antivirus.startpagina.nl

(zeer ) trage hotmail

  • Anonymous avatar

    Ben

    Hallo,

    Laat combofix nog ens scannen.

    Als dat is gelukt kan je kijken of het text bestandje het ook doet.

    Daarna logjes daar van plaatsen meteen nieuw Hijackthis log.

    Ben

    http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif

  • Anonymous avatar

    fazantje

    Hoi Rudi,

    Niet wanhopig worden.

    We zijn niet voor 1 gat te vangen:D

    Ga naar Start - uitvoeren en tik in:

    “C:\Documents and Settings\Gebruiker\Bureaublad\ComboFix.exe” /u

    Je kunt het ook handmatig verwijderen. Verwijder combofix.exe en de map C:\Qoobox

    Succes,

    Huib;)

  • Anonymous avatar

    rudi

    Ik ben bang dat dit van kwaad tot erger wordt.

    Ik krijg Combofix er niet af. Via uitvoeren zou dat gelukt moeten zijn maar als ik achter C kijk zit er een bestandje wat ik niet mag verwijderen.

    Op het bureaublad staat wel een icoon, maar ik kan klikken wat ik wil..

    Zullen we maar een dagje wachten?

  • Anonymous avatar

    rudi

    Verwijder combofix.exe ( Mag ik niet om e.o.a. reden . Er zit een bestandje in swxacls overigens )en de map C:\Qoobox (is gelukt)

    Ga naar Start - uitvoeren en tik in:

    “C:\Documents and Settings\Gebruiker\Bureaublad\ComboFix.exe” /u

    Lukt ook niet: Kort gezegd…het verwijst naar een locatie die niet toegankelijk is

  • Anonymous avatar

    Ben

    Hallo,

    .Download TDSS:

    Download http://support.kaspersky.com/downloads/utils/tdsskiller.zip en plaats het op je bureaublad.

    Pak de bestanden in tdsskiller.zip uit.

    Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

    Windows 7 en Windows Vista gebruikers:

    Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

    Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

    http://i1103.photobucket.com/albums/g476/pcwebplus/TDSSkillerupdate.jpg

    Klik op de knop “Start Scan” en volg de instructies.

    Wanneer de scan klaar is klik je op de knop “Report”.

    Er opent een kladblokbestand. Post de inhoud van dit bestand.

    Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

    Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.___log.txt

    .Plaats daar ook meteen een nieuw Hijack This logje bij.

    Ben

    http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif

  • Anonymous avatar

    goudlokje

    2011/09/22 19:46:57.0208 4192 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10

    2011/09/22 19:46:57.0317 4192 ================================================================================

    2011/09/22 19:46:57.0317 4192 SystemInfo:

    2011/09/22 19:46:57.0317 4192

    2011/09/22 19:46:57.0317 4192 OS Version: 6.0.6002 ServicePack: 2.0

    2011/09/22 19:46:57.0317 4192 Product type: Workstation

    2011/09/22 19:46:57.0317 4192 ComputerName: PC_VAN_RENATE

    2011/09/22 19:46:57.0317 4192 UserName: Renate

    2011/09/22 19:46:57.0317 4192 Windows directory: C:\Windows

    2011/09/22 19:46:57.0317 4192 System windows directory: C:\Windows

    2011/09/22 19:46:57.0317 4192 Processor architecture: Intel x86

    2011/09/22 19:46:57.0317 4192 Number of processors: 2

    2011/09/22 19:46:57.0317 4192 Page size: 0x1000

    2011/09/22 19:46:57.0317 4192 Boot type: Normal boot

    2011/09/22 19:46:57.0317 4192 ================================================================================

    2011/09/22 19:46:58.0425 4192 Initialize success

    2011/09/22 19:47:13.0666 3312 ================================================================================

    2011/09/22 19:47:13.0666 3312 Scan started

    2011/09/22 19:47:13.0666 3312 Mode: Manual;

    2011/09/22 19:47:13.0666 3312 ================================================================================

    2011/09/22 19:47:14.0337 3312 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

    2011/09/22 19:47:14.0446 3312 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

    2011/09/22 19:47:14.0680 3312 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

    2011/09/22 19:47:14.0774 3312 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

    2011/09/22 19:47:14.0867 3312 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

    2011/09/22 19:47:15.0039 3312 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

    2011/09/22 19:47:15.0133 3312 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

    2011/09/22 19:47:15.0226 3312 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

    2011/09/22 19:47:15.0320 3312 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys

    2011/09/22 19:47:15.0413 3312 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

    2011/09/22 19:47:15.0507 3312 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys

    2011/09/22 19:47:15.0601 3312 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

    2011/09/22 19:47:15.0710 3312 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

    2011/09/22 19:47:15.0835 3312 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

    2011/09/22 19:47:15.0928 3312 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

    2011/09/22 19:47:16.0069 3312 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

    2011/09/22 19:47:16.0178 3312 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

    2011/09/22 19:47:16.0303 3312 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys

    2011/09/22 19:47:16.0443 3312 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

    2011/09/22 19:47:16.0615 3312 BHDrvx86 (09b8897ac84c49beabea75cf9fe1ab45) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110909.001\BHDrvx86.sys

    2011/09/22 19:47:16.0739 3312 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

    2011/09/22 19:47:16.0880 3312 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

    2011/09/22 19:47:16.0989 3312 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

    2011/09/22 19:47:17.0083 3312 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

    2011/09/22 19:47:17.0176 3312 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

    2011/09/22 19:47:17.0270 3312 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

    2011/09/22 19:47:17.0348 3312 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

    2011/09/22 19:47:17.0441 3312 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

    2011/09/22 19:47:17.0551 3312 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

    2011/09/22 19:47:17.0769 3312 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

    2011/09/22 19:47:17.0878 3312 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

    2011/09/22 19:47:17.0972 3312 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

    2011/09/22 19:47:18.0065 3312 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

    2011/09/22 19:47:18.0190 3312 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

    2011/09/22 19:47:18.0268 3312 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys

    2011/09/22 19:47:18.0393 3312 CnxtHdAudService (1adf6f4852e7d7e2e8ac481bdb970586) C:\Windows\system32\drivers\CHDRT32.sys

    2011/09/22 19:47:18.0502 3312 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

    2011/09/22 19:47:18.0596 3312 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

    2011/09/22 19:47:18.0721 3312 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

    2011/09/22 19:47:18.0861 3312 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

    2011/09/22 19:47:19.0017 3312 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

    2011/09/22 19:47:19.0157 3312 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

    2011/09/22 19:47:19.0251 3312 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

    2011/09/22 19:47:19.0360 3312 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

    2011/09/22 19:47:19.0501 3312 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

    2011/09/22 19:47:19.0610 3312 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

    2011/09/22 19:47:19.0750 3312 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

    2011/09/22 19:47:19.0875 3312 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

    2011/09/22 19:47:19.0984 3312 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

    2011/09/22 19:47:20.0109 3312 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

    2011/09/22 19:47:20.0203 3312 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

    2011/09/22 19:47:20.0312 3312 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

    2011/09/22 19:47:20.0421 3312 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

    2011/09/22 19:47:20.0515 3312 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

    2011/09/22 19:47:20.0593 3312 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

    2011/09/22 19:47:20.0733 3312 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

    2011/09/22 19:47:20.0858 3312 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

    2011/09/22 19:47:20.0936 3312 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

    2011/09/22 19:47:21.0045 3312 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

    2011/09/22 19:47:21.0170 3312 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

    2011/09/22 19:47:21.0279 3312 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

    2011/09/22 19:47:21.0373 3312 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

    2011/09/22 19:47:21.0466 3312 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

    2011/09/22 19:47:21.0591 3312 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

    2011/09/22 19:47:21.0716 3312 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

    2011/09/22 19:47:21.0794 3312 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

    2011/09/22 19:47:21.0934 3312 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys

    2011/09/22 19:47:22.0059 3312 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

    2011/09/22 19:47:22.0168 3312 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys

    2011/09/22 19:47:22.0262 3312 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

    2011/09/22 19:47:22.0371 3312 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

    2011/09/22 19:47:22.0480 3312 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

    2011/09/22 19:47:22.0636 3312 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110921.030\IDSvix86.sys

    2011/09/22 19:47:22.0964 3312 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys

    2011/09/22 19:47:23.0245 3312 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

    2011/09/22 19:47:23.0369 3312 IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys

    2011/09/22 19:47:23.0447 3312 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys

    2011/09/22 19:47:23.0557 3312 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

    2011/09/22 19:47:23.0635 3312 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

    2011/09/22 19:47:23.0822 3312 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

    2011/09/22 19:47:23.0915 3312 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

    2011/09/22 19:47:24.0040 3312 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

    2011/09/22 19:47:24.0134 3312 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

    2011/09/22 19:47:24.0243 3312 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

    2011/09/22 19:47:24.0337 3312 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

    2011/09/22 19:47:24.0415 3312 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

    2011/09/22 19:47:24.0508 3312 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

    2011/09/22 19:47:24.0617 3312 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

    2011/09/22 19:47:24.0898 3312 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

    2011/09/22 19:47:25.0117 3312 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys

    2011/09/22 19:47:25.0241 3312 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

    2011/09/22 19:47:25.0351 3312 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys

    2011/09/22 19:47:25.0444 3312 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

    2011/09/22 19:47:25.0522 3312 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

    2011/09/22 19:47:25.0616 3312 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

    2011/09/22 19:47:25.0709 3312 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

    2011/09/22 19:47:25.0819 3312 LUsbFilt (0b808ff2f17c8396fb2ae202f75aed37) C:\Windows\system32\Drivers\LUsbFilt.Sys

    2011/09/22 19:47:25.0912 3312 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

    2011/09/22 19:47:25.0990 3312 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

    2011/09/22 19:47:26.0115 3312 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

    2011/09/22 19:47:26.0209 3312 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

    2011/09/22 19:47:26.0318 3312 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

    2011/09/22 19:47:26.0411 3312 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

    2011/09/22 19:47:26.0489 3312 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

    2011/09/22 19:47:26.0599 3312 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

    2011/09/22 19:47:26.0692 3312 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

    2011/09/22 19:47:26.0801 3312 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

    2011/09/22 19:47:26.0895 3312 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

    2011/09/22 19:47:26.0989 3312 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

    2011/09/22 19:47:27.0098 3312 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

    2011/09/22 19:47:27.0207 3312 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

    2011/09/22 19:47:27.0301 3312 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

    2011/09/22 19:47:27.0410 3312 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys

    2011/09/22 19:47:27.0488 3312 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

    2011/09/22 19:47:27.0628 3312 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

    2011/09/22 19:47:27.0722 3312 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

    2011/09/22 19:47:27.0847 3312 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

    2011/09/22 19:47:27.0940 3312 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

    2011/09/22 19:47:28.0049 3312 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

    2011/09/22 19:47:28.0159 3312 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

    2011/09/22 19:47:28.0252 3312 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

    2011/09/22 19:47:28.0346 3312 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

    2011/09/22 19:47:28.0455 3312 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

    2011/09/22 19:47:28.0580 3312 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

    2011/09/22 19:47:28.0705 3312 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110922.002\NAVENG.SYS

    2011/09/22 19:47:28.0923 3312 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110922.002\NAVEX15.SYS

    2011/09/22 19:47:29.0063 3312 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

    2011/09/22 19:47:29.0188 3312 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

    2011/09/22 19:47:29.0282 3312 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

    2011/09/22 19:47:29.0391 3312 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

    2011/09/22 19:47:29.0469 3312 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

    2011/09/22 19:47:29.0563 3312 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

    2011/09/22 19:47:29.0672 3312 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

    2011/09/22 19:47:29.0875 3312 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys

    2011/09/22 19:47:29.0999 3312 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

    2011/09/22 19:47:30.0109 3312 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

    2011/09/22 19:47:30.0218 3312 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

    2011/09/22 19:47:30.0343 3312 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

    2011/09/22 19:47:30.0452 3312 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

    2011/09/22 19:47:30.0545 3312 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

    2011/09/22 19:47:30.0639 3312 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

    2011/09/22 19:47:30.0717 3312 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

    2011/09/22 19:47:30.0811 3312 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

    2011/09/22 19:47:31.0107 3312 OA004Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA004Ufd.sys

    2011/09/22 19:47:31.0216 3312 OA004Vid (12a4366ff51befbdf018f654ff8b22b8) C:\Windows\system32\DRIVERS\OA004Vid.sys

    2011/09/22 19:47:31.0325 3312 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

    2011/09/22 19:47:31.0435 3312 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

    2011/09/22 19:47:31.0528 3312 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

    2011/09/22 19:47:31.0653 3312 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

    2011/09/22 19:47:31.0762 3312 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

    2011/09/22 19:47:31.0871 3312 pciide (1d8b3d8df8eb7fcf2f0ac02f9f947802) C:\Windows\system32\drivers\pciide.sys

    2011/09/22 19:47:31.0965 3312 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

    2011/09/22 19:47:32.0090 3312 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

    2011/09/22 19:47:32.0293 3312 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

    2011/09/22 19:47:32.0371 3312 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

    2011/09/22 19:47:32.0511 3312 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

    2011/09/22 19:47:32.0636 3312 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

    2011/09/22 19:47:32.0745 3312 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

    2011/09/22 19:47:32.0839 3312 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

    2011/09/22 19:47:32.0917 3312 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

    2011/09/22 19:47:33.0010 3312 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

    2011/09/22 19:47:33.0104 3312 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

    2011/09/22 19:47:33.0244 3312 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

    2011/09/22 19:47:33.0338 3312 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

    2011/09/22 19:47:33.0431 3312 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

    2011/09/22 19:47:33.0525 3312 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

    2011/09/22 19:47:33.0603 3312 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

    2011/09/22 19:47:33.0728 3312 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

    2011/09/22 19:47:33.0899 3312 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

    2011/09/22 19:47:34.0009 3312 RTL8169 (125c504a34d0a2e152517e342e7e432c) C:\Windows\system32\DRIVERS\Rtlh86.sys

    2011/09/22 19:47:34.0102 3312 RTSTOR (8dab5975b5c7923d61506a48e251dbad) C:\Windows\system32\drivers\RTSTOR.SYS

    2011/09/22 19:47:34.0211 3312 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

    2011/09/22 19:47:34.0352 3312 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

    2011/09/22 19:47:34.0461 3312 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

    2011/09/22 19:47:34.0555 3312 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

    2011/09/22 19:47:34.0648 3312 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

    2011/09/22 19:47:34.0726 3312 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

    2011/09/22 19:47:34.0851 3312 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

    2011/09/22 19:47:34.0945 3312 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

    2011/09/22 19:47:35.0038 3312 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

    2011/09/22 19:47:35.0116 3312 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

    2011/09/22 19:47:35.0241 3312 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

    2011/09/22 19:47:35.0335 3312 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

    2011/09/22 19:47:35.0428 3312 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

    2011/09/22 19:47:35.0569 3312 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

    2011/09/22 19:47:35.0662 3312 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

    2011/09/22 19:47:35.0834 3312 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS

    2011/09/22 19:47:35.0959 3312 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS

    2011/09/22 19:47:36.0068 3312 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

    2011/09/22 19:47:36.0177 3312 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

    2011/09/22 19:47:36.0317 3312 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

    2011/09/22 19:47:36.0427 3312 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

    2011/09/22 19:47:36.0536 3312 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

    2011/09/22 19:47:36.0785 3312 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS

    2011/09/22 19:47:36.0941 3312 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS

    2011/09/22 19:47:37.0066 3312 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS

    2011/09/22 19:47:37.0300 3312 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS

    2011/09/22 19:47:37.0581 3312 SYMTDIv (5136f99a60ddbdeb1f6fd1eefc44407f) C:\Windows\System32\Drivers\NIS\1206000.01D\SYMTDIV.SYS

    2011/09/22 19:47:37.0690 3312 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

    2011/09/22 19:47:37.0768 3312 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

    2011/09/22 19:47:37.0862 3312 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys

    2011/09/22 19:47:38.0033 3312 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys

    2011/09/22 19:47:38.0158 3312 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys

    2011/09/22 19:47:38.0267 3312 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

    2011/09/22 19:47:38.0345 3312 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

    2011/09/22 19:47:38.0439 3312 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

    2011/09/22 19:47:38.0533 3312 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

    2011/09/22 19:47:38.0626 3312 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

    2011/09/22 19:47:38.0782 3312 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

    2011/09/22 19:47:38.0891 3312 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

    2011/09/22 19:47:39.0016 3312 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

    2011/09/22 19:47:39.0110 3312 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

    2011/09/22 19:47:39.0203 3312 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

    2011/09/22 19:47:39.0328 3312 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

    2011/09/22 19:47:39.0437 3312 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

    2011/09/22 19:47:39.0531 3312 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

    2011/09/22 19:47:39.0609 3312 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

    2011/09/22 19:47:39.0703 3312 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

    2011/09/22 19:47:39.0812 3312 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

    2011/09/22 19:47:39.0905 3312 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

    2011/09/22 19:47:40.0046 3312 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

    2011/09/22 19:47:40.0124 3312 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

    2011/09/22 19:47:40.0217 3312 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

    2011/09/22 19:47:40.0358 3312 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

    2011/09/22 19:47:40.0467 3312 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

    2011/09/22 19:47:40.0561 3312 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

    2011/09/22 19:47:40.0654 3312 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

    2011/09/22 19:47:40.0748 3312 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

    2011/09/22 19:47:40.0873 3312 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

    2011/09/22 19:47:40.0982 3312 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

    2011/09/22 19:47:41.0091 3312 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

    2011/09/22 19:47:41.0185 3312 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

    2011/09/22 19:47:41.0294 3312 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys

    2011/09/22 19:47:41.0387 3312 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

    2011/09/22 19:47:41.0481 3312 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

    2011/09/22 19:47:41.0575 3312 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

    2011/09/22 19:47:41.0715 3312 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

    2011/09/22 19:47:41.0824 3312 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

    2011/09/22 19:47:41.0918 3312 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

    2011/09/22 19:47:41.0933 3312 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

    2011/09/22 19:47:42.0058 3312 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

    2011/09/22 19:47:42.0167 3312 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

    2011/09/22 19:47:42.0339 3312 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

    2011/09/22 19:47:42.0526 3312 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

    2011/09/22 19:47:42.0651 3312 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

    2011/09/22 19:47:42.0745 3312 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

    2011/09/22 19:47:42.0885 3312 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

    2011/09/22 19:47:42.0979 3312 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys

    2011/09/22 19:47:43.0088 3312 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys

    2011/09/22 19:47:43.0135 3312 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0

    2011/09/22 19:47:43.0150 3312 Boot (0x1200) (c7f5672f77dbd0f7eb576ce8c6144c48) \Device\Harddisk0\DR0\Partition0

    2011/09/22 19:47:43.0197 3312 Boot (0x1200) (176342099562caf8744bb78599b4c6ef) \Device\Harddisk0\DR0\Partition1

    2011/09/22 19:47:43.0197 3312 ================================================================================

    2011/09/22 19:47:43.0197 3312 Scan finished

    2011/09/22 19:47:43.0197 3312 ================================================================================

    2011/09/22 19:47:43.0228 0976 Detected object count: 0

    2011/09/22 19:47:43.0228 0976 Actual detected object count: 0

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 19:50:37, on 22-9-2011

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\HP\QuickPlay\QPService.exe

    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    C:\Program Files\HP\HP Software Update\hpwuschd2.exe

    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

    C:\Windows\system32\igfxsrvc.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Logitech\SetPoint\SetPoint.exe

    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

    C:\Windows\System32\mobsync.exe

    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\NOTEPAD.EXE

    C:\Program Files\Trend Micro\HiJackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://alawar.co.nl

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Loader Class - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL

    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll

    O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: “C:\Program Files\HP\QuickPlay\QPService.exe”

    O4 - HKLM\..\Run: “C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\LabelPrint” UpdateWithCreateOnce “Software\CyberLink\LabelPrint\2.5”

    O4 - HKLM\..\Run: “C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\DVD Suite” UpdateWithCreateOnce “Software\CyberLink\PowerStarter”

    O4 - HKLM\..\Run: “C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\YouCam” UpdateWithCreateOnce “Software\CyberLink\YouCam\2.0”

    O4 - HKLM\..\Run: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\Power2Go” UpdateWithCreateOnce “SOFTWARE\CyberLink\Power2Go\6.0”

    O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\PowerDirector” UpdateWithCreateOnce “SOFTWARE\CyberLink\PowerDirector\7.0”

    O4 - HKLM\..\Run: c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    O4 - HKLM\..\Run: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    O4 - HKLM\..\Run: C:\Windows\system32\NeroCheck.exe

    O4 - HKLM\..\Run: C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

    O4 - HKLM\..\Run: “C:\Program Files\DYMO\DYMO Label Software\DLSService.exe”

    O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime

    O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe

    O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe

    O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe

    O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”

    O4 - HKLM\..\Run: KHALMNPR.EXE

    O4 - HKCU\..\Run: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

    O4 - HKCU\..\Run: C:\Program Files\IncrediMail\bin\IncMail.exe /c

    O4 - HKCU\..\Run: C:\PROGRA~1\HYVESD~1\bin\HYVESD~1.EXE

    O4 - HKCU\..\Run: “C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe” /startup

    O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - Startup: Service Manager.lnk = ?

    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    O11 - Options group: Accelerated graphics

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares Ultra\chatServer.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: MSSQLSERVER - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe

    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe

    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

    O23 - Service: SQLSERVERAGENT - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE

    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    End of file - 9258 bytes

  • Anonymous avatar

    Ben

    Hallo,

    Doe nou weer dit

    Download http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,

    want Combofix wordt dagelijks geupdate.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner,

    schakel dan deze scanner uit en download Combofix opnieuw.

    Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

    Dubbelklik op Combofix.exe

    Volg de instructies, aanvaard de disclaimer.

    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

    Het kan enige tijd duren voordat het logje van combofix komt, dus denk niet van hij is op tilt.

    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.

    Plaats deze log in je volgende post samen met een nieuw HijackThis logje.

    En vertel hoe het nu is.

    Ben

    http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif

  • Anonymous avatar

    rudi

    Ik R_R geef het op.. Nu krijgen we weer een melding dat we Combofix niet kunnen hernoemen.

    Waar woon je Ben? Ik schuif hem om de hoek met een dikke envelop, of ik accepteer zijn evt. tekortkomingen. Hij is weer behoorlijk snel en als hij de geest geeft graven we wel een gat in de tuin

    Ontzettend bedankt in ieder geval..Ben, Huib, Jos

  • Anonymous avatar

    fazantje

    Hoi Rudi,

    Als het nog niet lukt om combo te verwijderen, nog een optie:

    draai deze tool:

    Download OTC exe (by OldTimer)

    Plaats het bestand op je bureaublad.

    Zorg dat er een internetverbinding is.

    Klik vervolgens met je rechtermuisknop op OTCleanIt.exe en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator) om het programma te starten.

    Lukt dat niet , dan dubbelklikken op het icoon.

    Klik nu op de knop "CleanUp!"

    Als je firewall, of een ander beveiligingsprogramma, een waarschuwing geeft dat OTC.exe internettoegang wil, mag je dit toestaan, het programma heeft die connectie nodig.

    OTC zal als laatste vragen of je de computer herstarten wilt, dit mag je toestaan, hiermee verwijdert het zichzelf ook.

    Nota: Het gebruik van OTC.exe zal alle gebruikte tools(inclusief bijbehorende logs en backupmappen) van je computer doen verwijderen.

    Succes,

    Huib;)

  • Anonymous avatar

    rudi

    :) Okay..doen we