bartd

ComboFix 12-07-13.03 - Gebruiker 13/07/2012 19:59:30.9.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.503.298 [GMT 2:00] Gestart vanuit: c:\documents and settings\Gebruiker\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: NOD32 antivirus systeem 2.51 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-13 to 2012-07-13 )))))))))))))))))))))))))))))) . . 2012-07-13 13:15 . 2012-07-13 13:15 -------- d--h--r- c:\documents and settings\Gebruiker\Onlangs geopend 2012-07-13 11:45 . 2012-07-13 12:32 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS 2012-07-13 11:25 . 2012-07-13 11:25 -------- d-----w- c:\program files\WhoLockMe 2012-07-13 10:57 . 2012-07-13 10:58 1491 ----a-w- C:\user.js 2012-07-13 10:56 . 2012-07-13 10:56 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Babylon 2012-07-12 21:57 . 2012-07-12 21:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-12 21:57 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-12 10:47 . 2012-07-12 10:47 -------- d-----w- c:\documents and settings\LocalService\Bureaublad 2012-07-11 13:11 . 2012-07-11 13:11 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Malwarebytes 2012-07-11 13:10 . 2012-07-11 13:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-07-10 21:12 . 2012-07-10 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\IBUpdaterService 2012-07-10 21:12 . 2012-07-10 21:07 570304 ----a-w- c:\program files\Uninstall Information\ib_uninst_519\uninstall.exe 2012-07-10 21:12 . 2012-07-10 21:12 -------- d-----w- c:\program files\Haali 2012-07-10 21:12 . 2012-07-10 21:07 570304 ----a-w- c:\program files\Uninstall Information\ib_uninst_518\uninstall.exe 2012-07-10 21:10 . 2012-07-10 21:07 570304 ----a-w- c:\program files\Uninstall Information\ib_uninst_455\uninstall.exe 2012-07-10 21:09 . 2012-07-10 21:10 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Google 2012-07-10 21:09 . 2012-07-10 21:09 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Savings Sidekick 2012-07-10 21:09 . 2012-07-10 21:09 -------- d-----w- c:\program files\Savings Sidekick 2012-07-10 20:49 . 2012-07-10 20:49 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\BitTorrent 2012-07-10 20:48 . 2012-07-10 20:48 -------- d-----w- c:\program files\bittorrent 2012-07-08 18:12 . 2012-07-08 18:12 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe 2012-07-08 17:33 . 2012-07-08 17:32 476936 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-07-08 17:30 . 2012-07-08 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2012-07-08 13:39 . 2012-06-02 13:19 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-07-08 13:08 . 2012-07-11 18:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-11 18:51 . 2011-08-18 19:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-08 17:32 . 2010-08-14 21:53 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-07-08 17:32 . 2010-05-09 21:47 472840 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-02 13:19 . 2009-04-03 13:54 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2004-10-13 13:03 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2004-10-13 13:03 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2004-10-13 13:03 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2005-05-26 02:16 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2004-10-15 15:48 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2004-07-15 13:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2002-10-04 12:01 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2009-04-03 13:54 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2004-10-13 13:03 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-04-03 13:54 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2004-07-15 13:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2009-04-03 15:43 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2007-02-04 13:23 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2007-02-04 13:23 214256 ----a-w- c:\windows\system32\muweb.dll 2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2010-06-28 16:25 203776 --sh--w- c:\windows\system32\unrar.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-07-13_13.52.20 ))))))))))))))))))))))))))))))))))))))))) . + 2012-07-13 15:42 . 2012-07-13 15:42 16384 c:\windows\Temp\Perflib_Perfdata_528.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BisonCom"="c:\windows\VdCap03C\BisonCom" [X] "Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2004-05-26 86016] "SoundMan"="SOUNDMAN.EXE" [2004-05-20 66048] "ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-03 98304] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-03 499712] "PRONoMgr.exe"="c:\program files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2004-02-05 86016] "igfxtray"="c:\windows\system32\igfxtray.exe" [2004-05-20 155648] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2004-05-20 118784] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784] "UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-08-18 462848] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-05-20 118784] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360] "PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] 2004-03-03 14:48 110592 ----a-w- c:\windows\system32\LgNotify.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0PFDNNT c:\program files\Internet Optimizer\12.tmp\0PFDNNT c:\program files\Internet Optimizer\0PFDNNT c:\program files\Windows ControlAd\WinCtlAdAlt.exe\0PFDNNT c:\program files\Windows ControlAd\WinCtlAdShift.dll\0PFDNNT c:\program files\Windows ControlAd\WinCtlAd.exe\0PFDNNT c:\program files\Windows ControlAd\8E.tmp\0PFDNNT c:\program files\Windows ControlAd\0PFDNNT c:\windows\system32\P2P Networking\MARSHAL.DLL\0PFDNNT c:\windows\system32\P2P Networking\9D.tmp\0PFDNNT c:\windows\system32\P2P Networking\0PFDNNT c:\program files\SideFind\sfbho13.dll\0PFDNNT c:\program files\SideFind\D3.tmp\0PFDNNT c:\program files\SideFind\0PFDNNT c:\docume~1\gebrui~1\applic~1\mpegbl~1\liestr~1.exe\0PFDNNT c:\documents and settings\ALL USERS\APPLICATION DATA\LONG FRAG EACH ANTI\TRUST BASE.EXE\0PFDNNT c:\docume~1\GEBRUI~1\APPLIC~1\BindBoob\base eggs.exe\0PFDNNT c:\documents and settings\GEBRUIKER\APPLICATION DATA\BINDBOOB\BASE EGGS.EXE\0SsiEfr.e\0PFDNNT c:\documents and settings\gebruiker\cookies\gebruiker@com[1].txt\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ASUS ChkMail.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ASUS ChkMail.lnk backup=c:\windows\pss\ASUS ChkMail.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Gebruiker^Menu Start^Programma's^Opstarten^OpenOffice.org 2.0 .lnk] path=c:\documents and settings\Gebruiker\Menu Start\Programma's\Opstarten\OpenOffice.org 2.0 .lnk backup=c:\windows\pss\OpenOffice.org 2.0 .lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] 2012-07-10 20:50 6077848 ----a-w- c:\program files\bittorrent\BitTorrent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hitman Pro Expiration Helper] 2007-02-17 22:28 596760 ----a-w- c:\program files\Hitman Pro\xphelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] 2004-01-19 14:33 81920 ----a-w- c:\progra~1\Asus\Power4 Gear\BatteryLife.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2000-10-16 09:37 32768 ------r- c:\windows\system32\rmctrl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] c:\program files\Winamp\winampa.exe [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "NOD32krn"=2 (0x2) "AVGIDSAgent"=2 (0x2) "avgfws9"=2 (0x2) "avg9wd"=2 (0x2) "avg9emc"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\Asus\\ASUS Live Update\\LiveUpdt.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 24896] R0 AvgRkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [23/11/2009 20:22 31952] R1 AvgLdx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [1/04/2009 14:52 235216] R1 AvgTdiX;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [1/04/2009 14:52 301248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 193288] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [23/11/2009 20:18 30104] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232] S0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [23/11/2009 20:22 25168] S0 SSI;SSI;c:\windows\system32\Drivers\SSI.SYS --> c:\windows\system32\Drivers\SSI.SYS [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [4/07/2012 17:25 5160568] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8/07/2012 15:08 250056] S3 ATKXPDisplayName;ATKXPDisplayName;c:\windows\system32\drivers\ATKACPI.sys [26/05/2004 21:43 5760] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [23/11/2009 20:18 30104] S3 AVGIDSDriverxpx;AVG9IDSDriver;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [?] S3 AVGIDSFilterxpx;AVG9IDSFilter;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [?] S3 AVGIDSShimxpx;AVG9IDSShim;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2012-07-13 c:\windows\Tasks\User_Feed_Synchronization-{65B1CF8F-D669-42D6-AF1E-8811023923C3}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . 2012-07-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 18:51] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx TCP: DhcpNameServer = 192.168.0.1 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Ad-Aware SE Personal - c:\progra~1\LAVASOFT\AD-AWA~1\UNWISE.EXE AddRemove-Spybot - Search & Destroy_is1 - c:\program files\Spybot - Search & Destroy\unins000.exe AddRemove-{5AE68DC3-F16E-457D-947A-092D614C7ABD}_is1 - c:\program files\Webroot\Spy Sweeper\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-13 20:07 Windows 5.1.2600 Service Pack 3 FAT NTAPI . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1344) c:\windows\system32\WRLogonNTF.dll c:\windows\System32\LgNotify.dll . - - - - - - - > 'explorer.exe'(2136) c:\windows\system32\SynTPFcs.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-07-13 20:09:10 ComboFix-quarantined-files.txt 2012-07-13 18:09 . Pre-Run: 10.735.009.792 bytes beschikbaar Post-Run: 10.742.890.496 bytes beschikbaar . - - End Of File - - B77A7F6B8093D6AC2D093C2C565E7E6E

Geen infectie melding meer op AVG en Malwarebytes. Het probleem is opgelost, denk ik. Super bedankt, PCHF!

ComboFix 12-07-13.01 - Gebruiker 13/07/2012 15:44:14.7.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.503.295 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\Gebruiker\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: NOD32 antivirus systeem 2.51 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} (((((((((((((((((((( Bestanden Gemaakt van 2012-06-13 to 2012-07-13 )))))))))))))))))))))))))))))) 2012-07-13 13:15:05 . 2012-07-13 13:15:06 -------- d--h--r- C:\Documents and Settings\Gebruiker\Onlangs geopend 2012-07-13 11:45:23 . 2012-07-13 12:32:50 3888 ----a-w- C:\WINDOWS\system32\drivers\NTHANDLE.SYS 2012-07-13 11:25:29 . 2012-07-13 11:25:30 -------- d-----w- C:\Program Files\WhoLockMe 2012-07-13 10:57:04 . 2012-07-13 10:58:22 1491 ----a-w- C:\user.js 2012-07-13 10:56:06 . 2012-07-13 10:56:08 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\Babylon 2012-07-13 10:56:06 . 2012-07-13 10:56:08 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Babylon 2012-07-12 21:57:01 . 2012-07-12 21:57:02 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2012-07-12 21:57:01 . 2012-07-03 11:46:44 22344 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2012-07-12 10:47:16 . 2012-07-12 10:47:18 -------- d-----w- C:\Documents and Settings\LocalService\Bureaublad 2012-07-11 13:11:11 . 2012-07-11 13:11:12 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\Malwarebytes 2012-07-11 13:10:35 . 2012-07-11 13:10:36 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2012-07-10 21:12:41 . 2012-07-10 21:12:42 -------- d-----w- C:\Documents and Settings\All Users\Application Data\IBUpdaterService 2012-07-10 21:12:33 . 2012-07-10 21:07:46 570304 ----a-w- C:\Program Files\Uninstall Information\ib_uninst_519\uninstall.exe 2012-07-10 21:12:25 . 2012-07-10 21:12:26 -------- d-----w- C:\Program Files\Haali 2012-07-10 21:12:07 . 2012-07-10 21:07:46 570304 ----a-w- C:\Program Files\Uninstall Information\ib_uninst_518\uninstall.exe 2012-07-10 21:10:40 . 2012-07-10 21:07:46 570304 ----a-w- C:\Program Files\Uninstall Information\ib_uninst_455\uninstall.exe 2012-07-10 21:09:59 . 2012-07-10 21:10:00 -------- d-----w- C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google 2012-07-10 21:09:52 . 2012-07-10 21:09:54 -------- d-----w- C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Savings Sidekick 2012-07-10 21:09:48 . 2012-07-10 21:09:50 -------- d-----w- C:\Program Files\Savings Sidekick 2012-07-10 20:49:14 . 2012-07-10 20:49:16 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\BitTorrent 2012-07-10 20:48:24 . 2012-07-10 20:48:26 -------- d-----w- C:\Program Files\bittorrent 2012-07-08 18:12:34 . 2012-07-08 18:12:36 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe 2012-07-08 17:33:03 . 2012-07-08 17:32:50 476936 ----a-w- C:\WINDOWS\system32\npdeployJava1.dll 2012-07-08 17:30:30 . 2012-07-08 17:30:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\McAfee 2012-07-08 13:39:23 . 2012-06-02 13:19:30 15896 ----a-w- C:\WINDOWS\system32\wuapi.dll.mui 2012-07-08 13:08:49 . 2012-07-11 18:51:00 426184 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-07-11 18:51:00 . 2011-08-18 19:37:46 70344 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2012-07-08 17:32:50 . 2010-08-14 21:53:43 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl 2012-07-08 17:32:50 . 2010-05-09 21:47:28 472840 ----a-w- C:\WINDOWS\system32\deployJava1.dll 2012-06-02 13:19:44 . 2009-04-03 13:54:14 18456 ----a-w- C:\WINDOWS\system32\wuaueng.dll.mui 2012-06-02 13:19:38 . 2004-10-13 13:03:23 219160 ----a-w- C:\WINDOWS\system32\wuaucpl.cpl 2012-06-02 13:19:38 . 2004-10-13 13:03:22 329240 ----a-w- C:\WINDOWS\system32\wucltui.dll 2012-06-02 13:19:38 . 2004-10-13 13:03:22 210968 ----a-w- C:\WINDOWS\system32\wuweb.dll 2012-06-02 13:19:34 . 2005-05-26 02:16:30 45080 ----a-w- C:\WINDOWS\system32\wups2.dll 2012-06-02 13:19:34 . 2004-10-15 15:48:44 35864 ----a-w- C:\WINDOWS\system32\wups.dll 2012-06-02 13:19:34 . 2004-07-15 13:19:40 53784 ----a-w- C:\WINDOWS\system32\wuauclt.exe 2012-06-02 13:19:34 . 2002-10-04 12:01:17 97304 ----a-w- C:\WINDOWS\system32\cdm.dll 2012-06-02 13:19:24 . 2009-04-03 13:54:13 15896 ----a-w- C:\WINDOWS\system32\wuaucpl.cpl.mui 2012-06-02 13:19:24 . 2004-10-13 13:03:23 577048 ----a-w- C:\WINDOWS\system32\wuapi.dll 2012-06-02 13:19:18 . 2009-04-03 13:54:15 24088 ----a-w- C:\WINDOWS\system32\wucltui.dll.mui 2012-06-02 13:19:18 . 2004-07-15 13:19:40 1933848 ----a-w- C:\WINDOWS\system32\wuaueng.dll 2012-06-02 13:19:02 . 2009-04-03 15:43:40 18160 ----a-w- C:\WINDOWS\system32\mucltui.dll.mui 2012-06-02 13:18:58 . 2007-02-04 13:23:53 275696 ----a-w- C:\WINDOWS\system32\mucltui.dll 2012-06-02 13:18:58 . 2007-02-04 13:23:53 214256 ----a-w- C:\WINDOWS\system32\muweb.dll 2012-04-19 02:50:26 . 2012-04-19 02:50:26 24896 ----a-w- C:\WINDOWS\system32\drivers\avgidshx.sys 2010-06-28 16:25:38 203776 --sh--w- C:\WINDOWS\system32\unrar.exe ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BisonCom"="C:\WINDOWS\VdCap03C\BisonCom" [X] "Hcontrol"="C:\WINDOWS\ATK0100\Hcontrol.exe" [2004-05-26 19:44:00 86016] "SoundMan"="SOUNDMAN.EXE" [2004-05-20 10:46:36 66048] "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 10:54:44 172032] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-03 10:27:50 98304] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-03 10:27:50 499712] "PRONoMgr.exe"="c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2004-02-05 14:33:08 86016] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2004-05-20 10:50:20 155648] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2004-05-20 10:50:02 118784] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-07 06:40:02 118784] "UpdateReminder"="C:\Program Files\Eset\UpdateReminder.exe" [2011-08-18 18:08:06 462848] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-05-20 10:50:02 118784] "AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" [2012-04-05 03:12:34 2587008] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 12:02:04 254696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 23:03:28 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] 2004-03-03 14:48:34 110592 ----a-w- c:\WINDOWS\system32\LgNotify.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0PFDNNT C:\Program Files\Internet Optimizer\12.tmp\0PFDNNT C:\Program Files\Internet Optimizer\0PFDNNT C:\Program Files\Windows ControlAd\WinCtlAdAlt.exe\0PFDNNT C:\Program Files\Windows ControlAd\WinCtlAdShift.dll\0PFDNNT C:\Program Files\Windows ControlAd\WinCtlAd.exe\0PFDNNT C:\Program Files\Windows ControlAd\8E.tmp\0PFDNNT C:\Program Files\Windows ControlAd\0PFDNNT C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL\0PFDNNT C:\WINDOWS\system32\P2P Networking\9D.tmp\0PFDNNT C:\WINDOWS\system32\P2P Networking\0PFDNNT C:\Program Files\SideFind\sfbho13.dll\0PFDNNT C:\Program Files\SideFind\D3.tmp\0PFDNNT C:\Program Files\SideFind\0PFDNNT c:\docume~1\gebrui~1\applic~1\mpegbl~1\liestr~1.exe\0PFDNNT C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\LONG FRAG EACH ANTI\TRUST BASE.EXE\0PFDNNT C:\DOCUME~1\GEBRUI~1\APPLIC~1\BindBoob\base eggs.exe\0PFDNNT C:\DOCUMENTS AND SETTINGS\GEBRUIKER\APPLICATION DATA\BINDBOOB\BASE EGGS.EXE\0SsiEfr.e\0PFDNNT c:\documents and settings\gebruiker\cookies\gebruiker@com[1].txt\0C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ASUS ChkMail.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ASUS ChkMail.lnk backup=C:\WINDOWS\pss\ASUS ChkMail.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Gebruiker^Menu Start^Programma's^Opstarten^OpenOffice.org 2.0 .lnk] path=C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten\OpenOffice.org 2.0 .lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0 .lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06:34 976832 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04:48 35760 ----a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] 2012-07-10 20:50:14 6077848 ----a-w- C:\Program Files\bittorrent\BitTorrent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hitman Pro Expiration Helper] 2007-02-17 22:28:24 596760 ----a-w- C:\Program Files\Hitman Pro\xphelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] 2004-01-19 14:33:58 81920 ----a-w- C:\PROGRA~1\Asus\Power4 Gear\BatteryLife.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2000-10-16 09:37:36 32768 ------r- C:\WINDOWS\system32\rmctrl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "NOD32krn"=2 (0x2) "AVGIDSAgent"=2 (0x2) "avgfws9"=2 (0x2) "avg9wd"=2 (0x2) "avg9emc"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\MSMSGS.EXE"= "C:\\Program Files\\Asus\\ASUS Live Update\\LiveUpdt.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= R0 AVGIDSHX;AVGIDSHX;C:\WINDOWS\system32\drivers\avgidshx.sys [19/04/2012 4:50:26 24896] R0 AvgRkx86;AVG Anti-Rootkit Driver;C:\WINDOWS\system32\drivers\avgrkx86.sys [23/11/2009 20:22:30 31952] R1 AvgLdx86;AVG AVI Loader Driver;C:\WINDOWS\system32\drivers\avgldx86.sys [1/04/2009 14:52:33 235216] R1 AvgTdiX;AVG TDI Driver;C:\WINDOWS\system32\drivers\avgtdix.sys [1/04/2009 14:52:39 301248] R2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53:38 193288] R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\drivers\avgfwdx.sys [23/11/2009 20:18:01 30104] R3 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32:00 139856] R3 AVGIDSFilter;AVGIDSFilter;C:\WINDOWS\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32:06 24144] R3 AVGIDSShim;AVGIDSShim;C:\WINDOWS\system32\drivers\avgidsshimx.sys [23/12/2011 13:32:08 17232] S0 AVGIDSErHrxpx;AVG9IDSErHr;C:\WINDOWS\system32\drivers\AVGIDSxx.sys [23/11/2009 20:22:30 25168] S0 SSI;SSI;C:\WINDOWS\system32\Drivers\SSI.SYS --> C:\WINDOWS\system32\Drivers\SSI.SYS [?] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG2012\avgidsagent.exe [4/07/2012 17:25:54 5160568] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8/07/2012 15:08:52 250056] S3 ATKXPDisplayName;ATKXPDisplayName;C:\WINDOWS\system32\drivers\ATKACPI.sys [26/05/2004 21:43:00 5760] S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\drivers\avgfwdx.sys [23/11/2009 20:18:01 30104] S3 AVGIDSDriverxpx;AVG9IDSDriver;\??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys --> C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [?] S3 AVGIDSFilterxpx;AVG9IDSFilter;\??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys --> C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [?] S3 AVGIDSShimxpx;AVG9IDSShim;\??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys --> C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [?] --- Andere Services/Drivers In Geheugen --- *Deregistered* - NTHANDLE Inhoud van de 'Gedeelde Taken' map 2012-07-13 C:\WINDOWS\Tasks\User_Feed_Synchronization-{65B1CF8F-D669-42D6-AF1E-8811023923C3}.job - C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 09:58:32 . 2009-03-08 02:31:54] 2012-07-13 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 13:08:52 . 2012-07-11 18:51:06] ------- Bijkomende Scan ------- uStart Page = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=a8caf24f000000000000000e3528cbae uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab - - - - ORPHANS VERWIJDERD - - - - HKU-Default-Run-PcSync - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe MSConfigStartUp-PcSync - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe MSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe

12:26:54.0312 0768 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 12:26:54.0484 0768 ============================================================ 12:26:54.0484 0768 Current date / time: 2012/07/12 12:26:54.0484 12:26:54.0484 0768 SystemInfo: 12:26:54.0484 0768 12:26:54.0484 0768 OS Version: 5.1.2600 ServicePack: 3.0 12:26:54.0484 0768 Product type: Workstation 12:26:54.0484 0768 ComputerName: LAPTOP 12:26:54.0484 0768 UserName: Gebruiker 12:26:54.0484 0768 Windows directory: C:\WINDOWS 12:26:54.0484 0768 System windows directory: C:\WINDOWS 12:26:54.0484 0768 Processor architecture: Intel x86 12:26:54.0484 0768 Number of processors: 1 12:26:54.0484 0768 Page size: 0x1000 12:26:54.0484 0768 Boot type: Normal boot 12:26:54.0484 0768 ============================================================ 12:26:56.0078 0768 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 12:26:56.0078 0768 ============================================================ 12:26:56.0078 0768 \Device\Harddisk0\DR0: 12:26:56.0078 0768 MBR partitions: 12:26:56.0078 0768 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x549219, BlocksNum 0x3FF6D8F 12:26:56.0109 0768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x453FFE7, BlocksNum 0x2A83DD8 12:26:56.0109 0768 ============================================================ 12:26:56.0218 0768 C: <-> \Device\Harddisk0\DR0\Partition0 12:26:56.0234 0768 D: <-> \Device\Harddisk0\DR0\Partition1 12:26:56.0234 0768 ============================================================ 12:26:56.0234 0768 Initialize success 12:26:56.0234 0768 ============================================================ 12:27:02.0703 2400 ============================================================ 12:27:02.0703 2400 Scan started 12:27:02.0703 2400 Mode: Manual; 12:27:02.0703 2400 ============================================================ 12:27:02.0906 2400 Abiosdsk - ok 12:27:02.0906 2400 abp480n5 - ok 12:27:02.0968 2400 ACPI (12139c5b5d7366e54ef3029c65b8ca97) C:\WINDOWS\system32\DRIVERS\ACPI.sys 12:27:02.0968 2400 ACPI - ok 12:27:02.0984 2400 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 12:27:02.0984 2400 ACPIEC - ok 12:27:03.0281 2400 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:27:03.0281 2400 AdobeFlashPlayerUpdateSvc - ok 12:27:03.0296 2400 adpu160m - ok 12:27:03.0359 2400 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys 12:27:03.0359 2400 aec - ok 12:27:03.0390 2400 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys 12:27:03.0390 2400 AFD - ok 12:27:03.0406 2400 Aha154x - ok 12:27:03.0421 2400 aic78u2 - ok 12:27:03.0437 2400 aic78xx - ok 12:27:03.0484 2400 ALCXSENS (ba88534a3ceb6161e7432438b9ea4f54) C:\WINDOWS\system32\drivers\ALCXSENS.SYS 12:27:03.0484 2400 ALCXSENS - ok 12:27:03.0531 2400 ALCXWDM (647b8e33e1166829889502a3df2a7ba8) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 12:27:03.0546 2400 ALCXWDM - ok 12:27:03.0609 2400 Alerter (c5ea8facbedbb459c93288b484a59379) C:\WINDOWS\system32\alrsvc.dll 12:27:03.0609 2400 Alerter - ok 12:27:03.0671 2400 ALG (15cff49392f765356ebbf05d87ffb6b2) C:\WINDOWS\System32\alg.exe 12:27:03.0671 2400 ALG - ok 12:27:03.0687 2400 AliIde - ok 12:27:03.0750 2400 AMON (5a50c245e1f02b9f4128c972af0bc1fd) C:\WINDOWS\system32\drivers\amon.sys 12:27:03.0765 2400 AMON - ok 12:27:03.0781 2400 amsint - ok 12:27:03.0875 2400 AppMgmt - ok 12:27:03.0921 2400 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 12:27:03.0921 2400 Arp1394 - ok 12:27:03.0937 2400 asc - ok 12:27:03.0953 2400 asc3350p - ok 12:27:03.0953 2400 asc3550 - ok 12:27:04.0078 2400 aspnet_state (d33c507942299753868204cc7642fa27) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 12:27:04.0078 2400 aspnet_state - ok 12:27:04.0109 2400 asuskbnt (d8cc5ec27f32e1f8a75c40245ac71fb2) C:\WINDOWS\system32\drivers\asuskbnt.sys 12:27:04.0109 2400 asuskbnt - ok 12:27:04.0125 2400 ASUSKeyboardService (ae198f763ae0e81852a339a261b9ff06) c:\WINDOWS\ASUSKBService.exe 12:27:04.0125 2400 ASUSKeyboardService - ok 12:27:04.0187 2400 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 12:27:04.0187 2400 AsyncMac - ok 12:27:04.0218 2400 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys 12:27:04.0218 2400 atapi - ok 12:27:04.0234 2400 Atdisk - ok 12:27:04.0281 2400 ATKXPDisplayName (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys 12:27:04.0281 2400 ATKXPDisplayName - ok 12:27:04.0312 2400 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 12:27:04.0328 2400 Atmarpc - ok 12:27:04.0375 2400 AudioSrv (d2aa479b238ff4cd0a5aa26afc1cbe8c) C:\WINDOWS\System32\audiosrv.dll 12:27:04.0375 2400 AudioSrv - ok 12:27:04.0390 2400 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 12:27:04.0390 2400 audstub - ok 12:27:04.0406 2400 Avgfwdx (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys 12:27:04.0406 2400 Avgfwdx - ok 12:27:04.0421 2400 Avgfwfd (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys 12:27:04.0421 2400 Avgfwfd - ok 12:27:04.0921 2400 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe 12:27:04.0984 2400 AVGIDSAgent - ok 12:27:05.0093 2400 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys 12:27:05.0093 2400 AVGIDSDriver - ok 12:27:05.0218 2400 AVGIDSDriverxpx - ok 12:27:05.0296 2400 AVGIDSErHrxpx (277fc6b0f0be23bae7e63f184034b2fe) C:\WINDOWS\system32\Drivers\AVGIDSxx.sys 12:27:05.0296 2400 AVGIDSErHrxpx - ok 12:27:05.0328 2400 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys 12:27:05.0328 2400 AVGIDSFilter - ok 12:27:05.0343 2400 AVGIDSFilterxpx - ok 12:27:05.0359 2400 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys 12:27:05.0359 2400 AVGIDSHX - ok 12:27:05.0390 2400 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys 12:27:05.0390 2400 AVGIDSShim - ok 12:27:05.0406 2400 AVGIDSShimxpx - ok 12:27:05.0468 2400 AvgLdx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 12:27:05.0484 2400 AvgLdx86 - ok 12:27:05.0515 2400 AvgMfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 12:27:05.0515 2400 AvgMfx86 - ok 12:27:05.0531 2400 AvgRkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\Drivers\avgrkx86.sys 12:27:05.0531 2400 AvgRkx86 - ok 12:27:05.0562 2400 AvgTdiX (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys 12:27:05.0578 2400 AvgTdiX - ok 12:27:05.0656 2400 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe 12:27:05.0671 2400 avgwd - ok 12:27:05.0703 2400 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 12:27:05.0703 2400 Beep - ok 12:27:05.0796 2400 BITS (772027cc5ffaea3e7d10af2691ee7095) C:\WINDOWS\system32\qmgr.dll 12:27:05.0812 2400 BITS - ok 12:27:05.0875 2400 Browser (195b1255d9383aeffbdfa8a11ae4d282) C:\WINDOWS\System32\browser.dll 12:27:05.0875 2400 Browser - ok 12:27:05.0953 2400 Cam5603C (94cb9eaf348136168afa6e6f368af53f) C:\WINDOWS\system32\Drivers\Bs350u2.sys 12:27:05.0953 2400 Cam5603C - ok 12:27:06.0000 2400 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 12:27:06.0000 2400 cbidf2k - ok 12:27:06.0046 2400 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 12:27:06.0046 2400 CCDECODE - ok 12:27:06.0062 2400 cd20xrnt - ok 12:27:06.0078 2400 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 12:27:06.0078 2400 Cdaudio - ok 12:27:06.0109 2400 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys 12:27:06.0109 2400 Cdfs - ok 12:27:06.0140 2400 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys 12:27:06.0140 2400 Cdrom - ok 12:27:06.0156 2400 Changer - ok 12:27:06.0187 2400 cisvc (81700207389cbe1911a5eaee9fc812ce) C:\WINDOWS\system32\cisvc.exe 12:27:06.0203 2400 cisvc - ok 12:27:06.0250 2400 ClipSrv (64d5673c075dd40e2f55387ee9b0cad7) C:\WINDOWS\system32\clipsrv.exe 12:27:06.0250 2400 ClipSrv - ok 12:27:06.0343 2400 clr_optimization_v2.0.50727_32 (3c4d595e7f9b747325aef28b4adcaae5) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:27:06.0343 2400 clr_optimization_v2.0.50727_32 - ok 12:27:06.0421 2400 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:27:06.0437 2400 clr_optimization_v4.0.30319_32 - ok 12:27:06.0453 2400 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 12:27:06.0453 2400 CmBatt - ok 12:27:06.0468 2400 CmdIde - ok 12:27:06.0484 2400 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys 12:27:06.0484 2400 Compbatt - ok 12:27:06.0562 2400 COMSysApp - ok 12:27:06.0578 2400 Cpqarray - ok 12:27:06.0625 2400 CryptSvc (5f321535d399516b6d780ff9ef8d8b7a) C:\WINDOWS\System32\cryptsvc.dll 12:27:06.0640 2400 CryptSvc - ok 12:27:06.0640 2400 dac2w2k - ok 12:27:06.0656 2400 dac960nt - ok 12:27:06.0734 2400 DcomLaunch (b52bd9db0bd6d01bdb01b0dbfbb804cd) C:\WINDOWS\system32\rpcss.dll 12:27:06.0734 2400 DcomLaunch - ok 12:27:06.0781 2400 Dhcp (7712e5e85d5a31892d91d6e24ec63d44) C:\WINDOWS\System32\dhcpcsvc.dll 12:27:06.0781 2400 Dhcp - ok 12:27:06.0796 2400 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys 12:27:06.0796 2400 Disk - ok 12:27:06.0828 2400 dmadmin - ok 12:27:06.0906 2400 dmboot (d9542b70560cda5c4f5e62b1eed412cd) C:\WINDOWS\system32\drivers\dmboot.sys 12:27:06.0921 2400 dmboot - ok 12:27:06.0968 2400 dmio (b5f7ac6bb9445e9c59e0686fe52a47e8) C:\WINDOWS\system32\drivers\dmio.sys 12:27:06.0968 2400 dmio - ok 12:27:07.0000 2400 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 12:27:07.0000 2400 dmload - ok 12:27:07.0062 2400 dmserver (da7063647c9260e4cbeb6bdb648603be) C:\WINDOWS\System32\dmserver.dll 12:27:07.0062 2400 dmserver - ok 12:27:07.0093 2400 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 12:27:07.0093 2400 DMusic - ok 12:27:07.0140 2400 Dnscache (57084f6eb6ec1951aa9b5b2b5eeb8e8b) C:\WINDOWS\System32\dnsrslvr.dll 12:27:07.0140 2400 Dnscache - ok 12:27:07.0171 2400 Dot3svc - ok 12:27:07.0187 2400 dpti2o - ok 12:27:07.0218 2400 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 12:27:07.0218 2400 drmkaud - ok 12:27:07.0250 2400 EapHost - ok 12:27:07.0296 2400 ERSvc (ec0f2b78c2e10f3b2a4a83022af03030) C:\WINDOWS\System32\ersvc.dll 12:27:07.0296 2400 ERSvc - ok 12:27:07.0343 2400 Eventlog (39991cd3c17b7529d039151a88e84499) C:\WINDOWS\system32\services.exe 12:27:07.0343 2400 Eventlog - ok 12:27:07.0390 2400 EventSystem (68180553f674b487be777cfd6be70726) C:\WINDOWS\System32\es.dll 12:27:07.0406 2400 EventSystem - ok 12:27:07.0437 2400 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys 12:27:07.0437 2400 Fastfat - ok 12:27:07.0500 2400 FastUserSwitchingCompatibility (d6f2b8963663f2014fafcd8e15e4e778) C:\WINDOWS\System32\shsvcs.dll 12:27:07.0500 2400 FastUserSwitchingCompatibility - ok 12:27:07.0531 2400 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys 12:27:07.0531 2400 Fdc - ok 12:27:07.0562 2400 Fips (dac8cab287a959c2f717d3748177374b) C:\WINDOWS\system32\drivers\Fips.sys 12:27:07.0562 2400 Fips - ok 12:27:07.0578 2400 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys 12:27:07.0578 2400 Flpydisk - ok 12:27:07.0609 2400 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys 12:27:07.0609 2400 FltMgr - ok 12:27:07.0625 2400 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 12:27:07.0625 2400 Fs_Rec - ok 12:27:07.0640 2400 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 12:27:07.0640 2400 Ftdisk - ok 12:27:07.0656 2400 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys 12:27:07.0671 2400 Gpc - ok 12:27:07.0687 2400 gv3 (d31fa654d0d457b052ede5568fc8dbcd) C:\WINDOWS\system32\DRIVERS\gv3.sys 12:27:07.0703 2400 gv3 - ok 12:27:07.0765 2400 helpsvc (3f658987c756abfa3384bc830f6c4e21) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 12:27:07.0765 2400 helpsvc - ok 12:27:07.0796 2400 HidServ - ok 12:27:07.0843 2400 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys 12:27:07.0843 2400 HidUsb - ok 12:27:07.0875 2400 hkmsvc - ok 12:27:07.0890 2400 hpn - ok 12:27:07.0921 2400 HSFHWICH (1b26b6d250727ba983be1078c9865460) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 12:27:07.0937 2400 HSFHWICH - ok 12:27:08.0000 2400 HSF_DP (7d74f921725ef1ae6c19264f8e8bc3e6) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 12:27:08.0000 2400 HSF_DP - ok 12:27:08.0078 2400 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys 12:27:08.0078 2400 HTTP - ok 12:27:08.0125 2400 HTTPFilter (930a625a3ce2ccbf309ccf02c1f7053d) C:\WINDOWS\System32\w3ssl.dll 12:27:08.0125 2400 HTTPFilter - ok 12:27:08.0140 2400 i2omgmt - ok 12:27:08.0156 2400 i2omp - ok 12:27:08.0187 2400 i8042prt (ddb567b5fe32d917a34b98de50b3c923) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 12:27:08.0187 2400 i8042prt - ok 12:27:08.0250 2400 ialm (84651cab3cad040df1614cd2df408741) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 12:27:08.0250 2400 ialm - ok 12:27:08.0281 2400 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys 12:27:08.0281 2400 Imapi - ok 12:27:08.0343 2400 ImapiService (f85149aa4afea9200484715cf15f568d) C:\WINDOWS\System32\imapi.exe 12:27:08.0343 2400 ImapiService - ok 12:27:08.0359 2400 ini910u - ok 12:27:08.0375 2400 IntelIde (133b243ee5ccc607686a5648b807542d) C:\WINDOWS\system32\DRIVERS\intelide.sys 12:27:08.0375 2400 IntelIde - ok 12:27:08.0687 2400 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys 12:27:08.0687 2400 ip6fw - ok 12:27:08.0734 2400 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 12:27:08.0734 2400 IpFilterDriver - ok 12:27:08.0765 2400 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys 12:27:08.0765 2400 IpInIp - ok 12:27:08.0796 2400 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys 12:27:08.0796 2400 IpNat - ok 12:27:08.0828 2400 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys 12:27:08.0828 2400 IPSec - ok 12:27:08.0843 2400 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys 12:27:08.0843 2400 irda - ok 12:27:08.0859 2400 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys 12:27:08.0859 2400 IRENUM - ok 12:27:08.0937 2400 Irmon (ce2aaa68c4482e343772c97ec9938a66) C:\WINDOWS\System32\irmon.dll 12:27:08.0937 2400 Irmon - ok 12:27:08.0953 2400 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys 12:27:08.0953 2400 irsir - ok 12:27:08.0984 2400 isapnp (fd298ad13acb19fc43b627aca0806231) C:\WINDOWS\system32\DRIVERS\isapnp.sys 12:27:08.0984 2400 isapnp - ok 12:27:09.0125 2400 JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Program Files\Java\jre6\bin\jqs.exe 12:27:09.0140 2400 JavaQuickStarterService - ok 12:27:09.0156 2400 Kbdclass (59549e9180ce29d832289e1a1d9e3c60) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 12:27:09.0156 2400 Kbdclass - ok 12:27:09.0187 2400 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys 12:27:09.0187 2400 kmixer - ok 12:27:09.0203 2400 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys 12:27:09.0218 2400 KSecDD - ok 12:27:09.0250 2400 lanmanserver (3b3875c70293eee3633c3a9983cd039b) C:\WINDOWS\System32\srvsvc.dll 12:27:09.0250 2400 lanmanserver - ok 12:27:09.0296 2400 lanmanworkstation (d544ce54055641df74906872ba74ef71) C:\WINDOWS\System32\wkssvc.dll 12:27:09.0296 2400 lanmanworkstation - ok 12:27:09.0312 2400 lbrtfdc - ok 12:27:09.0343 2400 LmHosts (a3a959d256c4bc662f6a29c4809cd583) C:\WINDOWS\System32\lmhsvc.dll 12:27:09.0343 2400 LmHosts - ok 12:27:09.0406 2400 LPDSVC (46d8aad86cf13a292900e4b2efa7aafa) C:\WINDOWS\system32\tcpsvcs.exe 12:27:09.0406 2400 LPDSVC - ok 12:27:09.0421 2400 MDC8021X (0f528e44cdc78365be693ae723e3801c) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys 12:27:09.0421 2400 MDC8021X - ok 12:27:09.0437 2400 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 12:27:09.0437 2400 mdmxsdk - ok 12:27:09.0468 2400 Messenger (1405b1431f51cab25fe9b2ecf13cb198) C:\WINDOWS\System32\msgsvc.dll 12:27:09.0468 2400 Messenger - ok 12:27:09.0484 2400 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 12:27:09.0484 2400 mnmdd - ok 12:27:09.0531 2400 mnmsrvc (8ca3298ee96d6b75f28c991518dc2dd9) C:\WINDOWS\System32\mnmsrvc.exe 12:27:09.0531 2400 mnmsrvc - ok 12:27:09.0562 2400 Modem (7151be7fe5bd6671bf8ab745c419a42e) C:\WINDOWS\system32\drivers\Modem.sys 12:27:09.0562 2400 Modem - ok 12:27:09.0578 2400 Mouclass (0ff36ca1ac0b7d2e46c291d30b516df1) C:\WINDOWS\system32\DRIVERS\mouclass.sys 12:27:09.0578 2400 Mouclass - ok 12:27:09.0640 2400 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 12:27:09.0640 2400 mouhid - ok 12:27:09.0656 2400 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys 12:27:09.0656 2400 MountMgr - ok 12:27:09.0671 2400 mraid35x - ok 12:27:09.0687 2400 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 12:27:09.0687 2400 MRxDAV - ok 12:27:09.0750 2400 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 12:27:09.0750 2400 MRxSmb - ok 12:27:09.0796 2400 MSDTC (aefd24aa5703407480527c395ee07565) C:\WINDOWS\System32\msdtc.exe 12:27:09.0812 2400 MSDTC - ok 12:27:09.0828 2400 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys 12:27:09.0828 2400 Msfs - ok 12:27:09.0875 2400 MSIRCOMM (ee55f5c64417cc369866d7eafe9b07ab) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys 12:27:09.0875 2400 MSIRCOMM - ok 12:27:09.0906 2400 MSIServer - ok 12:27:09.0921 2400 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys 12:27:09.0937 2400 MSKSSRV - ok 12:27:09.0953 2400 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 12:27:09.0953 2400 MSPCLOCK - ok 12:27:09.0968 2400 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys 12:27:09.0968 2400 MSPQM - ok 12:27:10.0000 2400 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 12:27:10.0000 2400 mssmbios - ok 12:27:10.0046 2400 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys 12:27:10.0046 2400 MSTEE - ok 12:27:10.0046 2400 MTsensor (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys 12:27:10.0046 2400 MTsensor - ok 12:27:10.0093 2400 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys 12:27:10.0109 2400 Mup - ok 12:27:10.0140 2400 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 12:27:10.0140 2400 NABTSFEC - ok 12:27:10.0171 2400 napagent - ok 12:27:10.0203 2400 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys 12:27:10.0203 2400 NDIS - ok 12:27:10.0234 2400 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 12:27:10.0234 2400 NdisIP - ok 12:27:10.0250 2400 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12:27:10.0250 2400 NdisTapi - ok 12:27:10.0281 2400 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 12:27:10.0281 2400 Ndisuio - ok 12:27:10.0296 2400 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 12:27:10.0296 2400 NdisWan - ok 12:27:10.0312 2400 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys 12:27:10.0312 2400 NDProxy - ok 12:27:10.0328 2400 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys 12:27:10.0328 2400 NetBIOS - ok 12:27:10.0359 2400 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys 12:27:10.0375 2400 NetBT - ok 12:27:10.0437 2400 NetDDE (7e61d52d2d9259c63dfb6c156719d3b4) C:\WINDOWS\system32\netdde.exe 12:27:10.0437 2400 NetDDE - ok 12:27:10.0453 2400 NetDDEdsdm (7e61d52d2d9259c63dfb6c156719d3b4) C:\WINDOWS\system32\netdde.exe 12:27:10.0453 2400 NetDDEdsdm - ok 12:27:10.0531 2400 Netlogon (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\System32\lsass.exe 12:27:10.0531 2400 Netlogon - ok 12:27:10.0578 2400 Netman (f32049792bcbf64954ff964508e47afb) C:\WINDOWS\System32\netman.dll 12:27:10.0593 2400 Netman - ok 12:27:10.0625 2400 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys 12:27:10.0625 2400 NIC1394 - ok 12:27:10.0687 2400 Nla (ff59588e31f864fed9d0258969559a4b) C:\WINDOWS\System32\mswsock.dll 12:27:10.0687 2400 Nla - ok 12:27:10.0812 2400 NOD32krn (11e98f9b6fd6870a3d9446aec8d2f816) C:\Program Files\Eset\nod32krn.exe 12:27:10.0812 2400 NOD32krn - ok 12:27:10.0828 2400 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys 12:27:10.0828 2400 Npfs - ok 12:27:10.0906 2400 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys 12:27:10.0921 2400 Ntfs - ok 12:27:10.0953 2400 NtLmSsp (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\System32\lsass.exe 12:27:10.0953 2400 NtLmSsp - ok 12:27:11.0031 2400 NtmsSvc (ac75e028773cbbd7d8b1313f382e7c05) C:\WINDOWS\system32\ntmssvc.dll 12:27:11.0046 2400 NtmsSvc - ok 12:27:11.0078 2400 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 12:27:11.0078 2400 Null - ok 12:27:11.0109 2400 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 12:27:11.0125 2400 NwlnkFlt - ok 12:27:11.0140 2400 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 12:27:11.0140 2400 NwlnkFwd - ok 12:27:11.0187 2400 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 12:27:11.0187 2400 ohci1394 - ok 12:27:11.0218 2400 Parport (83a120f43a1424d9c51701fd91d3bc8e) C:\WINDOWS\system32\DRIVERS\parport.sys 12:27:11.0218 2400 Parport - ok 12:27:11.0234 2400 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys 12:27:11.0234 2400 PartMgr - ok 12:27:11.0296 2400 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 12:27:11.0296 2400 ParVdm - ok 12:27:11.0312 2400 PCI (3060407163c2daf8b0dbc878c3052cf0) C:\WINDOWS\system32\DRIVERS\pci.sys 12:27:11.0312 2400 PCI - ok 12:27:11.0328 2400 PCIDump - ok 12:27:11.0328 2400 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 12:27:11.0343 2400 PCIIde - ok 12:27:11.0359 2400 Pcmcia (8673108cad88d629ba0f7758ec5b1924) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 12:27:11.0359 2400 Pcmcia - ok 12:27:11.0375 2400 PDCOMP - ok 12:27:11.0390 2400 PDFRAME - ok 12:27:11.0406 2400 PDRELI - ok 12:27:11.0421 2400 PDRFRAME - ok 12:27:11.0421 2400 perc2 - ok 12:27:11.0437 2400 perc2hib - ok 12:27:11.0500 2400 PlugPlay (39991cd3c17b7529d039151a88e84499) C:\WINDOWS\system32\services.exe 12:27:11.0500 2400 PlugPlay - ok 12:27:11.0531 2400 PolicyAgent (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\System32\lsass.exe 12:27:11.0531 2400 PolicyAgent - ok 12:27:11.0562 2400 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys 12:27:11.0562 2400 PptpMiniport - ok 12:27:11.0593 2400 Processor (7eb2687f1fc3134eeb072878c48d91ac) C:\WINDOWS\system32\DRIVERS\processr.sys 12:27:11.0593 2400 Processor - ok 12:27:11.0625 2400 ProtectedStorage (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\system32\lsass.exe 12:27:11.0625 2400 ProtectedStorage - ok 12:27:11.0640 2400 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys 12:27:11.0640 2400 PSched - ok 12:27:11.0656 2400 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 12:27:11.0656 2400 Ptilink - ok 12:27:11.0671 2400 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys 12:27:11.0671 2400 PxHelp20 - ok 12:27:11.0687 2400 ql1080 - ok 12:27:11.0703 2400 Ql10wnt - ok 12:27:11.0718 2400 ql12160 - ok 12:27:11.0734 2400 ql1240 - ok 12:27:11.0750 2400 ql1280 - ok 12:27:11.0765 2400 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 12:27:11.0765 2400 RasAcd - ok 12:27:11.0796 2400 RasAuto (8e033b9d88fcdd9fcbd1ed74a2e4cec7) C:\WINDOWS\System32\rasauto.dll 12:27:11.0796 2400 RasAuto - ok 12:27:11.0828 2400 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 12:27:11.0828 2400 Rasirda - ok 12:27:11.0843 2400 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 12:27:11.0859 2400 Rasl2tp - ok 12:27:11.0937 2400 RasMan (a072c4446c549f8b40706659a1c19f4d) C:\WINDOWS\System32\rasmans.dll 12:27:11.0953 2400 RasMan - ok 12:27:11.0968 2400 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 12:27:11.0968 2400 RasPppoe - ok 12:27:11.0984 2400 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 12:27:11.0984 2400 Raspti - ok 12:27:12.0015 2400 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys 12:27:12.0015 2400 Rdbss - ok 12:27:12.0031 2400 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 12:27:12.0031 2400 RDPCDD - ok 12:27:12.0078 2400 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys 12:27:12.0093 2400 RDPWD - ok 12:27:12.0140 2400 RDSessMgr (a81b92d6ae9f0433b14a54dbf63a1ff3) C:\WINDOWS\system32\sessmgr.exe 12:27:12.0140 2400 RDSessMgr - ok 12:27:12.0156 2400 redbook (7bb9c58a13323f5edc89c88f98c80cba) C:\WINDOWS\system32\DRIVERS\redbook.sys 12:27:12.0156 2400 redbook - ok 12:27:12.0218 2400 RegSrvc (3c2f98392d33760d0ee968b077fbc80d) C:\WINDOWS\System32\RegSrvc.exe 12:27:12.0234 2400 RegSrvc - ok 12:27:12.0296 2400 RemoteAccess (bf6297975d92b0950783034257961544) C:\WINDOWS\System32\mprdim.dll 12:27:12.0296 2400 RemoteAccess - ok 12:27:12.0312 2400 rmedia (2f94c9237cefa1305f0c3cd9bb2e803e) C:\WINDOWS\system32\DRIVERS\rmedia.sys 12:27:12.0312 2400 rmedia - ok 12:27:12.0343 2400 RpcLocator (69b970645e78c1ed5fa7caf34a1a13e6) C:\WINDOWS\System32\locator.exe 12:27:12.0343 2400 RpcLocator - ok 12:27:12.0406 2400 RpcSs (b52bd9db0bd6d01bdb01b0dbfbb804cd) C:\WINDOWS\system32\rpcss.dll 12:27:12.0406 2400 RpcSs - ok 12:27:12.0468 2400 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\System32\rsvp.exe 12:27:12.0468 2400 RSVP - ok 12:27:12.0500 2400 RT2500USB (6f6ce24f243458c92b54e0016ad46bd7) C:\WINDOWS\system32\DRIVERS\rt2500usb.sys 12:27:12.0500 2400 RT2500USB - ok 12:27:12.0546 2400 RTL8023xp (e9877aa069dc11b03dbd1d33b8b2a3ca) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 12:27:12.0546 2400 RTL8023xp - ok 12:27:12.0671 2400 S24EventMonitor (f95688e13b6e1eda9aa410cac08603a9) C:\WINDOWS\System32\S24EvMon.exe 12:27:12.0671 2400 S24EventMonitor - ok 12:27:12.0687 2400 s24trans (41cf7128424f3bdc35b05be3cc8ce7ec) C:\WINDOWS\system32\DRIVERS\s24trans.sys 12:27:12.0687 2400 s24trans - ok 12:27:12.0765 2400 SamSs (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\system32\lsass.exe 12:27:12.0765 2400 SamSs - ok 12:27:12.0812 2400 SCardSvr (11344a685293c0a5d228de5381cd9e5d) C:\WINDOWS\System32\SCardSvr.exe 12:27:12.0812 2400 SCardSvr - ok 12:27:12.0875 2400 Schedule (d245b3e32f8ab3b2fb576afcfdec105e) C:\WINDOWS\system32\schedsvc.dll 12:27:12.0875 2400 Schedule - ok 12:27:13.0046 2400 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 12:27:13.0062 2400 SeaPort - ok 12:27:13.0093 2400 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys 12:27:13.0093 2400 Secdrv - ok 12:27:13.0140 2400 seclogon (2d5122859174871c07e8f4640884afbf) C:\WINDOWS\System32\seclogon.dll 12:27:13.0140 2400 seclogon - ok 12:27:13.0171 2400 SENS (08c43746105e0c231ed2ac620c2f0f86) C:\WINDOWS\system32\sens.dll 12:27:13.0171 2400 SENS - ok 12:27:13.0218 2400 Serial (97e86d03d082d369cb025113b4b7b781) C:\WINDOWS\system32\drivers\Serial.sys 12:27:13.0218 2400 Serial - ok 12:27:13.0265 2400 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 12:27:13.0265 2400 Sfloppy - ok 12:27:13.0359 2400 SharedAccess (34f401e1756261320b16d42900a70163) C:\WINDOWS\System32\ipnathlp.dll 12:27:13.0375 2400 SharedAccess - ok 12:27:13.0421 2400 ShellHWDetection (d6f2b8963663f2014fafcd8e15e4e778) C:\WINDOWS\System32\shsvcs.dll 12:27:13.0421 2400 ShellHWDetection - ok 12:27:13.0437 2400 Simbad - ok 12:27:13.0468 2400 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys 12:27:13.0468 2400 SLIP - ok 12:27:13.0500 2400 Sparrow - ok 12:27:13.0562 2400 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys 12:27:13.0562 2400 splitter - ok 12:27:13.0640 2400 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe 12:27:13.0640 2400 Spooler - ok 12:27:13.0937 2400 sr (a859c2da6b06024c9b4d995b90fe8175) C:\WINDOWS\system32\DRIVERS\sr.sys 12:27:13.0937 2400 sr - ok 12:27:14.0250 2400 srservice (0b96a1e4252f663222c9c3bac89f596c) C:\WINDOWS\System32\srsvc.dll 12:27:14.0265 2400 srservice - ok 12:27:15.0390 2400 Srv (ab9c79ed12d65e800aaad3d72a04792f) C:\WINDOWS\system32\DRIVERS\srv.sys 12:27:15.0390 2400 Srv - ok 12:27:15.0875 2400 SSDPSRV (b02fdce64f64cde3aa809d28d25d2a12) C:\WINDOWS\System32\ssdpsrv.dll 12:27:15.0875 2400 SSDPSRV - ok 12:27:15.0906 2400 SSI (9910b19fed16e3e073d48efc4422f29c) C:\WINDOWS\system32\Drivers\SSI.SYS 12:27:15.0906 2400 SSI - ok 12:27:15.0953 2400 stisvc (0bf8de5896d9a02c99c4a4ef896e917e) C:\WINDOWS\system32\wiaservc.dll 12:27:15.0968 2400 stisvc - ok 12:27:16.0015 2400 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 12:27:16.0015 2400 streamip - ok 12:27:16.0281 2400 svcWRSSSDK (b94b99c8f36e2128cabc88b148787034) C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe 12:27:16.0312 2400 svcWRSSSDK - ok 12:27:16.0406 2400 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys 12:27:16.0421 2400 swenum - ok 12:27:16.0437 2400 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys 12:27:16.0437 2400 swmidi - ok 12:27:16.0546 2400 SwPrv - ok 12:27:16.0562 2400 symc810 - ok 12:27:16.0578 2400 symc8xx - ok 12:27:16.0593 2400 sym_hi - ok 12:27:16.0609 2400 sym_u3 - ok 12:27:16.0640 2400 SynTP (38f231b0218a0cb31fa53bf47af90cbe) C:\WINDOWS\system32\DRIVERS\SynTP.sys 12:27:16.0640 2400 SynTP - ok 12:27:16.0671 2400 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys 12:27:16.0671 2400 sysaudio - ok 12:27:16.0750 2400 SysmonLog (c4d7d00c5ea67a557c95c44e3a226bad) C:\WINDOWS\system32\smlogsvc.exe 12:27:16.0750 2400 SysmonLog - ok 12:27:16.0812 2400 TapiSrv (c2a4e29888f45e7fc1fd64c83d5ea669) C:\WINDOWS\System32\tapisrv.dll 12:27:16.0812 2400 TapiSrv - ok 12:27:16.0875 2400 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys 12:27:16.0875 2400 Tcpip - ok 12:27:16.0937 2400 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys 12:27:16.0937 2400 TDPIPE - ok 12:27:16.0984 2400 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys 12:27:16.0984 2400 TDTCP - ok 12:27:17.0000 2400 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys 12:27:17.0000 2400 TermDD - ok 12:27:17.0078 2400 TermService (e2ce999886a4636026f157deb886aa94) C:\WINDOWS\System32\termsrv.dll 12:27:17.0078 2400 TermService - ok 12:27:17.0156 2400 Themes (d6f2b8963663f2014fafcd8e15e4e778) C:\WINDOWS\System32\shsvcs.dll 12:27:17.0156 2400 Themes - ok 12:27:17.0171 2400 TosIde - ok 12:27:17.0218 2400 TrkWks (e6ebf15491c5f80c55da23821a75c9dd) C:\WINDOWS\system32\trkwks.dll 12:27:17.0218 2400 TrkWks - ok 12:27:17.0281 2400 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys 12:27:17.0281 2400 Udfs - ok 12:27:17.0296 2400 ultra - ok 12:27:17.0343 2400 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys 12:27:17.0343 2400 Update - ok 12:27:17.0421 2400 uploadmgr (3f658987c756abfa3384bc830f6c4e21) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 12:27:17.0421 2400 uploadmgr - ok 12:27:17.0500 2400 upnphost (348b60067b10efa7d7763ee44674108c) C:\WINDOWS\System32\upnphost.dll 12:27:17.0500 2400 upnphost - ok 12:27:17.0562 2400 UPS (5124d4054c62991a65d616f202965740) C:\WINDOWS\System32\ups.exe 12:27:17.0562 2400 UPS - ok 12:27:17.0593 2400 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys 12:27:17.0593 2400 usbehci - ok 12:27:17.0609 2400 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys 12:27:17.0609 2400 usbhub - ok 12:27:17.0640 2400 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys 12:27:17.0640 2400 usbscan - ok 12:27:17.0703 2400 usbstor (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 12:27:17.0703 2400 usbstor - ok 12:27:17.0734 2400 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 12:27:17.0734 2400 usbuhci - ok 12:27:17.0765 2400 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys 12:27:17.0765 2400 VgaSave - ok 12:27:17.0781 2400 ViaIde - ok 12:27:17.0812 2400 Video3D (66ad9ede212263c66dd6b13477fe3887) C:\WINDOWS\system32\Drivers\Video3D.sys 12:27:17.0812 2400 Video3D - ok 12:27:17.0843 2400 VolSnap (4d90d2768b7d0902b011bf6707b10423) C:\WINDOWS\system32\drivers\VolSnap.sys 12:27:17.0843 2400 VolSnap - ok 12:27:17.0921 2400 VSS (faec7a09c545a16b7534ff57cc8e2a4a) C:\WINDOWS\System32\vssvc.exe 12:27:17.0937 2400 VSS - ok 12:27:18.0062 2400 w22n51 (b6cb2cce557ce57c72c3d31e701e6e39) C:\WINDOWS\system32\DRIVERS\w22n51.sys 12:27:18.0078 2400 w22n51 - ok 12:27:18.0203 2400 W32Time (ef361e7a6319c445c21c81a131cf1f99) C:\WINDOWS\System32\w32time.dll 12:27:18.0203 2400 W32Time - ok 12:27:18.0234 2400 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys 12:27:18.0234 2400 Wanarp - ok 12:27:18.0250 2400 WDICA - ok 12:27:18.0296 2400 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys 12:27:18.0296 2400 wdmaud - ok 12:27:18.0437 2400 WebClient (fdef269c0f387af8d6fe5df80cb3dbcf) C:\WINDOWS\System32\webclnt.dll 12:27:18.0437 2400 WebClient - ok 12:27:18.0500 2400 winachsf (f3566ea6c3a657eb5a0246ca3ec600eb) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 12:27:18.0515 2400 winachsf - ok 12:27:18.0593 2400 winmgmt (b0e590c9260bb08f0832383fdb6eebfb) C:\WINDOWS\system32\wbem\WMIsvc.dll 12:27:18.0593 2400 winmgmt - ok 12:27:18.0640 2400 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll 12:27:18.0640 2400 WmdmPmSN - ok 12:27:18.0703 2400 WmiApSrv (2398e9f520df78a96fcd577f3a261e98) C:\WINDOWS\System32\wbem\wmiapsrv.exe 12:27:18.0703 2400 WmiApSrv - ok 12:27:18.0828 2400 WMPNetworkSvc (e3f091c0f8fcf97ccd86fb6c1beef185) C:\Program Files\Windows Media Player\WMPNetwk.exe 12:27:18.0843 2400 WMPNetworkSvc - ok 12:27:19.0046 2400 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 12:27:19.0062 2400 WPFFontCache_v0400 - ok 12:27:19.0140 2400 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 12:27:19.0140 2400 WS2IFSL - ok 12:27:19.0234 2400 wscsvc (d24e5fcf419d4e0dff27b08efc022625) C:\WINDOWS\system32\wscsvc.dll 12:27:19.0234 2400 wscsvc - ok 12:27:19.0281 2400 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 12:27:19.0281 2400 WSTCODEC - ok 12:27:19.0421 2400 wuauserv (2c25b42c668a3cf104acbd946d6688bb) C:\WINDOWS\system32\wuauserv.dll 12:27:19.0421 2400 wuauserv - ok 12:27:19.0453 2400 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 12:27:19.0453 2400 WudfPf - ok 12:27:19.0484 2400 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 12:27:19.0500 2400 WudfRd - ok 12:27:19.0546 2400 WudfSvc (ae93084d2d236887ba56467ae42b4955) C:\WINDOWS\System32\WUDFSvc.dll 12:27:19.0546 2400 WudfSvc - ok 12:27:19.0625 2400 WZCSVC (0d87d0a91d7b86ec07223a27cd6bd157) C:\WINDOWS\System32\wzcsvc.dll 12:27:19.0640 2400 WZCSVC - ok 12:27:19.0718 2400 xmlprov (f4c8d4b0a294aaf37fe50c407b6e03f9) C:\WINDOWS\System32\xmlprov.dll 12:27:19.0718 2400 xmlprov - ok 12:27:19.0812 2400 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0 12:27:20.0250 2400 \Device\Harddisk0\DR0 - ok 12:27:20.0265 2400 Boot (0x1200) (4f3e38c4e7cd4d7bd7ed03cfc6e27c0b) \Device\Harddisk0\DR0\Partition0 12:27:20.0265 2400 \Device\Harddisk0\DR0\Partition0 - ok 12:27:20.0296 2400 Boot (0x1200) (ea833db153f6d91bbdd6d8e3c5e42b5f) \Device\Harddisk0\DR0\Partition1 12:27:20.0296 2400 \Device\Harddisk0\DR0\Partition1 - ok 12:27:20.0296 2400 ============================================================ 12:27:20.0296 2400 Scan finished 12:27:20.0296 2400 ============================================================ 12:27:20.0312 2248 Detected object count: 0 12:27:20.0312 2248 Actual detected object count: 0

kunt u nog iets doen?

AVG rootkitscan "Scan ""Anti-Rootkitscan"" is voltooid." "Rootkits";"25";"0";"25" "" "Scan is gestart:";"woensdag 11 juli 2012, 22:35:34" "Scan voltooid:";"woensdag 11 juli 2012, 22:36:44 (1 min. 9 seconde (n))" "Totaal gescande objecten:";"58114" "Gebruiker:";"SYSTEM" "Rootkits" "";"Bestand";"Infectie";"Resultaat" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_WRITE -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_EA -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_EA -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_FLUSH_BUFFERS -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_VOLUME_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_VOLUME_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_DIRECTORY_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_FILE_SYSTEM_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_DEVICE_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_INTERNAL_DEVICE_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SHUTDOWN -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_LOCK_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_CLEANUP -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_CREATE_MAILSLOT -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_SECURITY -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_SECURITY -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_POWER -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SYSTEM_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_DEVICE_CHANGE -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_QUOTA -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_QUOTA -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_PNP -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"Service function NtSetValueKey hook -> SSI.SYS +0x7270";"Object is verborgen"

ik ga ze met avg aanpakken en dan hijackthis verwijderen, herstelpunten verwijderen, ccleaner uitvoeren en ik hoop dat ze weg zullen zijn maar ik vraag me af of deze laatste drie rootkits nog kwaad kunnen en misschien onopgemerkt verder werken in geval ze niet weg zijn?heb ik niet gedaan nog maar hier onder heb ik de rootkitscan van avg gepost en die geeft aan dat er nu 25 rootkits zijn.

rootkits, geeft hij weer.

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_QUOTA -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_PNP -> SSI.SYS +0xC20C";"Object is verborgen" "";"C:\WINDOWS\System32\drivers\SSI.SYS";"Service function NtSetValueKey hook -> SSI.SYS +0x7270";"Object is verborgen"

Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.07.11.05 Windows XP Service Pack 3 x86 FAT32 Internet Explorer 8.0.6001.18702 Gebruiker :: LAPTOP [administrator] 11/07/2012 15:14:49 mbam-log-2012-07-11 (15-14-49).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 191540 Verstreken tijd: 15 minuut/minuten, 53 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 10 HKCR\.fsharproj (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.BHO (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.BHO.1 (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.FBApi (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.FBApi.1 (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.Sandbox (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0005060.Sandbox.1 (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Cr_Installer\5060 (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|mysearchnow.com (Malware.Trace) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|Loading... (Malware.Trace) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 81862b37d818dc4c869bb0c2f68f9daf -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Data: Savings Sidekick -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 2 C:\WINDOWS\system32\SysWoW32 (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Gebruiker\Application Data\SystemProc (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 17 C:\Documents and Settings\Gebruiker\Application Data\02000000055e4824964P.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Gebruiker\Application Data\02000000055e4824964C.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Gebruiker\Application Data\02000000055e4824964O.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Gebruiker\Application Data\02000000055e4824964S.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\sl427503757 (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\wu1922082837v0.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\wu1922082837v0 (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\wu1922082837v1.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\wu1922082837v2.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\wu1922082837v3.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\mu1922082837v4.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\mu1922082837v5.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\mu1922082837v6.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\SysWoW32\mu1922082837v7.kwd (Trojan.Tracur) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:52:08, on 11/07/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\Program Files\AVG\AVG2012\AVGRSX.EXE C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE c:\WINDOWS\ASUSKBService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\ATK0100\Hcontrol.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\VdCap03C\BisonCom.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\WINDOWS\System32\RegSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\System32\1XConfig.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bisonCom] C:\WINDOWS\VdCap03C\BisonCom O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [updateReminder] C:\Program Files\Eset\UpdateReminder.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O14 - IERESET.INF: START_PAGE_URL=http://www.skynet.be O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238766823921 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238766802437 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ASUS Keyboard Service (ASUSKeyboardService) - ASUSTeK COMPUTER INC. - c:\WINDOWS\ASUSKBService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe -- End of file - 6822 bytes

Beste, ik heb reeds een fout gemaakt, denk ik. Hijackthis heb ik gedownload maar kreeg ik niet uitgevoerd op mijn pc om beveiligingsredenen. Ik wilde echter niet zoeken om het probleem op te lossen en ik heb hjt op een andere computer gedownload en uitgevoerd vanaf een usb stick op mijn computer en dan dit log gepost. Hijackthis stond niet in een map op mijn bureaublad en ook niet onder C:\hijackthis maar op mijn usbstick. Ik maak dit nu eerst in orde conform wat mij gezegd is. Sorry, ik was even verstrooid. Wat moet ik nu doen? Ik weet niet of ik kan doorgaan van op mijn usb stick want de rootkits staan toch op mijn C:? Ik heb nu C:\hijackthis\HijackThis.exe Zou u kunnen opnieuw bekijken? Hier is het log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:28:31, on 11/07/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\Program Files\AVG\AVG2012\AVGRSX.EXE C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\Hcontrol.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\VdCap03C\BisonCom.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe c:\WINDOWS\ASUSKBService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\RegSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\System32\1XConfig.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - _{A045DC85-FC44-45be-8A50-E4F9C62C9A84} - (no file) R3 - URLSearchHook: (no name) - - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Program Files\Savings Sidekick\Savings Sidekick.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bisonCom] C:\WINDOWS\VdCap03C\BisonCom O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [updateReminder] C:\Program Files\Eset\UpdateReminder.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\Policies\Explorer\Run: [RTHDBPL] C:\Documents and Settings\Gebruiker\Application Data\SystemProc\lsass.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.skynet.be O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238766823921 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238766802437 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\kbdcan32.dll O20 - Winlogon Notify: a8caf24f964 - C:\WINDOWS\system32\kbdcan32.dll (file missing) O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ASUS Keyboard Service (ASUSKeyboardService) - ASUSTeK COMPUTER INC. - c:\WINDOWS\ASUSKBService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe -- End of file - 8358 bytes

ik heb een fout gemaakt

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:09:56, on 11/07/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\Program Files\AVG\AVG2012\AVGRSX.EXE C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\Hcontrol.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\VdCap03C\BisonCom.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe c:\WINDOWS\ASUSKBService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\RegSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\System32\1XConfig.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\WINDOWS\SYSTEM32\cidaemon.exe K:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - _{A045DC85-FC44-45be-8A50-E4F9C62C9A84} - (no file) R3 - URLSearchHook: (no name) - - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Program Files\Savings Sidekick\Savings Sidekick.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bisonCom] C:\WINDOWS\VdCap03C\BisonCom O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [updateReminder] C:\Program Files\Eset\UpdateReminder.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\Policies\Explorer\Run: [RTHDBPL] C:\Documents and Settings\Gebruiker\Application Data\SystemProc\lsass.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.skynet.be O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238766823921 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238766802437 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\kbdcan32.dll O20 - Winlogon Notify: a8caf24f964 - C:\WINDOWS\system32\kbdcan32.dll (file missing) O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ASUS Keyboard Service (ASUSKeyboardService) - ASUSTeK COMPUTER INC. - c:\WINDOWS\ASUSKBService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe -- End of file - 8347 bytes

Hallo, Ik heb van mijn anti-virus programma de melding gekregen dat er tien rootkits aanwezig zijn. Toen ik informatie opzocht over rootkits las ik dat rootkits moeilijk volledig te verwijderen zijn. Ik zou graag zeker zijn dat deze van mijn computer verwijderd zijn maar ik weet nog niet genoeg van computer om zelf te weten hoe ik dit moet aanpakken en zou dit graag leren. Is het om het even met welk programma ik dit probleem bestrijd? Ik las op het forum dat velen beginnen met hijackthis. Kan ik hier ook mee starten?