Ga naar inhoud

recycler virus


Aanbevolen berichten

[

12:45:27.0183 3464 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27

12:45:27.0279 3464 ============================================================

12:45:27.0279 3464 Current date / time: 2012/01/26 12:45:27.0279

12:45:27.0279 3464 SystemInfo:

12:45:27.0279 3464

12:45:27.0279 3464 OS Version: 6.0.6002 ServicePack: 2.0

12:45:27.0279 3464 Product type: Workstation

12:45:27.0279 3464 ComputerName: QUILLAUME

12:45:27.0279 3464 UserName: van de Weerd

12:45:27.0279 3464 Windows directory: C:\Windows

12:45:27.0279 3464 System windows directory: C:\Windows

12:45:27.0279 3464 Processor architecture: Intel x86

12:45:27.0279 3464 Number of processors: 4

12:45:27.0279 3464 Page size: 0x1000

12:45:27.0279 3464 Boot type: Normal boot

12:45:27.0279 3464 ============================================================

12:45:28.0375 3464 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

12:45:28.0389 3464 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

12:45:28.0402 3464 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

12:45:28.0909 3464 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

12:45:28.0916 3464 Drive \Device\Harddisk4\DR4 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

12:45:29.0260 3464 Initialize success

12:45:32.0737 4132 ============================================================

12:45:32.0738 4132 Scan started

12:45:32.0738 4132 Mode: Manual;

12:45:32.0738 4132 ============================================================

12:45:33.0240 4132 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

12:45:33.0242 4132 ACPI - ok

12:45:33.0381 4132 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

12:45:33.0383 4132 adp94xx - ok

12:45:33.0434 4132 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

12:45:33.0436 4132 adpahci - ok

12:45:33.0457 4132 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

12:45:33.0458 4132 adpu160m - ok

12:45:33.0534 4132 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

12:45:33.0535 4132 adpu320 - ok

12:45:33.0596 4132 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

12:45:33.0598 4132 AFD - ok

12:45:33.0667 4132 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

12:45:33.0667 4132 agp440 - ok

12:45:33.0696 4132 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

12:45:33.0697 4132 aic78xx - ok

12:45:33.0778 4132 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

12:45:33.0779 4132 aliide - ok

12:45:33.0815 4132 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

12:45:33.0816 4132 amdagp - ok

12:45:33.0889 4132 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

12:45:33.0890 4132 amdide - ok

12:45:33.0924 4132 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

12:45:33.0924 4132 AmdK7 - ok

12:45:33.0986 4132 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

12:45:33.0987 4132 AmdK8 - ok

12:45:34.0032 4132 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

12:45:34.0032 4132 arc - ok

12:45:34.0072 4132 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

12:45:34.0072 4132 arcsas - ok

12:45:34.0175 4132 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

12:45:34.0175 4132 AsyncMac - ok

12:45:34.0219 4132 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

12:45:34.0219 4132 atapi - ok

12:45:34.0326 4132 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

12:45:34.0326 4132 Beep - ok

12:45:34.0396 4132 blbdrive - ok

12:45:34.0449 4132 BlueletAudio (05c2204229cadc0a74553ed71a6e3e6f) C:\Windows\system32\DRIVERS\blueletaudio.sys

12:45:34.0449 4132 BlueletAudio - ok

12:45:34.0506 4132 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

12:45:34.0506 4132 bowser - ok

12:45:34.0568 4132 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

12:45:34.0568 4132 BrFiltLo - ok

12:45:34.0611 4132 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

12:45:34.0611 4132 BrFiltUp - ok

12:45:34.0689 4132 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

12:45:34.0690 4132 Brserid - ok

12:45:34.0710 4132 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

12:45:34.0711 4132 BrSerWdm - ok

12:45:34.0748 4132 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

12:45:34.0748 4132 BrUsbMdm - ok

12:45:34.0811 4132 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

12:45:34.0812 4132 BrUsbSer - ok

12:45:34.0895 4132 BT (33a331bd56aeaef290e175e926d52c57) C:\Windows\system32\DRIVERS\btnetdrv.sys

12:45:34.0895 4132 BT - ok

12:45:34.0957 4132 Btcsrusb (cd4113699ce34fe4b63c99aaa13f10c1) C:\Windows\system32\Drivers\btcusb.sys

12:45:34.0958 4132 Btcsrusb - ok

12:45:35.0004 4132 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

12:45:35.0004 4132 BthEnum - ok

12:45:35.0075 4132 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\Windows\system32\Drivers\BtHidBus.sys

12:45:35.0076 4132 BtHidBus - ok

12:45:35.0121 4132 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

12:45:35.0121 4132 BTHMODEM - ok

12:45:35.0178 4132 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

12:45:35.0179 4132 BthPan - ok

12:45:35.0259 4132 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys

12:45:35.0263 4132 BTHPORT - ok

12:45:35.0325 4132 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys

12:45:35.0326 4132 BTHUSB - ok

12:45:35.0418 4132 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\Windows\system32\Drivers\btnetBus.sys

12:45:35.0418 4132 btnetBUs - ok

12:45:35.0460 4132 BVRPMPR5 (6598d078d5446197aed6b46c6a2a3431) C:\Windows\system32\drivers\BVRPMPR5.SYS

12:45:35.0460 4132 BVRPMPR5 - ok

12:45:35.0528 4132 catchme - ok

12:45:35.0600 4132 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

12:45:35.0601 4132 cdfs - ok

12:45:35.0637 4132 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

12:45:35.0638 4132 cdrom - ok

12:45:35.0744 4132 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

12:45:35.0744 4132 circlass - ok

12:45:35.0790 4132 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

12:45:35.0792 4132 CLFS - ok

12:45:35.0872 4132 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

12:45:35.0872 4132 cmdide - ok

12:45:35.0929 4132 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys

12:45:35.0930 4132 Compbatt - ok

12:45:35.0985 4132 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

12:45:35.0986 4132 crcdisk - ok

12:45:36.0095 4132 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

12:45:36.0096 4132 Crusoe - ok

12:45:36.0148 4132 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

12:45:36.0149 4132 DfsC - ok

12:45:36.0251 4132 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

12:45:36.0252 4132 disk - ok

12:45:36.0278 4132 DNIMp50 (2782a4549cc6558c52b0753126b2a833) C:\Windows\system32\Drivers\DNIMp50.sys

12:45:36.0278 4132 DNIMp50 - ok

12:45:36.0298 4132 DNISp50 (b222622709a919c91cb54a90cf7ceefc) C:\Windows\system32\Drivers\DNISp50.sys

12:45:36.0299 4132 DNISp50 - ok

12:45:36.0402 4132 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

12:45:36.0403 4132 drmkaud - ok

12:45:36.0440 4132 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

12:45:36.0444 4132 DXGKrnl - ok

12:45:36.0529 4132 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

12:45:36.0530 4132 E1G60 - ok

12:45:36.0622 4132 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

12:45:36.0623 4132 Ecache - ok

12:45:36.0746 4132 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

12:45:36.0748 4132 elxstor - ok

12:45:36.0870 4132 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

12:45:36.0871 4132 exfat - ok

12:45:36.0964 4132 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

12:45:36.0965 4132 fastfat - ok

12:45:37.0049 4132 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

12:45:37.0050 4132 fdc - ok

12:45:37.0156 4132 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

12:45:37.0157 4132 FileInfo - ok

12:45:37.0198 4132 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

12:45:37.0198 4132 Filetrace - ok

12:45:37.0302 4132 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

12:45:37.0302 4132 flpydisk - ok

12:45:37.0328 4132 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

12:45:37.0330 4132 FltMgr - ok

12:45:37.0438 4132 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys

12:45:37.0439 4132 fssfltr - ok

12:45:37.0478 4132 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS

12:45:37.0479 4132 FsUsbExDisk - ok

12:45:37.0569 4132 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

12:45:37.0570 4132 Fs_Rec - ok

12:45:37.0591 4132 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

12:45:37.0592 4132 gagp30kx - ok

12:45:37.0684 4132 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys

12:45:37.0685 4132 HdAudAddService - ok

12:45:37.0723 4132 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

12:45:37.0726 4132 HDAudBus - ok

12:45:37.0811 4132 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

12:45:37.0812 4132 HidBth - ok

12:45:37.0832 4132 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

12:45:37.0832 4132 HidIr - ok

12:45:37.0937 4132 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

12:45:37.0938 4132 HidUsb - ok

12:45:38.0026 4132 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

12:45:38.0026 4132 HpCISSs - ok

12:45:38.0054 4132 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

12:45:38.0056 4132 HTTP - ok

12:45:38.0139 4132 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

12:45:38.0139 4132 i2omp - ok

12:45:38.0175 4132 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

12:45:38.0175 4132 i8042prt - ok

12:45:38.0264 4132 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

12:45:38.0265 4132 iaStorV - ok

12:45:38.0282 4132 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

12:45:38.0282 4132 iirsp - ok

12:45:38.0388 4132 imvad_multi (0dc9c7be59f8dba591b9f145457ed77c) C:\Windows\system32\drivers\imvad.sys

12:45:38.0388 4132 imvad_multi - ok

12:45:38.0564 4132 IntcAzAudAddService (202350c0055a39cfca30b2942f7b10d2) C:\Windows\system32\drivers\RTKVHDA.sys

12:45:38.0580 4132 IntcAzAudAddService - ok

12:45:38.0657 4132 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys

12:45:38.0658 4132 intelide - ok

12:45:38.0687 4132 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

12:45:38.0687 4132 intelppm - ok

12:45:38.0774 4132 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:45:38.0774 4132 IpFilterDriver - ok

12:45:38.0783 4132 IpInIp - ok

12:45:38.0815 4132 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

12:45:38.0816 4132 IPMIDRV - ok

12:45:38.0913 4132 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

12:45:38.0914 4132 IPNAT - ok

12:45:38.0946 4132 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

12:45:38.0947 4132 IRENUM - ok

12:45:39.0026 4132 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

12:45:39.0027 4132 isapnp - ok

12:45:39.0054 4132 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

12:45:39.0058 4132 iScsiPrt - ok

12:45:39.0140 4132 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

12:45:39.0141 4132 iteatapi - ok

12:45:39.0160 4132 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

12:45:39.0161 4132 iteraid - ok

12:45:39.0272 4132 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\Windows\system32\Drivers\IvtBtBus.sys

12:45:39.0273 4132 IvtBtBUs - ok

12:45:39.0304 4132 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

12:45:39.0305 4132 kbdclass - ok

12:45:39.0382 4132 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

12:45:39.0383 4132 kbdhid - ok

12:45:39.0439 4132 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

12:45:39.0445 4132 KSecDD - ok

12:45:39.0531 4132 L8042Kbd (79d1dbfec599ec47244af7b06ae2a04e) C:\Windows\system32\DRIVERS\L8042Kbd.sys

12:45:39.0531 4132 L8042Kbd - ok

12:45:39.0583 4132 L8042mou (8a5993705add14352c9a279fa8338334) C:\Windows\system32\DRIVERS\L8042mou.Sys

12:45:39.0584 4132 L8042mou - ok

12:45:39.0662 4132 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys

12:45:39.0663 4132 LHidFilt - ok

12:45:39.0696 4132 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

12:45:39.0698 4132 lltdio - ok

12:45:39.0806 4132 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys

12:45:39.0807 4132 LMouFilt - ok

12:45:39.0852 4132 LMouKE (9837e55673818ecd8febb47f7f77521a) C:\Windows\system32\DRIVERS\LMouKE.Sys

12:45:39.0853 4132 LMouKE - ok

12:45:39.0945 4132 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

12:45:39.0945 4132 LSI_FC - ok

12:45:39.0973 4132 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

12:45:39.0973 4132 LSI_SAS - ok

12:45:40.0077 4132 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

12:45:40.0077 4132 LSI_SCSI - ok

12:45:40.0182 4132 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

12:45:40.0184 4132 luafv - ok

12:45:40.0222 4132 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys

12:45:40.0223 4132 MarvinBus - ok

12:45:40.0307 4132 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

12:45:40.0308 4132 megasas - ok

12:45:40.0311 4132 mfeavfk01 - ok

12:45:40.0420 4132 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

12:45:40.0421 4132 Modem - ok

12:45:40.0451 4132 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

12:45:40.0453 4132 monitor - ok

12:45:40.0541 4132 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

12:45:40.0542 4132 mouclass - ok

12:45:40.0571 4132 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

12:45:40.0572 4132 mouhid - ok

12:45:40.0652 4132 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

12:45:40.0654 4132 MountMgr - ok

12:45:40.0702 4132 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

12:45:40.0703 4132 MpFilter - ok

12:45:40.0787 4132 MPFP (4fc96dab9d75c1f544ba45ccbafcae7e) C:\Windows\system32\Drivers\Mpfp.sys

12:45:40.0788 4132 MPFP - ok

12:45:40.0809 4132 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

12:45:40.0810 4132 mpio - ok

12:45:40.0924 4132 MpKslf5d57c02 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA863310-E4DC-4F45-A226-E2B522F49685}\MpKslf5d57c02.sys

12:45:40.0925 4132 MpKslf5d57c02 - ok

12:45:41.0013 4132 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

12:45:41.0014 4132 MpNWMon - ok

12:45:41.0054 4132 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

12:45:41.0055 4132 mpsdrv - ok

12:45:41.0163 4132 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

12:45:41.0164 4132 Mraid35x - ok

12:45:41.0213 4132 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

12:45:41.0215 4132 MRxDAV - ok

12:45:41.0305 4132 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

12:45:41.0307 4132 mrxsmb - ok

12:45:41.0363 4132 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:45:41.0366 4132 mrxsmb10 - ok

12:45:41.0454 4132 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:45:41.0456 4132 mrxsmb20 - ok

12:45:41.0512 4132 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

12:45:41.0513 4132 msahci - ok

12:45:41.0579 4132 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

12:45:41.0579 4132 msdsm - ok

12:45:41.0623 4132 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

12:45:41.0624 4132 Msfs - ok

12:45:41.0693 4132 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

12:45:41.0695 4132 msisadrv - ok

12:45:41.0742 4132 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

12:45:41.0743 4132 MSKSSRV - ok

12:45:41.0817 4132 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

12:45:41.0818 4132 MSPCLOCK - ok

12:45:41.0840 4132 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

12:45:41.0841 4132 MSPQM - ok

12:45:41.0917 4132 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

12:45:41.0920 4132 MsRPC - ok

12:45:41.0975 4132 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

12:45:41.0976 4132 mssmbios - ok

12:45:42.0040 4132 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

12:45:42.0041 4132 MSTEE - ok

12:45:42.0101 4132 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

12:45:42.0103 4132 Mup - ok

12:45:42.0171 4132 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

12:45:42.0173 4132 NativeWifiP - ok

12:45:42.0222 4132 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

12:45:42.0226 4132 NDIS - ok

12:45:42.0308 4132 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

12:45:42.0309 4132 NdisTapi - ok

12:45:42.0340 4132 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

12:45:42.0341 4132 Ndisuio - ok

12:45:42.0426 4132 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

12:45:42.0429 4132 NdisWan - ok

12:45:42.0466 4132 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

12:45:42.0468 4132 NDProxy - ok

12:45:42.0560 4132 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

12:45:42.0561 4132 NetBIOS - ok

12:45:42.0630 4132 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

12:45:42.0633 4132 netbt - ok

12:45:42.0717 4132 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

12:45:42.0718 4132 nfrd960 - ok

12:45:42.0777 4132 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

12:45:42.0777 4132 NisDrv - ok

12:45:42.0855 4132 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

12:45:42.0856 4132 Npfs - ok

12:45:42.0905 4132 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

12:45:42.0906 4132 nsiproxy - ok

12:45:42.0991 4132 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

12:45:42.0998 4132 Ntfs - ok

12:45:43.0135 4132 ntk_PowerDVD (170ee229d4def31dbe95348c9a88fe74) C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys

12:45:43.0136 4132 ntk_PowerDVD - ok

12:45:43.0214 4132 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

12:45:43.0214 4132 ntrigdigi - ok

12:45:43.0256 4132 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

12:45:43.0257 4132 Null - ok

12:45:43.0337 4132 NVENETFD (d02b697f105de7f7e3e0b115d8bfb8f3) C:\Windows\system32\DRIVERS\nvmfdx32.sys

12:45:43.0339 4132 NVENETFD - ok

12:45:43.0388 4132 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys

12:45:43.0389 4132 NVHDA - ok

12:45:43.0669 4132 nvlddmkm (6ef47521dce982602a25afb41dd13d4f) C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:45:43.0732 4132 nvlddmkm - ok

12:45:43.0829 4132 NVNET (d02b697f105de7f7e3e0b115d8bfb8f3) C:\Windows\system32\DRIVERS\nvmfdx32.sys

12:45:43.0831 4132 NVNET - ok

12:45:43.0919 4132 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

12:45:43.0920 4132 nvraid - ok

12:45:43.0952 4132 nvrd32 (6f922993c8aa8bf555b0a8428aab5731) C:\Windows\system32\drivers\nvrd32.sys

12:45:43.0953 4132 nvrd32 - ok

12:45:44.0031 4132 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys

12:45:44.0031 4132 nvsmu - ok

12:45:44.0064 4132 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

12:45:44.0064 4132 nvstor - ok

12:45:44.0158 4132 nvstor32 (269de658deaf032564e8b6430b5bd170) C:\Windows\system32\drivers\nvstor32.sys

12:45:44.0160 4132 nvstor32 - ok

12:45:44.0257 4132 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

12:45:44.0258 4132 nv_agp - ok

12:45:44.0267 4132 NwlnkFlt - ok

12:45:44.0276 4132 NwlnkFwd - ok

12:45:44.0299 4132 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

12:45:44.0300 4132 ohci1394 - ok

12:45:44.0417 4132 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

12:45:44.0418 4132 Parport - ok

12:45:44.0453 4132 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

12:45:44.0454 4132 partmgr - ok

12:45:44.0488 4132 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

12:45:44.0488 4132 Parvdm - ok

12:45:44.0541 4132 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys

12:45:44.0542 4132 pccsmcfd - ok

12:45:44.0565 4132 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

12:45:44.0568 4132 pci - ok

12:45:44.0647 4132 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

12:45:44.0648 4132 pciide - ok

12:45:44.0682 4132 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

12:45:44.0683 4132 pcmcia - ok

12:45:44.0790 4132 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

12:45:44.0800 4132 PEAUTH - ok

12:45:44.0905 4132 pppm - ok

12:45:44.0938 4132 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

12:45:44.0940 4132 PptpMiniport - ok

12:45:44.0967 4132 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

12:45:44.0967 4132 Processor - ok

12:45:45.0048 4132 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

12:45:45.0050 4132 PSched - ok

12:45:45.0111 4132 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

12:45:45.0117 4132 ql2300 - ok

12:45:45.0214 4132 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

12:45:45.0215 4132 ql40xx - ok

12:45:45.0251 4132 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

12:45:45.0253 4132 QWAVEdrv - ok

12:45:45.0337 4132 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

12:45:45.0339 4132 RasAcd - ok

12:45:45.0373 4132 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

12:45:45.0375 4132 Rasl2tp - ok

12:45:45.0493 4132 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

12:45:45.0494 4132 RasPppoe - ok

12:45:45.0513 4132 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

12:45:45.0515 4132 RasSstp - ok

12:45:45.0605 4132 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

12:45:45.0608 4132 rdbss - ok

12:45:45.0641 4132 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

12:45:45.0642 4132 RDPCDD - ok

12:45:45.0724 4132 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

12:45:45.0726 4132 rdpdr - ok

12:45:45.0760 4132 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

12:45:45.0761 4132 RDPENCDD - ok

12:45:45.0875 4132 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

12:45:45.0878 4132 RDPWD - ok

12:45:45.0916 4132 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys

12:45:45.0917 4132 regi - ok

12:45:46.0033 4132 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

12:45:46.0036 4132 RFCOMM - ok

12:45:46.0149 4132 ROB_A (a83370a87efc242f37855b9a82de8bc8) C:\Windows\system32\DRIVERS\rob_a.sys

12:45:46.0150 4132 ROB_A - ok

12:45:46.0263 4132 ROB_V (28aa8e68b43df0954979565044fb8fd0) C:\Windows\system32\drivers\rob_v.sys

12:45:46.0264 4132 ROB_V - ok

12:45:46.0350 4132 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys

12:45:46.0351 4132 ROOTMODEM - ok

12:45:46.0386 4132 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

12:45:46.0388 4132 rspndr - ok

12:45:46.0473 4132 RSUSBSTOR (46b21abebaba664b363f368db48d6fb8) C:\Windows\system32\Drivers\RtsUStor.sys

12:45:46.0474 4132 RSUSBSTOR - ok

12:45:46.0501 4132 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

12:45:46.0502 4132 sbp2port - ok

12:45:46.0605 4132 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

12:45:46.0606 4132 secdrv - ok

12:45:46.0639 4132 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

12:45:46.0640 4132 Serenum - ok

12:45:46.0715 4132 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

12:45:46.0717 4132 Serial - ok

12:45:46.0748 4132 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

12:45:46.0750 4132 sermouse - ok

12:45:46.0857 4132 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys

12:45:46.0857 4132 sffdisk - ok

12:45:46.0876 4132 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

12:45:46.0876 4132 sffp_mmc - ok

12:45:46.0895 4132 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys

12:45:46.0896 4132 sffp_sd - ok

12:45:46.0916 4132 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

12:45:46.0917 4132 sfloppy - ok

12:45:47.0012 4132 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

12:45:47.0013 4132 sisagp - ok

12:45:47.0042 4132 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

12:45:47.0042 4132 SiSRaid2 - ok

12:45:47.0116 4132 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

12:45:47.0116 4132 SiSRaid4 - ok

12:45:47.0244 4132 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

12:45:47.0245 4132 Smb - ok

12:45:47.0347 4132 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

12:45:47.0348 4132 spldr - ok

12:45:47.0400 4132 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

12:45:47.0405 4132 srv - ok

12:45:47.0499 4132 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

12:45:47.0502 4132 srv2 - ok

12:45:47.0518 4132 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

12:45:47.0520 4132 srvnet - ok

12:45:47.0631 4132 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\Windows\system32\DRIVERS\ss_bbus.sys

12:45:47.0632 4132 ss_bbus - ok

12:45:47.0682 4132 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\Windows\system32\DRIVERS\ss_bmdfl.sys

12:45:47.0683 4132 ss_bmdfl - ok

12:45:47.0756 4132 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\Windows\system32\DRIVERS\ss_bmdm.sys

12:45:47.0758 4132 ss_bmdm - ok

12:45:47.0871 4132 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

12:45:47.0871 4132 swenum - ok

12:45:47.0906 4132 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

12:45:47.0907 4132 Symc8xx - ok

12:45:47.0985 4132 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

12:45:47.0985 4132 Sym_hi - ok

12:45:48.0000 4132 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

12:45:48.0001 4132 Sym_u3 - ok

12:45:48.0137 4132 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys

12:45:48.0144 4132 Tcpip - ok

12:45:48.0248 4132 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys

12:45:48.0254 4132 Tcpip6 - ok

12:45:48.0379 4132 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys

12:45:48.0396 4132 tcpipreg - ok

12:45:48.0539 4132 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

12:45:48.0547 4132 TDPIPE - ok

12:45:48.0683 4132 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

12:45:48.0712 4132 TDTCP - ok

12:45:48.0895 4132 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

12:45:48.0896 4132 tdx - ok

12:45:48.0925 4132 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

12:45:48.0927 4132 TermDD - ok

12:45:49.0026 4132 TridVid (9b2f3069f505a07c7e53d22715643806) C:\Windows\system32\DRIVERS\TridVid.sys

12:45:49.0028 4132 TridVid - ok

12:45:49.0074 4132 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

12:45:49.0075 4132 tssecsrv - ok

12:45:49.0158 4132 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

12:45:49.0159 4132 tunmp - ok

12:45:49.0196 4132 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

12:45:49.0197 4132 tunnel - ok

12:45:49.0277 4132 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

12:45:49.0278 4132 uagp35 - ok

12:45:49.0320 4132 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

12:45:49.0324 4132 udfs - ok

12:45:49.0409 4132 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

12:45:49.0410 4132 uliagpkx - ok

12:45:49.0433 4132 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

12:45:49.0434 4132 uliahci - ok

12:45:49.0454 4132 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

12:45:49.0455 4132 UlSata - ok

12:45:49.0533 4132 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

12:45:49.0534 4132 ulsata2 - ok

12:45:49.0569 4132 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

12:45:49.0570 4132 umbus - ok

12:45:49.0658 4132 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys

12:45:49.0659 4132 UMPass - ok

12:45:49.0749 4132 USB28xxBGA (6ac8e9fb8ad65179d78413db91ca3e16) C:\Windows\system32\DRIVERS\emBDA.sys

12:45:49.0753 4132 USB28xxBGA - ok

12:45:49.0848 4132 USB28xxOEM (77a71efcec58703c6ef7f2323105ceb3) C:\Windows\system32\DRIVERS\emOEM.sys

12:45:49.0854 4132 USB28xxOEM - ok

12:45:49.0939 4132 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

12:45:49.0941 4132 usbaudio - ok

12:45:49.0951 4132 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

12:45:49.0952 4132 usbccgp - ok

12:45:49.0975 4132 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

12:45:49.0976 4132 usbcir - ok

12:45:50.0056 4132 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

12:45:50.0057 4132 usbehci - ok

12:45:50.0088 4132 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

12:45:50.0091 4132 usbhub - ok

12:45:50.0175 4132 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

12:45:50.0176 4132 usbohci - ok

12:45:50.0282 4132 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

12:45:50.0283 4132 usbprint - ok

12:45:50.0331 4132 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

12:45:50.0331 4132 usbscan - ok

12:45:50.0417 4132 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:45:50.0419 4132 USBSTOR - ok

12:45:50.0442 4132 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys

12:45:50.0443 4132 usbuhci - ok

12:45:50.0519 4132 VComm (025c2a8cba0ab595d3461d278eff5793) C:\Windows\system32\DRIVERS\VComm.sys

12:45:50.0520 4132 VComm - ok

12:45:50.0559 4132 VcommMgr (95ddf14292354887d7d8c8a0881c7485) C:\Windows\system32\Drivers\VcommMgr.sys

12:45:50.0560 4132 VcommMgr - ok

12:45:50.0637 4132 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

12:45:50.0638 4132 vga - ok

12:45:50.0737 4132 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

12:45:50.0738 4132 VgaSave - ok

12:45:50.0797 4132 VHidMinidrv (87abb3de0a2d8936245579316c7bb87c) C:\Windows\system32\drivers\VHIDMini.sys

12:45:50.0798 4132 VHidMinidrv - ok

12:45:50.0876 4132 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

12:45:50.0877 4132 viaagp - ok

12:45:50.0893 4132 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

12:45:50.0893 4132 ViaC7 - ok

12:45:50.0922 4132 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

12:45:50.0922 4132 viaide - ok

12:45:51.0020 4132 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

12:45:51.0021 4132 volmgr - ok

12:45:51.0088 4132 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

12:45:51.0093 4132 volmgrx - ok

12:45:51.0176 4132 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

12:45:51.0177 4132 volsnap - ok

12:45:51.0223 4132 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

12:45:51.0224 4132 vsmraid - ok

12:45:51.0346 4132 VX1000 (f4fab0b9d43a65f79fc838c94006f643) C:\Windows\system32\DRIVERS\VX1000.sys

12:45:51.0358 4132 VX1000 - ok

12:45:51.0468 4132 wacmoumonitor (026d58e9d7701f6b26b0b499f1705334) C:\Windows\system32\DRIVERS\wacmoumonitor.sys

12:45:51.0469 4132 wacmoumonitor - ok

12:45:51.0520 4132 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys

12:45:51.0520 4132 wacommousefilter - ok

12:45:51.0585 4132 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

12:45:51.0586 4132 WacomPen - ok

12:45:51.0635 4132 wacomvhid (846b58ea44bf8c92e4b59f4e2252c4c0) C:\Windows\system32\DRIVERS\wacomvhid.sys

12:45:51.0635 4132 wacomvhid - ok

12:45:51.0667 4132 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:45:51.0668 4132 Wanarp - ok

12:45:51.0686 4132 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:45:51.0687 4132 Wanarpv6 - ok

12:45:51.0774 4132 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

12:45:51.0774 4132 Wd - ok

12:45:51.0819 4132 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

12:45:51.0826 4132 Wdf01000 - ok

12:45:51.0976 4132 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

12:45:51.0977 4132 WmiAcpi - ok

12:45:52.0098 4132 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

12:45:52.0099 4132 WpdUsb - ok

12:45:52.0179 4132 WPN111 - ok

12:45:52.0210 4132 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

12:45:52.0211 4132 ws2ifsl - ok

12:45:52.0252 4132 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

12:45:52.0254 4132 WUDFRd - ok

12:45:52.0423 4132 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (3cb263cf60b253bead6e0205e1fa5669) C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl

12:45:52.0424 4132 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok

12:45:52.0448 4132 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

12:45:52.0512 4132 \Device\Harddisk0\DR0 - ok

12:45:52.0515 4132 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1

12:45:52.0517 4132 \Device\Harddisk1\DR1 - ok

12:45:52.0521 4132 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk2\DR2

12:45:52.0717 4132 \Device\Harddisk2\DR2 - ok

12:45:53.0212 4132 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk3\DR3

12:45:53.0214 4132 \Device\Harddisk3\DR3 - ok

12:45:53.0228 4132 MBR (0x1B8) (c06b75551e26229d2cebf1f7598b869f) \Device\Harddisk4\DR4

12:45:53.0429 4132 \Device\Harddisk4\DR4 - ok

12:45:53.0432 4132 Boot (0x1200) (3e8d4551b1527a96496bdac3b4e80159) \Device\Harddisk0\DR0\Partition0

12:45:53.0433 4132 \Device\Harddisk0\DR0\Partition0 - ok

12:45:53.0458 4132 Boot (0x1200) (d4e670a7f30604321223700bbde533de) \Device\Harddisk0\DR0\Partition1

12:45:53.0459 4132 \Device\Harddisk0\DR0\Partition1 - ok

12:45:53.0462 4132 Boot (0x1200) (940e42932578b82e8c7a69dadfefbdd5) \Device\Harddisk1\DR1\Partition0

12:45:53.0462 4132 \Device\Harddisk1\DR1\Partition0 - ok

12:45:53.0467 4132 Boot (0x1200) (daa3b4422875353f16daf0512df26894) \Device\Harddisk2\DR2\Partition0

12:45:53.0468 4132 \Device\Harddisk2\DR2\Partition0 - ok

12:45:53.0471 4132 Boot (0x1200) (008eeb30f451b575a81a4c837fe42ebd) \Device\Harddisk3\DR3\Partition0

12:45:53.0472 4132 \Device\Harddisk3\DR3\Partition0 - ok

12:45:53.0476 4132 ============================================================

12:45:53.0476 4132 Scan finished

12:45:53.0476 4132 ============================================================

12:45:53.0486 5668 Detected object count: 0

12:45:53.0486 5668 Actual detected object count: 0

---------- Post toegevoegd om 13:21 ---------- Vorige post was om 13:18 ----------

ComboFix 12-01-26.01 - van de Weerd 26-01-2012 12:56:46.4.4 - x86

Gestart vanuit: c:\users\van de Weerd\Downloads\ComboFix.exe

gebruikte Opdracht switches :: d:\download emuletje\1\CFScript.txt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-26 to 2012-01-26 ))))))))))))))))))))))))))))))

.

.

2012-01-26 12:06 . 2012-01-26 12:06 -------- d-----w- c:\users\van de Weerd\AppData\Local\temp

2012-01-26 12:06 . 2012-01-26 12:06 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-01-26 12:06 . 2012-01-26 12:06 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-01-26 11:41 . 2012-01-26 11:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA863310-E4DC-4F45-A226-E2B522F49685}\MpKslf5d57c02.sys

2012-01-26 09:43 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA863310-E4DC-4F45-A226-E2B522F49685}\mpengine.dll

2012-01-26 00:35 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-01-26 00:35 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll

2012-01-26 00:35 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll

2012-01-26 00:35 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll

2012-01-26 00:35 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll

2012-01-26 00:35 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe

2012-01-25 16:04 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-24 23:09 . 2012-01-24 23:09 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\DriverCure

2012-01-24 23:09 . 2012-01-24 23:09 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\SpeedMaxPc

2012-01-24 23:08 . 2012-01-25 08:02 -------- d-----w- c:\programdata\SpeedMaxPc

2012-01-24 15:21 . 2012-01-24 15:21 388096 ----a-r- c:\users\van de Weerd\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-01-24 15:21 . 2012-01-24 15:21 -------- d-----w- c:\program files\Trend Micro

2012-01-23 11:04 . 2012-01-23 11:04 -------- d-----w- c:\programdata\PCStreams

2012-01-23 11:04 . 2012-01-23 11:04 -------- d-----w- c:\users\van de Weerd\AppData\Local\PCStreams3

2012-01-23 11:01 . 2012-01-23 11:01 -------- d-----w- c:\program files\PCStreams

2012-01-23 11:00 . 2012-01-23 11:00 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\Downloaded Installations

2012-01-22 08:38 . 2012-01-22 08:38 -------- d-----w- c:\programdata\Clarus

2012-01-22 08:20 . 2012-01-22 08:20 -------- d-----w- c:\program files\Clarus

2012-01-18 13:20 . 2012-01-18 13:20 -------- d-----w- c:\program files\Common Files\SWF Studio

2012-01-18 13:20 . 2012-01-18 13:20 -------- d-----w- c:\users\van de Weerd\AppData\Roaming\Disney Interactive

2012-01-18 13:18 . 2001-09-05 03:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll

2012-01-18 13:18 . 2001-09-05 03:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2012-01-18 13:18 . 2001-09-05 03:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2012-01-18 13:18 . 2001-09-05 03:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2012-01-17 15:10 . 2012-01-17 15:10 -------- d-----w- C:\FLAC To MP3

2012-01-14 16:26 . 2009-08-11 20:19 797184 ----a-w- c:\windows\system32\ac3filter.ax

2012-01-14 16:26 . 2007-11-22 09:29 115952 ----a-w- c:\windows\system32\mceesmpeg.ax

2012-01-14 16:26 . 2007-10-10 12:03 171760 ----a-w- c:\windows\system32\mcempgmux.dll

2012-01-14 16:26 . 2007-01-19 12:22 2058744 ----a-w- c:\windows\system32\mcempgvout.004

2012-01-14 16:26 . 2007-01-19 12:22 2002936 ----a-w- c:\windows\system32\mcempgvout.003

2012-01-14 16:26 . 2007-01-19 12:22 2009592 ----a-w- c:\windows\system32\mcempgvout.002

2012-01-14 13:29 . 2012-01-14 13:29 -------- d-----w- c:\program files\MP3 Jukebox

2012-01-12 16:13 . 2012-01-12 16:13 -------- d-----w- c:\program files\USB_video_device

2012-01-12 16:13 . 2011-03-10 01:06 1038080 ----a-w- c:\windows\system32\drivers\emOEM.sys

2012-01-12 16:13 . 2011-03-10 01:05 608128 ----a-w- c:\windows\system32\drivers\emBDA.sys

2012-01-12 16:13 . 2011-03-06 18:37 81920 ----a-w- c:\windows\emMON.exe

2012-01-12 16:13 . 2011-03-06 18:19 114176 ----a-w- c:\windows\system32\emPRP.ax

2012-01-11 13:05 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll

2012-01-11 13:05 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll

2012-01-11 13:05 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll

2012-01-11 13:05 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll

2012-01-11 13:05 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll

2012-01-11 13:05 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2012-01-11 13:04 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll

2012-01-11 13:04 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll

2012-01-05 19:10 . 2012-01-05 19:10 -------- d-----w- C:\Programmabestanden

2012-01-05 11:36 . 2012-01-05 11:38 -------- d-----w- c:\program files\HYTEK Stereo 3D Camera Driver

2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll

2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

2012-01-02 13:23 . 2012-01-02 13:27 -------- d-----w- c:\program files\SuperMp3Download

2012-01-02 13:14 . 2012-01-02 13:14 -------- d-----w- c:\users\van de Weerd\AppData\Local\APN

2011-12-31 12:58 . 2011-12-31 12:58 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll

2011-12-31 12:58 . 2011-12-31 12:58 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll

2011-12-31 12:58 . 2011-12-31 12:58 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll

2011-12-31 12:58 . 2011-12-31 12:58 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-25 22:00 . 2010-11-01 21:00 3766 --sha-w- c:\programdata\KGyGaAvL.sys

2012-01-24 22:58 . 2010-11-04 01:59 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2012-01-11 14:32 . 2011-12-16 20:09 12872 ----a-w- c:\windows\system32\bootdelete.exe

2012-01-06 04:19 . 2011-04-04 11:14 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-01-04 09:26 . 2010-10-29 10:42 236576 ------w- c:\windows\system32\MpSigStub.exe

2011-11-28 18:43 . 2011-05-31 10:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-23 13:37 . 2011-12-13 22:06 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-11-08 14:42 . 2011-12-13 22:05 2048 ----a-w- c:\windows\system32\tzres.dll

2011-11-03 22:47 . 2011-12-14 02:05 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:40 . 2011-12-14 02:05 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-03 22:39 . 2011-12-14 02:05 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31 . 2011-12-14 02:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-12-31 12:58 . 2011-05-06 18:11 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1AD61D5B-58A3-4592-9B34-DC84688FF805}]

2010-06-01 13:35 107328 ----a-w- c:\program files\PDF Suite 2010\PDFIEHelper.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-11-16 641400]

"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-04 39408]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 7772704]

"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]

"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-09-02 315478]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /r \??\L:\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79559718.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MyTV Schedule Agent.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MyTV Schedule Agent.lnk

backup=c:\windows\pss\MyTV Schedule Agent.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]

2011-07-29 10:24 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]

2011-10-01 10:40 646232 ----a-w- c:\program files\Bamboo Dock\BambooCore.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2010-03-24 17:50 2516296 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]

2010-04-02 09:18 1185112 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]

2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]

2007-05-17 21:45 279912 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]

2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NETGEARDigitalEntertainer]

2009-04-29 11:22 3498712 ----a-w- c:\program files\NETGEAR\NETGEAR Digital Entertainer for Windows\receiver.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]

2009-06-30 16:40 163872 ----a-w- c:\windows\System32\nvraidservice.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]

2009-11-25 19:42 54672 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]

2011-05-19 03:00 234792 ----a-w- c:\program files\CyberLink\PowerDVD11\PDVD11Serv.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2010-10-11 15:49 14940040 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2010-11-04 01:52 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]

2005-07-28 06:32 94208 ------w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Calendar Checker]

2005-08-22 07:10 69632 ----a-w- c:\program files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]

2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2011-11-16 15:28 641400 ----a-w- c:\program files\uTorrent\uTorrent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]

2007-04-10 21:46 709992 ----a-w- c:\windows\vVX1000.exe

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - 93319868

*NewlyCreated* - 95879576

*NewlyCreated* - FSUSBEXDISK

*NewlyCreated* - MPKSLF5D57C02

*Deregistered* - 93319868

*Deregistered* - 95879576

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

bthsvcs REG_MULTI_SZ BthServ

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-04 01:53]

.

2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-04 01:53]

.

2010-11-12 c:\windows\Tasks\Roxio PhotoShow Updater.job

- c:\program files\Roxio\PhotoShow\auto_updater_shim.exe [2010-06-11 04:25]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

IE: Free YouTube Download - c:\users\van de Weerd\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\van de Weerd\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

FF - ProfilePath - c:\users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\

FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=

FF - prefs.js: network.proxy.type - 0

FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=

FF - user.js: keyword.enabled - 1

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-26 13:06

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]

"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(544)

c:\program files\Logitech\SetPoint\IMHook.dll

c:\program files\Logitech\SetPoint\lgscroll.dll

c:\windows\system32\BsMobileSDK.dll

c:\windows\system32\BsLangInDepRes.dll

c:\windows\system32\Bs2Res.dll

.

Voltooingstijd: 2012-01-26 13:08:46

ComboFix-quarantined-files.txt 2012-01-26 12:08

ComboFix2.txt 2012-01-26 08:20

ComboFix3.txt 2011-04-04 11:54

.

Pre-Run: 13.470.392.320 bytes beschikbaar

Post-Run: 13.450.002.432 bytes beschikbaar

.

- - End Of File - - 1021D24D9F0147DC9532C097D8710926

Link naar reactie
Delen op andere sites

  • Reacties 20
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Ik heb malware laten draaien in de veilige modus maar ik kom niet verder dab objecten verwijderen,als ik op verwijderen drukt loopt het vast

hier het logbestand van mailware

Malwarebytes Anti-Malware 1.60.0.1800

Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Databaseversie: v2012.01.25.03

Windows Vista Service Pack 2 x86 NTFS (Veilige modus)

Internet Explorer 9.0.8112.16421

van de Weerd :: QUILLAUME [administrator]

26-1-2012 15:14:05

mbam-log-2012-01-26 (15-25-32).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 204928

Verstreken tijd: 4 minuut/minuten, 38 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 12

C:\Users\van de Weerd\AppData\Local\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\AppData\Local\RewardsArcade\498 (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\AppData\Local\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\AppData\Local\RewardsArcade\498\Firefox\locale (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\AppData\Local\RewardsArcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\AppData\Local\RewardsArcade\498\Firefox\skin (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\Local Settings\Application Data\RewardsArcade (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\Local Settings\Application Data\RewardsArcade\498 (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\Local Settings\Application Data\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\Local Settings\Application Data\RewardsArcade\498\Firefox\locale (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\Local Settings\Application Data\RewardsArcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> Geen actie ondernomen.

C:\Users\van de Weerd\Local Settings\Application Data\RewardsArcade\498\Firefox\skin (PUP.RewardsArcade) -> Geen actie ondernomen.

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Link naar reactie
Delen op andere sites

Voldoende om te weten dat je deze mappen :

C:\Users\van de Weerd\Local Settings\Application Data\RewardsArcade

C:\Users\van de Weerd\AppData\Local\RewardsArcade

manueel mag/moet verwijderen van je PC.

En krijg je dan nog aanduidingen van het Recycler Virus ?

Link naar reactie
Delen op andere sites

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

• Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"

• Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"

• Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"

• Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.

• Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.

• Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.

Opmerking:

Als u deze melding ziet.

C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK

Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor "Versturen als vals alarm (False Positive)".

• Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"

Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt

• Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.

• Herstart nu de computer.

Link naar reactie
Delen op andere sites

Emsisoft Emergency Kit - Versie 1.0

Laatste Update: 26-1-2012 16:46:30

Scaninstellingen:

Scantype: Diepe Scan

Objecten: Geheugen, Sporen, Cookies, C:\, D:\, G:\, J:\, L:\, M:\

Scan archieven: Aan

Heuristieken: Uit

ADS Scan: Aan

Scan gestart: 26-1-2012 16:48:42

Key: HKEY_CURRENT_USER\software\WhiteSmoke Ontdekt: Trace.Registry.WhiteSmoke!A2

Key: HKEY_CURRENT_USER\software\WhiteSmoke\MainDlg Ontdekt: Trace.Registry.WhiteSmoke!A2

Key: HKEY_CURRENT_USER\software\WhiteSmoke\Profiles Ontdekt: Trace.Registry.WhiteSmoke!A2

Value: HKEY_CLASSES_ROOT\CLSID\{0AF8185C-26D7-4607-A005-7D586B750C38}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.Blubster!A2

Value: HKEY_CLASSES_ROOT\CLSID\{5BF31631-3D94-4267-B6F4-0CE18B008928}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.Blubster!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AF8185C-26D7-4607-A005-7D586B750C38}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.Blubster!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BF31631-3D94-4267-B6F4-0CE18B008928}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.Blubster!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\van_de_weerd@doubleclick[1].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\van_de_weerd@doubleclick[2].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\Low\van_de_weerd@hitbox[1].txt Ontdekt: Trace.TrackingCookie.hitbox!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\Low\van_de_weerd@statcounter[1].txt Ontdekt: Trace.TrackingCookie.statcounter!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:5846 Ontdekt: Trace.TrackingCookie.cms!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:6249 Ontdekt: Trace.TrackingCookie.cms!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:6259 Ontdekt: Trace.TrackingCookie.cms!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:26769 Ontdekt: Trace.TrackingCookie.aol.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:42837 Ontdekt: Trace.TrackingCookie.m.webtrends.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:89625 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:90322 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:91223 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:91318 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2

C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.701.0\ClickPotatoLiteSACB.exe.vir Ontdekt: Gen.AdWare.Heur!IK

C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\11.0.19.0\ClickPotatoLiteSACB.exe.vir Ontdekt: AdWare.Win32.ClickPotato!IK

C:\Users\van de Weerd\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0ac727fe\Report.cab/{CD30F4DE-9466-0291-D1A6-7DBAF03A3607}-Album Player 3.3i.exe Ontdekt: Trojan.Win32.VBKrypt!IK

C:\Users\van de Weerd\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0e4f44ba\Report.cab/{79F3982E-7344-A925-5181-DD58DDBA421E}-svchost.exe Ontdekt: Trojan.Win32.VBKrypt!IK

C:\Users\van de Weerd\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\ddd5b4d-16ccea1d/buildService\ClassId.class Ontdekt: Trojan.Agent-US!IK

C:\Users\van de Weerd\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\ddd5b4d-16ccea1d/buildService\ClassType.class Ontdekt: JAVA.Agent!IK

C:\Users\van de Weerd\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\ddd5b4d-16ccea1d/buildService\VirtualTable.class Ontdekt: Exploit.-!IK

C:\Users\van de Weerd\AppData\LocalLow\WhiteSmoke\html\english\dictClientDic\translator.html Ontdekt: Riskware.HTML.WhiteSmoke!A2

G:\back-up\quillaume\Desktop\cd dvd programma`s\FTDv3.8\cache\pap392_1226925343.gif Ontdekt: Attached PE/Script!IK

G:\back-up\quillaume\Desktop\cd dvd programma`s\FTDv3.8\cache\pap503_1229432160.gif Ontdekt: Attached PE/Script!IK

G:\back-up\quillaume\Pictures\SetupFTD3.8.4.exe/$INSTDIR\FTDv3.exe Ontdekt: Virus.Win32.Virut!IK

G:\back-up\quillaume\Pictures\SetupFTD3.8.4.zip/$INSTDIR\FTDv3.exe Ontdekt: Virus.Win32.Virut!IK

G:\back-up\quillaume\Pictures\SetupFTD3.8.4.zip/$OUTDIR\default.grps Ontdekt: Virus.Win32.Virut!IK

G:\software\AVS Video Editor V4.2.1.166\Crack\AVSVideoEditor.exe Ontdekt: possible-Threat.Crack.AVS!IK

G:\software\AVS Video Editor V4.2.1.166\Crack\AVSVideoRecorder.exe Ontdekt: possible-Threat.Crack.AVS!IK

G:\software\Now playing v3810Plugin for Winamp\Keygen.exe Ontdekt: Trojan-PWS.Win32.LdPinch!IK

G:\software\PatCh411Ru.exe Ontdekt: possible-Threat.Patch.Alcohol!IK

G:\software\PhotoAlbumSetup.exe Ontdekt: Trojan.Win32.Spy2!IK

G:\software\smp3\Super Mp3 Download 2009 v3.2.6.6 Pro Edition Cracked\Super Mp3 Download 2009 v3.2.6.6 Pro Edition Cracked.exe Ontdekt: HackTool.Win32.KKFinder!IK

G:\software\smp3\Super Mp3 Download 2009 v3.2.6.6 Pro Edition Portable.exe/s.exe Ontdekt: Backdoor.Turkojan!IK

Gescand

Bestanden: 909425

Sporen: 404020

Cookies: 2690

Processen: 84

Gevonden

Bestanden: 20

Sporen: 7

Cookies: 13

Processen: 0

Registersleutels: 0

Scan Geëindigd: 27-1-2012 1:01:37

Scantijd: 8:12:55

G:\software\smp3\Super Mp3 Download 2009 v3.2.6.6 Pro Edition Portable.exe/s.exe Verwijderd Backdoor.Turkojan!IK

G:\software\smp3\Super Mp3 Download 2009 v3.2.6.6 Pro Edition Cracked\Super Mp3 Download 2009 v3.2.6.6 Pro Edition Cracked.exe Verwijderd HackTool.Win32.KKFinder!IK

G:\software\PhotoAlbumSetup.exe Verwijderd Trojan.Win32.Spy2!IK

G:\software\PatCh411Ru.exe Verwijderd possible-Threat.Patch.Alcohol!IK

G:\software\Now playing v3810Plugin for Winamp\Keygen.exe Verwijderd Trojan-PWS.Win32.LdPinch!IK

G:\software\AVS Video Editor V4.2.1.166\Crack\AVSVideoEditor.exe Verwijderd possible-Threat.Crack.AVS!IK

G:\software\AVS Video Editor V4.2.1.166\Crack\AVSVideoRecorder.exe Verwijderd possible-Threat.Crack.AVS!IK

G:\back-up\quillaume\Pictures\SetupFTD3.8.4.exe/$INSTDIR\FTDv3.exe Verwijderd Virus.Win32.Virut!IK

G:\back-up\quillaume\Pictures\SetupFTD3.8.4.zip/$INSTDIR\FTDv3.exe Verwijderd Virus.Win32.Virut!IK

G:\back-up\quillaume\Pictures\SetupFTD3.8.4.zip/$OUTDIR\default.grps Verwijderd Virus.Win32.Virut!IK

G:\back-up\quillaume\Desktop\cd dvd programma`s\FTDv3.8\cache\pap392_1226925343.gif Verwijderd Attached PE/Script!IK

G:\back-up\quillaume\Desktop\cd dvd programma`s\FTDv3.8\cache\pap503_1229432160.gif Verwijderd Attached PE/Script!IK

C:\Users\van de Weerd\AppData\LocalLow\WhiteSmoke\html\english\dictClientDic\translator.html Verwijderd Riskware.HTML.WhiteSmoke!A2

C:\Users\van de Weerd\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\ddd5b4d-16ccea1d/buildService\VirtualTable.class Verwijderd Exploit.-!IK

C:\Users\van de Weerd\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\ddd5b4d-16ccea1d/buildService\ClassType.class Verwijderd JAVA.Agent!IK

C:\Users\van de Weerd\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\ddd5b4d-16ccea1d/buildService\ClassId.class Verwijderd Trojan.Agent-US!IK

C:\Users\van de Weerd\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0ac727fe\Report.cab/{CD30F4DE-9466-0291-D1A6-7DBAF03A3607}-Album Player 3.3i.exe Verwijderd Trojan.Win32.VBKrypt!IK

C:\Users\van de Weerd\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0e4f44ba\Report.cab/{79F3982E-7344-A925-5181-DD58DDBA421E}-svchost.exe Verwijderd Trojan.Win32.VBKrypt!IK

C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\11.0.19.0\ClickPotatoLiteSACB.exe.vir Verwijderd AdWare.Win32.ClickPotato!IK

C:\Qoobox\Quarantine\C\Program Files\ClickPotatoLite\bin\10.0.701.0\ClickPotatoLiteSACB.exe.vir Verwijderd Gen.AdWare.Heur!IK

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:90322 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:91223 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:89625 Verwijderd Trace.TrackingCookie.doubleclick.net!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:91318 Verwijderd Trace.TrackingCookie.doubleclick.net!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:42837 Verwijderd Trace.TrackingCookie.m.webtrends.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:26769 Verwijderd Trace.TrackingCookie.aol.com!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:5846 Verwijderd Trace.TrackingCookie.cms!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:6249 Verwijderd Trace.TrackingCookie.cms!A2

C:\Users\van de Weerd\AppData\Roaming\Mozilla\Firefox\Profiles\rk2n8hms.default\cookies.sqlite:6259 Verwijderd Trace.TrackingCookie.cms!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\Low\van_de_weerd@statcounter[1].txt Verwijderd Trace.TrackingCookie.statcounter!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\Low\van_de_weerd@hitbox[1].txt Verwijderd Trace.TrackingCookie.hitbox!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\van_de_weerd@doubleclick[1].txt Verwijderd Trace.TrackingCookie.doubleclick!A2

C:\Users\van de Weerd\AppData\Roaming\Microsoft\Windows\Cookies\van_de_weerd@doubleclick[2].txt Verwijderd Trace.TrackingCookie.doubleclick!A2

Value: HKEY_CLASSES_ROOT\CLSID\{0AF8185C-26D7-4607-A005-7D586B750C38}\InprocServer32 --> ThreadingModel Verwijderd Trace.Registry.Blubster!A2

Value: HKEY_CLASSES_ROOT\CLSID\{5BF31631-3D94-4267-B6F4-0CE18B008928}\InprocServer32 --> ThreadingModel Verwijderd Trace.Registry.Blubster!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AF8185C-26D7-4607-A005-7D586B750C38}\InprocServer32 --> ThreadingModel Verwijderd Trace.Registry.Blubster!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BF31631-3D94-4267-B6F4-0CE18B008928}\InprocServer32 --> ThreadingModel Verwijderd Trace.Registry.Blubster!A2

Key: HKEY_CURRENT_USER\software\WhiteSmoke Verwijderd Trace.Registry.WhiteSmoke!A2

Key: HKEY_CURRENT_USER\software\WhiteSmoke\MainDlg Verwijderd Trace.Registry.WhiteSmoke!A2

Key: HKEY_CURRENT_USER\software\WhiteSmoke\Profiles Verwijderd Trace.Registry.WhiteSmoke!A2

Verwijderd

Bestanden: 20

Sporen: 7

Cookies: 13

Link naar reactie
Delen op andere sites

Oeps ... dit - Virus.Win32.Virut! - levert geen goed nieuws op. Op basis van je log is het duidelijk dat je o.m. met een Virut-infectie worstelt. Het infecteert legitieme exe-bestanden, dus ook al je programma's, enz ...

SystemLookup - Global Search

Het slechte nieuws is dat bij een Virut enkel een format en herinstallatie een goede oplossing is, alle andere pogingen zijn een verloren zaak. Lees hierover even dit verhaal :

Spyware

Kortom 80% van de exe-bestanden zijn geïnfecteerd hier. Dus, indien je een backup neemt van je bestanden vooraleer een format en herinstallatie te doen, zorg ervoor dat je geen backup neemt van exe, scr, html, htm, asp, php bestanden, want ook deze zijn allemaal geïnfecteerd.

Succes ermee.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.