Ga naar inhoud

computer zogezegd gehackt door FCCU, pc is geblokkeerd


Aanbevolen berichten

hoi,

Ik veronderstel dat het logje gelukt is (wel via exe download ipv msi)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:14:00, on 23/04/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\HijackThis exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: WiseConvert 2.1 Toolbar - {ecce0073-a837-45a2-95b9-600420505f7e} - C:\Program Files\WiseConvert_2.1\prxtbWise.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111223124635.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: WiseConvert 2.1 - {ecce0073-a837-45a2-95b9-600420505f7e} - C:\Program Files\WiseConvert_2.1\prxtbWise.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: WiseConvert 2.1 Toolbar - {ecce0073-a837-45a2-95b9-600420505f7e} - C:\Program Files\WiseConvert_2.1\prxtbWise.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [McPvTray_exe] "C:\Program Files\McAfee\MAT\McPvTray.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Documents and Settings\Bart\Bureaublad\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1305202367062

O18 - Protocol: bw+0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: offline-8876480 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe

O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files\McAfee Online Backup\MOBKbackup.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

--

End of file - 20924 bytes

Link naar reactie
Delen op andere sites

  • Reacties 21
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Start Hijackthis op. Klik met de rechter muisknop op de icoon en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: WiseConvert 2.1 Toolbar - {ecce0073-a837-45a2-95b9-600420505f7e} - C:\Program Files\WiseConvert_2.1\prxtbWise.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: WiseConvert 2.1 - {ecce0073-a837-45a2-95b9-600420505f7e} - C:\Program Files\WiseConvert_2.1\prxtbWise.dll

O3 - Toolbar: WiseConvert 2.1 Toolbar - {ecce0073-a837-45a2-95b9-600420505f7e} - C:\Program Files\WiseConvert_2.1\prxtbWise.dll

O18 - Protocol: bw+0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {5116CD23-4155-4282-9FBB-693A9E3F25A3} - C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... Dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Link naar reactie
Delen op andere sites

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Databaseversie: v2012.04.24.06

Windows XP Service Pack 3 x86 NTFS (Veilige modus/netwerkmogelijkheden)

Internet Explorer 8.0.6001.18702

Administrator :: BERT-LAPTOP [administrator]

24/04/2012 23:04:53

mbam-log-2012-04-24 (23-04-53).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 221215

Verstreken tijd: 3 minuut/minuten, 48 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Mvg,

Air

---------- Post toegevoegd om 23:20 ---------- Vorige post was om 23:10 ----------

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:17:06, on 24/04/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\HijackThis laatste exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111223124635.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [McPvTray_exe] "C:\Program Files\McAfee\MAT\McPvTray.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Documents and Settings\Bart\Bureaublad\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1305202367062

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe

O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files\McAfee Online Backup\MOBKbackup.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

--

End of file - 7444 bytes

---------- Post toegevoegd om 23:24 ---------- Vorige post was om 23:20 ----------

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:17:06, on 24/04/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\HijackThis laatste exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111223124635.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [McPvTray_exe] "C:\Program Files\McAfee\MAT\McPvTray.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Documents and Settings\Bart\Bureaublad\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Documents and Settings\Bart\Bureaublad\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1305202367062

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe

O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files\McAfee Online Backup\MOBKbackup.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

--

End of file - 7444 bytes

Mvg,

Air

Link naar reactie
Delen op andere sites

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Link naar reactie
Delen op andere sites

22:14:12.0125 1420 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43

22:14:13.0187 1420 ============================================================

22:14:13.0187 1420 Current date / time: 2012/04/25 22:14:13.0187

22:14:13.0187 1420 SystemInfo:

22:14:13.0187 1420

22:14:13.0187 1420 OS Version: 5.1.2600 ServicePack: 3.0

22:14:13.0187 1420 Product type: Workstation

22:14:13.0187 1420 ComputerName: BERT-LAPTOP

22:14:13.0187 1420 UserName: Administrator

22:14:13.0187 1420 Windows directory: C:\WINDOWS

22:14:13.0187 1420 System windows directory: C:\WINDOWS

22:14:13.0187 1420 Processor architecture: Intel x86

22:14:13.0187 1420 Number of processors: 2

22:14:13.0187 1420 Page size: 0x1000

22:14:13.0187 1420 Boot type: Safe boot with network

22:14:13.0187 1420 ============================================================

22:14:14.0625 1420 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

22:14:14.0625 1420 ============================================================

22:14:14.0625 1420 \Device\Harddisk0\DR0:

22:14:14.0625 1420 MBR partitions:

22:14:14.0625 1420 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800

22:14:14.0625 1420 ============================================================

22:14:14.0640 1420 C: <-> \Device\Harddisk0\DR0\Partition0

22:14:14.0640 1420 ============================================================

22:14:14.0640 1420 Initialize success

22:14:14.0640 1420 ============================================================

22:14:42.0093 1408 ============================================================

22:14:42.0093 1408 Scan started

22:14:42.0093 1408 Mode: Manual;

22:14:42.0093 1408 ============================================================

22:14:43.0140 1408 Abiosdsk - ok

22:14:43.0171 1408 abp480n5 - ok

22:14:43.0218 1408 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

22:14:43.0234 1408 ACPI - ok

22:14:43.0250 1408 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

22:14:43.0250 1408 ACPIEC - ok

22:14:43.0265 1408 adpu160m - ok

22:14:43.0312 1408 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

22:14:43.0328 1408 aec - ok

22:14:43.0375 1408 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

22:14:43.0390 1408 AFD - ok

22:14:43.0484 1408 AgereSoftModem (ceffa3db1657293322e0bdea7d99e754) C:\WINDOWS\system32\DRIVERS\AGRSM.sys

22:14:43.0546 1408 AgereSoftModem - ok

22:14:43.0562 1408 Aha154x - ok

22:14:43.0578 1408 aic78u2 - ok

22:14:43.0593 1408 aic78xx - ok

22:14:43.0640 1408 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll

22:14:43.0640 1408 Alerter - ok

22:14:43.0671 1408 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe

22:14:43.0671 1408 ALG - ok

22:14:43.0671 1408 AliIde - ok

22:14:43.0703 1408 amsint - ok

22:14:43.0718 1408 AppMgmt - ok

22:14:43.0765 1408 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

22:14:43.0765 1408 Arp1394 - ok

22:14:43.0796 1408 asc - ok

22:14:43.0812 1408 asc3350p - ok

22:14:43.0828 1408 asc3550 - ok

22:14:43.0968 1408 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

22:14:43.0968 1408 aspnet_state - ok

22:14:44.0000 1408 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

22:14:44.0000 1408 AsyncMac - ok

22:14:44.0031 1408 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

22:14:44.0031 1408 atapi - ok

22:14:44.0046 1408 Atdisk - ok

22:14:44.0093 1408 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

22:14:44.0109 1408 Atmarpc - ok

22:14:44.0125 1408 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll

22:14:44.0125 1408 AudioSrv - ok

22:14:44.0156 1408 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

22:14:44.0156 1408 audstub - ok

22:14:44.0234 1408 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

22:14:44.0234 1408 Beep - ok

22:14:44.0281 1408 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll

22:14:44.0359 1408 BITS - ok

22:14:44.0390 1408 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll

22:14:44.0390 1408 Browser - ok

22:14:44.0500 1408 Cam5603D (d09ee7f110448865dc56baa750090631) C:\WINDOWS\system32\Drivers\BisonCam.sys

22:14:44.0546 1408 Cam5603D - ok

22:14:44.0578 1408 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

22:14:44.0578 1408 cbidf2k - ok

22:14:44.0609 1408 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

22:14:44.0609 1408 CCDECODE - ok

22:14:44.0625 1408 cd20xrnt - ok

22:14:44.0656 1408 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

22:14:44.0671 1408 Cdaudio - ok

22:14:44.0687 1408 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

22:14:44.0687 1408 Cdfs - ok

22:14:44.0734 1408 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

22:14:44.0734 1408 Cdrom - ok

22:14:44.0765 1408 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys

22:14:44.0765 1408 cfwids - ok

22:14:44.0781 1408 Changer - ok

22:14:44.0812 1408 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe

22:14:44.0812 1408 CiSvc - ok

22:14:44.0843 1408 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe

22:14:44.0843 1408 ClipSrv - ok

22:14:44.0937 1408 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:14:44.0953 1408 clr_optimization_v2.0.50727_32 - ok

22:14:45.0015 1408 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:14:45.0031 1408 clr_optimization_v4.0.30319_32 - ok

22:14:45.0062 1408 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

22:14:45.0062 1408 CmBatt - ok

22:14:45.0078 1408 CmdIde - ok

22:14:45.0109 1408 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

22:14:45.0109 1408 Compbatt - ok

22:14:45.0140 1408 COMSysApp - ok

22:14:45.0171 1408 Cpqarray - ok

22:14:45.0218 1408 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll

22:14:45.0218 1408 CryptSvc - ok

22:14:45.0234 1408 dac2w2k - ok

22:14:45.0265 1408 dac960nt - ok

22:14:45.0312 1408 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

22:14:45.0359 1408 DcomLaunch - ok

22:14:45.0406 1408 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll

22:14:45.0421 1408 Dhcp - ok

22:14:45.0437 1408 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

22:14:45.0437 1408 Disk - ok

22:14:45.0453 1408 dmadmin - ok

22:14:45.0531 1408 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys

22:14:45.0546 1408 dmboot - ok

22:14:45.0578 1408 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys

22:14:45.0593 1408 dmio - ok

22:14:45.0625 1408 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

22:14:45.0625 1408 dmload - ok

22:14:45.0640 1408 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll

22:14:45.0656 1408 dmserver - ok

22:14:45.0703 1408 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

22:14:45.0703 1408 DMusic - ok

22:14:45.0718 1408 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll

22:14:45.0718 1408 Dnscache - ok

22:14:45.0765 1408 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll

22:14:45.0765 1408 Dot3svc - ok

22:14:45.0781 1408 dpti2o - ok

22:14:45.0796 1408 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

22:14:45.0796 1408 drmkaud - ok

22:14:45.0843 1408 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll

22:14:45.0843 1408 EapHost - ok

22:14:45.0875 1408 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll

22:14:45.0890 1408 ERSvc - ok

22:14:45.0921 1408 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

22:14:45.0921 1408 Eventlog - ok

22:14:45.0968 1408 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll

22:14:45.0968 1408 EventSystem - ok

22:14:46.0000 1408 F5D5055 (59d783ff1b4ed5b39bfc3c3b7376e7f0) C:\WINDOWS\system32\DRIVERS\F5D5055.sys

22:14:46.0015 1408 F5D5055 - ok

22:14:46.0078 1408 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

22:14:46.0093 1408 Fastfat - ok

22:14:46.0125 1408 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

22:14:46.0156 1408 FastUserSwitchingCompatibility - ok

22:14:46.0171 1408 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

22:14:46.0171 1408 Fdc - ok

22:14:46.0171 1408 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys

22:14:46.0171 1408 Fips - ok

22:14:46.0187 1408 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

22:14:46.0187 1408 Flpydisk - ok

22:14:46.0203 1408 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

22:14:46.0203 1408 FltMgr - ok

22:14:46.0281 1408 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

22:14:46.0296 1408 FontCache3.0.0.0 - ok

22:14:46.0296 1408 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

22:14:46.0296 1408 Fs_Rec - ok

22:14:46.0328 1408 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

22:14:46.0343 1408 Ftdisk - ok

22:14:46.0375 1408 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

22:14:46.0375 1408 Gpc - ok

22:14:46.0406 1408 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

22:14:46.0406 1408 HDAudBus - ok

22:14:46.0484 1408 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

22:14:46.0484 1408 helpsvc - ok

22:14:46.0500 1408 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll

22:14:46.0500 1408 HidServ - ok

22:14:46.0531 1408 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

22:14:46.0531 1408 hidusb - ok

22:14:46.0562 1408 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll

22:14:46.0562 1408 hkmsvc - ok

22:14:46.0578 1408 hpn - ok

22:14:46.0640 1408 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

22:14:46.0640 1408 HPZius12 - ok

22:14:46.0687 1408 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

22:14:46.0703 1408 HTTP - ok

22:14:46.0734 1408 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll

22:14:46.0734 1408 HTTPFilter - ok

22:14:46.0750 1408 i2omgmt - ok

22:14:46.0750 1408 i2omp - ok

22:14:46.0781 1408 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

22:14:46.0781 1408 i8042prt - ok

22:14:47.0046 1408 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

22:14:47.0218 1408 ialm - ok

22:14:47.0390 1408 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

22:14:47.0421 1408 idsvc - ok

22:14:47.0531 1408 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

22:14:47.0531 1408 Imapi - ok

22:14:47.0562 1408 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe

22:14:47.0578 1408 ImapiService - ok

22:14:47.0578 1408 ini910u - ok

22:14:47.0578 1408 IntelIde - ok

22:14:47.0609 1408 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys

22:14:47.0609 1408 intelppm - ok

22:14:47.0625 1408 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

22:14:47.0625 1408 Ip6Fw - ok

22:14:47.0640 1408 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

22:14:47.0640 1408 IpFilterDriver - ok

22:14:47.0656 1408 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

22:14:47.0656 1408 IpInIp - ok

22:14:47.0687 1408 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

22:14:47.0703 1408 IpNat - ok

22:14:47.0718 1408 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

22:14:47.0718 1408 IPSec - ok

22:14:47.0734 1408 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

22:14:47.0734 1408 IRENUM - ok

22:14:47.0750 1408 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys

22:14:47.0750 1408 isapnp - ok

22:14:47.0843 1408 JavaQuickStarterService (11c3efb4bac41175d03b1595db1a4a4f) C:\Program Files\Java\jre6\bin\jqs.exe

22:14:47.0859 1408 JavaQuickStarterService - ok

22:14:47.0890 1408 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

22:14:47.0890 1408 Kbdclass - ok

22:14:47.0906 1408 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

22:14:47.0906 1408 kbdhid - ok

22:14:47.0937 1408 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

22:14:47.0953 1408 kmixer - ok

22:14:47.0968 1408 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

22:14:47.0984 1408 KSecDD - ok

22:14:48.0000 1408 L8042Kbd (702e5ffd2dd24b4b00f798953320fc20) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys

22:14:48.0000 1408 L8042Kbd - ok

22:14:48.0015 1408 L8042mou (bb84d29e6f00c8a447ba63e94a2f1e0f) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys

22:14:48.0015 1408 L8042mou - ok

22:14:48.0031 1408 LanmanServer (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll

22:14:48.0046 1408 LanmanServer - ok

22:14:48.0046 1408 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll

22:14:48.0093 1408 lanmanworkstation - ok

22:14:48.0093 1408 lbrtfdc - ok

22:14:48.0125 1408 LHidKe (04540f5b4c0760bf6d78311b04439afa) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys

22:14:48.0125 1408 LHidKe - ok

22:14:48.0156 1408 LHidUsbK (1c9414f926e5a8546a58b0e8e1bc5ddc) C:\WINDOWS\system32\Drivers\LHidUsbK.Sys

22:14:48.0156 1408 LHidUsbK - ok

22:14:48.0187 1408 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll

22:14:48.0187 1408 LmHosts - ok

22:14:48.0218 1408 LMouKE (d98216e171e82524d0b9d8f13f7c96ea) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys

22:14:48.0218 1408 LMouKE - ok

22:14:48.0296 1408 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

22:14:48.0312 1408 McAfee SiteAdvisor Service - ok

22:14:48.0312 1408 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

22:14:48.0312 1408 McMPFSvc - ok

22:14:48.0312 1408 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

22:14:48.0312 1408 mcmscsvc - ok

22:14:48.0328 1408 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

22:14:48.0328 1408 McNaiAnn - ok

22:14:48.0328 1408 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

22:14:48.0328 1408 McNASvc - ok

22:14:48.0421 1408 McODS (1d97a89e4c1917d7c7ac3a27a45ef87e) C:\Program Files\McAfee\VirusScan\mcods.exe

22:14:48.0437 1408 McODS - ok

22:14:48.0437 1408 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

22:14:48.0437 1408 McProxy - ok

22:14:48.0484 1408 McPvDrv (000751813ecef491689176e72b3a8bee) C:\WINDOWS\system32\drivers\McPvDrv.sys

22:14:48.0500 1408 McPvDrv - ok

22:14:48.0531 1408 McShield (16767b4cb7ae8f388e091717db34ff6c) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

22:14:48.0546 1408 McShield - ok

22:14:48.0562 1408 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll

22:14:48.0562 1408 Messenger - ok

22:14:48.0593 1408 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys

22:14:48.0609 1408 mfeapfk - ok

22:14:48.0640 1408 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys

22:14:48.0656 1408 mfeavfk - ok

22:14:48.0687 1408 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys

22:14:48.0687 1408 mfebopk - ok

22:14:48.0718 1408 mfefire (3f17534b8867854113df2b45fff3acf5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

22:14:48.0718 1408 mfefire - ok

22:14:48.0750 1408 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys

22:14:48.0750 1408 mfefirek - ok

22:14:48.0796 1408 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys

22:14:48.0812 1408 mfehidk - ok

22:14:48.0843 1408 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

22:14:48.0843 1408 mfendisk - ok

22:14:48.0843 1408 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

22:14:48.0843 1408 mfendiskmp - ok

22:14:48.0875 1408 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys

22:14:48.0875 1408 mferkdet - ok

22:14:48.0921 1408 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys

22:14:48.0921 1408 mfetdi2k - ok

22:14:48.0953 1408 mfevtp (ad52269897626d614b31e153f5c5d65c) C:\WINDOWS\system32\mfevtps.exe

22:14:48.0968 1408 mfevtp - ok

22:14:49.0015 1408 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

22:14:49.0015 1408 mnmdd - ok

22:14:49.0046 1408 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe

22:14:49.0046 1408 mnmsrvc - ok

22:14:49.0125 1408 MOBKbackup (35176fa09a0fc58db630991a81a0ba39) C:\Program Files\McAfee Online Backup\MOBKbackup.exe

22:14:49.0140 1408 MOBKbackup - ok

22:14:49.0156 1408 MOBKFilter (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\MOBK.sys

22:14:49.0156 1408 MOBKFilter - ok

22:14:49.0187 1408 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys

22:14:49.0187 1408 Modem - ok

22:14:49.0218 1408 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys

22:14:49.0218 1408 Mouclass - ok

22:14:49.0234 1408 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

22:14:49.0234 1408 mouhid - ok

22:14:49.0265 1408 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

22:14:49.0265 1408 MountMgr - ok

22:14:49.0328 1408 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys

22:14:49.0328 1408 MpFilter - ok

22:14:49.0328 1408 mraid35x - ok

22:14:49.0343 1408 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

22:14:49.0343 1408 MRxDAV - ok

22:14:49.0406 1408 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

22:14:49.0437 1408 MRxSmb - ok

22:14:49.0468 1408 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe

22:14:49.0468 1408 MSDTC - ok

22:14:49.0484 1408 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

22:14:49.0484 1408 Msfs - ok

22:14:49.0484 1408 MSIServer - ok

22:14:49.0593 1408 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

22:14:49.0593 1408 MSK80Service - ok

22:14:49.0625 1408 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

22:14:49.0625 1408 MSKSSRV - ok

22:14:49.0687 1408 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

22:14:49.0687 1408 MsMpSvc - ok

22:14:49.0703 1408 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

22:14:49.0703 1408 MSPCLOCK - ok

22:14:49.0718 1408 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

22:14:49.0718 1408 MSPQM - ok

22:14:49.0734 1408 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

22:14:49.0734 1408 mssmbios - ok

22:14:49.0750 1408 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

22:14:49.0765 1408 MSTEE - ok

22:14:49.0796 1408 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

22:14:49.0812 1408 Mup - ok

22:14:49.0859 1408 MxlW2k (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys

22:14:49.0859 1408 MxlW2k - ok

22:14:49.0890 1408 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

22:14:49.0906 1408 NABTSFEC - ok

22:14:49.0953 1408 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll

22:14:49.0968 1408 napagent - ok

22:14:50.0015 1408 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

22:14:50.0015 1408 NDIS - ok

22:14:50.0046 1408 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

22:14:50.0046 1408 NdisIP - ok

22:14:50.0062 1408 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

22:14:50.0062 1408 NdisTapi - ok

22:14:50.0093 1408 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

22:14:50.0109 1408 Ndisuio - ok

22:14:50.0109 1408 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

22:14:50.0109 1408 NdisWan - ok

22:14:50.0125 1408 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

22:14:50.0125 1408 NDProxy - ok

22:14:50.0140 1408 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

22:14:50.0140 1408 NetBIOS - ok

22:14:50.0156 1408 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

22:14:50.0171 1408 NetBT - ok

22:14:50.0203 1408 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

22:14:50.0218 1408 NetDDE - ok

22:14:50.0218 1408 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

22:14:50.0218 1408 NetDDEdsdm - ok

22:14:50.0250 1408 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

22:14:50.0250 1408 Netlogon - ok

22:14:50.0265 1408 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll

22:14:50.0281 1408 Netman - ok

22:14:50.0375 1408 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:14:50.0390 1408 NetTcpPortSharing - ok

22:14:50.0531 1408 NETw4x32 (12b0d99865434387f784268b70e23360) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys

22:14:50.0609 1408 NETw4x32 - ok

22:14:51.0109 1408 NETwLx32 (72062b53186e4a3f5fcbc41ebb62b905) C:\WINDOWS\system32\DRIVERS\NETwLx32.sys

22:14:51.0312 1408 NETwLx32 - ok

22:14:51.0406 1408 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

22:14:51.0406 1408 NIC1394 - ok

22:14:51.0437 1408 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll

22:14:51.0453 1408 Nla - ok

22:14:51.0546 1408 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Program Files\CDBurnerXP\NMSAccessU.exe

22:14:51.0546 1408 NMSAccess - ok

22:14:51.0593 1408 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

22:14:51.0593 1408 Npfs - ok

22:14:51.0640 1408 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

22:14:51.0656 1408 Ntfs - ok

22:14:51.0703 1408 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

22:14:51.0703 1408 NtLmSsp - ok

22:14:51.0750 1408 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll

22:14:51.0765 1408 NtmsSvc - ok

22:14:51.0796 1408 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

22:14:51.0796 1408 Null - ok

22:14:51.0828 1408 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

22:14:51.0828 1408 NwlnkFlt - ok

22:14:51.0843 1408 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

22:14:51.0843 1408 NwlnkFwd - ok

22:14:51.0859 1408 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

22:14:51.0859 1408 ohci1394 - ok

22:14:51.0890 1408 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\drivers\Parport.sys

22:14:51.0890 1408 Parport - ok

22:14:51.0890 1408 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

22:14:51.0890 1408 PartMgr - ok

22:14:51.0921 1408 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

22:14:51.0921 1408 ParVdm - ok

22:14:51.0937 1408 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys

22:14:51.0953 1408 PCI - ok

22:14:51.0953 1408 PCIDump - ok

22:14:51.0953 1408 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

22:14:51.0953 1408 PCIIde - ok

22:14:51.0984 1408 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

22:14:51.0984 1408 Pcmcia - ok

22:14:52.0000 1408 PDCOMP - ok

22:14:52.0000 1408 PDFRAME - ok

22:14:52.0000 1408 PDRELI - ok

22:14:52.0015 1408 PDRFRAME - ok

22:14:52.0015 1408 perc2 - ok

22:14:52.0015 1408 perc2hib - ok

22:14:52.0062 1408 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

22:14:52.0062 1408 PlugPlay - ok

22:14:52.0078 1408 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

22:14:52.0078 1408 PolicyAgent - ok

22:14:52.0109 1408 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

22:14:52.0109 1408 PptpMiniport - ok

22:14:52.0125 1408 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys

22:14:52.0125 1408 Processor - ok

22:14:52.0125 1408 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

22:14:52.0125 1408 ProtectedStorage - ok

22:14:52.0140 1408 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

22:14:52.0140 1408 PSched - ok

22:14:52.0140 1408 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

22:14:52.0140 1408 Ptilink - ok

22:14:52.0140 1408 ql1080 - ok

22:14:52.0156 1408 Ql10wnt - ok

22:14:52.0156 1408 ql12160 - ok

22:14:52.0156 1408 ql1240 - ok

22:14:52.0171 1408 ql1280 - ok

22:14:52.0203 1408 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

22:14:52.0203 1408 RasAcd - ok

22:14:52.0234 1408 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll

22:14:52.0234 1408 RasAuto - ok

22:14:52.0250 1408 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

22:14:52.0250 1408 Rasl2tp - ok

22:14:52.0281 1408 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll

22:14:52.0296 1408 RasMan - ok

22:14:52.0296 1408 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

22:14:52.0296 1408 RasPppoe - ok

22:14:52.0312 1408 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

22:14:52.0312 1408 Raspti - ok

22:14:52.0343 1408 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

22:14:52.0359 1408 Rdbss - ok

22:14:52.0359 1408 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

22:14:52.0359 1408 RDPCDD - ok

22:14:52.0406 1408 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

22:14:52.0421 1408 RDPWD - ok

22:14:52.0453 1408 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe

22:14:52.0453 1408 RDSessMgr - ok

22:14:52.0500 1408 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys

22:14:52.0500 1408 redbook - ok

22:14:52.0531 1408 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll

22:14:52.0531 1408 RemoteAccess - ok

22:14:52.0546 1408 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe

22:14:52.0562 1408 RpcLocator - ok

22:14:52.0593 1408 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

22:14:52.0593 1408 RpcSs - ok

22:14:52.0640 1408 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe

22:14:52.0656 1408 RSVP - ok

22:14:52.0671 1408 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys

22:14:52.0687 1408 RTL8023xp - ok

22:14:52.0718 1408 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

22:14:52.0718 1408 rtl8139 - ok

22:14:52.0734 1408 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

22:14:52.0734 1408 SamSs - ok

22:14:52.0750 1408 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe

22:14:52.0765 1408 SCardSvr - ok

22:14:52.0781 1408 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll

22:14:52.0812 1408 Schedule - ok

22:14:52.0843 1408 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

22:14:52.0843 1408 Secdrv - ok

22:14:52.0859 1408 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll

22:14:52.0859 1408 seclogon - ok

22:14:52.0875 1408 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll

22:14:52.0875 1408 SENS - ok

22:14:52.0890 1408 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys

22:14:52.0890 1408 Serial - ok

22:14:52.0921 1408 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

22:14:52.0921 1408 Sfloppy - ok

22:14:52.0984 1408 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll

22:14:52.0984 1408 SharedAccess - ok

22:14:53.0031 1408 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

22:14:53.0031 1408 ShellHWDetection - ok

22:14:53.0031 1408 Simbad - ok

22:14:53.0062 1408 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

22:14:53.0062 1408 SLIP - ok

22:14:53.0078 1408 Sparrow - ok

22:14:53.0140 1408 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

22:14:53.0140 1408 splitter - ok

22:14:53.0156 1408 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

22:14:53.0156 1408 Spooler - ok

22:14:53.0203 1408 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys

22:14:53.0203 1408 sr - ok

22:14:53.0234 1408 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll

22:14:53.0250 1408 srservice - ok

22:14:53.0296 1408 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

22:14:53.0312 1408 Srv - ok

22:14:53.0343 1408 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll

22:14:53.0343 1408 SSDPSRV - ok

22:14:53.0375 1408 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys

22:14:53.0375 1408 StarOpen - ok

22:14:53.0500 1408 STHDA (6b166d929f0e2d78fea1acddc5221f4c) C:\WINDOWS\system32\drivers\sthda.sys

22:14:53.0546 1408 STHDA - ok

22:14:53.0593 1408 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll

22:14:53.0609 1408 stisvc - ok

22:14:53.0687 1408 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

22:14:53.0687 1408 streamip - ok

22:14:53.0718 1408 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

22:14:53.0718 1408 swenum - ok

22:14:53.0765 1408 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

22:14:53.0765 1408 swmidi - ok

22:14:53.0781 1408 SwPrv - ok

22:14:53.0796 1408 symc810 - ok

22:14:53.0796 1408 symc8xx - ok

22:14:53.0796 1408 sym_hi - ok

22:14:53.0812 1408 sym_u3 - ok

22:14:53.0828 1408 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

22:14:53.0828 1408 sysaudio - ok

22:14:53.0859 1408 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe

22:14:53.0875 1408 SysmonLog - ok

22:14:53.0921 1408 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll

22:14:53.0937 1408 TapiSrv - ok

22:14:54.0000 1408 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

22:14:54.0031 1408 Tcpip - ok

22:14:54.0062 1408 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

22:14:54.0062 1408 TDPIPE - ok

22:14:54.0093 1408 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

22:14:54.0093 1408 TDTCP - ok

22:14:54.0109 1408 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

22:14:54.0109 1408 TermDD - ok

22:14:54.0156 1408 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll

22:14:54.0171 1408 TermService - ok

22:14:54.0218 1408 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

22:14:54.0218 1408 Themes - ok

22:14:54.0265 1408 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\WINDOWS\system32\drivers\tifm21.sys

22:14:54.0281 1408 tifm21 - ok

22:14:54.0296 1408 TosIde - ok

22:14:54.0328 1408 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll

22:14:54.0328 1408 TrkWks - ok

22:14:54.0375 1408 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

22:14:54.0375 1408 Udfs - ok

22:14:54.0375 1408 ultra - ok

22:14:54.0421 1408 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

22:14:54.0437 1408 Update - ok

22:14:54.0718 1408 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll

22:14:54.0734 1408 upnphost - ok

22:14:54.0765 1408 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe

22:14:54.0765 1408 UPS - ok

22:14:54.0796 1408 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

22:14:54.0796 1408 usbccgp - ok

22:14:54.0828 1408 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

22:14:54.0828 1408 usbehci - ok

22:14:54.0843 1408 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

22:14:54.0843 1408 usbhub - ok

22:14:54.0875 1408 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

22:14:54.0890 1408 usbohci - ok

22:14:54.0921 1408 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

22:14:54.0921 1408 usbprint - ok

22:14:54.0937 1408 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

22:14:54.0937 1408 USBSTOR - ok

22:14:54.0968 1408 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

22:14:54.0968 1408 usbuhci - ok

22:14:55.0015 1408 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

22:14:55.0015 1408 usb_rndisx - ok

22:14:55.0031 1408 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

22:14:55.0031 1408 VgaSave - ok

22:14:55.0046 1408 ViaIde - ok

22:14:55.0093 1408 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys

22:14:55.0093 1408 VolSnap - ok

22:14:55.0156 1408 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe

22:14:55.0171 1408 VSS - ok

22:14:55.0218 1408 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll

22:14:55.0218 1408 W32Time - ok

22:14:55.0328 1408 w39n51 (c79918a5bd269035f3a34d157401b9df) C:\WINDOWS\system32\DRIVERS\w39n51.sys

22:14:55.0375 1408 w39n51 - ok

22:14:55.0531 1408 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

22:14:55.0531 1408 Wanarp - ok

22:14:55.0546 1408 WDICA - ok

22:14:55.0593 1408 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

22:14:55.0593 1408 wdmaud - ok

22:14:55.0640 1408 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll

22:14:55.0640 1408 WebClient - ok

22:14:55.0718 1408 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll

22:14:55.0718 1408 winmgmt - ok

22:14:55.0812 1408 WinRM (250f8d15406269cb3a690b4a4859d92d) C:\WINDOWS\system32\WsmSvc.dll

22:14:55.0859 1408 WinRM - ok

22:14:55.0921 1408 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

22:14:55.0921 1408 WmdmPmSN - ok

22:14:55.0968 1408 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe

22:14:55.0984 1408 WmiApSrv - ok

22:14:56.0109 1408 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe

22:14:56.0140 1408 WMPNetworkSvc - ok

22:14:56.0296 1408 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

22:14:56.0343 1408 WPFFontCache_v0400 - ok

22:14:56.0453 1408 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll

22:14:56.0453 1408 wscsvc - ok

22:14:56.0500 1408 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

22:14:56.0500 1408 WSTCODEC - ok

22:14:56.0531 1408 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll

22:14:56.0546 1408 wuauserv - ok

22:14:56.0578 1408 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

22:14:56.0578 1408 WudfPf - ok

22:14:56.0593 1408 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

22:14:56.0593 1408 WudfRd - ok

22:14:56.0640 1408 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

22:14:56.0640 1408 WudfSvc - ok

22:14:56.0703 1408 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll

22:14:56.0750 1408 WZCSVC - ok

22:14:56.0765 1408 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll

22:14:56.0781 1408 xmlprov - ok

22:14:56.0859 1408 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

22:14:56.0921 1408 \Device\Harddisk0\DR0 - ok

22:14:56.0937 1408 Boot (0x1200) (ec62805660136197c86c685a32ce74f1) \Device\Harddisk0\DR0\Partition0

22:14:56.0937 1408 \Device\Harddisk0\DR0\Partition0 - ok

22:14:56.0953 1408 ============================================================

22:14:56.0953 1408 Scan finished

22:14:56.0953 1408 ============================================================

22:14:57.0000 1152 Detected object count: 0

22:14:57.0000 1152 Actual detected object count: 0

mvg,

Air

Link naar reactie
Delen op andere sites

Ik heb de discussie even heropend want het werk is nog niet gedaan.

TDSSKiller mag je weer verwijderen.

Download CCleaner. (Als je het nog niet hebt)

Let op bij de installatie.

Haal beide vinkjes weg bij de vraag over de Chrome browser.

Installeer het en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Bevestigen met JA of OK

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, lees dan deze handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar kunnen besmette herstelpunten tussen zitten die je zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen.

Doe dit via Configuratiescherm -> Prestaties en onderhoud -> Systeem -> tab Systeemherstel

Vink het vakje aan bij systeemherstel en klik OK.

Herstart de pc.

Ga opnieuw naar Configuratiescherm -> Prestaties en onderhoud -> Systeem -> tab Systeemherstel

Vink het vakje uit bij systeemherstel en klik OK.

Dan maak je een nieuw herstelpunt.

Ga naar Start - help en ondersteuning, bij kies een taak klik je op Wijzigingzen ongedaan maken met systeemherstel.

Selecteer herstelpunt aanmaken en klik op volgende.

Geef een beschrijving voor het herstelpunt en klik op aanmaken.

Je krijgt dan de melding dat het herstelpunt is aangemaakt en dan kan je alle vensters sluiten.

Nu zijn we rond en mag je de discussie weer als opgelost markeren.

Nog veel computerplezier :ciao:

Link naar reactie
Delen op andere sites

Die vraag over Chrome browser heb ik nergens gezien (denk ik), maar installatie is volgens mij toch gelukt zoals hierboven omschreven.

Moet ik af en toe nog actie ondernemen, ivm het herstelpunt ofzo?

hartelijk dank voor jullie hulp.

Mvg,

Air

Link naar reactie
Delen op andere sites

Het systeem maakt zelf automatisch herstelpunten aan bij het installeren of verwijderen van software of drivers.

Normaal maakt Windows XP bovendien ook dagelijks een herstelpunt aan.

Je kan controleren of dit is ingesteld.

Ga naar start - uitvoeren, typ regedit en klik OK.

Blader nu naar HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SystemRestore en kijk of de waarde RPGlobalInterval is ingesteld op 0x00015180 (86400).

Die 86400 zijn seconden en dit komt overeen met 24 uur. 0x00015180 is de hexadecimale waarde voor 86400.

Als dit een andere waarde heeft, kan je dubbelklikken op RPGlobalInterval, decimaal selecteren, 86400 ingeven en OK klikken.

Sluit dan de registereditor.

Ga naar start - uitvoeren, typ services.msc en klik OK.

Zoek nu naar Taakplanner of task scheduler. Deze moet normaal op automatisch staan.

Zoek nu naar Systeemherstel of System Restore Service. Deze moet normaal op automatisch staan.

Om eventueel aan te passen moet je dubbelklikken op de service.

Als beide services op automatisch staan, mag je het venster sluiten.

Als je aanpassingen hebt gedaan in het register of bij de services, moet je de pc herstarten.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.