Ga naar inhoud

VUUR

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    140

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door VUUR

  1. VUUR
    Na lange tijd is het tijd om mijn oude pc gedag te zeggen en een nieuwe aan te schaffen. Ik heb zoveel verschillende specificaties gezien dat ik nu helemaal de kluts kwijt ben. Mijn eerste overweging was om een [h=4]MEDION® ERAZER® PC X5371 D aan te schaffen maar na een aantal reviews en ontevreden klanten heb ik hier vanaf gezien. Nu denk ik eraan om een pc samen te stellen die volledig aan mijn wensen voldoet en graag zou ik hierbij jullie mening willen. [/h] Waarvoor heb ik een PC nodig ? - Gamen, video bewerking met pinacle, foto bewerking en internetten Wat is mijn budget ? - Mijn budget is tot 1300 euro Een merkcomputer of een samenstelling ? - Samenstelling Ga ik overklokken ? - Misschien Ga ik later upgraden ? - misschien als iets vervangen moet worden Heb ik al die nieuwe functies wel nodig ? ja Ga ik zelf assembleren ? - nee Heb ik een besturingssysteem nodig ? - ja, Windows 8 (64bits). Ga ik zelf installeren ? - nee Heb ik een voorkeur aan onderdelen ? - Intel Core i7 3820 (of 3770 k) / 3.6 GHz processor Heb ik nog randapparatuur nodig ? - Ja Heb ik specifieke wensen ? - stille koeler, 2TB hardeschijf, SSD 128GB, minimaal 2GB videokaart en indien mogelijk WLAN/Wifi Woont u in Nederland of België, wil u bestellen bij een specifieke (web)winkel ?- woonachtig in NL en geen specifieke (web)winkel maar ik heb 3 voorkeur winkels: flexcomputer.nl, Azerty,gamepc.nl Ik hoop dat jullie me hierbij kunnen helpen en alvast bedankt voor jullie tips. [h=4][/h]
  2. VUUR
    Hallo Jean-Pierre, Sorry voor de late reactie, ik heb het uitgeprobeerd met het bovenstaande maar helaas heeft het geen effect gehad voor mij. Dus ik denk dat mijn brander niet meer te redden is. In ieder geval bedankt voor de tip.
  3. VUUR
    Bedankt
  4. VUUR
    Ik heb Eset opnieuw opgestart en alles was goed. Hij heeft geen virus gevonden.
  5. VUUR
    Hierbij de inhoud van het logbestand : ComboFix 12-07-08.02 - Administrator 09-07-2012 19:54:10.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.633 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe AV: ESET Smart Security 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Cortafuegos personal de ESET *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Application Data\02639.exe c:\documents and settings\Administrator\Application Data\04699.exe c:\documents and settings\Administrator\Application Data\07290.exe c:\documents and settings\Administrator\Application Data\19289.exe c:\documents and settings\Administrator\Application Data\20786.exe c:\documents and settings\Administrator\Application Data\22296.exe c:\documents and settings\Administrator\Application Data\23724.exe c:\documents and settings\Administrator\Application Data\36734.exe c:\documents and settings\Administrator\Application Data\45073.exe c:\documents and settings\Administrator\Application Data\52315.exe c:\documents and settings\Administrator\Application Data\55498.exe c:\documents and settings\Administrator\Application Data\56901.exe c:\documents and settings\Administrator\Application Data\64505.exe c:\documents and settings\Administrator\Application Data\79569.exe c:\documents and settings\Administrator\Application Data\81837.exe c:\documents and settings\Administrator\Application Data\89234.exe c:\documents and settings\Administrator\Application Data\93583.exe c:\documents and settings\Administrator\Application Data\95121.exe c:\documents and settings\Administrator\Application Data\96306.exe c:\documents and settings\Administrator\Application Data\98291.exe c:\documents and settings\Administrator\Application Data\Administratorlog.dat c:\documents and settings\Administrator\Application Data\FacbookUpdate.exe c:\documents and settings\Administrator\Application Data\Facebook\Update\FacebookVideoCall.exe c:\documents and settings\Administrator\dct-maker.exe c:\documents and settings\Administrator\unrar-x64.exe c:\documents and settings\Administrator\wget.exe c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\hpoddt01.exe.lnk c:\documents and settings\Default User\DelDB2.tmp c:\program files\TNod User & Password Finder\TNODUP.exe C:\RunDLL32.exe c:\windows\system32\config\systemprofile\DelDB2.tmp c:\windows\XSxS . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-09 to 2012-07-09 )))))))))))))))))))))))))))))) . . 2012-07-05 09:30 . 2012-07-05 09:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic 2012-07-05 09:25 . 2012-05-26 10:36 178176 ----a-w- c:\windows\system32\unrar.dll 2012-07-04 06:48 . 2012-07-09 12:08 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2012-07-02 09:52 . 2012-07-02 09:52 -------- d-----w- c:\program files\Common Files\xing shared 2012-07-02 09:51 . 2012-07-02 09:51 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-07-02 09:51 . 2012-07-02 09:51 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-07-02 09:50 . 2012-07-03 06:58 -------- d-----w- c:\windows\SxsCaPendDel 2012-06-29 19:45 . 2012-06-29 19:45 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-29 19:45 . 2012-06-29 19:45 -------- d-----w- c:\program files\Trend Micro 2012-06-29 19:35 . 2012-06-29 19:35 -------- d-----w- c:\windows\system32\wbem\Repository 2012-06-29 18:04 . 2012-06-29 18:04 -------- d-----w- c:\program files\Common Files\Java 2012-06-29 18:04 . 2012-06-29 18:04 -------- d-----w- c:\program files\Oracle 2012-06-29 18:03 . 2012-06-29 18:03 -------- d-----w- c:\program files\Java 2012-06-29 17:52 . 2012-06-29 18:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\Umotc 2012-06-29 17:52 . 2012-06-29 19:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\tor 2012-06-28 17:34 . 2012-07-09 12:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\dclogs 2012-06-26 16:15 . 2012-06-26 16:15 147104 ----a-w- c:\documents and settings\Administrator\unrar-x32.exe 2012-06-23 23:07 . 2012-06-23 23:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Facebook 2012-06-23 15:13 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-23 15:10 . 2012-07-09 17:58 -------- d-----w- c:\program files\TNod User & Password Finder . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-02 13:19 . 2002-12-31 12:00 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2010-10-28 10:06 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2010-10-28 10:06 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2010-10-28 10:06 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2010-10-28 10:06 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2010-10-28 10:06 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-07-01 18:43 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2008-07-01 18:41 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2002-12-31 12:00 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2010-10-28 10:06 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2002-12-31 12:00 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2010-10-28 10:06 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2002-12-31 12:00 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2002-12-31 12:00 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2008-07-01 18:43 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2008-07-01 18:43 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2008-04-14 20:32 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2008-07-03 21:30 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:55 . 2008-04-14 20:05 1863296 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:44 . 2008-07-03 21:30 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2008-04-14 20:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2008-07-03 21:30 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 06:45 . 2008-04-14 20:11 2073472 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-05 03:15 . 2008-04-14 20:12 2196992 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-02 13:47 . 2010-10-28 10:03 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-07-02 296096] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "nltide_3"="advpack.dll" [2009-03-08 128512] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ hp psc 2000 Series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-4-9 323646] . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "TapiSrv"=3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Administrator\\Application Data\\spread2706.exe"= . R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29-7-2010 13:31 115008] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12-8-2010 14:16 810144] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [23-1-2012 6:43 92592] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30-9-2010 17:12 1051968] R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [5-3-2009 10:37 27520] R3 Prof;%Prof.DVBSDesc%;c:\windows\system32\drivers\Prof7300.sys [5-3-2011 16:14 212224] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25-2-2010 11:18 10064] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map . 2011-05-26 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 2170 series272A572217594EBCF1CEE215E352B92AD073FDE4288307798.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 15:56] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-651377827-1417001333-500Core.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-03 18:38] . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-651377827-1417001333-500UA.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-03 18:38] . 2012-07-09 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1085031214-651377827-1417001333-500.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 10:00] . 2012-07-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1085031214-651377827-1417001333-500.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 10:00] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://www.xvid.org/ uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-Facebookvideochat - c:\documents and settings\Administrator\Application Data\Facebook\Update\FacebookVideoCall.exe HKCU-Run-FacbookUpdate - c:\documents and settings\Administrator\Application Data\FacbookUpdate.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-09 19:58 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1085031214-651377827-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,c1,24,21,e3,a0,dc,4e,b5,23,b6,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,c1,24,21,e3,a0,dc,4e,b5,23,b6,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(896) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2012-07-09 20:01:03 ComboFix-quarantined-files.txt 2012-07-09 18:01 . Pre-Run: 70.318.751.744 bytes beschikbaar Post-Run: 70.501.990.400 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 061B4BA2F3675C66D00FC09FED629543
  6. VUUR
    Hallo allemaal, Sinds kort heb ik de autorun.inf virus op mijn computer, althans dat zegt ESET smart security. Mijn antivirus heeft deze virus opgemerkt maar kan deze niet verwijderen. Nu heb ik een logje gemaakt met Hijackthis. Kan iemand er naar kijken en mij vertellen wat ik weg moet halen? Alvast bedankt. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:17:36, on 9-7-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\program files\real\realplayer\update\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Documents and Settings\Administrator\Application Data\FacbookUpdate.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Documents and Settings\Administrator\Local Settings\Temp\plugtmp\Services.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\Documents and Settings\Administrator\Local Settings\Temp\plugtmp\Adobe.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Xvid.org: Home of the Xvid Codec R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebookvideochat] C:\Documents and Settings\Administrator\Application Data\Facebook\Update\FacebookVideoCall.exe O4 - HKCU\..\Run: [FacbookUpdate] C:\Documents and Settings\Administrator\Application Data\FacbookUpdate.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 6744 bytes
  7. VUUR
    Ik wil de brander inderdaad nog proberen te reanimeren, dus ik zal de stappen op de site volgen. Zodra ik dit heb uitgevoerd zal ik laten weten hoe het is afgelopen.
  8. VUUR
    Hallo allemaal, Ik heb een redelijke oude computer met windows XP. Hij werkt nog naar behoren maar de laatste tijd doet de dvd-brander het niet. Hij doet helemaal niks meer, zowel niet branden als lezen. Als ik er een dvd instop lijkt het alsof deze gaat opstarten maar na een tijdje hoor je alleen nog maar een tikkend geluid. Als ik naar de apparaatbeheer ga, zie ik mijn dvd brander staan als ik deze dan open staat er dat het apparaat correct werkt terwijl hij het niet doet. Weet iemand hoe ik dit kan oplossen? Alvast bedankt.
  9. VUUR
    Nadat ik de stappen die u heeft verteld heb gevolgd, is mijn pc weer helemaal in orde! Het probleem is dus opgelost en kan op slot. Nogmaals bedankt!!
  10. VUUR
    De toestand van mijn pc is beter en sneller, nogmaals bedankt.
  11. VUUR
    Hoi Kape, Bedankt voor de snelle reactie, hieronder de comboFix logbestand. ComboFix 12-04-16.02 - Pillar 16-04-2012 23:07:54.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.520 [GMT 2:00] Gestart vanuit: c:\documents and settings\Pillar\Mijn documenten\Downloads\ComboFix.exe AV: AVG Anti-Virus *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Pillar\LOCALS~1\Temp\c06086cf-47b1-4760-b263-4e4271d9922f\CliSecureRT.dll c:\documents and settings\All Users\Application Data\JTiCagiPTU5LLZ c:\documents and settings\Pillar\Local Settings\Temp\c06086cf-47b1-4760-b263-4e4271d9922f\CliSecureRT.dll c:\documents and settings\Pillar\ntuser.tmp c:\windows\IsUn0413.exe c:\windows\system32\system32 c:\windows\system32\system32\3DAudio.ax c:\windows\system32\system32\avrt.dll c:\windows\system32\system32\cis-2.4.dll c:\windows\system32\system32\issacapi_bs-2.3.dll c:\windows\system32\system32\issacapi_pe-2.3.dll c:\windows\system32\system32\issacapi_se-2.3.dll c:\windows\system32\system32\MACXMLProto.dll c:\windows\system32\system32\MaDRM.dll c:\windows\system32\system32\MaJGUILib.dll c:\windows\system32\system32\MAMACExtract.dll c:\windows\system32\system32\MASetupCleaner.exe c:\windows\system32\system32\MaXMLProto.dll c:\windows\system32\system32\mfplat.dll c:\windows\system32\system32\MK_Lyric.dll c:\windows\system32\system32\MSCLib.dll c:\windows\system32\system32\MSFLib.dll c:\windows\system32\system32\MSLUR71.dll c:\windows\system32\system32\msvcp60.dll c:\windows\system32\system32\MTTELECHIP.dll c:\windows\system32\system32\MTXSYNCICON.dll c:\windows\system32\system32\muzaf1.dll c:\windows\system32\system32\muzapp.dll c:\windows\system32\system32\muzapp.exe c:\windows\system32\system32\muzdecode.ax c:\windows\system32\system32\muzeffect.ax c:\windows\system32\system32\muzmp4sp.ax c:\windows\system32\system32\muzmpgsp.ax c:\windows\system32\system32\muzoggsp.ax c:\windows\system32\system32\muzwmts.dll c:\windows\system32\system32\psapi.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_xcpip . . (((((((((((((((((((( Bestanden Gemaakt van 2012-03-16 to 2012-04-16 )))))))))))))))))))))))))))))) . . 2012-04-16 20:20 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-16 20:05 . 2012-04-16 20:05 -------- d-----w- c:\windows\system32\wbem\Repository 2012-04-16 20:05 . 2012-04-16 20:05 -------- d--h--r- c:\documents and settings\Pillar\Onlangs geopend 2012-04-16 14:09 . 2012-04-16 14:09 -------- d-----w- c:\documents and settings\Pillar\Application Data\Malwarebytes 2012-04-16 14:09 . 2012-04-16 14:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-04-16 14:09 . 2012-04-16 20:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-04-15 20:22 . 2012-04-16 20:02 -------- d-----w- C:\hijackthis(2) 2012-04-15 19:46 . 2012-04-16 20:02 -------- d-s---w- c:\documents and settings\Administrator 2012-04-15 18:38 . 2012-04-15 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia 2012-04-15 18:37 . 2012-04-15 18:37 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Nokia 2012-04-15 18:15 . 2012-04-15 18:40 -------- d-----w- c:\documents and settings\Pillar\Local Settings\Application Data\Nokia 2012-04-15 18:15 . 2012-04-15 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2012-04-15 18:15 . 2012-04-15 18:37 -------- d-----w- c:\documents and settings\Pillar\Application Data\PC Suite 2012-04-15 18:13 . 2012-04-16 20:04 -------- d-----w- c:\documents and settings\Pillar\Application Data\Nokia 2012-04-15 18:00 . 2012-04-16 20:04 -------- d-----w- c:\program files\Common Files\Nokia 2012-04-15 17:58 . 2012-04-16 20:06 -------- d-----w- c:\program files\PC Connectivity Solution 2012-04-15 17:55 . 2012-04-16 20:04 -------- d-----w- c:\program files\Nokia 2012-04-15 17:55 . 2012-04-15 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\OviInstallerCache 2012-04-14 19:57 . 2012-04-16 20:04 -------- d-----w- c:\program files\SopCast 2012-04-11 22:41 . 2012-04-11 22:41 -------- d-----w- c:\documents and settings\Pillar\Local Settings\Application Data\Microsoft Help 2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-01 11:00 . 2004-09-10 15:23 916992 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 11:00 . 2004-09-10 15:23 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-03-01 11:00 . 2004-09-10 15:23 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-02-29 14:10 . 2004-09-10 15:23 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:10 . 2004-09-10 15:23 148480 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 12:17 . 2004-09-10 15:22 385024 ----a-w- c:\windows\system32\html.iec 2012-02-14 10:09 . 2012-02-14 10:09 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-02-04 00:30 . 2012-02-04 00:27 243152 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-02-04 00:30 . 2012-02-04 00:30 12536 ----a-w- c:\windows\system32\avgrsstx.dll 2012-02-04 00:30 . 2012-02-04 00:27 29712 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2012-02-04 00:30 . 2012-02-04 00:27 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2012-02-04 00:30 . 2012-02-04 00:27 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2012-02-03 09:57 . 2004-09-10 15:23 1860224 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-02-17 21416] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-02-03 943504] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAShCut.exe" [2005-01-07 61952] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-12 774233] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-08 7573504] "nwiz"="nwiz.exe" [2006-05-08 1519616] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-05-08 86016] "HControl"="c:\windows\ATK0100\HControl.exe" [2006-02-23 106496] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-02-04 2077536] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2012-02-04 00:30 12536 ----a-w- c:\windows\system32\avgrsstx.dll . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\muzapp.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\AVG\\AVG9\\avgam.exe"= "c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "%windir%\explorer.exe"= %windir%\explorer.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [4-2-2012 2:27 52872] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [4-2-2012 2:27 216400] R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [4-2-2012 2:27 243152] R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [4-2-2012 2:30 308136] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-4-2012 22:20 654408] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-4-2012 22:20 22344] R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\drivers\PTSimBus.sys [23-8-2011 10:38 18944] R3 SynMini;USB2.0 VGA WebCam;c:\windows\system32\drivers\SynMini.sys [19-4-2011 8:25 1056512] R3 SynScan;USB2.0 VGA WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [19-4-2011 8:25 8064] S3 6qmok14n.sys;6qmok14n.sys;\??\c:\windows\system32\drivers\6qmok14n.sys --> c:\windows\system32\drivers\6qmok14n.sys [?] S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [25-5-2011 22:38 39048] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12-6-2011 12:15 31125880] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9-1-2010 22:37 4640000] S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\drivers\PTSimHid.sys [23-8-2011 10:38 10752] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10-10-2011 10:34 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10-10-2011 10:34 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10-10-2011 10:34 136808] S3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - IPFILTERDRIVER *NewlyCreated* - MBAMPROTECTOR *NewlyCreated* - MBAMSERVICE *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-04-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3643520768-4114035612-1401401595-1006Core.job - c:\documents and settings\Pillar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-23 20:20] . 2012-04-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3643520768-4114035612-1401401595-1006UA.job - c:\documents and settings\Pillar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-23 20:20] . 2012-04-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3643520768-4114035612-1401401595-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2012-04-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3643520768-4114035612-1401401595-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-04-16 23:20 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3944) c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1043\GrooveIntlResource.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\System32\Drivers\WTSRV.EXE c:\windows\system32\WTClient.exe c:\program files\AVG\AVG9\avgam.exe c:\program files\AVG\AVG9\avgnsx.exe c:\windows\system32\WISPTIS.EXE c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\windows\ATK0100\ATKOSD.exe c:\program files\AVG\AVG9\avgcsrvx.exe . ************************************************************************** . Voltooingstijd: 2012-04-16 23:28:16 - machine werd herstart ComboFix-quarantined-files.txt 2012-04-16 21:28 . Pre-Run: 57.090.850.816 bytes beschikbaar Post-Run: 57.031.634.944 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 0C1E70CE13829D052A8086998767DE9C
  12. VUUR
    Hallo, De AVG heeft niks gevonden. Toen ik office wilde openen in menu start, zag ik het mapje wel maar de programma's waren er niet. Toen ben ik alle tabjes van menu start langs gegaan en ze waren allemaal leeg. Nu heb ik in de c-schijf, program files gekeken en daar zag ik een bestand genaamd: Markany, daarin zat een mapje "Contentsafer", daarin zat "Updateclient" waarin MAUpdateBoot zat. Nu heb ik even op internet gezocht en ik zag dat dit de computer langzaam maakt, wat bij mij nog steeds het geval is. Is dit ook een virus?
  13. VUUR
    Hallo, Bij het unhiden kreeg ik de melding en al mijn programma's en documenten werden zichtbaar. Ik kreeg ook een icon van smart hdd op mijn bureaublad, kan ik dit gewoon van mijn bureaublad verwijderen of moet dit op een speciale manier? Mijn pc voert nu de avg scan uit, als dit voltooid is zal ik het resultaat hier op het forum zetten.
  14. VUUR
    Hallo, Hieronder kun je de nieuwe log van de TDSSkiller en MBAM vinden. Ik had echter nog een andere vraag: Als mijn computer opnieuw opstart, en ik ga naar start zijn alle programma's weg ook het bureaublad is leeg op een paar programma's na. Alleen de MBAM is te zien. Maar als ik naar mijn computer ga kan ik alle schijven zien. Pas als ik naar mapopties ga en ik zorg ervoor verborgen mappen zichtbaar zijn, zie ik pas al mijn documenten en programma's (de tekens zijn wel doorzichtig). Hoe kan ik ervoor zorgen dat mijn documenten weer gewoon terug komen? 15:34:23.0531 1028 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05 15:34:23.0796 1028 ============================================================ 15:34:23.0796 1028 Current date / time: 2012/04/16 15:34:23.0796 15:34:23.0796 1028 SystemInfo: 15:34:23.0796 1028 15:34:23.0796 1028 OS Version: 5.1.2600 ServicePack: 3.0 15:34:23.0796 1028 Product type: Workstation 15:34:23.0796 1028 ComputerName: SN100485110321 15:34:23.0796 1028 UserName: Pillar 15:34:23.0796 1028 Windows directory: C:\WINDOWS 15:34:23.0796 1028 System windows directory: C:\WINDOWS 15:34:23.0796 1028 Processor architecture: Intel x86 15:34:23.0796 1028 Number of processors: 2 15:34:23.0796 1028 Page size: 0x1000 15:34:23.0796 1028 Boot type: Safe boot 15:34:23.0796 1028 ============================================================ 15:34:30.0015 1028 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:34:30.0015 1028 Drive \Device\Harddisk1\DR6 - Size: 0x3C700000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 15:34:30.0015 1028 \Device\Harddisk0\DR0: 15:34:30.0015 1028 MBR used 15:34:30.0015 1028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBA4CF41 15:34:30.0015 1028 \Device\Harddisk1\DR6: 15:34:30.0015 1028 MBR used 15:34:30.0015 1028 \Device\Harddisk1\DR6\Partition0: MBR, Type 0x6, StartLBA 0x1B8, BlocksNum 0x1E3648 15:34:30.0531 1028 Initialize success 15:34:30.0531 1028 ============================================================ 15:34:40.0156 1324 ============================================================ 15:34:40.0156 1324 Scan started 15:34:40.0156 1324 Mode: Manual; 15:34:40.0156 1324 ============================================================ 15:34:43.0046 1324 6qmok14n.sys - ok 15:34:43.0531 1324 Abiosdsk - ok 15:34:44.0078 1324 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 15:34:44.0078 1324 abp480n5 - ok 15:34:44.0765 1324 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:34:44.0843 1324 ACPI - ok 15:34:45.0359 1324 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 15:34:45.0359 1324 ACPIEC - ok 15:34:45.0968 1324 ADIHdAudAddService (be1423364bb05a6b1751a1e9515e6cac) C:\WINDOWS\system32\drivers\ADIHdAud.sys 15:34:46.0015 1324 ADIHdAudAddService - ok 15:34:46.0609 1324 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 15:34:46.0625 1324 adpu160m - ok 15:34:47.0281 1324 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 15:34:47.0343 1324 aec - ok 15:34:47.0984 1324 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 15:34:48.0031 1324 AFD - ok 15:34:48.0578 1324 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 15:34:48.0578 1324 agp440 - ok 15:34:49.0093 1324 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 15:34:49.0109 1324 agpCPQ - ok 15:34:49.0593 1324 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 15:34:49.0593 1324 Aha154x - ok 15:34:50.0125 1324 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 15:34:50.0125 1324 aic78u2 - ok 15:34:50.0671 1324 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 15:34:50.0671 1324 aic78xx - ok 15:34:51.0156 1324 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll 15:34:51.0171 1324 Alerter - ok 15:34:51.0656 1324 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe 15:34:51.0656 1324 ALG - ok 15:34:52.0187 1324 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 15:34:52.0187 1324 AliIde - ok 15:34:52.0734 1324 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 15:34:52.0734 1324 alim1541 - ok 15:34:53.0265 1324 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 15:34:53.0265 1324 amdagp - ok 15:34:53.0765 1324 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 15:34:53.0765 1324 amsint - ok 15:34:54.0218 1324 AppMgmt - ok 15:34:54.0765 1324 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 15:34:54.0765 1324 Arp1394 - ok 15:34:55.0312 1324 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 15:34:55.0312 1324 asc - ok 15:34:55.0812 1324 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 15:34:55.0812 1324 asc3350p - ok 15:34:56.0312 1324 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 15:34:56.0312 1324 asc3550 - ok 15:34:56.0671 1324 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:34:56.0718 1324 aspnet_state - ok 15:34:57.0296 1324 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:34:57.0296 1324 AsyncMac - ok 15:34:57.0859 1324 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 15:34:57.0859 1324 atapi - ok 15:34:58.0328 1324 Atdisk - ok 15:34:58.0859 1324 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:34:58.0859 1324 Atmarpc - ok 15:34:59.0390 1324 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll 15:34:59.0437 1324 AudioSrv - ok 15:35:00.0015 1324 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 15:35:00.0015 1324 audstub - ok 15:35:00.0453 1324 avg9wd (c4d15594db5be042d3346ea58df87d89) C:\Program Files\AVG\AVG9\avgwdsvc.exe 15:35:00.0625 1324 avg9wd - ok 15:35:01.0328 1324 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys 15:35:01.0437 1324 AvgLdx86 - ok 15:35:02.0046 1324 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\System32\Drivers\avgmfx86.sys 15:35:02.0046 1324 AvgMfx86 - ok 15:35:02.0593 1324 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys 15:35:02.0609 1324 AvgRkx86 - ok 15:35:03.0265 1324 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\System32\Drivers\avgtdix.sys 15:35:03.0390 1324 AvgTdiX - ok 15:35:03.0921 1324 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 15:35:03.0921 1324 Beep - ok 15:35:04.0656 1324 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll 15:35:05.0015 1324 BITS - ok 15:35:05.0562 1324 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll 15:35:05.0609 1324 Browser - ok 15:35:06.0156 1324 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 15:35:06.0156 1324 cbidf - ok 15:35:06.0640 1324 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 15:35:06.0640 1324 cbidf2k - ok 15:35:07.0171 1324 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 15:35:07.0171 1324 CCDECODE - ok 15:35:07.0687 1324 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 15:35:07.0687 1324 cd20xrnt - ok 15:35:08.0203 1324 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 15:35:08.0203 1324 Cdaudio - ok 15:35:08.0781 1324 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 15:35:08.0812 1324 Cdfs - ok 15:35:09.0359 1324 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:35:09.0359 1324 Cdrom - ok 15:35:09.0859 1324 Changer - ok 15:35:10.0328 1324 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe 15:35:10.0328 1324 CiSvc - ok 15:35:10.0812 1324 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe 15:35:10.0812 1324 ClipSrv - ok 15:35:11.0109 1324 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:35:11.0187 1324 clr_optimization_v2.0.50727_32 - ok 15:35:11.0765 1324 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 15:35:11.0765 1324 CmBatt - ok 15:35:12.0265 1324 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 15:35:12.0265 1324 CmdIde - ok 15:35:12.0750 1324 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 15:35:12.0765 1324 Compbatt - ok 15:35:13.0218 1324 COMSysApp - ok 15:35:13.0734 1324 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 15:35:13.0734 1324 Cpqarray - ok 15:35:14.0281 1324 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll 15:35:14.0296 1324 CryptSvc - ok 15:35:14.0906 1324 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 15:35:14.0984 1324 dac2w2k - ok 15:35:15.0484 1324 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 15:35:15.0484 1324 dac960nt - ok 15:35:16.0218 1324 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 15:35:16.0468 1324 DcomLaunch - ok 15:35:17.0062 1324 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll 15:35:17.0156 1324 Dhcp - ok 15:35:17.0703 1324 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 15:35:17.0703 1324 Disk - ok 15:35:18.0140 1324 dmadmin - ok 15:35:19.0187 1324 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 15:35:19.0687 1324 dmboot - ok 15:35:20.0328 1324 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 15:35:20.0375 1324 dmio - ok 15:35:20.0890 1324 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 15:35:20.0890 1324 dmload - ok 15:35:21.0375 1324 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll 15:35:21.0390 1324 dmserver - ok 15:35:21.0937 1324 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 15:35:21.0937 1324 DMusic - ok 15:35:22.0468 1324 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll 15:35:22.0500 1324 Dnscache - ok 15:35:23.0093 1324 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll 15:35:23.0187 1324 Dot3svc - ok 15:35:23.0718 1324 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 15:35:23.0718 1324 dpti2o - ok 15:35:24.0250 1324 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 15:35:24.0250 1324 drmkaud - ok 15:35:24.0765 1324 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll 15:35:24.0781 1324 EapHost - ok 15:35:25.0359 1324 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll 15:35:25.0375 1324 ERSvc - ok 15:35:25.0937 1324 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 15:35:25.0968 1324 Eventlog - ok 15:35:26.0609 1324 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll 15:35:26.0765 1324 EventSystem - ok 15:35:27.0406 1324 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys 15:35:27.0500 1324 exFat - ok 15:35:28.0125 1324 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 15:35:28.0218 1324 Fastfat - ok 15:35:28.0781 1324 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 15:35:28.0875 1324 FastUserSwitchingCompatibility - ok 15:35:29.0390 1324 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 15:35:29.0390 1324 Fdc - ok 15:35:29.0953 1324 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 15:35:29.0984 1324 Fips - ok 15:35:30.0515 1324 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 15:35:30.0531 1324 Flpydisk - ok 15:35:31.0140 1324 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 15:35:31.0171 1324 FltMgr - ok 15:35:31.0437 1324 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:35:31.0453 1324 FontCache3.0.0.0 - ok 15:35:32.0000 1324 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:35:32.0000 1324 Fs_Rec - ok 15:35:32.0640 1324 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:35:32.0687 1324 Ftdisk - ok 15:35:33.0234 1324 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:35:33.0234 1324 Gpc - ok 15:35:33.0859 1324 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys 15:35:33.0906 1324 HdAudAddService - ok 15:35:34.0546 1324 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:35:34.0546 1324 HDAudBus - ok 15:35:34.0796 1324 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:35:34.0796 1324 helpsvc - ok 15:35:35.0296 1324 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll 15:35:35.0312 1324 HidServ - ok 15:35:35.0890 1324 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 15:35:35.0890 1324 HidUsb - ok 15:35:36.0437 1324 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll 15:35:36.0484 1324 hkmsvc - ok 15:35:37.0046 1324 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 15:35:37.0046 1324 hpn - ok 15:35:37.0734 1324 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 15:35:37.0859 1324 HTTP - ok 15:35:38.0390 1324 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll 15:35:38.0406 1324 HTTPFilter - ok 15:35:38.0921 1324 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 15:35:38.0937 1324 i2omgmt - ok 15:35:39.0484 1324 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 15:35:39.0484 1324 i2omp - ok 15:35:40.0062 1324 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:35:40.0062 1324 i8042prt - ok 15:35:40.0593 1324 ICDSPTSV (17c3ec352dfabe0670e5a3afd750891b) C:\WINDOWS\system32\IcdSptSv.exe 15:35:40.0609 1324 ICDSPTSV - ok 15:35:41.0140 1324 ICDUSB2 (60b044a221cf76cc6077b0c3e9136cff) C:\WINDOWS\system32\Drivers\ICDUSB2.sys 15:35:41.0156 1324 ICDUSB2 - ok 15:35:41.0968 1324 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:35:42.0515 1324 idsvc - ok 15:35:43.0109 1324 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 15:35:43.0109 1324 Imapi - ok 15:35:43.0687 1324 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe 15:35:43.0750 1324 ImapiService - ok 15:35:44.0281 1324 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 15:35:44.0281 1324 ini910u - ok 15:35:44.0796 1324 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 15:35:44.0796 1324 IntelIde - ok 15:35:45.0359 1324 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 15:35:45.0359 1324 intelppm - ok 15:35:45.0890 1324 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 15:35:45.0906 1324 Ip6Fw - ok 15:35:46.0484 1324 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:35:46.0484 1324 IpFilterDriver - ok 15:35:47.0046 1324 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:35:47.0046 1324 IpInIp - ok 15:35:47.0812 1324 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:35:47.0875 1324 IpNat - ok 15:35:48.0468 1324 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:35:48.0484 1324 IPSec - ok 15:35:49.0000 1324 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 15:35:49.0000 1324 IRENUM - ok 15:35:49.0562 1324 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:35:49.0562 1324 isapnp - ok 15:35:49.0812 1324 JavaQuickStarterService (11c3efb4bac41175d03b1595db1a4a4f) C:\Program Files\Java\jre6\bin\jqs.exe 15:35:49.0875 1324 JavaQuickStarterService - ok 15:35:50.0515 1324 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:35:50.0515 1324 Kbdclass - ok 15:35:51.0046 1324 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 15:35:51.0046 1324 kbdhid - ok 15:35:51.0687 1324 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 15:35:51.0765 1324 kmixer - ok 15:35:52.0328 1324 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 15:35:52.0390 1324 KSecDD - ok 15:35:52.0937 1324 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll 15:35:53.0015 1324 lanmanserver - ok 15:35:53.0578 1324 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll 15:35:53.0671 1324 lanmanworkstation - ok 15:35:54.0156 1324 lbrtfdc - ok 15:35:54.0671 1324 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll 15:35:54.0687 1324 LmHosts - ok 15:35:55.0218 1324 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll 15:35:55.0250 1324 Messenger - ok 15:35:55.0453 1324 Microsoft SharePoint Workspace Audit Service - ok 15:35:56.0031 1324 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 15:35:56.0046 1324 mnmdd - ok 15:35:56.0546 1324 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe 15:35:56.0546 1324 mnmsrvc - ok 15:35:57.0078 1324 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 15:35:57.0093 1324 Modem - ok 15:35:57.0593 1324 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:35:57.0593 1324 Mouclass - ok 15:35:58.0093 1324 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 15:35:58.0093 1324 mouhid - ok 15:35:58.0640 1324 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 15:35:58.0671 1324 MountMgr - ok 15:35:59.0171 1324 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 15:35:59.0171 1324 mraid35x - ok 15:35:59.0828 1324 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:35:59.0906 1324 MRxDAV - ok 15:36:00.0750 1324 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:36:01.0031 1324 MRxSmb - ok 15:36:01.0500 1324 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe 15:36:01.0500 1324 MSDTC - ok 15:36:02.0062 1324 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 15:36:02.0062 1324 Msfs - ok 15:36:02.0500 1324 MSIServer - ok 15:36:03.0000 1324 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:36:03.0000 1324 MSKSSRV - ok 15:36:03.0515 1324 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:36:03.0515 1324 MSPCLOCK - ok 15:36:04.0015 1324 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 15:36:04.0015 1324 MSPQM - ok 15:36:04.0531 1324 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:36:04.0531 1324 mssmbios - ok 15:36:05.0046 1324 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 15:36:05.0046 1324 MSTEE - ok 15:36:05.0578 1324 MTsensor (e333010a50bf603acc350f6019e9ce02) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys 15:36:05.0578 1324 MTsensor - ok 15:36:06.0171 1324 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 15:36:06.0234 1324 Mup - ok 15:36:06.0812 1324 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 15:36:06.0828 1324 NABTSFEC - ok 15:36:07.0484 1324 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll 15:36:07.0687 1324 napagent - ok 15:36:08.0343 1324 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 15:36:08.0468 1324 NDIS - ok 15:36:09.0000 1324 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 15:36:09.0000 1324 NdisIP - ok 15:36:09.0531 1324 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:36:09.0531 1324 NdisTapi - ok 15:36:10.0109 1324 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:36:10.0109 1324 Ndisuio - ok 15:36:10.0718 1324 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:36:10.0734 1324 NdisWan - ok 15:36:11.0265 1324 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 15:36:11.0296 1324 NDProxy - ok 15:36:11.0843 1324 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 15:36:11.0843 1324 NetBIOS - ok 15:36:12.0484 1324 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 15:36:12.0546 1324 NetBT - ok 15:36:13.0109 1324 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 15:36:13.0156 1324 NetDDE - ok 15:36:13.0250 1324 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 15:36:13.0250 1324 NetDDEdsdm - ok 15:36:13.0734 1324 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 15:36:13.0750 1324 Netlogon - ok 15:36:14.0359 1324 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll 15:36:14.0484 1324 Netman - ok 15:36:14.0796 1324 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:36:14.0843 1324 NetTcpPortSharing - ok 15:36:15.0437 1324 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 15:36:15.0437 1324 NIC1394 - ok 15:36:16.0093 1324 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll 15:36:16.0250 1324 Nla - ok 15:36:16.0781 1324 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys 15:36:16.0781 1324 nmwcd - ok 15:36:17.0343 1324 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys 15:36:17.0343 1324 nmwcdc - ok 15:36:17.0921 1324 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 15:36:17.0953 1324 Npfs - ok 15:36:18.0843 1324 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 15:36:19.0218 1324 Ntfs - ok 15:36:19.0718 1324 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 15:36:19.0718 1324 NtLmSsp - ok 15:36:20.0484 1324 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll 15:36:20.0796 1324 NtmsSvc - ok 15:36:21.0312 1324 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 15:36:21.0312 1324 Null - ok 15:36:24.0250 1324 nv (bbe208c1b83f62ee6e4a39f18dbf373e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 15:36:26.0671 1324 nv - ok 15:36:27.0234 1324 NVSvc (35b553d57bde1d7bbeb50a0cf1dfd4ec) C:\WINDOWS\system32\nvsvc32.exe 15:36:27.0281 1324 NVSvc - ok 15:36:27.0812 1324 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:36:27.0812 1324 NwlnkFlt - ok 15:36:28.0312 1324 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:36:28.0328 1324 NwlnkFwd - ok 15:36:28.0859 1324 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 15:36:28.0859 1324 ohci1394 - ok 15:36:29.0125 1324 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:36:29.0187 1324 ose - ok 15:36:32.0359 1324 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:36:35.0390 1324 osppsvc - ok 15:36:36.0031 1324 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\drivers\Parport.sys 15:36:36.0078 1324 Parport - ok 15:36:36.0593 1324 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 15:36:36.0609 1324 PartMgr - ok 15:36:37.0171 1324 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 15:36:37.0171 1324 ParVdm - ok 15:36:37.0750 1324 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys 15:36:37.0750 1324 pccsmcfd - ok 15:36:38.0343 1324 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 15:36:38.0343 1324 PCI - ok 15:36:38.0828 1324 PCIDump - ok 15:36:39.0390 1324 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 15:36:39.0390 1324 PCIIde - ok 15:36:40.0000 1324 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 15:36:40.0078 1324 Pcmcia - ok 15:36:40.0562 1324 PDCOMP - ok 15:36:41.0031 1324 PDFRAME - ok 15:36:41.0578 1324 PDRELI - ok 15:36:42.0062 1324 PDRFRAME - ok 15:36:42.0640 1324 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 15:36:42.0640 1324 perc2 - ok 15:36:43.0140 1324 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 15:36:43.0140 1324 perc2hib - ok 15:36:43.0765 1324 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 15:36:43.0765 1324 PlugPlay - ok 15:36:44.0250 1324 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 15:36:44.0250 1324 PolicyAgent - ok 15:36:44.0828 1324 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:36:44.0828 1324 PptpMiniport - ok 15:36:45.0406 1324 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys 15:36:45.0406 1324 Processor - ok 15:36:45.0906 1324 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 15:36:45.0906 1324 ProtectedStorage - ok 15:36:46.0500 1324 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 15:36:46.0515 1324 PSched - ok 15:36:47.0000 1324 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:36:47.0000 1324 Ptilink - ok 15:36:47.0515 1324 PTSimBus (688983e03c0d82b2efa1db89792c4c6c) C:\WINDOWS\system32\DRIVERS\PTSimBus.sys 15:36:47.0515 1324 PTSimBus - ok 15:36:48.0031 1324 PTSimHid (fdc1a2e536b5cbce1c2245cd5ad910eb) C:\WINDOWS\system32\DRIVERS\PTSimHid.sys 15:36:48.0031 1324 PTSimHid - ok 15:36:48.0578 1324 PxHelp20 (5491e4e7d93804f43abe8ce3c39f5a86) C:\WINDOWS\system32\Drivers\PxHelp20.sys 15:36:48.0578 1324 PxHelp20 - ok 15:36:49.0109 1324 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 15:36:49.0109 1324 ql1080 - ok 15:36:49.0625 1324 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 15:36:49.0625 1324 Ql10wnt - ok 15:36:50.0156 1324 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 15:36:50.0156 1324 ql12160 - ok 15:36:50.0671 1324 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 15:36:50.0671 1324 ql1240 - ok 15:36:51.0203 1324 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 15:36:51.0203 1324 ql1280 - ok 15:36:51.0750 1324 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:36:51.0750 1324 RasAcd - ok 15:36:52.0281 1324 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll 15:36:52.0343 1324 RasAuto - ok 15:36:52.0890 1324 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:36:52.0906 1324 Rasl2tp - ok 15:36:53.0546 1324 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll 15:36:53.0671 1324 RasMan - ok 15:36:54.0234 1324 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:36:54.0234 1324 RasPppoe - ok 15:36:54.0765 1324 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 15:36:54.0765 1324 Raspti - ok 15:36:55.0437 1324 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:36:55.0500 1324 Rdbss - ok 15:36:56.0062 1324 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:36:56.0062 1324 RDPCDD - ok 15:36:56.0718 1324 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 15:36:56.0812 1324 rdpdr - ok 15:36:57.0468 1324 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 15:36:57.0562 1324 RDPWD - ok 15:36:58.0125 1324 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe 15:36:58.0171 1324 RDSessMgr - ok 15:36:58.0750 1324 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 15:36:58.0750 1324 redbook - ok 15:36:59.0296 1324 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll 15:36:59.0328 1324 RemoteAccess - ok 15:36:59.0859 1324 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys 15:36:59.0859 1324 rimmptsk - ok 15:37:00.0406 1324 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys 15:37:00.0406 1324 rimsptsk - ok 15:37:01.0109 1324 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys 15:37:01.0281 1324 rismxdp - ok 15:37:01.0812 1324 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe 15:37:01.0812 1324 RpcLocator - ok 15:37:02.0562 1324 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 15:37:02.0562 1324 RpcSs - ok 15:37:03.0109 1324 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe 15:37:03.0156 1324 RSVP - ok 15:37:03.0750 1324 RTL8023xp (8e34400ffc7d647946d9c820678775af) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 15:37:03.0750 1324 RTL8023xp - ok 15:37:04.0281 1324 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 15:37:04.0281 1324 rtl8139 - ok 15:37:04.0765 1324 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 15:37:04.0781 1324 SamSs - ok 15:37:05.0296 1324 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe 15:37:05.0328 1324 SCardSvr - ok 15:37:05.0937 1324 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll 15:37:06.0062 1324 Schedule - ok 15:37:06.0718 1324 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 15:37:06.0734 1324 sdbus - ok 15:37:07.0281 1324 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:37:07.0281 1324 Secdrv - ok 15:37:07.0765 1324 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll 15:37:07.0781 1324 seclogon - ok 15:37:08.0234 1324 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll 15:37:08.0281 1324 SENS - ok 15:37:08.0843 1324 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys 15:37:08.0890 1324 Serial - ok 15:37:09.0562 1324 ServiceLayer (5bf59c6bc737baaf541168e5cb2ec1d9) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 15:37:09.0984 1324 ServiceLayer - ok 15:37:10.0625 1324 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys 15:37:10.0625 1324 sffdisk - ok 15:37:11.0109 1324 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 15:37:11.0109 1324 sffp_sd - ok 15:37:11.0625 1324 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 15:37:11.0625 1324 Sfloppy - ok 15:37:12.0359 1324 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll 15:37:12.0593 1324 SharedAccess - ok 15:37:13.0156 1324 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 15:37:13.0156 1324 ShellHWDetection - ok 15:37:13.0640 1324 Simbad - ok 15:37:14.0234 1324 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 15:37:14.0234 1324 sisagp - ok 15:37:14.0734 1324 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 15:37:14.0734 1324 SLIP - ok 15:37:15.0828 1324 smserial (b8c571fbf5a4b341a95cdf0de74d7b11) C:\WINDOWS\system32\DRIVERS\smserial.sys 15:37:16.0375 1324 smserial - ok 15:37:16.0937 1324 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 15:37:16.0937 1324 Sparrow - ok 15:37:17.0515 1324 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 15:37:17.0515 1324 splitter - ok 15:37:18.0015 1324 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 15:37:18.0015 1324 Spooler - ok 15:37:18.0609 1324 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 15:37:18.0609 1324 sr - ok 15:37:19.0187 1324 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll 15:37:19.0281 1324 srservice - ok 15:37:20.0031 1324 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 15:37:20.0234 1324 Srv - ok 15:37:20.0859 1324 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys 15:37:20.0906 1324 ssadbus - ok 15:37:21.0468 1324 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys 15:37:21.0468 1324 ssadmdfl - ok 15:37:22.0171 1324 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys 15:37:22.0218 1324 ssadmdm - ok 15:37:22.0859 1324 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\WINDOWS\system32\DRIVERS\sscdbus.sys 15:37:22.0890 1324 sscdbus - ok 15:37:23.0437 1324 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys 15:37:23.0437 1324 sscdmdfl - ok 15:37:24.0015 1324 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys 15:37:24.0062 1324 sscdmdm - ok 15:37:24.0578 1324 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll 15:37:24.0640 1324 SSDPSRV - ok 15:37:25.0359 1324 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll 15:37:25.0578 1324 stisvc - ok 15:37:26.0156 1324 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 15:37:26.0156 1324 streamip - ok 15:37:26.0718 1324 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 15:37:26.0718 1324 swenum - ok 15:37:27.0312 1324 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 15:37:27.0312 1324 swmidi - ok 15:37:27.0750 1324 SwPrv - ok 15:37:28.0281 1324 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 15:37:28.0281 1324 symc810 - ok 15:37:28.0781 1324 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 15:37:28.0781 1324 symc8xx - ok 15:37:29.0296 1324 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 15:37:29.0296 1324 sym_hi - ok 15:37:29.0828 1324 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 15:37:29.0828 1324 sym_u3 - ok 15:37:31.0046 1324 SynMini (472b9e75ddab952f0cd37bd9aa3e81f8) C:\WINDOWS\system32\Drivers\SynMini.sys 15:37:31.0765 1324 SynMini - ok 15:37:32.0312 1324 SynScan (bed9a41e66e9f038af6d2e487a3f2757) C:\WINDOWS\system32\Drivers\SynScan.sys 15:37:32.0312 1324 SynScan - ok 15:37:32.0968 1324 SynTP (e2112e486a1954bb81f7b844a3a039af) C:\WINDOWS\system32\DRIVERS\SynTP.sys 15:37:33.0046 1324 SynTP - ok 15:37:33.0609 1324 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 15:37:33.0609 1324 sysaudio - ok 15:37:34.0140 1324 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe 15:37:34.0156 1324 SysmonLog - ok 15:37:34.0687 1324 Tablet2k - ok 15:37:35.0328 1324 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll 15:37:35.0515 1324 TapiSrv - ok 15:37:36.0031 1324 TClass2k (1b3c28d36e669deeb39331255a3feeeb) C:\WINDOWS\system32\DRIVERS\TClass2k.sys 15:37:36.0031 1324 TClass2k - ok 15:37:36.0781 1324 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:37:36.0984 1324 Tcpip - ok 15:37:37.0609 1324 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 15:37:37.0625 1324 TDPIPE - ok 15:37:38.0171 1324 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 15:37:38.0187 1324 TDTCP - ok 15:37:38.0796 1324 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 15:37:38.0796 1324 TermDD - ok 15:37:39.0468 1324 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll 15:37:39.0671 1324 TermService - ok 15:37:40.0218 1324 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 15:37:40.0218 1324 Themes - ok 15:37:40.0750 1324 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 15:37:40.0750 1324 TosIde - ok 15:37:41.0281 1324 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll 15:37:41.0343 1324 TrkWks - ok 15:37:41.0875 1324 UCTblHid (051aa2bb2bd20c55a8be41b10765b621) C:\WINDOWS\system32\DRIVERS\UCTblHid.sys 15:37:41.0875 1324 UCTblHid - ok 15:37:42.0437 1324 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 15:37:42.0500 1324 Udfs - ok 15:37:43.0031 1324 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 15:37:43.0031 1324 ultra - ok 15:37:43.0140 1324 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys 15:37:43.0156 1324 UnlockerDriver5 - ok 15:37:43.0968 1324 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 15:37:44.0171 1324 Update - ok 15:37:44.0765 1324 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll 15:37:44.0890 1324 upnphost - ok 15:37:45.0484 1324 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys 15:37:45.0484 1324 upperdev - ok 15:37:45.0953 1324 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe 15:37:45.0953 1324 UPS - ok 15:37:46.0500 1324 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:37:46.0500 1324 usbccgp - ok 15:37:47.0078 1324 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:37:47.0078 1324 usbehci - ok 15:37:47.0625 1324 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:37:47.0625 1324 usbhub - ok 15:37:48.0140 1324 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 15:37:48.0140 1324 usbohci - ok 15:37:48.0687 1324 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys 15:37:48.0687 1324 usbser - ok 15:37:49.0203 1324 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys 15:37:49.0203 1324 UsbserFilt - ok 15:37:49.0750 1324 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:37:49.0750 1324 USBSTOR - ok 15:37:50.0281 1324 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 15:37:50.0281 1324 usbuhci - ok 15:37:50.0781 1324 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 15:37:50.0781 1324 VgaSave - ok 15:37:51.0359 1324 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 15:37:51.0359 1324 viaagp - ok 15:37:51.0859 1324 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 15:37:51.0859 1324 ViaIde - ok 15:37:52.0390 1324 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 15:37:52.0421 1324 VolSnap - ok 15:37:53.0093 1324 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe 15:37:53.0234 1324 VSS - ok 15:37:53.0828 1324 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll 15:37:53.0937 1324 W32Time - ok 15:37:55.0421 1324 w39n51 (c79918a5bd269035f3a34d157401b9df) C:\WINDOWS\system32\DRIVERS\w39n51.sys 15:37:56.0328 1324 w39n51 - ok 15:37:56.0890 1324 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:37:56.0890 1324 Wanarp - ok 15:37:57.0765 1324 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 15:37:58.0046 1324 Wdf01000 - ok 15:37:58.0531 1324 WDICA - ok 15:37:59.0109 1324 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 15:37:59.0125 1324 wdmaud - ok 15:37:59.0656 1324 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll 15:37:59.0703 1324 WebClient - ok 15:38:00.0328 1324 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll 15:38:00.0406 1324 winmgmt - ok 15:38:01.0000 1324 WinTabService (23f319bea6f2b85489ca458ca0cce7ad) C:\WINDOWS\System32\Drivers\WTSRV.EXE 15:38:01.0000 1324 WinTabService - ok 15:38:01.0515 1324 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 15:38:01.0531 1324 WmdmPmSN - ok 15:38:02.0140 1324 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe 15:38:02.0187 1324 WmiApSrv - ok 15:38:03.0000 1324 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe 15:38:03.0562 1324 WMPNetworkSvc - ok 15:38:04.0234 1324 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys 15:38:04.0234 1324 WpdUsb - ok 15:38:04.0781 1324 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll 15:38:04.0828 1324 wscsvc - ok 15:38:05.0406 1324 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 15:38:05.0406 1324 WSTCODEC - ok 15:38:05.0906 1324 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll 15:38:05.0968 1324 wuauserv - ok 15:38:06.0578 1324 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 15:38:06.0593 1324 WudfPf - ok 15:38:07.0171 1324 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 15:38:07.0187 1324 WudfRd - ok 15:38:07.0718 1324 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 15:38:07.0765 1324 WudfSvc - ok 15:38:08.0562 1324 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll 15:38:08.0890 1324 WZCSVC - ok 15:38:09.0437 1324 xcpip - ok 15:38:10.0000 1324 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll 15:38:10.0171 1324 xmlprov - ok 15:38:10.0671 1324 xpsec - ok 15:38:10.0812 1324 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0 15:38:10.0812 1324 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected 15:38:10.0812 1324 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0) 15:38:10.0828 1324 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR6 15:38:10.0828 1324 \Device\Harddisk1\DR6 - ok 15:38:10.0859 1324 Boot (0x1200) (225fe5ad0b96fe37bd53283f1fd477c3) \Device\Harddisk0\DR0\Partition0 15:38:10.0859 1324 \Device\Harddisk0\DR0\Partition0 - ok 15:38:10.0875 1324 Boot (0x1200) (2c9f0db534ce25c719b32de63721f92e) \Device\Harddisk1\DR6\Partition0 15:38:10.0875 1324 \Device\Harddisk1\DR6\Partition0 - ok 15:38:10.0890 1324 ============================================================ 15:38:10.0890 1324 Scan finished 15:38:10.0890 1324 ============================================================ 15:38:10.0937 1376 Detected object count: 1 15:38:10.0937 1376 Actual detected object count: 1 15:41:34.0546 1376 \Device\Harddisk0\DR0\# - copied to quarantine 15:41:34.0546 1376 \Device\Harddisk0\DR0 - copied to quarantine 15:41:34.0546 1376 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot 15:41:34.0593 1376 \Device\Harddisk0\DR0 - ok 15:41:34.0593 1376 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure Malwarebytes Anti-Malware (-evaluatieversie-) 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.04.08 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Pillar :: SN100485110321 [administrator] Realtime bescherming: Ingeschakeld 16-4-2012 16:10:17 mbam-log-2012-04-16 (16-10-17).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 201627 Verstreken tijd: 10 minuut/minuten, 35 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 7 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDesktop (PUM.Hidden.Desktop) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Documents and Settings\All Users\Application Data\AlSnqDidGxPete.exe (Backdoor.Agent.RCGen) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\All Users\Application Data\JTiCagiPTU5LLZ.exe (Backdoor.Agent.RCGen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  15. VUUR
    Hallo allemaal, Ik heb sinds vandaag last van de trojan horse PSW.Agent.AUET. Mijn AVG krijgt hem er niet af. hieronder de log van mijn Pc. Kunnen jullie me helpen? Groeten VUUR Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:29:21, on 15-4-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [AlSnqDidGxPete.exe] C:\Documents and Settings\All Users\Application Data\AlSnqDidGxPete.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pillar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE -- End of file - 8428 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.