De verbinding werd geherinstaleerd

[geetn]

Dit heb ik gekregen als resultaat.

ComboFix 11-09-04.03 - gauthier 05/09/2011 9:00.2.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4026.2510 [GMT 2:00]

Gestart vanuit: c:\users\gauthier\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\gauthier\Desktop\CFScript.txt..txt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome.manifest

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome\softonic-eng7.jar

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitAutoCompleteSearch.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitAutoCompleteSearch.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitToolbar.idl

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitToolbar.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\ConduitToolbar.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults\default_radio_skin.xml

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults\fbAlert.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\install.rdf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\lib\xpcom.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF\manifest.mf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF\zigbert.rsa

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF\zigbert.sf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.ico

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.PNG

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.src

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin\conduit.xml

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\version.txt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome.manifest

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome\dvdvideosofttb.jar

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitToolbar.idl

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitToolbar.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitToolbar.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\default_radio_skin.xml

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\install.rdf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib\xpcom.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\manifest.mf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.rsa

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.sf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.ico

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.PNG

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.src

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.xml

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\setup.ini

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\version.txt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\chrome.manifest

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\chrome\babylon-english.jar

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitAutoCompleteSearch.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitAutoCompleteSearch.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitToolbar.idl

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitToolbar.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitToolbar.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.dll

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.dll

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\default_radio_skin.xml

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\fbAlert.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\install.rdf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\lib\xpcom.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\manifest.mf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\zigbert.rsa

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\zigbert.sf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.ico

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.PNG

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.src

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.xml

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\setup.ini

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\version.txt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\chrome.manifest

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.dll

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.xpt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.css

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\facemoods.xul

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\fcmdDef.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\facebook_But.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\facebook_But2.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\facemoods.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fb.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbhome.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbmsgs.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbphotos.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbprofile.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbsettings.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbshare.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\fbuploads.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\help_16.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\home.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\ibario_ball.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\logo.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\moodsIcon.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\pref.jpg

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\privecy_16_hot.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\stripicons.png

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\tellafriend.gif

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\Thumbs.db

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\images\vssver.scc

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\instlgc.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\JSonButtons.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\Loader.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\mtrprt.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\newTabLgc.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\PPCB.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\preferences\preferences.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\preferences\preferences.xul

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\prefman.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\script-compiler.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\Thumbs.db

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\utils.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\vssver.scc

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\xmlhttprequester.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences\instlPref.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences\vssver.scc

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\install.rdf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\ffxtlbr@Facemoods.com\vssver.scc

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\build.sh

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\chrome.manifest

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\config_build.sh

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\about.xul

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\firefoxOverlay.xul

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\options.xul

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\overlay.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\content\y2layers.jpg

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\defaults\preferences\y2layers.js

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\install.rdf

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\about.dtd

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\prefwindow.dtd

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\y2layers.dtd

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\locale\en-US\y2layers.properties

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\readme.txt

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\skin\overlay.css

c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\extensions\plugin@yontoo.com\skin\toolbar-button.png

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-08-05 to 2011-09-05 ))))))))))))))))))))))))))))))

.

.

2011-09-05 07:28 . 2011-09-05 07:28 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-09-04 10:02 . 2011-09-04 10:02 388096 ----a-r- c:\users\gauthier\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-09-02 21:52 . 2011-09-02 21:52 -------- d-----w- c:\program files\Speccy

2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia Ovi Suite

2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia

2011-08-28 19:01 . 2011-08-28 19:02 -------- d-----w- c:\program files (x86)\Common Files\Nokia

2011-08-20 11:02 . 2011-08-20 11:02 -------- d-----w- c:\windows\nl

2011-08-20 10:58 . 2011-08-20 10:58 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-08-20 10:52 . 2011-08-20 10:52 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\460fed941cc5f2703\MeshBetaRemover.exe

2011-08-13 14:41 . 2011-08-13 14:41 -------- d-----w- c:\programdata\Hewlett-Packard

2011-08-13 14:41 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll

2011-08-10 13:36 . 2011-07-16 05:17 338432 ----a-w- c:\windows\system32\conhost.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-08-17 21:41 . 2011-02-27 14:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2011-08-17 21:41 . 2011-02-27 14:47 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-08-17 21:38 . 2011-05-24 09:52 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-25 20:12 . 2011-07-25 20:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2011-07-25 20:11 . 2011-07-25 20:11 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2011-07-16 04:32 . 2011-08-10 13:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2011-07-04 11:43 . 2011-05-21 07:30 40112 ----a-w- c:\windows\avastSS.scr

2011-07-04 11:43 . 2011-05-21 07:30 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe

2011-07-04 11:43 . 2011-05-21 07:31 253888 ----a-w- c:\windows\system32\aswBoot.exe

2011-07-04 11:36 . 2011-05-21 07:31 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-07-04 11:36 . 2011-05-21 07:31 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-07-04 11:35 . 2011-05-21 07:31 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-07-04 11:32 . 2011-05-21 07:31 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-07-04 11:32 . 2011-05-21 07:31 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-07-04 11:32 . 2011-05-21 07:31 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-06-11 02:56 . 2011-07-22 21:13 3134464 ----a-w- c:\windows\system32\win32k.sys

2006-05-03 10:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll

2007-02-21 11:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll

2008-03-16 13:30 216064 --sh--r- c:\windows\SysWOW64\nbDX.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-09-04_20.59.15 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-14 04:54 . 2011-09-05 06:10 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-09-04 19:58 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-09-04 19:58 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-09-05 06:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-09-05 06:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2011-09-04 19:58 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-06-18 16:44 . 2011-09-05 06:48 657440 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2009-07-14 02:34 . 2011-09-05 06:58 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

- 2009-07-14 02:34 . 2011-09-04 09:57 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

"TorrentEasy"="c:\program files (x86)\TorrentEasy\TorrentEasy.exe" [2011-05-20 2557440]

"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-08-04 966712]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]

.

c:\users\gauthier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft SharePoint Workspace.lnk - c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664]

R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-10 1436424]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]

R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]

R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]

R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]

S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-01-28 341296]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - CPUZ135

*Deregistered* - cpuz135

.

Inhoud van de 'Gedeelde Taken' map

.

2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39]

.

2011-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-06-11 301056]

"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]

"fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm

TCP: DhcpNameServer = 195.130.131.5 195.130.130.133

FF - ProfilePath - c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de

FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files (x86)\AVG\AVG10\Firefox4

FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF

FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2038657912-3609206695-1329041838-1001\Software\SecuROM\License information*]

"datasecu"=hex:db,0e,85,f2,16,21,3a,f5,09,17,ac,57,13,e2,12,f7,09,b1,22,2f,13,

62,bf,36,12,b0,cd,36,f1,1d,eb,ce,5e,1e,98,eb,b9,00,d4,d3,c1,61,8f,ec,a4,f3,\

"rkeysecu"=hex:4d,64,ae,91,58,a0,21,03,dd,c0,f3,33,9d,d0,16,19

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-09-05 10:26:17

ComboFix-quarantined-files.txt 2011-09-05 08:26

ComboFix2.txt 2011-09-04 21:32

.

Pre-Run: 18.981.482.496 bytes beschikbaar

Post-Run: 18.614.808.576 bytes beschikbaar

.

- - End Of File - - 94E4B7A4937A5A47E50CE1C24C559A9D

al bedankt op voorhand.

[kape]

Prima ... en hoe gedraagt de PC zich nu ?

[geetn]

Voorlopig heb ik nog geen probleem.

heel erg bedankt:top:

[kape]

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via

• via Start -> Configuratiescherm -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  
• Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  
• Klik op "Toepassen" en "OK".
  
• Herstart nu de PC.
  

Als dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

[geetn]

Ik zit terug met hetzelfde probleem. Maar nu duurt het iets langer totdat ik deze melding krijg na een half uurtje of zo.

[kape]

Ik zit terug met hetzelfde probleem. Maar nu duurt het iets langer totdat ik deze melding krijg na een half uurtje of zo.

Dan mag je eens opnieuw Combofix downloaden en laten scannen. Logje graag in je volgende bericht.

[geetn]

ComboFix 11-09-08.03 - gauthier 08/09/2011 20:56:41.3.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4026.2331 [GMT 2:00]

Gestart vanuit: c:\users\gauthier\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-08-08 to 2011-09-08 ))))))))))))))))))))))))))))))

.

.

2011-09-08 19:18 . 2011-09-08 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-09-04 10:02 . 2011-09-04 10:02 388096 ----a-r- c:\users\gauthier\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-09-02 21:52 . 2011-09-02 21:52 -------- d-----w- c:\program files\Speccy

2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia Ovi Suite

2011-08-28 19:23 . 2011-08-28 19:23 -------- d-----w- c:\users\gauthier\AppData\Roaming\Nokia

2011-08-28 19:01 . 2011-08-28 19:02 -------- d-----w- c:\program files (x86)\Common Files\Nokia

2011-08-20 11:02 . 2011-08-20 11:02 -------- d-----w- c:\windows\nl

2011-08-20 10:58 . 2011-08-20 10:58 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-08-20 10:52 . 2011-08-20 10:52 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\460fed941cc5f2703\MeshBetaRemover.exe

2011-08-13 14:41 . 2011-08-13 14:41 -------- d-----w- c:\programdata\Hewlett-Packard

2011-08-13 14:41 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll

2011-08-10 13:36 . 2011-07-16 05:17 338432 ----a-w- c:\windows\system32\conhost.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-08-17 21:41 . 2011-02-27 14:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2011-08-17 21:41 . 2011-02-27 14:47 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-08-17 21:38 . 2011-05-24 09:52 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-25 20:12 . 2011-07-25 20:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2011-07-25 20:11 . 2011-07-25 20:11 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2011-07-16 04:32 . 2011-08-10 13:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2011-07-04 11:43 . 2011-05-21 07:30 40112 ----a-w- c:\windows\avastSS.scr

2011-07-04 11:43 . 2011-05-21 07:30 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe

2011-07-04 11:43 . 2011-05-21 07:31 253888 ----a-w- c:\windows\system32\aswBoot.exe

2011-07-04 11:36 . 2011-05-21 07:31 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-07-04 11:36 . 2011-05-21 07:31 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-07-04 11:35 . 2011-05-21 07:31 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-07-04 11:32 . 2011-05-21 07:31 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-07-04 11:32 . 2011-05-21 07:31 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-07-04 11:32 . 2011-05-21 07:31 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-06-11 02:56 . 2011-07-22 21:13 3134464 ----a-w- c:\windows\system32\win32k.sys

2006-05-03 10:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll

2007-02-21 11:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll

2008-03-16 13:30 216064 --sh--r- c:\windows\SysWOW64\nbDX.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

"TorrentEasy"="c:\program files (x86)\TorrentEasy\TorrentEasy.exe" [2011-05-20 2557440]

"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-08-04 966712]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]

.

c:\users\gauthier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft SharePoint Workspace.lnk - c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664]

R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-10 1436424]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]

R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]

R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]

R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]

S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-01-28 341296]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39]

.

2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 15:39]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-06-11 301056]

"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]

"fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://home.zbani.com/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\users\gauthier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm

TCP: DhcpNameServer = 195.130.131.5 195.130.130.133

FF - ProfilePath - c:\users\gauthier\AppData\Roaming\Mozilla\Firefox\Profiles\glip47gn.default\

FF - prefs.js: browser.startup.homepage - home.Zbani.com

FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de

FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files (x86)\AVG\AVG10\Firefox4

FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF

FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension

.

.

------- Bestandsassociaties -------

.

.txt=Echosub.Txt

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-OggDS - c:\windows\system32\OggDSuninst.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2038657912-3609206695-1329041838-1001\Software\SecuROM\License information*]

"datasecu"=hex:db,0e,85,f2,16,21,3a,f5,09,17,ac,57,13,e2,12,f7,09,b1,22,2f,13,

62,bf,36,12,b0,cd,36,f1,1d,eb,ce,5e,1e,98,eb,b9,00,d4,d3,c1,61,8f,ec,a4,f3,\

"rkeysecu"=hex:4d,64,ae,91,58,a0,21,03,dd,c0,f3,33,9d,d0,16,19

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-09-08 21:24:17

ComboFix-quarantined-files.txt 2011-09-08 19:24

ComboFix2.txt 2011-09-05 08:26

.

Pre-Run: 5.014.142.976 bytes beschikbaar

Post-Run: 4.314.435.584 bytes beschikbaar

.

- - End Of File - - DB081D507C009ACDE584AE3FB426B669

Bedankt dat je dit voor mij wil doen.

[kape]

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

[geetn]

2011/09/08 21:42:46.0074 5664 TDSS rootkit removing tool 2.5.20.0 Sep 7 2011 16:44:34

2011/09/08 21:42:46.0198 5664 ================================================================================

2011/09/08 21:42:46.0198 5664 SystemInfo:

2011/09/08 21:42:46.0198 5664

2011/09/08 21:42:46.0198 5664 OS Version: 6.1.7600 ServicePack: 0.0

2011/09/08 21:42:46.0198 5664 Product type: Workstation

2011/09/08 21:42:46.0198 5664 ComputerName: PCGAUTHIER

2011/09/08 21:42:46.0199 5664 UserName: gauthier

2011/09/08 21:42:46.0199 5664 Windows directory: C:\Windows

2011/09/08 21:42:46.0199 5664 System windows directory: C:\Windows

2011/09/08 21:42:46.0199 5664 Running under WOW64

2011/09/08 21:42:46.0199 5664 Processor architecture: Intel x64

2011/09/08 21:42:46.0199 5664 Number of processors: 2

2011/09/08 21:42:46.0199 5664 Page size: 0x1000

2011/09/08 21:42:46.0199 5664 Boot type: Normal boot

2011/09/08 21:42:46.0199 5664 ================================================================================

2011/09/08 21:42:46.0621 5664 Initialize success

2011/09/08 21:42:59.0750 4632 ================================================================================

2011/09/08 21:42:59.0750 4632 Scan started

2011/09/08 21:42:59.0750 4632 Mode: Manual;

2011/09/08 21:42:59.0750 4632 ================================================================================

2011/09/08 21:43:00.0778 4632 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

2011/09/08 21:43:00.0892 4632 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

2011/09/08 21:43:00.0996 4632 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

2011/09/08 21:43:01.0128 4632 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

2011/09/08 21:43:01.0238 4632 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

2011/09/08 21:43:01.0349 4632 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

2011/09/08 21:43:01.0486 4632 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

2011/09/08 21:43:01.0594 4632 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

2011/09/08 21:43:01.0735 4632 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

2011/09/08 21:43:01.0840 4632 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

2011/09/08 21:43:01.0955 4632 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

2011/09/08 21:43:02.0057 4632 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

2011/09/08 21:43:02.0164 4632 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

2011/09/08 21:43:02.0291 4632 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

2011/09/08 21:43:02.0404 4632 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

2011/09/08 21:43:02.0506 4632 ApfiltrService (c79c86a0395689045710e24d64e5e086) C:\Windows\system32\DRIVERS\Apfiltr.sys

2011/09/08 21:43:02.0614 4632 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/09/08 21:43:02.0751 4632 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

2011/09/08 21:43:02.0889 4632 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

2011/09/08 21:43:03.0456 4632 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys

2011/09/08 21:43:03.0557 4632 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys

2011/09/08 21:43:03.0679 4632 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys

2011/09/08 21:43:03.0785 4632 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys

2011/09/08 21:43:03.0902 4632 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys

2011/09/08 21:43:03.0976 4632 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys

2011/09/08 21:43:04.0075 4632 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/09/08 21:43:04.0179 4632 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

2011/09/08 21:43:04.0307 4632 athr (88a02b6046356e6be4e387faa7451439) C:\Windows\system32\DRIVERS\athrx.sys

2011/09/08 21:43:04.0548 4632 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

2011/09/08 21:43:04.0681 4632 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/09/08 21:43:04.0849 4632 BCM43XX (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys

2011/09/08 21:43:05.0065 4632 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/09/08 21:43:05.0219 4632 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

2011/09/08 21:43:05.0333 4632 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

2011/09/08 21:43:05.0378 4632 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2011/09/08 21:43:05.0473 4632 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2011/09/08 21:43:05.0615 4632 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/09/08 21:43:05.0727 4632 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/09/08 21:43:05.0858 4632 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/09/08 21:43:05.0947 4632 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/09/08 21:43:05.0998 4632 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys

2011/09/08 21:43:06.0120 4632 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

2011/09/08 21:43:06.0177 4632 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/09/08 21:43:06.0280 4632 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

2011/09/08 21:43:06.0424 4632 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

2011/09/08 21:43:06.0581 4632 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

2011/09/08 21:43:06.0720 4632 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/09/08 21:43:06.0838 4632 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2011/09/08 21:43:06.0941 4632 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

2011/09/08 21:43:06.0985 4632 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/09/08 21:43:07.0126 4632 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/09/08 21:43:07.0162 4632 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

2011/09/08 21:43:07.0271 4632 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/09/08 21:43:07.0403 4632 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

2011/09/08 21:43:07.0515 4632 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

2011/09/08 21:43:07.0613 4632 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

2011/09/08 21:43:07.0782 4632 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

2011/09/08 21:43:07.0839 4632 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/09/08 21:43:07.0945 4632 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

2011/09/08 21:43:08.0127 4632 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/09/08 21:43:08.0280 4632 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

2011/09/08 21:43:08.0516 4632 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

2011/09/08 21:43:08.0783 4632 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

2011/09/08 21:43:08.0910 4632 epfw (f9d0d6a7a6d48391be1f314ef7669ce2) C:\Windows\system32\DRIVERS\epfw.sys

2011/09/08 21:43:08.0944 4632 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

2011/09/08 21:43:09.0125 4632 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/09/08 21:43:09.0228 4632 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/09/08 21:43:09.0355 4632 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

2011/09/08 21:43:09.0504 4632 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/09/08 21:43:09.0605 4632 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/09/08 21:43:09.0751 4632 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/09/08 21:43:09.0877 4632 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/09/08 21:43:09.0992 4632 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/09/08 21:43:10.0099 4632 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

2011/09/08 21:43:10.0153 4632 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/09/08 21:43:10.0267 4632 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

2011/09/08 21:43:10.0317 4632 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

2011/09/08 21:43:10.0500 4632 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/09/08 21:43:10.0593 4632 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

2011/09/08 21:43:10.0641 4632 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/09/08 21:43:10.0692 4632 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

2011/09/08 21:43:10.0740 4632 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

2011/09/08 21:43:10.0859 4632 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

2011/09/08 21:43:10.0975 4632 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2011/09/08 21:43:11.0129 4632 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

2011/09/08 21:43:11.0272 4632 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/09/08 21:43:11.0400 4632 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/09/08 21:43:11.0525 4632 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/09/08 21:43:11.0660 4632 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys

2011/09/08 21:43:11.0769 4632 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

2011/09/08 21:43:12.0151 4632 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys

2011/09/08 21:43:12.0544 4632 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

2011/09/08 21:43:12.0698 4632 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys

2011/09/08 21:43:12.0837 4632 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

2011/09/08 21:43:12.0939 4632 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2011/09/08 21:43:12.0992 4632 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/09/08 21:43:13.0116 4632 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2011/09/08 21:43:13.0151 4632 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/09/08 21:43:13.0250 4632 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/09/08 21:43:13.0291 4632 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

2011/09/08 21:43:13.0345 4632 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/09/08 21:43:13.0461 4632 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/09/08 21:43:13.0557 4632 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/09/08 21:43:13.0709 4632 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/09/08 21:43:13.0806 4632 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

2011/09/08 21:43:13.0917 4632 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/09/08 21:43:14.0053 4632 L1C (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys

2011/09/08 21:43:14.0191 4632 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/09/08 21:43:14.0325 4632 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

2011/09/08 21:43:14.0443 4632 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

2011/09/08 21:43:14.0573 4632 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2011/09/08 21:43:14.0704 4632 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2011/09/08 21:43:14.0827 4632 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/09/08 21:43:14.0931 4632 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

2011/09/08 21:43:15.0054 4632 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

2011/09/08 21:43:15.0201 4632 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/09/08 21:43:15.0241 4632 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/09/08 21:43:15.0364 4632 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2011/09/08 21:43:15.0483 4632 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2011/09/08 21:43:15.0519 4632 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/09/08 21:43:15.0567 4632 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

2011/09/08 21:43:15.0603 4632 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/09/08 21:43:15.0644 4632 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/09/08 21:43:15.0700 4632 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/09/08 21:43:15.0821 4632 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/09/08 21:43:15.0849 4632 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/09/08 21:43:15.0957 4632 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

2011/09/08 21:43:16.0026 4632 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

2011/09/08 21:43:16.0088 4632 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/09/08 21:43:16.0128 4632 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/09/08 21:43:16.0154 4632 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

2011/09/08 21:43:16.0271 4632 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/09/08 21:43:16.0296 4632 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/09/08 21:43:16.0323 4632 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/09/08 21:43:16.0363 4632 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/09/08 21:43:16.0394 4632 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/09/08 21:43:16.0427 4632 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/09/08 21:43:16.0454 4632 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

2011/09/08 21:43:16.0517 4632 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/09/08 21:43:16.0718 4632 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

2011/09/08 21:43:16.0847 4632 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

2011/09/08 21:43:16.0870 4632 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

2011/09/08 21:43:17.0036 4632 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/09/08 21:43:17.0155 4632 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/09/08 21:43:17.0280 4632 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/09/08 21:43:17.0385 4632 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/09/08 21:43:17.0556 4632 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/09/08 21:43:17.0648 4632 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/09/08 21:43:17.0754 4632 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/09/08 21:43:17.0873 4632 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/09/08 21:43:17.0981 4632 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/09/08 21:43:18.0151 4632 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

2011/09/08 21:43:18.0305 4632 nmwcd (88f2f2cb9faee2e14bccf384f4c88061) C:\Windows\system32\drivers\ccdcmbx64.sys

2011/09/08 21:43:18.0424 4632 nmwcdc (31c1fac4ae14fb2f8771c59ba3f90bad) C:\Windows\system32\drivers\ccdcmbox64.sys

2011/09/08 21:43:18.0520 4632 nmwcdnsucx64 (863aa6c58ac85a22355ae943c605e44b) C:\Windows\system32\drivers\nmwcdnsucx64.sys

2011/09/08 21:43:18.0582 4632 nmwcdnsux64 (7983d9201788407c4d1fc4d0baa04e32) C:\Windows\system32\drivers\nmwcdnsux64.sys

2011/09/08 21:43:18.0624 4632 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/09/08 21:43:18.0761 4632 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/09/08 21:43:18.0905 4632 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

2011/09/08 21:43:19.0103 4632 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

2011/09/08 21:43:19.0221 4632 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/09/08 21:43:19.0327 4632 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

2011/09/08 21:43:19.0446 4632 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

2011/09/08 21:43:19.0552 4632 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

2011/09/08 21:43:19.0658 4632 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/09/08 21:43:19.0829 4632 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

2011/09/08 21:43:19.0947 4632 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/09/08 21:43:20.0053 4632 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

2011/09/08 21:43:20.0093 4632 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

2011/09/08 21:43:20.0207 4632 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

2011/09/08 21:43:20.0310 4632 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/09/08 21:43:20.0449 4632 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys

2011/09/08 21:43:20.0573 4632 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/09/08 21:43:20.0693 4632 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/09/08 21:43:20.0899 4632 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/09/08 21:43:20.0945 4632 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

2011/09/08 21:43:21.0077 4632 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/09/08 21:43:21.0226 4632 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

2011/09/08 21:43:21.0401 4632 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

2011/09/08 21:43:21.0483 4632 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/09/08 21:43:21.0532 4632 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/09/08 21:43:21.0633 4632 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/09/08 21:43:21.0779 4632 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/09/08 21:43:21.0942 4632 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/09/08 21:43:22.0077 4632 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/09/08 21:43:22.0131 4632 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/09/08 21:43:22.0198 4632 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/09/08 21:43:22.0272 4632 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/09/08 21:43:22.0324 4632 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/09/08 21:43:22.0379 4632 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/09/08 21:43:22.0423 4632 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/09/08 21:43:22.0543 4632 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/09/08 21:43:22.0714 4632 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/09/08 21:43:22.0827 4632 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/09/08 21:43:22.0886 4632 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys

2011/09/08 21:43:22.0969 4632 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

2011/09/08 21:43:23.0010 4632 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/09/08 21:43:23.0062 4632 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/09/08 21:43:23.0128 4632 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

2011/09/08 21:43:23.0306 4632 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

2011/09/08 21:43:23.0410 4632 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

2011/09/08 21:43:23.0499 4632 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

2011/09/08 21:43:23.0521 4632 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

2011/09/08 21:43:23.0547 4632 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys

2011/09/08 21:43:23.0622 4632 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/09/08 21:43:23.0726 4632 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2011/09/08 21:43:23.0759 4632 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

2011/09/08 21:43:23.0874 4632 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/09/08 21:43:23.0930 4632 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/09/08 21:43:24.0073 4632 sptd (4b3f898dc1378ced2f35d04e5b0ce0df) C:\Windows\System32\Drivers\sptd.sys

2011/09/08 21:43:24.0073 4632 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 4b3f898dc1378ced2f35d04e5b0ce0df

2011/09/08 21:43:24.0082 4632 sptd - detected LockedFile.Multi.Generic (1)

2011/09/08 21:43:24.0140 4632 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

2011/09/08 21:43:24.0227 4632 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

2011/09/08 21:43:24.0296 4632 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

2011/09/08 21:43:24.0439 4632 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

2011/09/08 21:43:24.0482 4632 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

2011/09/08 21:43:24.0631 4632 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys

2011/09/08 21:43:24.0832 4632 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys

2011/09/08 21:43:24.0894 4632 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/09/08 21:43:24.0937 4632 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/09/08 21:43:24.0978 4632 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/09/08 21:43:25.0025 4632 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/09/08 21:43:25.0059 4632 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

2011/09/08 21:43:25.0147 4632 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/09/08 21:43:25.0239 4632 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/09/08 21:43:25.0289 4632 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

2011/09/08 21:43:25.0345 4632 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

2011/09/08 21:43:25.0400 4632 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

2011/09/08 21:43:25.0520 4632 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

2011/09/08 21:43:25.0570 4632 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/09/08 21:43:25.0628 4632 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2011/09/08 21:43:25.0794 4632 upperdev (fbd861e69e1f583bec906fcd04e4f84e) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys

2011/09/08 21:43:25.0845 4632 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/09/08 21:43:25.0889 4632 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

2011/09/08 21:43:25.0943 4632 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

2011/09/08 21:43:26.0006 4632 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

2011/09/08 21:43:26.0049 4632 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

2011/09/08 21:43:26.0092 4632 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/09/08 21:43:26.0167 4632 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

2011/09/08 21:43:26.0259 4632 usbser (0f0c72a657c622286013788b886968ad) C:\Windows\system32\drivers\usbser.sys

2011/09/08 21:43:26.0291 4632 UsbserFilt (0fbb0080b287bbcbf5c7076e3d74a35c) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys

2011/09/08 21:43:26.0418 4632 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/09/08 21:43:26.0501 4632 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/09/08 21:43:26.0575 4632 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

2011/09/08 21:43:26.0713 4632 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

2011/09/08 21:43:26.0825 4632 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/09/08 21:43:26.0921 4632 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/09/08 21:43:27.0049 4632 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

2011/09/08 21:43:27.0142 4632 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

2011/09/08 21:43:27.0244 4632 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

2011/09/08 21:43:27.0351 4632 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/09/08 21:43:27.0465 4632 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

2011/09/08 21:43:27.0567 4632 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

2011/09/08 21:43:27.0672 4632 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2011/09/08 21:43:27.0773 4632 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/09/08 21:43:27.0889 4632 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

2011/09/08 21:43:27.0989 4632 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/09/08 21:43:28.0013 4632 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/09/08 21:43:28.0203 4632 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

2011/09/08 21:43:28.0308 4632 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/09/08 21:43:28.0473 4632 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/09/08 21:43:28.0582 4632 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/09/08 21:43:28.0810 4632 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

2011/09/08 21:43:28.0950 4632 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/09/08 21:43:29.0167 4632 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/09/08 21:43:29.0235 4632 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2011/09/08 21:43:29.0278 4632 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/09/08 21:43:29.0397 4632 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

2011/09/08 21:43:29.0427 4632 Boot (0x1200) (c72c59b87bdba308b7822437867bdd0c) \Device\Harddisk0\DR0\Partition0

2011/09/08 21:43:29.0476 4632 Boot (0x1200) (f01ec962c16f513427e28e15711acff8) \Device\Harddisk0\DR0\Partition1

2011/09/08 21:43:29.0483 4632 ================================================================================

2011/09/08 21:43:29.0483 4632 Scan finished

2011/09/08 21:43:29.0483 4632 ================================================================================

2011/09/08 21:43:29.0514 4240 Detected object count: 1

2011/09/08 21:43:29.0514 4240 Actual detected object count: 1

2011/09/08 21:43:36.0048 4240 LockedFile.Multi.Generic(sptd) - User select action: Skip

[kape]

Bekijk hierna even of het probleem nog steeds opduikt ?