Ga naar inhoud

hijackthis-file


Aanbevolen berichten

Ik krijg sinds gisteren voortdurend virus-meldingen op mijn avira. Kan iemand dit HJT-logje bekijken?

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:29:30, on 5/12/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19154)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Steam\Steam.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.telenet.be:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [instaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [Google Update] "C:\Users\SANDER\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\SANDER\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [smad] "C:\Users\SANDER\AppData\Local\SanctionedMedia\Smad\Smad.exe"

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10t_Plugin.exe -update plugin

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\SANDER\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe

O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--

End of file - 10321 bytes

Link naar reactie
Delen op andere sites

In dit logje is alvast niets te merken van een besmetting.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

  • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
    Klik hier
    Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
  • Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
  • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.
    **Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.
  • Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Indien je problemen hebt bij het uitvoeren van ComboFix, gelieve dit te melden.

Link naar reactie
Delen op andere sites

ComboFix 11-12-05.01 - SANDER 05/12/2011 14:24:42.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3069.2308 [GMT 1:00]

Gestart vanuit: c:\users\SANDER\Desktop\ComboFix.exe

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe

c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe

c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe

c:\users\SANDER\AppData\Roaming\Microsoft\Windows\Recent\smv%20ATW.doc

c:\windows\$NtUninstallKB62280$

c:\windows\$NtUninstallKB62280$\3176561999

c:\windows\$NtUninstallKB62280$\485945278\@

c:\windows\$NtUninstallKB62280$\485945278\bckfg.tmp

c:\windows\$NtUninstallKB62280$\485945278\cfg.ini

c:\windows\$NtUninstallKB62280$\485945278\Desktop.ini

c:\windows\$NtUninstallKB62280$\485945278\kwrd.dll

c:\windows\$NtUninstallKB62280$\485945278\L\qnbwvoto

c:\windows\$NtUninstallKB62280$\485945278\U\00000001.@

c:\windows\$NtUninstallKB62280$\485945278\U\00000002.@

c:\windows\$NtUninstallKB62280$\485945278\U\00000004.@

c:\windows\$NtUninstallKB62280$\485945278\U\80000000.@

c:\windows\$NtUninstallKB62280$\485945278\U\80000004.@

c:\windows\$NtUninstallKB62280$\485945278\U\80000032.@

c:\windows\system32\drivers\etc\lmhosts

.

Besmet exemplaar van c:\windows\system32\drivers\tdx.sys werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - The cat found it :)

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-11-05 to 2011-12-05 ))))))))))))))))))))))))))))))

.

.

2011-12-05 13:41 . 2011-12-05 13:47 -------- d-----w- c:\users\SANDER\AppData\Local\temp

2011-12-05 13:41 . 2011-12-05 13:41 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-05 13:17 . 2009-04-11 04:45 72192 ----a-w- c:\windows\system32\drivers\tdx.sys

2011-12-04 22:14 . 2011-12-04 22:14 -------- d-----w- c:\users\SANDER\AppData\Local\SanctionedMedia

2011-12-02 18:29 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1ADE781B-7CC7-4DCD-9BAA-51808413B5B0}\mpengine.dll

2011-11-21 18:29 . 2011-11-21 18:29 -------- d-----w- c:\program files\Paint.NET

2011-11-21 18:28 . 2011-11-21 18:33 -------- d-----w- c:\users\SANDER\AppData\Local\Paint.NET

2011-11-09 14:00 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-11-09 14:00 . 2011-09-20 21:02 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 14:00 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-09-30 23:06 . 2011-10-13 13:24 916480 ----a-w- c:\windows\system32\wininet.dll

2011-09-30 23:02 . 2011-10-13 13:24 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-09-30 23:01 . 2011-10-13 13:24 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-09-30 23:01 . 2011-10-13 13:24 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-09-30 23:01 . 2011-10-13 13:24 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-09-30 22:07 . 2011-10-13 13:24 385024 ----a-w- c:\windows\system32\html.iec

2011-09-30 21:29 . 2011-10-13 13:24 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-09-30 21:28 . 2011-10-13 13:24 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-29 14:41 . 2011-09-29 14:41 388096 ----a-r- c:\users\SANDER\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-11-10 19:40 . 2011-05-27 14:18 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"Facebook Update"="c:\users\SANDER\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-25 137536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-09-05 206128]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-11 446556]

"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]

"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]

"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

VPN Client.lnk - c:\windows\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico [2009-12-26 6144]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fdewuqe]

2011-12-05 12:56 11264 ----a-w- c:\windows\System32\config\systemprofile\AppData\Local\fdewuqe.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OpenMG Jukebox Startup.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\OpenMG Jukebox Startup.lnk

backup=c:\windows\pss\OpenMG Jukebox Startup.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-06-12 00:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart]

2008-09-25 17:42 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]

2008-09-26 01:36 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2008-06-16 07:03 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]

2008-10-03 08:47 912688 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

2008-09-11 11:50 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]

2008-09-25 17:41 1152296 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1273379797-735550933-3073077409-1000]

"EnableNotificationsRef"=dword:00000001

.

R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2010-02-17 152064]

R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 49152]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-06-27 77824]

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]

S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]

S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-09-08 193840]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]

S3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2010-03-11 247320]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

bthsvcs REG_MULTI_SZ BthServ

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2011-12-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000Core.job

- c:\users\SANDER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 12:02]

.

2011-12-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000UA.job

- c:\users\SANDER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 12:02]

.

2011-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000Core.job

- c:\users\SANDER\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-16 17:56]

.

2011-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000UA.job

- c:\users\SANDER\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-16 17:56]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyServer = proxy.telenet.be:8080

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - c:\users\SANDER\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\SANDER\AppData\Roaming\Mozilla\Firefox\Profiles\uj5qygkw.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=9204

FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ig

FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKCU-Run-Smad - c:\users\SANDER\AppData\Local\SanctionedMedia\Smad\Smad.exe

HKLM-Run-UCam_Menu - c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe

HKLM-Run-UpdateLBPShortCut - c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

HKLM-Run-UpdatePSTShortCut - c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe

HKLM-Run-UpdateP2GoShortCut - c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

HKLM-Run-UpdatePDIRShortCut - c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe

MSConfigStartUp-hpWirelessAssistant - c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

AddRemove-8461-7759-5462-8226 - c:\program files\Vuze\uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-12-05 14:46

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\WLANExt.exe

c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Cisco Systems\VPN Client\cvpnd.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

c:\program files\CyberLink\Shared files\RichVideo.exe

c:\program files\Microsoft\BingBar\SeaPort.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\windows\ehome\ehmsas.exe

c:\windows\system32\wbem\unsecapp.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\program files\Belkin\Belkin USB Print and Storage Center\connect.exe

c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe

c:\program files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe

c:\windows\system32\DllHost.exe

c:\windows\system32\NOTEPAD.EXE

.

**************************************************************************

.

Voltooingstijd: 2011-12-05 15:38:38 - machine werd herstart

ComboFix-quarantined-files.txt 2011-12-05 14:38

.

Pre-Run: 22.347.493.376 bytes beschikbaar

Post-Run: 22.934.171.648 bytes beschikbaar

.

- - End Of File - - 466BFA013852BA5C2A7AC56C8DD0F91D

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fdewuqe]

Firefox::

FF - ProfilePath - c:\users\SANDER\AppData\Roaming\Mozilla\Firefox\Profiles\uj5qygkw.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine -

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

Nog steeds melding van : TR/Spy.Agent.bvwz.1 door mijn avira

ComboFix 11-12-05.01 - SANDER 05/12/2011 21:57:20.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3069.1767 [GMT 1:00]

Gestart vanuit: c:\users\SANDER\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\SANDER\Desktop\CFScript.txt

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\SANDER\AppData\Local\Temp\1.tmp\F_IN_BOX.dll

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-11-05 to 2011-12-05 ))))))))))))))))))))))))))))))

.

.

2011-12-05 21:14 . 2011-12-05 21:14 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-05 13:41 . 2011-12-05 21:17 -------- d-----w- c:\users\SANDER\AppData\Local\temp

2011-12-05 13:17 . 2009-04-11 04:45 72192 ----a-w- c:\windows\system32\drivers\tdx.sys

2011-12-04 22:14 . 2011-12-04 22:14 -------- d-----w- c:\users\SANDER\AppData\Local\SanctionedMedia

2011-12-02 18:29 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1ADE781B-7CC7-4DCD-9BAA-51808413B5B0}\mpengine.dll

2011-11-21 18:29 . 2011-11-21 18:29 -------- d-----w- c:\program files\Paint.NET

2011-11-21 18:28 . 2011-11-21 18:33 -------- d-----w- c:\users\SANDER\AppData\Local\Paint.NET

2011-11-09 14:00 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-11-09 14:00 . 2011-09-20 21:02 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 14:00 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-09-30 23:06 . 2011-10-13 13:24 916480 ----a-w- c:\windows\system32\wininet.dll

2011-09-30 23:02 . 2011-10-13 13:24 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-09-30 23:01 . 2011-10-13 13:24 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-09-30 23:01 . 2011-10-13 13:24 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-09-30 23:01 . 2011-10-13 13:24 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-09-30 22:07 . 2011-10-13 13:24 385024 ----a-w- c:\windows\system32\html.iec

2011-09-30 21:29 . 2011-10-13 13:24 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-09-30 21:28 . 2011-10-13 13:24 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-29 14:41 . 2011-09-29 14:41 388096 ----a-r- c:\users\SANDER\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-11-10 19:40 . 2011-05-27 14:18 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-12-05_13.44.47 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-01-21 01:58 . 2011-12-05 21:17 71620 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-09 16:10 . 2011-12-05 21:18 15472 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1273379797-735550933-3073077409-1000_UserData.bin

- 2009-01-21 01:17 . 2011-12-05 13:43 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-01-21 01:17 . 2011-12-05 21:16 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-01-21 01:17 . 2011-12-05 13:43 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-01-21 01:17 . 2011-12-05 21:16 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-01-21 01:17 . 2011-12-05 13:43 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-01-21 01:17 . 2011-12-05 21:16 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-08-31 17:08 . 2011-12-04 13:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-08-31 17:08 . 2011-12-05 13:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-08-31 17:08 . 2011-12-04 13:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-08-31 17:08 . 2011-12-05 13:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-12-05 13:43 . 2011-12-05 13:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-12-05 21:15 . 2011-12-05 21:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-12-05 13:43 . 2011-12-05 13:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-12-05 21:15 . 2011-12-05 21:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-09 18:04 . 2011-12-05 20:42 479858 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2006-11-02 13:05 . 2011-12-05 21:18 117594 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2008-11-17 18:08 . 2011-12-05 21:23 677188 c:\windows\System32\perfh013.dat

- 2008-11-17 18:08 . 2011-12-05 13:54 677188 c:\windows\System32\perfh013.dat

- 2008-11-17 18:00 . 2011-12-05 13:54 668656 c:\windows\System32\perfh00C.dat

+ 2008-11-17 18:00 . 2011-12-05 21:23 668656 c:\windows\System32\perfh00C.dat

+ 2006-11-02 10:33 . 2011-12-05 21:23 595996 c:\windows\System32\perfh009.dat

- 2006-11-02 10:33 . 2011-12-05 13:54 595996 c:\windows\System32\perfh009.dat

+ 2008-11-17 18:08 . 2011-12-05 21:23 130186 c:\windows\System32\perfc013.dat

- 2008-11-17 18:08 . 2011-12-05 13:54 130186 c:\windows\System32\perfc013.dat

- 2008-11-17 18:00 . 2011-12-05 13:54 126046 c:\windows\System32\perfc00C.dat

+ 2008-11-17 18:00 . 2011-12-05 21:23 126046 c:\windows\System32\perfc00C.dat

+ 2006-11-02 10:33 . 2011-12-05 21:23 104070 c:\windows\System32\perfc009.dat

- 2006-11-02 10:33 . 2011-12-05 13:54 104070 c:\windows\System32\perfc009.dat

+ 2010-04-28 22:57 . 2011-12-05 21:14 381556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2010-04-28 22:57 . 2011-12-05 13:42 381556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-04-28 22:57 . 2011-12-05 21:14 1821296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1273379797-735550933-3073077409-1000-8192.dat

- 2010-04-28 22:57 . 2011-12-05 13:18 1821296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1273379797-735550933-3073077409-1000-8192.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"Facebook Update"="c:\users\SANDER\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-25 137536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-09-05 206128]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-11 446556]

"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]

"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]

"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

VPN Client.lnk - c:\windows\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico [2009-12-26 6144]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OpenMG Jukebox Startup.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\OpenMG Jukebox Startup.lnk

backup=c:\windows\pss\OpenMG Jukebox Startup.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-06-12 00:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart]

2008-09-25 17:42 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]

2008-09-26 01:36 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2008-06-16 07:03 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]

2008-10-03 08:47 912688 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

2008-09-11 11:50 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]

2008-09-25 17:41 1152296 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1273379797-735550933-3073077409-1000]

"EnableNotificationsRef"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-06-27 77824]

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2010-02-17 152064]

S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 49152]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]

S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]

S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-09-08 193840]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]

S3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2010-03-11 247320]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

bthsvcs REG_MULTI_SZ BthServ

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2011-12-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000Core.job

- c:\users\SANDER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 12:02]

.

2011-12-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000UA.job

- c:\users\SANDER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 12:02]

.

2011-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000Core.job

- c:\users\SANDER\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-16 17:56]

.

2011-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1273379797-735550933-3073077409-1000UA.job

- c:\users\SANDER\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-16 17:56]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyServer = proxy.telenet.be:8080

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - c:\users\SANDER\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\SANDER\AppData\Roaming\Mozilla\Firefox\Profiles\uj5qygkw.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ig

FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-12-05 22:16

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\WLANExt.exe

c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Cisco Systems\VPN Client\cvpnd.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

c:\program files\CyberLink\Shared files\RichVideo.exe

c:\program files\Microsoft\BingBar\SeaPort.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\windows\ehome\ehmsas.exe

c:\windows\system32\wbem\unsecapp.exe

c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe

c:\program files\Belkin\Belkin USB Print and Storage Center\connect.exe

c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe

c:\program files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

.

**************************************************************************

.

Voltooingstijd: 2011-12-05 22:46:54 - machine werd herstart

ComboFix-quarantined-files.txt 2011-12-05 21:46

ComboFix2.txt 2011-12-05 14:38

.

Pre-Run: 22.754.582.528 bytes beschikbaar

Post-Run: 22.330.798.080 bytes beschikbaar

.

- - End Of File - - 9F74208D8B763E4BCC315530FAF5B674

Link naar reactie
Delen op andere sites

Geen problemen gevonden... (heb voorlopig ook nog geen virusmelding gehad)

11:44:27.0172 5984 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

11:44:27.0586 5984 ============================================================

11:44:27.0586 5984 Current date / time: 2011/12/06 11:44:27.0586

11:44:27.0586 5984 SystemInfo:

11:44:27.0586 5984

11:44:27.0587 5984 OS Version: 6.0.6002 ServicePack: 2.0

11:44:27.0587 5984 Product type: Workstation

11:44:27.0587 5984 ComputerName: SANDER_HENS

11:44:27.0588 5984 UserName: SANDER

11:44:27.0588 5984 Windows directory: C:\Windows

11:44:27.0588 5984 System windows directory: C:\Windows

11:44:27.0588 5984 Processor architecture: Intel x86

11:44:27.0588 5984 Number of processors: 2

11:44:27.0588 5984 Page size: 0x1000

11:44:27.0588 5984 Boot type: Normal boot

11:44:27.0588 5984 ============================================================

11:44:29.0802 5984 Initialize success

11:44:37.0200 2664 ============================================================

11:44:37.0200 2664 Scan started

11:44:37.0200 2664 Mode: Manual;

11:44:37.0200 2664 ============================================================

11:44:38.0584 2664 Accelerometer (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys

11:44:38.0586 2664 Accelerometer - ok

11:44:38.0678 2664 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

11:44:38.0684 2664 ACPI - ok

11:44:38.0779 2664 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

11:44:38.0786 2664 adp94xx - ok

11:44:38.0908 2664 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

11:44:38.0915 2664 adpahci - ok

11:44:39.0021 2664 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

11:44:39.0024 2664 adpu160m - ok

11:44:39.0068 2664 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

11:44:39.0071 2664 adpu320 - ok

11:44:39.0221 2664 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

11:44:39.0270 2664 AFD - ok

11:44:39.0435 2664 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

11:44:39.0436 2664 agp440 - ok

11:44:39.0506 2664 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

11:44:39.0508 2664 aic78xx - ok

11:44:39.0545 2664 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys

11:44:39.0551 2664 aliide - ok

11:44:39.0661 2664 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

11:44:39.0662 2664 amdagp - ok

11:44:39.0716 2664 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys

11:44:39.0717 2664 amdide - ok

11:44:39.0786 2664 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

11:44:39.0787 2664 AmdK7 - ok

11:44:39.0861 2664 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

11:44:39.0863 2664 AmdK8 - ok

11:44:40.0051 2664 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

11:44:40.0053 2664 arc - ok

11:44:40.0165 2664 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

11:44:40.0167 2664 arcsas - ok

11:44:40.0247 2664 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

11:44:40.0250 2664 AsyncMac - ok

11:44:40.0290 2664 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

11:44:40.0291 2664 atapi - ok

11:44:40.0389 2664 athr (57a25b2a015b6f3d4aef751dd7f517f4) C:\Windows\system32\DRIVERS\athr.sys

11:44:40.0424 2664 athr - ok

11:44:40.0706 2664 atikmdag (ac9e487e3513561e4f7953c438727ff7) C:\Windows\system32\DRIVERS\atikmdag.sys

11:44:40.0844 2664 atikmdag - ok

11:44:40.0946 2664 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys

11:44:40.0948 2664 AtiPcie - ok

11:44:41.0059 2664 avgio (6a646c46b9415e13095aa9b352040a7a) C:\Program Files\Avira\AntiVir Desktop\avgio.sys

11:44:41.0071 2664 avgio - ok

11:44:41.0171 2664 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys

11:44:41.0173 2664 avgntflt - ok

11:44:41.0254 2664 avipbb (452e382340bb0c5e694ed9d3625356d0) C:\Windows\system32\DRIVERS\avipbb.sys

11:44:41.0257 2664 avipbb - ok

11:44:41.0401 2664 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

11:44:41.0408 2664 Beep - ok

11:44:41.0603 2664 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

11:44:41.0605 2664 blbdrive - ok

11:44:41.0751 2664 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

11:44:41.0769 2664 bowser - ok

11:44:41.0877 2664 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

11:44:41.0879 2664 BrFiltLo - ok

11:44:41.0966 2664 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

11:44:41.0968 2664 BrFiltUp - ok

11:44:42.0254 2664 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

11:44:42.0256 2664 Brserid - ok

11:44:42.0340 2664 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

11:44:42.0342 2664 BrSerWdm - ok

11:44:42.0415 2664 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

11:44:42.0417 2664 BrUsbMdm - ok

11:44:42.0478 2664 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

11:44:42.0480 2664 BrUsbSer - ok

11:44:42.0565 2664 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

11:44:42.0567 2664 BthEnum - ok

11:44:42.0674 2664 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

11:44:42.0675 2664 BTHMODEM - ok

11:44:42.0778 2664 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

11:44:42.0780 2664 BthPan - ok

11:44:42.0959 2664 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys

11:44:42.0978 2664 BTHPORT - ok

11:44:43.0102 2664 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys

11:44:43.0114 2664 BTHUSB - ok

11:44:43.0145 2664 catchme - ok

11:44:43.0258 2664 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

11:44:43.0261 2664 cdfs - ok

11:44:43.0349 2664 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

11:44:43.0351 2664 cdrom - ok

11:44:43.0439 2664 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

11:44:43.0441 2664 circlass - ok

11:44:43.0527 2664 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

11:44:43.0582 2664 CLFS - ok

11:44:43.0709 2664 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

11:44:43.0720 2664 CmBatt - ok

11:44:43.0774 2664 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys

11:44:43.0777 2664 cmdide - ok

11:44:43.0905 2664 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

11:44:43.0907 2664 Compbatt - ok

11:44:43.0971 2664 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

11:44:43.0973 2664 crcdisk - ok

11:44:44.0068 2664 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

11:44:44.0070 2664 Crusoe - ok

11:44:44.0215 2664 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys

11:44:44.0217 2664 CVirtA - ok

11:44:44.0368 2664 CVPNDRVA (720482888c3778f26eeb83d286a6cdc3) C:\Windows\system32\Drivers\CVPNDRVA.sys

11:44:44.0425 2664 CVPNDRVA - ok

11:44:44.0636 2664 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

11:44:44.0639 2664 DfsC - ok

11:44:44.0732 2664 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

11:44:44.0751 2664 disk - ok

11:44:44.0812 2664 DNE (86d52c32a308f84bbc626bff7c1fb710) C:\Windows\system32\DRIVERS\dne2000.sys

11:44:44.0815 2664 DNE - ok

11:44:44.0955 2664 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

11:44:44.0996 2664 Dot4 - ok

11:44:45.0075 2664 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

11:44:45.0078 2664 Dot4Print - ok

11:44:45.0182 2664 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

11:44:45.0197 2664 dot4usb - ok

11:44:45.0331 2664 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

11:44:45.0340 2664 drmkaud - ok

11:44:45.0494 2664 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

11:44:45.0529 2664 DXGKrnl - ok

11:44:45.0609 2664 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

11:44:45.0612 2664 E1G60 - ok

11:44:45.0747 2664 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

11:44:45.0779 2664 Ecache - ok

11:44:45.0917 2664 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

11:44:45.0962 2664 elxstor - ok

11:44:46.0055 2664 enecir (004b2ea6cc2598ec5f0552e43ce29cef) C:\Windows\system32\DRIVERS\enecir.sys

11:44:46.0057 2664 enecir - ok

11:44:46.0193 2664 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

11:44:46.0205 2664 ErrDev - ok

11:44:46.0369 2664 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

11:44:46.0389 2664 exfat - ok

11:44:46.0508 2664 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

11:44:46.0513 2664 fastfat - ok

11:44:46.0574 2664 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

11:44:46.0576 2664 fdc - ok

11:44:46.0656 2664 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

11:44:46.0658 2664 FileInfo - ok

11:44:46.0712 2664 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

11:44:46.0724 2664 Filetrace - ok

11:44:46.0777 2664 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

11:44:46.0780 2664 flpydisk - ok

11:44:46.0893 2664 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

11:44:46.0921 2664 FltMgr - ok

11:44:47.0040 2664 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

11:44:47.0049 2664 Fs_Rec - ok

11:44:47.0119 2664 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

11:44:47.0121 2664 gagp30kx - ok

11:44:47.0233 2664 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

11:44:47.0235 2664 GEARAspiWDM - ok

11:44:47.0375 2664 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys

11:44:47.0404 2664 HdAudAddService - ok

11:44:47.0667 2664 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

11:44:47.0712 2664 HDAudBus - ok

11:44:47.0778 2664 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

11:44:47.0780 2664 HidBth - ok

11:44:47.0890 2664 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

11:44:47.0892 2664 HidIr - ok

11:44:48.0045 2664 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

11:44:48.0047 2664 HidUsb - ok

11:44:48.0190 2664 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

11:44:48.0191 2664 HpCISSs - ok

11:44:48.0509 2664 hpdskflt (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys

11:44:48.0511 2664 hpdskflt - ok

11:44:48.0660 2664 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

11:44:48.0662 2664 HpqKbFiltr - ok

11:44:48.0998 2664 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

11:44:49.0155 2664 HTTP - ok

11:44:49.0243 2664 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

11:44:49.0245 2664 i2omp - ok

11:44:49.0350 2664 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

11:44:49.0352 2664 i8042prt - ok

11:44:49.0431 2664 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

11:44:49.0437 2664 iaStorV - ok

11:44:49.0544 2664 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

11:44:49.0546 2664 iirsp - ok

11:44:49.0655 2664 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys

11:44:49.0668 2664 intelide - ok

11:44:49.0723 2664 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

11:44:49.0724 2664 intelppm - ok

11:44:49.0845 2664 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:44:49.0883 2664 IpFilterDriver - ok

11:44:49.0920 2664 IpInIp - ok

11:44:49.0981 2664 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

11:44:49.0982 2664 IPMIDRV - ok

11:44:50.0142 2664 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

11:44:50.0183 2664 IPNAT - ok

11:44:50.0356 2664 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

11:44:50.0366 2664 IRENUM - ok

11:44:50.0523 2664 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

11:44:50.0525 2664 isapnp - ok

11:44:50.0618 2664 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

11:44:50.0622 2664 iScsiPrt - ok

11:44:50.0768 2664 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

11:44:50.0770 2664 iteatapi - ok

11:44:50.0934 2664 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

11:44:50.0936 2664 iteraid - ok

11:44:51.0025 2664 JMCR (a69a1b991824b98f744913555f665893) C:\Windows\system32\DRIVERS\jmcr.sys

11:44:51.0027 2664 JMCR - ok

11:44:51.0080 2664 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

11:44:51.0083 2664 kbdclass - ok

11:44:51.0353 2664 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

11:44:51.0355 2664 kbdhid - ok

11:44:51.0604 2664 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

11:44:51.0657 2664 KSecDD - ok

11:44:51.0770 2664 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

11:44:51.0778 2664 lltdio - ok

11:44:51.0889 2664 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

11:44:51.0890 2664 LSI_FC - ok

11:44:51.0942 2664 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

11:44:51.0944 2664 LSI_SAS - ok

11:44:51.0999 2664 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

11:44:52.0001 2664 LSI_SCSI - ok

11:44:52.0033 2664 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

11:44:52.0035 2664 luafv - ok

11:44:52.0263 2664 MBAMSwissArmy - ok

11:44:52.0374 2664 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

11:44:52.0376 2664 megasas - ok

11:44:52.0454 2664 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

11:44:52.0464 2664 MegaSR - ok

11:44:52.0548 2664 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

11:44:52.0560 2664 Modem - ok

11:44:52.0608 2664 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

11:44:52.0610 2664 monitor - ok

11:44:52.0655 2664 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

11:44:52.0671 2664 mouclass - ok

11:44:52.0726 2664 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

11:44:52.0756 2664 mouhid - ok

11:44:52.0838 2664 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

11:44:52.0840 2664 MountMgr - ok

11:44:52.0899 2664 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

11:44:52.0902 2664 mpio - ok

11:44:52.0951 2664 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

11:44:52.0965 2664 mpsdrv - ok

11:44:53.0051 2664 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

11:44:53.0052 2664 Mraid35x - ok

11:44:53.0138 2664 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

11:44:53.0160 2664 MRxDAV - ok

11:44:53.0236 2664 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:44:53.0269 2664 mrxsmb - ok

11:44:53.0393 2664 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:44:53.0417 2664 mrxsmb10 - ok

11:44:53.0516 2664 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:44:53.0527 2664 mrxsmb20 - ok

11:44:53.0625 2664 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys

11:44:53.0626 2664 msahci - ok

11:44:53.0689 2664 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

11:44:53.0690 2664 msdsm - ok

11:44:53.0755 2664 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

11:44:53.0757 2664 Msfs - ok

11:44:53.0909 2664 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

11:44:53.0920 2664 msisadrv - ok

11:44:53.0993 2664 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

11:44:54.0000 2664 MSKSSRV - ok

11:44:54.0136 2664 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

11:44:54.0139 2664 MSPCLOCK - ok

11:44:54.0208 2664 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

11:44:54.0210 2664 MSPQM - ok

11:44:54.0317 2664 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

11:44:54.0374 2664 MsRPC - ok

11:44:54.0442 2664 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

11:44:54.0443 2664 mssmbios - ok

11:44:54.0531 2664 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

11:44:54.0538 2664 MSTEE - ok

11:44:54.0624 2664 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

11:44:54.0643 2664 Mup - ok

11:44:54.0806 2664 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

11:44:54.0813 2664 NativeWifiP - ok

11:44:54.0959 2664 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

11:44:54.0977 2664 NDIS - ok

11:44:55.0091 2664 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

11:44:55.0092 2664 NdisTapi - ok

11:44:55.0141 2664 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

11:44:55.0149 2664 Ndisuio - ok

11:44:55.0312 2664 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

11:44:55.0315 2664 NdisWan - ok

11:44:55.0403 2664 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

11:44:55.0417 2664 NDProxy - ok

11:44:55.0524 2664 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

11:44:55.0526 2664 NetBIOS - ok

11:44:55.0639 2664 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

11:44:55.0683 2664 netbt - ok

11:44:55.0966 2664 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys

11:44:56.0042 2664 NETw3v32 - ok

11:44:56.0130 2664 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

11:44:56.0131 2664 nfrd960 - ok

11:44:56.0256 2664 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

11:44:56.0297 2664 Npfs - ok

11:44:56.0429 2664 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

11:44:56.0448 2664 nsiproxy - ok

11:44:56.0675 2664 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

11:44:56.0797 2664 Ntfs - ok

11:44:56.0884 2664 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

11:44:56.0886 2664 ntrigdigi - ok

11:44:56.0967 2664 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

11:44:56.0969 2664 Null - ok

11:44:57.0042 2664 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

11:44:57.0046 2664 nvraid - ok

11:44:57.0130 2664 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

11:44:57.0133 2664 nvstor - ok

11:44:57.0253 2664 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

11:44:57.0254 2664 nv_agp - ok

11:44:57.0361 2664 NwlnkFlt - ok

11:44:57.0432 2664 NwlnkFwd - ok

11:44:57.0613 2664 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

11:44:57.0616 2664 ohci1394 - ok

11:44:57.0728 2664 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

11:44:57.0731 2664 Parport - ok

11:44:57.0839 2664 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

11:44:57.0842 2664 partmgr - ok

11:44:57.0936 2664 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

11:44:57.0939 2664 Parvdm - ok

11:44:58.0082 2664 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

11:44:58.0085 2664 pci - ok

11:44:58.0234 2664 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

11:44:58.0246 2664 pciide - ok

11:44:58.0390 2664 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

11:44:58.0393 2664 pcmcia - ok

11:44:58.0585 2664 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

11:44:58.0684 2664 PEAUTH - ok

11:44:59.0224 2664 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

11:44:59.0240 2664 PptpMiniport - ok

11:44:59.0293 2664 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys

11:44:59.0295 2664 Processor - ok

11:44:59.0443 2664 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

11:44:59.0446 2664 PSched - ok

11:44:59.0566 2664 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

11:44:59.0610 2664 ql2300 - ok

11:44:59.0705 2664 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

11:44:59.0708 2664 ql40xx - ok

11:44:59.0749 2664 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

11:44:59.0784 2664 QWAVEdrv - ok

11:44:59.0853 2664 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

11:44:59.0862 2664 RasAcd - ok

11:44:59.0920 2664 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

11:44:59.0923 2664 Rasl2tp - ok

11:45:00.0041 2664 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

11:45:00.0043 2664 RasPppoe - ok

11:45:00.0123 2664 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

11:45:00.0126 2664 RasSstp - ok

11:45:00.0256 2664 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

11:45:00.0308 2664 rdbss - ok

11:45:00.0384 2664 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

11:45:00.0392 2664 RDPCDD - ok

11:45:00.0532 2664 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

11:45:00.0537 2664 rdpdr - ok

11:45:00.0592 2664 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

11:45:00.0600 2664 RDPENCDD - ok

11:45:00.0806 2664 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

11:45:00.0829 2664 RDPWD - ok

11:45:01.0015 2664 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

11:45:01.0036 2664 RFCOMM - ok

11:45:01.0147 2664 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

11:45:01.0163 2664 rspndr - ok

11:45:01.0300 2664 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys

11:45:01.0304 2664 RTL8169 - ok

11:45:01.0420 2664 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

11:45:01.0424 2664 sbp2port - ok

11:45:01.0582 2664 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

11:45:01.0630 2664 sdbus - ok

11:45:01.0749 2664 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

11:45:01.0757 2664 secdrv - ok

11:45:01.0830 2664 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

11:45:01.0831 2664 Serenum - ok

11:45:01.0879 2664 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

11:45:01.0881 2664 Serial - ok

11:45:01.0968 2664 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

11:45:01.0974 2664 sermouse - ok

11:45:02.0074 2664 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

11:45:02.0076 2664 sffdisk - ok

11:45:02.0125 2664 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

11:45:02.0127 2664 sffp_mmc - ok

11:45:02.0176 2664 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

11:45:02.0177 2664 sffp_sd - ok

11:45:02.0246 2664 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

11:45:02.0247 2664 sfloppy - ok

11:45:02.0314 2664 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

11:45:02.0317 2664 sisagp - ok

11:45:02.0399 2664 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

11:45:02.0401 2664 SiSRaid2 - ok

11:45:02.0468 2664 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

11:45:02.0470 2664 SiSRaid4 - ok

11:45:02.0541 2664 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

11:45:02.0580 2664 Smb - ok

11:45:02.0683 2664 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

11:45:02.0720 2664 spldr - ok

11:45:02.0849 2664 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

11:45:02.0918 2664 srv - ok

11:45:03.0062 2664 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

11:45:03.0116 2664 srv2 - ok

11:45:03.0181 2664 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

11:45:03.0219 2664 srvnet - ok

11:45:03.0297 2664 ssmdrv (654dfea96bc82b4acda4f37e5e4a3bbf) C:\Windows\system32\DRIVERS\ssmdrv.sys

11:45:03.0329 2664 ssmdrv - ok

11:45:03.0498 2664 STHDA (87a094ca41bc86ce430df0ed0c846dc8) C:\Windows\system32\DRIVERS\stwrt.sys

11:45:03.0508 2664 STHDA - ok

11:45:03.0578 2664 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys

11:45:03.0579 2664 StillCam - ok

11:45:03.0693 2664 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

11:45:03.0706 2664 swenum - ok

11:45:03.0937 2664 sxuptp (86083b04dc2b90397f4b47add6eaa407) C:\Windows\system32\DRIVERS\sxuptp.sys

11:45:03.0942 2664 sxuptp - ok

11:45:04.0049 2664 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

11:45:04.0064 2664 Symc8xx - ok

11:45:04.0156 2664 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

11:45:04.0197 2664 Sym_hi - ok

11:45:04.0271 2664 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

11:45:04.0317 2664 Sym_u3 - ok

11:45:04.0400 2664 SynTP (964524a9edcce945e82419abe9db94ee) C:\Windows\system32\DRIVERS\SynTP.sys

11:45:04.0404 2664 SynTP - ok

11:45:04.0545 2664 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

11:45:04.0579 2664 Tcpip - ok

11:45:04.0701 2664 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

11:45:04.0718 2664 Tcpip6 - ok

11:45:04.0841 2664 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

11:45:04.0848 2664 tcpipreg - ok

11:45:04.0916 2664 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

11:45:04.0922 2664 TDPIPE - ok

11:45:04.0952 2664 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

11:45:04.0985 2664 TDTCP - ok

11:45:05.0076 2664 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

11:45:05.0104 2664 tdx - ok

11:45:05.0176 2664 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

11:45:05.0178 2664 TermDD - ok

11:45:05.0270 2664 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

11:45:05.0307 2664 tssecsrv - ok

11:45:05.0367 2664 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

11:45:05.0402 2664 tunmp - ok

11:45:05.0537 2664 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

11:45:05.0539 2664 tunnel - ok

11:45:05.0631 2664 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

11:45:05.0634 2664 uagp35 - ok

11:45:05.0730 2664 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

11:45:05.0789 2664 udfs - ok

11:45:05.0890 2664 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

11:45:05.0891 2664 uliagpkx - ok

11:45:05.0960 2664 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

11:45:05.0971 2664 uliahci - ok

11:45:06.0024 2664 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

11:45:06.0026 2664 UlSata - ok

11:45:06.0110 2664 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

11:45:06.0112 2664 ulsata2 - ok

11:45:06.0192 2664 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

11:45:06.0204 2664 umbus - ok

11:45:06.0348 2664 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys

11:45:06.0350 2664 USBAAPL - ok

11:45:06.0435 2664 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

11:45:06.0477 2664 usbccgp - ok

11:45:06.0575 2664 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

11:45:06.0578 2664 usbcir - ok

11:45:06.0687 2664 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

11:45:06.0728 2664 usbehci - ok

11:45:06.0799 2664 usbfilter (edca5124b54bcf04e5c0538aa397a9c1) C:\Windows\system32\DRIVERS\usbfilter.sys

11:45:06.0834 2664 usbfilter - ok

11:45:06.0911 2664 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

11:45:06.0915 2664 usbhub - ok

11:45:06.0990 2664 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

11:45:07.0000 2664 usbohci - ok

11:45:07.0047 2664 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

11:45:07.0081 2664 usbprint - ok

11:45:07.0185 2664 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

11:45:07.0222 2664 usbscan - ok

11:45:07.0303 2664 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:45:07.0306 2664 USBSTOR - ok

11:45:07.0364 2664 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

11:45:07.0366 2664 usbuhci - ok

11:45:07.0473 2664 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

11:45:07.0476 2664 usbvideo - ok

11:45:07.0588 2664 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

11:45:07.0599 2664 vga - ok

11:45:07.0666 2664 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

11:45:07.0697 2664 VgaSave - ok

11:45:07.0787 2664 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

11:45:07.0789 2664 viaagp - ok

11:45:07.0875 2664 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

11:45:07.0877 2664 ViaC7 - ok

11:45:07.0926 2664 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys

11:45:07.0928 2664 viaide - ok

11:45:07.0987 2664 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

11:45:08.0035 2664 volmgr - ok

11:45:08.0170 2664 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

11:45:08.0249 2664 volmgrx - ok

11:45:08.0303 2664 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

11:45:08.0307 2664 volsnap - ok

11:45:08.0382 2664 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

11:45:08.0385 2664 vsmraid - ok

11:45:08.0506 2664 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

11:45:08.0507 2664 WacomPen - ok

11:45:08.0559 2664 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

11:45:08.0592 2664 Wanarp - ok

11:45:08.0629 2664 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

11:45:08.0630 2664 Wanarpv6 - ok

11:45:08.0673 2664 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

11:45:08.0674 2664 Wd - ok

11:45:08.0769 2664 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

11:45:08.0850 2664 Wdf01000 - ok

11:45:09.0020 2664 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

11:45:09.0022 2664 WmiAcpi - ok

11:45:09.0219 2664 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

11:45:09.0233 2664 WpdUsb - ok

11:45:09.0310 2664 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

11:45:09.0347 2664 ws2ifsl - ok

11:45:09.0475 2664 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

11:45:09.0478 2664 WUDFRd - ok

11:45:09.0599 2664 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys

11:45:09.0603 2664 yukonwlh - ok

11:45:09.0730 2664 {55662437-DA8C-40c0-AADA-2C816A897A49} (bdfde977f5e88a539187aef24ded7c40) C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl

11:45:09.0734 2664 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

11:45:09.0807 2664 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0

11:45:09.0827 2664 \Device\Harddisk0\DR0 - ok

11:45:09.0836 2664 Boot (0x1200) (b26c688343969d1698351dc3fff9a23e) \Device\Harddisk0\DR0\Partition0

11:45:09.0838 2664 \Device\Harddisk0\DR0\Partition0 - ok

11:45:09.0873 2664 Boot (0x1200) (eafed41b50cd0fe71e254a2a01334a02) \Device\Harddisk0\DR0\Partition1

11:45:09.0875 2664 \Device\Harddisk0\DR0\Partition1 - ok

11:45:09.0876 2664 ============================================================

11:45:09.0876 2664 Scan finished

11:45:09.0876 2664 ============================================================

11:45:09.0911 4388 Detected object count: 0

11:45:09.0911 4388 Actual detected object count: 0

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.