Post-Run: 75.411.623.936 bytes beschikbaar
.
- - End Of File - - 91832A85E8171282D7B198062BE93737 - Je gebruikt Norton Internet Security, dus Antivirus en Firewall.
Maar zo te zien staat de Windows DFirewall ook nog aan en dat is niet goed! - {\rtf1\ansi\ansicpg1252\deff0\deflang1043{\fonttbl{\f0\froman\fcharset0 Times New Roman;}{\f1\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\f0\fs24 ClearJavaCache:: \line\line File:: \line c:\\windows\\Temp\\Perflib_Perfdata_740.dat \line c:\\windows\\Temp\\Perflib_Perfdata_6f4.dat \line\line Folder:: \line c:\\program files\\BabylonToolbar \line\line
\par
\f1\fs20\{\\rtf1\\ansi\\ansicpg1252\\deff0\\deflang1043\{\\fonttbl\{\\f0\\froman\\fcharset0 Times New Roman;\}\{\\f1\\fswiss\\fcharset0 Arial;\}\}\par
\{\\*\\generator Msftedit 5.41.15.1515;\}\\viewkind4\\uc1\\pard\\f0\\fs24 ClearJavaCache:: \\line\\line File:: \\line c:\\\\windows\\\\Temp\\\\Perflib_Perfdata_740.dat \\line c:\\\\windows\\\\Temp\\\\Perflib_Perfdata_6f4.dat \\line\\line Folder:: \\line c:\\\\program files\\\\BabylonToolbar \\line\\line\\par\par
\\f1\\fs20\\par\par
\}\par
\par
}
Dit zou het moeten zijn.
Ondanks dat de Windows Firewal is uitgeschakeld staat nog steeds een rood schild met een kruis rechts onder in het scherm. Deze melding heeft daar nooit gestaan. - Ik heb even geen idee waar je het nu over hebt.
"Ondanks dat de Windows Firewal is uitgeschakeld staat nog steeds een rood schild met een kruis rechts onder in het scherm. Deze melding heeft daar nooit gestaan."
Wat gebeurt er dan nu wanneer je op dat kruis klikt?
En wat zegt het Norton menu over de beveiliging?
Las but not least: wat meldt het Beveiligingscentrum (Via Configuratiescherm) over de beveiligingsinstellingen? - Als ik op dat schilt, rood met een wit kruis (Windows-Beveilingingsmeldingen) klik, kom ik in het scherm Windows Beveiligings Centrum.
Firewall ingeschakeld (groen gekleurd)
Automatisch Updates Uitgeschakeld (rood gekleurd)
Virus Beveiliging ingeschakeld (groen gekleurd)
In Services Lokaal staat Windows Firewall uitgeschakeld. Zoals je hebt gevraagd.
Dat van die Automatische Updates heb ik uitgeschakeld ik kreeg steeds de melding dat ik Microsoft software moet updaten KB 951847 Microsoft Frame work 3,5 Service Pak 1. en nog wat tekst. Maar ik kreeg dat niet voor elkaar.
Als ik in het Configuratie scherm op Beveiligingcentrum klik krijg ik het zelfde scherm als wanneer ik op het symbool rechts onder klik. Windows Beveiligingscentrum.
Nog wat gezocht. In dat scherm de optie Meldingen van Beveiligingscentrum Instellen. Nu is het schilt rechts onder verdwenen.
Norton meld: Systeem Status Veilig. Dat staat ook rechts onderin het scherm gele wereldbol met groenevlakje en vink.
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
