bravo, mag ik vragen om een nieuwe scan te doen met combofix aub en daar de uitslag van neer te zetten.
Weergegeven resultaten: 11 t/m 20 van 58
Discussie: Vertraagde laptop met popups.
-
16 August 2010, 12:19 #11Erelid
- Geregistreerd
- 31 July 2006
- Locatie
- kotje aan de kust
- Berichten
- 3.653
- Bedankjes
- 1.008
- Bedankt
- 2.268 keer in 1.411 posts
"
"
-
De volgende gebruiker bedankt Juisterr voor deze nuttige post:
PeterN (16 August 2010)
-
16 August 2010, 16:12 #12Up-to-date
- Geregistreerd
- 5 August 2010
- Berichten
- 62
- Bedankjes
- 8
- Bedankt
- 7 keer in 7 posts
Log van comboFix. Mag ik aannemen dat het is gelukt ?
Ik hoop het, dan is in ieder geval die troep er af.
moet ik alleen nog even gaan rond vragen wat het probleem met me HD films is.
ComboFix 10-08-15.04 - Frank 16-08-2010 15:51:51.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.31.1043.18.3067.2101 [GMT 2:00]
Gestart vanuit: c:\users\Frank\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-16 to 2010-08-16 ))))))))))))))))))))))))))))))
.
2010-08-16 13:58 . 2010-08-16 13:58 -------- d-----w- c:\users\Frank\AppData\Local\temp
2010-08-16 13:58 . 2010-08-16 13:58 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-16 13:58 . 2010-08-16 13:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-15 20:05 . 2010-08-15 20:05 -------- d-----w- c:\users\Frank\Nieuwe map
2010-08-14 19:16 . 2010-08-14 19:16 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-14 18:51 . 2010-08-14 18:51 273960 ----a-w- c:\windows\system32\drivers\k57nd60x.sys
2010-08-14 18:18 . 2010-08-14 18:19 -------- d-----w- c:\program files\Uniblue
2010-08-14 18:15 . 2010-08-14 18:15 -------- d-----w- c:\program files\AutoUnpack
2010-08-14 18:10 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-08-14 17:35 . 2010-08-14 17:35 -------- d-----w- c:\programdata\Uniblue
2010-08-14 17:33 . 2010-08-14 17:34 5268200 ----a-w- c:\users\Frank\AppData\Roaming\Uniblue\DriverScann er\_temp\driverscanner.exe
2010-08-14 17:33 . 2010-08-14 17:33 5276232 ----a-w- c:\users\Frank\AppData\Roaming\Uniblue\SpeedUpMyPC \_temp\sump.exe
2010-08-14 17:32 . 2010-08-14 18:19 -------- d-----w- c:\users\Frank\AppData\Roaming\Uniblue
2010-08-14 17:25 . 2008-05-29 08:03 37176 ----a-w- c:\users\Frank\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2010-08-13 13:27 . 2010-08-13 13:32 -------- d-----w- c:\users\Frank\AppData\Roaming\vlc
2010-08-13 13:27 . 2010-08-13 13:27 -------- d-----w- c:\program files\VideoLAN
2010-08-12 13:33 . 2010-08-12 13:33 388096 ----a-r- c:\users\Frank\AppData\Roaming\Microsoft\Installer \{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-12 13:33 . 2010-08-12 13:33 -------- d-----w- c:\program files\Trend Micro
2010-08-12 11:01 . 2010-08-12 13:31 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2010-08-05 20:56 . 2010-08-05 20:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-08-05 11:34 . 2010-04-21 10:06 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
2010-08-05 11:34 . 2010-04-21 10:06 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
2010-08-05 11:34 . 2010-08-05 11:34 -------- d-----w- c:\program files\myBabylon_English
2010-08-04 21:02 . 2010-08-04 21:04 -------- d-----w- c:\users\Frank\AppData\Roaming\Media Player Classic
2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Conduit
2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Softonic-Eng7
2010-07-31 23:41 . 2010-06-08 09:28 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
2010-07-31 23:41 . 2010-06-08 09:28 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
2010-07-31 23:41 . 2010-08-01 15:13 -------- d-----w- c:\program files\The KMPlayer
2010-07-28 16:51 . 2010-07-28 16:51 -------- d-----w- c:\program files\iPod
2010-07-28 16:51 . 2010-07-28 16:52 -------- d-----w- c:\program files\iTunes
2010-07-28 16:48 . 2010-07-28 16:48 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-28 16:47 . 2010-07-28 16:47 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-25 17:01 . 2010-07-25 17:01 -------- d-----w- c:\program files\GrabIt
2010-07-25 14:05 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-22 12:07 . 2010-07-25 12:22 -------- d-----w- c:\users\Frank\AppData\Local\Hema Album Software Advanced
2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\programdata\Hema Album Software Advanced
2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\program files\Hema Album Software Advanced
2010-07-21 08:53 . 2010-07-21 08:53 1615200 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
2010-07-21 08:52 . 2010-07-21 08:52 1373536 ----a-w- c:\programdata\avg9\update\backup\avgssff.dll
2010-07-21 08:52 . 2010-07-21 08:52 1107296 ----a-w- c:\programdata\avg9\update\backup\avgxpl.dll
2010-07-21 08:52 . 2010-07-21 08:52 921440 ----a-w- c:\programdata\avg9\update\backup\avgemc.exe
2010-07-21 08:52 . 2010-07-21 08:52 4368224 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-07-20 10:45 . 2010-07-21 14:29 -------- d-----w- c:\programdata\FLEXnet
2010-07-20 10:35 . 2010-07-20 10:35 -------- d-----w- c:\program files\Adobe Media Player
2010-07-20 10:34 . 2010-07-20 10:34 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-20 10:31 . 2010-07-20 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-08-16 13:55 . 2009-07-14 08:27 691728 ----a-w- c:\windows\system32\perfh013.dat
2010-08-16 13:55 . 2009-07-14 08:27 130232 ----a-w- c:\windows\system32\perfc013.dat
2010-08-16 13:41 . 2010-03-09 08:35 0 ----a-w- c:\users\Frank\AppData\Local\prvlcl.dat
2010-08-16 09:44 . 2010-03-03 18:17 -------- d-----w- c:\users\Frank\AppData\Roaming\LimeWire
2010-08-14 15:57 . 2010-03-04 15:16 -------- d-----w- c:\program files\Ask.com
2010-08-10 10:10 . 2010-03-02 22:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-09 09:53 . 2010-03-03 09:52 -------- d-----w- c:\users\Frank\AppData\Roaming\GrabIt
2010-08-05 20:59 . 2010-03-02 22:11 -------- d-----w- c:\programdata\NVIDIA
2010-08-05 20:56 . 2010-03-02 22:09 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-05 08:55 . 2010-03-04 15:15 -------- d-----w- c:\users\Frank\AppData\Roaming\uTorrent
2010-08-01 17:11 . 2010-04-12 10:43 -------- d-----w- c:\users\Frank\AppData\Roaming\dvdcss
2010-08-01 15:22 . 2010-03-20 13:41 -------- d-----w- c:\programdata\DVD Shrink
2010-07-28 16:51 . 2010-04-11 10:36 -------- d-----w- c:\program files\Common Files\Apple
2010-07-28 16:48 . 2010-06-23 20:58 -------- d-----w- c:\program files\Safari
2010-07-27 23:01 . 2010-03-02 18:53 -------- d-----w- c:\program files\Windows Live
2010-07-25 14:05 . 2010-03-03 14:41 -------- d-----w- c:\program files\Java
2010-07-20 10:45 . 2010-03-02 18:47 67856 ----a-w- c:\users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-20 10:36 . 2010-03-02 22:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-16 12:55 . 2010-03-02 22:24 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-16 12:55 . 2010-07-16 12:55 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-16 12:54 . 2010-03-02 22:24 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-12 14:49 . 2010-03-20 13:47 -------- d-----w- c:\program files\DVD Shrink
2010-07-09 14:20 . 2010-07-09 14:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20 261736 ----a-w- c:\windows\system32\nvhotkey.dll
2010-07-09 14:20 . 2010-07-09 14:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20 1469544 ----a-w- c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20 13939816 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-06-24 09:45 . 2010-04-11 10:39 -------- d-----w- c:\users\Frank\AppData\Roaming\Apple Computer
2010-06-23 20:59 . 2010-06-23 20:59 -------- d-----w- c:\program files\Bonjour
2010-06-23 20:58 . 2010-06-23 20:58 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-21 22:07 . 2010-08-05 20:54 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2010-06-21 22:07 . 2010-03-02 22:09 232040 ----a-w- c:\windows\system32\nvcohda.dll
2010-06-21 22:07 . 2010-08-05 20:54 64104 ----a-w- c:\windows\system32\nvapo32v.dll
2010-06-21 22:07 . 2010-08-05 20:54 105576 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2010-06-03 09:03 . 2010-03-02 22:24 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-05-27 07:24 . 2010-06-11 10:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-11 10:48 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 05:18 . 2010-06-11 10:48 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-08-14_16.21.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-02 23:26 . 2010-08-16 13:52 20510 c:\windows\System32\wdi\ShutdownPerformanceDiagnos tics_SystemData.bin
- 2009-07-14 04:55 . 2010-08-14 16:14 40664 c:\windows\System32\wdi\BootPerformanceDiagnostics _SystemData.bin
+ 2009-07-14 04:55 . 2010-08-16 13:52 40664 c:\windows\System32\wdi\BootPerformanceDiagnostics _SystemData.bin
- 2009-07-14 04:50 . 2010-08-05 20:56 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2009-07-14 04:50 . 2010-08-14 18:51 86016 c:\windows\System32\DriverStore\infpub.dat
- 2010-03-02 17:33 . 2010-08-13 06:20 49152 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-02 17:33 . 2010-08-16 09:44 49152 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-20 10:58 . 2010-08-16 13:06 32768 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Internet Explorer\UserData\index.dat
- 2010-07-20 10:58 . 2010-08-14 15:11 32768 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Internet Explorer\UserData\index.dat
- 2009-07-14 04:41 . 2010-08-13 06:20 49152 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2009-07-14 04:41 . 2010-08-16 09:44 49152 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2010-03-02 19:45 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-02 19:45 . 2010-08-14 16:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-02 19:45 . 2010-08-16 09:44 32768 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 19:45 . 2010-08-14 16:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-02 19:45 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\History\History.IE5\index. dat
- 2010-03-02 19:45 . 2010-08-14 16:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\History\History.IE5\index. dat
+ 2010-03-02 21:04 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
- 2010-03-02 21:04 . 2010-08-14 16:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
- 2010-03-02 22:19 . 2010-08-14 16:16 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-02 22:19 . 2010-08-16 13:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-02 22:19 . 2010-08-16 13:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\History\History.IE5\index.dat
- 2010-03-02 22:19 . 2010-08-14 16:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\History\History.IE5\index.dat
- 2010-03-02 22:19 . 2010-08-14 16:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Cookies\index.dat
+ 2010-03-02 22:19 . 2010-08-16 13:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Cookies\index.dat
+ 2010-03-02 21:04 . 2010-08-16 13:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 21:04 . 2010-08-14 16:16 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 21:04 . 2010-08-14 16:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
+ 2010-03-02 21:04 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
+ 2010-03-02 22:13 . 2010-08-16 13:52 8484 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1647979850-1972059973-3787660427-1001_UserData.bin
- 2010-08-14 16:13 . 2010-08-14 16:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2010-08-16 13:50 . 2010-08-16 13:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2010-08-16 13:50 . 2010-08-16 13:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
- 2010-08-14 16:13 . 2010-08-14 16:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2010-03-03 09:09 . 2010-08-15 14:40 307332 c:\windows\System32\wdi\SuspendPerformanceDiagnost ics_SystemData_S4.bin
+ 2010-03-03 02:43 . 2010-08-15 10:03 360480 c:\windows\System32\wdi\SuspendPerformanceDiagnost ics_SystemData_S3.bin
- 2009-07-14 02:05 . 2010-08-14 16:18 607190 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2010-08-16 13:55 607190 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2010-08-14 16:18 103568 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2010-08-16 13:55 103568 c:\windows\System32\perfc009.dat
+ 2010-08-14 19:56 . 2010-08-14 19:56 232912 c:\windows\System32\Macromed\Flash\FlashUtil10i_Ac tiveX.exe
+ 2010-08-14 19:56 . 2010-08-14 19:56 311760 c:\windows\System32\Macromed\Flash\FlashUtil10i_Ac tiveX.dll
- 2009-07-14 04:50 . 2010-08-05 20:56 143360 c:\windows\System32\DriverStore\infstrng.dat
+ 2009-07-14 04:50 . 2010-08-14 18:51 143360 c:\windows\System32\DriverStore\infstrng.dat
- 2009-07-14 04:50 . 2010-08-05 20:55 143360 c:\windows\System32\DriverStore\infstor.dat
+ 2009-07-14 04:50 . 2010-08-14 18:51 143360 c:\windows\System32\DriverStore\infstor.dat
+ 2010-08-14 18:51 . 2010-08-14 18:51 273960 c:\windows\System32\DriverStore\FileRepository\k57 nd60x.inf_x86_neutral_e98e3b63cc265461\k57nd60x.sy s
- 2010-03-02 18:32 . 2010-08-14 15:11 245760 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-03-02 18:32 . 2010-08-16 13:06 245760 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\IETldCache\index.dat
- 2010-03-02 17:33 . 2010-08-13 06:20 442368 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-02 17:33 . 2010-08-16 09:44 442368 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 02:03 . 2010-08-15 16:44 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:03 . 2010-08-13 10:42 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-07-27 22:17 . 2010-07-27 22:17 2826192 c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyN ot.exe" [2009-07-14 354304]
"SpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\launcher.exe" [2010-06-25 67960]
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" [2010-07-20 67448]
"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-16 2065760]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-12-03 494112]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-03-10 200704]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-10 7703072]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
c:\users\Frank\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dl l
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Frank^AppData^Roamin g^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\Frank\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
2009-10-27 17:18 1103216 ----a-w- c:\program files\Download Manager\DLM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 13:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-20 691696]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-16 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-16 243024]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-16 308136]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-12-03 690720]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2010-08-14 273960]
S3 NETw5s32;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
Inhoud van de 'Gedeelde Taken' map
2010-08-16 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-08-14 14:23]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.babylon.com/home?AF=14542
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
************************************************** ************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86A7CB4C]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
SecurityProcedure -> 0x857c1ad8
QueryNameProcedure -> 0x857c1c68
user & kernel MBR OK
************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2010-08-16 16:00:35
ComboFix-quarantined-files.txt 2010-08-16 14:00
ComboFix2.txt 2010-08-14 16:22
Pre-Run: 381.647.204.352 bytes beschikbaar
Post-Run: 381.683.843.072 bytes beschikbaar
- - End Of File - - F460EDF77A76087F49578DFBC58D725C
-
16 August 2010, 21:53 #13Erelid
- Geregistreerd
- 31 July 2006
- Locatie
- kotje aan de kust
- Berichten
- 3.653
- Bedankjes
- 1.008
- Bedankt
- 2.268 keer in 1.411 posts
Downloadt TDSSKiller en plaats het op je bureaublad.
Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Klik op de knop "Start Scan" en volg de instructies.
Wanneer de scan klaar is klik je op de knop "Report".
Er opent een kladblokbestand. Post de inhoud van dit bestand."
"
-
17 August 2010, 04:24 #14Up-to-date
- Geregistreerd
- 5 August 2010
- Berichten
- 62
- Bedankjes
- 8
- Bedankt
- 7 keer in 7 posts
Log file:
2010/08/17 04:23:51.0212 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23
2010/08/17 04:23:51.0212 ================================================== ==============================
2010/08/17 04:23:51.0212 SystemInfo:
2010/08/17 04:23:51.0212
2010/08/17 04:23:51.0212 OS Version: 6.1.7600 ServicePack: 0.0
2010/08/17 04:23:51.0212 Product type: Workstation
2010/08/17 04:23:51.0212 ComputerName: FRANKHOMELAPTOP
2010/08/17 04:23:51.0212 UserName: Frank
2010/08/17 04:23:51.0212 Windows directory: C:\Windows
2010/08/17 04:23:51.0212 System windows directory: C:\Windows
2010/08/17 04:23:51.0212 Processor architecture: Intel x86
2010/08/17 04:23:51.0212 Number of processors: 2
2010/08/17 04:23:51.0212 Page size: 0x1000
2010/08/17 04:23:51.0212 Boot type: Normal boot
2010/08/17 04:23:51.0212 ================================================== ==============================
2010/08/17 04:23:51.0493 Initialize success
2010/08/17 04:23:53.0849 ================================================== ==============================
2010/08/17 04:23:53.0849 Scan started
2010/08/17 04:23:53.0849 Mode: Manual;
2010/08/17 04:23:53.0849 ================================================== ==============================
2010/08/17 04:23:55.0128 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/08/17 04:23:55.0237 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2010/08/17 04:23:55.0284 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/08/17 04:23:55.0331 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2010/08/17 04:23:55.0393 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/08/17 04:23:55.0424 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2010/08/17 04:23:55.0455 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2010/08/17 04:23:55.0565 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2010/08/17 04:23:55.0643 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
2010/08/17 04:23:55.0721 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2010/08/17 04:23:55.0752 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2010/08/17 04:23:55.0830 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2010/08/17 04:23:55.0861 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2010/08/17 04:23:55.0892 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2010/08/17 04:23:55.0923 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2010/08/17 04:23:55.0955 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2010/08/17 04:23:55.0986 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2010/08/17 04:23:56.0017 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/08/17 04:23:56.0079 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2010/08/17 04:23:56.0126 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2010/08/17 04:23:56.0204 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2010/08/17 04:23:56.0235 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2010/08/17 04:23:56.0267 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/08/17 04:23:56.0329 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2010/08/17 04:23:56.0423 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
2010/08/17 04:23:56.0454 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
2010/08/17 04:23:56.0516 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\System32\Drivers\avgtdix.sys
2010/08/17 04:23:56.0594 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2010/08/17 04:23:56.0672 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/08/17 04:23:56.0735 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2010/08/17 04:23:56.0813 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/08/17 04:23:56.0891 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2010/08/17 04:23:56.0922 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/08/17 04:23:56.0937 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/08/17 04:23:56.0984 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2010/08/17 04:23:57.0015 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/08/17 04:23:57.0047 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/08/17 04:23:57.0078 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/08/17 04:23:57.0125 BthAvrcp (db99076533ffb38cbec8ac88e4535850) C:\Windows\system32\DRIVERS\BthAvrcp.sys
2010/08/17 04:23:57.0187 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/08/17 04:23:57.0218 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/08/17 04:23:57.0265 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2010/08/17 04:23:57.0312 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
2010/08/17 04:23:57.0390 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
2010/08/17 04:23:57.0671 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2010/08/17 04:23:57.0733 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2010/08/17 04:23:57.0795 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2010/08/17 04:23:57.0858 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2010/08/17 04:23:57.0920 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/08/17 04:23:57.0951 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2010/08/17 04:23:58.0014 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2010/08/17 04:23:58.0061 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2010/08/17 04:23:58.0107 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/08/17 04:23:58.0154 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/08/17 04:23:58.0232 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2010/08/17 04:23:58.0310 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2010/08/17 04:23:58.0404 CVPNDRVA (abfc32542e2f283c7a1dc7a47467f967) C:\Windows\system32\Drivers\CVPNDRVA.sys
2010/08/17 04:23:58.0497 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2010/08/17 04:23:58.0560 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2010/08/17 04:23:58.0622 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2010/08/17 04:23:58.0700 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
2010/08/17 04:23:58.0778 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2010/08/17 04:23:58.0825 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2010/08/17 04:23:58.0981 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2010/08/17 04:23:59.0121 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2010/08/17 04:23:59.0168 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2010/08/17 04:23:59.0277 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2010/08/17 04:23:59.0293 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2010/08/17 04:23:59.0340 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2010/08/17 04:23:59.0402 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2010/08/17 04:23:59.0433 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2010/08/17 04:23:59.0465 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/08/17 04:23:59.0543 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2010/08/17 04:23:59.0589 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2010/08/17 04:23:59.0621 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2010/08/17 04:23:59.0683 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2010/08/17 04:23:59.0730 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/08/17 04:23:59.0808 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/08/17 04:23:59.0839 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2010/08/17 04:23:59.0886 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2010/08/17 04:23:59.0933 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/08/17 04:23:59.0964 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/08/17 04:23:59.0995 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2010/08/17 04:24:00.0042 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2010/08/17 04:24:00.0089 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2010/08/17 04:24:00.0135 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/08/17 04:24:00.0182 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2010/08/17 04:24:00.0229 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2010/08/17 04:24:00.0245 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/08/17 04:24:00.0291 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/08/17 04:24:00.0323 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2010/08/17 04:24:00.0385 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
2010/08/17 04:24:00.0494 IntcAzAudAddService (b29e79c67f3779e70ba187e31b639ebc) C:\Windows\system32\drivers\RTKVHDA.sys
2010/08/17 04:24:00.0572 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2010/08/17 04:24:00.0619 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2010/08/17 04:24:00.0650 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/08/17 04:24:00.0697 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/08/17 04:24:00.0713 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2010/08/17 04:24:00.0775 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2010/08/17 04:24:00.0806 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2010/08/17 04:24:00.0837 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/08/17 04:24:00.0915 k57nd60x (7ea81534e80570bdf6ee4a4248bba4d6) C:\Windows\system32\DRIVERS\k57nd60x.sys
2010/08/17 04:24:00.0947 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/08/17 04:24:00.0993 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/08/17 04:24:01.0056 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2010/08/17 04:24:01.0118 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2010/08/17 04:24:01.0212 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/08/17 04:24:01.0274 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/08/17 04:24:01.0305 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/08/17 04:24:01.0337 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/08/17 04:24:01.0368 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/08/17 04:24:01.0399 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2010/08/17 04:24:01.0430 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2010/08/17 04:24:01.0461 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/08/17 04:24:01.0508 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2010/08/17 04:24:01.0555 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2010/08/17 04:24:01.0586 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2010/08/17 04:24:01.0617 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2010/08/17 04:24:01.0664 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2010/08/17 04:24:01.0695 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2010/08/17 04:24:01.0727 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2010/08/17 04:24:01.0773 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2010/08/17 04:24:01.0820 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/08/17 04:24:01.0851 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/08/17 04:24:01.0883 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/08/17 04:24:01.0914 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2010/08/17 04:24:01.0945 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2010/08/17 04:24:01.0992 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2010/08/17 04:24:02.0023 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2010/08/17 04:24:02.0039 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/08/17 04:24:02.0101 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2010/08/17 04:24:02.0117 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/08/17 04:24:02.0132 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2010/08/17 04:24:02.0163 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2010/08/17 04:24:02.0210 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/08/17 04:24:02.0241 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2010/08/17 04:24:02.0304 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/08/17 04:24:02.0366 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2010/08/17 04:24:02.0413 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2010/08/17 04:24:02.0522 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2010/08/17 04:24:02.0569 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/08/17 04:24:02.0631 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/08/17 04:24:02.0663 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/08/17 04:24:02.0694 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/08/17 04:24:02.0709 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2010/08/17 04:24:02.0787 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2010/08/17 04:24:02.0850 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2010/08/17 04:24:03.0068 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\Windows\system32\DRIVERS\NETw5s32.sys
2010/08/17 04:24:03.0302 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
2010/08/17 04:24:03.0443 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/08/17 04:24:03.0521 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2010/08/17 04:24:03.0567 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2010/08/17 04:24:03.0630 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2010/08/17 04:24:03.0692 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2010/08/17 04:24:03.0755 NVHDA (b4f70fac4ea61cf150823aa063a39ff9) C:\Windows\system32\drivers\nvhda32v.sys
2010/08/17 04:24:04.0020 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/08/17 04:24:04.0301 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/08/17 04:24:04.0332 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2010/08/17 04:24:04.0363 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/08/17 04:24:04.0410 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/08/17 04:24:04.0457 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2010/08/17 04:24:04.0535 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2010/08/17 04:24:04.0566 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2010/08/17 04:24:04.0628 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2010/08/17 04:24:04.0659 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2010/08/17 04:24:04.0691 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/08/17 04:24:04.0722 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2010/08/17 04:24:04.0753 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2010/08/17 04:24:04.0893 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2010/08/17 04:24:04.0909 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2010/08/17 04:24:05.0003 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2010/08/17 04:24:05.0065 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2010/08/17 04:24:05.0112 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/08/17 04:24:05.0315 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2010/08/17 04:24:05.0330 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2010/08/17 04:24:05.0393 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/08/17 04:24:05.0408 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/08/17 04:24:05.0439 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/08/17 04:24:05.0471 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2010/08/17 04:24:05.0564 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2010/08/17 04:24:05.0595 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/08/17 04:24:05.0627 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/08/17 04:24:05.0673 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2010/08/17 04:24:05.0705 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2010/08/17 04:24:05.0736 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2010/08/17 04:24:05.0767 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2010/08/17 04:24:05.0829 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2010/08/17 04:24:05.0892 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/08/17 04:24:05.0970 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2010/08/17 04:24:06.0017 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/08/17 04:24:06.0063 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/08/17 04:24:06.0110 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2010/08/17 04:24:06.0157 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/08/17 04:24:06.0219 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2010/08/17 04:24:06.0282 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2010/08/17 04:24:06.0329 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2010/08/17 04:24:06.0391 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/08/17 04:24:06.0422 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/08/17 04:24:06.0469 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/08/17 04:24:06.0500 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/08/17 04:24:06.0531 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2010/08/17 04:24:06.0563 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/08/17 04:24:06.0594 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/08/17 04:24:06.0656 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2010/08/17 04:24:06.0703 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2010/08/17 04:24:06.0781 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2010/08/17 04:24:06.0843 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys
2010/08/17 04:24:06.0890 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
2010/08/17 04:24:06.0953 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys
2010/08/17 04:24:06.0999 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2010/08/17 04:24:07.0062 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/08/17 04:24:07.0093 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2010/08/17 04:24:07.0124 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2010/08/17 04:24:07.0218 SynTP (6bef3acd6ee22eec55b68699e8aace09) C:\Windows\system32\DRIVERS\SynTP.sys
2010/08/17 04:24:07.0405 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
2010/08/17 04:24:07.0577 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
2010/08/17 04:24:07.0639 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2010/08/17 04:24:07.0686 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2010/08/17 04:24:07.0701 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2010/08/17 04:24:07.0764 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2010/08/17 04:24:07.0842 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2010/08/17 04:24:07.0920 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/08/17 04:24:07.0951 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2010/08/17 04:24:07.0982 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2010/08/17 04:24:08.0029 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2010/08/17 04:24:08.0060 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/08/17 04:24:08.0091 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2010/08/17 04:24:08.0123 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2010/08/17 04:24:08.0216 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/08/17 04:24:08.0263 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/08/17 04:24:08.0310 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2010/08/17 04:24:08.0341 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2010/08/17 04:24:08.0372 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2010/08/17 04:24:08.0403 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2010/08/17 04:24:08.0419 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2010/08/17 04:24:08.0481 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2010/08/17 04:24:08.0497 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/08/17 04:24:08.0528 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/08/17 04:24:08.0575 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
2010/08/17 04:24:08.0637 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/08/17 04:24:08.0684 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/08/17 04:24:08.0715 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2010/08/17 04:24:08.0747 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/08/17 04:24:08.0793 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2010/08/17 04:24:08.0809 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2010/08/17 04:24:08.0840 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2010/08/17 04:24:08.0887 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2010/08/17 04:24:08.0918 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2010/08/17 04:24:08.0965 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/08/17 04:24:09.0074 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2010/08/17 04:24:09.0137 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2010/08/17 04:24:09.0199 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/08/17 04:24:09.0230 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2010/08/17 04:24:09.0261 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/08/17 04:24:09.0293 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2010/08/17 04:24:09.0339 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2010/08/17 04:24:09.0386 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/17 04:24:09.0402 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/17 04:24:09.0464 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2010/08/17 04:24:09.0542 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2010/08/17 04:24:09.0620 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/08/17 04:24:09.0651 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2010/08/17 04:24:09.0745 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2010/08/17 04:24:09.0776 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/08/17 04:24:09.0839 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/08/17 04:24:09.0870 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2010/08/17 04:24:09.0917 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/08/17 04:24:10.0026 ================================================== ==============================
2010/08/17 04:24:10.0026 Scan finished
2010/08/17 04:24:10.0026 ================================================== ==============================
-
17 August 2010, 22:10 #15Erelid
- Geregistreerd
- 31 July 2006
- Locatie
- kotje aan de kust
- Berichten
- 3.653
- Bedankjes
- 1.008
- Bedankt
- 2.268 keer in 1.411 posts
Hi,
Nieuw combofix logje maken aub en de uitslag plaatsen."
"
-
17 August 2010, 23:46 #16Up-to-date
- Geregistreerd
- 5 August 2010
- Berichten
- 62
- Bedankjes
- 8
- Bedankt
- 7 keer in 7 posts
logje :
ComboFix 10-08-17.02 - Frank 17-08-2010 23:26:10.3.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.31.1043.18.3067.2108 [GMT 2:00]
Gestart vanuit: c:\users\Frank\Desktop\ComboFix.exe
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-17 to 2010-08-17 ))))))))))))))))))))))))))))))
.
2010-08-17 21:32 . 2010-08-17 21:33 -------- d-----w- c:\users\Frank\AppData\Local\temp
2010-08-17 21:32 . 2010-08-17 21:32 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-17 21:32 . 2010-08-17 21:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-17 12:27 . 2010-08-17 12:27 -------- d-----w- c:\windows\Sun
2010-08-16 14:20 . 2010-08-16 14:20 -------- d--h--w- c:\windows\msdownld.tmp
2010-08-16 14:20 . 2010-08-17 02:36 -------- d-----w- c:\program files\XBMC
2010-08-15 20:05 . 2010-08-16 14:10 -------- d-----w- c:\users\Frank\Nieuwe map
2010-08-14 19:16 . 2010-08-14 19:16 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-14 18:51 . 2010-08-14 18:51 273960 ----a-w- c:\windows\system32\drivers\k57nd60x.sys
2010-08-14 18:18 . 2010-08-14 18:19 -------- d-----w- c:\program files\Uniblue
2010-08-14 18:15 . 2010-08-14 18:15 -------- d-----w- c:\program files\AutoUnpack
2010-08-14 18:10 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-08-14 17:35 . 2010-08-14 17:35 -------- d-----w- c:\programdata\Uniblue
2010-08-14 17:33 . 2010-08-14 17:34 5268200 ----a-w- c:\users\Frank\AppData\Roaming\Uniblue\DriverScann er\_temp\driverscanner.exe
2010-08-14 17:33 . 2010-08-14 17:33 5276232 ----a-w- c:\users\Frank\AppData\Roaming\Uniblue\SpeedUpMyPC \_temp\sump.exe
2010-08-14 17:32 . 2010-08-14 18:19 -------- d-----w- c:\users\Frank\AppData\Roaming\Uniblue
2010-08-14 17:25 . 2008-05-29 08:03 37176 ----a-w- c:\users\Frank\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2010-08-13 13:27 . 2010-08-13 13:32 -------- d-----w- c:\users\Frank\AppData\Roaming\vlc
2010-08-13 13:27 . 2010-08-13 13:27 -------- d-----w- c:\program files\VideoLAN
2010-08-12 13:33 . 2010-08-12 13:33 388096 ----a-r- c:\users\Frank\AppData\Roaming\Microsoft\Installer \{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-12 13:33 . 2010-08-12 13:33 -------- d-----w- c:\program files\Trend Micro
2010-08-12 11:01 . 2010-08-12 13:31 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2010-08-05 20:56 . 2010-08-05 20:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-08-05 11:34 . 2010-04-21 10:06 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
2010-08-05 11:34 . 2010-04-21 10:06 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
2010-08-05 11:34 . 2010-08-05 11:34 -------- d-----w- c:\program files\myBabylon_English
2010-08-04 21:02 . 2010-08-04 21:04 -------- d-----w- c:\users\Frank\AppData\Roaming\Media Player Classic
2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Conduit
2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Softonic-Eng7
2010-07-31 23:41 . 2010-06-08 09:28 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
2010-07-31 23:41 . 2010-06-08 09:28 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
2010-07-31 23:41 . 2010-08-01 15:13 -------- d-----w- c:\program files\The KMPlayer
2010-07-28 16:51 . 2010-07-28 16:51 -------- d-----w- c:\program files\iPod
2010-07-28 16:51 . 2010-07-28 16:52 -------- d-----w- c:\program files\iTunes
2010-07-28 16:48 . 2010-07-28 16:48 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-28 16:47 . 2010-07-28 16:47 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-25 17:01 . 2010-07-25 17:01 -------- d-----w- c:\program files\GrabIt
2010-07-25 14:05 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-22 12:07 . 2010-07-25 12:22 -------- d-----w- c:\users\Frank\AppData\Local\Hema Album Software Advanced
2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\programdata\Hema Album Software Advanced
2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\program files\Hema Album Software Advanced
2010-07-21 08:53 . 2010-07-21 08:53 1615200 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
2010-07-21 08:52 . 2010-07-21 08:52 1373536 ----a-w- c:\programdata\avg9\update\backup\avgssff.dll
2010-07-21 08:52 . 2010-07-21 08:52 1107296 ----a-w- c:\programdata\avg9\update\backup\avgxpl.dll
2010-07-21 08:52 . 2010-07-21 08:52 921440 ----a-w- c:\programdata\avg9\update\backup\avgemc.exe
2010-07-21 08:52 . 2010-07-21 08:52 4368224 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-07-20 10:45 . 2010-07-21 14:29 -------- d-----w- c:\programdata\FLEXnet
2010-07-20 10:35 . 2010-07-20 10:35 -------- d-----w- c:\program files\Adobe Media Player
2010-07-20 10:34 . 2010-07-20 10:34 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-20 10:31 . 2010-07-20 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-08-17 21:30 . 2009-07-14 08:27 691728 ----a-w- c:\windows\system32\perfh013.dat
2010-08-17 21:30 . 2009-07-14 08:27 130232 ----a-w- c:\windows\system32\perfc013.dat
2010-08-17 20:11 . 2010-03-09 08:35 0 ----a-w- c:\users\Frank\AppData\Local\prvlcl.dat
2010-08-17 20:01 . 2010-03-03 09:52 -------- d-----w- c:\users\Frank\AppData\Roaming\GrabIt
2010-08-16 15:40 . 2010-03-03 09:34 -------- d-----w- c:\program files\FTDv3.8
2010-08-16 14:00 . 2010-03-03 18:17 -------- d-----w- c:\users\Frank\AppData\Roaming\LimeWire
2010-08-14 15:57 . 2010-03-04 15:16 -------- d-----w- c:\program files\Ask.com
2010-08-10 10:10 . 2010-03-02 22:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-05 20:59 . 2010-03-02 22:11 -------- d-----w- c:\programdata\NVIDIA
2010-08-05 20:56 . 2010-03-02 22:09 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-05 08:55 . 2010-03-04 15:15 -------- d-----w- c:\users\Frank\AppData\Roaming\uTorrent
2010-08-01 17:11 . 2010-04-12 10:43 -------- d-----w- c:\users\Frank\AppData\Roaming\dvdcss
2010-08-01 15:22 . 2010-03-20 13:41 -------- d-----w- c:\programdata\DVD Shrink
2010-07-28 16:51 . 2010-04-11 10:36 -------- d-----w- c:\program files\Common Files\Apple
2010-07-28 16:48 . 2010-06-23 20:58 -------- d-----w- c:\program files\Safari
2010-07-27 23:01 . 2010-03-02 18:53 -------- d-----w- c:\program files\Windows Live
2010-07-25 14:05 . 2010-03-03 14:41 -------- d-----w- c:\program files\Java
2010-07-20 10:45 . 2010-03-02 18:47 67856 ----a-w- c:\users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-20 10:36 . 2010-03-02 22:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-16 12:55 . 2010-03-02 22:24 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-16 12:55 . 2010-07-16 12:55 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-16 12:54 . 2010-03-02 22:24 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-12 14:49 . 2010-03-20 13:47 -------- d-----w- c:\program files\DVD Shrink
2010-07-09 14:20 . 2010-07-09 14:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20 261736 ----a-w- c:\windows\system32\nvhotkey.dll
2010-07-09 14:20 . 2010-07-09 14:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20 1469544 ----a-w- c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20 13939816 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-06-24 09:45 . 2010-04-11 10:39 -------- d-----w- c:\users\Frank\AppData\Roaming\Apple Computer
2010-06-23 20:59 . 2010-06-23 20:59 -------- d-----w- c:\program files\Bonjour
2010-06-23 20:58 . 2010-06-23 20:58 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-21 22:07 . 2010-08-05 20:54 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2010-06-21 22:07 . 2010-03-02 22:09 232040 ----a-w- c:\windows\system32\nvcohda.dll
2010-06-21 22:07 . 2010-08-05 20:54 64104 ----a-w- c:\windows\system32\nvapo32v.dll
2010-06-21 22:07 . 2010-08-05 20:54 105576 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2010-06-03 09:03 . 2010-03-02 22:24 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-06-02 02:55 . 2010-08-16 14:21 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-08-16 14:21 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-08-16 14:21 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-27 07:24 . 2010-06-11 10:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-11 10:48 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 09:41 . 2010-08-16 14:21 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-21 05:18 . 2010-06-11 10:48 977920 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-08-16_13.58.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-16 14:21 . 2010-02-04 08:01 74072 c:\windows\System32\XAPOFX1_4.dll
+ 2010-08-16 14:21 . 2010-02-04 08:01 22360 c:\windows\System32\X3DAudio1_7.dll
+ 2009-07-14 04:55 . 2010-08-17 21:26 40664 c:\windows\System32\wdi\BootPerformanceDiagnostics _SystemData.bin
- 2009-07-14 04:55 . 2010-08-16 13:52 40664 c:\windows\System32\wdi\BootPerformanceDiagnostics _SystemData.bin
+ 2010-03-02 17:33 . 2010-08-16 13:50 49152 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-02 17:33 . 2010-08-16 09:44 49152 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-20 10:58 . 2010-08-17 13:28 32768 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Internet Explorer\UserData\index.dat
- 2010-07-20 10:58 . 2010-08-16 13:06 32768 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Internet Explorer\UserData\index.dat
- 2009-07-14 04:41 . 2010-08-16 09:44 49152 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2009-07-14 04:41 . 2010-08-16 13:50 49152 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2010-03-02 19:45 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-02 19:45 . 2010-08-16 14:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-02 19:45 . 2010-08-16 14:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 19:45 . 2010-08-16 09:44 32768 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 19:45 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\History\History.IE5\index. dat
+ 2010-03-02 19:45 . 2010-08-16 14:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\History\History.IE5\index. dat
+ 2010-03-02 21:04 . 2010-08-16 13:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
- 2010-03-02 21:04 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-02 22:19 . 2010-08-17 21:08 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 22:19 . 2010-08-16 13:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 22:19 . 2010-08-16 13:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\History\History.IE5\index.dat
+ 2010-03-02 22:19 . 2010-08-17 21:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\History\History.IE5\index.dat
- 2010-03-02 22:19 . 2010-08-16 13:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Cookies\index.dat
+ 2010-03-02 22:19 . 2010-08-17 21:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Temp\Cookies\index.dat
- 2010-03-02 21:04 . 2010-08-16 13:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-02 21:04 . 2010-08-17 21:08 32768 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-02 21:04 . 2010-08-16 13:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
- 2010-03-02 21:04 . 2010-08-16 09:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
+ 2010-03-02 22:13 . 2010-08-17 21:26 8508 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1647979850-1972059973-3787660427-1001_UserData.bin
- 2010-08-16 13:50 . 2010-08-16 13:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2010-08-17 21:25 . 2010-08-17 21:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2010-08-17 21:25 . 2010-08-17 21:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
- 2010-08-16 13:50 . 2010-08-16 13:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2010-08-16 14:21 . 2010-02-04 08:01 528216 c:\windows\System32\XAudio2_6.dll
+ 2010-08-16 14:21 . 2010-02-04 08:01 238936 c:\windows\System32\xactengine3_6.dll
+ 2010-03-03 02:43 . 2010-08-17 14:29 360752 c:\windows\System32\wdi\SuspendPerformanceDiagnost ics_SystemData_S3.bin
+ 2009-07-14 02:05 . 2010-08-17 21:30 607190 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2010-08-16 13:55 607190 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2010-08-17 21:30 103568 c:\windows\System32\perfc009.dat
- 2009-07-14 02:05 . 2010-08-16 13:55 103568 c:\windows\System32\perfc009.dat
- 2010-03-02 18:32 . 2010-08-16 13:06 245760 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-03-02 18:32 . 2010-08-17 13:28 245760 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-03-02 17:33 . 2010-08-16 13:50 442368 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 17:33 . 2010-08-16 09:44 442368 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:47 . 2010-08-17 21:23 353024 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-System.dat
- 2009-07-14 04:47 . 2010-08-05 20:58 353024 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-System.dat
+ 2010-03-02 23:23 . 2010-08-17 21:23 587136 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-S-1-5-21-1647979850-1972059973-3787660427-1001-12288.dat
- 2009-07-14 02:03 . 2010-08-15 16:44 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:03 . 2010-08-16 17:50 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyN ot.exe" [2009-07-14 354304]
"SpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\launcher.exe" [2010-06-25 67960]
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" [2010-07-20 67448]
"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-16 2065760]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-12-03 494112]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-03-10 200704]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-10 7703072]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
c:\users\Frank\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dl l
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Frank^AppData^Roamin g^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\Frank\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
2009-10-27 17:18 1103216 ----a-w- c:\program files\Download Manager\DLM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 13:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-20 691696]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-16 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-16 243024]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-16 308136]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-12-03 690720]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2010-08-14 273960]
S3 NETw5s32;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
Inhoud van de 'Gedeelde Taken' map
2010-08-17 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-08-14 14:23]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.babylon.com/home?AF=14542
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
************************************************** ************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86AAEB4C]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
SecurityProcedure -> 0x857c1ad8
QueryNameProcedure -> 0x857c1c68
user & kernel MBR OK
************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2010-08-17 23:34:42
ComboFix-quarantined-files.txt 2010-08-17 21:34
ComboFix2.txt 2010-08-16 14:00
ComboFix3.txt 2010-08-14 16:22
Pre-Run: 379.170.291.712 bytes beschikbaar
Post-Run: 379.115.728.896 bytes beschikbaar
- - End Of File - - 858FB4A50088999319F4A2AC2408A5A5
-
18 August 2010, 12:55 #17Erelid
- Geregistreerd
- 31 July 2006
- Locatie
- kotje aan de kust
- Berichten
- 3.653
- Bedankjes
- 1.008
- Bedankt
- 2.268 keer in 1.411 posts
Ga naar Start - Uitvoeren
en Geef hier het volgende in: Combofix /Uninstall
Druk daarna op OK.
Als het goed is krijg je dan een melding dat Combofix verwijderd werd.
Voorbeeld:
Uitvoeren kan ook gestart worden door de toetsencombinatie
start opnieuw op."
"
-
18 August 2010, 12:56 #18Erelid
- Geregistreerd
- 31 July 2006
- Locatie
- kotje aan de kust
- Berichten
- 3.653
- Bedankjes
- 1.008
- Bedankt
- 2.268 keer in 1.411 posts
Downloadt TDSSKiller en plaats het op je bureaublad.
Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Klik op de knop "Start Scan" en volg de instructies.
Wanneer de scan klaar is klik je op de knop "Report".
Er opent een kladblokbestand. Post de inhoud van dit bestand.
Download nu opnieuw combofix volgens de al eerder gegeven richtlijnen. Doe een scan en plaats de uitslag aub."
"
-
18 August 2010, 17:10 #19Up-to-date
- Geregistreerd
- 5 August 2010
- Berichten
- 62
- Bedankjes
- 8
- Bedankt
- 7 keer in 7 posts
2010/08/18 17:09:35.0158 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23
2010/08/18 17:09:35.0158 ================================================== ==============================
2010/08/18 17:09:35.0158 SystemInfo:
2010/08/18 17:09:35.0158
2010/08/18 17:09:35.0158 OS Version: 6.1.7600 ServicePack: 0.0
2010/08/18 17:09:35.0158 Product type: Workstation
2010/08/18 17:09:35.0158 ComputerName: FRANKHOMELAPTOP
2010/08/18 17:09:35.0158 UserName: Frank
2010/08/18 17:09:35.0158 Windows directory: C:\Windows
2010/08/18 17:09:35.0158 System windows directory: C:\Windows
2010/08/18 17:09:35.0158 Processor architecture: Intel x86
2010/08/18 17:09:35.0158 Number of processors: 2
2010/08/18 17:09:35.0158 Page size: 0x1000
2010/08/18 17:09:35.0158 Boot type: Normal boot
2010/08/18 17:09:35.0158 ================================================== ==============================
2010/08/18 17:09:35.0611 Initialize success
2010/08/18 17:09:39.0916 ================================================== ==============================
2010/08/18 17:09:39.0916 Scan started
2010/08/18 17:09:39.0916 Mode: Manual;
2010/08/18 17:09:39.0916 ================================================== ==============================
2010/08/18 17:09:41.0913 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/08/18 17:09:42.0210 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2010/08/18 17:09:42.0397 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/08/18 17:09:42.0506 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2010/08/18 17:09:42.0631 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/08/18 17:09:42.0678 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2010/08/18 17:09:42.0709 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2010/08/18 17:09:42.0943 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2010/08/18 17:09:43.0177 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
2010/08/18 17:09:43.0255 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2010/08/18 17:09:43.0317 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2010/08/18 17:09:43.0598 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2010/08/18 17:09:43.0629 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2010/08/18 17:09:43.0660 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2010/08/18 17:09:43.0738 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2010/08/18 17:09:43.0785 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2010/08/18 17:09:43.0848 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2010/08/18 17:09:43.0879 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/08/18 17:09:43.0957 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2010/08/18 17:09:44.0050 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2010/08/18 17:09:44.0160 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2010/08/18 17:09:44.0191 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2010/08/18 17:09:44.0238 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/08/18 17:09:44.0284 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2010/08/18 17:09:44.0394 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
2010/08/18 17:09:44.0425 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
2010/08/18 17:09:44.0503 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\System32\Drivers\avgtdix.sys
2010/08/18 17:09:44.0565 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2010/08/18 17:09:44.0643 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/08/18 17:09:45.0096 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2010/08/18 17:09:45.0174 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/08/18 17:09:45.0283 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2010/08/18 17:09:45.0314 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/08/18 17:09:45.0361 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/08/18 17:09:45.0423 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2010/08/18 17:09:45.0501 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/08/18 17:09:45.0532 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/08/18 17:09:45.0564 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/08/18 17:09:45.0642 BthAvrcp (db99076533ffb38cbec8ac88e4535850) C:\Windows\system32\DRIVERS\BthAvrcp.sys
2010/08/18 17:09:45.0720 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/08/18 17:09:45.0766 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/08/18 17:09:45.0798 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2010/08/18 17:09:45.0876 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
2010/08/18 17:09:45.0969 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
2010/08/18 17:09:46.0609 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2010/08/18 17:09:46.0812 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2010/08/18 17:09:47.0077 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2010/08/18 17:09:47.0155 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2010/08/18 17:09:47.0529 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/08/18 17:09:47.0841 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2010/08/18 17:09:48.0091 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2010/08/18 17:09:48.0247 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2010/08/18 17:09:48.0403 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/08/18 17:09:48.0450 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/08/18 17:09:48.0606 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2010/08/18 17:09:48.0871 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2010/08/18 17:09:49.0058 CVPNDRVA (abfc32542e2f283c7a1dc7a47467f967) C:\Windows\system32\Drivers\CVPNDRVA.sys
2010/08/18 17:09:49.0230 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2010/08/18 17:09:49.0386 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2010/08/18 17:09:49.0651 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2010/08/18 17:09:49.0869 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
2010/08/18 17:09:50.0228 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2010/08/18 17:09:50.0914 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2010/08/18 17:09:51.0866 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2010/08/18 17:09:52.0428 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2010/08/18 17:09:52.0927 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2010/08/18 17:09:53.0348 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2010/08/18 17:09:53.0613 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2010/08/18 17:09:53.0832 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2010/08/18 17:09:54.0003 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2010/08/18 17:09:54.0237 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2010/08/18 17:09:54.0440 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/08/18 17:09:54.0596 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2010/08/18 17:09:54.0830 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2010/08/18 17:09:55.0002 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2010/08/18 17:09:55.0142 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2010/08/18 17:09:55.0329 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/08/18 17:09:55.0735 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/08/18 17:09:56.0062 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2010/08/18 17:09:56.0390 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2010/08/18 17:09:56.0764 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/08/18 17:09:57.0061 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/08/18 17:09:57.0248 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2010/08/18 17:09:57.0342 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2010/08/18 17:09:57.0388 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2010/08/18 17:09:57.0482 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/08/18 17:09:57.0700 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2010/08/18 17:09:57.0763 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2010/08/18 17:09:57.0794 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/08/18 17:09:57.0841 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/08/18 17:09:57.0934 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2010/08/18 17:09:57.0997 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
2010/08/18 17:09:58.0293 IntcAzAudAddService (b29e79c67f3779e70ba187e31b639ebc) C:\Windows\system32\drivers\RTKVHDA.sys
2010/08/18 17:09:58.0683 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2010/08/18 17:09:58.0777 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2010/08/18 17:09:58.0824 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/08/18 17:09:59.0198 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/08/18 17:09:59.0588 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2010/08/18 17:10:00.0337 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2010/08/18 17:10:00.0852 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2010/08/18 17:10:01.0023 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/08/18 17:10:01.0304 k57nd60x (7ea81534e80570bdf6ee4a4248bba4d6) C:\Windows\system32\DRIVERS\k57nd60x.sys
2010/08/18 17:10:01.0600 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/08/18 17:10:01.0834 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/08/18 17:10:01.0912 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2010/08/18 17:10:01.0975 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2010/08/18 17:10:02.0131 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/08/18 17:10:02.0490 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/08/18 17:10:02.0739 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/08/18 17:10:02.0786 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/08/18 17:10:02.0817 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/08/18 17:10:02.0880 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2010/08/18 17:10:02.0911 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2010/08/18 17:10:02.0973 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/08/18 17:10:03.0020 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2010/08/18 17:10:03.0488 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2010/08/18 17:10:03.0691 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2010/08/18 17:10:03.0753 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2010/08/18 17:10:03.0894 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2010/08/18 17:10:03.0940 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2010/08/18 17:10:03.0987 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2010/08/18 17:10:04.0018 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2010/08/18 17:10:04.0112 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/08/18 17:10:04.0159 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/08/18 17:10:04.0268 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/08/18 17:10:04.0346 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2010/08/18 17:10:04.0408 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2010/08/18 17:10:04.0611 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2010/08/18 17:10:04.0861 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2010/08/18 17:10:05.0142 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/08/18 17:10:05.0688 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2010/08/18 17:10:05.0844 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/08/18 17:10:05.0890 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2010/08/18 17:10:05.0922 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2010/08/18 17:10:06.0000 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/08/18 17:10:06.0046 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2010/08/18 17:10:06.0093 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/08/18 17:10:06.0202 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2010/08/18 17:10:06.0421 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2010/08/18 17:10:06.0639 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2010/08/18 17:10:06.0811 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/08/18 17:10:06.0858 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/08/18 17:10:06.0889 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/08/18 17:10:06.0936 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/08/18 17:10:06.0967 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2010/08/18 17:10:07.0060 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2010/08/18 17:10:07.0201 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2010/08/18 17:10:07.0575 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\Windows\system32\DRIVERS\NETw5s32.sys
2010/08/18 17:10:07.0918 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
2010/08/18 17:10:08.0184 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/08/18 17:10:08.0262 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2010/08/18 17:10:08.0418 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2010/08/18 17:10:08.0574 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2010/08/18 17:10:09.0057 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2010/08/18 17:10:09.0120 NVHDA (b4f70fac4ea61cf150823aa063a39ff9) C:\Windows\system32\drivers\nvhda32v.sys
2010/08/18 17:10:09.0432 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/08/18 17:10:09.0837 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/08/18 17:10:09.0900 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2010/08/18 17:10:09.0978 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/08/18 17:10:10.0040 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/08/18 17:10:10.0087 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2010/08/18 17:10:10.0180 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2010/08/18 17:10:10.0227 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2010/08/18 17:10:10.0321 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2010/08/18 17:10:10.0368 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2010/08/18 17:10:10.0399 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/08/18 17:10:10.0461 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2010/08/18 17:10:10.0508 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2010/08/18 17:10:10.0758 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2010/08/18 17:10:10.0820 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2010/08/18 17:10:10.0914 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2010/08/18 17:10:10.0976 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2010/08/18 17:10:11.0054 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/08/18 17:10:11.0116 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2010/08/18 17:10:11.0148 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2010/08/18 17:10:11.0194 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/08/18 17:10:11.0272 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/08/18 17:10:11.0304 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/08/18 17:10:11.0350 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2010/08/18 17:10:11.0428 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2010/08/18 17:10:11.0460 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/08/18 17:10:11.0491 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/08/18 17:10:11.0553 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2010/08/18 17:10:11.0616 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2010/08/18 17:10:11.0662 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2010/08/18 17:10:11.0725 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2010/08/18 17:10:11.0803 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2010/08/18 17:10:11.0896 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/08/18 17:10:11.0990 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2010/08/18 17:10:12.0037 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/08/18 17:10:12.0115 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/08/18 17:10:12.0162 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2010/08/18 17:10:12.0240 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/08/18 17:10:12.0349 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2010/08/18 17:10:12.0396 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2010/08/18 17:10:12.0427 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2010/08/18 17:10:12.0489 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/08/18 17:10:12.0552 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/08/18 17:10:12.0630 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/08/18 17:10:12.0676 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/08/18 17:10:12.0739 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2010/08/18 17:10:12.0770 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/08/18 17:10:12.0832 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/08/18 17:10:12.0895 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2010/08/18 17:10:12.0957 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2010/08/18 17:10:13.0020 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2010/08/18 17:10:13.0082 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys
2010/08/18 17:10:13.0129 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
2010/08/18 17:10:13.0222 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys
2010/08/18 17:10:13.0269 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2010/08/18 17:10:13.0363 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/08/18 17:10:13.0410 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2010/08/18 17:10:13.0441 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2010/08/18 17:10:13.0519 SynTP (6bef3acd6ee22eec55b68699e8aace09) C:\Windows\system32\DRIVERS\SynTP.sys
2010/08/18 17:10:13.0722 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
2010/08/18 17:10:13.0924 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
2010/08/18 17:10:13.0987 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2010/08/18 17:10:14.0034 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2010/08/18 17:10:14.0236 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2010/08/18 17:10:14.0424 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2010/08/18 17:10:14.0502 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2010/08/18 17:10:14.0580 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/08/18 17:10:14.0626 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2010/08/18 17:10:14.0658 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2010/08/18 17:10:14.0689 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2010/08/18 17:10:14.0736 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/08/18 17:10:14.0782 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2010/08/18 17:10:14.0829 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2010/08/18 17:10:14.0923 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/08/18 17:10:14.0970 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/08/18 17:10:15.0001 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2010/08/18 17:10:15.0032 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2010/08/18 17:10:15.0063 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2010/08/18 17:10:15.0094 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2010/08/18 17:10:15.0141 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2010/08/18 17:10:15.0188 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2010/08/18 17:10:15.0219 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/08/18 17:10:15.0250 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/08/18 17:10:15.0297 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
2010/08/18 17:10:15.0406 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/08/18 17:10:15.0469 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/08/18 17:10:15.0516 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2010/08/18 17:10:15.0578 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/08/18 17:10:15.0625 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2010/08/18 17:10:15.0656 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2010/08/18 17:10:15.0687 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2010/08/18 17:10:15.0765 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2010/08/18 17:10:15.0812 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2010/08/18 17:10:15.0906 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/08/18 17:10:15.0999 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2010/08/18 17:10:16.0093 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2010/08/18 17:10:16.0186 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/08/18 17:10:16.0233 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2010/08/18 17:10:16.0296 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/08/18 17:10:16.0358 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2010/08/18 17:10:16.0420 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2010/08/18 17:10:16.0514 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/18 17:10:16.0545 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/18 17:10:16.0623 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2010/08/18 17:10:16.0701 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2010/08/18 17:10:16.0810 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/08/18 17:10:16.0873 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2010/08/18 17:10:16.0951 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2010/08/18 17:10:16.0998 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/08/18 17:10:17.0060 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/08/18 17:10:17.0122 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2010/08/18 17:10:17.0154 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/08/18 17:10:17.0263 ================================================== ==============================
2010/08/18 17:10:17.0263 Scan finished
2010/08/18 17:10:17.0263 ================================================== ==============================
-
18 August 2010, 17:40 #20Up-to-date
- Geregistreerd
- 5 August 2010
- Berichten
- 62
- Bedankjes
- 8
- Bedankt
- 7 keer in 7 posts
combo fix log
ComboFix 10-08-17.03 - Frank 18-08-2010 17:21:35.4.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.31.1043.18.3067.2108 [GMT 2:00]
Gestart vanuit: c:\users\Frank\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-18 to 2010-08-18 ))))))))))))))))))))))))))))))
.
2010-08-17 12:27 . 2010-08-17 12:27 -------- d-----w- c:\windows\Sun
2010-08-16 14:20 . 2010-08-16 14:20 -------- d--h--w- c:\windows\msdownld.tmp
2010-08-16 14:20 . 2010-08-18 07:08 -------- d-----w- c:\program files\XBMC
2010-08-15 20:05 . 2010-08-16 14:10 -------- d-----w- c:\users\Frank\Nieuwe map
2010-08-14 19:16 . 2010-08-14 19:16 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-14 18:51 . 2010-08-14 18:51 273960 ----a-w- c:\windows\system32\drivers\k57nd60x.sys
2010-08-14 18:18 . 2010-08-14 18:19 -------- d-----w- c:\program files\Uniblue
2010-08-14 18:15 . 2010-08-14 18:15 -------- d-----w- c:\program files\AutoUnpack
2010-08-14 18:10 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-08-14 17:35 . 2010-08-14 17:35 -------- d-----w- c:\programdata\Uniblue
2010-08-14 17:33 . 2010-08-14 17:34 5268200 ----a-w- c:\users\Frank\AppData\Roaming\Uniblue\DriverScann er\_temp\driverscanner.exe
2010-08-14 17:33 . 2010-08-14 17:33 5276232 ----a-w- c:\users\Frank\AppData\Roaming\Uniblue\SpeedUpMyPC \_temp\sump.exe
2010-08-14 17:32 . 2010-08-14 18:19 -------- d-----w- c:\users\Frank\AppData\Roaming\Uniblue
2010-08-14 17:25 . 2008-05-29 08:03 37176 ----a-w- c:\users\Frank\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2010-08-13 13:27 . 2010-08-13 13:32 -------- d-----w- c:\users\Frank\AppData\Roaming\vlc
2010-08-13 13:27 . 2010-08-13 13:27 -------- d-----w- c:\program files\VideoLAN
2010-08-12 13:33 . 2010-08-12 13:33 388096 ----a-r- c:\users\Frank\AppData\Roaming\Microsoft\Installer \{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-12 13:33 . 2010-08-12 13:33 -------- d-----w- c:\program files\Trend Micro
2010-08-12 11:01 . 2010-08-12 13:31 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2010-08-05 20:56 . 2010-08-05 20:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-08-05 11:34 . 2010-04-21 10:06 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
2010-08-05 11:34 . 2010-04-21 10:06 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
2010-08-05 11:34 . 2010-08-05 11:34 -------- d-----w- c:\program files\myBabylon_English
2010-08-04 21:02 . 2010-08-04 21:04 -------- d-----w- c:\users\Frank\AppData\Roaming\Media Player Classic
2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Conduit
2010-07-31 23:41 . 2010-07-31 23:41 -------- d-----w- c:\program files\Softonic-Eng7
2010-07-31 23:41 . 2010-06-08 09:28 52224 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
2010-07-31 23:41 . 2010-06-08 09:28 101376 ----a-w- c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
2010-07-31 23:41 . 2010-08-01 15:13 -------- d-----w- c:\program files\The KMPlayer
2010-07-28 16:51 . 2010-07-28 16:51 -------- d-----w- c:\program files\iPod
2010-07-28 16:51 . 2010-07-28 16:52 -------- d-----w- c:\program files\iTunes
2010-07-28 16:48 . 2010-07-28 16:48 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-28 16:47 . 2010-07-28 16:47 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-25 17:01 . 2010-07-25 17:01 -------- d-----w- c:\program files\GrabIt
2010-07-25 14:05 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-22 12:07 . 2010-07-25 12:22 -------- d-----w- c:\users\Frank\AppData\Local\Hema Album Software Advanced
2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\programdata\Hema Album Software Advanced
2010-07-22 12:07 . 2010-07-22 12:07 -------- d-----w- c:\program files\Hema Album Software Advanced
2010-07-21 08:53 . 2010-07-21 08:53 1615200 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
2010-07-21 08:52 . 2010-07-21 08:52 1373536 ----a-w- c:\programdata\avg9\update\backup\avgssff.dll
2010-07-21 08:52 . 2010-07-21 08:52 1107296 ----a-w- c:\programdata\avg9\update\backup\avgxpl.dll
2010-07-21 08:52 . 2010-07-21 08:52 921440 ----a-w- c:\programdata\avg9\update\backup\avgemc.exe
2010-07-21 08:52 . 2010-07-21 08:52 4368224 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-07-20 10:45 . 2010-07-21 14:29 -------- d-----w- c:\programdata\FLEXnet
2010-07-20 10:35 . 2010-07-20 10:35 -------- d-----w- c:\program files\Adobe Media Player
2010-07-20 10:34 . 2010-07-20 10:34 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-20 10:31 . 2010-07-20 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-08-18 15:25 . 2009-07-14 08:27 691728 ----a-w- c:\windows\system32\perfh013.dat
2010-08-18 15:25 . 2009-07-14 08:27 130232 ----a-w- c:\windows\system32\perfc013.dat
2010-08-17 21:56 . 2010-03-09 08:35 0 ----a-w- c:\users\Frank\AppData\Local\prvlcl.dat
2010-08-17 21:34 . 2010-03-03 18:17 -------- d-----w- c:\users\Frank\AppData\Roaming\LimeWire
2010-08-17 20:01 . 2010-03-03 09:52 -------- d-----w- c:\users\Frank\AppData\Roaming\GrabIt
2010-08-16 15:40 . 2010-03-03 09:34 -------- d-----w- c:\program files\FTDv3.8
2010-08-14 15:57 . 2010-03-04 15:16 -------- d-----w- c:\program files\Ask.com
2010-08-10 10:10 . 2010-03-02 22:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-05 20:59 . 2010-03-02 22:11 -------- d-----w- c:\programdata\NVIDIA
2010-08-05 20:56 . 2010-03-02 22:09 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-05 08:55 . 2010-03-04 15:15 -------- d-----w- c:\users\Frank\AppData\Roaming\uTorrent
2010-08-01 17:11 . 2010-04-12 10:43 -------- d-----w- c:\users\Frank\AppData\Roaming\dvdcss
2010-08-01 15:22 . 2010-03-20 13:41 -------- d-----w- c:\programdata\DVD Shrink
2010-07-28 16:51 . 2010-04-11 10:36 -------- d-----w- c:\program files\Common Files\Apple
2010-07-28 16:48 . 2010-06-23 20:58 -------- d-----w- c:\program files\Safari
2010-07-27 23:01 . 2010-03-02 18:53 -------- d-----w- c:\program files\Windows Live
2010-07-25 14:05 . 2010-03-03 14:41 -------- d-----w- c:\program files\Java
2010-07-20 10:45 . 2010-03-02 18:47 67856 ----a-w- c:\users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-20 10:36 . 2010-03-02 22:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-16 12:55 . 2010-03-02 22:24 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-16 12:55 . 2010-07-16 12:55 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-16 12:54 . 2010-03-02 22:24 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-12 14:49 . 2010-03-20 13:47 -------- d-----w- c:\program files\DVD Shrink
2010-07-09 14:20 . 2010-07-09 14:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20 261736 ----a-w- c:\windows\system32\nvhotkey.dll
2010-07-09 14:20 . 2010-07-09 14:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20 1469544 ----a-w- c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20 13939816 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-06-24 09:45 . 2010-04-11 10:39 -------- d-----w- c:\users\Frank\AppData\Roaming\Apple Computer
2010-06-23 20:59 . 2010-06-23 20:59 -------- d-----w- c:\program files\Bonjour
2010-06-23 20:58 . 2010-06-23 20:58 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-21 22:07 . 2010-08-05 20:54 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2010-06-21 22:07 . 2010-03-02 22:09 232040 ----a-w- c:\windows\system32\nvcohda.dll
2010-06-21 22:07 . 2010-08-05 20:54 64104 ----a-w- c:\windows\system32\nvapo32v.dll
2010-06-21 22:07 . 2010-08-05 20:54 105576 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2010-06-03 09:03 . 2010-03-02 22:24 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-06-02 02:55 . 2010-08-16 14:21 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-08-16 14:21 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-08-16 14:21 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-27 07:24 . 2010-06-11 10:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-11 10:48 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 09:41 . 2010-08-16 14:21 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-08-16 14:21 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-21 05:18 . 2010-06-11 10:48 977920 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyN ot.exe" [2009-07-14 354304]
"SpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\launcher.exe" [2010-06-25 67960]
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" [2010-07-20 67448]
"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-16 2065760]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-12-03 494112]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-03-10 200704]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-10 7703072]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
c:\users\Frank\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dl l
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Frank^AppData^Roamin g^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\Frank\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
2009-10-27 17:18 1103216 ----a-w- c:\program files\Download Manager\DLM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 13:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-20 691696]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-16 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-16 243024]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-16 308136]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-12-03 690720]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2010-08-14 273960]
S3 NETw5s32;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
Inhoud van de 'Gedeelde Taken' map
2010-08-18 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-08-14 14:23]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.babylon.com/home?AF=14542
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Pro files\tp0er5ib.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
************************************************** ************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86A9DB4C]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
SecurityProcedure -> 0x857c1ad8
QueryNameProcedure -> 0x857c1c68
user & kernel MBR OK
************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2010-08-18 17:30:12
ComboFix-quarantined-files.txt 2010-08-18 15:30
Pre-Run: 376.243.634.176 bytes beschikbaar
Post-Run: 376.192.200.704 bytes beschikbaar
- - End Of File - - 2477356FC273D2951915CD15B3084035
Discussie informatie
Users Browsing this Thread
Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)
Soortgelijke discussies
-
vertraagde laptop
Door cawa in forum HijackThisReacties: 7Laatste bericht: 11 February 2010, 12:40 -
Popups
Door ginodj in forum HijackThisReacties: 8Laatste bericht: 3 May 2009, 10:31 -
CID popups
Door Colofon in forum MalwareReacties: 1Laatste bericht: 29 March 2008, 16:08 -
Vertraagde pc (ErrorSafe en ?)
Door kasparh in forum HijackThisReacties: 6Laatste bericht: 16 April 2007, 00:20 -
vertraagde pc
Door cawa in forum HijackThisReacties: 11Laatste bericht: 5 February 2007, 20:52
Regels voor berichten
- Copyright © 2004 - 2019, Minatica.be
-
Powered by vBulletin®, versie 4.2.2
Copyright © 2024 vBulletin Solutions, Inc. - Design door Gert Bangels
Favorieten/bladwijzers