tibitubbie
-
Items
7 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door tibitubbie
-
ComboFix 12-05-12.01 - HP_Administrator 12/05/2012 12:46:54.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1022.580 [GMT 2:00] Gestart vanuit: c:\documents and settings\HP_Administrator\Bureaublad\ComboFix.exe AV: AVG Anti-Virus *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\WINDOWS c:\documents and settings\All Users\Application Data\4xG2Ip4t.exe c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe c:\documents and settings\Default User\WINDOWS c:\documents and settings\HP_Administrator\Application Data\Microsoft\~DFK16c2243.tmp c:\documents and settings\HP_Administrator\Application Data\Microsoft\1eaadjc.dll c:\documents and settings\HP_Administrator\Application Data\Microsoft\bass.dll c:\documents and settings\HP_Administrator\Application Data\Microsoft\kfgresk.dll c:\documents and settings\HP_Administrator\Application Data\Microsoft\mjcriu.dll c:\documents and settings\HP_Administrator\Application Data\Microsoft\peaadje.dll c:\documents and settings\HP_Administrator\Application Data\Microsoft\qwadjb.dll c:\documents and settings\HP_Administrator\Application Data\Microsoft\rsaadjd.dll c:\documents and settings\HP_Administrator\Application Data\Toolbar4 c:\documents and settings\HP_Administrator\Application Data\Xuewba c:\documents and settings\HP_Administrator\Application Data\Xuewba\inoli.exe c:\documents and settings\HP_Administrator\System c:\documents and settings\HP_Administrator\System\win_qs8.jqx c:\documents and settings\HP_Administrator\WINDOWS c:\documents and settings\ikke\WINDOWS c:\windows\IsUn0413.exe c:\windows\system32\config\systemprofile\WINDOWS c:\windows\system32\dds_trash_log.cmd c:\windows\system32\ijl11.dll c:\windows\system32\skinboxer43.dll c:\windows\system32\system c:\windows\Tasks\At1.job c:\windows\Tasks\At12.job c:\windows\Tasks\At2.job c:\windows\unin0413.exe E:\Autorun.inf . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_AMSERVICE . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-12 to 2012-05-12 )))))))))))))))))))))))))))))) . . 2012-05-12 09:00 . 2011-12-18 18:11 6108776 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys 2012-05-11 18:14 . 2012-05-11 20:25 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Kaywob 2012-05-11 18:14 . 2012-05-11 18:14 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Mygete 2012-05-11 17:02 . 2012-05-11 17:02 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-11 14:04 . 2012-05-11 14:27 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Sereg 2012-05-11 14:04 . 2012-05-11 14:15 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Getieq 2012-05-11 14:04 . 2012-05-11 14:04 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Osho 2012-05-10 19:12 . 2012-05-10 19:12 388096 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-10 19:12 . 2012-05-10 19:12 -------- d-----w- c:\program files\Trend Micro 2012-05-10 19:05 . 2012-05-11 13:07 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Udzaq 2012-05-10 19:05 . 2012-05-11 12:30 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Xusyy 2012-05-10 19:05 . 2012-05-10 19:05 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Faahes 2012-05-10 15:21 . 2012-05-10 15:21 -------- d-----w- c:\program files\7-Zip 2012-05-10 12:16 . 2012-05-11 18:19 -------- d--h--r- c:\documents and settings\HP_Administrator\Onlangs geopend 2012-05-09 15:15 . 2012-05-09 15:15 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\IObit 2012-05-08 12:00 . 2012-05-08 12:00 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2012-05-08 12:00 . 2012-05-08 12:00 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache 2012-05-08 12:00 . 2012-05-08 12:00 -------- d-----r- c:\documents and settings\NetworkService\Favorieten 2012-05-06 10:12 . 2012-05-06 10:12 -------- d-----w- c:\windows\system32\wbem\Repository 2012-04-30 12:47 . 2012-04-30 12:49 -------- d-----w- c:\program files\SpeedFan 2012-04-29 15:41 . 2012-05-11 12:48 -------- d-----w- c:\program files\OApps 2012-04-29 15:38 . 2012-04-29 15:38 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\qBittorrent 2012-04-29 15:38 . 2012-04-29 15:43 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\qBittorrent 2012-04-29 15:31 . 2012-04-29 15:31 -------- d-----w- c:\program files\qBittorrent 2012-04-29 15:30 . 2012-04-29 15:41 -------- d-----w- c:\program files\intellidownload . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-11 17:04 . 2004-08-03 23:54 58112 ----a-w- c:\windows\system32\drivers\redbook.sys 2012-04-14 08:21 . 2012-04-02 07:12 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-04-14 08:21 . 2011-07-23 16:36 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-04 13:56 . 2010-08-14 19:22 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-01 11:00 . 2004-09-02 11:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 11:00 . 2004-09-02 11:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-03-01 11:00 . 2004-09-02 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-02-29 14:10 . 2004-09-02 11:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:10 . 2004-09-02 11:00 148480 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 12:17 . 2004-09-02 11:00 385024 ----a-w- c:\windows\system32\html.iec 2010-03-05 14:42 65536 --sha-w- c:\windows\system32\asycfilt.dll 2010-08-23 16:13 617472 --sha-w- c:\windows\system32\comctl32.dll 2011-02-08 13:33 978944 --sha-w- c:\windows\system32\mfc42.dll 2004-09-02 11:00 57344 --sha-w- c:\windows\system32\mfc42loc.dll 2008-04-14 17:02 413696 --sha-w- c:\windows\system32\msvcp60.dll 2008-04-14 17:02 343040 --sha-w- c:\windows\system32\msvcrt.dll 2004-09-02 11:00 253952 --sha-w- c:\windows\system32\msvcrt20.dll 2010-12-20 17:32 551936 --sha-w- c:\windows\system32\oleaut32.dll 2008-04-14 17:02 84992 --sha-w- c:\windows\system32\olepro32.dll 2008-04-14 17:02 30749 --sha-w- c:\windows\system32\vbajet32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\documents and settings\HP_Administrator\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-03-13 3331872] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" [2011-09-02 941320] "IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-01-12 4453208] "RTHDCPL"="RTHDCPL.EXE" [2011-12-18 19557480] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] . c:\documents and settings\ikke\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-11-16 27136] PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-11-16 27136] . c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-11-16 27136] PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-11-16 27136] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2012-05-10 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk] path=c:\documents and settings\HP_Administrator\Menu Start\Programma's\Opstarten\LimeWire On Startup.lnk backup=c:\windows\pss\LimeWire On Startup.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2008-05-01 08:58 185896 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "RemoteAccess"=3 (0x3) "CiSvc"=3 (0x3) "RDSessMgr"=3 (0x3) "Browser"=2 (0x2) "FastUserSwitchingCompatibility"=3 (0x3) "wuauserv"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\AVG\\AVG9\\avgam.exe"= "c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"= "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"= "c:\\Program Files\\BitTorrent\\BitTorrent.exe"= "c:\\Documents and Settings\\HP_Administrator\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"= "c:\\Documents and Settings\\HP_Administrator\\Application Data\\Spotify\\spotify.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1055:TCP"= 1055:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [5/04/2010 19:47 25168] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [5/04/2010 19:47 52872] R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/04/2010 19:47 243152] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17/02/2010 20:25 12880] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [10/05/2010 20:41 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [29/06/2010 19:48 116608] R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [22/07/2010 19:07 814344] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/09/2004 13:00 14336] R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [21/06/2010 17:38 2331544] R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [9/10/2011 19:55 821592] R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [24/09/2011 17:36 196928] R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [22/08/2006 1:00 316992] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [16/11/2006 2:26 2829696] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [5/04/2010 19:47 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [5/04/2010 19:47 122448] R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [5/04/2010 19:47 30288] R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [5/04/2010 19:47 26192] R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [9/10/2011 19:55 246816] R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [9/10/2011 19:55 30368] R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [9/10/2011 19:55 16208] S0 92410688;92410688;c:\windows\system32\drivers\04368502.sys --> c:\windows\system32\drivers\04368502.sys [?] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S0 nzqcmk;nzqcmk; [x] S0 wlzzvtz;wlzzvtz; [x] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/04/2010 19:47 216400] S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [21/06/2010 17:39 308136] S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [21/06/2010 17:39 5897808] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384] S2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13/10/2011 13:18 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2/04/2012 9:12 253088] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [5/04/2010 19:47 30104] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13/10/2011 13:18 136176] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2/09/2004 13:00 14336] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [27/01/2011 14:50 27064] S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13:37 517096] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [16/11/2006 2:25 468768] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs SQLWriter vsserv MASPINT M3AD . Inhoud van de 'Gedeelde Taken' map . 2012-05-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 08:21] . 2012-04-29 c:\windows\Tasks\AdobeAAMUpdater-1.0-UW-313AD20DCB0A-HP_Administrator.job - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-08-29 01:44] . 2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 11:17] . 2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 11:17] . 2012-05-12 c:\windows\Tasks\HP Usg Daily.job - c:\program files\HP\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2004-04-01 14:03] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = <local>;127.0.0.1:9421; IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {{830BB968-4445-4a18-946B-D8582D09D678} - c:\microgaming\Poker\UnibetguestpokerMPP\MPPoker.exe TCP: DhcpNameServer = 192.168.1.1 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} - hxxp://nl.pixum.be/apps/EasyUploadX.cab DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} - hxxp://express.foto.com/SFUploader/SpeedUploader.cab . . ------- Bestandsassociaties ------- . .scr=AutoCADScriptFile .reg=Regedit.Document .txt= . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-Vuytuke - c:\documents and settings\HP_Administrator\Application Data\Udzaq\fymup.exe HKCU-Run-Bupufyagu - c:\documents and settings\HP_Administrator\Application Data\Getieq\ivhil.exe HKCU-Run-Yzfoy - c:\documents and settings\HP_Administrator\Application Data\Xuewba\inoli.exe SafeBoot-92410688.sys AddRemove-MKV Player_is1 - c:\program files\MKV Player\unins000.exe AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-05-12 16:43 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_6c825ce.dll" . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\redbook] "ImagePath"="system32\drivers\tsk171.tmp" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,63,9b,f1,97,32,3a,b0,43,89,60,10,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,63,9b,f1,97,32,3a,b0,43,89,60,10,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(916) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(7684) c:\progra~1\WINDOW~1\wmpband.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wscntfy.exe c:\windows\RTHDCPL.EXE c:\windows\system32\mspaint.exe . ************************************************************************** . Voltooingstijd: 2012-05-12 16:51:36 - machine werd herstart ComboFix-quarantined-files.txt 2012-05-12 14:51 . Pre-Run: 148.380.356.608 bytes beschikbaar Post-Run: 148.747.108.352 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect . - - End Of File - - 00CF399498680409CC965A77550F0094
-
microsoft probleem lijkt opgelost maar ik krijg nog altijd vreemde geluiden uit mijn boxen, bijvoorbeeld is dit nu gefluit van vogel, alhoewel er geen enkel programma actief staat. ik heb ook al voorgehad dat er plots muziek begon te spelen. als ik dit opgelost krijg, denk ik van alle problemen (voorlopig) verlost te zijn. Alvast bedankt
-
momenteel geeft hij wel nog telkenmale klikkend geluid alsof er iets geopend wordt, maar websites worden nu niet meer geopend. Ook krijg ik soms de melding van windows installer om Microsoft Office 2000 pro in station te plaatsen. Dit heb ik al diverse keren geprobeerd, maar krijg de melding niet kwijt. Weet u misschien nog een oplossing voor deze 2 problemen?
-
ik heb hem zijn normale gang laten gaan, nergens zelf ingegrepen
-
Hierbij het logje: 20:14:19.0531 4616 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 20:14:19.0703 4616 ============================================================ 20:14:19.0703 4616 Current date / time: 2012/05/11 20:14:19.0703 20:14:19.0703 4616 SystemInfo: 20:14:19.0703 4616 20:14:19.0703 4616 OS Version: 5.1.2600 ServicePack: 3.0 20:14:19.0718 4616 Product type: Workstation 20:14:19.0718 4616 ComputerName: DESKTOP 20:14:19.0718 4616 UserName: HP_Administrator 20:14:19.0718 4616 Windows directory: C:\WINDOWS 20:14:19.0718 4616 System windows directory: C:\WINDOWS 20:14:19.0718 4616 Processor architecture: Intel x86 20:14:19.0718 4616 Number of processors: 2 20:14:19.0718 4616 Page size: 0x1000 20:14:19.0718 4616 Boot type: Normal boot 20:14:19.0718 4616 ============================================================ 20:14:20.0078 4616 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:14:20.0093 4616 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:14:20.0109 4616 ============================================================ 20:14:20.0109 4616 \Device\Harddisk0\DR0: 20:14:20.0109 4616 MBR partitions: 20:14:20.0109 4616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C49B3A7 20:14:20.0109 4616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x1C49F2A7, BlocksNum 0xD252DA 20:14:20.0109 4616 \Device\Harddisk1\DR1: 20:14:20.0109 4616 MBR partitions: 20:14:20.0109 4616 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542 20:14:20.0109 4616 ============================================================ 20:14:20.0156 4616 C: <-> \Device\Harddisk0\DR0\Partition0 20:14:20.0187 4616 D: <-> \Device\Harddisk1\DR1\Partition0 20:14:20.0203 4616 E: <-> \Device\Harddisk0\DR0\Partition1 20:14:20.0203 4616 ============================================================ 20:14:20.0203 4616 Initialize success 20:14:20.0203 4616 ============================================================ 20:14:57.0078 6048 ============================================================ 20:14:57.0078 6048 Scan started 20:14:57.0078 6048 Mode: Manual; SigCheck; TDLFS; 20:14:57.0078 6048 ============================================================ 20:15:00.0031 6048 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE 20:15:00.0359 6048 !SASCORE - ok 20:15:01.0156 6048 3xHybrid (daa56817eee5afd8f1ef608763d6fad9) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys 20:15:01.0625 6048 3xHybrid - ok 20:15:01.0765 6048 92410688 - ok 20:15:01.0906 6048 ABBYY.Licensing.FineReader.Professional.10.0 (309e130e78baf666d65395d950f30885) C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe 20:15:01.0937 6048 ABBYY.Licensing.FineReader.Professional.10.0 - ok 20:15:01.0953 6048 Abiosdsk - ok 20:15:01.0953 6048 abp480n5 - ok 20:15:02.0000 6048 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 20:15:03.0078 6048 ACPI - ok 20:15:03.0109 6048 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 20:15:03.0250 6048 ACPIEC - ok 20:15:03.0296 6048 Adobe LM Service (7ca178780ae82d286fac10b910ab85ae) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 20:15:03.0312 6048 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning 20:15:03.0312 6048 Adobe LM Service - detected UnsignedFile.Multi.Generic (1) 20:15:03.0421 6048 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 20:15:03.0453 6048 AdobeFlashPlayerUpdateSvc - ok 20:15:03.0453 6048 adpu160m - ok 20:15:03.0562 6048 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 20:15:03.0734 6048 aec - ok 20:15:03.0890 6048 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 20:15:03.0968 6048 AFD - ok 20:15:04.0031 6048 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys 20:15:04.0062 6048 AFS2K ( UnsignedFile.Multi.Generic ) - warning 20:15:04.0062 6048 AFS2K - detected UnsignedFile.Multi.Generic (1) 20:15:04.0062 6048 Aha154x - ok 20:15:04.0062 6048 aic78u2 - ok 20:15:04.0078 6048 aic78xx - ok 20:15:04.0656 6048 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll 20:15:04.0656 6048 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7 20:15:04.0656 6048 Akamai ( HiddenFile.Multi.Generic ) - warning 20:15:04.0656 6048 Akamai - detected HiddenFile.Multi.Generic (1) 20:15:04.0812 6048 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll 20:15:04.0968 6048 Alerter - ok 20:15:05.0015 6048 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe 20:15:05.0093 6048 ALG - ok 20:15:05.0140 6048 AliIde - ok 20:15:05.0156 6048 amsint - ok 20:15:05.0265 6048 Apple Mobile Device (1961cb10bb48eb4d97e37db6373e9e63) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 20:15:05.0312 6048 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning 20:15:05.0312 6048 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1) 20:15:05.0359 6048 AppMgmt (434a70fa278eb3c42140e3755c2fa4f8) C:\WINDOWS\System32\appmgmts.dll 20:15:05.0468 6048 AppMgmt - ok 20:15:05.0609 6048 AR5416 (c413e2e549488a5f1969decb5b03187a) C:\WINDOWS\system32\DRIVERS\athw.sys 20:15:05.0781 6048 AR5416 - ok 20:15:05.0937 6048 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 20:15:06.0078 6048 Arp1394 - ok 20:15:06.0078 6048 asc - ok 20:15:06.0093 6048 asc3350p - ok 20:15:06.0093 6048 asc3550 - ok 20:15:06.0109 6048 Aspi32 - ok 20:15:06.0234 6048 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 20:15:06.0250 6048 aspnet_state - ok 20:15:06.0312 6048 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 20:15:06.0453 6048 AsyncMac - ok 20:15:06.0484 6048 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 20:15:06.0640 6048 atapi - ok 20:15:06.0656 6048 Atdisk - ok 20:15:06.0718 6048 Ati HotKey Poller (72ad06351025b69845ffc3a3b5913f11) C:\WINDOWS\system32\Ati2evxx.exe 20:15:06.0828 6048 Ati HotKey Poller - ok 20:15:06.0968 6048 ati2mtag (0a9918ecc189faab648a94d3ea9907c5) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 20:15:07.0062 6048 ati2mtag - ok 20:15:07.0515 6048 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 20:15:07.0703 6048 Atmarpc - ok 20:15:07.0734 6048 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll 20:15:07.0875 6048 AudioSrv - ok 20:15:07.0906 6048 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 20:15:08.0062 6048 audstub - ok 20:15:08.0171 6048 avg9wd (c4d15594db5be042d3346ea58df87d89) C:\Program Files\AVG\AVG9\avgwdsvc.exe 20:15:23.0437 6048 avg9wd - ok 20:15:23.0484 6048 Avgfwdx (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys 20:15:23.0515 6048 Avgfwdx - ok 20:15:23.0515 6048 Avgfwfd (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys 20:15:23.0531 6048 Avgfwfd - ok 20:15:23.0734 6048 avgfws9 (0f38e92d794df187ba060939c552484f) C:\Program Files\AVG\AVG9\avgfws9.exe 20:15:23.0875 6048 avgfws9 - ok 20:15:25.0812 6048 AVGIDSAgent (abc81401a433f90414168e027aa6cc48) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe 20:15:26.0468 6048 AVGIDSAgent - ok 20:15:26.0593 6048 AVGIDSDriverxpx (97670687f6c8f35e7b611f2ce1f94472) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys 20:15:26.0859 6048 AVGIDSDriverxpx - ok 20:15:27.0140 6048 AVGIDSErHrxpx (277fc6b0f0be23bae7e63f184034b2fe) C:\WINDOWS\system32\Drivers\AVGIDSxx.sys 20:15:27.0203 6048 AVGIDSErHrxpx - ok 20:15:27.0250 6048 AVGIDSFilterxpx (dba65f23b686bdf043bbb54e55c72887) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys 20:15:27.0281 6048 AVGIDSFilterxpx - ok 20:15:27.0312 6048 AVGIDSShimxpx (a552461aab7a36c2465ff19e59af08bf) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys 20:15:27.0343 6048 AVGIDSShimxpx - ok 20:15:27.0406 6048 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys 20:15:27.0640 6048 AvgLdx86 - ok 20:15:27.0718 6048 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\system32\Drivers\avgmfx86.sys 20:15:27.0781 6048 AvgMfx86 - ok 20:15:27.0843 6048 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys 20:15:27.0859 6048 AvgRkx86 - ok 20:15:27.0968 6048 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\system32\Drivers\avgtdix.sys 20:15:28.0031 6048 AvgTdiX - ok 20:15:28.0078 6048 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys 20:15:28.0171 6048 bb-run - ok 20:15:28.0203 6048 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 20:15:28.0343 6048 Beep - ok 20:15:28.0406 6048 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll 20:15:28.0671 6048 BITS - ok 20:15:28.0718 6048 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll 20:15:28.0921 6048 Browser - ok 20:15:28.0937 6048 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 20:15:29.0078 6048 cbidf2k - ok 20:15:29.0109 6048 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 20:15:29.0281 6048 CCDECODE - ok 20:15:29.0281 6048 cd20xrnt - ok 20:15:29.0312 6048 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 20:15:29.0437 6048 Cdaudio - ok 20:15:29.0468 6048 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 20:15:29.0593 6048 Cdfs - ok 20:15:29.0625 6048 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 20:15:29.0781 6048 Cdrom - ok 20:15:29.0781 6048 Changer - ok 20:15:29.0828 6048 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe 20:15:29.0984 6048 CiSvc - ok 20:15:30.0093 6048 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe 20:15:30.0234 6048 ClipSrv - ok 20:15:30.0359 6048 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:15:30.0375 6048 clr_optimization_v2.0.50727_32 - ok 20:15:30.0515 6048 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:15:30.0546 6048 clr_optimization_v4.0.30319_32 - ok 20:15:30.0546 6048 CmdIde - ok 20:15:30.0546 6048 COMSysApp - ok 20:15:30.0578 6048 Cpqarray - ok 20:15:30.0640 6048 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll 20:15:30.0812 6048 CryptSvc - ok 20:15:30.0828 6048 dac2w2k - ok 20:15:30.0828 6048 dac960nt - ok 20:15:30.0906 6048 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 20:15:31.0000 6048 DcomLaunch - ok 20:15:31.0046 6048 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll 20:15:31.0171 6048 Dhcp - ok 20:15:31.0203 6048 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 20:15:31.0343 6048 Disk - ok 20:15:31.0343 6048 dmadmin - ok 20:15:31.0437 6048 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 20:15:31.0625 6048 dmboot - ok 20:15:31.0640 6048 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 20:15:31.0765 6048 dmio - ok 20:15:31.0796 6048 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 20:15:31.0906 6048 dmload - ok 20:15:31.0937 6048 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll 20:15:32.0062 6048 dmserver - ok 20:15:32.0078 6048 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 20:15:32.0187 6048 DMusic - ok 20:15:32.0234 6048 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll 20:15:32.0359 6048 Dnscache - ok 20:15:32.0390 6048 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll 20:15:32.0531 6048 Dot3svc - ok 20:15:32.0531 6048 dpti2o - ok 20:15:32.0578 6048 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 20:15:32.0703 6048 drmkaud - ok 20:15:32.0734 6048 e1express (b0ababbbe2e61fc916a21182ac2ceff1) C:\WINDOWS\system32\DRIVERS\e1e5132.sys 20:15:32.0796 6048 e1express - ok 20:15:32.0812 6048 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll 20:15:32.0937 6048 EapHost - ok 20:15:33.0093 6048 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe 20:15:33.0218 6048 ehRecvr - ok 20:15:33.0250 6048 ehSched (52481b2994fdfbbff6e48392bb70136c) C:\WINDOWS\eHome\ehSched.exe 20:15:33.0359 6048 ehSched - ok 20:15:33.0375 6048 ELacpi (0923aec043f5d355b4ef0c2b29a362de) C:\WINDOWS\system32\DRIVERS\ELacpi.sys 20:15:33.0421 6048 ELacpi - ok 20:15:33.0453 6048 ELhid (cbd71e7772f92bfb85ccc302b2deefba) C:\WINDOWS\System32\Drivers\Elhid.sys 20:15:33.0453 6048 ELhid ( UnsignedFile.Multi.Generic ) - warning 20:15:33.0453 6048 ELhid - detected UnsignedFile.Multi.Generic (1) 20:15:33.0468 6048 ELkbd (ac75b576c45d144e146fd1f0576a1f53) C:\WINDOWS\System32\Drivers\Elkbd.sys 20:15:33.0484 6048 ELkbd ( UnsignedFile.Multi.Generic ) - warning 20:15:33.0484 6048 ELkbd - detected UnsignedFile.Multi.Generic (1) 20:15:33.0500 6048 ELmon (483cce5e40137d4e437f4def55c80007) C:\WINDOWS\System32\Drivers\Elmon.sys 20:15:33.0515 6048 ELmon ( UnsignedFile.Multi.Generic ) - warning 20:15:33.0515 6048 ELmon - detected UnsignedFile.Multi.Generic (1) 20:15:33.0531 6048 ELmou (8e88cafeac0812bf2d15beeedfcce8bd) C:\WINDOWS\System32\Drivers\Elmou.sys 20:15:33.0531 6048 ELmou ( UnsignedFile.Multi.Generic ) - warning 20:15:33.0546 6048 ELmou - detected UnsignedFile.Multi.Generic (1) 20:15:33.0671 6048 ELService (47fcf6628e1a221c41f3f0130fbf258e) C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe 20:15:33.0687 6048 ELService ( UnsignedFile.Multi.Generic ) - warning 20:15:33.0687 6048 ELService - detected UnsignedFile.Multi.Generic (1) 20:15:33.0718 6048 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll 20:15:33.0828 6048 ERSvc - ok 20:15:33.0875 6048 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 20:15:33.0906 6048 Eventlog - ok 20:15:33.0953 6048 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll 20:15:34.0015 6048 EventSystem - ok 20:15:34.0046 6048 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 20:15:34.0156 6048 Fastfat - ok 20:15:34.0218 6048 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 20:15:34.0312 6048 FastUserSwitchingCompatibility - ok 20:15:34.0359 6048 Fax (4914736e61f561dad588af2aaa0df0f0) C:\WINDOWS\system32\fxssvc.exe 20:15:34.0500 6048 Fax - ok 20:15:34.0531 6048 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 20:15:34.0640 6048 Fdc - ok 20:15:34.0781 6048 FileMonitor (9200a69413d69ab86add9bc81960be7b) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys 20:15:34.0812 6048 FileMonitor - ok 20:15:34.0828 6048 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 20:15:34.0953 6048 Fips - ok 20:15:35.0187 6048 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 20:15:35.0234 6048 FLEXnet Licensing Service - ok 20:15:35.0234 6048 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 20:15:35.0343 6048 Flpydisk - ok 20:15:35.0390 6048 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 20:15:35.0500 6048 FltMgr - ok 20:15:35.0734 6048 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 20:15:35.0750 6048 FontCache3.0.0.0 - ok 20:15:35.0781 6048 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 20:15:35.0875 6048 Fs_Rec - ok 20:15:35.0984 6048 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 20:15:36.0093 6048 Ftdisk - ok 20:15:36.0250 6048 ftsata2 (22399d3ce5840c6082844679cca5d2fc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys 20:15:36.0265 6048 ftsata2 - ok 20:15:36.0281 6048 gearsecurity - ok 20:15:36.0296 6048 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys 20:15:36.0312 6048 giveio ( UnsignedFile.Multi.Generic ) - warning 20:15:36.0312 6048 giveio - detected UnsignedFile.Multi.Generic (1) 20:15:36.0343 6048 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 20:15:36.0468 6048 Gpc - ok 20:15:36.0578 6048 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 20:15:36.0593 6048 gupdate - ok 20:15:36.0593 6048 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 20:15:36.0609 6048 gupdatem - ok 20:15:36.0671 6048 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 20:15:36.0687 6048 gusvc - ok 20:15:36.0765 6048 Hardlock (c1cc0c9742b881c42f1cc628e6f9ebd1) C:\WINDOWS\system32\drivers\hardlock.sys 20:15:36.0843 6048 Hardlock - ok 20:15:36.0875 6048 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys 20:15:36.0890 6048 Haspnt ( UnsignedFile.Multi.Generic ) - warning 20:15:36.0890 6048 Haspnt - detected UnsignedFile.Multi.Generic (1) 20:15:36.0937 6048 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 20:15:37.0093 6048 HDAudBus - ok 20:15:37.0156 6048 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 20:15:37.0265 6048 helpsvc - ok 20:15:37.0281 6048 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll 20:15:37.0406 6048 HidServ - ok 20:15:37.0453 6048 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 20:15:37.0578 6048 HidUsb - ok 20:15:37.0609 6048 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll 20:15:37.0734 6048 hkmsvc - ok 20:15:37.0750 6048 hpn - ok 20:15:37.0781 6048 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 20:15:37.0828 6048 HPZid412 - ok 20:15:37.0859 6048 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 20:15:37.0906 6048 HPZipr12 - ok 20:15:37.0921 6048 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 20:15:37.0984 6048 HPZius12 - ok 20:15:38.0031 6048 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 20:15:38.0093 6048 HTTP - ok 20:15:38.0125 6048 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll 20:15:38.0265 6048 HTTPFilter - ok 20:15:38.0281 6048 i2omgmt - ok 20:15:38.0281 6048 i2omp - ok 20:15:38.0312 6048 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 20:15:38.0671 6048 i8042prt - ok 20:15:38.0812 6048 IAANTMON (7b96206e4bdd2fe582f0dbc46f5f410e) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 20:15:38.0843 6048 IAANTMON - ok 20:15:38.0906 6048 iaStor (80c633722da72e97f3f5b3b11325696d) C:\WINDOWS\system32\DRIVERS\iastor.sys 20:15:38.0937 6048 iaStor - ok 20:15:39.0078 6048 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 20:15:39.0093 6048 IDriverT ( UnsignedFile.Multi.Generic ) - warning 20:15:39.0093 6048 IDriverT - detected UnsignedFile.Multi.Generic (1) 20:15:39.0265 6048 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:15:39.0343 6048 idsvc - ok 20:15:39.0484 6048 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 20:15:39.0609 6048 Imapi - ok 20:15:39.0671 6048 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe 20:15:39.0781 6048 ImapiService - ok 20:15:39.0890 6048 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe 20:15:39.0953 6048 IMFservice - ok 20:15:39.0968 6048 ini910u - ok 20:15:40.0453 6048 IntcAzAudAddService (a109fe3ca1ee4e92292b349de1b32f7b) C:\WINDOWS\system32\drivers\RtkHDAud.sys 20:15:40.0796 6048 IntcAzAudAddService - ok 20:15:40.0953 6048 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 20:15:41.0046 6048 IntelIde - ok 20:15:41.0093 6048 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 20:15:41.0203 6048 intelppm - ok 20:15:41.0250 6048 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 20:15:41.0359 6048 Ip6Fw - ok 20:15:41.0359 6048 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 20:15:41.0468 6048 IpFilterDriver - ok 20:15:41.0500 6048 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 20:15:41.0609 6048 IpInIp - ok 20:15:41.0640 6048 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 20:15:41.0765 6048 IpNat - ok 20:15:41.0781 6048 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 20:15:41.0890 6048 IPSec - ok 20:15:41.0921 6048 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 20:15:42.0000 6048 IRENUM - ok 20:15:42.0000 6048 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 20:15:42.0125 6048 isapnp - ok 20:15:42.0296 6048 JavaQuickStarterService (126a16f569122ae00ad3d12ef831d651) C:\Program Files\Java\jre6\bin\jqs.exe 20:15:42.0312 6048 JavaQuickStarterService - ok 20:15:42.0328 6048 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 20:15:42.0437 6048 Kbdclass - ok 20:15:42.0453 6048 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 20:15:42.0578 6048 kbdhid - ok 20:15:42.0625 6048 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 20:15:42.0750 6048 kmixer - ok 20:15:42.0781 6048 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 20:15:42.0875 6048 KSecDD - ok 20:15:42.0937 6048 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll 20:15:43.0015 6048 lanmanserver - ok 20:15:43.0062 6048 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll 20:15:43.0140 6048 lanmanworkstation - ok 20:15:43.0140 6048 Lbd - ok 20:15:43.0140 6048 lbrtfdc - ok 20:15:43.0265 6048 LightScribeService (5d4b38a8d8525356798f5e560c3a3090) C:\Program Files\Common Files\LightScribe\LSSrvc.exe 20:15:43.0296 6048 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 20:15:43.0296 6048 LightScribeService - detected UnsignedFile.Multi.Generic (1) 20:15:43.0343 6048 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll 20:15:43.0453 6048 LmHosts - ok 20:15:43.0453 6048 M3AD - ok 20:15:43.0468 6048 MASPINT - ok 20:15:43.0609 6048 McrdSvc (88ec8e7905ec13e51884e00a3f026223) C:\WINDOWS\ehome\mcrdsvc.exe 20:15:43.0640 6048 McrdSvc - ok 20:15:43.0671 6048 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll 20:15:43.0796 6048 Messenger - ok 20:15:43.0828 6048 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll 20:15:43.0843 6048 MHN ( UnsignedFile.Multi.Generic ) - warning 20:15:43.0843 6048 MHN - detected UnsignedFile.Multi.Generic (1) 20:15:43.0890 6048 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 20:15:43.0906 6048 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 20:15:43.0906 6048 MHNDRV - detected UnsignedFile.Multi.Generic (1) 20:15:43.0953 6048 MMRTKRNL (a232590024578e3aee530b0710611401) C:\WINDOWS\system32\drivers\mmrtkrnl.sys 20:15:43.0968 6048 MMRTKRNL ( UnsignedFile.Multi.Generic ) - warning 20:15:43.0968 6048 MMRTKRNL - detected UnsignedFile.Multi.Generic (1) 20:15:43.0984 6048 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 20:15:44.0109 6048 mnmdd - ok 20:15:44.0171 6048 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe 20:15:44.0296 6048 mnmsrvc - ok 20:15:44.0328 6048 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 20:15:44.0453 6048 Modem - ok 20:15:44.0484 6048 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 20:15:44.0609 6048 Mouclass - ok 20:15:44.0656 6048 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 20:15:44.0781 6048 mouhid - ok 20:15:44.0796 6048 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 20:15:44.0921 6048 MountMgr - ok 20:15:44.0953 6048 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys 20:15:45.0093 6048 MPE - ok 20:15:45.0093 6048 mraid35x - ok 20:15:45.0156 6048 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 20:15:45.0281 6048 MRxDAV - ok 20:15:45.0406 6048 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 20:15:45.0546 6048 MRxSmb - ok 20:15:45.0593 6048 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe 20:15:45.0765 6048 MSDTC - ok 20:15:45.0781 6048 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 20:15:45.0906 6048 Msfs - ok 20:15:45.0921 6048 MSIServer - ok 20:15:45.0953 6048 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 20:15:46.0062 6048 MSKSSRV - ok 20:15:46.0078 6048 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 20:15:46.0187 6048 MSPCLOCK - ok 20:15:46.0218 6048 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 20:15:46.0312 6048 MSPQM - ok 20:15:46.0343 6048 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 20:15:46.0453 6048 mssmbios - ok 20:15:46.0468 6048 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 20:15:46.0562 6048 MSTEE - ok 20:15:46.0578 6048 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 20:15:46.0671 6048 Mup - ok 20:15:46.0703 6048 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 20:15:46.0828 6048 NABTSFEC - ok 20:15:46.0875 6048 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll 20:15:47.0015 6048 napagent - ok 20:15:47.0046 6048 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 20:15:47.0171 6048 NDIS - ok 20:15:47.0171 6048 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 20:15:47.0312 6048 NdisIP - ok 20:15:47.0343 6048 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 20:15:47.0390 6048 NdisTapi - ok 20:15:47.0421 6048 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 20:15:47.0531 6048 Ndisuio - ok 20:15:47.0546 6048 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 20:15:47.0671 6048 NdisWan - ok 20:15:47.0703 6048 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 20:15:47.0796 6048 NDProxy - ok 20:15:47.0812 6048 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 20:15:47.0968 6048 NetBIOS - ok 20:15:48.0000 6048 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 20:15:48.0125 6048 NetBT - ok 20:15:48.0171 6048 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 20:15:48.0296 6048 NetDDE - ok 20:15:48.0296 6048 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 20:15:48.0421 6048 NetDDEdsdm - ok 20:15:48.0453 6048 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 20:15:48.0578 6048 Netlogon - ok 20:15:48.0640 6048 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll 20:15:48.0765 6048 Netman - ok 20:15:48.0890 6048 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:15:48.0906 6048 NetTcpPortSharing - ok 20:15:48.0937 6048 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 20:15:49.0046 6048 NIC1394 - ok 20:15:49.0187 6048 NitroDriverReadSpool (468563ef5260515635d62c74f6bf0261) C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe 20:15:49.0218 6048 NitroDriverReadSpool - ok 20:15:49.0281 6048 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll 20:15:49.0359 6048 Nla - ok 20:15:49.0406 6048 nosGetPlusHelper (1acf98d80e95add298832c7a8996b48c) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll 20:15:49.0421 6048 nosGetPlusHelper - ok 20:15:49.0500 6048 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 20:15:49.0625 6048 Npfs - ok 20:15:49.0687 6048 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 20:15:49.0843 6048 Ntfs - ok 20:15:49.0906 6048 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 20:15:50.0031 6048 NtLmSsp - ok 20:15:50.0093 6048 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll 20:15:50.0234 6048 NtmsSvc - ok 20:15:50.0281 6048 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 20:15:50.0406 6048 Null - ok 20:15:50.0421 6048 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 20:15:50.0546 6048 NwlnkFlt - ok 20:15:50.0562 6048 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 20:15:50.0687 6048 NwlnkFwd - ok 20:15:50.0703 6048 nzqcmk - ok 20:15:50.0703 6048 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 20:15:50.0828 6048 ohci1394 - ok 20:15:50.0984 6048 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:15:51.0000 6048 ose - ok 20:15:51.0000 6048 Par1284 - ok 20:15:51.0046 6048 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 20:15:51.0171 6048 Parport - ok 20:15:51.0171 6048 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 20:15:51.0296 6048 PartMgr - ok 20:15:51.0312 6048 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 20:15:51.0437 6048 ParVdm - ok 20:15:51.0437 6048 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 20:15:51.0546 6048 PCI - ok 20:15:51.0546 6048 PCIDump - ok 20:15:51.0562 6048 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 20:15:51.0687 6048 PCIIde - ok 20:15:51.0718 6048 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 20:15:51.0843 6048 Pcmcia - ok 20:15:51.0859 6048 PDCOMP - ok 20:15:51.0859 6048 PDFRAME - ok 20:15:51.0859 6048 PDRELI - ok 20:15:51.0875 6048 PDRFRAME - ok 20:15:51.0875 6048 perc2 - ok 20:15:51.0890 6048 perc2hib - ok 20:15:51.0953 6048 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 20:15:51.0984 6048 PlugPlay - ok 20:15:52.0031 6048 Pml Driver HPZ12 (901c43516504cbe582e4c4193e00876a) C:\WINDOWS\system32\HPZipm12.exe 20:15:52.0046 6048 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 20:15:52.0046 6048 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 20:15:52.0062 6048 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 20:15:52.0156 6048 PolicyAgent - ok 20:15:52.0203 6048 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 20:15:52.0312 6048 PptpMiniport - ok 20:15:52.0328 6048 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 20:15:52.0421 6048 ProtectedStorage - ok 20:15:52.0453 6048 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys 20:15:52.0500 6048 Ps2 - ok 20:15:52.0515 6048 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 20:15:52.0640 6048 PSched - ok 20:15:52.0640 6048 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 20:15:52.0765 6048 Ptilink - ok 20:15:52.0765 6048 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys 20:15:52.0781 6048 PxHelp20 - ok 20:15:52.0796 6048 ql1080 - ok 20:15:52.0796 6048 Ql10wnt - ok 20:15:52.0796 6048 ql12160 - ok 20:15:52.0812 6048 ql1240 - ok 20:15:52.0812 6048 ql1280 - ok 20:15:52.0828 6048 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 20:15:52.0968 6048 RasAcd - ok 20:15:52.0984 6048 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll 20:15:53.0125 6048 RasAuto - ok 20:15:53.0156 6048 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 20:15:53.0250 6048 Rasl2tp - ok 20:15:53.0312 6048 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll 20:15:53.0421 6048 RasMan - ok 20:15:53.0421 6048 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 20:15:53.0531 6048 RasPppoe - ok 20:15:53.0546 6048 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 20:15:53.0656 6048 Raspti - ok 20:15:53.0718 6048 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 20:15:53.0828 6048 Rdbss - ok 20:15:53.0843 6048 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 20:15:53.0937 6048 RDPCDD - ok 20:15:53.0968 6048 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 20:15:54.0078 6048 rdpdr - ok 20:15:54.0125 6048 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 20:15:54.0187 6048 RDPWD - ok 20:15:54.0218 6048 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe 20:15:54.0390 6048 RDSessMgr - ok 20:15:54.0406 6048 redbook - ok 20:15:54.0546 6048 RegFilter (2ca761ce3abb7bbbb9c5519b2fb54f5e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys 20:15:54.0562 6048 RegFilter - ok 20:15:54.0609 6048 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll 20:15:54.0734 6048 RemoteAccess - ok 20:15:54.0765 6048 RemoteRegistry (2fd5b89bf9289c774c5c730dea96cd91) C:\WINDOWS\system32\regsvc.dll 20:15:54.0890 6048 RemoteRegistry - ok 20:15:54.0937 6048 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys 20:15:54.0953 6048 Revoflt - ok 20:15:54.0968 6048 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe 20:15:55.0093 6048 RpcLocator - ok 20:15:55.0171 6048 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 20:15:55.0250 6048 RpcSs - ok 20:15:55.0296 6048 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe 20:15:55.0453 6048 RSVP - ok 20:15:55.0468 6048 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 20:15:55.0640 6048 rtl8139 - ok 20:15:55.0656 6048 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 20:15:55.0828 6048 SamSs - ok 20:15:55.0906 6048 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 20:15:55.0906 6048 SASDIFSV - ok 20:15:55.0953 6048 SAS***IL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS 20:15:55.0984 6048 SAS***IL - ok 20:15:56.0000 6048 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe 20:15:56.0125 6048 SCardSvr - ok 20:15:56.0171 6048 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll 20:15:56.0359 6048 Schedule - ok 20:15:56.0390 6048 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 20:15:56.0484 6048 Secdrv - ok 20:15:56.0515 6048 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll 20:15:56.0656 6048 seclogon - ok 20:15:56.0703 6048 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll 20:15:56.0843 6048 SENS - ok 20:15:56.0890 6048 Sentinel (82e878fd036c98a4555b1b15aa132494) C:\WINDOWS\System32\Drivers\SENTINEL.SYS 20:15:56.0921 6048 Sentinel - ok 20:15:57.0046 6048 SentinelKeysServer (e0c6d9ab57bcce3ad8160fdb9dd5402e) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe 20:15:57.0078 6048 SentinelKeysServer - ok 20:15:57.0125 6048 SentinelProtectionServer (54af449fb8d3304957efef48d8fa0720) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe 20:15:57.0171 6048 SentinelProtectionServer - ok 20:15:57.0203 6048 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys 20:15:57.0343 6048 Serial - ok 20:15:57.0406 6048 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 20:15:57.0515 6048 Sfloppy - ok 20:15:57.0625 6048 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll 20:15:57.0812 6048 SharedAccess - ok 20:15:57.0859 6048 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 20:15:57.0890 6048 ShellHWDetection - ok 20:15:57.0890 6048 Simbad - ok 20:15:57.0921 6048 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 20:15:58.0109 6048 SLIP - ok 20:15:58.0156 6048 SNTNLUSB (1475a9533649935a048ea5e27f8c3b37) C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS 20:15:58.0187 6048 SNTNLUSB - ok 20:15:58.0187 6048 Sparrow - ok 20:15:58.0312 6048 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\WINDOWS\system32\speedfan.sys 20:15:58.0343 6048 speedfan - ok 20:15:58.0406 6048 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 20:15:58.0562 6048 splitter - ok 20:15:58.0609 6048 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 20:15:58.0687 6048 Spooler - ok 20:15:58.0734 6048 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 20:15:58.0875 6048 sr - ok 20:15:59.0062 6048 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll 20:15:59.0171 6048 srservice - ok 20:15:59.0312 6048 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 20:15:59.0375 6048 Srv - ok 20:15:59.0437 6048 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll 20:15:59.0578 6048 SSDPSRV - ok 20:15:59.0687 6048 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll 20:15:59.0890 6048 stisvc - ok 20:15:59.0921 6048 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 20:16:00.0046 6048 streamip - ok 20:16:00.0062 6048 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 20:16:00.0281 6048 swenum - ok 20:16:00.0656 6048 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 20:16:00.0718 6048 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 20:16:00.0734 6048 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 20:16:00.0750 6048 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 20:16:00.0906 6048 swmidi - ok 20:16:00.0921 6048 SwPrv - ok 20:16:00.0937 6048 symc810 - ok 20:16:00.0953 6048 symc8xx - ok 20:16:00.0968 6048 sym_hi - ok 20:16:00.0968 6048 sym_u3 - ok 20:16:01.0015 6048 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 20:16:01.0187 6048 sysaudio - ok 20:16:01.0281 6048 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe 20:16:01.0515 6048 SysmonLog - ok 20:16:01.0703 6048 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll 20:16:08.0453 6048 TapiSrv - ok 20:16:09.0906 6048 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 20:16:10.0343 6048 Tcpip - ok 20:16:10.0531 6048 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 20:16:10.0890 6048 TDPIPE - ok 20:16:11.0171 6048 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 20:16:11.0328 6048 TDTCP - ok 20:16:11.0421 6048 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 20:16:11.0593 6048 TermDD - ok 20:16:13.0031 6048 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll 20:16:13.0312 6048 TermService - ok 20:16:14.0250 6048 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 20:16:14.0359 6048 Themes - ok 20:16:14.0515 6048 TlntSvr (78a2fe13662a119875f10e9ffcb49a8f) C:\WINDOWS\system32\tlntsvr.exe 20:16:14.0734 6048 TlntSvr - ok 20:16:14.0734 6048 TosIde - ok 20:16:15.0046 6048 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll 20:16:15.0156 6048 TrkWks - ok 20:16:15.0250 6048 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 20:16:15.0343 6048 Udfs - ok 20:16:15.0343 6048 ultra - ok 20:16:15.0593 6048 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 20:16:15.0765 6048 Update - ok 20:16:16.0046 6048 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll 20:16:16.0171 6048 upnphost - ok 20:16:16.0312 6048 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe 20:16:16.0546 6048 UPS - ok 20:16:16.0796 6048 UrlFilter (62551ba687f1d0f582810cfa37384bb0) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys 20:16:16.0921 6048 UrlFilter - ok 20:16:16.0968 6048 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 20:16:17.0203 6048 usbccgp - ok 20:16:17.0234 6048 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 20:16:17.0390 6048 usbehci - ok 20:16:17.0421 6048 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 20:16:17.0531 6048 usbhub - ok 20:16:17.0609 6048 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 20:16:17.0734 6048 usbprint - ok 20:16:17.0765 6048 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 20:16:17.0875 6048 usbscan - ok 20:16:17.0875 6048 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 20:16:17.0984 6048 usbstor - ok 20:16:18.0031 6048 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20:16:18.0140 6048 usbuhci - ok 20:16:18.0187 6048 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 20:16:18.0296 6048 VgaSave - ok 20:16:18.0328 6048 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 20:16:18.0437 6048 ViaIde - ok 20:16:18.0453 6048 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 20:16:18.0578 6048 VolSnap - ok 20:16:18.0687 6048 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe 20:16:18.0968 6048 VSS - ok 20:16:18.0968 6048 vsserv - ok 20:16:19.0031 6048 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll 20:16:19.0265 6048 W32Time - ok 20:16:19.0343 6048 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 20:16:19.0593 6048 Wanarp - ok 20:16:19.0593 6048 WDICA - ok 20:16:19.0625 6048 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 20:16:19.0859 6048 wdmaud - ok 20:16:19.0984 6048 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll 20:16:20.0203 6048 WebClient - ok 20:16:20.0343 6048 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll 20:16:20.0484 6048 winmgmt - ok 20:16:20.0500 6048 wlzzvtz - ok 20:16:20.0531 6048 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 20:16:20.0656 6048 WmdmPmSN - ok 20:16:20.0937 6048 Wmi (93f8eb8c7cd4e325ec92edbfc545103d) C:\WINDOWS\System32\advapi32.dll 20:16:21.0078 6048 Wmi - ok 20:16:21.0140 6048 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe 20:16:21.0281 6048 WmiApSrv - ok 20:16:21.0546 6048 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe 20:16:21.0671 6048 WMPNetworkSvc - ok 20:16:21.0812 6048 WN5301 (b72d232e46ff5ee2bd8f61498b748df7) C:\WINDOWS\system32\DRIVERS\wn5301.sys 20:16:21.0921 6048 WN5301 - ok 20:16:22.0671 6048 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 20:16:22.0765 6048 WPFFontCache_v0400 - ok 20:16:22.0812 6048 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 20:16:23.0031 6048 WSTCODEC - ok 20:16:23.0062 6048 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll 20:16:23.0234 6048 wuauserv - ok 20:16:23.0281 6048 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 20:16:23.0375 6048 WudfPf - ok 20:16:23.0375 6048 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 20:16:23.0468 6048 WudfRd - ok 20:16:23.0531 6048 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 20:16:23.0593 6048 WudfSvc - ok 20:16:23.0796 6048 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll 20:16:24.0109 6048 WZCSVC - ok 20:16:24.0312 6048 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll 20:16:24.0515 6048 xmlprov - ok 20:16:24.0546 6048 MBR (0x1B8) (c02b6c838c8892684d06e5bc36f030fd) \Device\Harddisk0\DR0 20:16:24.0812 6048 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 20:16:24.0843 6048 \Device\Harddisk0\DR0 - detected TDSS File System (1) 20:16:24.0875 6048 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk1\DR1 20:16:25.0140 6048 \Device\Harddisk1\DR1 - ok 20:16:25.0156 6048 Boot (0x1200) (741841d6194c1ab50b01874c0c1f159c) \Device\Harddisk0\DR0\Partition0 20:16:25.0156 6048 \Device\Harddisk0\DR0\Partition0 - ok 20:16:25.0156 6048 Boot (0x1200) (7784a5cafbf4b6c978fa8b16fe056ef7) \Device\Harddisk0\DR0\Partition1 20:16:25.0156 6048 \Device\Harddisk0\DR0\Partition1 - ok 20:16:25.0156 6048 Boot (0x1200) (12f2ded2dd719d3c10fe20ccab77bb03) \Device\Harddisk1\DR1\Partition0 20:16:25.0156 6048 \Device\Harddisk1\DR1\Partition0 - ok 20:16:25.0156 6048 ============================================================ 20:16:25.0156 6048 Scan finished 20:16:25.0156 6048 ============================================================ 20:16:25.0437 6040 Detected object count: 19 20:16:25.0437 6040 Actual detected object count: 19 20:16:38.0015 6040 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0015 6040 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0015 6040 AFS2K ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0015 6040 AFS2K ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0015 6040 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 20:16:38.0015 6040 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 20:16:38.0031 6040 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0031 6040 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0031 6040 ELhid ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0031 6040 ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0031 6040 ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0031 6040 ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0031 6040 ELmon ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0031 6040 ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0046 6040 ELmou ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0046 6040 ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0062 6040 ELService ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0062 6040 ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0062 6040 giveio ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0062 6040 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0062 6040 Haspnt ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0062 6040 Haspnt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0062 6040 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0062 6040 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0062 6040 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0062 6040 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0062 6040 MHN ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0062 6040 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0062 6040 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0062 6040 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0078 6040 MMRTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0078 6040 MMRTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0078 6040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0078 6040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0078 6040 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 20:16:38.0078 6040 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:16:38.0078 6040 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 20:16:38.0078 6040 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
-
Vooreerst bedankt Kape voor de snelle hulp. Onderstaand de gevraagde logfiles: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:02:33, on 11/05/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Documents and Settings\All Users\Application Data\4xG2Ip4t.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Documents and Settings\All Users\Application Data\4xG2Ip4t.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\4xG2Ip4t.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\IObit\IObit Malware Fighter\IMF.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [bonus.SSR.FR10] "C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Vuytuke] "C:\Documents and Settings\HP_Administrator\Application Data\Udzaq\fymup.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {830BB968-4445-4a18-946B-D8582D09D678} - C:\Microgaming\Poker\UnibetguestpokerMPP\MPPoker.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/63.27/uploader2.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} (Pixum EasyUploadX Control) - http://nl.pixum.be/apps/EasyUploadX.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 11670 bytes Hierna de logfile van malwarebytes: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.05.11.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 HP_Administrator :: DESKTOP [administrator] 11/05/2012 16:16:04 mbam-log-2012-05-11 (16-16-04).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 247558 Verstreken tijd: 9 minuut/minuten, 4 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 1 C:\WINDOWS\system32\webdriveservice.dll (RootKit.0Access.H) -> Zal worden verwijderd tijdens het herstarten. Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\WINDOWS\system32\webdriveservice.dll (RootKit.0Access.H) -> Zal worden verwijderd tijdens het herstarten. (einde)
-
hallo, ik heb vandaag het volgende voor: websites openen plots spontaan (geen xx-sites, maar toch hinderlijk, wordt na een tijdje terug afgesloten), verder krijg ik een constant getik te horen in mijn boxen, net alsof er constant iets geopend wordt in de achtergrond en ook wordt er onophoudelijk de vraag gesteld naar een installatiecd van office 2000. Ik heb deze al in de drive gestoken maar het houd niet op. Wie kan mij uit deze netelige situatie helpen? Alvast bedankt! In bijlage een logje van Hijackthis. [ATTACH]18519[/ATTACH] hijackthis.log
