wallymie

ik heb de indruk dat het nu sneller gaat...heb nog niet zo veel "gegoogeld", ga het een dag of twee eens bekijken,en laat het resultaat hier weten. alvast bedankt,

Hello, het is eindelijk gelukt. Ik moest in bitdefender , onder antivirus gebeurtenissen/ Aktief virusbeheer/ onderaan links,de toestemming geven het programma toe te staan onder bewaking. Hier het gevraagde logje, Zoek.exe Version 4.0.0.2 Updated 13-April-2013 Tool run by admin on zo 14/04/2013 at 18:36:42,40. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-796845957-725345543-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{16A89497-BC3A-4F6E-A1EF-20FD858A88B4} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Files \ Folders ====================== "C:\Program Files\DefaultTab" deleted "C:\Documents and Settings\admin\Application Data\eIntaller" deleted "C:\Documents and Settings\admin\Local Settings\Application Data\PackageAware" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-03-21 17:44:03 9130CCE19B5DB3D2E31F9F789263FC4A 511328 ----a-w- C:\WINDOWS\capicom.dll ====== C:\DOCUME~1\admin\LOCALS~1\Temp ==== 2013-04-13 18:42:06 CB0107FDE27B05772F79977D05DEFA6E 93776 ----a-w- C:\DOCUME~1\admin\LOCALS~1\Temp\mlv_ar_qvo6.exe ====== C:\WINDOWS\system32 ===== 2013-04-05 18:30:04 1FBCCC1C540ACC4EB3F718B659ED63CA 693976 ----a-w- C:\WINDOWS\System32\FlashPlayerApp.exe ====== C:\WINDOWS\system32\drivers ===== 2013-04-07 20:22:19 E0087225B137E57239FF40F8AE82059B 54760 ----a-w- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys 2013-03-21 18:01:33 B82A4AE7C1259411421D2389BD1AB058 72704 ----a-w- C:\WINDOWS\System32\drivers\bdvedisk.sys 2013-03-21 17:44:23 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf 2013-03-21 17:44:22 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf 2013-03-21 17:44:03 B6CBFC9D825BB2D955620CD4D8EF07F9 66392 ----a-w- C:\WINDOWS\System32\drivers\bdsandbox.sys 2013-03-21 17:44:03 03F9DBFF185F9CCCA82844216591EA01 116248 ----a-w- C:\WINDOWS\System32\drivers\bdfndisf.sys 2013-03-21 17:43:57 7F9B99B564E7C9FBB6729ED95B5BBB24 242504 ----a-w- C:\WINDOWS\System32\drivers\avchv.sys 2013-03-21 17:43:56 F3D3B0AFFD227AA2BFC80C1A4536BAA0 625128 ----a-w- C:\WINDOWS\System32\drivers\avc3.sys 2013-03-21 17:43:56 C7BE750843A8A39167187FD28634A25E 482928 ----a-w- C:\WINDOWS\System32\drivers\avckf.sys 2013-03-21 17:42:03 479664FA3E1BD3E0B828971A0D500D4E 161312 ----a-w- C:\WINDOWS\System32\drivers\gzflt.sys 2013-03-21 17:42:02 F2AEE22231046CAD8D2F94D2C0F9BEFB 343456 ----a-w- C:\WINDOWS\System32\drivers\trufos.sys 2013-03-21 11:13:49 8B5B8A11306190C6963D3473F052D3C8 27064 ----a-w- C:\WINDOWS\System32\drivers\revoflt.sys 2013-03-21 10:34:11 FF35C2D01AC36B446A1B997F305F0FC2 51144 ----a-w- C:\WINDOWS\System32\drivers\Soluto.sys ====== C:\WINDOWS\Tasks ====== 2013-04-05 20:34:11 !HASH: COULD NOT OPEN FILE !!!!! 1042 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-04-05 20:34:11 !HASH: COULD NOT OPEN FILE !!!!! 1038 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-04-05 18:30:04 !HASH: COULD NOT OPEN FILE !!!!! 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-03-21 17:31:59 -------- d-----w- C:\Program Files\Common Files\SWF Studio 2013-03-21 11:13:48 -------- d-----w- C:\Program Files\VS Revo Group ======= C: ===== ====== C:\Documents and Settings\admin\Application Data ====== 2013-04-05 20:34:32 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome 2013-04-03 20:41:07 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\Mozilla 2013-04-03 20:40:57 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Mozilla 2013-04-03 16:40:20 -------- d-----w- C:\Documents and Settings\LocalService\Application Data\TuneUp Software 2013-03-31 13:42:55 -------- d-----w- C:\Documents and Settings\admin\Application Data\TuneUp Software 2013-03-31 13:41:33 -------- d-sh--w- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-03-31 13:41:33 -------- d--h--w- C:\Documents and Settings\All Users\Application Data\Common Files 2013-03-21 17:45:18 669CA7BB4A5604C91F36E466C4FDE123 425366 ----a-w- C:\Documents and Settings\All Users\Application Data\1363887705.bdinstall.bin 2013-03-21 17:44:23 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programma's\Bitdefender 2013 2013-03-21 17:42:20 -------- d-----w- C:\Documents and Settings\admin\Application Data\QuickScan 2013-03-21 11:13:56 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\VS Revo Group 2013-03-21 11:13:50 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programma's\Revo Uninstaller Pro 2013-03-21 11:13:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\VS Revo Group ====== C:\Documents and Settings\admin ====== 2013-04-14 16:04:11 -------- d--h--r- C:\Documents and Settings\admin\Onlangs geopend 2013-04-11 18:53:16 -------- d-----w- C:\Documents and Settings\admin\.rummi ====== C: exe-files == 2013-04-13 18:42:06 CB0107FDE27B05772F79977D05DEFA6E 93776 ----a-w- C:\Documents and Settings\admin\Local Settings\temp\mlv_ar_qvo6.exe 2013-04-10 20:39:22 AA964645D3A987CA87186A36DFFBF28D 5677408 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.64\26.0.1410.64_26.0.1410.43_chrome_updater.exe 2013-04-10 15:29:18 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2817183-IE8\spuninst\spuninst.exe 2013-04-10 15:29:13 A669C1B40E5D23F5EBE7EF498631B7D1 174080 -c----w- C:\WINDOWS\ie8updates\KB2817183-IE8\ie4uinit.exe 2013-04-07 19:44:59 0A9990EAEBD2C8C3B3BC25BFB4D02BC3 1247056 ----a-w- C:\Documents and Settings\admin\Bureaublad\ant-malware\wlsetup-web.exe === C: other files == 2013-04-07 20:22:19 E0087225B137E57239FF40F8AE82059B 54760 -c--a-w- C:\WINDOWS\system32\DRVSTORE\fssfltr_F64381C38F211E3160A660B196A6A585F80604F9\fssfltr_tdi.sys 2013-04-07 20:22:19 E0087225B137E57239FF40F8AE82059B 54760 ----a-w- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Photo Downloader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="apdproxy" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.2\\Apps\\apdproxy.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtXpStack] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BluetoothSuit" "hkey"="HKLM" "command"="\"C:\\Program Files\\Bluetooth XP Suite\\BluetoothSuit.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beidsccertprop] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="beidsccertprop" "hkey"="HKLM" "command"="C:\\Program Files\\Belgium Identity Card\\BeID Certprop\\beidsccertprop.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IDMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IDMan" "hkey"="HKCU" "command"="C:\\Program Files\\Internet Download Manager\\IDMan.exe /onboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvCpl" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvMcTray" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDCPL" "hkey"="HKLM" "command"="RTHDCPL.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Windows Search.lnk" "backup"="C:\\WINDOWS\\pss\\Windows Search.lnkCommon Startup" "command"="C:\\PROGRA~1\\WI459E~1\\WINDOW~1.EXE /startup" "item"="Windows Search" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ [undertermined Task] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ [undertermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ [undertermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ [undertermined Task] C:\WINDOWS\tasks\User_Feed_Synchronization-{EBF650E6-1266-4E91-9D14-C934EFDC08DA}.job --ah----- [undertermined Task] ==== Chrome Look ====================== Google Docs - admin - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - admin - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - admin - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - admin - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - admin - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Gmail - admin - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia YouTube - Administrator - Default\Extensions\Temp ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-796845957-725345543-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\admin\Bureaublad\Allerlei\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Documents and Settings\admin\Bureaublad\ant-malware\Bitdefender Internet Security 2013.lnk - C:\Program Files\BitDefender\Bitdefender 2013\seccenter.exe C:\Documents and Settings\admin\Bureaublad\ant-malware\Bitdefender Safepay.lnk - C:\Program Files\BitDefender\Bitdefender 2013\obk.exe C:\Documents and Settings\admin\Bureaublad\ant-malware\HiJackThis.lnk - C:\Documents and Settings\admin\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Bureaublad\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\admin\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\admin\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\Documents and Settings\admin\Menu Start\Programma's\HiJackThis\HiJackThis.lnk - C:\Documents and Settings\admin\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Start\Programma's\Adobe Reader XI.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\Documents and Settings\All Users\Menu Start\Programma's\Bitdefender 2013\Bitdefender Internet Security 2013.lnk - C:\Program Files\BitDefender\Bitdefender 2013\seccenter.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bitdefender 2013\Bitdefender Safepay.lnk - C:\Program Files\BitDefender\Bitdefender 2013\obk.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bitdefender 2013\Help.lnk - C:\Program Files\Bitdefender\Bitdefender 2013\support\offlinemanual\html\index.html C:\Documents and Settings\All Users\Menu Start\Programma's\Bitdefender 2013\Herstellen of de-installeren.lnk - C:\Program Files\Common Files\Bitdefender\SetupInformation\{34480DEE-54D6-4985-A817-CA30E9BBC94C}\installer.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bitdefender 2013\Leesmij.lnk - C:\Program Files\BitDefender\Bitdefender 2013\_enhtml\readme.html C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Access 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Excel 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft OneNote 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Outlook 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Publisher 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Word 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Digitaal certificaat voor VBA-projecten.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Mediagalerie.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Office 2010 Upload Center.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Office Picture Manager.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Taalvoorkeuren voor Microsoft Office 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf C:\Documents and Settings\All Users\Menu Start\Programma's\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Revo Uninstaller Pro\Verwijder Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Windows Live\Windows Live Call.lnk - C:\Program Files\Windows Live\Messenger\wlcstart.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Windows Live\Windows Live Family Safety.lnk - C:\WINDOWS\Installer\{CAEB2BE8-EF9E-4BFE-8165-3B54B62AF6CF}\fssicon.ico C:\Documents and Settings\All Users\Menu Start\Programma's\Windows Live\Windows Live Mail.lnk - C:\Program Files\Windows Live\Mail\wlmail.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Windows Live\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Windows Live\Windows Live Photo Gallery.lnk - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Windows Live\Windows Live Writer.lnk - C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe ==== shortcuts in Quick Launch ====================== C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\admin\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted Groetjes

hallo juisterr, heb alles gedaan wat je hebt aangegeven, maar mijn bitdefender heeft dit programma alsnog geblokkeerd! Wat nu ??

Hallo, Hier ben ik weer.Mijn probleem is, dat m'n pagina's zeer langzaam,en soms helemaal niet,opladen. Dat cirkeltje van het opladen blijft maar draaien,zonder reactie! Ik moet dikwijls 3/4 maal herladen alvorens de gewenste pagina opengaat. Oplossing ??? zal gelijk een logje bijvoegen van hjt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:24:40, on 13/04/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341595878375 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- End of file - 6319 bytes

Tot nu toe goed.., zal het nog enkele dagen aankijken ! Laat wel iets weten over het resultaat. Groetjes

hallo, hier het gevraagde logje Zoek.exe Version 4.0.0.2 Updated 02-March-2013 Tool run by admin on ma 04/03/2013 at 12:12:25,34. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== FireFox Fix ====================== ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\admin\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Documents and Settings\admin\Application Data ====== 2013-02-12 22:47:58 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\Sun 2013-02-12 13:51:45 7FCCAE73518FC9603EDBA1123415E56A 867 ----a-w- C:\Documents and Settings\admin\Local Settings\Application Data\recently-used.xbel 2013-02-09 12:12:40 -------- d-----w- C:\Documents and Settings\All Users\Application Data\IDM ====== C:\Documents and Settings\admin ====== 2013-03-03 23:15:50 -------- d--h--r- C:\Documents and Settings\admin\Onlangs geopend ====== C: exe-files == 2013-03-04 11:09:50 ADFE8ECA5EF18BB514968C134FA3348B 92160 ----a-w- C:\Program Files\Common Files\Bitdefender\BitDefender Threat Scanner\Antivirus_12597_603\bdc.exe 2013-03-03 22:55:31 ADFE8ECA5EF18BB514968C134FA3348B 92160 ----a-w- C:\Program Files\Common Files\Bitdefender\BitDefender Threat Scanner\Antivirus_12584_602\bdc.exe 2013-03-02 12:14:34 EFAB459FDD56AE93839FA817BA953A7F 51712 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe 2013-03-02 12:14:34 DE34DC1427F7D3FA4D13D17B51B55673 1207296 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\._msige61\GoogleEarth.exe 2013-03-02 12:14:34 45F88C09E922FD22CE45CCD19B53AE7B 301056 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe 2013-03-02 12:14:34 2B27F157274CB548E16862560D6EBD97 208384 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe 2013-03-02 12:14:34 2B27F157274CB548E16862560D6EBD97 208384 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\._msige61\program files\Google\Google Earth\client\googleearth.exe 2013-03-02 12:14:32 D13879F9A51F6F8C6AC33A5B86694E9F 24449680 ----a-w- C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.0.3.8542.exe 2013-02-27 22:12:41 85DEB24EBA6B288F64AAC0FFC6A17810 26744 ----a-w- C:\Documents and Settings\admin\Application Data\TorrentStream\.data\engine2\download\2.0.8.5\tsengine_stream.exe 2013-02-27 22:12:40 859A5737BCBC7ED29B97BE1C6DF1D64D 26744 ----a-w- C:\Documents and Settings\admin\Application Data\TorrentStream\.data\engine2\download\2.0.8.5\tsengine.exe === C: other files == 2013-03-02 15:00:50 35E9313CF1E703FCEF918046F31097F5 1135609 ----a-w- C:\Documents and Settings\admin\Application Data\TorrentStream\.data\magicplayer_chrome\download\1.1.20\magicplayer.crx ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" "BDAgent"="C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Photo Downloader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="apdproxy" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.2\\Apps\\apdproxy.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtXpStack] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BluetoothSuit" "hkey"="HKLM" "command"="\"C:\\Program Files\\Bluetooth XP Suite\\BluetoothSuit.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beidsccertprop] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="beidsccertprop" "hkey"="HKLM" "command"="C:\\Program Files\\Belgium Identity Card\\BeID Certprop\\beidsccertprop.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IDMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IDMan" "hkey"="HKCU" "command"="C:\\Program Files\\Internet Download Manager\\IDMan.exe /onboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mbamgui" "hkey"="HKLM" "command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDCPL" "hkey"="HKLM" "command"="RTHDCPL.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Windows Search.lnk" "backup"="C:\\WINDOWS\\pss\\Windows Search.lnkCommon Startup" "command"="C:\\PROGRA~1\\WI459E~1\\WINDOW~1.EXE /startup" "item"="Windows Search" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27/02/2013 23:13] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [01/06/2011 17:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04/09/2011 19:39] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04/09/2011 19:39] C:\WINDOWS\tasks\User_Feed_Synchronization-{EBF650E6-1266-4E91-9D14-C934EFDC08DA}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 03:31] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jmolcgpienlcieaajfkkdamlngancncm - C:\Program Files\Internet Download Manager\IDMGCExt.crx[16/11/2012 01:25] ochbjojkpcmlfeagbaahkofepalngihg - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ochbjojkpcmlfeagbaahkofepalngihg - C:\Documents and Settings\admin\Application Data\TorrentStream\extensions\chrome\magicplayer.crx[] Last updated at time on date - admin - Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb IDM Integration - admin - Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm YouTube - Administrator - Default\Extensions\Temp ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {2F3314B2-B101-42FE-A479-85B75BDDBC10} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar tj1.lnk - C:\Documents and Settings\admin\Mijn documenten\Mijn afbeeldingen\TJ\tj1.bmp C:\Documents and Settings\admin\Bureaublad\ant-malware\HiJackThis.lnk - C:\Documents and Settings\admin\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\admin\Menu Start\Programma's\Internet Download Manager\Grabber Help.lnk - C:\Program Files\Internet Download Manager\grabber.chm C:\Documents and Settings\admin\Menu Start\Programma's\Internet Download Manager\IDM Help.lnk - C:\Program Files\Internet Download Manager\idman.chm C:\Documents and Settings\admin\Menu Start\Programma's\Internet Download Manager\Internet Download Manager.lnk - C:\Program Files\Internet Download Manager\IDMan.exe C:\Documents and Settings\admin\Menu Start\Programma's\Internet Download Manager\license.lnk - C:\Program Files\Internet Download Manager\license.txt C:\Documents and Settings\admin\Menu Start\Programma's\Internet Download Manager\TUTORIALS.lnk - C:\Program Files\Internet Download Manager\tutor.chm C:\Documents and Settings\admin\Menu Start\Programma's\Internet Download Manager\Uninstall IDM.lnk - C:\Program Files\Internet Download Manager\Uninstall.exe ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Internet Download Manager\Grabber Help.lnk - C:\Program Files\Internet Download Manager\grabber.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Internet Download Manager\IDM Help.lnk - C:\Program Files\Internet Download Manager\idman.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Internet Download Manager\Internet Download Manager.lnk - C:\Program Files\Internet Download Manager\IDMan.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Internet Download Manager\license.lnk - C:\Program Files\Internet Download Manager\license.txt C:\Documents and Settings\All Users\Menu Start\Programma's\Internet Download Manager\TUTORIALS.lnk - C:\Program Files\Internet Download Manager\tutor.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Internet Download Manager\Uninstall IDM.lnk - C:\Program Files\Internet Download Manager\Uninstall.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Excel 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Office\Microsoft Word 2010.lnk - C:\WINDOWS\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ochbjojkpcmlfeagbaahkofepalngihg deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ochbjojkpcmlfeagbaahkofepalngihg deleted successfully ==== Silent Runners ====================== "Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat! Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} BitDefender Antiphishing Helper = "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" [bitDefender S.R.L.] BDAgent = "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" [bitDefender S.R.L.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub -> {HKLM…CLSID} = Adobe PDF Link Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated] {6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\(Default) = Search Helper -> {HKLM…CLSID} = Search Helper \InProcServer32\(Default) = C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [MS] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM…CLSID} = Windows Live Aanmelden - Help \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO -> {HKLM…CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [MS] {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}\(Default) = (no title provided) -> {HKLM…CLSID} = Windows Live Toolbar Helper \InProcServer32\(Default) = C:\Program Files\Windows Live\Toolbar\wltcore.dll [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ IDM Shell Extension\(Default) = {CDC95B92-E27C-4745-A8C5-64A52A78855D} -> {HKLM…CLSID} = IDM Shell Extension \InProcServer32\(Default) = C:\Program Files\Internet Download Manager\IDMShellExt.dll [Tonec Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal-pictogramuitbreiding -> {HKLM…CLSID} = HyperTerminal Icon Ext \InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.] {00020D75-0000-0000-C000-000000000046} = Microsoft Outlook Desktop Icon Handler -> {HKLM…CLSID} = Microsoft Outlook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Outlook Custom Icon Handler -> {HKLM…CLSID} = Outlook File Icon Extension \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM…CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\msohevi.dll [MS] {00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided) -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim -> {HKLM…CLSID} = Windows Live Photo Gallery Editor Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM…CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM…CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM…CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM…CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM…CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL [MS] {4ADF8C01-0AC7-4403-888C-012E6EA2F67E} = Sims2Pack Clean Installer Shell Extension -> {HKLM…CLSID} = S2PCISE.S2PCISE \InProcServer32\(Default) = mscoree.dll [MS] {97090E2F-3062-4459-855B-014F0D3CDBB1} = Windows Search Deskbar -> {HKCU…CLSID} = Windows Search Bureaubalk \InProcServer32\(Default) = C:\Program Files\Windows Desktop Search\deskbar.dll [MS] -> {HKLM…CLSID} = Windows Search Deskbar \InProcServer32\(Default) = C:\Program Files\Windows Desktop Search\deskbar.dll [MS] {13E7F612-F261-4391-BEA2-39DF4F3FA311} = Windows Desktop Search -> {HKLM…CLSID} = Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Windows Desktop Search\msnlExt.dll [MS] {B9AF185E-1276-4BC7-936B-692E16B1AD4A} = Bluetooth Suite -> {HKLM…CLSID} = Bluetooth Suite \InProcServer32\(Default) = C:\Program Files\Bluetooth XP Suite\BMVFPlugIn.dll [Atheros Commnucations] {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} = FTShellContext extension -> {HKLM…CLSID} = FTShellContext Class \InProcServer32\(Default) = C:\Program Files\Bluetooth XP Suite\ShellContextExt.dll [Atheros Commnucations] {CDC95B92-E27C-4745-A8C5-64A52A78855D} = IDM Shell Extension -> {HKLM…CLSID} = IDM Shell Extension \InProcServer32\(Default) = C:\Program Files\Internet Download Manager\IDMShellExt.dll [Tonec Inc.] {0563DB41-F538-4B37-A92D-4659049B7766} = WLMD Message Handler -> {HKLM…CLSID} = CLSID_WLMCMimeFilter \InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <<!>> {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} = (no title provided) -> {HKLM…CLSID} = SABShellExecuteHook Class \InProcServer32\(Default) = C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [superAdBlocker.com] <<!>> {56F9679E-7826-4C84-81F3-532071A8BCC5} = (no title provided) -> {HKLM…CLSID} = Windows Desktop Search Namespace Manager \InProcServer32\(Default) = C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [MS] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Aedebug\ <<!>> Debugger = Drwtsn32 -p %ld -e %ld [MS] <<!>> Auto = 0 HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = {807573E5-5146-11D5-A672-00B0D022E945} -> {HKLM…CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <<!>> belarc\CLSID = {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -> {HKLM…CLSID} = VoilaXctl Class \InProcServer32\(Default) = C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll [belarc, Inc.] <<!>> livecall\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM…CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL [MS] <<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294} -> {HKLM…CLSID} = HxProtocol Class \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS] <<!>> ms-itss\CLSID = {0A9007C0-4076-11D3-8789-0000F8105754} -> {HKLM…CLSID} = Microsoft Infotech Storage Protocol for IE 4.0 \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [MS] <<!>> msnim\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM…CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL [MS] <<!>> mso-offdap11\CLSID = {32505114-5902-49B2-880A-1F7738E5A384} -> {HKLM…CLSID} = Data Page Plugable Protocal mso-offdap11 Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL [MS] <<!>> wlmailhtml\CLSID = {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -> {HKLM…CLSID} = Windows Live Mail HTML Asynchronous Pluggable Protocol Handler \InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ {CA8ACAFA-5FBB-467B-B348-90DD488DE003}\(Default) = SUPERAntiSpyware Context Menu -> {HKLM…CLSID} = SASContextMenu Class \InProcServer32\(Default) = C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL [sUPERAntiSpyware.com] {D653647D-D607-4df6-A5B8-48D2BA195F7B}\(Default) = (no title provided) -> {HKLM…CLSID} = BDMenu Class \InProcServer32\(Default) = C:\Program Files\BitDefender\BitDefender 2011\bdshellext.dll [bitDefender S.R.L.] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ FTShellContext\(Default) = {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} -> {HKLM…CLSID} = FTShellContext Class \InProcServer32\(Default) = C:\Program Files\Bluetooth XP Suite\ShellContextExt.dll [Atheros Commnucations] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM…CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [file not found] {C95FFEAE-A32E-4122-A5C4-49B5BFB69795}\(Default) = {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} -> {HKLM…CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ {CA8ACAFA-5FBB-467B-B348-90DD488DE003}\(Default) = SUPERAntiSpyware Context Menu -> {HKLM…CLSID} = SASContextMenu Class \InProcServer32\(Default) = C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL [sUPERAntiSpyware.com] {D653647D-D607-4df6-A5B8-48D2BA195F7B}\(Default) = (no title provided) -> {HKLM…CLSID} = BDMenu Class \InProcServer32\(Default) = C:\Program Files\BitDefender\BitDefender 2011\bdshellext.dll [bitDefender S.R.L.] HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\ Ath_CopyHookX\(Default) = {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} -> {HKLM…CLSID} = Ath_CopyHookX \InProcServer32\(Default) = C:\Program Files\Bluetooth XP Suite\AthCopyHookX.dll [Atheros Commnucations] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ 00nView\(Default) = {1E9B04FB-F9E5-4718-997B-B8DA88302A48} -> {HKLM…CLSID} = nView Desktop Context Menu \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\nView\nvshell.dll [NVIDIA Corporation] NvCplDesktopContext\(Default) = {A70C977A-BF00-412C-90B7-034C51DA2439} -> {HKLM…CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation] {C95FFEAE-A32E-4122-A5C4-49B5BFB69795}\(Default) = {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} -> {HKLM…CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM…CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM…CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [file not found] {D653647D-D607-4df6-A5B8-48D2BA195F7B}\(Default) = (no title provided) -> {HKLM…CLSID} = BDMenu Class \InProcServer32\(Default) = C:\Program Files\BitDefender\BitDefender 2011\bdshellext.dll [bitDefender S.R.L.] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ disableregistrytools = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to registry editing tools} HKCU\Software\Policies\Microsoft\Windows\System\ disablecmd = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Disable the command prompt} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ DisableRegistryTools = (REG_DWORD) dword:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be enabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ Wallpaper = C:\WINDOWS\system32\config\systemprofile\Mijn documenten\Mijn afbeeldingen\TJ\tj1.bmp Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Documents and Settings\admin\Mijn documenten\Mijn afbeeldingen\TJ\tj1.bmp Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\WINDOWS\system32\ssmypics.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ ImgBurnBDBurningOnArrival_BuildImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleBDBurningOnArrival_BuildImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleBDBurningOnArrival_BuildImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1" [LIGHTNING UK!] ImgBurnBDBurningOnArrival_BurnImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleBDBurningOnArrival_BurnImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleBDBurningOnArrival_BurnImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1" [LIGHTNING UK!] ImgBurnCDBurningOnArrival_BuildImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleCDBurningOnArrival_BuildImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleCDBurningOnArrival_BuildImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1" [LIGHTNING UK!] ImgBurnCDBurningOnArrival_BurnImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleCDBurningOnArrival_BurnImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleCDBurningOnArrival_BurnImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1" [LIGHTNING UK!] ImgBurnDVDBurningOnArrival_BuildImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleDVDBurningOnArrival_BuildImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleDVDBurningOnArrival_BuildImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1" [LIGHTNING UK!] ImgBurnDVDBurningOnArrival_BurnImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleDVDBurningOnArrival_BurnImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleDVDBurningOnArrival_BurnImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1" [LIGHTNING UK!] ImgBurnHDDVDBurningOnArrival_BuildImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleHDDVDBurningOnArrival_BuildImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleHDDVDBurningOnArrival_BuildImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1" [LIGHTNING UK!] ImgBurnHDDVDBurningOnArrival_BurnImage\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = HandleHDDVDBurningOnArrival_BurnImage HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleHDDVDBurningOnArrival_BurnImage\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1" [LIGHTNING UK!] ImgBurnPlayBluRayOnArrival_ReadDisc\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = PlayBluRayOnArrival_ReadDisc HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayBluRayOnArrival_ReadDisc\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1" [LIGHTNING UK!] ImgBurnPlayCDAudioOnArrival_ReadDisc\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = PlayCDAudioOnArrival_ReadDisc HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayCDAudioOnArrival_ReadDisc\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1" [LIGHTNING UK!] ImgBurnPlayDVDMovieOnArrival_ReadDisc\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = PlayDVDMovieOnArrival_ReadDisc HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayDVDMovieOnArrival_ReadDisc\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1" [LIGHTNING UK!] ImgBurnPlayHDDVDOnArrival_ReadDisc\ Provider = ImgBurn InvokeProgID = ImgBurn.AutoPlay.1 InvokeVerb = PlayHDDVDOnArrival_ReadDisc HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayHDDVDOnArrival_ReadDisc\command\(Default) = "C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1" [LIGHTNING UK!] MSLivePhotoAcqHWEventHandler\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 ProgID = Microsoft.LivePhotoAcqHWEventHandler HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqHWEventHandler\CLSID\(Default) = {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F} -> {HKLM…CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [MS] MSLivePhotoAcquireDropHandler\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.LivePhotoAcqDTShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625} -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] MSLiveVideoCameraArrivalCaptureWizard\ Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10 ProgID = WLXAutoPlayMgr.WLXHWEventHandler InitCmdLine = WLXVideoAcquireWizard HKLM\SOFTWARE\Classes\WLXAutoPlayMgr.WLXHWEventHandler\CLSID\(Default) = {9B5C97F6-B3A5-4A6D-8B03-993EC7291A22} -> {HKLM…CLSID} = WLXWEventHandler Class \LocalServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe" [MS] MSWPDShellNamespaceHandler\ Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = -> {HKLM…CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS] PSASE30ImportPicturesOnArrival\ Provider = Adobe Photoshop Album Starter Edition InvokeProgID = PSASE30.autoplay InvokeVerb = launch HKLM\SOFTWARE\Classes\PSASE30.autoplay\shell\launch\command\(Default) = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\psaproxy.exe" -v %1\ [Adobe Systems Incorporated] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN] VLCPlayDVDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN] VLCPlayMusicFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlaySVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.SVCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.VCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVideoFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] Enabled Scheduled Tasks: {++} ------------------------ Adobe Flash Player Updater -> launches: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] AppleSoftwareUpdate -> launches: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.] GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] User_Feed_Synchronization-{EBF650E6-1266-4E91-9D14-C934EFDC08DA} -> launches: C:\WINDOWS\system32\msfeedssync.exe sync [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\System32\nwprovau.dll [MS] 000000000002\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000003\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000004\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 08, 11 - 22 %SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} -> {HKLM…CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] {21FA44EF-376D-4D53-9B0F-8A89D3229068} -> {HKLM…CLSID} = &Windows Live Toolbar \InProcServer32\(Default) = C:\Program Files\Windows Live\Toolbar\wltcore.dll [MS] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided) -> {HKLM…CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] {21FA44EF-376D-4D53-9B0F-8A89D3229068} = (no title provided) -> {HKLM…CLSID} = &Windows Live Toolbar \InProcServer32\(Default) = C:\Program Files\Windows Live\Toolbar\wltcore.dll [MS] {381FFDE8-2394-4F90-B10D-FC6124A40F8C} = IEToolbar -> {HKLM…CLSID} = BitDefender Toolbar \InProcServer32\(Default) = C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll [bitDefender S.R.L.] Explorer Bars HKLM\SOFTWARE\Classes\CLSID\{32004B8A-44A9-43E7-84E9-808838809519}\(Default) = Google Side Bar Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\ ButtonText = In weblog opnemen MenuText = &In weblog opnemen met Windows Live Writer CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC} -> {HKLM…CLSID} = BlogThisToolbarButton Class \InProcServer32\(Default) = C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [MS] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Verzenden naar OneNote MenuText = &Verzenden naar OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM…CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = &Gekoppelde notities van OneNote MenuText = &Gekoppelde notities van OneNote CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM…CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [MS] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ ButtonText = Onderzoek BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503} {E2E2DD38-D088-4134-82B7-F2BA38496583}\ MenuText = @xpsp3res.dll,-20001 Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS] {FB5F1910-F110-11D2-BB9E-00C04F795683}\ ButtonText = Messenger MenuText = Windows Messenger Exec = C:\Program Files\Messenger\msmsgs.exe [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ BitDefender Desktop Update Service, UPDATESRV, "C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe" /service [bitDefender S.R.L.] BitDefender Virus Shield, VSSERV, C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe /service [bitDefender S.R.L.] Windows Search, WSearch, C:\WINDOWS\system32\SearchIndexer.exe /Embedding [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <<!>> !SASCORE, HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <<!>> !SASCORE, Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ HP Standard TCP/IP Port\Driver = HpTcpMon.dll [Hewlett Packard] hpzsnt12\Driver = hpzsnt12.dll [HP] Microsoft Document Imaging Writer Monitor\Driver = mdimon.dll [MS] ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\admin\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

hallo, mijn bovenvermeld probleem is nog niet 100% opgelost! Het is al iets beter, maar na een tijdje terug hetzelfde. Ik moet de pagina enkele keren terug opladen,alvorens deze opengaat.Zou dat kunnen dat adBlock de oorzaak zou kunnen zijn? Ik zal nog eens een hjt logje maken en bijvoegen, dan kan er eens gekeken worden of er een probleempje is toegevoegd aan m'n pc. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:09:27, on 3/03/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Documents and Settings\admin\Application Data\TorrentStream\updater\tsupdate.exe C:\Program Files\BitDefender\BitDefender 2011\downloader.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O8 - Extra context menu item: Download alle links met IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download met IDM - C:\Program Files\Internet Download Manager\IEExt.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341595878375 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6732 bytes

Hallo cape, Heb alles verwijderd.Zal het gedurende een dag of twee eens bekijken of alles nog 100% werkt, en laat dan zeker nog iets weten dat m'n probleem is opgelost of niet. groetjes wallymie

hallo cape, Ik heb na het uitvoeren van AdwClaener, mijn instlellingen van google terug moeten aanpassen.Is dat normaal? Het werkt sneller nu, heb ik de indruk. Afwachten maar zeker? (ik laat zeker nog iets weten) groetjes wallymie

Hallo, hierbij gevraagde logbestand # AdwCleaner v2.113 - Verslag gemaakt op 25/02/2013 om 19:54:46 # Geactualiseerd op 23/02/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : admin - USER-1AE098DA85 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** ***** [Register] ***** ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v25.0.1364.97 File : C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [1241 octets] - [17/02/2013 19:53:50] AdwCleaner[s4].txt - [1057 octets] - [25/02/2013 19:54:46] ########## EOF - C:\AdwCleaner[s4].txt - [1117 octets] ##########

Hallo, Ik krijg geen reactie meer op deze discussie,... Is deze laatste logfile "zuiver", of moeten er nog verdere stappen ondernomen worden? Het probleem is nog altijd niet opgelost!!

Hallo kape, Hier het laaste log rapport van ComboFix. ComboFix 13-02-20.01 - admin 21/02/2013 12:08:11.10.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2038.1362 [GMT 1:00] Gestart vanuit: c:\documents and settings\admin\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\admin\Bureaublad\CFScript.txt AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB} FW: BitDefender Firewall *Enabled* {4055920F-2E99-48A8-A270-4243D2B8F242} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_0 -------\Service_1 -------\Service_10 -------\Service_5 . . (((((((((((((((((((( Bestanden Gemaakt van 2013-01-21 to 2013-02-21 )))))))))))))))))))))))))))))) . . 2013-02-20 22:54 . 2013-02-21 11:04 -------- d--h--r- c:\documents and settings\admin\Onlangs geopend 2013-02-12 22:47 . 2013-02-12 22:47 -------- d-----w- c:\documents and settings\admin\Local Settings\Application Data\Sun 2013-02-09 12:12 . 2013-02-09 12:12 -------- d-----w- c:\documents and settings\All Users\Application Data\IDM 2013-02-01 11:36 . 2013-02-01 11:36 859552 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-02-01 11:36 . 2013-02-01 11:36 780192 ----a-w- c:\windows\system32\deployJava1.dll 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- c:\windows\system32\siscardplugins 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- c:\windows\system32\beidpp 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- c:\program files\Belgium Identity Card 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- C:\drivers 2013-01-28 11:40 . 2013-01-28 11:43 -------- d-----w- c:\documents and settings\admin\SecurityScans 2013-01-28 11:39 . 2013-01-28 11:39 -------- d-----w- c:\program files\Microsoft Baseline Security Analyzer 2 2013-01-23 18:57 . 2013-02-04 14:52 -------- d-----w- c:\documents and settings\admin\Application Data\vlc 2013-01-23 18:57 . 2013-01-23 18:57 -------- d-----w- c:\program files\VideoLAN . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-13 22:49 . 2012-06-20 14:00 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-02-13 22:49 . 2012-02-17 16:37 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-26 03:55 . 2006-03-02 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll 2013-01-07 07:27 . 2006-03-02 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 07:26 . 2004-08-04 00:58 2032128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-04 10:10 . 2006-03-02 12:00 1867392 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49 . 2006-03-02 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax 2013-01-02 06:49 . 2006-03-02 12:00 1296384 ------w- c:\windows\system32\quartz.dll 2012-12-26 20:21 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2012-12-26 20:20 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-12-26 20:20 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-12-24 06:42 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2012-12-16 12:23 . 2006-03-02 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-11-15 23:07 21904 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2012-11-21 71216] "BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2012-11-21 1449368] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-03-09 10:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtXpStack] 2011-03-02 09:38 2186400 ------w- c:\program files\Bluetooth XP Suite\BluetoothSuit.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beidsccertprop] 2012-02-21 13:44 31768 ----a-w- c:\program files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-05-10 00:41 49208 ------w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] 2013-01-29 12:00 3565432 ----a-w- c:\program files\Internet Download Manager\IDMan.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2012-09-29 18:54 766536 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2009-04-27 17:08 17881088 ------w- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2012-11-01 19:45 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WPFFontCache_v0400"=3 (0x3) "WMPNetworkSvc"=2 (0x2) "Updatesrv"=2 (0x2) "SeaPort"=2 (0x2) "nvsvc"=2 (0x2) "MDM"=2 (0x2) "idsvc"=3 (0x3) "FLEXnet Licensing Service"=3 (0x3) "MBAMService"=2 (0x2) "BBUpdate"=2 (0x2) "BBSvc"=2 (0x2) "!SASCORE"=2 (0x2) "HssTrayService"=3 (0x3) "Pml Driver HPZ12"=2 (0x2) "AdobeFlashPlayerUpdateSvc"=3 (0x3) "fsssvc"=3 (0x3) "ose"=3 (0x3) "MBAMScheduler"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\SopCast\\SopCast.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Documents and Settings\\admin\\Application Data\\TorrentStream\\engine\\tsengine.exe"= "c:\\Program Files\\ExpressFiles\\expressdl.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1042:TCP"= 1042:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R1 bdrawpr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [21/11/2012 23:08 12960] R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [1/08/2011 15:28 112480] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 17:27 12880] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12/07/2011 22:55 67664] R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [11/10/2010 18:34 43936] R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [22/04/2010 12:19 149520] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\Bitdefender\BitDefender Firewall\bdfndisf.sys [20/08/2010 14:41 111696] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [28/11/2009 14:13 159400] S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [2/03/2006 13:00 14336] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [28/11/2009 14:11 1684736] S3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\system32\drivers\AthDfu.sys [10/07/2012 10:56 42016] S3 Atheros_btAudio;Bluetooth Virtual SCO Driver;c:\windows\system32\drivers\btathsco.sys [10/07/2012 10:56 29856] S3 btatha2dp;Bluetooth A2DP Audio Device Driver;c:\windows\system32\drivers\btatha2dp.sys [10/07/2012 10:56 74912] S3 btathPan;Bluetooth PAN Miniport Device;c:\windows\system32\drivers\btathpan.sys [10/07/2012 10:56 36384] S3 BTATHPROT;General Bluetooth Filter;c:\windows\system32\drivers\btathprot.sys [10/07/2012 10:56 663072] S3 btathrcp;Bluetooth AVRCP Target Device;c:\windows\system32\drivers\btathrcp.sys [10/07/2012 10:56 13344] S3 btathspp;Bluetooth Serial Port Device;c:\windows\system32\drivers\btathspp.sys [10/07/2012 10:56 85152] S3 BTATHUSB;General Bluetooth Device;c:\windows\system32\drivers\btathusb.sys [10/07/2012 10:56 79008] S3 btfilter;General Bluetooth Filter ss;c:\windows\system32\drivers\btfilter.sys [10/07/2012 10:56 242976] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [27/12/2012 14:00 22856] S3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\BitDefender Arrakis Server\bin\arrakis3.exe [11/10/2010 18:26 307544] S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11/07/2012 19:54 116608] S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [28/06/2010 11:55 633424] S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [28/06/2010 11:55 970320] S4 BBSvc;Bing Bar Update Service;"c:\program files\Microsoft\BingBar\BBSvc.EXE" --> c:\program files\Microsoft\BingBar\BBSvc.EXE [?] S4 BBUpdate;BBUpdate;"c:\program files\Microsoft\BingBar\SeaPort.EXE" --> c:\program files\Microsoft\BingBar\SeaPort.EXE [?] S4 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [27/12/2012 14:00 399432] S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [27/12/2012 14:00 676936] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-01-31 18:09 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-02-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 22:49] . 2013-02-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2013-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-09-04 18:39] . 2013-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-09-04 18:39] . 2013-02-21 c:\windows\Tasks\User_Feed_Synchronization-{EBF650E6-1266-4E91-9D14-C934EFDC08DA}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ IE: Download alle links met IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download met IDM - c:\program files\Internet Download Manager\IEExt.htm TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-02-21 12:16 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Bdselfpr] "ImagePath"="bdselfpr" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-796845957-725345543-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{33533a72-b9c7-4320-a383-7ddfd580b86d}] @Denied: (Full) (Everyone) "Model"=dword:00000027 "Therad"=dword:00000010 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):f7,18,c8,93,d8,57,4f,d6,83,33,89,89,0a,62,7f,ad,b3,b5,16,c8,ab, 6a,3f,0e,d0,ca,7d,2b,2a,8f,82,ae,7b,7c,61,52,fa,0f,41,0e,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1652) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . - - - - - - - > 'explorer.exe'(3100) c:\program files\BitDefender\BitDefender 2011\pchook32.dll c:\windows\system32\msls31.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Bluetooth XP Suite\AthCopyHookX.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\BitDefender\BitDefender 2011\vsserv.exe c:\windows\System32\SCardSvr.exe c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe c:\program files\BitDefender\BitDefender 2011\pchooklaunch32.exe . ************************************************************************** . Voltooingstijd: 2013-02-21 12:20:45 - machine werd herstart ComboFix-quarantined-files.txt 2013-02-21 11:20 ComboFix2.txt 2013-02-20 21:03 ComboFix3.txt 2013-02-17 19:18 ComboFix4.txt 2013-02-12 22:02 . Pre-Run: 464.896.344.064 bytes beschikbaar Post-Run: 464.886.251.520 bytes beschikbaar . - - End Of File - - 38E632797B2BB695287B2F332D2223D6

Hallo, hier het gevraagde ComboFix logjeComboFix 13-02-20.01 - admin 20/02/2013 21:53:16.9.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2038.1076 [GMT 1:00] Gestart vanuit: c:\documents and settings\admin\Bureaublad\ComboFix.exe AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB} FW: BitDefender Firewall *Enabled* {4055920F-2E99-48A8-A270-4243D2B8F242} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . Besmet exemplaar van c:\windows\system32\Services.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_0 -------\Service_1 -------\Service_10 -------\Service_5 . . (((((((((((((((((((( Bestanden Gemaakt van 2013-01-20 to 2013-02-20 )))))))))))))))))))))))))))))) . . 2013-02-20 19:43 . 2013-02-20 19:43 -------- d--h--r- c:\documents and settings\admin\Onlangs geopend 2013-02-12 22:47 . 2013-02-12 22:47 -------- d-----w- c:\documents and settings\admin\Local Settings\Application Data\Sun 2013-02-09 12:12 . 2013-02-09 12:12 -------- d-----w- c:\documents and settings\All Users\Application Data\IDM 2013-02-01 11:36 . 2013-02-01 11:36 859552 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-02-01 11:36 . 2013-02-01 11:36 780192 ----a-w- c:\windows\system32\deployJava1.dll 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- c:\windows\system32\siscardplugins 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- c:\windows\system32\beidpp 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- c:\program files\Belgium Identity Card 2013-02-01 11:25 . 2013-02-01 11:25 -------- d-----w- C:\drivers 2013-01-28 11:40 . 2013-01-28 11:43 -------- d-----w- c:\documents and settings\admin\SecurityScans 2013-01-28 11:39 . 2013-01-28 11:39 -------- d-----w- c:\program files\Microsoft Baseline Security Analyzer 2 2013-01-23 18:57 . 2013-02-04 14:52 -------- d-----w- c:\documents and settings\admin\Application Data\vlc 2013-01-23 18:57 . 2013-01-23 18:57 -------- d-----w- c:\program files\VideoLAN . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-13 22:49 . 2012-06-20 14:00 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-02-13 22:49 . 2012-02-17 16:37 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-26 03:55 . 2006-03-02 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll 2013-01-07 07:27 . 2006-03-02 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 07:26 . 2004-08-04 00:58 2032128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-04 10:10 . 2006-03-02 12:00 1867392 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49 . 2006-03-02 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax 2013-01-02 06:49 . 2006-03-02 12:00 1296384 ------w- c:\windows\system32\quartz.dll 2012-12-26 20:21 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2012-12-26 20:20 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-12-26 20:20 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-12-24 06:42 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2012-12-16 12:23 . 2006-03-02 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-11-15 23:07 21904 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2012-11-21 71216] "BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2012-11-21 1449368] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-03-09 10:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtXpStack] 2011-03-02 09:38 2186400 ------w- c:\program files\Bluetooth XP Suite\BluetoothSuit.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beidsccertprop] 2012-02-21 13:44 31768 ----a-w- c:\program files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-05-10 00:41 49208 ------w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] 2013-01-29 12:00 3565432 ----a-w- c:\program files\Internet Download Manager\IDMan.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2012-09-29 18:54 766536 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2009-04-27 17:08 17881088 ------w- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2012-11-01 19:45 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WPFFontCache_v0400"=3 (0x3) "WMPNetworkSvc"=2 (0x2) "Updatesrv"=2 (0x2) "SeaPort"=2 (0x2) "nvsvc"=2 (0x2) "MDM"=2 (0x2) "idsvc"=3 (0x3) "FLEXnet Licensing Service"=3 (0x3) "MBAMService"=2 (0x2) "BBUpdate"=2 (0x2) "BBSvc"=2 (0x2) "!SASCORE"=2 (0x2) "HssTrayService"=3 (0x3) "Pml Driver HPZ12"=2 (0x2) "AdobeFlashPlayerUpdateSvc"=3 (0x3) "fsssvc"=3 (0x3) "ose"=3 (0x3) "MBAMScheduler"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\SopCast\\SopCast.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Documents and Settings\\admin\\Application Data\\TorrentStream\\engine\\tsengine.exe"= "c:\\Program Files\\ExpressFiles\\expressdl.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1042:TCP"= 1042:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R1 bdrawpr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [21/11/2012 23:08 12960] R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [1/08/2011 15:28 112480] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 17:27 12880] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12/07/2011 22:55 67664] R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [11/10/2010 18:34 43936] R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [22/04/2010 12:19 149520] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\Bitdefender\BitDefender Firewall\bdfndisf.sys [20/08/2010 14:41 111696] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [28/11/2009 14:13 159400] S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [2/03/2006 13:00 14336] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [28/11/2009 14:11 1684736] S3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\system32\drivers\AthDfu.sys [10/07/2012 10:56 42016] S3 Atheros_btAudio;Bluetooth Virtual SCO Driver;c:\windows\system32\drivers\btathsco.sys [10/07/2012 10:56 29856] S3 btatha2dp;Bluetooth A2DP Audio Device Driver;c:\windows\system32\drivers\btatha2dp.sys [10/07/2012 10:56 74912] S3 btathPan;Bluetooth PAN Miniport Device;c:\windows\system32\drivers\btathpan.sys [10/07/2012 10:56 36384] S3 BTATHPROT;General Bluetooth Filter;c:\windows\system32\drivers\btathprot.sys [10/07/2012 10:56 663072] S3 btathrcp;Bluetooth AVRCP Target Device;c:\windows\system32\drivers\btathrcp.sys [10/07/2012 10:56 13344] S3 btathspp;Bluetooth Serial Port Device;c:\windows\system32\drivers\btathspp.sys [10/07/2012 10:56 85152] S3 BTATHUSB;General Bluetooth Device;c:\windows\system32\drivers\btathusb.sys [10/07/2012 10:56 79008] S3 btfilter;General Bluetooth Filter ss;c:\windows\system32\drivers\btfilter.sys [10/07/2012 10:56 242976] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [27/12/2012 14:00 22856] S3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\BitDefender Arrakis Server\bin\arrakis3.exe [11/10/2010 18:26 307544] S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11/07/2012 19:54 116608] S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [28/06/2010 11:55 633424] S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [28/06/2010 11:55 970320] S4 BBSvc;Bing Bar Update Service;"c:\program files\Microsoft\BingBar\BBSvc.EXE" --> c:\program files\Microsoft\BingBar\BBSvc.EXE [?] S4 BBUpdate;BBUpdate;"c:\program files\Microsoft\BingBar\SeaPort.EXE" --> c:\program files\Microsoft\BingBar\SeaPort.EXE [?] S4 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [27/12/2012 14:00 399432] S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [27/12/2012 14:00 676936] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-01-31 18:09 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-02-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 22:49] . 2013-02-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2013-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-09-04 18:39] . 2013-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-09-04 18:39] . 2013-02-20 c:\windows\Tasks\User_Feed_Synchronization-{EBF650E6-1266-4E91-9D14-C934EFDC08DA}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ IE: Download alle links met IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download met IDM - c:\program files\Internet Download Manager\IEExt.htm TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-02-20 22:00 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Bdselfpr] "ImagePath"="bdselfpr" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-796845957-725345543-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{33533a72-b9c7-4320-a383-7ddfd580b86d}] @Denied: (Full) (Everyone) "Model"=dword:00000027 "Therad"=dword:00000010 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):f7,18,c8,93,d8,57,4f,d6,83,33,89,89,0a,62,7f,ad,b3,b5,16,c8,ab, 6a,3f,0e,d0,ca,7d,2b,2a,8f,82,ae,7b,7c,61,52,fa,0f,41,0e,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1652) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . - - - - - - - > 'explorer.exe'(3324) c:\windows\system32\webcheck.dll c:\windows\system32\mobsync.dll c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL c:\program files\BitDefender\BitDefender 2011\pchook32.dll c:\windows\system32\msls31.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Bluetooth XP Suite\AthCopyHookX.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\BitDefender\BitDefender 2011\vsserv.exe c:\windows\System32\SCardSvr.exe c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler.exe c:\windows\system32\inetsrv\inetinfo.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe c:\program files\BitDefender\BitDefender 2011\pchooklaunch32.exe . ************************************************************************** . Voltooingstijd: 2013-02-20 22:03:38 - machine werd herstart ComboFix-quarantined-files.txt 2013-02-20 21:03 ComboFix2.txt 2013-02-17 19:18 ComboFix3.txt 2013-02-12 22:02 . Pre-Run: 464.948.649.984 bytes beschikbaar Post-Run: 464.939.925.504 bytes beschikbaar . - - End Of File - - AA0B6FFA78B66E5CB031BDA620A20BF9

Hallo, Sinds enkele dagen heb ik een zeer traag internet.Soms kan dit zeer lang duren,voor dat de gevraagde pagina opengaat. Wat moet ik doen? Ik zal gelijk een hjt logje meesturLogfile of Trend Micro HijackThis v2.0.4Scan saved at 16:00:13, on 20/02/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O8 - Extra context menu item: Download alle links met IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download met IDM - C:\Program Files\Internet Download Manager\IEExt.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341595878375 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6569 bytes en

Hallo Maxstar, Hier de gevraagde links: - sport.be.msn.com - Voetbalkrant.com - de grootste Belgische site over voetbal Ik heb malwarebytes en ComboFix laten draaien, en nu is het probleem opgelost, denk ik. Groetjes Walter

Hallo, Ik kan niet meer op de site van Jupiler Pro League. Krijg melding "Could not connect to DB" Ook op de voetbalkrant = ongeveer hetzelfde krijg ik deze melding. Wat is er mis ?(Log bijgevoegd)Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:12:01, on 13/02/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O8 - Extra context menu item: Download alle links met IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download met IDM - C:\Program Files\Internet Download Manager\IEExt.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341595878375 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6470 bytes Groetjes, Walter

Hallo kweezie wabbit, Heb alles uitgevoerd wat is aanbevolen.Hopelijk is m'n pc terug "gezond"! groetjes. ps.Bijgevoegd:gevraagde logfiles. Logfile of Trend Micro HijackThis v2.0.4Scan saved at 16:23:56, on 27/12/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\BitDefender\BitDefender 2011\downloader.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O8 - Extra context menu item: Download alle links met IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download met IDM - C:\Program Files\Internet Download Manager\IEExt.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341595878375 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6459 bytes Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.12.27.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 admin :: USER-1AE098DA85 [administrator] 27/12/2012 16:25:08 mbam-log-2012-12-27 (16-25-08).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 223890 Verstreken tijd: 4 minuut/minuten, 4 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Hallo, De laatste dagen heb ik last van traag internet.Het openen van gevraagde webpagina's kan dikwijls even duren (niet altijd) hier bijgevoegd een logje. Kan je dat eens nakijken? Bedankt op voorhand, en de beste einde jaarswensen. Logfile of Trend Micro HijackThis v2.0.4Scan saved at 23:19:25, on 26/12/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Documents and Settings\admin\Application Data\TorrentStream\updater\tsupdate.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN ! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O8 - Extra context menu item: Download alle links met IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download met IDM - C:\Program Files\Internet Download Manager\IEExt.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341595878375 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6366 bytes

hallo, Die rotfout melding is nog niet van m'n PC Ik heb al windows repair v1.7.4 gedraaid, ... zonder succes. Wat is het volgende ?????

Hallo Kape, ik heb onder pchooklaunch 2 verschillende mappen gevonden. een onder bitdefenderop C:\Program Files (= ok ) en een "pchooklaunch .exe - 29E2874F.pf bestand " , als ik dit wil openen, opent het CCleaner programma... en heb ik dit laatste bestand verwijderd van m'n PC (was dit misschien de toepassingsfout ???) groetjes

Hallo, Hier ben ik weer.De foutmelding is nog niet opgelost." Pchooklaunch 32.exe-Toepassingsfout De uitzodering onbekende uitzondering in software (0xc0000417) is opgetreden op locatie 0x78557256 " Nu is het zo, dat deze toepassingsfout zich meld nadat de pc exact 1u. is opgestart. Na het klikken op OK , krijg ik geen meldingen meer (heeft ook geen enkele zichtbare invloed op m'n PC.) Deze pchooklaunch, is dat niet iets van Bitdefender ? Groetjes en "HELP" !!!

Halo kape, Hier het gevraagde logbestand.... en nu maar hopen dat het opgelost is!! Ik laat zeker nog iets weEmsisoft Emergency Kit - Versie 2.0 Laatste Update: 16/06/2012 18:26:04 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\ Scan archieven: Aan ADS Scan: Aan Scan gestart: 16/06/2012 18:26:34 Key: hkey_local_machine\system\currentcontrolset\services\nwsapagent Ontdekt: Trace.Registry.agent!E1 c:\windows\system32\tvuax\libexpatw.dll Ontdekt: Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\libeay32.dll Ontdekt: Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\libcurl.dll Ontdekt: Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\ssleay32.dll Ontdekt: Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\zlib1.dll Ontdekt: Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\nptvuax.dll Ontdekt: Trace.File.dl.tvunetworks.com!E1 Value: hkey_classes_root\appid\tvuax.dll --> appid Ontdekt: Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_classes_root\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0} --> appid Ontdekt: Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_classes_root\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0}\inprocserver32 --> threadingmodel Ontdekt: Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\classes\appid\tvuax.dll --> appid Ontdekt: Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\classes\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0} --> appid Ontdekt: Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\classes\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0}\inprocserver32 --> threadingmodel Ontdekt: Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\tvuplayer --> nsis:language Ontdekt: Trace.Registry.dl.tvunetworks.com!E1 Gescand 520747 Gevonden 14 Scan geëindigd: 16/06/2012 18:51:58 Scantijd: 0:25:24 Value: hkey_classes_root\appid\tvuax.dll --> appid Verwijderd Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_classes_root\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0} --> appid Verwijderd Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_classes_root\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0}\inprocserver32 --> threadingmodel Verwijderd Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\classes\appid\tvuax.dll --> appid Verwijderd Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\classes\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0} --> appid Verwijderd Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\classes\clsid\{3ea4fa88-e0be-419a-a732-9b79b87a6ed0}\inprocserver32 --> threadingmodel Verwijderd Trace.Registry.dl.tvunetworks.com!E1 Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\tvuplayer --> nsis:language Verwijderd Trace.Registry.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\libexpatw.dll Verwijderd Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\libeay32.dll Verwijderd Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\libcurl.dll Verwijderd Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\ssleay32.dll Verwijderd Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\zlib1.dll Verwijderd Trace.File.dl.tvunetworks.com!E1 c:\windows\system32\tvuax\nptvuax.dll Verwijderd Trace.File.dl.tvunetworks.com!E1 Key: hkey_local_machine\system\currentcontrolset\services\nwsapagent Verwijderd Trace.Registry.agent!E1 Verwijderd 14 ten .

Hallo, m'n probleem was dat ik het tekstbestand niet kon terugvinden op mijn pc. Hier dus het logbestand21:08:40.0531 2528 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31 21:08:42.0531 2528 ============================================================ 21:08:42.0531 2528 Current date / time: 2012/06/15 21:08:42.0531 21:08:42.0531 2528 SystemInfo: 21:08:42.0531 2528 21:08:42.0531 2528 OS Version: 5.1.2600 ServicePack: 3.0 21:08:42.0531 2528 Product type: Workstation 21:08:42.0531 2528 ComputerName: USER-1AE098DA85 21:08:42.0531 2528 UserName: admin 21:08:42.0531 2528 Windows directory: C:\WINDOWS 21:08:42.0531 2528 System windows directory: C:\WINDOWS 21:08:42.0531 2528 Processor architecture: Intel x86 21:08:42.0531 2528 Number of processors: 4 21:08:42.0531 2528 Page size: 0x1000 21:08:42.0531 2528 Boot type: Normal boot 21:08:42.0531 2528 ============================================================ 21:08:44.0000 2528 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 21:08:44.0015 2528 ============================================================ 21:08:44.0015 2528 \Device\Harddisk0\DR0: 21:08:44.0015 2528 MBR partitions: 21:08:44.0015 2528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41 21:08:44.0015 2528 ============================================================ 21:08:44.0046 2528 C: <-> \Device\Harddisk0\DR0\Partition0 21:08:44.0046 2528 ============================================================ 21:08:44.0046 2528 Initialize success 21:08:44.0046 2528 ============================================================ 21:08:46.0000 1808 ============================================================ 21:08:46.0000 1808 Scan started 21:08:46.0000 1808 Mode: Manual; 21:08:46.0000 1808 ============================================================ 21:08:46.0671 1808 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE 21:08:46.0671 1808 !SASCORE - ok 21:08:46.0734 1808 Abiosdsk - ok 21:08:46.0734 1808 abp480n5 - ok 21:08:46.0765 1808 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:08:46.0765 1808 ACPI - ok 21:08:46.0796 1808 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 21:08:46.0843 1808 ACPIEC - ok 21:08:46.0875 1808 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys 21:08:46.0890 1808 adfs - ok 21:08:46.0890 1808 adpu160m - ok 21:08:46.0921 1808 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 21:08:46.0921 1808 aec - ok 21:08:46.0968 1808 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 21:08:46.0984 1808 AFD - ok 21:08:46.0984 1808 Aha154x - ok 21:08:46.0984 1808 aic78u2 - ok 21:08:46.0984 1808 aic78xx - ok 21:08:47.0015 1808 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll 21:08:47.0031 1808 Alerter - ok 21:08:47.0031 1808 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe 21:08:47.0031 1808 ALG - ok 21:08:47.0031 1808 AliIde - ok 21:08:47.0109 1808 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys 21:08:47.0203 1808 Ambfilt - ok 21:08:47.0281 1808 amsint - ok 21:08:47.0312 1808 AppMgmt (434a70fa278eb3c42140e3755c2fa4f8) C:\WINDOWS\System32\appmgmts.dll 21:08:47.0312 1808 AppMgmt - ok 21:08:47.0343 1808 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 21:08:47.0343 1808 Arp1394 - ok 21:08:47.0343 1808 asc - ok 21:08:47.0343 1808 asc3350p - ok 21:08:47.0343 1808 asc3550 - ok 21:08:47.0437 1808 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 21:08:47.0437 1808 aspnet_state - ok 21:08:47.0453 1808 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:08:47.0453 1808 AsyncMac - ok 21:08:47.0468 1808 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 21:08:47.0484 1808 atapi - ok 21:08:47.0484 1808 Atdisk - ok 21:08:47.0484 1808 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:08:47.0500 1808 Atmarpc - ok 21:08:47.0515 1808 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll 21:08:47.0515 1808 AudioSrv - ok 21:08:47.0531 1808 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 21:08:47.0531 1808 audstub - ok 21:08:47.0578 1808 avc3 (d5fb1ab93fd6c42b0ea1929995e9de51) C:\WINDOWS\system32\drivers\avc3.sys 21:08:47.0593 1808 avc3 - ok 21:08:47.0640 1808 avckf (04fe75e4ecbe2c964735f7f4503f40d2) C:\WINDOWS\system32\drivers\avckf.sys 21:08:47.0671 1808 avckf - ok 21:08:47.0796 1808 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE 21:08:47.0812 1808 BBSvc - ok 21:08:47.0812 1808 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE 21:08:47.0828 1808 BBUpdate - ok 21:08:47.0906 1808 BDFM (54dbdd2ddb11776f1ebb85ccaba718bf) C:\WINDOWS\system32\DRIVERS\bdfm.sys 21:08:47.0906 1808 BDFM - ok 21:08:47.0937 1808 Bdfndisf (3b3ad83054c650cf7cdeb0d5ecbd54e1) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys 21:08:47.0937 1808 Bdfndisf - ok 21:08:48.0000 1808 bdfsfltr (4c44d82e372a87b3cb439a7f14cfef03) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys 21:08:48.0046 1808 bdfsfltr - ok 21:08:48.0046 1808 Bdftdif (c23a8547d5ea6d0c3589961bfb7ff6d3) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys 21:08:48.0062 1808 Bdftdif - ok 21:08:48.0093 1808 bdrawpr (d077f523538c9fb83b3c3fae13861579) C:\WINDOWS\system32\drivers\bdrawpr.sys 21:08:48.0093 1808 bdrawpr - ok 21:08:48.0093 1808 Bdselfpr - ok 21:08:48.0171 1808 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 21:08:48.0171 1808 Beep - ok 21:08:48.0218 1808 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll 21:08:48.0265 1808 BITS - ok 21:08:48.0281 1808 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys 21:08:48.0281 1808 BridgeMP - ok 21:08:48.0312 1808 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll 21:08:48.0328 1808 Browser - ok 21:08:48.0421 1808 catchme - ok 21:08:48.0437 1808 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 21:08:48.0437 1808 cbidf2k - ok 21:08:48.0437 1808 cd20xrnt - ok 21:08:48.0453 1808 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 21:08:48.0453 1808 Cdaudio - ok 21:08:48.0468 1808 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 21:08:48.0468 1808 Cdfs - ok 21:08:48.0484 1808 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:08:48.0484 1808 Cdrom - ok 21:08:48.0484 1808 Changer - ok 21:08:48.0484 1808 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe 21:08:48.0500 1808 CiSvc - ok 21:08:48.0500 1808 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe 21:08:48.0515 1808 ClipSrv - ok 21:08:48.0593 1808 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:08:48.0593 1808 clr_optimization_v2.0.50727_32 - ok 21:08:48.0625 1808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:08:48.0640 1808 clr_optimization_v4.0.30319_32 - ok 21:08:48.0640 1808 CmdIde - ok 21:08:48.0640 1808 COMSysApp - ok 21:08:48.0640 1808 Cpqarray - ok 21:08:48.0656 1808 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll 21:08:48.0656 1808 CryptSvc - ok 21:08:48.0656 1808 dac2w2k - ok 21:08:48.0656 1808 dac960nt - ok 21:08:48.0718 1808 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 21:08:48.0734 1808 DcomLaunch - ok 21:08:48.0765 1808 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll 21:08:48.0765 1808 Dhcp - ok 21:08:48.0796 1808 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 21:08:48.0796 1808 Disk - ok 21:08:48.0796 1808 dmadmin - ok 21:08:48.0843 1808 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 21:08:48.0859 1808 dmboot - ok 21:08:48.0875 1808 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\DRIVERS\dmio.sys 21:08:48.0890 1808 dmio - ok 21:08:48.0906 1808 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 21:08:48.0906 1808 dmload - ok 21:08:48.0921 1808 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll 21:08:48.0921 1808 dmserver - ok 21:08:48.0937 1808 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 21:08:48.0937 1808 DMusic - ok 21:08:48.0968 1808 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll 21:08:48.0984 1808 Dnscache - ok 21:08:49.0062 1808 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll 21:08:49.0312 1808 Dot3svc - ok 21:08:49.0328 1808 dpti2o - ok 21:08:49.0359 1808 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 21:08:49.0375 1808 drmkaud - ok 21:08:49.0484 1808 e1kexpress (21375e1d8c9657e1587dcc2efd0723ee) C:\WINDOWS\system32\DRIVERS\e1k5132.sys 21:08:49.0500 1808 e1kexpress - ok 21:08:49.0546 1808 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll 21:08:49.0562 1808 EapHost - ok 21:08:49.0578 1808 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll 21:08:49.0578 1808 ERSvc - ok 21:08:49.0625 1808 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 21:08:49.0625 1808 Eventlog - ok 21:08:49.0640 1808 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll 21:08:49.0656 1808 EventSystem - ok 21:08:49.0671 1808 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 21:08:49.0671 1808 Fastfat - ok 21:08:49.0687 1808 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 21:08:49.0703 1808 FastUserSwitchingCompatibility - ok 21:08:49.0718 1808 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 21:08:49.0718 1808 Fdc - ok 21:08:49.0765 1808 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 21:08:49.0765 1808 Fips - ok 21:08:49.0843 1808 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 21:08:49.0859 1808 FLEXnet Licensing Service - ok 21:08:49.0875 1808 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 21:08:49.0875 1808 Flpydisk - ok 21:08:49.0890 1808 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 21:08:49.0906 1808 FltMgr - ok 21:08:50.0000 1808 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 21:08:50.0000 1808 FontCache3.0.0.0 - ok 21:08:50.0031 1808 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:08:50.0031 1808 Fs_Rec - ok 21:08:50.0031 1808 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:08:50.0046 1808 Ftdisk - ok 21:08:50.0062 1808 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:08:50.0078 1808 Gpc - ok 21:08:50.0125 1808 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 21:08:50.0125 1808 gupdate - ok 21:08:50.0125 1808 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 21:08:50.0125 1808 gupdatem - ok 21:08:50.0140 1808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 21:08:50.0156 1808 gusvc - ok 21:08:50.0187 1808 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 21:08:50.0187 1808 HDAudBus - ok 21:08:50.0234 1808 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 21:08:50.0234 1808 helpsvc - ok 21:08:50.0265 1808 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll 21:08:50.0265 1808 HidServ - ok 21:08:50.0296 1808 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 21:08:50.0296 1808 hidusb - ok 21:08:50.0328 1808 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll 21:08:50.0343 1808 hkmsvc - ok 21:08:50.0343 1808 hpn - ok 21:08:50.0375 1808 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 21:08:50.0375 1808 HPZid412 - ok 21:08:50.0390 1808 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 21:08:50.0390 1808 HPZipr12 - ok 21:08:50.0421 1808 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 21:08:50.0421 1808 HPZius12 - ok 21:08:50.0453 1808 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 21:08:50.0453 1808 HTTP - ok 21:08:50.0468 1808 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll 21:08:50.0468 1808 HTTPFilter - ok 21:08:50.0468 1808 i2omgmt - ok 21:08:50.0484 1808 i2omp - ok 21:08:50.0593 1808 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:08:50.0609 1808 idsvc - ok 21:08:50.0656 1808 IISADMIN (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe 21:08:50.0671 1808 IISADMIN - ok 21:08:50.0703 1808 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 21:08:50.0703 1808 Imapi - ok 21:08:50.0750 1808 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe 21:08:50.0750 1808 ImapiService - ok 21:08:50.0750 1808 ini910u - ok 21:08:50.0921 1808 IntcAzAudAddService (9037c8bd3e896d7f2803a171fdeaeef4) C:\WINDOWS\system32\drivers\RtkHDAud.sys 21:08:50.0968 1808 IntcAzAudAddService - ok 21:08:51.0062 1808 IntelIde - ok 21:08:51.0093 1808 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 21:08:51.0093 1808 intelppm - ok 21:08:51.0109 1808 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 21:08:51.0109 1808 Ip6Fw - ok 21:08:51.0140 1808 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:08:51.0140 1808 IpFilterDriver - ok 21:08:51.0140 1808 iphlpsvc - ok 21:08:51.0140 1808 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:08:51.0140 1808 IpInIp - ok 21:08:51.0156 1808 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:08:51.0156 1808 IpNat - ok 21:08:51.0171 1808 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:08:51.0171 1808 IPSec - ok 21:08:51.0171 1808 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 21:08:51.0171 1808 IRENUM - ok 21:08:51.0203 1808 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:08:51.0203 1808 isapnp - ok 21:08:51.0218 1808 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:08:51.0234 1808 Kbdclass - ok 21:08:51.0234 1808 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 21:08:51.0234 1808 kbdhid - ok 21:08:51.0265 1808 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 21:08:51.0265 1808 kmixer - ok 21:08:51.0296 1808 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 21:08:51.0296 1808 KSecDD - ok 21:08:51.0312 1808 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll 21:08:51.0328 1808 lanmanserver - ok 21:08:51.0328 1808 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll 21:08:51.0343 1808 lanmanworkstation - ok 21:08:51.0343 1808 lbrtfdc - ok 21:08:51.0359 1808 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll 21:08:51.0359 1808 LmHosts - ok 21:08:51.0437 1808 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 21:08:51.0453 1808 MDM - ok 21:08:51.0468 1808 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 21:08:51.0468 1808 mnmdd - ok 21:08:51.0484 1808 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe 21:08:51.0500 1808 mnmsrvc - ok 21:08:51.0515 1808 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 21:08:51.0531 1808 Modem - ok 21:08:51.0593 1808 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys 21:08:51.0656 1808 Monfilt - ok 21:08:51.0750 1808 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:08:51.0750 1808 Mouclass - ok 21:08:51.0796 1808 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 21:08:51.0796 1808 mouhid - ok 21:08:51.0812 1808 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 21:08:51.0812 1808 MountMgr - ok 21:08:51.0812 1808 mraid35x - ok 21:08:51.0859 1808 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:08:51.0859 1808 MRxDAV - ok 21:08:51.0906 1808 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:08:51.0937 1808 MRxSmb - ok 21:08:51.0953 1808 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe 21:08:51.0953 1808 MSDTC - ok 21:08:51.0968 1808 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 21:08:51.0968 1808 Msfs - ok 21:08:51.0968 1808 MSIServer - ok 21:08:52.0031 1808 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:08:52.0031 1808 MSKSSRV - ok 21:08:52.0046 1808 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:08:52.0046 1808 MSPCLOCK - ok 21:08:52.0062 1808 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 21:08:52.0062 1808 MSPQM - ok 21:08:52.0078 1808 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:08:52.0078 1808 mssmbios - ok 21:08:52.0109 1808 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 21:08:52.0109 1808 Mup - ok 21:08:52.0140 1808 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll 21:08:52.0156 1808 napagent - ok 21:08:52.0171 1808 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 21:08:52.0171 1808 NDIS - ok 21:08:52.0203 1808 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:08:52.0218 1808 NdisTapi - ok 21:08:52.0218 1808 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:08:52.0218 1808 Ndisuio - ok 21:08:52.0218 1808 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:08:52.0218 1808 NdisWan - ok 21:08:52.0250 1808 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 21:08:52.0250 1808 NDProxy - ok 21:08:52.0250 1808 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 21:08:52.0250 1808 NetBIOS - ok 21:08:52.0281 1808 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 21:08:52.0281 1808 NetBT - ok 21:08:52.0312 1808 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 21:08:52.0312 1808 NetDDE - ok 21:08:52.0328 1808 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 21:08:52.0328 1808 NetDDEdsdm - ok 21:08:52.0328 1808 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 21:08:52.0328 1808 Netlogon - ok 21:08:52.0343 1808 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll 21:08:52.0343 1808 Netman - ok 21:08:52.0437 1808 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:08:52.0468 1808 NetTcpPortSharing - ok 21:08:52.0500 1808 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 21:08:52.0500 1808 NIC1394 - ok 21:08:52.0546 1808 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll 21:08:52.0546 1808 Nla - ok 21:08:52.0546 1808 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys 21:08:52.0546 1808 nm - ok 21:08:52.0562 1808 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 21:08:52.0562 1808 Npfs - ok 21:08:52.0578 1808 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 21:08:52.0578 1808 Ntfs - ok 21:08:52.0609 1808 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 21:08:52.0609 1808 NtLmSsp - ok 21:08:52.0625 1808 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll 21:08:52.0640 1808 NtmsSvc - ok 21:08:52.0656 1808 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 21:08:52.0656 1808 Null - ok 21:08:53.0000 1808 nv (0dc79b60cedc3a8854c27b3c6e4b3414) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 21:08:53.0203 1808 nv - ok 21:08:53.0296 1808 nvsvc (cc9275db74ad57ac0c3ee823f9922298) C:\WINDOWS\system32\nvsvc32.exe 21:08:53.0312 1808 nvsvc - ok 21:08:53.0359 1808 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:08:53.0359 1808 NwlnkFlt - ok 21:08:53.0359 1808 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:08:53.0375 1808 NwlnkFwd - ok 21:08:53.0406 1808 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 21:08:53.0406 1808 NwlnkIpx - ok 21:08:53.0406 1808 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 21:08:53.0421 1808 NwlnkNb - ok 21:08:53.0421 1808 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 21:08:53.0421 1808 NwlnkSpx - ok 21:08:53.0437 1808 NwSapAgent (8a06a02dff39934228f3fb44c87898d3) C:\WINDOWS\System32\ipxsap.dll 21:08:53.0453 1808 NwSapAgent - ok 21:08:53.0468 1808 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 21:08:53.0468 1808 ohci1394 - ok 21:08:53.0546 1808 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:08:53.0562 1808 ose - ok 21:08:53.0734 1808 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:08:53.0906 1808 osppsvc - ok 21:08:54.0468 1808 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\drivers\Parport.sys 21:08:54.0484 1808 Parport - ok 21:08:54.0500 1808 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 21:08:54.0500 1808 PartMgr - ok 21:08:54.0546 1808 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 21:08:54.0546 1808 ParVdm - ok 21:08:54.0546 1808 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 21:08:54.0562 1808 PCI - ok 21:08:54.0562 1808 PCIDump - ok 21:08:54.0593 1808 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 21:08:54.0593 1808 PCIIde - ok 21:08:54.0609 1808 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 21:08:54.0625 1808 Pcmcia - ok 21:08:54.0625 1808 PDCOMP - ok 21:08:54.0625 1808 PDFRAME - ok 21:08:54.0625 1808 PDRELI - ok 21:08:54.0625 1808 PDRFRAME - ok 21:08:54.0640 1808 perc2 - ok 21:08:54.0640 1808 perc2hib - ok 21:08:54.0718 1808 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 21:08:54.0718 1808 PlugPlay - ok 21:08:54.0750 1808 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe 21:08:54.0765 1808 Pml Driver HPZ12 - ok 21:08:54.0796 1808 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 21:08:54.0796 1808 PolicyAgent - ok 21:08:54.0843 1808 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:08:54.0843 1808 PptpMiniport - ok 21:08:54.0843 1808 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 21:08:54.0843 1808 ProtectedStorage - ok 21:08:54.0875 1808 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 21:08:54.0875 1808 PSched - ok 21:08:54.0875 1808 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:08:54.0875 1808 Ptilink - ok 21:08:54.0906 1808 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys 21:08:54.0921 1808 PxHelp20 - ok 21:08:54.0921 1808 ql1080 - ok 21:08:54.0921 1808 Ql10wnt - ok 21:08:54.0921 1808 ql12160 - ok 21:08:54.0921 1808 ql1240 - ok 21:08:54.0921 1808 ql1280 - ok 21:08:54.0937 1808 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:08:54.0937 1808 RasAcd - ok 21:08:54.0984 1808 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll 21:08:54.0984 1808 RasAuto - ok 21:08:55.0000 1808 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:08:55.0000 1808 Rasl2tp - ok 21:08:55.0046 1808 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll 21:08:55.0062 1808 RasMan - ok 21:08:55.0062 1808 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:08:55.0062 1808 RasPppoe - ok 21:08:55.0062 1808 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 21:08:55.0062 1808 Raspti - ok 21:08:55.0093 1808 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:08:55.0093 1808 Rdbss - ok 21:08:55.0093 1808 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:08:55.0093 1808 RDPCDD - ok 21:08:55.0109 1808 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 21:08:55.0109 1808 rdpdr - ok 21:08:55.0140 1808 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 21:08:55.0156 1808 RDPWD - ok 21:08:55.0187 1808 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe 21:08:55.0203 1808 RDSessMgr - ok 21:08:55.0234 1808 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 21:08:55.0234 1808 redbook - ok 21:08:55.0265 1808 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll 21:08:55.0265 1808 RemoteAccess - ok 21:08:55.0281 1808 RemoteRegistry (2fd5b89bf9289c774c5c730dea96cd91) C:\WINDOWS\system32\regsvc.dll 21:08:55.0281 1808 RemoteRegistry - ok 21:08:55.0296 1808 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe 21:08:55.0312 1808 RpcLocator - ok 21:08:55.0359 1808 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\System32\rpcss.dll 21:08:55.0359 1808 RpcSs - ok 21:08:55.0375 1808 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe 21:08:55.0390 1808 RSVP - ok 21:08:55.0421 1808 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 21:08:55.0421 1808 SamSs - ok 21:08:55.0500 1808 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 21:08:55.0500 1808 SASDIFSV - ok 21:08:55.0515 1808 SAS***IL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS 21:08:55.0515 1808 SAS***IL - ok 21:08:55.0531 1808 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe 21:08:55.0546 1808 SCardSvr - ok 21:08:55.0609 1808 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll 21:08:55.0609 1808 Schedule - ok 21:08:55.0625 1808 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:08:55.0625 1808 Secdrv - ok 21:08:55.0640 1808 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll 21:08:55.0656 1808 seclogon - ok 21:08:55.0671 1808 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll 21:08:55.0687 1808 SENS - ok 21:08:55.0687 1808 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys 21:08:55.0687 1808 Serial - ok 21:08:55.0734 1808 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 21:08:55.0734 1808 Sfloppy - ok 21:08:55.0765 1808 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll 21:08:55.0781 1808 SharedAccess - ok 21:08:55.0812 1808 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 21:08:55.0812 1808 ShellHWDetection - ok 21:08:55.0812 1808 Simbad - ok 21:08:55.0843 1808 SMTPSVC (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe 21:08:55.0843 1808 SMTPSVC - ok 21:08:55.0859 1808 Sparrow - ok 21:08:55.0859 1808 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 21:08:55.0859 1808 splitter - ok 21:08:55.0859 1808 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 21:08:55.0875 1808 Spooler - ok 21:08:56.0031 1808 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 21:08:56.0062 1808 sr - ok 21:08:56.0093 1808 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll 21:08:56.0093 1808 srservice - ok 21:08:56.0859 1808 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 21:08:56.0859 1808 Srv - ok 21:08:56.0890 1808 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll 21:08:56.0906 1808 SSDPSRV - ok 21:08:56.0937 1808 StillCam (bf8aa066bb0398ddcbc9573153d39b8c) C:\WINDOWS\system32\DRIVERS\serscan.sys 21:08:56.0953 1808 StillCam - ok 21:08:56.0968 1808 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll 21:08:56.0984 1808 stisvc - ok 21:08:56.0984 1808 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 21:08:56.0984 1808 swenum - ok 21:08:57.0015 1808 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 21:08:57.0015 1808 swmidi - ok 21:08:57.0015 1808 SwPrv - ok 21:08:57.0015 1808 symc810 - ok 21:08:57.0015 1808 symc8xx - ok 21:08:57.0015 1808 sym_hi - ok 21:08:57.0015 1808 sym_u3 - ok 21:08:57.0031 1808 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 21:08:57.0031 1808 sysaudio - ok 21:08:57.0062 1808 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe 21:08:57.0062 1808 SysmonLog - ok 21:08:57.0078 1808 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll 21:08:57.0093 1808 TapiSrv - ok 21:08:57.0125 1808 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:08:57.0140 1808 Tcpip - ok 21:08:57.0140 1808 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 21:08:57.0140 1808 TDPIPE - ok 21:08:57.0140 1808 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 21:08:57.0140 1808 TDTCP - ok 21:08:57.0140 1808 tdx - ok 21:08:57.0156 1808 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 21:08:57.0156 1808 TermDD - ok 21:08:57.0187 1808 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll 21:08:57.0203 1808 TermService - ok 21:08:57.0250 1808 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 21:08:57.0250 1808 Themes - ok 21:08:57.0265 1808 TlntSvr (78a2fe13662a119875f10e9ffcb49a8f) C:\WINDOWS\system32\tlntsvr.exe 21:08:57.0281 1808 TlntSvr - ok 21:08:57.0281 1808 TosIde - ok 21:08:57.0296 1808 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll 21:08:57.0312 1808 TrkWks - ok 21:08:57.0359 1808 Trufos (29c497fc09c655b7bafcfafb6e76b8eb) C:\WINDOWS\system32\DRIVERS\Trufos.sys 21:08:57.0359 1808 Trufos - ok 21:08:57.0359 1808 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 21:08:57.0375 1808 Udfs - ok 21:08:57.0375 1808 ultra - ok 21:08:57.0406 1808 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 21:08:57.0406 1808 Update - ok 21:08:57.0578 1808 Update Server (97af0bfac3ab8343e37e19c551e7d9fa) C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe 21:08:57.0593 1808 Update Server - ok 21:08:57.0625 1808 UPDATESRV (0faeef4582848c96c3ce7b857c1b481f) C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe 21:08:57.0640 1808 UPDATESRV - ok 21:08:57.0687 1808 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll 21:08:57.0687 1808 upnphost - ok 21:08:57.0703 1808 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe 21:08:57.0703 1808 UPS - ok 21:08:57.0718 1808 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 21:08:57.0718 1808 usbccgp - ok 21:08:57.0734 1808 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:08:57.0734 1808 usbehci - ok 21:08:57.0765 1808 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:08:57.0765 1808 usbhub - ok 21:08:57.0765 1808 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 21:08:57.0765 1808 usbprint - ok 21:08:57.0796 1808 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:08:57.0796 1808 usbscan - ok 21:08:57.0812 1808 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:08:57.0812 1808 USBSTOR - ok 21:08:57.0812 1808 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 21:08:57.0812 1808 VgaSave - ok 21:08:57.0812 1808 ViaIde - ok 21:08:57.0843 1808 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 21:08:57.0859 1808 VolSnap - ok 21:08:57.0953 1808 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe 21:08:57.0984 1808 VSS - ok 21:08:58.0000 1808 VSSERV - ok 21:08:58.0031 1808 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll 21:08:58.0031 1808 W32Time - ok 21:08:58.0078 1808 W3SVC (f89e74c0b4f17aadccb3cf4cee969f52) C:\WINDOWS\system32\inetsrv\inetinfo.exe 21:08:58.0078 1808 W3SVC - ok 21:08:58.0078 1808 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:08:58.0093 1808 Wanarp - ok 21:08:58.0093 1808 WDICA - ok 21:08:58.0093 1808 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 21:08:58.0093 1808 wdmaud - ok 21:08:58.0109 1808 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll 21:08:58.0125 1808 WebClient - ok 21:08:58.0125 1808 WinDefend - ok 21:08:58.0125 1808 WinHttpAutoProxySvc - ok 21:08:58.0156 1808 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll 21:08:58.0156 1808 winmgmt - ok 21:08:58.0250 1808 WinRM (250f8d15406269cb3a690b4a4859d92d) C:\WINDOWS\system32\WsmSvc.dll 21:08:58.0312 1808 WinRM - ok 21:08:58.0328 1808 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 21:08:58.0343 1808 WmdmPmSN - ok 21:08:58.0375 1808 Wmi (93f8eb8c7cd4e325ec92edbfc545103d) C:\WINDOWS\System32\advapi32.dll 21:08:58.0390 1808 Wmi - ok 21:08:58.0390 1808 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe 21:08:58.0406 1808 WmiApSrv - ok 21:08:58.0546 1808 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe 21:08:58.0593 1808 WMPNetworkSvc - ok 21:08:58.0703 1808 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 21:08:58.0734 1808 WPFFontCache_v0400 - ok 21:08:58.0828 1808 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 21:08:58.0843 1808 WS2IFSL - ok 21:08:58.0875 1808 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll 21:08:58.0875 1808 wscsvc - ok 21:08:58.0890 1808 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll 21:08:58.0890 1808 wuauserv - ok 21:08:58.0906 1808 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:08:58.0906 1808 WudfPf - ok 21:08:58.0906 1808 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:08:58.0906 1808 WudfRd - ok 21:08:58.0921 1808 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 21:08:58.0921 1808 WudfSvc - ok 21:08:58.0953 1808 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll 21:08:58.0953 1808 WZCSVC - ok 21:08:58.0968 1808 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll 21:08:58.0968 1808 xmlprov - ok 21:08:58.0984 1808 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0 21:08:59.0234 1808 \Device\Harddisk0\DR0 - ok 21:08:59.0234 1808 Boot (0x1200) (541d7e6629ae2fa9b243f2f5b7420fac) \Device\Harddisk0\DR0\Partition0 21:08:59.0234 1808 \Device\Harddisk0\DR0\Partition0 - ok 21:08:59.0250 1808 ============================================================ 21:08:59.0250 1808 Scan finished 21:08:59.0250 1808 ============================================================ 21:08:59.0250 3960 Detected object count: 0 21:08:59.0250 3960 Actual detected object count: 0 21:09:16.0171 2872 Deinitialize success

Heb TDSSKiller laten scannen, maar krijg inhoud "Report" niet gepost!

Help !!!! Foutmelding heeft zich weer aangemeld !!