1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

google redirects me to adultfriendfinder, groupon and other spamsites

Discussion in 'Virus & Other Malware Removal' started by govert, Nov 4, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    Hello,
    my problem is that google redirect me to al different websites like adultvriendfinder(963192150), groupon, planet49, night-no and many more. sometimes they get blokked with anti-malware but more often not.
    i've also had a problem with GMER scanning. it crashed the computer twice.
    can anybody help me please,
    govert


    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit
    Processor: Intel(R) Atom(TM) CPU N550 @ 1.50GHz, x64 Family 6 Model 28 Stepping 10
    Processor Count: 4
    RAM: 2035 Mb
    Graphics Card: Intel(R) Graphics Media Accelerator 3150, 256 Mb
    Hard Drives: C: Total - 238372 MB, Free - 176959 MB;
    Motherboard: Dell Inc., Inspiron 1090
    Antivirus: Microsoft Security Essentials, Updated and Enabled

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:22:30, on 3-11-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\STMicroelectronics\Accelerometer-Magnetometer\PopUp_DM.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Squeezebox\SqueezeTray.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\BTGUARD\uTorrent.exe
    C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe
    C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
    C:\BTGUARD\myentunnel.exe
    C:\BTGUARD\plink.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\DllHost.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nu.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Dell Magneto Popup] C:\Program Files\STMicroelectronics\Accelerometer-Magnetometer\PopUp_DM.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [CnxtCoInstallerDefer] C:\Program Files\CONEXANT\PREINSTALL\SETUP4E993818342\setup.exe -REBOOTED_FROM_NO_ENUM_INSTALL_METHOD=2 -S2 -S3
    O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [hkmu] rundll32 "C:\Users\user\AppData\Roaming\license3.dll",Zjutj
    O4 - HKCU\..\Run: [Spotify] "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSXP1IIZ\Spotify Installer.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: BTGuard Updates.lnk = C:\BTGUARD\settings.exe
    O4 - Global Startup: Systeempictogram van Squeezebox Server.lnk = C:\Program Files\Squeezebox\SqueezeTray.exe
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.euro.dell.com/systemprofiler/SysProExe.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: leaf - {3C4A8A13-029E-430D-B8C1-46E834D20B31} - mscoree.dll (file missing)
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @C:\Windows\system32\CxAudMsg32.exe,-100 (CxAudMsg) - Conexant Systems Inc. - C:\Windows\system32\CxAudMsg32.exe
    O23 - Service: @C:\Windows\system32\CxUSBDock32.exe,-100 (CxUSBDock) - Conexant Systems Inc. - C:\Windows\system32\CxUSBDock32.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    --
    End of file - 8618 bytes


    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by user at 20:25:14 on 2011-11-03
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2036.832 [GMT 1:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\CxAudMsg32.exe
    C:\Windows\system32\CxUSBDock32.exe
    C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\STMicroelectronics\Accelerometer-Magnetometer\PopUp_DM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Squeezebox\SqueezeTray.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\BTGUARD\uTorrent.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe
    C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
    C:\BTGUARD\myentunnel.exe
    C:\BTGUARD\plink.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://nu.nl/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [hkmu] rundll32 "c:\users\user\appdata\roaming\license3.dll",Zjutj
    uRun: [Spotify] "c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\ksxp1iiz\Spotify Installer.exe" /uri spotify:autostart
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [Dell Magneto Popup] c:\program files\stmicroelectronics\accelerometer-magnetometer\PopUp_DM.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [CnxtCoInstallerDefer] c:\program files\conexant\preinstall\setup4e993818342\setup.exe -REBOOTED_FROM_NO_ENUM_INSTALL_METHOD=2 -S2 -S3
    mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\btguar~1.lnk - c:\btguard\settings.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\systee~1.lnk - c:\program files\squeezebox\SqueezeTray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.euro.dell.com/systemprofiler/SysProExe.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\26167656C637265616E637 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\27F65747562747A656 : DhcpNameServer = 192.168.1.1
    Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - c:\windows\system32\mscoree.dll
    Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
    R1 MpKslc1f3797e;MpKslc1f3797e;c:\programdata\microsoft\microsoft antimalware\definition updates\{bffad0cc-fa23-4af3-ac8a-f8f5f0ec4d7f}\MpKslc1f3797e.sys [2011-11-3 28752]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-10-20 821664]
    R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg32.exe [2011-10-15 190592]
    R2 CxUSBDock;Conexant USB Audio Dock Service;c:\windows\system32\CxUSBDock32.exe [2011-10-15 123008]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-28 366152]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-10-28 1153368]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-9-14 508264]
    R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2011-10-10 736672]
    R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-7-5 2337144]
    R3 acpials;ALS-sensorfilter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680]
    R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]
    R3 Fwleaf;NETGEAR Firewall Driver;c:\windows\system32\drivers\fwleaf.sys [2011-10-23 22848]
    R3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2011-5-26 55296]
    R3 LSM303DLH;STMicroelectronics™ 3-Axis Accelerometer/Magnetometer;c:\windows\system32\drivers\LSM303DLH.sys [2011-2-1 28272]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-28 22216]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
    R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-9-14 577384]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-9-14 194408]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-9-14 21864]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-9-14 19304]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-9-14 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2011-10-22 84832]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-6-13 54632]
    S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-29 1343400]
    .
    =============== Created Last 30 ================
    .
    2011-11-03 05:04:55 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bffad0cc-fa23-4af3-ac8a-f8f5f0ec4d7f}\MpKslc1f3797e.sys
    2011-11-03 05:04:51 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bffad0cc-fa23-4af3-ac8a-f8f5f0ec4d7f}\offreg.dll
    2011-11-02 14:45:36 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bffad0cc-fa23-4af3-ac8a-f8f5f0ec4d7f}\mpengine.dll
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconF7A21AF7.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconD7F16134.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconCF33A0CE.exe
    2011-10-30 12:03:06 -------- d-----w- C:\sh4ldr
    2011-10-30 12:03:05 -------- d-----w- c:\program files\Enigma Software Group
    2011-10-30 11:59:54 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
    2011-10-30 11:59:48 -------- d-----w- c:\program files\common files\Wise Installation Wizard
    2011-10-30 08:23:18 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-10-30 08:23:15 -------- d-----w- c:\program files\Trend Micro
    2011-10-28 18:15:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-10-28 18:15:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-10-28 14:50:21 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
    2011-10-28 14:50:05 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-28 14:49:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-28 14:49:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-23 18:51:51 -------- d-----w- c:\users\user\appdata\local\ReadyNASRemote
    2011-10-23 18:49:31 22848 ----a-w- c:\windows\system32\drivers\fwleaf.sys
    2011-10-23 14:03:26 -------- d-----w- C:\updates
    2011-10-23 13:59:44 -------- d-----w- c:\programdata\Squeezebox
    2011-10-23 13:59:44 -------- d-----w- c:\program files\Squeezebox
    2011-10-22 16:42:06 -------- d-----w- c:\program files\Makayama Interactive
    2011-10-22 07:42:41 -------- d-----w- c:\program files\FreeTime
    2011-10-22 07:17:17 -------- d-----w- C:\OUT_MEDIA_FILES
    2011-10-22 07:17:03 84832 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
    2011-10-22 07:17:03 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\roaming\Spotify
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\local\Spotify
    2011-10-21 19:27:48 -------- d-----w- c:\program files\NETGEAR ReadyNAS
    2011-10-20 15:43:59 805376 ----a-w- c:\windows\system32\FntCache.dll
    2011-10-20 15:43:58 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-10-20 15:43:58 1076736 ----a-w- c:\windows\system32\DWrite.dll
    2011-10-15 07:06:57 -------- d-----w- c:\users\user\appdata\local\SRS Labs
    2011-10-15 07:06:50 -------- d-----w- c:\program files\SRS Labs
    2011-10-15 07:06:26 123008 ------w- c:\windows\system32\CxUSBDock32.exe
    2011-10-15 07:06:19 190592 ------w- c:\windows\system32\CxAudMsg32.exe
    2011-10-15 07:05:55 -------- d-----w- c:\windows\system32\SRSLabs
    2011-10-15 07:04:06 330368 ----a-w- c:\windows\system32\UCI32A63.dll
    2011-10-15 07:04:03 521344 ----a-w- c:\windows\system32\drivers\CHDRT32.sys
    2011-10-15 07:04:03 1743488 ----a-w- c:\windows\system32\CX32PP25.dll
    2011-10-13 03:52:16 75776 ----a-w- c:\windows\system32\psisrndr.ax
    2011-10-13 03:52:16 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2011-10-13 03:52:13 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-13 03:52:13 233472 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-13 03:52:03 2334720 ----a-w- c:\windows\system32\win32k.sys
    2011-10-12 06:48:48 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
    2011-10-12 06:48:40 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{59de3282-6afa-4e53-94f7-e40e02388f6a}\gapaengine.dll
    2011-10-10 18:11:58 -------- d-----w- c:\programdata\ArcSoft
    2011-10-10 18:10:54 -------- d-----w- c:\users\user\appdata\local\Downloaded Installations
    2011-10-10 18:02:37 -------- d-----w- c:\users\user\appdata\local\Powercinema
    2011-10-10 17:43:35 841280 ----a-w- c:\windows\system32\PhotoStageScrSaver.scr
    2011-10-10 17:39:10 -------- d-----w- c:\users\user\appdata\local\ArcSoft
    2011-10-10 17:37:55 -------- d-----w- c:\users\user\appdata\local\Dell
    2011-10-10 17:35:33 -------- d-----w- c:\programdata\install_clap
    2011-10-10 11:48:35 -------- d-----w- c:\program files\CONEXANT
    2011-10-09 19:06:27 48648 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup-2\Markup.dll
    .
    ==================== Find3M ====================
    .
    2011-10-10 06:33:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-08-23 08:54:12 61952 --sha-r- c:\users\user\appdata\roaming\license3.dll
    .
    ============= FINISH: 20:27:48,91 ===============



    Catchme file:

    disk not found C:\
    please note that you need administrator rights to perform deep scan
     
  2. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    bump
     
  3. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hi and welcome to TSG.

    I am reviewing your logs and will respond with a reply as soon as I can.

    Please note that all my replies are reviewed by a qualified Analyst before I post. This ensures that you will continue to receive quality expert assistance.

    Thank you for your patience.
     
  4. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy
    my name is Daniel and I will be assisting you with your Malware related problems.

    Before we move on, please read the following points carefully.
    • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
    • Perform everything in the correct order. Sometimes one step requires the previous one.
    • If you have any problems while you are following my instructions, Stop there and tell me the exact nature of your problem.
    • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
    • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
    • If I don't hear from you within 3 days from this initial or any subsequent post, I will have to unsubscribe from this thread and move on to assist someone else.
    • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
    • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



    Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

    Download TDSSKiller.exe and save it to your desktop
    • Execute TDSSKiller.exe by doubleclicking on it.
    • Press Start Scan
    • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
    • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

    Please post the contents of that log in your next reply.



    Please launch DDS
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop and post both in your next reply



    Please post in your next reply
    TDSSKIller Log
    dds.txt
    attach.txt
     
  5. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    Hello Daniel,
    thank you for helping me.
    here are the file
    with kind regards,
    govert

    13:24:26.0634 3760 TDSS rootkit removing tool 2.6.16.0 Nov 7 2011 16:26:51
    13:24:27.0211 3760 ============================================================
    13:24:27.0211 3760 Current date / time: 2011/11/09 13:24:27.0211
    13:24:27.0211 3760 SystemInfo:
    13:24:27.0211 3760
    13:24:27.0211 3760 OS Version: 6.1.7601 ServicePack: 1.0
    13:24:27.0211 3760 Product type: Workstation
    13:24:27.0211 3760 ComputerName: USER-PC
    13:24:27.0211 3760 UserName: user
    13:24:27.0211 3760 Windows directory: C:\Windows
    13:24:27.0211 3760 System windows directory: C:\Windows
    13:24:27.0211 3760 Processor architecture: Intel x86
    13:24:27.0211 3760 Number of processors: 4
    13:24:27.0211 3760 Page size: 0x1000
    13:24:27.0211 3760 Boot type: Normal boot
    13:24:27.0211 3760 ============================================================
    13:24:40.0612 3760 Initialize success
    13:24:46.0337 1100 ============================================================
    13:24:46.0337 1100 Scan started
    13:24:46.0337 1100 Mode: Manual;
    13:24:46.0337 1100 ============================================================
    13:24:48.0896 1100 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
    13:24:48.0896 1100 1394ohci - ok
    13:24:49.0036 1100 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
    13:24:49.0036 1100 ACPI - ok
    13:24:49.0114 1100 acpials (79d6b28027c398b728ce7cd0570248b0) C:\Windows\system32\DRIVERS\acpials.sys
    13:24:49.0130 1100 acpials - ok
    13:24:49.0239 1100 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
    13:24:49.0270 1100 AcpiPmi - ok
    13:24:49.0473 1100 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    13:24:49.0473 1100 adp94xx - ok
    13:24:49.0863 1100 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    13:24:49.0878 1100 adpahci - ok
    13:24:50.0097 1100 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    13:24:50.0112 1100 adpu320 - ok
    13:24:50.0253 1100 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
    13:24:50.0253 1100 AFD - ok
    13:24:50.0378 1100 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
    13:24:50.0409 1100 agp440 - ok
    13:24:50.0471 1100 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    13:24:50.0487 1100 aic78xx - ok
    13:24:50.0721 1100 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
    13:24:50.0736 1100 aliide - ok
    13:24:51.0033 1100 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
    13:24:51.0033 1100 amdagp - ok
    13:24:51.0095 1100 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
    13:24:51.0095 1100 amdide - ok
    13:24:51.0220 1100 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    13:24:51.0220 1100 AmdK8 - ok
    13:24:51.0438 1100 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    13:24:51.0454 1100 AmdPPM - ok
    13:24:51.0766 1100 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
    13:24:51.0766 1100 amdsata - ok
    13:24:52.0000 1100 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    13:24:52.0000 1100 amdsbs - ok
    13:24:52.0140 1100 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
    13:24:52.0140 1100 amdxata - ok
    13:24:52.0406 1100 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
    13:24:52.0437 1100 AppID - ok
    13:24:52.0608 1100 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    13:24:52.0624 1100 arc - ok
    13:24:52.0827 1100 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    13:24:52.0842 1100 arcsas - ok
    13:24:52.0967 1100 ASPI (e54e27976e2c5a6465d44c10b1d87ac0) C:\Windows\System32\DRIVERS\ASPI32.sys
    13:24:53.0030 1100 ASPI - ok
    13:24:53.0264 1100 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:24:53.0279 1100 AsyncMac - ok
    13:24:53.0420 1100 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
    13:24:53.0420 1100 atapi - ok
    13:24:53.0591 1100 athr (30a3f6ec0aa3470f71f52255d9e9c681) C:\Windows\system32\DRIVERS\athr.sys
    13:24:53.0654 1100 athr - ok
    13:24:54.0106 1100 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    13:24:54.0137 1100 b06bdrv - ok
    13:24:54.0215 1100 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    13:24:54.0215 1100 b57nd60x - ok
    13:24:54.0340 1100 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    13:24:54.0356 1100 Beep - ok
    13:24:54.0543 1100 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    13:24:54.0574 1100 blbdrive - ok
    13:24:54.0761 1100 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
    13:24:54.0792 1100 bowser - ok
    13:24:54.0995 1100 BRCMDECO (a829cae879189857448f0e05c982f592) C:\Windows\system32\DRIVERS\BRCMHD32.sys
    13:24:54.0995 1100 BRCMDECO - ok
    13:24:55.0104 1100 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    13:24:55.0151 1100 BrFiltLo - ok
    13:24:55.0229 1100 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    13:24:55.0229 1100 BrFiltUp - ok
    13:24:55.0354 1100 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    13:24:55.0354 1100 Brserid - ok
    13:24:55.0416 1100 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    13:24:55.0416 1100 BrSerWdm - ok
    13:24:55.0448 1100 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    13:24:55.0448 1100 BrUsbMdm - ok
    13:24:55.0479 1100 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    13:24:55.0479 1100 BrUsbSer - ok
    13:24:55.0588 1100 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    13:24:55.0588 1100 BTHMODEM - ok
    13:24:55.0744 1100 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
    13:24:55.0760 1100 BTHPORT - ok
    13:24:55.0900 1100 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
    13:24:55.0900 1100 BTHUSB - ok
    13:24:56.0150 1100 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    13:24:56.0165 1100 cdfs - ok
    13:24:56.0368 1100 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
    13:24:56.0384 1100 cdrom - ok
    13:24:56.0571 1100 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    13:24:56.0571 1100 circlass - ok
    13:24:56.0742 1100 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    13:24:56.0758 1100 CLFS - ok
    13:24:56.0898 1100 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    13:24:56.0914 1100 CmBatt - ok
    13:24:57.0132 1100 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
    13:24:57.0164 1100 cmdide - ok
    13:24:57.0522 1100 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    13:24:57.0554 1100 CNG - ok
    13:24:57.0959 1100 CnxtHdAudService (a08d9a4eb4f9d2faa1d4e10bc91b695c) C:\Windows\system32\drivers\CHDRT32.sys
    13:24:57.0975 1100 CnxtHdAudService - ok
    13:24:58.0100 1100 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    13:24:58.0115 1100 Compbatt - ok
    13:24:58.0271 1100 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
    13:24:58.0287 1100 CompositeBus - ok
    13:24:58.0521 1100 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    13:24:58.0536 1100 crcdisk - ok
    13:24:58.0958 1100 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
    13:24:58.0973 1100 DfsC - ok
    13:24:59.0051 1100 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    13:24:59.0067 1100 discache - ok
    13:24:59.0145 1100 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    13:24:59.0145 1100 Disk - ok
    13:24:59.0270 1100 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
    13:24:59.0301 1100 Dot4 - ok
    13:24:59.0504 1100 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
    13:24:59.0535 1100 Dot4Print - ok
    13:24:59.0660 1100 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
    13:24:59.0660 1100 dot4usb - ok
    13:24:59.0894 1100 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    13:24:59.0909 1100 drmkaud - ok
    13:25:00.0065 1100 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
    13:25:00.0096 1100 DXGKrnl - ok
    13:25:00.0533 1100 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    13:25:00.0674 1100 ebdrv - ok
    13:25:00.0908 1100 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    13:25:00.0923 1100 elxstor - ok
    13:25:00.0970 1100 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
    13:25:00.0986 1100 ErrDev - ok
    13:25:01.0079 1100 esgiguard (2407b8164e966755bc6a4242fc9de31e) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
    13:25:01.0126 1100 esgiguard - ok
    13:25:01.0391 1100 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    13:25:01.0454 1100 exfat - ok
    13:25:01.0516 1100 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    13:25:01.0532 1100 fastfat - ok
    13:25:01.0812 1100 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    13:25:01.0812 1100 fdc - ok
    13:25:02.0062 1100 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    13:25:02.0062 1100 FileInfo - ok
    13:25:02.0327 1100 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    13:25:02.0343 1100 Filetrace - ok
    13:25:02.0468 1100 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:25:02.0499 1100 flpydisk - ok
    13:25:02.0748 1100 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    13:25:02.0764 1100 FltMgr - ok
    13:25:02.0842 1100 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    13:25:02.0858 1100 FsDepends - ok
    13:25:02.0998 1100 fssfltr (491e9d9a26a745f6ae7d570849f4bd87) C:\Windows\system32\DRIVERS\fssfltr.sys
    13:25:02.0998 1100 fssfltr - ok
    13:25:03.0216 1100 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    13:25:03.0232 1100 Fs_Rec - ok
    13:25:03.0513 1100 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
    13:25:03.0513 1100 fvevol - ok
    13:25:03.0622 1100 Fwleaf (a6626a44df9a94fedafbcc984a9fb173) C:\Windows\system32\DRIVERS\fwleaf.sys
    13:25:03.0653 1100 Fwleaf - ok
    13:25:03.0825 1100 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    13:25:03.0840 1100 gagp30kx - ok
    13:25:03.0965 1100 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    13:25:03.0965 1100 hcw85cir - ok
    13:25:04.0074 1100 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
    13:25:04.0090 1100 HdAudAddService - ok
    13:25:04.0308 1100 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
    13:25:04.0324 1100 HDAudBus - ok
    13:25:04.0371 1100 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    13:25:04.0371 1100 HidBatt - ok
    13:25:04.0402 1100 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    13:25:04.0418 1100 HidBth - ok
    13:25:04.0574 1100 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    13:25:04.0574 1100 HidIr - ok
    13:25:04.0839 1100 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
    13:25:04.0839 1100 HidUsb - ok
    13:25:04.0932 1100 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
    13:25:04.0932 1100 HpSAMD - ok
    13:25:05.0260 1100 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
    13:25:05.0276 1100 HTTP - ok
    13:25:05.0619 1100 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
    13:25:05.0619 1100 hwpolicy - ok
    13:25:05.0775 1100 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
    13:25:05.0790 1100 i8042prt - ok
    13:25:06.0087 1100 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
    13:25:06.0118 1100 iaStorV - ok
    13:25:06.0492 1100 igfx (9f1a6c47834b63c6cd901fc75f0178f2) C:\Windows\system32\DRIVERS\igdkmd32.sys
    13:25:06.0711 1100 igfx - ok
    13:25:06.0882 1100 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    13:25:06.0882 1100 iirsp - ok
    13:25:07.0132 1100 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
    13:25:07.0148 1100 intelide - ok
    13:25:07.0413 1100 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    13:25:07.0413 1100 intelppm - ok
    13:25:07.0506 1100 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:25:07.0522 1100 IpFilterDriver - ok
    13:25:07.0740 1100 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
    13:25:07.0756 1100 IPMIDRV - ok
    13:25:07.0912 1100 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    13:25:07.0928 1100 IPNAT - ok
    13:25:08.0146 1100 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    13:25:08.0162 1100 IRENUM - ok
    13:25:08.0302 1100 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
    13:25:08.0318 1100 isapnp - ok
    13:25:08.0380 1100 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
    13:25:08.0396 1100 iScsiPrt - ok
    13:25:08.0520 1100 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
    13:25:08.0536 1100 kbdclass - ok
    13:25:08.0630 1100 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
    13:25:08.0645 1100 kbdhid - ok
    13:25:08.0910 1100 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
    13:25:08.0926 1100 KSecDD - ok
    13:25:09.0035 1100 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
    13:25:09.0051 1100 KSecPkg - ok
    13:25:09.0332 1100 leafnets (51674c5c2eeff3d155edab0f5ef9a4d2) C:\Windows\system32\DRIVERS\leafnets.sys
    13:25:09.0472 1100 leafnets - ok
    13:25:09.0628 1100 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    13:25:09.0644 1100 lltdio - ok
    13:25:09.0862 1100 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    13:25:09.0878 1100 LSI_FC - ok
    13:25:10.0080 1100 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    13:25:10.0080 1100 LSI_SAS - ok
    13:25:10.0236 1100 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    13:25:10.0252 1100 LSI_SAS2 - ok
    13:25:10.0361 1100 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    13:25:10.0377 1100 LSI_SCSI - ok
    13:25:10.0548 1100 LSM303DLH (558c83bcfb81950d91a607997d177288) C:\Windows\system32\DRIVERS\LSM303DLH.sys
    13:25:10.0548 1100 LSM303DLH - ok
    13:25:10.0907 1100 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    13:25:11.0734 1100 luafv - ok
    13:25:12.0218 1100 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
    13:25:12.0233 1100 MBAMProtector - ok
    13:25:12.0358 1100 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    13:25:12.0374 1100 megasas - ok
    13:25:12.0592 1100 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    13:25:12.0608 1100 MegaSR - ok
    13:25:12.0966 1100 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    13:25:12.0982 1100 Modem - ok
    13:25:13.0247 1100 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    13:25:13.0263 1100 monitor - ok
    13:25:13.0481 1100 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
    13:25:13.0481 1100 mouclass - ok
    13:25:13.0715 1100 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    13:25:13.0731 1100 mouhid - ok
    13:25:13.0965 1100 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
    13:25:13.0965 1100 mountmgr - ok
    13:25:14.0214 1100 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
    13:25:14.0230 1100 MpFilter - ok
    13:25:14.0370 1100 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
    13:25:14.0386 1100 mpio - ok
    13:25:14.0526 1100 MpKsl0a841fb9 - ok
    13:25:14.0651 1100 MpKsl30f9ebb3 - ok
    13:25:14.0698 1100 MpKsl39b88671 - ok
    13:25:14.0729 1100 MpKsl3a3d43fa - ok
    13:25:14.0745 1100 MpKsl449f1697 - ok
    13:25:14.0776 1100 MpKsl55197cb9 - ok
    13:25:14.0932 1100 MpKsl66a2a486 - ok
    13:25:14.0994 1100 MpKsl7b619c06 - ok
    13:25:15.0026 1100 MpKsl8b0c9026 - ok
    13:25:15.0057 1100 MpKslaa30d8be - ok
    13:25:15.0088 1100 MpKslb61aabd5 - ok
    13:25:15.0150 1100 MpKslbac233d7 - ok
    13:25:15.0166 1100 MpKslbdfb7049 - ok
    13:25:15.0197 1100 MpKslbf689fea - ok
    13:25:15.0260 1100 MpKslc1f3797e - ok
    13:25:15.0353 1100 MpKslce789fd5 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{339E4555-520C-4D3A-B1B3-B4C5E8ACFB73}\MpKslce789fd5.sys
    13:25:15.0369 1100 MpKslce789fd5 - ok
    13:25:15.0416 1100 MpKsld0115633 - ok
    13:25:15.0462 1100 MpKsld8f64202 - ok
    13:25:15.0494 1100 MpKslecbb81fc - ok
    13:25:15.0556 1100 MpKslf85a474e - ok
    13:25:15.0743 1100 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
    13:25:15.0743 1100 MpNWMon - ok
    13:25:15.0868 1100 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    13:25:15.0899 1100 mpsdrv - ok
    13:25:16.0133 1100 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
    13:25:16.0149 1100 MRxDAV - ok
    13:25:16.0274 1100 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:25:16.0289 1100 mrxsmb - ok
    13:25:16.0508 1100 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:25:16.0539 1100 mrxsmb10 - ok
    13:25:16.0726 1100 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:25:16.0742 1100 mrxsmb20 - ok
    13:25:17.0069 1100 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
    13:25:17.0100 1100 msahci - ok
    13:25:17.0553 1100 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
    13:25:17.0568 1100 msdsm - ok
    13:25:17.0927 1100 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    13:25:17.0943 1100 Msfs - ok
    13:25:18.0224 1100 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    13:25:18.0255 1100 mshidkmdf - ok
    13:25:18.0395 1100 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
    13:25:18.0395 1100 msisadrv - ok
    13:25:18.0754 1100 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    13:25:18.0770 1100 MSKSSRV - ok
    13:25:18.0910 1100 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:25:18.0926 1100 MSPCLOCK - ok
    13:25:18.0972 1100 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    13:25:18.0972 1100 MSPQM - ok
    13:25:19.0035 1100 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    13:25:19.0050 1100 MsRPC - ok
    13:25:19.0175 1100 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
    13:25:19.0206 1100 mssmbios - ok
    13:25:19.0503 1100 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    13:25:19.0518 1100 MSTEE - ok
    13:25:19.0846 1100 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    13:25:19.0877 1100 MTConfig - ok
    13:25:20.0111 1100 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    13:25:20.0127 1100 Mup - ok
    13:25:20.0423 1100 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    13:25:20.0439 1100 NativeWifiP - ok
    13:25:20.0907 1100 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
    13:25:20.0938 1100 NDIS - ok
    13:25:21.0094 1100 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    13:25:21.0094 1100 NdisCap - ok
    13:25:21.0172 1100 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    13:25:21.0172 1100 NdisTapi - ok
    13:25:21.0281 1100 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
    13:25:21.0281 1100 Ndisuio - ok
    13:25:21.0671 1100 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
    13:25:21.0687 1100 NdisWan - ok
    13:25:22.0014 1100 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
    13:25:22.0046 1100 NDProxy - ok
    13:25:22.0311 1100 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    13:25:22.0311 1100 NetBIOS - ok
    13:25:22.0545 1100 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
    13:25:22.0560 1100 NetBT - ok
    13:25:22.0779 1100 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    13:25:22.0779 1100 nfrd960 - ok
    13:25:22.0872 1100 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    13:25:22.0904 1100 NisDrv - ok
    13:25:23.0106 1100 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    13:25:23.0122 1100 Npfs - ok
    13:25:23.0356 1100 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    13:25:23.0387 1100 nsiproxy - ok
    13:25:23.0528 1100 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
    13:25:23.0559 1100 Ntfs - ok
    13:25:23.0808 1100 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    13:25:23.0824 1100 Null - ok
    13:25:24.0120 1100 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
    13:25:24.0136 1100 nvraid - ok
    13:25:24.0198 1100 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
    13:25:24.0198 1100 nvstor - ok
    13:25:24.0308 1100 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
    13:25:24.0308 1100 nv_agp - ok
    13:25:24.0588 1100 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
    13:25:24.0620 1100 ohci1394 - ok
    13:25:24.0854 1100 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    13:25:24.0885 1100 Parport - ok
    13:25:24.0963 1100 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
    13:25:24.0963 1100 partmgr - ok
    13:25:25.0010 1100 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    13:25:25.0010 1100 Parvdm - ok
    13:25:25.0290 1100 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
    13:25:25.0306 1100 pci - ok
    13:25:25.0400 1100 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
    13:25:25.0415 1100 pciide - ok
    13:25:25.0556 1100 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    13:25:25.0556 1100 pcmcia - ok
    13:25:25.0680 1100 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    13:25:25.0680 1100 pcw - ok
    13:25:25.0868 1100 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    13:25:25.0883 1100 PEAUTH - ok
    13:25:26.0195 1100 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    13:25:26.0211 1100 PptpMiniport - ok
    13:25:26.0273 1100 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    13:25:26.0273 1100 Processor - ok
    13:25:26.0429 1100 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    13:25:26.0445 1100 Psched - ok
    13:25:26.0616 1100 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    13:25:26.0648 1100 ql2300 - ok
    13:25:26.0882 1100 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    13:25:26.0882 1100 ql40xx - ok
    13:25:27.0240 1100 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    13:25:27.0256 1100 QWAVEdrv - ok
    13:25:27.0490 1100 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    13:25:27.0490 1100 RasAcd - ok
    13:25:28.0005 1100 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    13:25:28.0036 1100 RasAgileVpn - ok
    13:25:28.0239 1100 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:25:28.0239 1100 Rasl2tp - ok
    13:25:28.0442 1100 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:25:28.0442 1100 RasPppoe - ok
    13:25:28.0520 1100 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    13:25:28.0535 1100 RasSstp - ok
    13:25:28.0894 1100 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
    13:25:28.0910 1100 rdbss - ok
    13:25:29.0144 1100 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    13:25:29.0159 1100 rdpbus - ok
    13:25:29.0596 1100 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:25:29.0612 1100 RDPCDD - ok
    13:25:30.0126 1100 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    13:25:30.0142 1100 RDPENCDD - ok
    13:25:30.0407 1100 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    13:25:30.0407 1100 RDPREFMP - ok
    13:25:30.0813 1100 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
    13:25:30.0844 1100 RDPWD - ok
    13:25:31.0156 1100 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
    13:25:31.0172 1100 rdyboost - ok
    13:25:31.0608 1100 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    13:25:31.0640 1100 rspndr - ok
    13:25:31.0936 1100 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    13:25:31.0952 1100 SASDIFSV - ok
    13:25:32.0108 1100 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    13:25:32.0108 1100 SASKUTIL - ok
    13:25:32.0420 1100 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
    13:25:32.0435 1100 sbp2port - ok
    13:25:32.0669 1100 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
    13:25:32.0700 1100 scfilter - ok
    13:25:32.0919 1100 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    13:25:32.0934 1100 secdrv - ok
    13:25:33.0122 1100 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    13:25:33.0122 1100 Serenum - ok
    13:25:33.0184 1100 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    13:25:33.0200 1100 Serial - ok
    13:25:33.0340 1100 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    13:25:33.0356 1100 sermouse - ok
    13:25:33.0527 1100 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
    13:25:33.0558 1100 sffdisk - ok
    13:25:33.0902 1100 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
    13:25:33.0917 1100 sffp_mmc - ok
    13:25:34.0276 1100 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
    13:25:34.0292 1100 sffp_sd - ok
    13:25:34.0604 1100 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    13:25:34.0604 1100 sfloppy - ok
    13:25:34.0838 1100 Sftfs (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
    13:25:34.0853 1100 Sftfs - ok
    13:25:34.0962 1100 Sftplay (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
    13:25:34.0978 1100 Sftplay - ok
    13:25:35.0072 1100 Sftredir (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
    13:25:35.0087 1100 Sftredir - ok
    13:25:35.0352 1100 Sftvol (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
    13:25:35.0352 1100 Sftvol - ok
    13:25:35.0477 1100 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
    13:25:35.0508 1100 sisagp - ok
    13:25:35.0774 1100 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    13:25:35.0774 1100 SiSRaid2 - ok
    13:25:35.0836 1100 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    13:25:35.0836 1100 SiSRaid4 - ok
    13:25:35.0914 1100 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    13:25:35.0914 1100 Smb - ok
    13:25:36.0148 1100 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    13:25:36.0148 1100 spldr - ok
    13:25:36.0257 1100 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
    13:25:36.0273 1100 srv - ok
    13:25:36.0444 1100 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
    13:25:36.0444 1100 srv2 - ok
    13:25:36.0632 1100 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
    13:25:36.0632 1100 srvnet - ok
    13:25:36.0850 1100 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    13:25:36.0850 1100 stexstor - ok
    13:25:36.0990 1100 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
    13:25:37.0006 1100 swenum - ok
    13:25:37.0224 1100 SynTP (957539e35bcd76d4ef08df5136c6d382) C:\Windows\system32\DRIVERS\SynTP.sys
    13:25:37.0271 1100 SynTP - ok
    13:25:37.0443 1100 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
    13:25:37.0490 1100 Tcpip - ok
    13:25:37.0583 1100 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
    13:25:37.0599 1100 TCPIP6 - ok
    13:25:37.0708 1100 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
    13:25:37.0724 1100 tcpipreg - ok
    13:25:37.0817 1100 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
    13:25:37.0817 1100 TDPIPE - ok
    13:25:37.0864 1100 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
    13:25:37.0864 1100 TDTCP - ok
    13:25:37.0926 1100 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
    13:25:37.0942 1100 tdx - ok
    13:25:38.0082 1100 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
    13:25:38.0082 1100 TermDD - ok
    13:25:38.0254 1100 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:25:38.0270 1100 tssecsrv - ok
    13:25:38.0519 1100 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
    13:25:38.0535 1100 TsUsbFlt - ok
    13:25:39.0096 1100 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
    13:25:39.0112 1100 tunnel - ok
    13:25:39.0206 1100 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    13:25:39.0221 1100 uagp35 - ok
    13:25:39.0299 1100 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
    13:25:39.0299 1100 udfs - ok
    13:25:39.0642 1100 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
    13:25:39.0674 1100 uliagpkx - ok
    13:25:39.0892 1100 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
    13:25:39.0923 1100 umbus - ok
    13:25:40.0001 1100 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    13:25:40.0032 1100 UmPass - ok
    13:25:40.0173 1100 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
    13:25:40.0173 1100 usbccgp - ok
    13:25:40.0454 1100 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
    13:25:40.0454 1100 usbcir - ok
    13:25:40.0516 1100 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
    13:25:40.0532 1100 usbehci - ok
    13:25:40.0734 1100 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
    13:25:40.0766 1100 usbhub - ok
    13:25:40.0828 1100 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
    13:25:40.0828 1100 usbohci - ok
    13:25:41.0109 1100 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    13:25:41.0109 1100 usbprint - ok
    13:25:41.0296 1100 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    13:25:41.0296 1100 usbscan - ok
    13:25:41.0436 1100 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:25:41.0483 1100 USBSTOR - ok
    13:25:41.0702 1100 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    13:25:41.0702 1100 usbuhci - ok
    13:25:41.0982 1100 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
    13:25:41.0982 1100 usbvideo - ok
    13:25:42.0201 1100 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
    13:25:42.0216 1100 vdrvroot - ok
    13:25:42.0450 1100 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:25:42.0466 1100 vga - ok
    13:25:42.0731 1100 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    13:25:42.0747 1100 VgaSave - ok
    13:25:42.0825 1100 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
    13:25:42.0825 1100 vhdmp - ok
    13:25:42.0981 1100 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
    13:25:42.0996 1100 viaagp - ok
    13:25:43.0215 1100 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    13:25:43.0230 1100 ViaC7 - ok
    13:25:43.0293 1100 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
    13:25:43.0308 1100 viaide - ok
    13:25:43.0340 1100 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
    13:25:43.0340 1100 volmgr - ok
    13:25:43.0386 1100 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    13:25:43.0402 1100 volmgrx - ok
    13:25:43.0511 1100 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
    13:25:43.0527 1100 volsnap - ok
    13:25:43.0886 1100 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    13:25:43.0948 1100 vsmraid - ok
    13:25:44.0073 1100 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
    13:25:44.0088 1100 vwifibus - ok
    13:25:44.0182 1100 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
    13:25:44.0198 1100 vwififlt - ok
    13:25:44.0541 1100 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
    13:25:44.0556 1100 vwifimp - ok
    13:25:44.0712 1100 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    13:25:44.0728 1100 WacomPen - ok
    13:25:44.0853 1100 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    13:25:44.0868 1100 WANARP - ok
    13:25:44.0868 1100 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    13:25:44.0868 1100 Wanarpv6 - ok
    13:25:45.0274 1100 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    13:25:45.0290 1100 Wd - ok
    13:25:45.0383 1100 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    13:25:45.0399 1100 Wdf01000 - ok
    13:25:45.0617 1100 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    13:25:45.0633 1100 WfpLwf - ok
    13:25:45.0773 1100 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    13:25:45.0789 1100 WIMMount - ok
    13:25:45.0992 1100 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
    13:25:46.0007 1100 WinUsb - ok
    13:25:46.0163 1100 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
    13:25:46.0163 1100 WmiAcpi - ok
    13:25:46.0288 1100 WPRO_41_1742 - ok
    13:25:46.0475 1100 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    13:25:46.0475 1100 ws2ifsl - ok
    13:25:46.0678 1100 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
    13:25:46.0694 1100 WudfPf - ok
    13:25:46.0990 1100 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:25:47.0006 1100 WUDFRd - ok
    13:25:47.0162 1100 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    13:25:47.0208 1100 \Device\Harddisk0\DR0 - ok
    13:25:47.0224 1100 Boot (0x1200) (2f6b453fd8878e592ff6cc944d333f05) \Device\Harddisk0\DR0\Partition0
    13:25:47.0224 1100 \Device\Harddisk0\DR0\Partition0 - ok
    13:25:47.0271 1100 Boot (0x1200) (33b5c2aa04efb25e878e44326ff0ef0d) \Device\Harddisk0\DR0\Partition1
    13:25:47.0302 1100 \Device\Harddisk0\DR0\Partition1 - ok
    13:25:47.0302 1100 ============================================================
    13:25:47.0302 1100 Scan finished
    13:25:47.0302 1100 ============================================================
    13:25:47.0333 0124 Detected object count: 0
    13:25:47.0333 0124 Actual detected object count: 0
    13:28:26.0442 1764 Deinitialize success



    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by user at 13:36:06 on 2011-11-09
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2036.891 [GMT 1:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\CxAudMsg32.exe
    C:\Windows\system32\CxUSBDock32.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\Dwm.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\Explorer.EXE
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\STMicroelectronics\Accelerometer-Magnetometer\PopUp_DM.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Squeezebox\SqueezeTray.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe
    C:\Windows\system32\SearchIndexer.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://nu.nl/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [hkmu] rundll32 "c:\users\user\appdata\roaming\license3.dll",Zjutj
    uRun: [Spotify] "c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\ksxp1iiz\Spotify Installer.exe" /uri spotify:autostart
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [Dell Magneto Popup] c:\program files\stmicroelectronics\accelerometer-magnetometer\PopUp_DM.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [CnxtCoInstallerDefer] c:\program files\conexant\preinstall\setup4e993818342\setup.exe -REBOOTED_FROM_NO_ENUM_INSTALL_METHOD=2 -S2 -S3
    mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\btguar~1.lnk - c:\btguard\settings.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\systee~1.lnk - c:\program files\squeezebox\SqueezeTray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.euro.dell.com/systemprofiler/SysProExe.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\26167656C637265616E637 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\27F65747562747A656 : DhcpNameServer = 192.168.1.1
    Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - c:\windows\system32\mscoree.dll
    Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
    R1 MpKslce789fd5;MpKslce789fd5;c:\programdata\microsoft\microsoft antimalware\definition updates\{339e4555-520c-4d3a-b1b3-b4c5e8acfb73}\MpKslce789fd5.sys [2011-11-9 28752]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-10-20 821664]
    R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg32.exe [2011-10-15 190592]
    R2 CxUSBDock;Conexant USB Audio Dock Service;c:\windows\system32\CxUSBDock32.exe [2011-10-15 123008]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-28 366152]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-10-28 1153368]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-9-14 508264]
    R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2011-10-10 736672]
    R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-7-5 2337144]
    R3 acpials;ALS-sensorfilter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680]
    R3 Fwleaf;NETGEAR Firewall Driver;c:\windows\system32\drivers\fwleaf.sys [2011-10-23 22848]
    R3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2011-5-26 55296]
    R3 LSM303DLH;STMicroelectronics™ 3-Axis Accelerometer/Magnetometer;c:\windows\system32\drivers\LSM303DLH.sys [2011-2-1 28272]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-28 22216]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-9-14 577384]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-9-14 194408]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-9-14 21864]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-9-14 19304]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-9-14 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2011-10-22 84832]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-6-13 54632]
    S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-29 1343400]
    .
    =============== Created Last 30 ================
    .
    2011-11-09 12:23:39 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{339e4555-520c-4d3a-b1b3-b4c5e8acfb73}\MpKslce789fd5.sys
    2011-11-09 12:23:33 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2011-11-09 12:23:04 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{339e4555-520c-4d3a-b1b3-b4c5e8acfb73}\offreg.dll
    2011-11-09 12:22:57 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{339e4555-520c-4d3a-b1b3-b4c5e8acfb73}\mpengine.dll
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconF7A21AF7.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconD7F16134.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconCF33A0CE.exe
    2011-10-30 12:03:06 -------- d-----w- C:\sh4ldr
    2011-10-30 12:03:05 -------- d-----w- c:\program files\Enigma Software Group
    2011-10-30 11:59:54 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
    2011-10-30 11:59:48 -------- d-----w- c:\program files\common files\Wise Installation Wizard
    2011-10-30 08:23:18 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-10-30 08:23:15 -------- d-----w- c:\program files\Trend Micro
    2011-10-28 18:15:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-10-28 18:15:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-10-28 14:50:21 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
    2011-10-28 14:50:05 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-28 14:49:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-28 14:49:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-23 18:51:51 -------- d-----w- c:\users\user\appdata\local\ReadyNASRemote
    2011-10-23 18:49:31 22848 ----a-w- c:\windows\system32\drivers\fwleaf.sys
    2011-10-23 14:03:26 -------- d-----w- C:\updates
    2011-10-23 13:59:44 -------- d-----w- c:\programdata\Squeezebox
    2011-10-23 13:59:44 -------- d-----w- c:\program files\Squeezebox
    2011-10-22 16:42:06 -------- d-----w- c:\program files\Makayama Interactive
    2011-10-22 07:42:41 -------- d-----w- c:\program files\FreeTime
    2011-10-22 07:17:17 -------- d-----w- C:\OUT_MEDIA_FILES
    2011-10-22 07:17:03 84832 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
    2011-10-22 07:17:03 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\roaming\Spotify
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\local\Spotify
    2011-10-21 19:27:48 -------- d-----w- c:\program files\NETGEAR ReadyNAS
    2011-10-20 15:43:59 805376 ----a-w- c:\windows\system32\FntCache.dll
    2011-10-20 15:43:58 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-10-20 15:43:58 1076736 ----a-w- c:\windows\system32\DWrite.dll
    2011-10-15 07:06:57 -------- d-----w- c:\users\user\appdata\local\SRS Labs
    2011-10-15 07:06:50 -------- d-----w- c:\program files\SRS Labs
    2011-10-15 07:06:26 123008 ------w- c:\windows\system32\CxUSBDock32.exe
    2011-10-15 07:06:19 190592 ------w- c:\windows\system32\CxAudMsg32.exe
    2011-10-15 07:05:55 -------- d-----w- c:\windows\system32\SRSLabs
    2011-10-15 07:04:06 330368 ----a-w- c:\windows\system32\UCI32A63.dll
    2011-10-15 07:04:03 521344 ----a-w- c:\windows\system32\drivers\CHDRT32.sys
    2011-10-15 07:04:03 1743488 ----a-w- c:\windows\system32\CX32PP25.dll
    2011-10-13 03:52:16 75776 ----a-w- c:\windows\system32\psisrndr.ax
    2011-10-13 03:52:16 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2011-10-13 03:52:13 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-13 03:52:13 233472 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-13 03:52:03 2334720 ----a-w- c:\windows\system32\win32k.sys
    2011-10-12 06:48:48 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
    2011-10-12 06:48:40 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{59de3282-6afa-4e53-94f7-e40e02388f6a}\gapaengine.dll
    2011-10-10 18:11:58 -------- d-----w- c:\programdata\ArcSoft
    2011-10-10 18:10:54 -------- d-----w- c:\users\user\appdata\local\Downloaded Installations
    2011-10-10 18:02:37 -------- d-----w- c:\users\user\appdata\local\Powercinema
    2011-10-10 17:43:35 841280 ----a-w- c:\windows\system32\PhotoStageScrSaver.scr
    2011-10-10 17:39:10 -------- d-----w- c:\users\user\appdata\local\ArcSoft
    2011-10-10 17:37:55 -------- d-----w- c:\users\user\appdata\local\Dell
    2011-10-10 17:35:33 -------- d-----w- c:\programdata\install_clap
    .
    ==================== Find3M ====================
    .
    2011-10-10 06:33:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-08-23 08:54:12 61952 --sha-r- c:\users\user\appdata\roaming\license3.dll
    .
    ============= FINISH: 13:38:03,28 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 24-5-2011 16:50:08
    System Uptime: 9-11-2011 13:10:43 (0 hours ago)
    .
    Motherboard: Dell Inc. | | Inspiron 1090
    Processor: Intel(R) Atom(TM) CPU N550 @ 1.50GHz | CPU | 990/667mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 233 GiB total, 174,633 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl30f9ebb3
    Device ID: ROOT\LEGACY_MPKSL30F9EBB3\0000
    Manufacturer:
    Name: MpKsl30f9ebb3
    PNP Device ID: ROOT\LEGACY_MPKSL30F9EBB3\0000
    Service: MpKsl30f9ebb3
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsld0115633
    Device ID: ROOT\LEGACY_MPKSLD0115633\0000
    Manufacturer:
    Name: MpKsld0115633
    PNP Device ID: ROOT\LEGACY_MPKSLD0115633\0000
    Service: MpKsld0115633
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl39b88671
    Device ID: ROOT\LEGACY_MPKSL39B88671\0000
    Manufacturer:
    Name: MpKsl39b88671
    PNP Device ID: ROOT\LEGACY_MPKSL39B88671\0000
    Service: MpKsl39b88671
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsld8f64202
    Device ID: ROOT\LEGACY_MPKSLD8F64202\0000
    Manufacturer:
    Name: MpKsld8f64202
    PNP Device ID: ROOT\LEGACY_MPKSLD8F64202\0000
    Service: MpKsld8f64202
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl3a3d43fa
    Device ID: ROOT\LEGACY_MPKSL3A3D43FA\0000
    Manufacturer:
    Name: MpKsl3a3d43fa
    PNP Device ID: ROOT\LEGACY_MPKSL3A3D43FA\0000
    Service: MpKsl3a3d43fa
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl449f1697
    Device ID: ROOT\LEGACY_MPKSL449F1697\0000
    Manufacturer:
    Name: MpKsl449f1697
    PNP Device ID: ROOT\LEGACY_MPKSL449F1697\0000
    Service: MpKsl449f1697
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl55197cb9
    Device ID: ROOT\LEGACY_MPKSL55197CB9\0000
    Manufacturer:
    Name: MpKsl55197cb9
    PNP Device ID: ROOT\LEGACY_MPKSL55197CB9\0000
    Service: MpKsl55197cb9
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslecbb81fc
    Device ID: ROOT\LEGACY_MPKSLECBB81FC\0000
    Manufacturer:
    Name: MpKslecbb81fc
    PNP Device ID: ROOT\LEGACY_MPKSLECBB81FC\0000
    Service: MpKslecbb81fc
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl66a2a486
    Device ID: ROOT\LEGACY_MPKSL66A2A486\0000
    Manufacturer:
    Name: MpKsl66a2a486
    PNP Device ID: ROOT\LEGACY_MPKSL66A2A486\0000
    Service: MpKsl66a2a486
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslf85a474e
    Device ID: ROOT\LEGACY_MPKSLF85A474E\0000
    Manufacturer:
    Name: MpKslf85a474e
    PNP Device ID: ROOT\LEGACY_MPKSLF85A474E\0000
    Service: MpKslf85a474e
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl7b619c06
    Device ID: ROOT\LEGACY_MPKSL7B619C06\0000
    Manufacturer:
    Name: MpKsl7b619c06
    PNP Device ID: ROOT\LEGACY_MPKSL7B619C06\0000
    Service: MpKsl7b619c06
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl8b0c9026
    Device ID: ROOT\LEGACY_MPKSL8B0C9026\0000
    Manufacturer:
    Name: MpKsl8b0c9026
    PNP Device ID: ROOT\LEGACY_MPKSL8B0C9026\0000
    Service: MpKsl8b0c9026
    .
    Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Description: Generic Bluetooth Adapter
    Device ID: USB\VID_0CF3&PID_3002\5&3A195F82&0&2
    Manufacturer: GenericAdapter
    Name: Generic Bluetooth Adapter
    PNP Device ID: USB\VID_0CF3&PID_3002\5&3A195F82&0&2
    Service: BTHUSB
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslaa30d8be
    Device ID: ROOT\LEGACY_MPKSLAA30D8BE\0000
    Manufacturer:
    Name: MpKslaa30d8be
    PNP Device ID: ROOT\LEGACY_MPKSLAA30D8BE\0000
    Service: MpKslaa30d8be
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslb61aabd5
    Device ID: ROOT\LEGACY_MPKSLB61AABD5\0000
    Manufacturer:
    Name: MpKslb61aabd5
    PNP Device ID: ROOT\LEGACY_MPKSLB61AABD5\0000
    Service: MpKslb61aabd5
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslbac233d7
    Device ID: ROOT\LEGACY_MPKSLBAC233D7\0000
    Manufacturer:
    Name: MpKslbac233d7
    PNP Device ID: ROOT\LEGACY_MPKSLBAC233D7\0000
    Service: MpKslbac233d7
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslbdfb7049
    Device ID: ROOT\LEGACY_MPKSLBDFB7049\0000
    Manufacturer:
    Name: MpKslbdfb7049
    PNP Device ID: ROOT\LEGACY_MPKSLBDFB7049\0000
    Service: MpKslbdfb7049
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl0a841fb9
    Device ID: ROOT\LEGACY_MPKSL0A841FB9\0000
    Manufacturer:
    Name: MpKsl0a841fb9
    PNP Device ID: ROOT\LEGACY_MPKSL0A841FB9\0000
    Service: MpKsl0a841fb9
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft Teredo Tunneling-adapter
    Device ID: ROOT\*TEREDO\0000
    Manufacturer: Microsoft
    Name: Teredo Tunneling Pseudo-Interface
    PNP Device ID: ROOT\*TEREDO\0000
    Service: tunnel
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslbf689fea
    Device ID: ROOT\LEGACY_MPKSLBF689FEA\0000
    Manufacturer:
    Name: MpKslbf689fea
    PNP Device ID: ROOT\LEGACY_MPKSLBF689FEA\0000
    Service: MpKslbf689fea
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslc1f3797e
    Device ID: ROOT\LEGACY_MPKSLC1F3797E\0000
    Manufacturer:
    Name: MpKslc1f3797e
    PNP Device ID: ROOT\LEGACY_MPKSLC1F3797E\0000
    Service: MpKslc1f3797e
    .
    ==== System Restore Points ===================
    .
    RP140: 20-10-2011 22:59:55 - Windows Update
    RP141: 23-10-2011 16:01:41 - Microsoft Visual C++ 2005 Redistributable is geïnstalleerd
    RP142: 23-10-2011 20:49:36 - Installatie van apparaatstuurprogramma: NETGEAR Network Service
    RP143: 25-10-2011 7:54:27 - Windows Update
    RP144: 28-10-2011 16:15:27 - Windows Update
    RP145: 30-10-2011 9:22:00 - Installed HiJackThis
    RP146: 30-10-2011 13:01:32 - Installed SpyHunter
    RP147: 30-10-2011 18:06:56 - Removed SpyHunter
    RP148: 1-11-2011 13:58:59 - Windows Update
    RP149: 5-11-2011 8:29:56 - Windows Update
    RP150: 9-11-2011 13:21:53 - Windows Update
    .
    ==== Installed Programs ======================
    .
    32 Bit HP CIO Components Installer
    Accelerometer-Magnetometer
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.1) - Nederlands
    BTGuard 2.3
    CCleaner
    CDBurnerXP
    Conexant HD Audio
    Corel Graphics - Windows Shell Extension
    CorelDRAW Graphics Suite X5
    CorelDRAW Graphics Suite X5 - Capture
    CorelDRAW Graphics Suite X5 - Common
    CorelDRAW Graphics Suite X5 - Connect
    CorelDRAW Graphics Suite X5 - Custom Data
    CorelDRAW Graphics Suite X5 - Draw
    CorelDRAW Graphics Suite X5 - EN
    CorelDRAW Graphics Suite X5 - Filters
    CorelDRAW Graphics Suite X5 - FontNav
    CorelDRAW Graphics Suite X5 - IPM
    CorelDRAW Graphics Suite X5 - PHOTO-PAINT
    CorelDRAW Graphics Suite X5 - Photozoom Plugin
    CorelDRAW Graphics Suite X5 - Redist
    CorelDRAW Graphics Suite X5 - Setup Files
    CorelDRAW Graphics Suite X5 - VBA
    CorelDRAW Graphics Suite X5 - VideoBrowser
    CorelDRAW Graphics Suite X5 - VSTA
    CorelDRAW Graphics Suite X5 - WT
    CorelDRAW(R) Graphics Suite X5
    CyberLink YouPaint
    Dell Driver Download Manager
    Dell MusicStage
    Dell PhotoStage
    Dell Support Center
    Dell VideoStage
    FormatFactory 2.70
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hema Fotoalbum
    HiJackThis
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
    HP Photosmart B109a-m All-in-One Driver 14.0 Rel. 6
    Intel(R) Graphics Media Accelerator Driver
    Java Auto Updater
    Java(TM) 6 Update 26
    Junk Mail filter update
    K-Lite Codec Pack 5.2.0 (Full)
    Kinderopvangtoeslag 2011
    Logitech Harmony Remote Software 7
    Malwarebytes' Anti-Malware versie 1.51.2.1300
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile NLD Language Pack
    Microsoft Antimalware
    Microsoft Antimalware Service NL-NL Language Pack
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Office Home and Student 2010 - Nederlands
    Microsoft Office Klik-en-Klaar 2010
    Microsoft Search Enhancement Pack
    Microsoft Security Client
    Microsoft Security Client NL-NL Language Pack
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Touch Pack for Windows 7
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual Studio Tools for Applications 2.0 - ENU
    Microsoft Visual Studio Tools for Applications 2.0 Runtime
    Microsoft XNA Framework Redistributable 3.0
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    PS_AIO_06_B109a-m_SW_Min
    QuickSet32
    RAIDar 4.3.3
    ReadyNAS Remote
    Remote Control USB Driver
    Revo Uninstaller 1.92
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)
    Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
    Spybot - Search & Destroy
    SpyHunter
    Squeezebox Server 7.6.1
    StickyNotes
    SUPERAntiSpyware
    Synaptics Pointing Device Driver
    Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
    TeamViewer 6
    Toolbox
    TweetDeck
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Video DVD Maker v3.32.0.80
    Visual Basic for Applications (R) Core
    Visual Basic for Applications (R) Core - English
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Toolbar
    Windows Live Writer
    .
    ==== End Of File ===========================
     
  6. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Well done :)
    TDSSKiller appears clean so there is a good chance that no rootkits are present.


    While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes interfere our fixes
    Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your logs are clean.
    • Open Spybot Search & Destroy.
    • In the Mode menu click "Advanced mode" if not already selected.
    • Choose "Yes" at the Warning prompt.
    • Expand the "Tools" menu.
    • Click "Resident".
    • Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
    • In the File menu click "Exit" to exit Spybot Search & Destroy.



    Please download and scan with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Note: Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    You can use this thread as a guide.

    Please include the C:\ComboFix.txt in your next reply for further review.



    Please post in your next reply
    Combofix.txt
    How is your system behaving now ?
     
  7. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    Good Morning,
    System is doing fine, maybe a little slower.
    I had the problem that I couldn't enter microsoft security essentials, so i've uninstalled it.
    I also have a problem entering my server, but that happens on both my computers, so i think it's a router or server problem.
    regards,
    govert


    ComboFix 11-11-09.02 - user 09-11-2011 23:15:12.1.4 - x86
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2036.1048 [GMT 1:00]
    Gestart vanuit: c:\users\user\Downloads\ComboFix.exe
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\{001D130B-A2BA-4325-84CA-FC95136D4ABD}.xps
    c:\users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\{05E42E67-A84B-4A3C-88D0-507819716C2A}.xps
    c:\users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4630D026-2983-452F-BFEF-CBD542478781}.xps
    c:\users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9DB5666C-56CF-4895-AA8E-8B60057F8816}.xps
    c:\users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C9567803-447C-4BEC-94DC-61F493219990}.xps
    c:\users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\{CD56FCBF-5A74-487C-8061-631406B83CB8}.xps
    c:\users\user\AppData\Local\Temp\pdk-user-1720\20252d6e001ae3774b425e81ba09b666\Fcntl.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\2076671ee5d0a5323570c92c74abac6f\Process.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\23ae7fb85999872530b5a5d4d67a4f44\Registry.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\23fe5d76b9491fa255db2281ac7687d5\Service.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\2d2847f7dd2a1fddd0fdb79d9d64ba93\List.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\6a834a555edd63cb8706466e7c1666f2\Hostname.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\7020d50af327e3fc94b98242c307fc81\Cwd.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\7dd16cc839f33995d1a58e2773aa29b8\WinError.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\855297e7b4b860331fdbdd53426f5e15\Dumper.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\86351894c58e4804ca004825fea78bbb\Encode.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\a7c0cce4e1ac2c1f6d3e71bbe3c9bdd3\Socket.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\b7b4505cb0a127c242f14d779e410e03\POSIX.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\c3da4aa4c02db51c7f94d5eaf2438023\OLE.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\f48694173221cfa9bad4275e2389b498\Win32.dll
    c:\users\user\AppData\Local\Temp\pdk-user-1720\perl510.dll
    c:\users\user\AppData\Roaming\license3.dll
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-10-09 to 2011-11-09 ))))))))))))))))))))))))))))))
    .
    .
    2011-11-09 22:29 . 2011-11-09 22:29 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-10-30 12:03 . 2011-10-30 12:03 110080 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{1C7CC8E2-CFCF-41E6-A863-7C7A45CE8A78}\IconF7A21AF7.exe
    2011-10-30 12:03 . 2011-10-30 12:03 110080 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{1C7CC8E2-CFCF-41E6-A863-7C7A45CE8A78}\IconD7F16134.exe
    2011-10-30 12:03 . 2011-10-30 12:03 110080 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{1C7CC8E2-CFCF-41E6-A863-7C7A45CE8A78}\IconCF33A0CE.exe
    2011-10-30 12:03 . 2011-10-30 12:03 -------- d-----w- C:\sh4ldr
    2011-10-30 12:03 . 2011-10-30 12:03 -------- d-----w- c:\program files\Enigma Software Group
    2011-10-30 11:59 . 2011-10-30 12:03 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
    2011-10-30 11:59 . 2011-10-30 11:59 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
    2011-10-30 08:23 . 2011-10-30 08:23 388096 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-10-30 08:23 . 2011-10-30 08:23 -------- d-----w- c:\program files\Trend Micro
    2011-10-28 18:15 . 2011-10-28 19:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-10-28 18:15 . 2011-10-28 18:26 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-10-28 14:50 . 2011-10-28 14:50 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
    2011-10-28 14:50 . 2011-10-28 14:50 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-28 14:49 . 2011-10-28 14:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-28 14:49 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-23 18:51 . 2011-10-26 20:35 -------- d-----w- c:\users\user\AppData\Local\ReadyNASRemote
    2011-10-23 18:49 . 2011-05-31 21:37 22848 ----a-w- c:\windows\system32\drivers\fwleaf.sys
    2011-10-23 14:03 . 2011-10-23 14:03 -------- d-----w- C:\updates
    2011-10-23 13:59 . 2011-10-23 14:03 -------- d-----w- c:\programdata\Squeezebox
    2011-10-23 13:59 . 2011-10-23 14:01 -------- d-----w- c:\program files\Squeezebox
    2011-10-22 16:42 . 2011-10-22 16:42 -------- d-----w- c:\program files\Makayama Interactive
    2011-10-22 07:42 . 2011-10-22 07:42 -------- d-----w- c:\program files\FreeTime
    2011-10-22 07:17 . 2011-10-22 07:17 -------- d-----w- C:\OUT_MEDIA_FILES
    2011-10-22 07:17 . 2002-07-17 14:23 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
    2011-10-22 07:17 . 2002-07-17 14:20 84832 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
    2011-10-21 20:29 . 2011-10-22 13:01 -------- d-----w- c:\users\user\AppData\Roaming\Spotify
    2011-10-21 20:29 . 2011-10-22 13:00 -------- d-----w- c:\users\user\AppData\Local\Spotify
    2011-10-21 19:27 . 2011-10-23 18:48 -------- d-----w- c:\program files\NETGEAR ReadyNAS
    2011-10-21 07:49 . 2011-10-21 07:49 -------- d-----w- c:\program files\QuickTime
    2011-10-20 15:43 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
    2011-10-20 15:43 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
    2011-10-20 15:43 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-10-15 07:06 . 2011-10-15 07:06 -------- d-----w- c:\users\user\AppData\Local\SRS Labs
    2011-10-15 07:06 . 2011-10-15 07:06 -------- d-----w- c:\program files\SRS Labs
    2011-10-15 07:06 . 2010-09-23 11:24 123008 ------w- c:\windows\system32\CxUSBDock32.exe
    2011-10-15 07:06 . 2010-09-23 11:33 190592 ------w- c:\windows\system32\CxAudMsg32.exe
    2011-10-15 07:05 . 2011-10-15 07:05 -------- d-----w- c:\windows\system32\SRSLabs
    2011-10-15 07:04 . 2010-09-09 14:11 330368 ----a-w- c:\windows\system32\UCI32A63.dll
    2011-10-15 07:04 . 2010-07-14 07:56 1743488 ----a-w- c:\windows\system32\CX32PP25.dll
    2011-10-15 07:04 . 2010-06-22 11:27 521344 ----a-w- c:\windows\system32\drivers\CHDRT32.sys
    2011-10-13 03:52 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2011-10-13 03:52 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
    2011-10-13 03:52 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-13 03:52 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-13 03:52 . 2011-09-06 02:28 2334720 ----a-w- c:\windows\system32\win32k.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-10-10 06:33 . 2011-06-20 17:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-09 19:06 . 2011-10-09 19:06 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2011-09-25 15:05 . 2011-09-25 15:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2011-09-25 15:05 . 2011-09-25 15:05 882496 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-09-03 12:51 . 2011-09-03 12:51 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-09-03 12:51 . 2011-09-03 12:51 161792 ----a-w- c:\windows\system32\msls31.dll
    2011-09-03 12:51 . 2011-09-03 12:51 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-09-03 12:51 . 2011-09-03 12:51 86528 ----a-w- c:\windows\system32\iesysprep.dll
    2011-09-03 12:51 . 2011-09-03 12:51 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-09-03 12:51 . 2011-09-03 12:51 63488 ----a-w- c:\windows\system32\tdc.ocx
    2011-09-03 12:51 . 2011-09-03 12:51 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-09-03 12:51 . 2011-09-03 12:51 74752 ----a-w- c:\windows\system32\iesetup.dll
    2011-09-03 12:51 . 2011-09-03 12:51 367104 ----a-w- c:\windows\system32\html.iec
    2011-09-03 12:51 . 2011-09-03 12:51 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-09-03 12:51 . 2011-09-03 12:51 23552 ----a-w- c:\windows\system32\licmgr10.dll
    2011-09-03 12:51 . 2011-09-03 12:51 152064 ----a-w- c:\windows\system32\wextract.exe
    2011-09-03 12:51 . 2011-09-03 12:51 150528 ----a-w- c:\windows\system32\iexpress.exe
    2011-09-03 12:51 . 2011-09-03 12:51 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-09-03 12:51 . 2011-09-03 12:51 35840 ----a-w- c:\windows\system32\imgutil.dll
    2011-09-03 12:51 . 2011-09-03 12:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-09-03 12:51 . 2011-09-03 12:51 11776 ----a-w- c:\windows\system32\mshta.exe
    2011-09-03 12:51 . 2011-09-03 12:51 101888 ----a-w- c:\windows\system32\admparse.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-26 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-25 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-25 174104]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-25 150552]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-08-12 1873192]
    "Dell Magneto Popup"="c:\program files\STMicroelectronics\Accelerometer-Magnetometer\PopUp_DM.exe" [2010-11-03 111216]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "CnxtCoInstallerDefer"="c:\program files\CONEXANT\PREINSTALL\SETUP4E993818342\setup.exe" [2010-09-09 1223296]
    "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
    .
    c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    BTGuard Updates.lnk - c:\btguard\settings.exe [2010-6-28 1160192]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Systeempictogram van Squeezebox Server.lnk - c:\program files\Squeezebox\SqueezeTray.exe [2011-10-23 2162775]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    R1 MpKsl0a841fb9;MpKsl0a841fb9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FDE06139-4379-4BCF-B461-2E0DE46D00BB}\MpKsl0a841fb9.sys [x]
    R1 MpKsl30f9ebb3;MpKsl30f9ebb3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3F2F095-D6FD-4C78-8701-9F77E60BC3AD}\MpKsl30f9ebb3.sys [x]
    R1 MpKsl39b88671;MpKsl39b88671;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{299185C1-E7FB-4D35-BD32-24E0E0042985}\MpKsl39b88671.sys [x]
    R1 MpKsl3a3d43fa;MpKsl3a3d43fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B2F9D188-2F03-4C83-B53E-1F5445049F4C}\MpKsl3a3d43fa.sys [x]
    R1 MpKsl449f1697;MpKsl449f1697;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{63890CD0-60B5-4E2A-BE2C-5D2396864DD7}\MpKsl449f1697.sys [x]
    R1 MpKsl55197cb9;MpKsl55197cb9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{62B74F7B-BF3A-4904-BECA-08A356A295AA}\MpKsl55197cb9.sys [x]
    R1 MpKsl66a2a486;MpKsl66a2a486;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{93281F5F-1BA1-4953-B6E2-57E43FD7BD4D}\MpKsl66a2a486.sys [x]
    R1 MpKsl7b619c06;MpKsl7b619c06;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A776573-CD4B-4574-AC92-51EC42DE7711}\MpKsl7b619c06.sys [x]
    R1 MpKsl8b0c9026;MpKsl8b0c9026;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3170E121-75A8-42FC-A1A5-BE43BFAA8555}\MpKsl8b0c9026.sys [x]
    R1 MpKslaa30d8be;MpKslaa30d8be;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06B5759F-FCA6-41BF-BCB8-E266F0A8BB56}\MpKslaa30d8be.sys [x]
    R1 MpKslb61aabd5;MpKslb61aabd5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{62468657-75A8-4D48-8F28-87398E4FA016}\MpKslb61aabd5.sys [x]
    R1 MpKslbac233d7;MpKslbac233d7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{48BFA347-8D9F-4F9F-93C0-087892C312F4}\MpKslbac233d7.sys [x]
    R1 MpKslbdfb7049;MpKslbdfb7049;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABC7BA99-ED3E-432E-88F3-46EAD9E8AAB5}\MpKslbdfb7049.sys [x]
    R1 MpKslbf689fea;MpKslbf689fea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F0A7196C-ACBF-4CF2-9866-503803D4A02A}\MpKslbf689fea.sys [x]
    R1 MpKslc1f3797e;MpKslc1f3797e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BFFAD0CC-FA23-4AF3-AC8A-F8F5F0EC4D7F}\MpKslc1f3797e.sys [x]
    R1 MpKsld0115633;MpKsld0115633;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4D457D2-B816-43FD-9629-1307A6DAA30A}\MpKsld0115633.sys [x]
    R1 MpKsld8f64202;MpKsld8f64202;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7A8B7953-BBAD-41CD-9A6B-9F12AE20D8BC}\MpKsld8f64202.sys [x]
    R1 MpKslecbb81fc;MpKslecbb81fc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E3581DB8-F78B-4729-9C41-8967220DD9DD}\MpKslecbb81fc.sys [x]
    R1 MpKslf85a474e;MpKslf85a474e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F8F4726-2DCD-438D-99AB-1186944C6828}\MpKslf85a474e.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-26 136176]
    R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-05-06 13904]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-26 136176]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-27 1343400]
    R3 WPRO_41_1742;WinPcap Packet Driver (WPRO_41_1742);c:\windows\system32\drivers\WPRO_41_1742.sys [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg32.exe [2010-09-23 190592]
    S2 CxUSBDock;Conexant USB Audio Dock Service;c:\windows\system32\CxUSBDock32.exe [2010-09-23 123008]
    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
    S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
    S3 acpials;ALS-sensorfilter;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
    S3 Fwleaf;NETGEAR Firewall Driver;c:\windows\system32\DRIVERS\fwleaf.sys [2011-05-31 22848]
    S3 leafnets;Leaf Networks Adapter;c:\windows\system32\DRIVERS\leafnets.sys [2011-05-26 55296]
    S3 LSM303DLH;STMicroelectronics&#8482; 3-Axis Accelerometer/Magnetometer;c:\windows\system32\DRIVERS\LSM303DLH.sys [2010-09-21 28272]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-09-14 577384]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-09-14 194408]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-09-14 21864]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-09-14 19304]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-26 19:40]
    .
    2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-26 19:40]
    .
    2011-10-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
    - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
    .
    2011-11-09 c:\windows\Tasks\SystemToolsDailyTest.job
    - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
    .
    .
    ------- Bijkomende Scan -------
    .
    uStart Page = hxxp://nu.nl/
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.1.1
    Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - c:\windows\System32\mscoree.dll
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    HKCU-Run-hkmu - c:\users\user\AppData\Roaming\license3.dll
    .
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Andere Aktieve Processen ------------------------
    .
    c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    c:\windows\SYSTEM32\WISPTIS.EXE
    c:\windows\system32\WUDFHost.exe
    c:\windows\system32\WUDFHost.exe
    c:\windows\system32\taskhost.exe
    c:\windows\SYSTEM32\WISPTIS.EXE
    c:\program files\Common Files\microsoft shared\ink\TabTip.exe
    c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\TeamViewer\Version6\TeamViewer.exe
    c:\windows\servicing\TrustedInstaller.exe
    c:\windows\System32\rundll32.exe
    c:\windows\system32\conhost.exe
    c:\program files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe
    c:\windows\system32\igfxsrvc.exe
    c:\program files\Synaptics\SynTP\SynTPHelper.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    c:\windows\system32\sppsvc.exe
    c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-11-09 23:38:40 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-11-09 22:38
    .
    Pre-Run: 200.308.060.160 bytes beschikbaar
    Post-Run: 200.102.670.336 bytes beschikbaar
    .
    - - End Of File - - 6E66D50CFF1331E70A6BCA9FF388B151
     
  8. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there,

    I see no evidence of an AntiVirus program on your system. This must be resolved. Connecting to the Internet without antivirus protection is a "Welcome" doormat for malware.

    Here are a few very good free Antivirus products which are available: Select one of these, or another of your choice. Do not install more than one antivirus program because they will conflict with each other. It is imperative that you update your antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch new malware that may have come out.

    Install, update definitions, and run a full system scan with the Anti-Virus of your choice.



    I notice you have Malwarebytes' Anti-Malware installed on your machine. Please launch the program and select the update tab, then click on the check for updates button.

    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Save it to your desktop.

    Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply.



    Please post in your next reply
    MBAM Logfile
     
  9. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    Hello Daniel,
    I already had MSE installed, but for some reason once installed it protects, but i cannot open the menu. that's why i've deinstalled it.
    govert
     
  10. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    malware found nothing and google works fine at the moment

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org
    Databaseversie: 8139
    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421
    11-11-2011 16:43:35
    mbam-log-2011-11-11 (16-43-35).txt
    Scantype: Snelle scan
    Objecten gescand: 161794
    Verstreken tijd: 6 minuut/minuten, 2 seconde(n)
    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0
    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
     
  11. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there,
    how is your system behaving ? Please note any open issues in your next reply



    Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

    • Download the latest version of Java Runtime Enviroment ( JRE ) 7 and save it to your desktop.
    • Scroll down to where it says Java SE 7 Update 1
    • Click the red Download JRE button on the right.
    • Read the License Agreement then select Accept License Agreement
    • Click on the link to download Windows x86 Offline and save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-7u1-windows-i586.exe to install the newest version.

    After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are three options in the window to clear the cache - Make sure all are checked
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel.



    Go here to run an online scanner from ESET.
    • Note: You will need to use Internet explorer for this scan
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked, and the option Scan unwanted applications is checked
    • Click Start
    • Wait for the scan to finish
    • Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
    • Copy and paste that log in your next reply.



    Please launch DDS
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop and post both in your next reply



    Please post in your next reply
    log.txt
    dds.txt
    attach.txt
     
  12. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    GoodMorning,
    -Eset found 2 things but Log is empty????.:
    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
    - I had java but it always failed to update
    -everything seems to work fine
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by user at 7:55:15 on 2011-11-12
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2036.1020 [GMT 1:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\CxAudMsg32.exe
    C:\Windows\system32\CxUSBDock32.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\STMicroelectronics\Accelerometer-Magnetometer\PopUp_DM.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Squeezebox\SqueezeTray.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\taskeng.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe
    C:\Windows\system32\prevhost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://nu.nl/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [Dell Magneto Popup] c:\program files\stmicroelectronics\accelerometer-magnetometer\PopUp_DM.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [CnxtCoInstallerDefer] c:\program files\conexant\preinstall\setup4e993818342\setup.exe -REBOOTED_FROM_NO_ENUM_INSTALL_METHOD=2 -S2 -S3
    mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\btguar~1.lnk - c:\btguard\settings.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\systee~1.lnk - c:\program files\squeezebox\SqueezeTray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.euro.dell.com/systemprofiler/SysProExe.CAB
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\26167656C637265616E637 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\27F65747562747A656 : DhcpNameServer = 192.168.1.1
    Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - c:\windows\system32\mscoree.dll
    Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
    R1 MpKsla5ce7ae0;MpKsla5ce7ae0;c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\MpKsla5ce7ae0.sys [2011-11-11 28752]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-10-20 821664]
    R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg32.exe [2011-10-15 190592]
    R2 CxUSBDock;Conexant USB Audio Dock Service;c:\windows\system32\CxUSBDock32.exe [2011-10-15 123008]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-28 366152]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-10-28 1153368]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-9-14 508264]
    R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2011-10-10 736672]
    R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-7-5 2337144]
    R3 acpials;ALS-sensorfilter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680]
    R3 Fwleaf;NETGEAR Firewall Driver;c:\windows\system32\drivers\fwleaf.sys [2011-10-23 22848]
    R3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2011-5-26 55296]
    R3 LSM303DLH;STMicroelectronics&#8482; 3-Axis Accelerometer/Magnetometer;c:\windows\system32\drivers\LSM303DLH.sys [2011-2-1 28272]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-28 22216]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-9-14 577384]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-9-14 194408]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-9-14 21864]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-9-14 19304]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-9-14 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2011-10-22 84832]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-6-13 54632]
    S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-29 1343400]
    .
    =============== Created Last 30 ================
    .
    2011-11-11 21:43:20 -------- d-----w- c:\program files\ESET
    2011-11-11 15:15:23 703824 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{51b68297-124f-4667-b0be-a5b8a5e938b9}\gapaengine.dll
    2011-11-11 15:15:23 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\MpKsla5ce7ae0.sys
    2011-11-11 15:15:11 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\offreg.dll
    2011-11-11 15:15:08 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\mpengine.dll
    2011-11-11 15:14:16 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fb5295fd-a972-4acd-abde-8fa6359a5960}\mpengine.dll
    2011-11-11 15:13:28 -------- d-----w- c:\program files\Microsoft Security Client
    2011-11-11 15:12:48 -------- d-----w- C:\438a6cb23df005e65f250699
    2011-11-10 03:07:13 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2011-11-09 22:32:49 -------- d-----w- C:\$RECYCLE.BIN
    2011-11-09 22:11:29 256000 ----a-w- c:\windows\PEV.exe
    2011-11-09 22:11:29 208896 ----a-w- c:\windows\MBR.exe
    2011-11-09 22:11:28 98816 ----a-w- c:\windows\sed.exe
    2011-11-09 22:11:28 518144 ----a-w- c:\windows\SWREG.exe
    2011-11-09 22:11:13 -------- d-----w- C:\ComboFix
    2011-11-09 12:18:00 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-11-09 12:17:58 708608 ----a-w- c:\program files\common files\system\wab32.dll
    2011-11-09 12:17:55 2341888 ----a-w- c:\windows\system32\win32k.sys
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconF7A21AF7.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconD7F16134.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconCF33A0CE.exe
    2011-10-30 12:03:06 -------- d-----w- C:\sh4ldr
    2011-10-30 12:03:05 -------- d-----w- c:\program files\Enigma Software Group
    2011-10-30 11:59:54 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
    2011-10-30 11:59:48 -------- d-----w- c:\program files\common files\Wise Installation Wizard
    2011-10-30 08:23:18 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-10-30 08:23:15 -------- d-----w- c:\program files\Trend Micro
    2011-10-28 18:15:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-10-28 18:15:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-10-28 14:50:21 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
    2011-10-28 14:50:05 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-28 14:49:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-28 14:49:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-23 18:51:51 -------- d-----w- c:\users\user\appdata\local\ReadyNASRemote
    2011-10-23 18:49:31 22848 ----a-w- c:\windows\system32\drivers\fwleaf.sys
    2011-10-23 14:03:26 -------- d-----w- C:\updates
    2011-10-23 13:59:44 -------- d-----w- c:\programdata\Squeezebox
    2011-10-23 13:59:44 -------- d-----w- c:\program files\Squeezebox
    2011-10-22 16:42:06 -------- d-----w- c:\program files\Makayama Interactive
    2011-10-22 07:42:41 -------- d-----w- c:\program files\FreeTime
    2011-10-22 07:17:17 -------- d-----w- C:\OUT_MEDIA_FILES
    2011-10-22 07:17:03 84832 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
    2011-10-22 07:17:03 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\roaming\Spotify
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\local\Spotify
    2011-10-21 19:27:48 -------- d-----w- c:\program files\NETGEAR ReadyNAS
    2011-10-20 15:43:59 805376 ----a-w- c:\windows\system32\FntCache.dll
    2011-10-20 15:43:58 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-10-20 15:43:58 1076736 ----a-w- c:\windows\system32\DWrite.dll
    2011-10-15 07:06:57 -------- d-----w- c:\users\user\appdata\local\SRS Labs
    2011-10-15 07:06:50 -------- d-----w- c:\program files\SRS Labs
    2011-10-15 07:06:26 123008 ------w- c:\windows\system32\CxUSBDock32.exe
    2011-10-15 07:06:19 190592 ------w- c:\windows\system32\CxAudMsg32.exe
    2011-10-15 07:05:55 -------- d-----w- c:\windows\system32\SRSLabs
    2011-10-15 07:04:06 330368 ----a-w- c:\windows\system32\UCI32A63.dll
    2011-10-15 07:04:03 521344 ----a-w- c:\windows\system32\drivers\CHDRT32.sys
    2011-10-15 07:04:03 1743488 ----a-w- c:\windows\system32\CX32PP25.dll
    .
    ==================== Find3M ====================
    .
    2011-11-11 21:34:09 544656 ----a-w- c:\windows\system32\deployJava1.dll
    2011-10-10 06:33:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-08-27 04:26:27 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-08-27 04:26:27 233472 ----a-w- c:\windows\system32\oleacc.dll
    2011-08-17 04:24:12 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2011-08-17 04:19:27 75776 ----a-w- c:\windows\system32\psisrndr.ax
    .
    ============= FINISH: 7:56:32,80 ===============


    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by user at 7:55:15 on 2011-11-12
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2036.1020 [GMT 1:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\CxAudMsg32.exe
    C:\Windows\system32\CxUSBDock32.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\STMicroelectronics\Accelerometer-Magnetometer\PopUp_DM.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Squeezebox\SqueezeTray.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\taskeng.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe
    C:\Windows\system32\prevhost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://nu.nl/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [Dell Magneto Popup] c:\program files\stmicroelectronics\accelerometer-magnetometer\PopUp_DM.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [CnxtCoInstallerDefer] c:\program files\conexant\preinstall\setup4e993818342\setup.exe -REBOOTED_FROM_NO_ENUM_INSTALL_METHOD=2 -S2 -S3
    mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\btguar~1.lnk - c:\btguard\settings.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\systee~1.lnk - c:\program files\squeezebox\SqueezeTray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.euro.dell.com/systemprofiler/SysProExe.CAB
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\26167656C637265616E637 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{45CAF88F-358E-4D78-81CF-DC7A283083A0}\27F65747562747A656 : DhcpNameServer = 192.168.1.1
    Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - c:\windows\system32\mscoree.dll
    Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
    R1 MpKsla5ce7ae0;MpKsla5ce7ae0;c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\MpKsla5ce7ae0.sys [2011-11-11 28752]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-10-20 821664]
    R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg32.exe [2011-10-15 190592]
    R2 CxUSBDock;Conexant USB Audio Dock Service;c:\windows\system32\CxUSBDock32.exe [2011-10-15 123008]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-28 366152]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-10-28 1153368]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-9-14 508264]
    R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2011-10-10 736672]
    R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-7-5 2337144]
    R3 acpials;ALS-sensorfilter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680]
    R3 Fwleaf;NETGEAR Firewall Driver;c:\windows\system32\drivers\fwleaf.sys [2011-10-23 22848]
    R3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2011-5-26 55296]
    R3 LSM303DLH;STMicroelectronics&#8482; 3-Axis Accelerometer/Magnetometer;c:\windows\system32\drivers\LSM303DLH.sys [2011-2-1 28272]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-28 22216]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-9-14 577384]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-9-14 194408]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-9-14 21864]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-9-14 19304]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-9-14 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2011-10-22 84832]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-6-13 54632]
    S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-29 1343400]
    .
    =============== Created Last 30 ================
    .
    2011-11-11 21:43:20 -------- d-----w- c:\program files\ESET
    2011-11-11 15:15:23 703824 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{51b68297-124f-4667-b0be-a5b8a5e938b9}\gapaengine.dll
    2011-11-11 15:15:23 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\MpKsla5ce7ae0.sys
    2011-11-11 15:15:11 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\offreg.dll
    2011-11-11 15:15:08 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4914ece-181c-4b63-bdc7-b54929f0c475}\mpengine.dll
    2011-11-11 15:14:16 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fb5295fd-a972-4acd-abde-8fa6359a5960}\mpengine.dll
    2011-11-11 15:13:28 -------- d-----w- c:\program files\Microsoft Security Client
    2011-11-11 15:12:48 -------- d-----w- C:\438a6cb23df005e65f250699
    2011-11-10 03:07:13 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2011-11-09 22:32:49 -------- d-----w- C:\$RECYCLE.BIN
    2011-11-09 22:11:29 256000 ----a-w- c:\windows\PEV.exe
    2011-11-09 22:11:29 208896 ----a-w- c:\windows\MBR.exe
    2011-11-09 22:11:28 98816 ----a-w- c:\windows\sed.exe
    2011-11-09 22:11:28 518144 ----a-w- c:\windows\SWREG.exe
    2011-11-09 22:11:13 -------- d-----w- C:\ComboFix
    2011-11-09 12:18:00 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-11-09 12:17:58 708608 ----a-w- c:\program files\common files\system\wab32.dll
    2011-11-09 12:17:55 2341888 ----a-w- c:\windows\system32\win32k.sys
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconF7A21AF7.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconD7F16134.exe
    2011-10-30 12:03:09 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{1c7cc8e2-cfcf-41e6-a863-7c7a45ce8a78}\IconCF33A0CE.exe
    2011-10-30 12:03:06 -------- d-----w- C:\sh4ldr
    2011-10-30 12:03:05 -------- d-----w- c:\program files\Enigma Software Group
    2011-10-30 11:59:54 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
    2011-10-30 11:59:48 -------- d-----w- c:\program files\common files\Wise Installation Wizard
    2011-10-30 08:23:18 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-10-30 08:23:15 -------- d-----w- c:\program files\Trend Micro
    2011-10-28 18:15:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-10-28 18:15:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-10-28 14:50:21 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
    2011-10-28 14:50:05 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-28 14:49:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-28 14:49:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-23 18:51:51 -------- d-----w- c:\users\user\appdata\local\ReadyNASRemote
    2011-10-23 18:49:31 22848 ----a-w- c:\windows\system32\drivers\fwleaf.sys
    2011-10-23 14:03:26 -------- d-----w- C:\updates
    2011-10-23 13:59:44 -------- d-----w- c:\programdata\Squeezebox
    2011-10-23 13:59:44 -------- d-----w- c:\program files\Squeezebox
    2011-10-22 16:42:06 -------- d-----w- c:\program files\Makayama Interactive
    2011-10-22 07:42:41 -------- d-----w- c:\program files\FreeTime
    2011-10-22 07:17:17 -------- d-----w- C:\OUT_MEDIA_FILES
    2011-10-22 07:17:03 84832 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
    2011-10-22 07:17:03 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\roaming\Spotify
    2011-10-21 20:29:16 -------- d-----w- c:\users\user\appdata\local\Spotify
    2011-10-21 19:27:48 -------- d-----w- c:\program files\NETGEAR ReadyNAS
    2011-10-20 15:43:59 805376 ----a-w- c:\windows\system32\FntCache.dll
    2011-10-20 15:43:58 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-10-20 15:43:58 1076736 ----a-w- c:\windows\system32\DWrite.dll
    2011-10-15 07:06:57 -------- d-----w- c:\users\user\appdata\local\SRS Labs
    2011-10-15 07:06:50 -------- d-----w- c:\program files\SRS Labs
    2011-10-15 07:06:26 123008 ------w- c:\windows\system32\CxUSBDock32.exe
    2011-10-15 07:06:19 190592 ------w- c:\windows\system32\CxAudMsg32.exe
    2011-10-15 07:05:55 -------- d-----w- c:\windows\system32\SRSLabs
    2011-10-15 07:04:06 330368 ----a-w- c:\windows\system32\UCI32A63.dll
    2011-10-15 07:04:03 521344 ----a-w- c:\windows\system32\drivers\CHDRT32.sys
    2011-10-15 07:04:03 1743488 ----a-w- c:\windows\system32\CX32PP25.dll
    .
    ==================== Find3M ====================
    .
    2011-11-11 21:34:09 544656 ----a-w- c:\windows\system32\deployJava1.dll
    2011-10-10 06:33:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-08-27 04:26:27 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-08-27 04:26:27 233472 ----a-w- c:\windows\system32\oleacc.dll
    2011-08-17 04:24:12 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2011-08-17 04:19:27 75776 ----a-w- c:\windows\system32\psisrndr.ax
    .
    ============= FINISH: 7:56:32,80 ===============
     
  13. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy,

    Can you remember on the filepath of Eset's detections ?
    Otherwise I need you to run the Online Scan again and please write down what has been found.


    You wrote that the Java Update failed. Can you tell me the exact error message or explain me the problem ?


    You posted the dds.txt 2 times instead the attach.txt. If the attach.txt is saved on your desktop, please post its contents here.
    If not, you have to re-run DDS.
     
  14. govert

    govert Thread Starter

    Joined:
    Nov 3, 2011
    Messages:
    12
    Hello,

    i thought java said something about administrator rights

    C:\Qoobox\Quarantine\C\Users\user\AppData\Roaming\license3.dll.vir Win32/Ponmocup.AA trojan
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPD44D1Q\spirits-snap[1].htm JS/Kryptik.BP trojan


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 24-5-2011 16:50:08
    System Uptime: 11-11-2011 16:09:12 (29 hours ago)
    .
    Motherboard: Dell Inc. | | Inspiron 1090
    Processor: Intel(R) Atom(TM) CPU N550 @ 1.50GHz | CPU | 1500/667mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 233 GiB total, 191,667 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslc1f3797e
    Device ID: ROOT\LEGACY_MPKSLC1F3797E\0000
    Manufacturer:
    Name: MpKslc1f3797e
    PNP Device ID: ROOT\LEGACY_MPKSLC1F3797E\0000
    Service: MpKslc1f3797e
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl30f9ebb3
    Device ID: ROOT\LEGACY_MPKSL30F9EBB3\0000
    Manufacturer:
    Name: MpKsl30f9ebb3
    PNP Device ID: ROOT\LEGACY_MPKSL30F9EBB3\0000
    Service: MpKsl30f9ebb3
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsld0115633
    Device ID: ROOT\LEGACY_MPKSLD0115633\0000
    Manufacturer:
    Name: MpKsld0115633
    PNP Device ID: ROOT\LEGACY_MPKSLD0115633\0000
    Service: MpKsld0115633
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl39b88671
    Device ID: ROOT\LEGACY_MPKSL39B88671\0000
    Manufacturer:
    Name: MpKsl39b88671
    PNP Device ID: ROOT\LEGACY_MPKSL39B88671\0000
    Service: MpKsl39b88671
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsld8f64202
    Device ID: ROOT\LEGACY_MPKSLD8F64202\0000
    Manufacturer:
    Name: MpKsld8f64202
    PNP Device ID: ROOT\LEGACY_MPKSLD8F64202\0000
    Service: MpKsld8f64202
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl3a3d43fa
    Device ID: ROOT\LEGACY_MPKSL3A3D43FA\0000
    Manufacturer:
    Name: MpKsl3a3d43fa
    PNP Device ID: ROOT\LEGACY_MPKSL3A3D43FA\0000
    Service: MpKsl3a3d43fa
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl449f1697
    Device ID: ROOT\LEGACY_MPKSL449F1697\0000
    Manufacturer:
    Name: MpKsl449f1697
    PNP Device ID: ROOT\LEGACY_MPKSL449F1697\0000
    Service: MpKsl449f1697
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl55197cb9
    Device ID: ROOT\LEGACY_MPKSL55197CB9\0000
    Manufacturer:
    Name: MpKsl55197cb9
    PNP Device ID: ROOT\LEGACY_MPKSL55197CB9\0000
    Service: MpKsl55197cb9
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslecbb81fc
    Device ID: ROOT\LEGACY_MPKSLECBB81FC\0000
    Manufacturer:
    Name: MpKslecbb81fc
    PNP Device ID: ROOT\LEGACY_MPKSLECBB81FC\0000
    Service: MpKslecbb81fc
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl66a2a486
    Device ID: ROOT\LEGACY_MPKSL66A2A486\0000
    Manufacturer:
    Name: MpKsl66a2a486
    PNP Device ID: ROOT\LEGACY_MPKSL66A2A486\0000
    Service: MpKsl66a2a486
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslf85a474e
    Device ID: ROOT\LEGACY_MPKSLF85A474E\0000
    Manufacturer:
    Name: MpKslf85a474e
    PNP Device ID: ROOT\LEGACY_MPKSLF85A474E\0000
    Service: MpKslf85a474e
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl7b619c06
    Device ID: ROOT\LEGACY_MPKSL7B619C06\0000
    Manufacturer:
    Name: MpKsl7b619c06
    PNP Device ID: ROOT\LEGACY_MPKSL7B619C06\0000
    Service: MpKsl7b619c06
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl8b0c9026
    Device ID: ROOT\LEGACY_MPKSL8B0C9026\0000
    Manufacturer:
    Name: MpKsl8b0c9026
    PNP Device ID: ROOT\LEGACY_MPKSL8B0C9026\0000
    Service: MpKsl8b0c9026
    .
    Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Description: Generic Bluetooth Adapter
    Device ID: USB\VID_0CF3&PID_3002\5&3A195F82&0&2
    Manufacturer: GenericAdapter
    Name: Generic Bluetooth Adapter
    PNP Device ID: USB\VID_0CF3&PID_3002\5&3A195F82&0&2
    Service: BTHUSB
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslaa30d8be
    Device ID: ROOT\LEGACY_MPKSLAA30D8BE\0000
    Manufacturer:
    Name: MpKslaa30d8be
    PNP Device ID: ROOT\LEGACY_MPKSLAA30D8BE\0000
    Service: MpKslaa30d8be
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslb61aabd5
    Device ID: ROOT\LEGACY_MPKSLB61AABD5\0000
    Manufacturer:
    Name: MpKslb61aabd5
    PNP Device ID: ROOT\LEGACY_MPKSLB61AABD5\0000
    Service: MpKslb61aabd5
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft Teredo Tunneling-adapter
    Device ID: ROOT\*TEREDO\0000
    Manufacturer: Microsoft
    Name: Teredo Tunneling Pseudo-Interface
    PNP Device ID: ROOT\*TEREDO\0000
    Service: tunnel
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslbac233d7
    Device ID: ROOT\LEGACY_MPKSLBAC233D7\0000
    Manufacturer:
    Name: MpKslbac233d7
    PNP Device ID: ROOT\LEGACY_MPKSLBAC233D7\0000
    Service: MpKslbac233d7
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl0a841fb9
    Device ID: ROOT\LEGACY_MPKSL0A841FB9\0000
    Manufacturer:
    Name: MpKsl0a841fb9
    PNP Device ID: ROOT\LEGACY_MPKSL0A841FB9\0000
    Service: MpKsl0a841fb9
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslbdfb7049
    Device ID: ROOT\LEGACY_MPKSLBDFB7049\0000
    Manufacturer:
    Name: MpKslbdfb7049
    PNP Device ID: ROOT\LEGACY_MPKSLBDFB7049\0000
    Service: MpKslbdfb7049
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKslbf689fea
    Device ID: ROOT\LEGACY_MPKSLBF689FEA\0000
    Manufacturer:
    Name: MpKslbf689fea
    PNP Device ID: ROOT\LEGACY_MPKSLBF689FEA\0000
    Service: MpKslbf689fea
    .
    ==== System Restore Points ===================
    .
    RP151: 10-11-2011 3:00:13 - Windows Update
    RP152: 11-11-2011 22:29:19 - Removed Java(TM) 6 Update 26
    RP153: 11-11-2011 22:33:42 - Installed Java(TM) 7 Update 1
    RP154: 12-11-2011 3:00:13 - Windows Update
    .
    ==== Installed Programs ======================
    .
    32 Bit HP CIO Components Installer
    Accelerometer-Magnetometer
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.1) - Nederlands
    BTGuard 2.3
    CCleaner
    CDBurnerXP
    Conexant HD Audio
    Corel Graphics - Windows Shell Extension
    CorelDRAW Graphics Suite X5
    CorelDRAW Graphics Suite X5 - Capture
    CorelDRAW Graphics Suite X5 - Common
    CorelDRAW Graphics Suite X5 - Connect
    CorelDRAW Graphics Suite X5 - Custom Data
    CorelDRAW Graphics Suite X5 - Draw
    CorelDRAW Graphics Suite X5 - EN
    CorelDRAW Graphics Suite X5 - Filters
    CorelDRAW Graphics Suite X5 - FontNav
    CorelDRAW Graphics Suite X5 - IPM
    CorelDRAW Graphics Suite X5 - PHOTO-PAINT
    CorelDRAW Graphics Suite X5 - Photozoom Plugin
    CorelDRAW Graphics Suite X5 - Redist
    CorelDRAW Graphics Suite X5 - Setup Files
    CorelDRAW Graphics Suite X5 - VBA
    CorelDRAW Graphics Suite X5 - VideoBrowser
    CorelDRAW Graphics Suite X5 - VSTA
    CorelDRAW Graphics Suite X5 - WT
    CorelDRAW(R) Graphics Suite X5
    CyberLink YouPaint
    Dell Driver Download Manager
    Dell MusicStage
    Dell PhotoStage
    Dell Support Center
    Dell VideoStage
    ESET Online Scanner v3
    FormatFactory 2.70
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hema Fotoalbum
    HiJackThis
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
    HP Photosmart B109a-m All-in-One Driver 14.0 Rel. 6
    Intel(R) Graphics Media Accelerator Driver
    Java Auto Updater
    Java(TM) 7 Update 1
    Junk Mail filter update
    K-Lite Codec Pack 5.2.0 (Full)
    Kinderopvangtoeslag 2011
    Logitech Harmony Remote Software 7
    Malwarebytes' Anti-Malware versie 1.51.2.1300
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile NLD Language Pack
    Microsoft Antimalware
    Microsoft Antimalware Service NL-NL Language Pack
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Office Home and Student 2010 - Nederlands
    Microsoft Office Klik-en-Klaar 2010
    Microsoft Search Enhancement Pack
    Microsoft Security Client
    Microsoft Security Client NL-NL Language Pack
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Touch Pack for Windows 7
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual Studio Tools for Applications 2.0 - ENU
    Microsoft Visual Studio Tools for Applications 2.0 Runtime
    Microsoft XNA Framework Redistributable 3.0
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    PS_AIO_06_B109a-m_SW_Min
    QuickSet32
    RAIDar 4.3.3
    ReadyNAS Remote
    Remote Control USB Driver
    Revo Uninstaller 1.92
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)
    Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
    Spybot - Search & Destroy
    SpyHunter
    Squeezebox Server 7.6.1
    StickyNotes
    SUPERAntiSpyware
    Synaptics Pointing Device Driver
    Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
    TeamViewer 6
    Toolbox
    TweetDeck
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Video DVD Maker v3.32.0.80
    Visual Basic for Applications (R) Core
    Visual Basic for Applications (R) Core - English
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Toolbar
    Windows Live Writer
    .
    ==== End Of File ===========================
     
  15. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there,

    One of the detections of Eset is in a quarantine folder of our tools we used and the other one in your temp files which we will delete now.


    Please download TFC by OldTimer to your desktop.

    • Close any open windows.
    • Please double-click TFC.exe to run it.
      Vista and Win7 Users: Please right-click on the file and choose Run As Administrator.
    • TFC will close all open programs itself in order to run.
    • Click the Start button to begin the process
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job.
    • Once it's finished it should automatically reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

    It's normal after running TFC cleaner that the PC will be slower to boot the first time.



    Unless you do not have any open issues, you are good to go :)
    Please follow these last few steps.


    Please press the [​IMG] + R Key and Copy/Paste the following single-line command into the Run box and click OK

    combofix /uninstall


    This will uninstall ComboFix and delete ComboFix's quarantine folder. It will also implement some cleanup procedures, remove old System Restore Points which contain previous infections, and create a fresh, clean System Restore Point.

    Please re-enable your antivirus program and any other antispyware programs disabled earlier if you haven't already.

    You can safely delete any tools downloaded or any logs, files, and any shortcuts on your desktop that were created during this fix.

    Empty your Recycle Bin if it does not do so automatically.



    Please delete the following tools we have used.
    DDS - Delete the file to remove this tool
    TDSSKiller - Delete the folder to remove this tool



    Now that you appear to be free from malware lets help you stay that way!

    It is vital that you keep your system up to date
    • Please enable Automatic Updates to keep your system up to date.
    • Windows Updates
      • Win XP: Start --> Control Panel and double- click on Automatic Updates.
      • Vista / 7: Start --> Control Panel --> System and Security --> Windows Updates
    • Software Updates
      Your installed Software also can have vulnerabilities that malware can use to infect your system.
      To keep your installed Software up to date I recommend File Hippo.


    Anti Virus Software
    • Make sure to have one Anti Virus programme installed and update it on a regular basis. It is useless with out of date definitions.


    Additional Protection
    • Malwarebytes Anti Malware
      The freeware Version is an on demand scanner which will check your system for malware. Update it once a week and run a Quick Scan. You can also buy a licence which offers more features.
    • WinPatrol
      WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.


    Safer Browsing


    Use an alternate browser
    Other browsers tend to be more secure than IE as they do not make use of active x objects. Active x objects can be used by spyware as an infection point on your computer.
    Note: If you use Firefox you may want to have a look on this Add Ons.

    Computer Maintenance
    Clean out your temp files on a regular basis -I recommend TFC ( Temp File Cleaner ).


    Thinking while surfing
    There is no software which will protect your system from yourself.
    I have included some security related articles that I advise you read through in your own time. These articles will give you tips and advice on preventing infection, and how to stay safe whilst browsing the internet.


    If you have any questions kindly ask.


    Please respond to this thread one more time and click on the MARK SOLVED Button at the top of your first post.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1025432