Vraag & Antwoord
N.a.v van een scan Kaspersky ,Graag controle.
33 antwoorden
- Hij is nog steeds bezig, tis maar goed
dat ik morgen vrij ben. - Zou u mijn
desktop kunnen controleren, n.a.v een scan van Kaspersky Internet Security 2012.
Windows 7 Home Premium
Kaspersky Internet Security 2012
Mbam pro
En hier gaat het mij eigelijk om
Zie scan<br /><br />Want Kaspersky kon niets vinden.<br />Scan met Mbam ook niets<br />En heb Eset online scanner mee gescand. En die vond ook niets.<br /><br />Als het goed is, wat er in de afbeelding staat, dan laten we het zo.<br />Maar anders graag even een antwoord hier op. Wat ik verder doen moet.<br /><br />Alvast bedankt voor u medewerking.)
- Laten we eens kijken of een ander tool wel succesvol is:
[b:8a898a9314]Welk programma[/b:8a898a9314]: Zoek.exe
[b:8a898a9314]Waarvoor/waarom[/b:8a898a9314]: multifunktioneel tool
[b:8a898a9314]Moeilijkheidsgraad[/b:8a898a9314]: geen.
[b:8a898a9314]Download[/b:8a898a9314]: [b:8a898a9314]zoek.exe[/b:8a898a9314]
[b:8a898a9314]"Zoek.exe van Smeenk" gebruiken[/b:8a898a9314]:
[list:8a898a9314][*:8a898a9314] [b:8a898a9314] - Goedeavond Abraham
bedankt voor je reactie.
Moest weer werken vandaag, na de vorst periode.
Die melding wat Kaspersky had, die had ik ook op 25-01-2012 met de zelfde items.
Heb het uit gevoerd, zie scan.Maar dat heb wel een uur over gedaan. En ja was het nu al klaar, ik kon er nergens wat aan vinden. Dus zodoende de scan ff er bij.
[img:5e3e6437a0]http://i210.photobucket.com/albums/bb290/koper2008/Allerlei%20foto/Zoekexe.png[/img:5e3e6437a0]
Hoor het wel, wat er verder moet gebeuren. - Hoi, waarschijnlijk is dat bestand er niet meer of het heeft zich een andere naam gegeven!
Laten we diep gaan kijken!
Overigens de volgende enkel de inhoud van de kladbloklogs posten, geen screenprints dus! - Tdssstarter was zo klaar de log.
Maar combofix, daar is hij al meer dan een halfuur bezig om het log rapport te voorbereiden.
kan dat kloppen.
dit doe ik nu eventjes via de laptop. - Dat kan inderdaad even duren!
- Dat duurt te lang.
Laat je PC maar opnieuw opstarten en kijk dan of er in C:\ een Combofix.txt te vinden is. - Oke, opnieuw opgestart.
Hier bij de Log
21:10:37.0992 5552 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
21:10:37.0992 5552 ============================================================
21:10:37.0992 5552 Current date / time: 2012/02/23 21:10:37.0992
21:10:37.0992 5552 SystemInfo:
21:10:37.0992 5552
21:10:37.0992 5552 OS Version: 6.1.7601 ServicePack: 1.0
21:10:37.0992 5552 Product type: Workstation
21:10:37.0992 5552 ComputerName: XIIT-X
21:10:38.0008 5552 UserName: Gebruiker
21:10:38.0008 5552 Windows directory: C:\Windows
21:10:38.0008 5552 System windows directory: C:\Windows
21:10:38.0008 5552 Processor architecture: Intel x86
21:10:38.0008 5552 Number of processors: 4
21:10:38.0008 5552 Page size: 0x1000
21:10:38.0008 5552 Boot type: Normal boot
21:10:38.0008 5552 ============================================================
21:10:40.0510 5552 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:10:40.0526 5552 \Device\Harddisk0\DR0:
21:10:40.0526 5552 MBR used
21:10:40.0526 5552 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:10:40.0526 5552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB000
21:10:40.0822 5552 Initialize success
21:10:40.0822 5552 ============================================================
21:10:40.0869 5336 ============================================================
21:10:40.0869 5336 Scan started
21:10:40.0869 5336 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
21:10:40.0869 5336 ============================================================
21:10:44.0083 5336 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
21:10:44.0395 5336 1394ohci - ok
21:10:44.0722 5336 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:10:44.0769 5336 ACPI - ok
21:10:45.0019 5336 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:10:45.0206 5336 AcpiPmi - ok
21:10:45.0549 5336 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:10:45.0596 5336 adp94xx - ok
21:10:45.0799 5336 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:10:45.0846 5336 adpahci - ok
21:10:46.0048 5336 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:10:46.0095 5336 adpu320 - ok
21:10:46.0360 5336 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
21:10:46.0470 5336 AFD - ok
21:10:46.0657 5336 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:10:46.0688 5336 agp440 - ok
21:10:46.0782 5336 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:10:46.0813 5336 aic78xx - ok
21:10:47.0109 5336 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:10:47.0125 5336 aliide - ok
21:10:47.0234 5336 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:10:47.0281 5336 amdagp - ok
21:10:47.0499 5336 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:10:47.0530 5336 amdide - ok
21:10:47.0686 5336 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:10:47.0780 5336 AmdK8 - ok
21:10:47.0952 5336 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:10:47.0998 5336 AmdPPM - ok
21:10:48.0123 5336 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
21:10:48.0154 5336 amdsata - ok
21:10:48.0232 5336 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:10:48.0279 5336 amdsbs - ok
21:10:48.0404 5336 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
21:10:48.0435 5336 amdxata - ok
21:10:48.0576 5336 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:10:48.0638 5336 AppID - ok
21:10:49.0044 5336 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:10:49.0075 5336 arc - ok
21:10:49.0215 5336 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:10:49.0262 5336 arcsas - ok
21:10:49.0371 5336 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:10:49.0808 5336 AsyncMac - ok
21:10:50.0026 5336 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:10:50.0058 5336 atapi - ok
21:10:50.0463 5336 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:10:50.0557 5336 b06bdrv - ok
21:10:50.0760 5336 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:10:50.0822 5336 b57nd60x - ok
21:10:50.0994 5336 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:10:51.0118 5336 Beep - ok
21:10:51.0259 5336 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:10:51.0274 5336 blbdrive - ok
21:10:51.0352 5336 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:10:51.0399 5336 bowser - ok
21:10:51.0415 5336 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:10:51.0477 5336 BrFiltLo - ok
21:10:51.0477 5336 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:10:51.0524 5336 BrFiltUp - ok
21:10:51.0633 5336 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:10:51.0696 5336 Brserid - ok
21:10:51.0711 5336 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:10:51.0742 5336 BrSerWdm - ok
21:10:51.0774 5336 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:10:51.0805 5336 BrUsbMdm - ok
21:10:51.0820 5336 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:10:51.0852 5336 BrUsbSer - ok
21:10:51.0883 5336 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:10:51.0898 5336 BTHMODEM - ok
21:10:51.0976 5336 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:10:52.0008 5336 cdfs - ok
21:10:52.0086 5336 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
21:10:52.0148 5336 cdrom - ok
21:10:52.0195 5336 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:10:52.0226 5336 circlass - ok
21:10:52.0257 5336 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:10:52.0273 5336 CLFS - ok
21:10:52.0382 5336 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:10:52.0398 5336 CmBatt - ok
21:10:52.0522 5336 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:10:52.0538 5336 cmdide - ok
21:10:52.0616 5336 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
21:10:52.0647 5336 CNG - ok
21:10:52.0678 5336 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:10:52.0694 5336 Compbatt - ok
21:10:52.0772 5336 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
21:10:52.0803 5336 CompositeBus - ok
21:10:52.0959 5336 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
21:10:52.0975 5336 cpuz135 - ok
21:10:53.0006 5336 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:10:53.0022 5336 crcdisk - ok
21:10:53.0100 5336 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:10:53.0131 5336 DfsC - ok
21:10:53.0162 5336 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:10:53.0193 5336 discache - ok
21:10:53.0240 5336 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:10:53.0256 5336 Disk - ok
21:10:53.0334 5336 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:10:53.0365 5336 drmkaud - ok
21:10:53.0443 5336 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:10:53.0474 5336 DXGKrnl - ok
21:10:53.0599 5336 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:10:53.0708 5336 ebdrv - ok
21:10:53.0848 5336 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:10:53.0864 5336 elxstor - ok
21:10:53.0911 5336 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:10:53.0926 5336 ErrDev - ok
21:10:53.0989 5336 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:10:54.0020 5336 exfat - ok
21:10:54.0114 5336 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:10:54.0160 5336 fastfat - ok
21:10:54.0207 5336 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:10:54.0238 5336 fdc - ok
21:10:54.0270 5336 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:10:54.0285 5336 FileInfo - ok
21:10:54.0363 5336 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:10:54.0457 5336 Filetrace - ok
21:10:54.0706 5336 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:10:54.0738 5336 flpydisk - ok
21:10:54.0784 5336 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:10:54.0800 5336 FltMgr - ok
21:10:54.0831 5336 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:10:54.0831 5336 FsDepends - ok
21:10:54.0847 5336 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
21:10:54.0862 5336 Fs_Rec - ok
21:10:54.0925 5336 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:10:54.0940 5336 fvevol - ok
21:10:54.0972 5336 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:10:54.0987 5336 gagp30kx - ok
21:10:55.0018 5336 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:10:55.0034 5336 hcw85cir - ok
21:10:55.0096 5336 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
21:10:55.0128 5336 HdAudAddService - ok
21:10:55.0190 5336 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
21:10:55.0206 5336 HDAudBus - ok
21:10:55.0252 5336 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:10:55.0284 5336 HidBatt - ok
21:10:55.0315 5336 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:10:55.0330 5336 HidBth - ok
21:10:55.0424 5336 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:10:55.0440 5336 HidIr - ok
21:10:55.0549 5336 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
21:10:55.0580 5336 HidUsb - ok
21:10:55.0627 5336 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:10:55.0642 5336 HpSAMD - ok
21:10:55.0720 5336 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:10:55.0798 5336 HTTP - ok
21:10:55.0845 5336 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:10:55.0876 5336 hwpolicy - ok
21:10:55.0970 5336 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:10:56.0032 5336 i8042prt - ok
21:10:56.0095 5336 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
21:10:56.0126 5336 iaStorV - ok
21:10:56.0157 5336 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:10:56.0173 5336 iirsp - ok
21:10:56.0220 5336 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:10:56.0251 5336 intelide - ok
21:10:56.0298 5336 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:10:56.0360 5336 intelppm - ok
21:10:56.0391 5336 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:10:56.0438 5336 IpFilterDriver - ok
21:10:56.0516 5336 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:10:56.0594 5336 IPMIDRV - ok
21:10:56.0625 5336 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:10:56.0734 5336 IPNAT - ok
21:10:56.0797 5336 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:10:56.0859 5336 IRENUM - ok
21:10:56.0906 5336 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:10:56.0953 5336 isapnp - ok
21:10:57.0000 5336 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:10:57.0031 5336 iScsiPrt - ok
21:10:57.0109 5336 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:10:57.0156 5336 kbdclass - ok
21:10:57.0202 5336 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
21:10:57.0249 5336 kbdhid - ok
21:10:57.0343 5336 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
21:10:57.0374 5336 KL1 - ok
21:10:57.0436 5336 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
21:10:57.0468 5336 kl2 - ok
21:10:57.0530 5336 KLIF (af04d0ce7939324e9a605b159295706c) C:\Windows\system32\DRIVERS\klif.sys
21:10:57.0577 5336 KLIF - ok
21:10:57.0639 5336 KLIM6 (6295a19003f935ecc6ccbe9e2376427b) C:\Windows\system32\DRIVERS\klim6.sys
21:10:57.0670 5336 KLIM6 - ok
21:10:57.0748 5336 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
21:10:57.0780 5336 klmouflt - ok
21:10:57.0826 5336 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
21:10:57.0858 5336 KSecDD - ok
21:10:57.0904 5336 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
21:10:57.0936 5336 KSecPkg - ok
21:10:57.0967 5336 L8042Kbd (d88846f9f4f27ae9be584a6e5b6b8753) C:\Windows\system32\DRIVERS\L8042Kbd.sys
21:10:57.0998 5336 L8042Kbd - ok
21:10:58.0107 5336 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:10:58.0154 5336 LHidFilt - ok
21:10:58.0216 5336 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:10:58.0279 5336 lltdio - ok
21:10:58.0310 5336 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:10:58.0341 5336 LMouFilt - ok
21:10:58.0388 5336 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:10:58.0404 5336 LSI_FC - ok
21:10:58.0466 5336 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:10:58.0497 5336 LSI_SAS - ok
21:10:58.0716 5336 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:10:58.0731 5336 LSI_SAS2 - ok
21:10:58.0762 5336 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:10:58.0778 5336 LSI_SCSI - ok
21:10:58.0809 5336 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:10:58.0856 5336 luafv - ok
21:10:58.0903 5336 LUsbFilt (77030525cd86a93f1af34fa9b96d33ce) C:\Windows\system32\Drivers\LUsbFilt.Sys
21:10:58.0903 5336 LUsbFilt - ok
21:10:59.0012 5336 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
21:10:59.0043 5336 MBAMProtector - ok
21:10:59.0340 5336 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:10:59.0371 5336 megasas - ok
21:10:59.0496 5336 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:11:00.0416 5336 MegaSR - ok
21:11:00.0744 5336 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:11:04.0176 5336 Modem - ok
21:11:04.0332 5336 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:11:04.0363 5336 monitor - ok
21:11:04.0425 5336 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
21:11:04.0441 5336 mouclass - ok
21:11:04.0519 5336 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:11:04.0550 5336 mouhid - ok
21:11:04.0644 5336 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:11:04.0659 5336 mountmgr - ok
21:11:04.0753 5336 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:11:04.0800 5336 mpio - ok
21:11:05.0096 5336 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:11:05.0158 5336 mpsdrv - ok
21:11:05.0330 5336 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:11:05.0392 5336 MRxDAV - ok
21:11:05.0704 5336 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:11:05.0829 5336 mrxsmb - ok
21:11:06.0110 5336 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:11:06.0157 5336 mrxsmb10 - ok
21:11:06.0547 5336 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:11:06.0578 5336 mrxsmb20 - ok
21:11:07.0015 5336 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:11:07.0015 5336 msahci - ok
21:11:07.0296 5336 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:11:07.0311 5336 msdsm - ok
21:11:07.0623 5336 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:11:07.0670 5336 Msfs - ok
21:11:07.0904 5336 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:11:07.0982 5336 mshidkmdf - ok
21:11:08.0122 5336 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:11:08.0154 5336 msisadrv - ok
21:11:08.0824 5336 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:11:08.0996 5336 MSKSSRV - ok
21:11:09.0308 5336 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:11:09.0729 5336 MSPCLOCK - ok
21:11:09.0823 5336 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:11:09.0885 5336 MSPQM - ok
21:11:10.0182 5336 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:11:10.0228 5336 MsRPC - ok
21:11:10.0431 5336 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
21:11:10.0447 5336 mssmbios - ok
21:11:10.0572 5336 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:11:10.0650 5336 MSTEE - ok
21:11:10.0821 5336 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:11:10.0899 5336 MTConfig - ok
21:11:11.0055 5336 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys
21:11:11.0133 5336 MTsensor - ok
21:11:11.0258 5336 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:11:11.0289 5336 Mup - ok
21:11:11.0430 5336 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:11:11.0492 5336 NativeWifiP - ok
21:11:11.0601 5336 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:11:11.0648 5336 NDIS - ok
21:11:11.0866 5336 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:11:11.0960 5336 NdisCap - ok
21:11:12.0319 5336 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:11:12.0397 5336 NdisTapi - ok
21:11:12.0787 5336 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:11:12.0865 5336 Ndisuio - ok
21:11:13.0192 5336 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:11:13.0239 5336 NdisWan - ok
21:11:13.0551 5336 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:11:13.0629 5336 NDProxy - ok
21:11:14.0019 5336 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:11:14.0082 5336 NetBIOS - ok
21:11:14.0394 5336 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:11:14.0487 5336 NetBT - ok
21:11:15.0049 5336 netr28 (652881f65b35564575255a0e05e23c55) C:\Windows\system32\DRIVERS\netr28.sys
21:11:15.0205 5336 netr28 - ok
21:11:15.0922 5336 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:11:15.0969 5336 nfrd960 - ok
21:11:16.0546 5336 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:11:16.0656 5336 Npfs - ok
21:11:16.0921 5336 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:11:16.0999 5336 nsiproxy - ok
21:11:17.0389 5336 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
21:11:17.0498 5336 Ntfs - ok
21:11:17.0841 5336 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:11:17.0919 5336 Null - ok
21:11:18.0247 5336 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
21:11:18.0294 5336 NVENETFD - ok
21:11:18.0699 5336 NVHDA (96c27791d5ae5c77e37c61b15112e38d) C:\Windows\system32\drivers\nvhda32v.sys
21:11:18.0730 5336 NVHDA - ok
21:11:19.0744 5336 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:11:20.0103 5336 nvlddmkm - ok
21:11:20.0337 5336 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
21:11:20.0353 5336 NVNET - ok
21:11:20.0446 5336 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
21:11:20.0493 5336 nvraid - ok
21:11:20.0852 5336 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys
21:11:20.0914 5336 nvsmu - ok
21:11:21.0055 5336 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
21:11:21.0117 5336 nvstor - ok
21:11:21.0258 5336 nvstor32 (032ef66dd96692ad3a9d36160f467f67) C:\Windows\system32\DRIVERS\nvstor32.sys
21:11:21.0289 5336 nvstor32 - ok
21:11:21.0398 5336 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:11:21.0445 5336 nv_agp - ok
21:11:21.0554 5336 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:11:21.0648 5336 ohci1394 - ok
21:11:22.0256 5336 OlyCamComm (f4cb9c1991314b1352ddbd8a968e4471) C:\Windows\system32\DRIVERS\OlyCamComm.sys
21:11:22.0287 5336 OlyCamComm - ok
21:11:23.0020 5336 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:11:23.0036 5336 Parport - ok
21:11:23.0176 5336 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
21:11:23.0176 5336 partmgr - ok
21:11:23.0332 5336 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:11:23.0379 5336 Parvdm - ok
21:11:23.0551 5336 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:11:23.0566 5336 pci - ok
21:11:23.0598 5336 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:11:23.0613 5336 pciide - ok
21:11:23.0722 5336 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:11:23.0769 5336 pcmcia - ok
21:11:24.0050 5336 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:11:24.0081 5336 pcw - ok
21:11:24.0268 5336 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:11:24.0362 5336 PEAUTH - ok
21:11:24.0612 5336 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:11:24.0690 5336 PptpMiniport - ok
21:11:24.0939 5336 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:11:25.0033 5336 Processor - ok
21:11:25.0236 5336 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:11:25.0345 5336 Psched - ok
21:11:25.0548 5336 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:11:25.0594 5336 ql2300 - ok
21:11:25.0641 5336 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:11:25.0672 5336 ql40xx - ok
21:11:25.0860 5336 qtsmon (c9e96ed9df5b260806f6ec041662bf0f) C:\Windows\system32\drivers\qtsmon.sys
21:11:26.0109 5336 qtsmon - ok
21:11:26.0203 5336 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:11:26.0265 5336 QWAVEdrv - ok
21:11:26.0343 5336 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:11:26.0499 5336 RasAcd - ok
21:11:26.0811 5336 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:11:26.0998 5336 RasAgileVpn - ok
21:11:27.0123 5336 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:11:27.0186 5336 Rasl2tp - ok
21:11:27.0248 5336 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:11:27.0295 5336 RasPppoe - ok
21:11:27.0342 5336 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:11:27.0420 5336 RasSstp - ok
21:11:27.0482 5336 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:11:27.0576 5336 rdbss - ok
21:11:27.0622 5336 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:11:27.0669 5336 rdpbus - ok
21:11:27.0716 5336 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:11:27.0778 5336 RDPCDD - ok
21:11:27.0841 5336 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:11:27.0903 5336 RDPENCDD - ok
21:11:27.0950 5336 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:11:27.0981 5336 RDPREFMP - ok
21:11:28.0059 5336 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
21:11:28.0106 5336 RDPWD - ok
21:11:28.0184 5336 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:11:28.0231 5336 rdyboost - ok
21:11:28.0356 5336 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:11:28.0449 5336 rspndr - ok
21:11:28.0558 5336 RTL8192cu (ee2996714b6b12dd4aa2ea65f39b80d3) C:\Windows\system32\DRIVERS\RTL8192cu.sys
21:11:28.0668 5336 RTL8192cu - ok
21:11:28.0730 5336 RTLWUSB (691db86b09e13ca5d3e8881141738cc5) C:\Windows\system32\DRIVERS\wg111v2.sys
21:11:28.0777 5336 RTLWUSB - ok
21:11:28.0902 5336 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:11:28.0933 5336 SASDIFSV - ok
21:11:29.0026 5336 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:11:29.0058 5336 SASKUTIL - ok
21:11:29.0182 5336 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:11:29.0229 5336 sbp2port - ok
21:11:29.0292 5336 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:11:29.0401 5336 scfilter - ok
21:11:29.0494 5336 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:11:29.0541 5336 secdrv - ok
21:11:29.0588 5336 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:11:29.0635 5336 Serenum - ok
21:11:29.0682 5336 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:11:29.0728 5336 Serial - ok
21:11:29.0838 5336 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:11:29.0869 5336 sermouse - ok
21:11:29.0931 5336 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:11:30.0009 5336 sffdisk - ok
21:11:30.0040 5336 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:11:30.0056 5336 sffp_mmc - ok
21:11:30.0072 5336 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:11:30.0103 5336 sffp_sd - ok
21:11:30.0150 5336 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:11:30.0196 5336 sfloppy - ok
21:11:30.0274 5336 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:11:30.0306 5336 sisagp - ok
21:11:30.0352 5336 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:11:30.0384 5336 SiSRaid2 - ok
21:11:30.0399 5336 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:11:30.0446 5336 SiSRaid4 - ok
21:11:30.0477 5336 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:11:30.0555 5336 Smb - ok
21:11:30.0633 5336 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:11:30.0664 5336 spldr - ok
21:11:30.0727 5336 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:11:30.0805 5336 srv - ok
21:11:30.0883 5336 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:11:30.0930 5336 srv2 - ok
21:11:31.0008 5336 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:11:31.0070 5336 srvnet - ok
21:11:31.0148 5336 StarOpen - ok
21:11:31.0210 5336 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
21:11:31.0242 5336 stexstor - ok
21:11:31.0366 5336 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
21:11:31.0398 5336 swenum - ok
21:11:31.0507 5336 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
21:11:31.0585 5336 Tcpip - ok
21:11:31.0694 5336 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
21:11:31.0772 5336 TCPIP6 - ok
21:11:31.0959 5336 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
21:11:32.0053 5336 tcpipreg - ok
21:11:32.0443 5336 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
21:11:32.0583 5336 TDPIPE - ok
21:11:32.0599 5336 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
21:11:32.0708 5336 TDTCP - ok
21:11:32.0739 5336 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
21:11:32.0786 5336 tdx - ok
21:11:32.0848 5336 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
21:11:32.0880 5336 TermDD - ok
21:11:32.0958 5336 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:11:33.0067 5336 tssecsrv - ok
21:11:33.0145 5336 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
21:11:33.0207 5336 TsUsbFlt - ok
21:11:33.0410 5336 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
21:11:33.0504 5336 tunnel - ok
21:11:33.0582 5336 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
21:11:33.0613 5336 uagp35 - ok
21:11:33.0691 5336 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
21:11:33.0784 5336 udfs - ok
21:11:33.0862 5336 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
21:11:33.0894 5336 uliagpkx - ok
21:11:33.0956 5336 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
21:11:34.0003 5336 umbus - ok
21:11:34.0065 5336 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
21:11:34.0143 5336 UmPass - ok
21:11:34.0252 5336 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
21:11:34.0330 5336 usbccgp - ok
21:11:34.0424 5336 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
21:11:34.0471 5336 usbcir - ok
21:11:34.0549 5336 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
21:11:34.0611 5336 usbehci - ok
21:11:34.0705 5336 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
21:11:34.0736 5336 usbhub - ok
21:11:34.0830 5336 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
21:11:34.0876 5336 usbohci - ok
21:11:34.0970 5336 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
21:11:35.0032 5336 usbprint - ok
21:11:35.0110 5336 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
21:11:35.0173 5336 usbscan - ok
21:11:35.0235 5336 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:11:35.0329 5336 USBSTOR - ok
21:11:35.0391 5336 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
21:11:35.0469 5336 usbuhci - ok
21:11:35.0532 5336 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
21:11:35.0578 5336 vdrvroot - ok
21:11:35.0610 5336 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
21:11:35.0688 5336 vga - ok
21:11:35.0703 5336 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
21:11:35.0766 5336 VgaSave - ok
21:11:35.0812 5336 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
21:11:35.0828 5336 vhdmp - ok
21:11:35.0922 5336 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
21:11:35.0953 5336 viaagp - ok
21:11:36.0078 5336 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
21:11:36.0140 5336 ViaC7 - ok
21:11:36.0249 5336 VIAHdAudAddService (4906e025dd6b322c4bbd6b9e35c9993a) C:\Windows\system32\drivers\viahduaa.sys
21:11:36.0358 5336 VIAHdAudAddService - ok
21:11:36.0421 5336 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
21:11:36.0468 5336 viaide - ok
21:11:36.0530 5336 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
21:11:36.0561 5336 volmgr - ok
21:11:36.0639 5336 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
21:11:36.0655 5336 volmgrx - ok
21:11:36.0717 5336 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
21:11:36.0764 5336 volsnap - ok
21:11:36.0842 5336 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
21:11:36.0873 5336 vsmraid - ok
21:11:36.0889 5336 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
21:11:36.0904 5336 vwifibus - ok
21:11:36.0967 5336 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
21:11:37.0029 5336 vwififlt - ok
21:11:37.0060 5336 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
21:11:37.0107 5336 WacomPen - ok
21:11:37.0185 5336 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:11:37.0263 5336 WANARP - ok
21:11:37.0263 5336 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:11:37.0294 5336 Wanarpv6 - ok
21:11:37.0388 5336 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
21:11:37.0435 5336 Wd - ok
21:11:37.0497 5336 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:11:37.0528 5336 Wdf01000 - ok
21:11:37.0731 5336 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
21:11:37.0809 5336 WfpLwf - ok
21:11:37.0856 5336 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
21:11:37.0887 5336 WIMMount - ok
21:11:38.0059 5336 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
21:11:38.0121 5336 WinUsb - ok
21:11:38.0230 5336 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
21:11:38.0293 5336 WmiAcpi - ok
21:11:38.0355 5336 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
21:11:38.0433 5336 ws2ifsl - ok
21:11:38.0542 5336 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
21:11:38.0620 5336 WudfPf - ok
21:11:38.0714 5336 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:11:39.0182 5336 \Device\Harddisk0\DR0 - ok
21:11:39.0244 5336 Boot (0x1200) (91a6dd1628fea5b979296b2a4b5657c2) \Device\Harddisk0\DR0\Partition0
21:11:39.0260 5336 \Device\Harddisk0\DR0\Partition0 - ok
21:11:39.0276 5336 Boot (0x1200) (bf8a8d110c1f794eef528f2a2494a4c7) \Device\Harddisk0\DR0\Partition1
21:11:39.0276 5336 \Device\Harddisk0\DR0\Partition1 - ok
21:11:39.0276 5336 ============================================================
21:11:39.0276 5336 Scan finished
21:11:39.0276 5336 ============================================================
21:11:40.0383 2032 Deinitialize success
==============================================
Last Created System Restore Point
==============================================
RP454: 17-2-2012 21:10:19 - Windows Update
==============================================
Older logs
==============================================
C:\TDSSKiller.2.5.17.0_25.01.2012_21.19.59_log.txt
C:\TDSSKiller.2.7.7.0_25.01.2012_21.20.52_log.txt
==============================================
EOF
En van Combo staat er alleen
ComboFix bestandsmap
en verder niets. - Goed, Combofix is dus de eerste keer gecrasht.
Had jij Kaspersky wel goed kunnen deactiveren?
Ga nu in ieder geval door met het volgende:
Download de [b:8cf99344bd][/b:8cf99344bd] naar het bureaublad en pak het [b:8cf99344bd]ZIP[/b:8cf99344bd] bestand uit.
[list:8cf99344bd]
[*:8cf99344bd] Open de map "[b:8cf99344bd]EmsisoftEmergencyKit[/b:8cf99344bd]" en dubbelklik op "[b:8cf99344bd]Start.exe[/b:8cf99344bd]"
[*:8cf99344bd] Klik nu op "[b:8cf99344bd]Emergency Kit Scanner[/b:8cf99344bd]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:8cf99344bd]Ja[/b:8cf99344bd]"
[img:8cf99344bd]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:8cf99344bd]
[*:8cf99344bd] Als de update gereed is en de melding "[b:8cf99344bd]Update process is succesvol afgerond[/b:8cf99344bd]" verschijnt klikt u op "[b:8cf99344bd]menu[/b:8cf99344bd]" en dan op "[b:8cf99344bd]Scan PC[/b:8cf99344bd]"
[*:8cf99344bd] Selecteer de optie "[b:8cf99344bd]Diep[/b:8cf99344bd]" als deze niet standaard al zo is ingesteld.
[*:8cf99344bd] Klik Nu op de knop "[b:8cf99344bd]Scan[/b:8cf99344bd]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
[*:8cf99344bd] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
Opmerking:
Als u deze melding ziet.
[b:8cf99344bd]C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK [/b:8cf99344bd]
Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor [b:8cf99344bd] "Versturen als vals alarm (False Positive)".[/b:8cf99344bd]
[*:8cf99344bd] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:8cf99344bd]verwijder geselecteerde[/b:8cf99344bd]" u zal nu de volgende melding krijgen maar klik hier op "[b:8cf99344bd]Ja[/b:8cf99344bd]"
[img:8cf99344bd]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:8cf99344bd]
[*:8cf99344bd] Als het verwijderen gereed is klikt u op de knop "[b:8cf99344bd]View report[/b:8cf99344bd]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:8cf99344bd]a2scan_110730-111615.txt[/b:8cf99344bd]
[*:8cf99344bd] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
[*:8cf99344bd] Herstart nu de computer.[/list:u:8cf99344bd] - Goedemorgen
Ben tot nu al weer super blij ,dat ik deze topic geopend heb.
Door Tdsss of Combofix.
Werkt nu vastmaken aan de taakbalk ook weer.
en deze ook zie topic
http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=216061
Nu is hij aan het scannen met
Emisoft Emergency Kit - Hoi Klaas, geef in geval de credits maar aan ComboFix.
Jammer alleen dat er geen log is. - Zo ben er weer
Wat ComboFix betreft had ik Kaspersky wel goed gedectateerd.
Hier bij de log Emisoft
Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 24-2-2012 9:41:39
Scaninstellingen:
Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan
Scan gestart: 24-2-2012 9:42:21
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:66 Ontdekt: Trace.TrackingCookie.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:418 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:419 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2711 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2712 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:5454 Ontdekt: Trace.TrackingCookie.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8532 Ontdekt: Trace.TrackingCookie.fr.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8533 Ontdekt: Trace.TrackingCookie.fr.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14853 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14990 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14991 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:28570 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2
Gescand
Bestanden: 271530
Sporen: 405133
Cookies: 388
Processen: 53
Gevonden
Bestanden: 0
Sporen: 0
Cookies: 14
Processen: 0
Registersleutels: 0
Scan Geëindigd: 24-2-2012 11:26:14
Scantijd: 1:43:53
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:28570 Verwijderd Trace.TrackingCookie.statse.webtrendslive!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14990 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14991 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8532 Verwijderd Trace.TrackingCookie.fr.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8533 Verwijderd Trace.TrackingCookie.fr.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:418 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:419 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2711 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2712 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14853 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:66 Verwijderd Trace.TrackingCookie.com!A2
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:5454 Verwijderd Trace.TrackingCookie.com!A2
Verwijderd
Bestanden: 0
Sporen: 0
Cookies: 12 - Alleen maar cookies gevonden!
Doe het volgende nu:
[b:30985a48ed]Welk programma[/b:30985a48ed]: sUbs [b:30985a48ed]dds.scr[/b:30985a48ed]
[b:30985a48ed]Waarvoor/waarom[/b:30985a48ed]: DDS is een diagnosetool en maakt gebruik van scripts.
[b:30985a48ed]Moeilijkheidsgraad[/b:30985a48ed]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
[b:30985a48ed]Downloadlokatie[/b:30985a48ed]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
[b:30985a48ed]Download[/b:30985a48ed] sUBs dds.scr [b:30985a48ed]hier[/b:30985a48ed]
[img:30985a48ed]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:30985a48ed]
[b:30985a48ed]sUBs dds.scr gebruiken[/b:30985a48ed]:
[list:30985a48ed][*:30985a48ed][b:30985a48ed][/b:30985a48ed]: deaktiveer eerst de antivirussoftware en de aktieve spywarescanners!
[*:30985a48ed] [b:30985a48ed][/b:30985a48ed]
[list:30985a48ed][*:30985a48ed]Windows 2000 en Windows XP: start sUBs dds.scr middels dubbelklik op de snelkoppeling.
[*:30985a48ed]Windows Vista en Windows 7: start sUBs dds.scr rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:30985a48ed]
[*:30985a48ed] Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt
[*:30985a48ed] Kopieer en plak de gehele inhoud van de [b:30985a48ed]DDS-logfile[/b:30985a48ed] in jouw volgende bericht.
[*:30985a48ed] Attach.txt post je pas wanneer ik er om vraag.[/list:u:30985a48ed] - Zal zo snel mogelijk die andere scan uitvoeren.
Sorry, als dit goed bedoeld is.
Maar ik heb van mij zelf net een ComboFix gedaan, en nu wou het wel.
Zie log
ComboFix 12-02-23.01 - Gebruiker 24-02-2012 12:06:03.5.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3071.1863 [GMT 1:00]
Gestart vanuit: C:\Users\Gebruiker\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
—- Voorgaande Run ——-
C:\Users\Gebruiker\90840413-6000-11D3-8CFE-0150048383C9\FILES\SETUP\OSE.EXE
C:\Users\Gebruiker\90840413-6000-11D3-8CFE-0150048383C9\XLVIEW.MSI
C:\Users\Gebruiker\90840413-6000-11D3-8CFE-0150048383C9\XLVIEWER.CAB
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Fleecetrui no 1.jpg
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Fleecetrui no 2.jpg
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Fleecetrui no 3.jpg
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\no 1.JPG
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\no 1a.JPG
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\no 1b.JPG
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\no 1c.JPG
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\no 1d.JPG
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\no 1e.JPG
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\sam no 1.jpg
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\sam no 2.jpg
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\sam no 3.jpg
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Thumbs.db
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\FILES\SETUP\OSE.EXE
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\WDVIEWER.CAB
C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\WORDVIEW.MSI
C:\Windows\isRS-000.tmp
C:\Windows\IsUn0413.exe
(((((((((((((((((((( Bestanden Gemaakt van 2012-01-24 to 2012-02-24 ))))))))))))))))))))))))))))))
2012-02-24 11:13:39 . 2012-02-24 11:13:39 ——– d—–w- C:\Users\Public\AppData\Local\temp
2012-02-24 11:13:39 . 2012-02-24 11:13:39 ——– d—–w- C:\Users\Default\AppData\Local\temp
2012-02-24 10:56:37 . 2012-02-20 00:05:38 6552120 —-a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60667F2F-41B8-489D-9C0A-E71F7BB895CE}\mpengine.dll
2012-02-23 20:25:58 . 2012-02-24 11:15:32 ——– d—–w- C:\Users\Gebruiker\AppData\Local\temp
2012-02-23 20:10:32 . 2012-02-23 20:11:40 ——– d—–w- C:\TDSSStarter
2012-02-23 16:12:32 . 2012-02-23 16:12:32 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\Gena01
2012-02-17 19:26:09 . 2012-02-17 19:26:18 ——– d—–w- C:\Program Files\Cisco
2012-02-17 19:24:32 . 2011-07-20 15:57:00 728064 —-a-w- C:\Windows\system32\drivers\RTL8192cu.sys
2012-02-17 19:23:40 . 2009-03-31 13:31:22 380928 ——w- C:\Windows\RtlUI2.exe
2012-02-17 19:23:39 . 2012-02-17 19:23:39 ——– d—–w- C:\Program Files\ICIDU
2012-02-17 19:23:39 . 2010-12-01 08:31:18 451072 ——w- C:\Windows\system32\ISSRemoveSP.exe
2012-02-17 19:23:39 . 2009-04-02 09:27:18 188416 ——w- C:\Windows\system32\RTLExtUI.dll
2012-02-17 19:23:39 . 2008-07-01 11:31:16 614400 ——w- C:\Windows\system32\Rtlihvs.dll
2012-02-15 12:57:20 . 2011-12-30 05:27:56 478720 —-a-w- C:\Windows\system32\timedate.cpl
2012-02-15 12:57:16 . 2011-12-16 07:52:58 690688 —-a-w- C:\Windows\system32\msvcrt.dll
2012-02-15 12:57:15 . 2012-01-04 08:58:41 442880 —-a-w- C:\Windows\system32\ntshrui.dll
2012-02-15 12:57:14 . 2012-01-14 03:35:54 2343424 —-a-w- C:\Windows\system32\win32k.sys
2012-02-07 20:32:02 . 2012-02-07 20:32:09 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\QuickScan
2012-02-01 20:29:51 . 2012-02-01 20:30:08 414368 —-a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2012-01-31 22:06:56 . 2010-08-12 10:46:14 758784 —-a-w- C:\Windows\system32\cohelper.dll
2012-01-31 22:06:56 . 2010-08-09 21:33:56 11164 —-a-w- C:\Windows\system32\drivers\nvphy.bin
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
2012-01-29 04:10:42 . 2009-10-29 16:53:55 237072 ——w- C:\Windows\system32\MpSigStub.exe
2012-01-22 16:34:27 . 2010-02-09 15:14:56 5852 –sha-w- C:\ProgramData\KGyGaAvL.sys
2011-12-10 14:24:06 . 2009-12-08 16:49:00 20464 —-a-w- C:\Windows\system32\drivers\mbam.sys
2011-11-27 17:36:31 . 2011-11-27 17:36:40 637848 —-a-w- C:\Windows\system32\npdeployJava1.dll
2011-11-27 17:36:31 . 2010-05-08 23:30:38 567184 —-a-w- C:\Windows\system32\deployJava1.dll
2004-04-27 21:19:20 . 2004-04-27 21:19:20 233160 —-a-w- C:\Program Files\LISTOOL.EXE
2012-02-19 13:20:31 . 2012-02-09 22:11:49 134104 —-a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31:28 1514152 —-a-w- C:\Program Files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2012-01-03 15:31:28 1514152]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 12:17:41 1174016]
"Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2011-09-07 17:07:48 522752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Standby"="c:\Program Files\Common Files\Corel\Standby\Standby.exe" [2010-01-07 12:09:38 105632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 16:55:10 55824]
"HDAudDeck"="C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 16:43:14 1486848]
"EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 08:12:12 976320]
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 13:53:18 460872]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 07:37:53 843712]
"ApnUpdater"="C:\Program Files\Ask.com\Updater\Updater.exe" [2012-01-03 15:31:34 1391272]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 22:25:58 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28:42 72208 —-a-w- c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-02-03 19:59:00 4617600 —-a-w- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 10:10:02 3276800]
R3 netr28;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista;C:\Windows\system32\DRIVERS\netr28.sys [2009-07-13 22:02:53 530944]
R3 OlyCamComm;OLYMPUS USB Communication Device;C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 13:58:26 21648]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 20:37:50 4640000]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\Windows\system32\DRIVERS\wg111v2.sys [2006-03-27 16:53:28 167808]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 10:24:41 52224]
R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-29 07:35:44 1343400]
S1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys [2011-03-04 12:23:20 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 17:36:18 23856]
S1 qtsmon;qtsmon;C:\Windows\system32\drivers\qtsmon.sys [2010-12-05 20:58:25 72488]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 16:27:02 12880]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 21:55:22 67664]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 23:52:04 48128]
S2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 23:38:07 116608]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 15:07:14 759048]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 13:10:42 63928]
S2 cpuz135;cpuz135;C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 14:35:30 21992]
S2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 16:09:10 1253376]
S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 13:53:18 652360]
S2 Realtek11nCU;Realtek11nCU;C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtlService.exe [2010-04-16 15:10:58 36864]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Windows\System32\nvSCPAPISvr.exe [2009-07-08 08:40:00 239648]
S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19:27:16 19984]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2011-12-10 14:24:06 20464]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda32v.sys [2011-04-24 06:39:18 139368]
S3 RTL8192cu;ICIDU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192cu.sys [2011-07-20 15:57:00 728064]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 18:17:44 1077760]
Inhoud van de 'Gedeelde Taken' map
2012-02-23 C:\Windows\Tasks\ParetoLogic Registration3.job
- C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01:44 . 2009-10-12 05:01:44]
2012-01-18 C:\Windows\Tasks\ParetoLogic Update Version3.job
- C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01:44 . 2009-10-12 05:01:44]
2012-01-01 C:\Windows\Tasks\PC Health Advisor Defrag.job
- C:\Program Files\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30:42 . 2011-10-25 21:30:42]
2012-01-01 C:\Windows\Tasks\PC Health Advisor.job
- C:\Program Files\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30:42 . 2011-10-25 21:30:42]
2012-02-23 C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5266950a-7bbe-4fa4-8790-e905444a7905.job
- C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52:29 . 2011-05-04 17:52:29]
2012-01-17 C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 67e4716e-1758-4974-92fa-d5f088a0e513.job
- C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52:29 . 2011-05-04 17:52:29]
——- Bijkomende Scan ——-
uStart Page = hxxp://www.weerdirect.nl/
IE: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{761FAEE5-5881-4875-B8A4-9B0153CD0BE4}: NameServer = 192.168.0.1,8.8.8.8
FF - ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.weerdirect.nl/|about:home|about:addons|https://addons.mozilla.org/nl/firefox/extensions/privacy-security/|https://addons.mozilla.org/nl/firefox/extensions/bookmarks/|http://www.xmarks.com/firefox/success/4.0.5|http://www.weerdirect.nl/
- - - - ORPHANS VERWIJDERD - - - -
Toolbar-Locked - (no file)
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MpsSvc]
"ImagePath"="."
——————— VERGRENDELDE REGISTER SLEUTELS ———————
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{20182402-24ED-DBEE-0C047CC941A92C12}\{18337038-91FA-1511-718667CAE01F35A0}\{7E9CBDE1-C583-B4C7-27A5326796C918BF}*]
"UVGVJYB6UQSPF6JR6UE1ONOSMA1"=hex:01,00,01,00,00,00,00,00,3c,a7,2e,28,c9,e8,26,
60,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E20DD46F-0CC4-5960-1B1F69E13D145F9C}\{B130274E-D0E8-282B-E7F07B1EE1210709}\{71D795F0-66AF-00D6-EF71DCAC5CDD95C3}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,ba,93,b4,
48,97,f2,a9,9c,75,bc,f0,93,ac,98,e4,60,71,28,20,2a,8e,f3,66,89,de,ef,5f,0f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EDCF6AC6-CDE0-1F6D-043771A983FAB740}\{0B884C8F-0AAB-F925-A63B97C7F3A43931}\{965D33BD-6599-2D1D-7E8A152D666CAEE5}*]
"UVGVJYB6UQSPF6JR6UE1ONOSMA1"=hex:01,00,01,00,00,00,00,00,3c,a7,2e,28,c9,e8,26,
60,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F64D8EBD-3DAE-BD3C-0991ACE292CAB5ED}\{17BB8CA8-D706-1AC7-CFA17C6657F849D4}\{8429EDDF-869B-0FCF-6695830B33322B0A}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,ba,93,b4,
48,97,f2,a9,9c,75,bc,f0,93,ac,98,e4,60,71,28,20,2a,8e,f3,66,89,de,ef,5f,0f,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
———————— Andere Aktieve Processen ————————
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWlan.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\sppsvc.exe
**************************************************************************
Voltooingstijd: 2012-02-24 12:20:45 - machine werd herstart
ComboFix-quarantined-files.txt 2012-02-24 11:20:38
Pre-Run: 271.133.822.976 bytes beschikbaar
Post-Run: 270.737.760.256 bytes beschikbaar
- - End Of File - - 6DD91C283FB19554EFCC876C19D3A295 - Ik vroeg iets anders, maar heb je nu hetzelfde Combofix bestand gebruikt?
- Hier bij de log DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.2.0
Run by Gebruiker at 12:48:57 on 2012-02-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3071.1908 [GMT 1:00]
.
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtlService.exe
C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWlan.exe
C:\Windows\System32\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Common Files\Corel\Standby\Standby.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.weerdirect.nl/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup
mRun: [Standby] "c:\program files\common files\corel\standby\Standby.exe" -START
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avp] "c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe"
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Toevoegen aan Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2012\ie_banner_deny.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1\nuclea~1\videoget\plugins\VIDEOG~1.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{3684D2E1-CE4E-49F6-A09B-C8B04E94266C}\3596475636F6D6349364341434 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{761FAEE5-5881-4875-B8A4-9B0153CD0BE4} : NameServer = 192.168.0.1,8.8.8.8
TCP: Interfaces\{B2D9438F-4A8B-45F1-8569-663FDBF8FD73} : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: klogon - c:\windows\system32\klogon.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\gebruiker\appdata\roaming\mozilla\firefox\profiles\0puaba5v.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.weerdirect.nl/|about:home|about:addons|https://addons.mozilla.org/nl/firefox/extensions/privacy-security/|https://addons.mozilla.org/nl/firefox/extensions/bookmarks/|http://www.xmarks.com/firefox/success/4.0.5|http://www.weerdirect.nl/
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 23856]
R1 qtsmon;qtsmon;c:\windows\system32\drivers\qtsmon.sys [2010-12-5 72488]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AVP;Kaspersky Anti-Virus-service;c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe -r –> c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe -r [?]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-1-24 21992]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\common files\magix services\database\bin\FABS.exe [2009-8-27 1253376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-5 652360]
R2 Realtek11nCU;Realtek11nCU;c:\program files\icidu\icidu 11n usb wireless lan\RtlService.exe [2012-2-17 36864]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\system32\nvSCPAPISvr.exe [2009-7-8 239648]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-12-8 20464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-4-24 139368]
R3 RTL8192cu;ICIDU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2012-2-17 728064]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-10-30 1077760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\common files\magix services\database\bin\fbserver.exe [2008-8-7 3276800]
S3 netr28;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista;c:\windows\system32\drivers\netr28.sys [2009-6-10 530944]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [2009-9-10 21648]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2006-3-27 167808]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-26 52224]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-29 1343400]
.
=============== Created Last 30 ================
.
2012-02-24 11:15:26 ——– d—–w- C:\$RECYCLE.BIN
2012-02-24 11:05:15 ——– d—–w- C:\ComboFix
2012-02-24 10:56:37 6552120 —-a-w- c:\programdata\microsoft\windows defender\definition updates\{60667f2f-41b8-489d-9c0a-e71f7bb895ce}\mpengine.dll
2012-02-23 23:31:11 ——– d—–w- c:\users\gebruiker\appdata\local\{BA70DCA6-29F7-4D37-A029-A822C8AA59A3}
2012-02-23 23:30:53 ——– d—–w- c:\users\gebruiker\appdata\local\{F15AA22F-10C8-418B-BBF6-C028B9632CAC}
2012-02-23 23:25:15 ——– d—–w- c:\users\gebruiker\appdata\local\{024447C7-3C1C-4913-9519-3AC9BD30110B}
2012-02-23 23:25:00 ——– d—–w- c:\users\gebruiker\appdata\local\{5B41F9FB-5955-4C8C-A11D-16D3F64B90FE}
2012-02-23 20:25:58 ——– d—–w- c:\users\gebruiker\appdata\local\temp
2012-02-23 20:17:20 98816 —-a-w- c:\windows\sed.exe
2012-02-23 20:17:20 518144 —-a-w- c:\windows\SWREG.exe
2012-02-23 20:17:20 256000 —-a-w- c:\windows\PEV.exe
2012-02-23 20:17:20 208896 —-a-w- c:\windows\MBR.exe
2012-02-23 20:10:32 ——– d—–w- C:\TDSSStarter
2012-02-23 16:12:32 ——– d—–w- c:\users\gebruiker\appdata\roaming\Gena01
2012-02-22 20:31:01 ——– d—–w- c:\users\gebruiker\appdata\local\{E1F3EEA8-E661-47F7-9E64-79983EE2094B}
2012-02-22 20:30:46 ——– d—–w- c:\users\gebruiker\appdata\local\{82303AAB-68B6-44D3-A508-670634008263}
2012-02-20 19:36:21 ——– d—–w- c:\users\gebruiker\appdata\local\{9A6CF412-B611-4982-8588-56130F9F1B44}
2012-02-20 19:36:05 ——– d—–w- c:\users\gebruiker\appdata\local\{1019811F-AC2A-41E0-9C83-3C447F57CAA9}
2012-02-19 10:29:00 ——– d—–w- c:\users\gebruiker\appdata\local\{82296463-37F7-4888-B8B8-7F13D0860E62}
2012-02-19 10:28:44 ——– d—–w- c:\users\gebruiker\appdata\local\{F79C2EFF-5F5D-4ECA-AC5C-98D6690210D8}
2012-02-18 09:54:06 ——– d—–w- c:\users\gebruiker\appdata\local\{2F8B0BA6-845F-4116-8C1F-3647A21522AA}
2012-02-18 09:53:51 ——– d—–w- c:\users\gebruiker\appdata\local\{5A41CEC7-B02A-4A06-87CF-0C5C4FBE9B17}
2012-02-17 20:06:52 ——– d—–w- c:\users\gebruiker\appdata\local\{1E72C4D4-EE29-45BC-8B44-9589794C55C9}
2012-02-17 20:06:36 ——– d—–w- c:\users\gebruiker\appdata\local\{60B8FEE8-4798-4D4B-8A5A-A640AEBEF6AF}
2012-02-17 20:03:25 ——– d—–w- c:\users\gebruiker\appdata\local\{4045A5D5-62E7-40E6-A7E1-BF0FDC221A27}
2012-02-17 19:31:40 ——– d—–w- c:\users\gebruiker\appdata\local\{6F0EC1C8-D106-42B6-B338-6E257EC12DC2}
2012-02-17 19:26:09 ——– d—–w- c:\program files\Cisco
2012-02-17 19:24:32 728064 —-a-w- c:\windows\system32\drivers\RTL8192cu.sys
2012-02-17 19:23:40 380928 ——w- c:\windows\RtlUI2.exe
2012-02-17 19:23:39 614400 ——w- c:\windows\system32\Rtlihvs.dll
2012-02-17 19:23:39 451072 ——w- c:\windows\system32\ISSRemoveSP.exe
2012-02-17 19:23:39 188416 ——w- c:\windows\system32\RTLExtUI.dll
2012-02-17 19:23:39 ——– d—–w- c:\program files\ICIDU
2012-02-16 10:58:27 ——– d—–w- c:\users\gebruiker\appdata\local\{7B67AB62-21A3-4E3D-965C-E1FCB8FCCD99}
2012-02-16 10:58:15 ——– d—–w- c:\users\gebruiker\appdata\local\{D437030D-1B3F-4EB0-ADF5-D4A3E3B99C78}
2012-02-15 12:58:52 ——– d—–w- c:\users\gebruiker\appdata\local\{DC1514F3-FC5D-4090-B960-37488367ECF6}
2012-02-15 12:58:40 ——– d—–w- c:\users\gebruiker\appdata\local\{39AA9792-7E2F-4C7B-97AB-2561E2DA2144}
2012-02-15 12:57:20 478720 —-a-w- c:\windows\system32\timedate.cpl
2012-02-15 12:57:16 690688 —-a-w- c:\windows\system32\msvcrt.dll
2012-02-15 12:57:15 442880 —-a-w- c:\windows\system32\ntshrui.dll
2012-02-15 12:57:14 2343424 —-a-w- c:\windows\system32\win32k.sys
2012-02-13 21:53:58 ——– d—–w- c:\users\gebruiker\appdata\local\{11BA6868-AE7B-4E31-9743-F0DCF32A2E68}
2012-02-13 21:53:43 ——– d—–w- c:\users\gebruiker\appdata\local\{A7122145-B4B9-405A-83BE-BC311C7705F0}
2012-02-12 10:53:52 ——– d—–w- c:\users\gebruiker\appdata\local\{A4454365-3ECD-49D7-BF3A-F8058662058B}
2012-02-12 10:53:18 ——– d—–w- c:\users\gebruiker\appdata\local\{7BED1ECC-AC11-4B4B-88FC-F23EF1BFBE89}
2012-02-11 16:06:18 ——– d—–w- c:\users\gebruiker\appdata\local\{644D91C9-BD09-44C9-95F1-A39B462B9B28}
2012-02-11 16:06:02 ——– d—–w- c:\users\gebruiker\appdata\local\{0793D0DB-3811-48A7-9197-CD6EF9544170}
2012-02-10 10:45:31 ——– d—–w- c:\users\gebruiker\appdata\local\{DDD93067-54E1-448F-BC90-79298793FC30}
2012-02-10 10:45:19 ——– d—–w- c:\users\gebruiker\appdata\local\{82311238-9323-4FF1-BD5B-6E2FB8110BE5}
2012-02-09 15:30:54 ——– d—–w- c:\users\gebruiker\appdata\local\{2E41C5AE-750F-45AF-B88C-2724F7233E64}
2012-02-09 15:30:41 ——– d—–w- c:\users\gebruiker\appdata\local\{87353E9A-D349-423F-A972-759AA5911FBE}
2012-02-08 20:55:36 ——– d—–w- c:\users\gebruiker\appdata\local\{023429B0-0D07-49D8-B0D9-3CD5971EEA4A}
2012-02-08 19:38:39 ——– d—–w- c:\users\gebruiker\appdata\local\{6A4384F5-DB17-49DF-998E-357FF996EDB1}
2012-02-07 20:32:02 ——– d—–w- c:\users\gebruiker\appdata\roaming\QuickScan
2012-02-07 19:38:22 ——– d—–w- c:\users\gebruiker\appdata\local\{38E54F4F-B31A-42FB-8ED7-6820F8C33CC3}
2012-02-07 19:38:10 ——– d—–w- c:\users\gebruiker\appdata\local\{C3CD0BA9-81A6-4805-97E5-B5A03B32D325}
2012-02-06 19:53:00 ——– d—–w- c:\users\gebruiker\appdata\local\{D742C306-501D-4153-A171-4512502CDA81}
2012-02-06 19:52:48 ——– d—–w- c:\users\gebruiker\appdata\local\{EC36C1A7-717B-4E98-9279-E6FC44F5547A}
2012-02-05 19:49:41 ——– d—–w- c:\users\gebruiker\appdata\local\{9313AF1B-1216-4840-9BE2-65DF67D15875}
2012-02-05 19:49:29 ——– d—–w- c:\users\gebruiker\appdata\local\{E4E82B75-924D-4A57-96DC-A5DAC512BE4C}
2012-02-04 12:40:48 ——– d—–w- c:\users\gebruiker\appdata\local\{5236D4A7-F612-45D1-A0A7-875E4F2F1580}
2012-02-04 12:40:37 ——– d—–w- c:\users\gebruiker\appdata\local\{B8D09761-446E-4C3A-BDFF-DD6B0C4295EB}
2012-02-03 19:39:07 ——– d—–w- c:\users\gebruiker\appdata\local\{B05174D5-11EC-4B41-AB9E-DB1EEFB58CF3}
2012-02-03 19:38:56 ——– d—–w- c:\users\gebruiker\appdata\local\{5EC88008-33D0-40C7-9D2D-F635727ADE6D}
2012-02-02 16:04:09 ——– d—–w- c:\users\gebruiker\appdata\local\{15E33A8A-D61D-4011-A8C1-978DCF401750}
2012-02-02 16:03:57 ——– d—–w- c:\users\gebruiker\appdata\local\{54A32355-340E-4865-8F1C-C02681C1A145}
2012-02-01 20:29:51 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-01 12:47:16 ——– d—–w- c:\users\gebruiker\appdata\local\{37995663-F59B-4808-952B-27299994F2F5}
2012-02-01 12:47:04 ——– d—–w- c:\users\gebruiker\appdata\local\{402E8633-248C-442A-9839-12323B792AF5}
2012-01-31 22:06:56 758784 —-a-w- c:\windows\system32\cohelper.dll
2012-01-31 22:06:56 11164 —-a-w- c:\windows\system32\drivers\nvphy.bin
2012-01-31 19:28:30 ——– d—–w- c:\users\gebruiker\appdata\local\{9D4CAF9A-5EA8-4BE3-A7BA-FE0902BFAF82}
2012-01-31 19:28:19 ——– d—–w- c:\users\gebruiker\appdata\local\{8A0582FA-AD33-41C2-9B93-59DA2371E5E8}
2012-01-30 19:11:44 ——– d—–w- c:\users\gebruiker\appdata\local\{EED838C2-2980-40DD-8EE2-7E1393CA62FC}
2012-01-30 19:11:33 ——– d—–w- c:\users\gebruiker\appdata\local\{67D02E15-793A-4EB8-B9B9-2E0E70E1A36A}
2012-01-29 10:49:01 ——– d—–w- c:\users\gebruiker\appdata\local\{B791AE7F-CD90-41A6-80FC-9E27CFFB8315}
2012-01-29 10:48:50 ——– d—–w- c:\users\gebruiker\appdata\local\{BCCF8955-832E-4CB3-B08D-10DA39C50537}
2012-01-28 22:48:17 ——– d—–w- c:\users\gebruiker\appdata\local\{16FE51E5-4F47-4A01-946C-C0797686E500}
2012-01-28 22:48:05 ——– d—–w- c:\users\gebruiker\appdata\local\{923B7CC7-A94E-46C6-BC0A-09268A3B2DBF}
2012-01-28 10:47:23 ——– d—–w- c:\users\gebruiker\appdata\local\{9FECD977-B0BD-49ED-B29E-1843C15F2319}
2012-01-28 10:47:11 ——– d—–w- c:\users\gebruiker\appdata\local\{49B785B5-361B-4B63-BFD0-CD5EF6BC8107}
2012-01-27 10:41:28 ——– d—–w- c:\users\gebruiker\appdata\local\{88B7B634-3801-4550-BBCB-04AB1837E797}
2012-01-27 10:41:16 ——– d—–w- c:\users\gebruiker\appdata\local\{1B7409F4-2AD7-495F-A88E-80B457AD8E7A}
2012-01-26 19:51:23 ——– d—–w- c:\users\gebruiker\appdata\local\{46664126-3B22-4ACC-8591-BEBF5BA636F8}
2012-01-26 19:51:12 ——– d—–w- c:\users\gebruiker\appdata\local\{BA3A22B4-5114-418D-9A26-0B8D77FA16FD}
2012-01-26 07:50:41 ——– d—–w- c:\users\gebruiker\appdata\local\{7829AFBD-8626-476A-B617-C96F225D7818}
2012-01-26 07:50:26 ——– d—–w- c:\users\gebruiker\appdata\local\{B2FB0DFA-4235-4934-AA1E-5A139A0EC9EF}
2012-01-25 16:11:44 ——– d—–w- c:\users\gebruiker\appdata\local\{5FC06408-9702-4173-94B3-EAD4DB649DF0}
2012-01-25 16:11:29 ——– d—–w- c:\users\gebruiker\appdata\local\{A4013746-00D8-4B1B-B297-8BDE0BD53783}
2012-01-25 13:37:10 ——– d—–w- c:\users\gebruiker\appdata\local\{62E220E9-35F1-4820-B5C1-B521F796E6BC}
.
==================== Find3M ====================
.
2012-01-29 04:10:42 237072 ——w- c:\windows\system32\MpSigStub.exe
2012-01-22 16:34:27 5852 –sha-w- c:\programdata\KGyGaAvL.sys
2011-12-14 03:04:54 1798656 —-a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 —-a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 —-a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2011-12-10 14:24:06 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
2011-11-27 17:36:31 637848 —-a-w- c:\windows\system32\npdeployJava1.dll
2011-11-27 17:36:31 567184 —-a-w- c:\windows\system32\deployJava1.dll
2004-04-27 21:19:20 233160 —-a-w- c:\program files\LISTOOL.EXE
.
============= FINISH: 12:49:10,82 =============== - En vertel ook maar waarom jij dat [b:b368067f60]ParetoLogic[/b:b368067f60] in jouw Windows hebt zitten?
Een volkomen obscuur programma!
We gaan nu als eerste zoeken waar dat krenh zoal in jouw Windows zit!
[b:b368067f60]"Zoek.exe" gebruiken[/b:b368067f60]:
[list:b368067f60][*:b368067f60] [b:b368067f60] - ComboFix had ik opnieuw gedownload.
Ja dat progamma had ik voor register opschonen, en drivers bij houden.
Maar als het verstanderig is om het te verwijderen dan doen we dat.
Log nu is het wel goed.
Zoek.exe Version 2.0.0.5 Updated 23-02-2012
Tool run by Gebruiker on vr 24-02-2012 at 13:06:49,82.
==== Folders Found ======================
2012-01-01 21:17:28 2012-01-01 21:17:28 ——– d—–w- C:\Program Files\ParetoLogic
2011-01-23 21:24:33 2011-01-23 21:24:33 ——– d—–w- C:\Program Files\Common Files\ParetoLogic
2011-01-23 21:24:33 2011-01-23 21:24:33 ——– d—–w- C:\ProgramData\ParetoLogic
2011-01-23 21:24:33 2011-01-23 21:24:33 ——– d—–w- C:\Users\All Users\ParetoLogic
2011-01-23 21:24:46 2011-01-23 21:24:46 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\ParetoLogic
2012-01-01 21:17:36 2012-01-02 21:50:44 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
==== Files Found ======================
— C:\Program Files\Common Files\ParetoLogic\UUS3\ParetoLogicUpdate.chm —
Company: ——
File Description: ——
File Version: ——
Product Name: ——
Copyright: ——
Original Filename: ——
File type: —-a-w-
File size: 70805
Created time: 2009-10-12 05:01:44
Modified time: 2009-10-12 05:01:44
MD5: 99E2832D260ED2A447A63696A7205EF9
SHA1: D7A72FE79BD6C082EBC8B82D44FDE8494DA78D67
— C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic\PC Health Advisor\ParetoLogic PC Health Advisor.lnk —
Company: ——
File Description: ——
File Version: ——
Product Name: ——
Copyright: ——
Original Filename: ——
File type: —-a-w-
File size: 1107
Created time: 2012-01-01 21:17:36
Modified time: 2012-01-01 21:17:36
MD5: 724B05EB67DDEE9FF3868A1D5341E7B3
SHA1: 732A2B848FA8FDC9A5957FABAC282FB04C98297B
— C:\Users\Gebruiker\Desktop\ParetoLogic PC Health Advisor.lnk —
Company: ——
File Description: ——
File Version: ——
Product Name: ——
Copyright: ——
Original Filename: ——
File type: —-a-w-
File size: 1071
Created time: 2012-01-01 21:17:35
Modified time: 2012-01-01 21:17:36
MD5: 8936827C064ADC32FE20FB5564614ACA
SHA1: 8E5CBA7280C203C72949B017F9F585534A0D167C
— C:\Users\Gebruiker\Documents\Downloads\ParetoLogic PC Health Advisor.exe —
Company: ParetoLogic Inc.
File Description: PC Health Advisor Installer
File Version: 3.0.0.0
Product Name:
Copyright: Copyright © 2010 ParetoLogic Inc.
Original Filename:
File type: —-a-w-
File size: 5193608
Created time: 2011-01-23 21:23:44
Modified time: 2011-01-23 21:23:45
MD5: 47E8AF3295F5C2BC64F6AF335D502A69
SHA1: 3E24751D02BEF712601D36B72E0B229EFD1E0544
— C:\Windows\System32\Tasks\ParetoLogic Registration3 —
Company: ——
File Description: ——
File Version: ——
Product Name: ——
Copyright: ——
Original Filename: ——
File type: —-a-w-
File size: 3124
Created time: 2011-01-23 21:24:52
Modified time: 2011-01-23 21:24:52
MD5: E3D3318FFE4BFCDC5FA3F8E4DC87A6B6
SHA1: 3BB796AF025D62F8D8DFFF43CE261C7DE83B2C28
— C:\Windows\System32\Tasks\ParetoLogic Update Version3 —
Company: ——
File Description: ——
File Version: ——
Product Name: ——
Copyright: ——
Original Filename: ——
File type: —-a-w-
File size: 3250
Created time: 2011-01-23 21:24:36
Modified time: 2011-01-23 21:24:40
MD5: F430BC26DA99A37B2C1CC02D31BBD023
SHA1: A74C6CF80F23782A3B9CA62A7CE307F23578D5BE
— C:\Windows\Tasks\ParetoLogic Registration3.job —
Company: ——
File Description: ——
File Version: ——
Product Name: ——
Copyright: ——
Original Filename: ——
File type: —-a-w-
File size: 452
Created time: 2011-01-23 21:24:52
Modified time: 2012-02-23 17:00:00
MD5: 661C366E357DBFF53439867E23A7F245
SHA1: 1755C4C308EDBD11E8C0750876CCE8F8ABDC9AAF
— C:\Windows\Tasks\ParetoLogic Update Version3.job —
Company: ——
File Description: ——
File Version: ——
Product Name: ——
Copyright: ——
Original Filename: ——
File type: —-a-w-
File size: 426
Created time: 2011-01-23 21:24:36
Modified time: 2012-01-18 04:21:04
MD5: 7198DF725C25E90F110F473BAD447648
SHA1: D60836446CF3F1E303D1E75D86D78A370E668ADD - Dan gaan we nu Paretologic verwijderen.
[b:5d9b256cde]"Zoek.exe" gebruiken[/b:5d9b256cde]:
[list:5d9b256cde][*:5d9b256cde] [b:5d9b256cde]
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
