Betreft: Virus

Harry

09-02-2013 11:08

Ik heb gisteren een scan gedaan met Trojaan remover
ik moest opnieuw opstarten en toen ging het mis
ik zie dat ik online ben / mail Skype en icoon buienradar
maar als ik erop druk , krijg ik de melding
er is voor deze bewerking geen programma aan het opgeven bestand gekoppeld
installeer een programma of , dit is al geïnstalleerd, maak een koppeling in het onderdeel
standaardprogramma,s van het configuratiescherm
( gedaan en werkt niet)
systeemherstel werkt ook niet en geeft melding ( 0x80070003 )
Avast geeft aan dat alles in orde is
Het lijkt wel of er iets mist in het systeem…heb 2 mnd. geleden back-up gemaakt van window,s..gewoon map gekopieerd…miss nuttig ?
opstarten gaat ook traag en duurt 2min voordat alles klaar is , terwijl er maar 3 dingen opstarten
hier volgen 3 rapporten
hijack mbam en adwcleaner v2.111
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:30:56, on 9-2-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /minimized /regrun
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
–
End of file - 7575 bytes
mbam
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Databaseversie: v2013.02.09.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Gebruiker :: GEBRUIK-M9FNQAG
9-2-2013 10:32:06
mbam-log-2013-02-09 (10-32-06).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 208538
Verstreken tijd: 5 minuut/minuten, 48 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
adwcleaner v2.111
# AdwCleaner v2.111 - Verslag gemaakt op 09/02/2013 om 10:39:59
# Geactualiseerd op 05/02/2013 door Xplode
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Gebruiker : Gebruiker - GEBRUIK-M9FNQAG
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Gebruiker\Desktop\cleaners\adwcleaner.exe
# Optie
***** *****
***** *****
***** *****
Sleutel Verwijdert : HKCU\Software\Conduit
***** *****
-\\ Internet Explorer v9.0.8112.16421
Het register bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Wie kan me hiermee helpen?
Harry
Ben

09-02-2013 12:16

Hallo,
>>>Ik heb gisteren een scan gedaan met Trojaan remover
ik moest opnieuw opstarten en toen ging het mis
ik zie dat ik online ben / mail Skype en icoon buienradar
maar als ik erop druk , krijg ik de melding <<<
Ik hoop dat er niks verkeerd is verwijderd, heb je hier nog een logje van wat er is verwijderd?
Download TDSSKStarter naar het bureaublad.
“TDSSKStarter.exe” gebruiken:
Sluit nu eerst alle nog openstaande programmavensters!
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met TDSSKStarter.exe
(hier of hier) kan je lezen hoe je dat doet.
Windows 2000 en Windows XP: start de tool middels dubbelklik op “TDSSKStarter.exe”.
Windows Vista en Windows 7: start de tool middels rechtsklik op “TDSSKStarter.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.
Gr.Ben
Harry

09-02-2013 16:03

Hallo Ben.
Heb het even gedaan, en dit is wat daar uitkomt:
15:53:22.0348 2076 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:53:22.0348 2076 ============================================================
15:53:22.0348 2076 Current date / time: 2013/02/09 15:53:22.0348
15:53:22.0348 2076 SystemInfo:
15:53:22.0348 2076
15:53:22.0348 2076 OS Version: 6.1.7601 ServicePack: 1.0
15:53:22.0348 2076 Product type: Workstation
15:53:22.0348 2076 ComputerName: GEBRUIK-M9FNQAG
15:53:22.0348 2076 UserName: Gebruiker
15:53:22.0348 2076 Windows directory: C:\Windows
15:53:22.0348 2076 System windows directory: C:\Windows
15:53:22.0348 2076 Processor architecture: Intel x86
15:53:22.0348 2076 Number of processors: 2
15:53:22.0348 2076 Page size: 0x1000
15:53:22.0348 2076 Boot type: Normal boot
15:53:22.0348 2076 ============================================================
15:53:26.0248 2076 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000050
15:53:26.0372 2076 ============================================================
15:53:26.0372 2076 \Device\Harddisk0\DR0:
15:53:26.0372 2076 MBR partitions:
15:53:26.0372 2076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x23C2C351
15:53:26.0372 2076 ============================================================
15:53:26.0560 2076 C: <-> \Device\Harddisk0\DR0\Partition1
15:53:26.0560 2076 ============================================================
15:53:26.0560 2076 Initialize success
15:53:26.0560 2076 ============================================================
15:53:26.0606 2992 ============================================================
15:53:26.0606 2992 Scan started
15:53:26.0606 2992 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
15:53:26.0606 2992 ============================================================
15:53:30.0865 2992 ================ Scan system memory ========================
15:53:30.0865 2992 ================ Scan services =============================
15:53:31.0583 2992 \Program Files\SUPERAntiSpyware\SASCORE.EXE
15:53:32.0878 2992 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:53:33.0080 2992 ACPI C:\Windows\system32\drivers\ACPI.sys
15:53:33.0314 2992 AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:53:33.0548 2992 AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:53:33.0689 2992 AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:53:33.0907 2992 adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:53:34.0016 2992 adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:53:34.0157 2992 adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:53:34.0328 2992 AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
15:53:34.0422 2992 AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:53:34.0625 2992 AFD C:\Windows\system32\drivers\afd.sys
15:53:34.0718 2992 agp440 C:\Windows\system32\drivers\agp440.sys
15:53:34.0874 2992 aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:53:34.0968 2992 ALG C:\Windows\System32\alg.exe
15:53:35.0093 2992 aliide C:\Windows\system32\drivers\aliide.sys
15:53:35.0218 2992 amdagp C:\Windows\system32\drivers\amdagp.sys
15:53:35.0358 2992 amdide C:\Windows\system32\drivers\amdide.sys
15:53:35.0514 2992 AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:53:35.0654 2992 AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:53:35.0795 2992 amdsata C:\Windows\system32\drivers\amdsata.sys
15:53:35.0920 2992 amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:53:36.0076 2992 amdxata C:\Windows\system32\drivers\amdxata.sys
15:53:36.0185 2992 AppID C:\Windows\system32\drivers\appid.sys
15:53:36.0325 2992 AppIDSvc C:\Windows\System32\appidsvc.dll
15:53:36.0450 2992 Appinfo C:\Windows\System32\appinfo.dll
15:53:36.0606 2992 Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:53:36.0809 2992 AppMgmt C:\Windows\System32\appmgmts.dll
15:53:36.0949 2992 arc C:\Windows\system32\DRIVERS\arc.sys
15:53:37.0058 2992 arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:53:37.0261 2992 aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:53:37.0339 2992 aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:53:37.0480 2992 aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:53:37.0636 2992 aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:53:37.0745 2992 aswSP C:\Windows\system32\drivers\aswSP.sys
15:53:37.0854 2992 aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:53:37.0979 2992 AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:53:38.0150 2992 atapi C:\Windows\system32\drivers\atapi.sys
15:53:38.0416 2992 AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:53:38.0540 2992 Audiosrv C:\Windows\System32\Audiosrv.dll
15:53:38.0946 2992 avast\Program Files\AVAST Software\Avast\AvastSvc.exe
15:53:39.0040 2992 AxInstSV C:\Windows\System32\AxInstSV.dll
15:53:39.0289 2992 b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:53:39.0445 2992 b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:53:39.0601 2992 BDESVC C:\Windows\System32\bdesvc.dll
15:53:39.0726 2992 Beep C:\Windows\system32\drivers\Beep.sys
15:53:39.0960 2992 BFE C:\Windows\System32\bfe.dll
15:53:40.0256 2992 BITS C:\Windows\System32\qmgr.dll
15:53:40.0381 2992 blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:53:40.0693 2992 Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:53:40.0834 2992 bowser C:\Windows\system32\DRIVERS\bowser.sys
15:53:40.0974 2992 BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:53:41.0083 2992 BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:53:41.0192 2992 BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:53:41.0333 2992 Browser C:\Windows\System32\browser.dll
15:53:41.0502 2992 Brserid C:\Windows\System32\Drivers\Brserid.sys
15:53:41.0622 2992 BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:53:41.0742 2992 BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:53:41.0832 2992 BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:53:41.0962 2992 BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:53:42.0092 2992 bthserv C:\Windows\system32\bthserv.dll
15:53:42.0212 2992 c2wts C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe
15:53:42.0332 2992 cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:53:42.0552 2992 cdrom C:\Windows\system32\drivers\cdrom.sys
15:53:42.0692 2992 CertPropSvc C:\Windows\System32\certprop.dll
15:53:42.0819 2992 circlass C:\Windows\system32\DRIVERS\circlass.sys
15:53:42.0912 2992 CLFS C:\Windows\system32\CLFS.sys
15:53:43.0100 2992 clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:53:43.0755 2992 clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:53:43.0848 2992 CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:53:43.0958 2992 cmdide C:\Windows\system32\drivers\cmdide.sys
15:53:44.0176 2992 CNG C:\Windows\system32\Drivers\cng.sys
15:53:44.0285 2992 Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:53:44.0426 2992 CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:53:44.0535 2992 crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:53:44.0644 2992 CryptSvc C:\Windows\system32\cryptsvc.dll
15:53:44.0878 2992 CSC C:\Windows\system32\drivers\csc.sys
15:53:45.0018 2992 CscService C:\Windows\System32\cscsvc.dll
15:53:45.0128 2992 DcomLaunch C:\Windows\system32\rpcss.dll
15:53:45.0299 2992 defragsvc C:\Windows\System32\defragsvc.dll
15:53:45.0471 2992 DfsC C:\Windows\system32\Drivers\dfsc.sys
15:53:45.0549 2992 Dhcp C:\Windows\system32\dhcpcore.dll
15:53:45.0689 2992 discache C:\Windows\system32\drivers\discache.sys
15:53:45.0798 2992 Disk C:\Windows\system32\DRIVERS\disk.sys
15:53:45.0954 2992 Dnscache C:\Windows\System32\dnsrslvr.dll
15:53:46.0095 2992 dot3svc C:\Windows\System32\dot3svc.dll
15:53:46.0282 2992 DPS C:\Windows\system32\dps.dll
15:53:46.0391 2992 drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:53:46.0563 2992 DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:53:46.0703 2992 EapHost C:\Windows\System32\eapsvc.dll
15:53:47.0000 2992 ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:53:47.0171 2992 EFS C:\Windows\System32\lsass.exe
15:53:47.0312 2992 ehRecvr C:\Windows\ehome\ehRecvr.exe
15:53:47.0436 2992 ehSched C:\Windows\ehome\ehsched.exe
15:53:47.0670 2992 elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:53:47.0795 2992 ErrDev C:\Windows\system32\drivers\errdev.sys
15:53:48.0014 2992 EventSystem C:\Windows\system32\es.dll
15:53:48.0232 2992 exfat C:\Windows\system32\drivers\exfat.sys
15:53:48.0341 2992 fastfat C:\Windows\system32\drivers\fastfat.sys
15:53:48.0528 2992 Fax C:\Windows\system32\fxssvc.exe
15:53:48.0669 2992 fdc C:\Windows\system32\DRIVERS\fdc.sys
15:53:48.0794 2992 fdPHost C:\Windows\system32\fdPHost.dll
15:53:48.0887 2992 FDResPub C:\Windows\system32\fdrespub.dll
15:53:49.0012 2992 FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:53:49.0152 2992 Filetrace C:\Windows\system32\drivers\filetrace.sys
15:53:49.0262 2992 flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:53:49.0433 2992 FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:53:49.0542 2992 FontCache C:\Windows\system32\FntCache.dll
15:53:49.0823 2992 FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:53:49.0948 2992 FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:53:50.0057 2992 fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:53:50.0307 2992 fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:53:50.0510 2992 Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:53:50.0666 2992 fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:53:50.0806 2992 gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:53:50.0915 2992 GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:53:51.0102 2992 gpsvc C:\Windows\System32\gpsvc.dll
15:53:51.0227 2992 hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:53:51.0368 2992 HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:53:51.0461 2992 HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:53:51.0758 2992 HDDSvc C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe
15:53:51.0898 2992 HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:53:52.0038 2992 HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:53:52.0179 2992 HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:53:52.0288 2992 hidserv C:\Windows\System32\hidserv.dll
15:53:52.0444 2992 HidUsb C:\Windows\system32\drivers\hidusb.sys
15:53:52.0538 2992 hkmsvc C:\Windows\system32\kmsvc.dll
15:53:52.0631 2992 HomeGroupListener C:\Windows\system32\ListSvc.dll
15:53:52.0787 2992 HomeGroupProvider C:\Windows\system32\provsvc.dll
15:53:52.0928 2992 HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:53:53.0302 2992 HTTP C:\Windows\system32\drivers\HTTP.sys
15:53:53.0474 2992 hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:53:53.0630 2992 i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:53:53.0786 2992 iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:53:54.0207 2992 idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:53:54.0347 2992 iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:53:54.0597 2992 IKEEXT C:\Windows\System32\ikeext.dll
15:53:54.0722 2992 intelide C:\Windows\system32\drivers\intelide.sys
15:53:54.0815 2992 intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:53:54.0971 2992 IPBusEnum C:\Windows\system32\ipbusenum.dll
15:53:55.0096 2992 IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:53:55.0299 2992 iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:53:55.0408 2992 IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:53:55.0517 2992 IPNAT C:\Windows\system32\drivers\ipnat.sys
15:53:55.0673 2992 iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:53:55.0767 2992 IRENUM C:\Windows\system32\drivers\irenum.sys
15:53:55.0938 2992 isapnp C:\Windows\system32\drivers\isapnp.sys
15:53:56.0079 2992 iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:53:56.0172 2992 kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:53:56.0328 2992 kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:53:56.0453 2992 KeyIso C:\Windows\system32\lsass.exe
15:53:56.0578 2992 KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:53:56.0734 2992 KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:53:56.0921 2992 KtmRm C:\Windows\system32\msdtckrm.dll
15:53:57.0046 2992 LanmanServer C:\Windows\System32\srvsvc.dll
15:53:57.0171 2992 LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:53:57.0296 2992 lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:53:57.0436 2992 lltdsvc C:\Windows\System32\lltdsvc.dll
15:53:57.0545 2992 lmhosts C:\Windows\System32\lmhsvc.dll
15:53:57.0701 2992 LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:53:57.0810 2992 LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:53:57.0966 2992 LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:53:58.0076 2992 LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:53:58.0185 2992 luafv C:\Windows\system32\drivers\luafv.sys
15:53:58.0341 2992 Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:53:58.0450 2992 megasas C:\Windows\system32\DRIVERS\megasas.sys
15:53:58.0622 2992 MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:53:58.0824 2992 MMCSS C:\Windows\system32\mmcss.dll
15:53:58.0918 2992 Modem C:\Windows\system32\drivers\modem.sys
15:53:59.0043 2992 monitor C:\Windows\system32\DRIVERS\monitor.sys
15:53:59.0183 2992 mouclass C:\Windows\system32\drivers\mouclass.sys
15:53:59.0324 2992 mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:53:59.0433 2992 mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:53:59.0573 2992 mpio C:\Windows\system32\drivers\mpio.sys
15:53:59.0682 2992 mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:53:59.0870 2992 MpsSvc C:\Windows\system32\mpssvc.dll
15:53:59.0979 2992 MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:54:00.0104 2992 mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:54:00.0213 2992 mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:54:00.0338 2992 mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:54:00.0478 2992 msahci C:\Windows\system32\drivers\msahci.sys
15:54:00.0603 2992 msdsm C:\Windows\system32\drivers\msdsm.sys
15:54:00.0712 2992 MSDTC C:\Windows\System32\msdtc.exe
15:54:00.0852 2992 Msfs C:\Windows\system32\drivers\Msfs.sys
15:54:00.0962 2992 mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:54:01.0102 2992 msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:54:01.0227 2992 MSiSCSI C:\Windows\system32\iscsiexe.dll
15:54:01.0367 2992 MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:54:01.0476 2992 MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:54:01.0601 2992 MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:54:01.0726 2992 MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:54:01.0851 2992 mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:54:02.0007 2992 MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:54:02.0116 2992 MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:54:02.0225 2992 Mup C:\Windows\system32\Drivers\mup.sys
15:54:02.0366 2992 napagent C:\Windows\system32\qagentRT.dll
15:54:02.0506 2992 NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:54:02.0631 2992 NDIS C:\Windows\system32\drivers\ndis.sys
15:54:02.0740 2992 NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:54:02.0849 2992 NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:54:02.0990 2992 Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:54:03.0130 2992 NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:54:03.0224 2992 NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:54:03.0364 2992 NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:54:03.0489 2992 NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:54:03.0598 2992 Netlogon C:\Windows\system32\lsass.exe
15:54:03.0754 2992 Netman C:\Windows\System32\netman.dll
15:54:03.0926 2992 netprofm C:\Windows\System32\netprofm.dll
15:54:04.0082 2992 NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:54:04.0206 2992 nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:54:04.0347 2992 NlaSvc C:\Windows\System32\nlasvc.dll
15:54:04.0456 2992 Npfs C:\Windows\system32\drivers\Npfs.sys
15:54:04.0565 2992 nsi C:\Windows\system32\nsisvc.dll
15:54:04.0690 2992 nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:54:04.0924 2992 Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:54:05.0033 2992 Null C:\Windows\system32\drivers\Null.sys
15:54:06.0765 2992 nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:54:07.0030 2992 nvraid C:\Windows\system32\drivers\nvraid.sys
15:54:07.0139 2992 nvstor C:\Windows\system32\drivers\nvstor.sys
15:54:07.0264 2992 nvsvc C:\Windows\system32\nvvsvc.exe
15:54:07.0389 2992 nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:54:07.0514 2992 ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:54:07.0670 2992 ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:54:07.0997 2992 osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:54:08.0184 2992 p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:54:08.0309 2992 p2psvc C:\Windows\system32\p2psvc.dll
15:54:08.0418 2992 Parport C:\Windows\system32\DRIVERS\parport.sys
15:54:08.0559 2992 partmgr C:\Windows\system32\drivers\partmgr.sys
15:54:08.0668 2992 Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:54:08.0777 2992 pavboot C:\Windows\system32\drivers\pavboot.sys
15:54:08.0933 2992 PcaSvc C:\Windows\System32\pcasvc.dll
15:54:09.0042 2992 pci C:\Windows\system32\drivers\pci.sys
15:54:09.0152 2992 pciide C:\Windows\system32\drivers\pciide.sys
15:54:09.0370 2992 pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:54:09.0510 2992 PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
15:54:09.0604 2992 pcw C:\Windows\system32\drivers\pcw.sys
15:54:09.0729 2992 PEAUTH C:\Windows\system32\drivers\peauth.sys
15:54:09.0963 2992 PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:54:10.0103 2992 pla C:\Windows\system32\pla.dll
15:54:10.0244 2992 PlugPlay C:\Windows\system32\umpnpmgr.dll
15:54:10.0353 2992 PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:54:10.0478 2992 PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:54:10.0634 2992 PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:54:10.0727 2992 Power C:\Windows\system32\umpo.dll
15:54:10.0852 2992 PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:54:10.0977 2992 Processor C:\Windows\system32\DRIVERS\processr.sys
15:54:11.0117 2992 ProfSvc C:\Windows\system32\profsvc.dll
15:54:11.0226 2992 ProtectedStorage C:\Windows\system32\lsass.exe
15:54:11.0351 2992 Psched C:\Windows\system32\DRIVERS\pacer.sys
15:54:11.0492 2992 ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:54:11.0585 2992 ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:54:11.0726 2992 QWAVE C:\Windows\system32\qwave.dll
15:54:11.0850 2992 QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:54:11.0975 2992 RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:54:12.0100 2992 RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:54:12.0240 2992 RasAuto C:\Windows\System32\rasauto.dll
15:54:12.0350 2992 Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:54:12.0506 2992 RasMan C:\Windows\System32\rasmans.dll
15:54:12.0584 2992 RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:54:12.0708 2992 RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:54:12.0880 2992 rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:54:12.0974 2992 rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:54:13.0098 2992 RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:54:13.0239 2992 RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:54:13.0332 2992 RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:54:13.0457 2992 RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:54:13.0613 2992 RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:54:13.0738 2992 RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:54:13.0863 2992 rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:54:13.0972 2992 RemoteAccess C:\Windows\System32\mprdim.dll
15:54:14.0115 2992 RemoteRegistry C:\Windows\system32\regsvc.dll
15:54:14.0225 2992 Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
15:54:14.0349 2992 RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:54:14.0490 2992 RpcLocator C:\Windows\system32\locator.exe
15:54:14.0615 2992 RpcSs C:\Windows\system32\rpcss.dll
15:54:14.0724 2992 rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:54:14.0864 2992 RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
15:54:14.0973 2992 s3cap C:\Windows\system32\drivers\vms3cap.sys
15:54:15.0098 2992 SamSs C:\Windows\system32\lsass.exe
15:54:15.0254 2992 SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:54:15.0332 2992 SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:54:15.0473 2992 sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:54:15.0613 2992 SCardSvr C:\Windows\System32\SCardSvr.dll
15:54:15.0722 2992 scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:54:15.0878 2992 Schedule C:\Windows\system32\schedsvc.dll
15:54:15.0987 2992 SCPolicySvc C:\Windows\System32\certprop.dll
15:54:16.0097 2992 SDRSVC C:\Windows\System32\SDRSVC.dll
15:54:16.0237 2992 secdrv C:\Windows\system32\drivers\secdrv.sys
15:54:16.0346 2992 seclogon C:\Windows\system32\seclogon.dll
15:54:16.0471 2992 SENS C:\Windows\system32\sens.dll
15:54:16.0596 2992 SensrSvc C:\Windows\system32\sensrsvc.dll
15:54:16.0721 2992 Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:54:16.0845 2992 Serial C:\Windows\system32\DRIVERS\serial.sys
15:54:16.0970 2992 sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:54:17.0095 2992 SessionEnv C:\Windows\system32\sessenv.dll
15:54:17.0235 2992 sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:54:17.0345 2992 sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:54:17.0469 2992 sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:54:17.0594 2992 sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:54:17.0750 2992 SharedAccess C:\Windows\System32\ipnathlp.dll
15:54:17.0859 2992 ShellHWDetection C:\Windows\System32\shsvcs.dll
15:54:17.0953 2992 sisagp C:\Windows\system32\drivers\sisagp.sys
15:54:18.0109 2992 SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:54:18.0218 2992 SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:54:18.0421 2992 SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:54:18.0530 2992 Smb C:\Windows\system32\DRIVERS\smb.sys
15:54:18.0655 2992 SNMPTRAP C:\Windows\System32\snmptrap.exe
15:54:18.0795 2992 spldr C:\Windows\system32\drivers\spldr.sys
15:54:18.0920 2992 Spooler C:\Windows\System32\spoolsv.exe
15:54:19.0107 2992 sppsvc C:\Windows\system32\sppsvc.exe
15:54:19.0279 2992 sppuinotify C:\Windows\system32\sppuinotify.dll
15:54:19.0404 2992 srv C:\Windows\system32\DRIVERS\srv.sys
15:54:19.0529 2992 srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:54:19.0638 2992 srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:54:19.0778 2992 SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:54:19.0872 2992 SstpSvc C:\Windows\system32\sstpsvc.dll
15:54:20.0028 2992 stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:54:20.0153 2992 StiSvc C:\Windows\System32\wiaservc.dll
15:54:20.0262 2992 storflt C:\Windows\system32\drivers\vmstorfl.sys
15:54:20.0387 2992 storvsc C:\Windows\system32\drivers\storvsc.sys
15:54:20.0496 2992 swenum C:\Windows\system32\drivers\swenum.sys
15:54:20.0652 2992 swprv C:\Windows\System32\swprv.dll
15:54:20.0808 2992 SysMain C:\Windows\system32\sysmain.dll
15:54:20.0917 2992 TabletInputService C:\Windows\System32\TabSvc.dll
15:54:21.0042 2992 TapiSrv C:\Windows\System32\tapisrv.dll
15:54:21.0167 2992 TBS C:\Windows\System32\tbssvc.dll
15:54:21.0385 2992 Tcpip C:\Windows\system32\drivers\tcpip.sys
15:54:21.0494 2992 TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:54:21.0635 2992 tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:54:21.0744 2992 TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:54:21.0853 2992 TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:54:21.0993 2992 tdx C:\Windows\system32\DRIVERS\tdx.sys
15:54:22.0118 2992 TermDD C:\Windows\system32\drivers\termdd.sys
15:54:22.0290 2992 TermService C:\Windows\System32\termsrv.dll
15:54:22.0477 2992 Themes C:\Windows\system32\themeservice.dll
15:54:22.0664 2992 THREADORDER C:\Windows\system32\mmcss.dll
15:54:22.0773 2992 TrkWks C:\Windows\System32\trkwks.dll
15:54:23.0007 2992 TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:54:23.0195 2992 tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:54:23.0335 2992 TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:54:23.0507 2992 tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:54:23.0678 2992 uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:54:23.0772 2992 udfs C:\Windows\system32\DRIVERS\udfs.sys
15:54:23.0912 2992 UI0Detect C:\Windows\system32\UI0Detect.exe
15:54:24.0037 2992 uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:54:24.0146 2992 umbus C:\Windows\system32\drivers\umbus.sys
15:54:24.0287 2992 UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:54:24.0411 2992 UmRdpService C:\Windows\System32\umrdp.dll
15:54:24.0536 2992 upnphost C:\Windows\System32\upnphost.dll
15:54:24.0645 2992 usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:54:24.0770 2992 usbcir C:\Windows\system32\drivers\usbcir.sys
15:54:24.0895 2992 usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:54:25.0035 2992 usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:54:25.0145 2992 usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:54:25.0269 2992 usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:54:25.0410 2992 USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:54:25.0519 2992 usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:54:25.0644 2992 UxSms C:\Windows\System32\uxsms.dll
15:54:25.0769 2992 VaultSvc C:\Windows\system32\lsass.exe
15:54:25.0893 2992 vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:54:26.0049 2992 vds C:\Windows\System32\vds.exe
15:54:26.0159 2992 vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:54:26.0283 2992 VgaSave C:\Windows\System32\drivers\vga.sys
15:54:26.0408 2992 vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:54:26.0502 2992 viaagp C:\Windows\system32\drivers\viaagp.sys
15:54:26.0642 2992 ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:54:26.0767 2992 viaide C:\Windows\system32\drivers\viaide.sys
15:54:26.0892 2992 vmbus C:\Windows\system32\drivers\vmbus.sys
15:54:27.0017 2992 VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:54:27.0141 2992 volmgr C:\Windows\system32\drivers\volmgr.sys
15:54:27.0329 2992 volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:54:27.0438 2992 volsnap C:\Windows\system32\drivers\volsnap.sys
15:54:27.0563 2992 vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:54:27.0765 2992 VSS C:\Windows\system32\vssvc.exe
15:54:27.0875 2992 vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:54:28.0015 2992 W32Time C:\Windows\system32\w32time.dll
15:54:28.0155 2992 WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:54:28.0296 2992 WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:54:28.0374 2992 Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:54:28.0904 2992 WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:54:29.0154 2992 wbengine C:\Windows\system32\wbengine.exe
15:54:29.0263 2992 WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:54:29.0388 2992 wcncsvc C:\Windows\System32\wcncsvc.dll
15:54:29.0497 2992 WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:54:29.0622 2992 Wd C:\Windows\system32\DRIVERS\wd.sys
15:54:29.0809 2992 Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:54:29.0903 2992 WdiServiceHost C:\Windows\system32\wdi.dll
15:54:30.0027 2992 WdiSystemHost C:\Windows\system32\wdi.dll
15:54:30.0183 2992 WebClient C:\Windows\System32\webclnt.dll
15:54:30.0324 2992 Wecsvc C:\Windows\system32\wecsvc.dll
15:54:30.0433 2992 wercplsupport C:\Windows\System32\wercplsupport.dll
15:54:30.0542 2992 WerSvc C:\Windows\System32\WerSvc.dll
15:54:30.0683 2992 WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:54:30.0792 2992 WIMMount C:\Windows\system32\drivers\wimmount.sys
15:54:30.0979 2992 WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:54:31.0119 2992 Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:54:31.0307 2992 WinRM C:\Windows\system32\WsmSvc.dll
15:54:31.0478 2992 WiseBootAssistant C:\Program Files\Wise\Wise Care 365\BootTime.exe
15:54:31.0634 2992 Wlansvc C:\Windows\System32\wlansvc.dll
15:54:31.0790 2992 wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:54:31.0962 2992 wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:54:32.0118 2992 WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:54:32.0243 2992 wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:54:32.0523 2992 WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:54:32.0648 2992 WPCSvc C:\Windows\System32\wpcsvc.dll
15:54:32.0773 2992 WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:54:32.0913 2992 ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:54:33.0023 2992 wscsvc C:\Windows\system32\wscsvc.dll
15:54:33.0272 2992 wuauserv C:\Windows\system32\wuaueng.dll
15:54:33.0413 2992 WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:54:33.0506 2992 WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:54:33.0678 2992 wudfsvc C:\Windows\System32\WUDFSvc.dll
15:54:33.0771 2992 WwanSvc C:\Windows\System32\wwansvc.dll
15:54:33.0881 2992 ================ Scan global ===============================
15:54:33.0927 2992 C:\Windows\system32\basesrv.dll
15:54:33.0990 2992 C:\Windows\system32\winsrv.dll
15:54:34.0005 2992 C:\Windows\system32\winsrv.dll
15:54:34.0037 2992 C:\Windows\system32\sxssrv.dll
15:54:34.0068 2992 C:\Windows\system32\services.exe
15:54:34.0083 2992 ================ Scan MBR ==================================
15:54:34.0099 2992 \Device\Harddisk0\DR0
15:54:40.0635 2992 ================ Scan VBR ==================================
15:54:40.0682 2992 \Device\Harddisk0\DR0\Partition1
15:54:40.0682 2992 ================ Scan UEFI extensions ======================
15:54:40.0682 2992 ================ Scan active images ========================
15:54:40.0682 2992 ============================================================
15:54:40.0682 2992 Scan finished
15:54:40.0682 2992 ============================================================
15:54:41.0525 2500 Deinitialize success
.
==============================================
System Restore Point Check:
.
TDSSKiller Starter Restore Point Created Succesfully
==============================================
.
==============================================
C:\TDSSKiller.2.8.15.0_09.02.2013_14.45.24_log.txt
C:\TDSSKiller.2.8.15.0_09.02.2013_14.50.04_log.txt
C:\TDSSKiller.2.8.15.0_09.02.2013_14.51.35_log.txt
==============================================
Registry Export
.
==============================================
EOF
Harry
Ben

09-02-2013 18:22

Hallo,
Je heb de scan een aantal maal uitgevoerd waarom?
Deze fout ( 0x80070003 ) heeft met een update te maken
Je kunt proberen of de system file checker (sfc) iets kan repareren:
Start - Alle Programma's - Bureauaccessoires - Rechtsklik op Opdrachtprompt en kies voor ‘als Administrator uitvoeren’
Typ in dat zwarte scherm: sfc /scannow . Dat duurt wel even.
Gr.Ben
Harry

10-02-2013 09:43

Het vreemde van alles is ook dat ik wel gewoon Skype, e-mail, windows updates kan openen
en kan bekijken, maar dat ik niet en pagina kan openen van internet.
Heb dus op de ene manier wel, en op de andere manier geen internet.
Wat kan dit zijn, iets met een sleutel in het register of zo?
Harry
Ben

10-02-2013 10:05

Hallo,
Download DDS en bewaar het op je bureaublad.
Schakel programma's uit die scripts blokkeren, zoals je Antivirus
Dubbelklik op dds.scr om de tool te starten.
Na het voltooien van de scan zal een tekstbestand met de naam DDS.txt openen.
Klik opYes voor de Optional Scan. Dit zal het bestand Attach.txt aanmaken.
Kopieer en plak beide logs in je volgende post. Het is beter om hiervoor twee posts te maken aangezien beide logs niet in één post zullen passen.
Gr.Ben
Harry

10-02-2013 11:10

It namelijk op een ander zijn pc nu, en ik vind het dus raar dat ik wel internet heb,
maar geen pagina kan openen.
Waar het aan zou kunnen liggen is me een raadsel.
Zal straks de DDS van je doen (thuis) en hopelijk lost dat het op.
Harry
Harry

10-02-2013 12:15

nr 1
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 8-6-2012 21:32:08
System Uptime: 10-2-2013 8:27:49 (4 hours ago)
.
Motherboard: Packard Bell BV | | MCP73VT-PM
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz | CPU 1 | 2003/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 107,108 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP159: 6-2-2013 6:09:30 - Windows Update
RP160: 8-2-2013 22:50:33 - Herstelbewerking
RP161: 9-2-2013 15:52:53 - TDSSKiller Starter restore point
RP163: 10-2-2013 8:08:39 - Created by Wise Care 365
.
==== Installed Programs ======================
.
1Click DVD to Divx Avi 2.12
Aangifte inkomstenbelasting 2010
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.01)
Advanced SystemCare 5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio
Ashampoo Burning Studio 12 v.12.0.1
Auslogics BoostSpeed
avast! Free Antivirus
Bonjour
BS.Player FREE
CCleaner
ConvertXtoDVD
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup
Eusing Free Registry Cleaner
FileHippo.com Update Checker
Glary Utilities 2.50.0.1632
Google Toolbar for Internet Explorer
Hard Drive Inspector Professional 4.1 build # 143
HiJackThis
HP Product Detection
iTunes
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 32
Joboshare AVI MPEG Converter
Junk Mail filter update
Luxor - Amun Rising HD
Malwarebytes Anti-Malware versie 1.70.0.1100
Mediacenter Radiopack voor Windows7
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile NLD Language Pack
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Dutch) 2010
Microsoft Office Excel MUI (Dutch) 2010
Microsoft Office Groove MUI (Dutch) 2010
Microsoft Office InfoPath MUI (Dutch) 2010
Microsoft Office OneNote MUI (Dutch) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Dutch) 2010
Microsoft Office PowerPoint MUI (Dutch) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Dutch) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proofing (Dutch) 2010
Microsoft Office Publisher MUI (Dutch) 2010
Microsoft Office Shared MUI (Dutch) 2010
Microsoft Office Word MUI (Dutch) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
NewsLeecher v4.0 Final
NVIDIA Display Control Panel
NVIDIA Drivers
NZBEE
NzbMagic
Panda ActiveScan 2.0
PC Tools Registry Mechanic 11.1
PlayReady PC Runtime x86
PVSonyDll
QuickPar 0.9
Radio Online V7.6.0
Revo Uninstaller Pro 2.5.9
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype™ 6.1
SpotLite
SpywareBlaster 4.6
SUPERAntiSpyware
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
Uniblue DriverScanner
UPC Fiber Power Optimizer
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
Vinny27 - VSO Convert X to DVD v4.1.19.365c
VLC media player 2.0.3
VSO ConvertXtoDVD 5
Winamp (Remove Only)
WinAVI All in One Converter
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
winiso v6.1.0.4413
WinRAR 4.20 (32-bit)
Wise Care 365 version 2.06
.
==== End Of File ===========================
nr 2
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Gebruiker at 12:10:19 on 2013-02-10
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.1791.892
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://startpagina.nl/
uWindow Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: “c:\program files\skype\phone\Skype.exe” /minimized /regrun
mRun: “c:\program files\avast software\avast\avastUI.exe” /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the ‘Force scan all domains’ option.
.
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{E8641357-5132-43AA-A8FD-63D3C6DFA8D7} : DHCPNameServer = 212.54.35.25 212.54.40.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: livecall -
Handler: msnim -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe
S2 WiseBootAssistant;Wise Boot Assistant;c:\program files\wise\wise care 365\BootTime.exe
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys
S3 c2wts;Claims voor Windows Token Service;c:\program files\windows identity foundation\v3.5\c2wtshost.exe
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe
.
=============== Created Last 30 ================
.
2013-02-10 07:14:59 ——– d—–w- c:\program files\Eusing Free Registry Cleaner
2013-02-10 06:20:01 ——– d—–w- c:\users\gebruiker\appdata\local\{97C0D660-4195-472C-A852-015A153AA871}
2013-02-09 14:53:15 ——– d—–w- C:\TDSSStarter
2013-02-09 13:48:13 ——– d—–w- C:\TDSSKiller_Quarantine
2013-02-09 07:13:05 ——– d—–w- c:\users\gebruiker\appdata\local\{A169F910-C18F-474D-A102-A270CAF21010}
2013-02-08 22:01:39 6991832 —-a-w- c:\programdata\microsoft\windows defender\definition updates\{02339290-9d6a-4e54-970e-68ecd5649953}\mpengine.dll
2013-02-08 20:13:04 ——– d—–w- c:\users\gebruiker\appdata\local\VirtualStore
2013-02-08 18:24:38 ——– d—–w- c:\users\gebruiker\appdata\local\{09219177-9C1D-439C-9776-20E338F8E347}
2013-02-08 04:51:06 ——– d—–w- c:\users\gebruiker\appdata\local\{38EC49E9-5EC8-4C7C-AEEE-56427465895E}
2013-02-07 18:27:21 ——– d—–w- c:\users\gebruiker\appdata\roaming\WinISO Computing
2013-02-07 18:26:56 ——– d—–w- c:\program files\winiso
2013-02-07 16:04:23 ——– d—–w- c:\users\gebruiker\appdata\local\{2300F023-69AE-4FC9-97A0-F44CAF2A085B}
2013-02-06 18:07:40 ——– d—–w- c:\users\gebruiker\appdata\local\{6407573A-46D0-49BF-8A13-5A5BE9129183}
2013-02-06 05:19:04 ——– d—–w- c:\users\gebruiker\appdata\local\{47ADBA09-723A-4199-A8E3-67785C10EB47}
2013-02-05 15:26:24 ——– d—–w- c:\users\gebruiker\appdata\local\{3501E12B-A775-4EC9-8B80-5D72EBD45F05}
2013-02-04 18:13:24 ——– d—–w- c:\users\gebruiker\appdata\local\{DF473F8B-B7C9-4E6C-ADFE-24EDB132DE9F}
2013-02-04 05:22:41 ——– d—–w- c:\users\gebruiker\appdata\local\{436F2857-D405-4F87-A48B-59583F2A050F}
2013-02-03 07:32:05 ——– d—–w- c:\users\gebruiker\appdata\local\{237E390B-9530-49C1-A35C-3DA4B9855FCD}
2013-02-02 16:02:52 ——– d—–w- c:\users\gebruiker\appdata\roaming\unikgame
2013-02-02 15:53:39 ——– d—–w- c:\users\gebruiker\appdata\roaming\GrandMA Studios
2013-02-02 06:29:24 ——– d—–w- c:\users\gebruiker\appdata\local\{A12D87E7-2306-44D0-8723-92ACE74874F9}
2013-02-01 05:10:49 ——– d—–w- c:\users\gebruiker\appdata\local\{20CBA273-CB13-4DC7-A902-13851BA463C2}
2013-01-31 19:47:50 ——– d—–w- c:\program files\Luxor - Amun Rising HD
2013-01-31 14:26:36 ——– d—–w- c:\users\gebruiker\appdata\local\{564C0779-D8D4-42EE-AA7B-7763A04DFDA0}
2013-01-30 19:13:34 ——– d—–w- c:\users\gebruiker\appdata\local\{EA9F186E-70A5-4BE9-BBF0-2DA5E6C70040}
2013-01-30 05:21:18 ——– d—–w- c:\users\gebruiker\appdata\local\{22E2B397-1209-4494-9682-71D65D480555}
2013-01-29 15:52:02 ——– d—–w- c:\users\gebruiker\appdata\local\{7FE30DB4-8CE2-4C3F-959F-0AEEC0D52149}
2013-01-28 21:28:07 ——– d—–w- c:\users\gebruiker\appdata\local\{BBB56C5A-1F38-4635-A144-B2FB5EA929AC}
2013-01-28 05:27:35 ——– d—–w- c:\users\gebruiker\appdata\local\{63E86C38-52E1-49FF-9BB9-F5F05FD14BB0}
2013-01-27 08:09:50 ——– d—–w- c:\users\gebruiker\appdata\local\{57AE3C53-B0C9-4984-8228-1F52E5E07A7D}
2013-01-26 15:58:39 ——– d—–w- c:\users\gebruiker\appdata\local\{2D8D48C5-EA30-43F8-84D3-2FA192A55136}
2013-01-26 13:47:21 ——– d—–w- c:\users\gebruiker\appdata\local\{6B205D9E-5541-4777-9B03-C95C18BF3596}
2013-01-26 11:46:49 ——– d—–w- c:\users\gebruiker\appdata\local\{F28CCE8D-26CA-4F08-84D1-A2C1E7E18FBC}
2013-01-25 22:16:26 ——– d—–w- c:\users\gebruiker\appdata\local\{A2D41FA4-48E9-46A0-8675-D39E66E73FCA}
2013-01-25 07:46:16 ——– d—–w- c:\users\gebruiker\appdata\local\{08E1DE0A-483D-41BA-8D93-F60F652974A2}
2013-01-24 06:19:47 ——– d—–w- c:\users\gebruiker\appdata\local\{7DA36201-9FE7-47D9-A58A-C4008D8584EC}
2013-01-23 06:49:51 ——– d—–w- c:\users\gebruiker\appdata\local\{8D82C132-D4DD-4923-B87B-D446FF756782}
2013-01-22 19:01:10 ——– d—–w- c:\program files\NzbMagic
2013-01-22 10:46:13 ——– d—–w- c:\users\gebruiker\appdata\local\{64BC174E-2937-4DB6-B8D6-49100A618098}
2013-01-22 10:46:01 ——– d—–w- c:\users\gebruiker\appdata\local\{8E78BD88-67E1-4A54-9527-BD5EDB2CE944}
2013-01-22 09:03:08 ——– d—–w- c:\users\gebruiker\appdata\local\{5BF56461-A5FA-4E19-AA44-C718C9F0C60F}
2013-01-21 19:02:45 ——– d—–w- c:\users\gebruiker\appdata\local\{1329E156-AB73-41DA-9DEC-38F7BD26B4C3}
2013-01-21 06:54:15 ——– d—–w- c:\users\gebruiker\appdata\local\{F25BBA9A-49A2-43D9-BBED-7B85E2EEBE3A}
2013-01-20 07:42:55 ——– d—–w- c:\users\gebruiker\appdata\local\{DBDBA5C0-8E8A-4238-92B9-500D538A1E1D}
2013-01-19 06:21:13 ——– d—–w- c:\users\gebruiker\appdata\local\{B7052E30-FDE6-4011-8FAC-DA69084C3D30}
2013-01-18 07:19:31 ——– d—–w- c:\users\gebruiker\appdata\local\{22EEDA42-F427-493D-8C9A-8C36AFD323DA}
2013-01-17 07:06:04 ——– d—–w- c:\users\gebruiker\appdata\local\{3C9A16B3-10F5-4A76-A4CC-175B29BA7DD9}
2013-01-16 11:53:45 ——– d—–w- c:\users\gebruiker\appdata\local\{E948480B-3622-465C-9DBE-27DDCB77104D}
2013-01-15 20:20:43 ——– d—–w- c:\users\gebruiker\appdata\local\{DDB188D9-57EC-422B-8044-D1AC37A4ECAD}
2013-01-15 07:04:26 ——– d—–w- c:\users\gebruiker\appdata\local\{DDFA9CAF-20B4-4C4C-AA31-7321DA1FFADD}
2013-01-14 08:56:47 ——– d—–w- c:\users\gebruiker\appdata\local\{87315FBB-D831-4755-B11B-8630AEC49CE7}
2013-01-13 20:14:35 ——– d—–w- c:\users\gebruiker\appdata\local\{590DAD4E-D677-43DA-ADEA-C0B86F452ECE}
2013-01-13 07:20:17 ——– d—–w- c:\users\gebruiker\appdata\local\{4F146EE2-2B15-4298-B0BA-F8AAC2E82805}
2013-01-12 11:32:35 ——– d—–w- c:\users\gebruiker\appdata\local\{D7C23F77-5CE3-438D-9FDE-D3FF843AEE9B}
2013-01-12 07:00:29 ——– d—–w- c:\users\gebruiker\appdata\local\{93501AFA-F037-4B9E-B7CF-D237AAEC8CFE}
2013-01-12 06:33:16 ——– d—–w- c:\users\gebruiker\appdata\local\{95994050-069C-460A-B29B-F0A88BE80752}
2013-01-11 18:32:31 ——– d—–w- c:\users\gebruiker\appdata\local\{820848FD-BB83-4D6F-AD76-303CFA02EC8E}
.
==================== Find3M ====================
.
2013-01-29 18:10:21 691568 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-29 18:10:20 71024 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-17 00:28:58 232336 ——w- c:\windows\system32\MpSigStub.exe
2012-12-27 14:09:16 88064 —-a-w- c:\windows\system32\AudioExCtl.dll
2012-12-16 14:13:28 295424 —-a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 —-a-w- c:\windows\system32\atmlib.dll
2012-12-14 15:49:28 21104 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-12-07 12:26:17 308736 —-a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 —-a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 —-a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 —-a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 —-a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 —ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 —ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 —ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 —ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56:23 2345984 —-a-w- c:\windows\system32\win32k.sys
2012-11-23 02:48:41 49152 —-a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 —-a-w- c:\windows\system32\usp10.dll
2012-11-21 16:48:49 87608 —-a-w- c:\users\gebruiker\appdata\roaming\inst.exe
2012-11-21 16:48:49 47360 —-a-w- c:\users\gebruiker\appdata\roaming\pcouffin.sys
2012-11-20 04:51:09 220160 —-a-w- c:\windows\system32\ncrypt.dll
2012-11-14 02:09:22 1800704 —-a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 —-a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 —-a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 —-a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 —-a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-11-13 20:29:04 354216 —-a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2012-05-04 07:04:00 2174976 —-a-w- c:\program files\common files\atimpenc.dll
.
============= FINISH: 12:10:46,90 ===============
Ben

10-02-2013 12:48

Hallo,
Download TDSSQlook.exe naar het bureaublad.
Dubbelklik op "TDSSQlook.exe" om de tool te starten.
Let op!!!Windows Vista & 7 gebruikers dienen TDSSQlook.exe als administrator uit te voeren "Rechtermuisknop uitvoeren als",
Typ A gevolgd door Enter om de “Scan” te starten.
Wacht tot het CMD-venster sluit en een kladblokvenster met het logje opent.
Selecteer de volledige inhoud van het log en kopieer dit in je volgende bericht.
Gr.Ben
Harry

10-02-2013 12:58

TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - Gebruiker - zo 10-02-2013 - 12:55:44,84.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1
***** START SCAN zo 10-02-2013 12:55:45,50 *****
———- TDSSKiller logs ———-
TDSSKiller.2.8.15.0_09.02.2013_14.45.24_log.txt
TDSSKiller.2.8.15.0_09.02.2013_14.50.04_log.txt
TDSSKiller.2.8.15.0_09.02.2013_14.51.35_log.txt
———- TDSSStarter logs ———-
Report_09-02-2013_1554_.txt
———- DIR LIST ———-
C:\TDSSKiller_Quarantine\09.02.2013_14.45.24
C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000
C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\svc0000
C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\object.ini
C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\svc0000\object.ini
———- INI FILES ———-
=== C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\object.ini
Verdict: LockedFile.Multi.Generic
=== C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\svc0000\object.ini
Type: Service
Name: sptd
Type: Kernel driver (0x1)
Start: Boot (0x0)
ImagePath: System32\Drivers\sptd.sys
Suspicious states: Locked file;
=== C:\TDSSKiller_Quarantine\09.02.2013_14.45.24\susp0000\svc0000\tsk0000.ini
Type: Raw image
Src: C:\Windows\system32\Drivers\sptd.sys
md5: CDDDEC541BC3C96F91ECB48759673505
***** END SCAN zo 10-02-2013 12:55:45,65 *****

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Betreft: Virus

Harry

Ben

Harry

Ben

Harry

Ben

Harry

Harry

Ben

Harry