Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Automatic sound


  • Please log in to reply
8 replies to this topic

#1 iLoveElectro

iLoveElectro

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 17 September 2012 - 02:38 PM

Hi people!

A few weeks ago, Windows XP got installed on my PC.
But a few days ago, my pc started to do weird things.

First, my pc was muting himself. The box "mute everything" was checked 10 seconds after unmuting, so I didn't have any sound

Then, my pc started playing random sounds at the background, like songs and campaigns for politics. Even if internet browsers or other programs weren't opened!

So I downloaded SUPERAntiSpyware and Malwarebytes, and they both scanned my pc and cleaned him up. But the problems are still there.

I really appreciate your help.
Please don't mind my english, I'm 14 years old and dutch...

Milton

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:49 PM

Posted 17 September 2012 - 02:47 PM

Hello Milton and welcome.. First I moved this to the Am I Infected forum from XP.

We need to run a few tools.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed



Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.


>>>

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 iLoveElectro

iLoveElectro
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 18 September 2012 - 07:23 AM

Hello boopme!

First of all, thanks for the reply. Here's the log of MiniToolBox (it's dutch for a part...)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Gebruiker (administrator) on 18-09-2012 at 14:16:09
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP-configuratie



De DNS-omzettingscache is leeggemaakt.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Gigaset USB Adapter 108 = Draadloze netwerkverbinding (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC = LAN-verbinding (Media disconnected)


# ----------------------------------
# IP-configuratie van interface
# ----------------------------------
pushd interface ip


# IP-configuratie van interface voor "LAN-verbinding"

set address name="LAN-verbinding" source=dhcp
set dns name="LAN-verbinding" source=dhcp register=PRIMARY
set wins name="LAN-verbinding" source=dhcp

# IP-configuratie van interface voor "Draadloze netwerkverbinding"

set address name="Draadloze netwerkverbinding" source=dhcp
set dns name="Draadloze netwerkverbinding" source=dhcp register=PRIMARY
set wins name="Draadloze netwerkverbinding" source=dhcp


popd
# Einde van IP-configuratie van interface




Windows IP-configuratie



Host-naam . . . . . . . . . . . .: gebruiker2005

Primair DNS-achtervoegsel. . . . .:

Knooppunttype: . . . . . . . . . .: onbekend

IP-routering ingeschakeld. . . . .: nee

WINS-proxy ingeschakeld . . . . . : nee



Ethernet-adapter LAN-verbinding:



Status van medium . . . . . . . . : medium ontkoppeld

Beschrijving . . . . . . . . . . .:

Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC

Fysiek adres. . . . . . . . . . . : 00-19-66-E2-23-16



Ethernet-adapter Draadloze netwerkverbinding:



Verbindingsspec. DNS-achtervoegsel:

Beschrijving . . . . . . . . . . .:

Gigaset USB Adapter 108

Fysiek adres. . . . . . . . . . . : 00-01-E3-C1-28-D6

DHCP ingeshakeld. . . . . . . . . : ja

Autom. configuratie ingeschakeld. : ja

IP-adres. . . . . . . . . . . . . : 192.168.178.13

Subnetmasker. . . . . . . . . . . : 255.255.255.0

Standaardgateway. . . . . . . . . : 192.168.178.1

DHCP-server . . . . . . . . . . . : 192.168.178.1

DNS-servers . . . . . . . . . . . : 212.54.40.25

212.54.35.25

Lease verkregen . . . . . . . . . : dinsdag 18 september 2012 14:13:49

Lease verlopen . . . . . . . . . : dinsdag 18 september 2012 15:13:49

Server: dns.tb.iss.as9143.net
Address: 212.54.40.25

Name: google.com
Addresses: 173.194.66.138, 173.194.66.102, 173.194.66.100, 173.194.66.139
173.194.66.113, 173.194.66.101



Pingen naar google.com [173.194.66.138] met 32 byte gegevens:



Antwoord van 173.194.66.138: bytes=32 tijd=21 ms TTL=49

Antwoord van 173.194.66.138: bytes=32 tijd=16 ms TTL=49



Ping-statistieken voor 173.194.66.138:

Pakketten: verzonden = 2, ontvangen = 2, verloren = 0

(0% verlies).De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:

Minimum = 16ms, Maximum = 21ms, Gemiddelde = 18ms

Server: dns.tb.iss.as9143.net
Address: 212.54.40.25

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pingen naar yahoo.com [98.139.183.24] met 32 byte gegevens:



Antwoord van 98.139.183.24: bytes=32 tijd=637 ms TTL=49

Antwoord van 98.139.183.24: bytes=32 tijd=587 ms TTL=49



Ping-statistieken voor 98.139.183.24:

Pakketten: verzonden = 2, ontvangen = 2, verloren = 0

(0% verlies).De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:

Minimum = 587ms, Maximum = 637ms, Gemiddelde = 612ms

Server: dns.tb.iss.as9143.net
Address: 212.54.40.25

Name: bleepingcomputer.com
Address: 208.43.87.2



Pingen naar bleepingcomputer.com [208.43.87.2] met 32 byte gegevens:



Antwoord van 208.43.87.2: De doelhost is niet bereikbaar.

Antwoord van 208.43.87.2: De doelhost is niet bereikbaar.



Ping-statistieken voor 208.43.87.2:

Pakketten: verzonden = 2, ontvangen = 2, verloren = 0

(0% verlies).De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:

Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms



Pingen naar 127.0.0.1 met 32 byte gegevens:



Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128

Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128



Ping-statistieken voor 127.0.0.1:

Pakketten: verzonden = 2, ontvangen = 2, verloren = 0

(0% verlies).De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:

Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms

===========================================================================
Interfacelijst
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 66 e2 23 16 ...... Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC - Pakketplanner-minipoort
0x10004 ...00 01 e3 c1 28 d6 ...... Gigaset USB Adapter 108 - Pakketplanner-minipoort
===========================================================================
===========================================================================
Actieve routes:
Netwerkadres Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.13 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.178.0 255.255.255.0 192.168.178.13 192.168.178.13 25
192.168.178.13 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.178.255 255.255.255.255 192.168.178.13 192.168.178.13 25
224.0.0.0 240.0.0.0 192.168.178.13 192.168.178.13 25
255.255.255.255 255.255.255.255 192.168.178.13 2 1
255.255.255.255 255.255.255.255 192.168.178.13 192.168.178.13 1
Standaard-gateway: 192.168.178.1
===========================================================================
Permanente routes:
Geen
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/17/2012 06:07:09 PM) (Source: Application Hang) (User: )
Description: Vastgelopen toepassing: mbam-setup-1.65.0.1400.tmp, versie: 51.52.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error: (09/16/2012 09:20:54 PM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.0.1526.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL

Error: (09/08/2012 04:27:28 PM) (Source: Application Error) (User: )
Description: Vastgelopen toepassing: stdrt.exe, versie: 6.0.0.0, vastgelopen module: ntdll.dll, versie: 5.1.2600.6055, vastgelopen op: 0x0003689e.
Verwerken van mediaspecifieke gebeurtenis voor [stdrt.exe!ws!]

Error: (09/01/2012 04:51:29 PM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientsetup.exe2.0.657.00x8004ff06NILNILNILNILNILNILNIL

Error: (09/01/2012 04:51:29 PM) (Source: Microsoft Security Client Setup) (User: )
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (09/01/2012 00:09:52 PM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientsetup.exe4.0.1526.00x80070003morrobootstraper__cinstallflow__internalrun - getbackupactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL

Error: (09/01/2012 00:09:49 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.0.1526.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/31/2012 08:42:00 PM) (Source: crypt32) (User: )
Description: Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> opvragen van de automatische update van het basislijstvolgordenummer van derden is mislukt met de fout: Deze netwerkverbinding bestaat niet.

Error: (08/31/2012 08:41:59 PM) (Source: crypt32) (User: )
Description: Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> opvragen van de automatische update van het basislijstvolgordenummer van derden is mislukt met de fout: Deze netwerkverbinding bestaat niet.

Error: (08/31/2012 08:41:59 PM) (Source: crypt32) (User: )
Description: Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> opvragen van de automatische update van het basislijstvolgordenummer van derden is mislukt met de fout: De naam of het adres van de server kan niet worden omgezet.


System errors:
=============
Error: (09/18/2012 02:11:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 heeft een fout gevonden tijdens het bijwerken van handtekeningen.

Nieuwe handtekeningversie:

Vorige handtekeningversie: 1.135.1362.0

Updatebron: %NT AUTHORITY59

Updatefase: 4.0.1526.00

Bronpad: 4.0.1526.01

Type handtekening: %NT AUTHORITY602

Type update: %NT AUTHORITY604

Gebruiker: NT AUTHORITY\SYSTEM

Huidige engineversie: %NT AUTHORITY605

Vorige engineversie: %NT AUTHORITY606

Foutcode: %NT AUTHORITY607

Foutbeschrijving: %NT AUTHORITY608

Error: (09/18/2012 02:01:40 PM) (Source: Service Control Manager) (User: )
Description: De Adobe Licensing Console-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (09/18/2012 02:01:40 PM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Adobe Licensing Console.

Error: (09/18/2012 02:01:24 PM) (Source: 0) (User: )
Description: Gigaset USB Adapter 108

Error: (09/17/2012 05:43:50 PM) (Source: Service Control Manager) (User: )
Description: De Adobe Licensing Console-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (09/17/2012 05:43:50 PM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Adobe Licensing Console.

Error: (09/17/2012 05:43:34 PM) (Source: 0) (User: )
Description: Gigaset USB Adapter 108

Error: (09/16/2012 08:26:02 PM) (Source: Service Control Manager) (User: )
Description: De Adobe Licensing Console-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (09/16/2012 08:26:02 PM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Adobe Licensing Console.

Error: (09/15/2012 03:39:40 PM) (Source: Service Control Manager) (User: )
Description: De Adobe Licensing Console-service kan vanwege de volgende fout niet worden gestart:
%%1053


Microsoft Office Sessions:
=========================
Error: (09/17/2012 06:07:09 PM) (Source: Application Hang)(User: )
Description: mbam-setup-1.65.0.1400.tmp51.52.0.0hungapp0.0.0.000000000

Error: (09/16/2012 09:20:54 PM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientmsseces.exe4.0.1526.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL

Error: (09/08/2012 04:27:28 PM) (Source: Application Error)(User: )
Description: stdrt.exe6.0.0.0ntdll.dll5.1.2600.60550003689e

Error: (09/01/2012 04:51:29 PM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientsetup.exe2.0.657.00x8004ff06NILNILNILNILNILNILNIL

Error: (09/01/2012 04:51:29 PM) (Source: Microsoft Security Client Setup)(User: )
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (09/01/2012 00:09:52 PM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientsetup.exe4.0.1526.00x80070003morrobootstraper__cinstallflow__internalrun - getbackupactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL

Error: (09/01/2012 00:09:49 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry0x80070003moaccachereset4.0.1526.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (08/31/2012 08:42:00 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDeze netwerkverbinding bestaat niet.

Error: (08/31/2012 08:41:59 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDeze netwerkverbinding bestaat niet.

Error: (08/31/2012 08:41:59 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDe naam of het adres van de server kan niet worden omgezet.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.0) - Nederlands (Version: 10.1.0)
ASIO4ALL (Version: 2.10)
µTorrent (Version: 3.2.0)
Beveiligingsupdate voor Microsoft Windows (KB2564958)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2544893-v2) (Version: 2)
Beveiligingsupdate voor Windows XP (KB2570947) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2584146) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2585542) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2592799) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2598479) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2603381) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2618451) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2619339) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2620712) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2624667) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2631813) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2646524) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2653956) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2655992) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2659262) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2661637) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2676562) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2686509) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2691442) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2695962) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2698365) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2705219) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2707511) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2712808) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2719985) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2722913) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2723135) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2731847) (Version: 1)
BurnAware Free 4.9
FL Studio 10
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 21.0.1180.89)
Hotfix voor Windows XP (KB2633952) (Version: 1)
IL Download Manager
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
Junk Mail filter update (Version: 14.0.8117.416)
LibreOffice 3.5 (Version: 3.5.1.102)
Malwarebytes Anti-Malware versie 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Dutch Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Language Pack - NLD
Microsoft .NET Framework 2.0 Language Pack - NLD (Version: 1.1.50727.42)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile NLD Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Mozilla Firefox 12.0 (x86 nl) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
NVIDIA-configuratiescherm 301.42 (Version: 301.42)
NVIDIA Grafisch stuurprogramma 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA nView 136.27 (Version: 136.27)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX systeemsoftware 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.23.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5730)
reFX Nexus VSTi RTAS v2.2.0
Segoe UI (Version: 14.0.4327.805)
SUPERAntiSpyware (Version: 5.5.1016)
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (Version: 4.0.30319)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update voor Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update voor Windows XP (KB2718704) (Version: 1)
Update voor Windows XP (KB2736233) (Version: 1)
VLC media player 2.0.1 (Version: 2.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live - Hulpprogramma voor uploaden (Version: 14.0.8014.1029)
Windows Live aanmeldhulp (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Management Framework Core
WinRAR 4.10 bčta 4 (32-bit) (Version: 4.10.4)
WinZip 16.5 (Version: 16.5.10096)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 2047.23 MB
Available physical RAM: 1113.42 MB
Total Pagefile: 3943.73 MB
Available Pagefile: 3048.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.66 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:149.04 GB) (Free:121.48 GB) NTFS

========================= Users: ========================================

Gebruikersaccounts voor \\GEBRUIKER2005

Administrator ASPNET Gast
Gebruiker HelpAssistant SUPPORT_388945a0
UpdatusUser
De opdracht is voltooid.


**** End of log ****

I downloaded RKill and it did some things on my pc.

Then I downloaded TDSSKiller.
The log is here:

14:21:20.0609 2844 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
14:21:21.0125 2844 ============================================================
14:21:21.0125 2844 Current date / time: 2012/09/18 14:21:21.0125
14:21:21.0125 2844 SystemInfo:
14:21:21.0125 2844
14:21:21.0125 2844 OS Version: 5.1.2600 ServicePack: 3.0
14:21:21.0125 2844 Product type: Workstation
14:21:21.0125 2844 ComputerName: GEBRUIKER2005
14:21:21.0125 2844 UserName: Gebruiker
14:21:21.0125 2844 Windows directory: C:\WINDOWS
14:21:21.0125 2844 System windows directory: C:\WINDOWS
14:21:21.0125 2844 Processor architecture: Intel x86
14:21:21.0125 2844 Number of processors: 2
14:21:21.0125 2844 Page size: 0x1000
14:21:21.0125 2844 Boot type: Normal boot
14:21:21.0125 2844 ============================================================
14:21:24.0250 2844 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:21:24.0250 2844 ============================================================
14:21:24.0250 2844 \Device\Harddisk0\DR0:
14:21:24.0328 2844 MBR partitions:
14:21:24.0328 2844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
14:21:24.0328 2844 ============================================================
14:21:24.0406 2844 C: <-> \Device\Harddisk0\DR0\Partition1
14:21:24.0406 2844 ============================================================
14:21:24.0406 2844 Initialize success
14:21:24.0406 2844 ============================================================
14:21:42.0640 3836 ============================================================
14:21:42.0640 3836 Scan started
14:21:42.0640 3836 Mode: Manual; TDLFS;
14:21:42.0640 3836 ============================================================
14:21:42.0765 3836 ================ Scan system memory ========================
14:21:42.0765 3836 System memory - ok
14:21:42.0765 3836 ================ Scan services =============================
14:21:42.0812 3836 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:21:43.0031 3836 !SASCORE - ok
14:21:43.0125 3836 Abiosdsk - ok
14:21:43.0125 3836 abp480n5 - ok
14:21:43.0171 3836 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:21:43.0171 3836 ACPI - ok
14:21:43.0203 3836 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:21:43.0203 3836 ACPIEC - ok
14:21:43.0234 3836 [ D13DC8B68779ADA1176A52F39EEF10FF ] Adobe Licensing Console C:\WINDOWS\System32\lnsecsl.exe
14:21:43.0921 3836 Adobe Licensing Console - ok
14:21:43.0984 3836 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:21:44.0062 3836 AdobeFlashPlayerUpdateSvc - ok
14:21:44.0078 3836 adpu160m - ok
14:21:44.0109 3836 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:21:44.0109 3836 aec - ok
14:21:44.0140 3836 [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:21:44.0140 3836 AFD - ok
14:21:44.0156 3836 Aha154x - ok
14:21:44.0156 3836 aic78u2 - ok
14:21:44.0156 3836 aic78xx - ok
14:21:44.0187 3836 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:21:44.0203 3836 Alerter - ok
14:21:44.0234 3836 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe
14:21:44.0234 3836 ALG - ok
14:21:44.0234 3836 AliIde - ok
14:21:44.0234 3836 amsint - ok
14:21:44.0265 3836 [ 434A70FA278EB3C42140E3755C2FA4F8 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:21:44.0265 3836 AppMgmt - ok
14:21:44.0296 3836 [ D2612CDF381B4598AEE84D293D26AFA0 ] AR5523 C:\WINDOWS\system32\DRIVERS\ar5523.sys
14:21:44.0296 3836 AR5523 - ok
14:21:44.0296 3836 asc - ok
14:21:44.0312 3836 asc3350p - ok
14:21:44.0312 3836 asc3550 - ok
14:21:44.0531 3836 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:21:44.0546 3836 aspnet_state - ok
14:21:44.0578 3836 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:21:44.0578 3836 AsyncMac - ok
14:21:44.0609 3836 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:21:44.0609 3836 atapi - ok
14:21:44.0609 3836 Atdisk - ok
14:21:44.0640 3836 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:21:44.0671 3836 Atmarpc - ok
14:21:44.0687 3836 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:21:44.0703 3836 AudioSrv - ok
14:21:44.0734 3836 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:21:44.0734 3836 audstub - ok
14:21:44.0765 3836 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:21:44.0765 3836 Beep - ok
14:21:44.0812 3836 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll
14:21:44.0812 3836 BITS - ok
14:21:44.0859 3836 [ 307DC67231986A9552FA515F1233C1AB ] Browser C:\WINDOWS\System32\browser.dll
14:21:44.0859 3836 Browser - ok
14:21:44.0890 3836 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:21:44.0890 3836 cbidf2k - ok
14:21:44.0890 3836 cd20xrnt - ok
14:21:44.0906 3836 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:21:44.0906 3836 Cdaudio - ok
14:21:44.0953 3836 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:21:44.0953 3836 Cdfs - ok
14:21:44.0968 3836 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:21:44.0968 3836 Cdrom - ok
14:21:44.0968 3836 Changer - ok
14:21:44.0984 3836 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:21:45.0015 3836 CiSvc - ok
14:21:45.0031 3836 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:21:45.0031 3836 ClipSrv - ok
14:21:45.0062 3836 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:21:45.0093 3836 clr_optimization_v2.0.50727_32 - ok
14:21:45.0156 3836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:21:45.0156 3836 clr_optimization_v4.0.30319_32 - ok
14:21:45.0171 3836 CmdIde - ok
14:21:45.0171 3836 COMSysApp - ok
14:21:45.0187 3836 Cpqarray - ok
14:21:45.0218 3836 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:21:45.0218 3836 CryptSvc - ok
14:21:45.0218 3836 dac2w2k - ok
14:21:45.0234 3836 dac960nt - ok
14:21:45.0281 3836 [ D8D28F6CABEC7D42B8E487E290563B9A ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:21:45.0281 3836 DcomLaunch - ok
14:21:45.0296 3836 [ 99F2C23ED213C7E0C10A778CB8E98C3B ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:21:45.0296 3836 Dhcp - ok
14:21:45.0328 3836 [ 47B6AAEC570F2C11D8BAD80A064D8ED1 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:21:45.0328 3836 Disk - ok
14:21:45.0343 3836 dmadmin - ok
14:21:45.0375 3836 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:21:45.0375 3836 dmboot - ok
14:21:45.0390 3836 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:21:45.0390 3836 dmio - ok
14:21:45.0406 3836 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:21:45.0406 3836 dmload - ok
14:21:45.0406 3836 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:21:45.0406 3836 dmserver - ok
14:21:45.0437 3836 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:21:45.0437 3836 DMusic - ok
14:21:45.0453 3836 [ F41AE23847F084F92E283D86C2A9EFCC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:21:45.0453 3836 Dnscache - ok
14:21:45.0468 3836 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:21:45.0515 3836 Dot3svc - ok
14:21:45.0515 3836 dpti2o - ok
14:21:45.0515 3836 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:21:45.0515 3836 drmkaud - ok
14:21:45.0546 3836 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:21:45.0562 3836 EapHost - ok
14:21:45.0578 3836 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:21:45.0578 3836 ERSvc - ok
14:21:45.0593 3836 [ D98A222A707FFE40043E533FE7A6BA24 ] Eventlog C:\WINDOWS\system32\services.exe
14:21:45.0593 3836 Eventlog - ok
14:21:45.0609 3836 [ F6C37073A269C163A5FDAE5BFF47F367 ] EventSystem C:\WINDOWS\system32\es.dll
14:21:45.0609 3836 EventSystem - ok
14:21:45.0640 3836 [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat C:\WINDOWS\system32\drivers\exFat.sys
14:21:45.0687 3836 exFat - ok
14:21:45.0703 3836 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:21:45.0703 3836 Fastfat - ok
14:21:45.0734 3836 [ C28A9E9D28ACDAF8097BE4578C49559B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:21:45.0734 3836 FastUserSwitchingCompatibility - ok
14:21:45.0750 3836 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:21:45.0750 3836 Fdc - ok
14:21:45.0781 3836 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:21:45.0781 3836 Fips - ok
14:21:45.0781 3836 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:21:45.0781 3836 Flpydisk - ok
14:21:45.0828 3836 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:21:45.0828 3836 FltMgr - ok
14:21:45.0890 3836 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:21:45.0890 3836 FontCache3.0.0.0 - ok
14:21:45.0906 3836 [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:21:45.0906 3836 Fs_Rec - ok
14:21:45.0921 3836 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:21:45.0921 3836 Ftdisk - ok
14:21:45.0937 3836 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:21:45.0953 3836 Gpc - ok
14:21:45.0984 3836 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:21:45.0984 3836 HDAudBus - ok
14:21:46.0015 3836 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:21:46.0015 3836 helpsvc - ok
14:21:46.0046 3836 [ 10003105AAB8D5A7DB51A9CB3D9F55A3 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:21:46.0046 3836 HidServ - ok
14:21:46.0062 3836 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:21:46.0062 3836 hidusb - ok
14:21:46.0093 3836 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:21:46.0125 3836 hkmsvc - ok
14:21:46.0125 3836 hpn - ok
14:21:46.0156 3836 [ 937031C085718C1C04A9C0864625EC6B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:21:46.0156 3836 HTTP - ok
14:21:46.0187 3836 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:21:46.0187 3836 HTTPFilter - ok
14:21:46.0187 3836 i2omgmt - ok
14:21:46.0203 3836 i2omp - ok
14:21:46.0234 3836 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:21:46.0234 3836 i8042prt - ok
14:21:46.0312 3836 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:21:46.0484 3836 idsvc - ok
14:21:46.0515 3836 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:21:46.0515 3836 Imapi - ok
14:21:46.0531 3836 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:21:46.0593 3836 ImapiService - ok
14:21:46.0593 3836 ini910u - ok
14:21:46.0734 3836 [ 19D3781892A3794672CD1962F3D8D3B8 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:21:46.0765 3836 IntcAzAudAddService - ok
14:21:46.0765 3836 IntelIde - ok
14:21:46.0796 3836 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:21:46.0796 3836 intelppm - ok
14:21:46.0812 3836 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:21:46.0812 3836 Ip6Fw - ok
14:21:46.0828 3836 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:21:46.0828 3836 IpFilterDriver - ok
14:21:46.0843 3836 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:21:46.0843 3836 IpInIp - ok
14:21:46.0859 3836 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:21:46.0859 3836 IpNat - ok
14:21:46.0890 3836 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:21:46.0890 3836 IPSec - ok
14:21:46.0906 3836 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:21:46.0906 3836 IRENUM - ok
14:21:46.0937 3836 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:21:46.0937 3836 isapnp - ok
14:21:47.0000 3836 [ A456937ACC87BB40D7E2331F1E3A2AC5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:21:47.0000 3836 JavaQuickStarterService - ok
14:21:47.0031 3836 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:21:47.0031 3836 Kbdclass - ok
14:21:47.0031 3836 [ B833B70FE639F01FB36CEDABE57EF031 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:21:47.0046 3836 kbdhid - ok
14:21:47.0062 3836 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:21:47.0062 3836 kmixer - ok
14:21:47.0078 3836 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:21:47.0078 3836 KSecDD - ok
14:21:47.0109 3836 [ AB3C73CFC4D21540C51671EDF6E2C989 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:21:47.0109 3836 LanmanServer - ok
14:21:47.0156 3836 [ F2BB3D20CD27EE6ED1FD5954DE629441 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:21:47.0156 3836 lanmanworkstation - ok
14:21:47.0156 3836 lbrtfdc - ok
14:21:47.0171 3836 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:21:47.0187 3836 LmHosts - ok
14:21:47.0218 3836 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
14:21:47.0250 3836 MBAMProtector - ok
14:21:47.0312 3836 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:21:47.0312 3836 MBAMScheduler - ok
14:21:47.0328 3836 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:21:47.0328 3836 MBAMService - ok
14:21:47.0343 3836 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:21:47.0343 3836 Messenger - ok
14:21:47.0375 3836 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:21:47.0375 3836 mnmdd - ok
14:21:47.0406 3836 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:21:47.0437 3836 mnmsrvc - ok
14:21:47.0453 3836 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:21:47.0453 3836 Modem - ok
14:21:47.0468 3836 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:21:47.0468 3836 Mouclass - ok
14:21:47.0484 3836 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:21:47.0484 3836 mouhid - ok
14:21:47.0500 3836 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:21:47.0500 3836 MountMgr - ok
14:21:47.0531 3836 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:21:47.0593 3836 MozillaMaintenance - ok
14:21:47.0609 3836 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:21:47.0625 3836 MpFilter - ok
14:21:47.0687 3836 [ A69630D039C38018689190234F866D77 ] MpKsl5de60984 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F4C21794-8931-42D0-B43C-45B57410F8DC}\MpKsl5de60984.sys
14:21:47.0687 3836 MpKsl5de60984 - ok
14:21:47.0687 3836 mraid35x - ok
14:21:47.0718 3836 [ 4FEFD389D71126EE581B9F9CB2918BE4 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:21:47.0718 3836 MRxDAV - ok
14:21:47.0734 3836 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:21:47.0734 3836 MRxSmb - ok
14:21:47.0765 3836 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:21:47.0781 3836 MSDTC - ok
14:21:47.0781 3836 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:21:47.0781 3836 Msfs - ok
14:21:47.0796 3836 MSIServer - ok
14:21:47.0812 3836 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:21:47.0812 3836 MSKSSRV - ok
14:21:47.0828 3836 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:21:47.0859 3836 MsMpSvc - ok
14:21:47.0859 3836 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:21:47.0859 3836 mssmbios - ok
14:21:47.0875 3836 [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:21:47.0875 3836 Mup - ok
14:21:47.0890 3836 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll
14:21:47.0937 3836 napagent - ok
14:21:47.0968 3836 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:21:47.0968 3836 NDIS - ok
14:21:47.0968 3836 [ 091735A5F20ACB1DC147383A905AE002 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:21:47.0968 3836 NdisTapi - ok
14:21:47.0984 3836 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:21:47.0984 3836 Ndisuio - ok
14:21:47.0984 3836 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:21:47.0984 3836 NdisWan - ok
14:21:48.0000 3836 [ 816460BD4B4ACD27937D1D0813E2E9E9 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:21:48.0000 3836 NDProxy - ok
14:21:48.0000 3836 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:21:48.0000 3836 NetBIOS - ok
14:21:48.0015 3836 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:21:48.0015 3836 NetBT - ok
14:21:48.0031 3836 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe
14:21:48.0109 3836 NetDDE - ok
14:21:48.0109 3836 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:21:48.0109 3836 NetDDEdsdm - ok
14:21:48.0140 3836 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:21:48.0140 3836 Netlogon - ok
14:21:48.0156 3836 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll
14:21:48.0156 3836 Netman - ok
14:21:48.0187 3836 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:21:48.0203 3836 NetTcpPortSharing - ok
14:21:48.0218 3836 [ 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 ] Nla C:\WINDOWS\System32\mswsock.dll
14:21:48.0218 3836 Nla - ok
14:21:48.0234 3836 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:21:48.0234 3836 Npfs - ok
14:21:48.0250 3836 [ A0857C97770034FD2AF17DC4014B5ABD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:21:48.0250 3836 Ntfs - ok
14:21:48.0265 3836 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:21:48.0265 3836 NtLmSsp - ok
14:21:48.0281 3836 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:21:48.0281 3836 NtmsSvc - ok
14:21:48.0328 3836 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:21:48.0328 3836 Null - ok
14:21:48.0671 3836 [ 7B5A17BD54BB9142843DBE99A1CAAED8 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:21:50.0484 3836 nv - ok
14:21:50.0531 3836 [ 5150B108EA88831E1C599603D8B89621 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
14:21:50.0531 3836 NVSvc - ok
14:21:50.0625 3836 [ 83E8AB7BB3C8956C53FEC071C94F0BBB ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:21:50.0656 3836 nvUpdatusService - ok
14:21:50.0687 3836 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:21:50.0687 3836 NwlnkFlt - ok
14:21:50.0703 3836 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:21:50.0703 3836 NwlnkFwd - ok
14:21:50.0734 3836 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:21:50.0734 3836 Parport - ok
14:21:50.0750 3836 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:21:50.0750 3836 PartMgr - ok
14:21:50.0781 3836 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:21:50.0781 3836 ParVdm - ok
14:21:50.0796 3836 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:21:50.0796 3836 PCI - ok
14:21:50.0796 3836 PCIDump - ok
14:21:50.0796 3836 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:21:50.0812 3836 PCIIde - ok
14:21:50.0828 3836 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:21:50.0828 3836 Pcmcia - ok
14:21:50.0828 3836 PDCOMP - ok
14:21:50.0843 3836 PDFRAME - ok
14:21:50.0843 3836 PDRELI - ok
14:21:50.0843 3836 PDRFRAME - ok
14:21:50.0859 3836 perc2 - ok
14:21:50.0859 3836 perc2hib - ok
14:21:50.0890 3836 [ D98A222A707FFE40043E533FE7A6BA24 ] PlugPlay C:\WINDOWS\system32\services.exe
14:21:50.0890 3836 PlugPlay - ok
14:21:50.0890 3836 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:21:50.0906 3836 PolicyAgent - ok
14:21:50.0937 3836 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:21:50.0937 3836 PptpMiniport - ok
14:21:50.0937 3836 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:21:50.0937 3836 ProtectedStorage - ok
14:21:50.0953 3836 [ D8E11D311785F89F1D70A28B0E879127 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:21:50.0953 3836 PSched - ok
14:21:50.0968 3836 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:21:50.0968 3836 Ptilink - ok
14:21:50.0968 3836 ql1080 - ok
14:21:50.0984 3836 Ql10wnt - ok
14:21:50.0984 3836 ql12160 - ok
14:21:50.0984 3836 ql1240 - ok
14:21:51.0000 3836 ql1280 - ok
14:21:51.0015 3836 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:21:51.0015 3836 RasAcd - ok
14:21:51.0031 3836 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:21:51.0062 3836 RasAuto - ok
14:21:51.0078 3836 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:21:51.0078 3836 Rasl2tp - ok
14:21:51.0093 3836 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll
14:21:51.0093 3836 RasMan - ok
14:21:51.0109 3836 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:21:51.0109 3836 RasPppoe - ok
14:21:51.0109 3836 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:21:51.0109 3836 Raspti - ok
14:21:51.0125 3836 [ 9629383F70DB691CB6AA5BBD828CD9A9 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:21:51.0125 3836 Rdbss - ok
14:21:51.0140 3836 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:21:51.0140 3836 RDPCDD - ok
14:21:51.0171 3836 [ 47EA20320E3D6FDC7B7BB22B2B881CA6 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:21:51.0171 3836 rdpdr - ok
14:21:51.0187 3836 [ C7D9BC54354B8C706ABF172D48313F1B ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:21:51.0203 3836 RDPWD - ok
14:21:51.0234 3836 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:21:51.0265 3836 RDSessMgr - ok
14:21:51.0281 3836 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:21:51.0296 3836 redbook - ok
14:21:51.0312 3836 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:21:51.0359 3836 RemoteAccess - ok
14:21:51.0375 3836 [ 2FD5B89BF9289C774C5C730DEA96CD91 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:21:51.0375 3836 RemoteRegistry - ok
14:21:51.0390 3836 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe
14:21:51.0421 3836 RpcLocator - ok
14:21:51.0453 3836 [ D8D28F6CABEC7D42B8E487E290563B9A ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:21:51.0453 3836 RpcSs - ok
14:21:51.0500 3836 [ 743D7D59767073A617B1DCC6C546F234 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
14:21:51.0531 3836 rspndr - ok
14:21:51.0546 3836 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:21:51.0593 3836 RSVP - ok
14:21:51.0625 3836 [ 6E7470477D08F6E47E91016D6A1C5A5F ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
14:21:51.0656 3836 RTLE8023xp - ok
14:21:51.0687 3836 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe
14:21:51.0687 3836 SamSs - ok
14:21:51.0718 3836 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:21:51.0765 3836 SASDIFSV - ok
14:21:51.0781 3836 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:21:51.0812 3836 SASKUTIL - ok
14:21:51.0843 3836 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:21:51.0906 3836 SCardSvr - ok
14:21:51.0921 3836 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:21:51.0921 3836 Schedule - ok
14:21:51.0953 3836 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:21:51.0968 3836 Secdrv - ok
14:21:51.0984 3836 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll
14:21:51.0984 3836 seclogon - ok
14:21:52.0000 3836 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll
14:21:52.0000 3836 SENS - ok
14:21:52.0000 3836 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:21:52.0000 3836 serenum - ok
14:21:52.0015 3836 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:21:52.0015 3836 Serial - ok
14:21:52.0062 3836 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:21:52.0062 3836 Sfloppy - ok
14:21:52.0078 3836 [ FB728CFE87FF4A3ABA0AA526B553D877 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:21:52.0078 3836 SharedAccess - ok
14:21:52.0093 3836 [ C28A9E9D28ACDAF8097BE4578C49559B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:21:52.0093 3836 ShellHWDetection - ok
14:21:52.0093 3836 Simbad - ok
14:21:52.0109 3836 Sparrow - ok
14:21:52.0125 3836 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:21:52.0125 3836 splitter - ok
14:21:52.0156 3836 [ 258DD5D4283FD9F9A7166BE9AE45CE73 ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:21:52.0156 3836 Spooler - ok
14:21:52.0203 3836 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:21:52.0203 3836 sr - ok
14:21:52.0218 3836 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll
14:21:52.0218 3836 srservice - ok
14:21:52.0218 3836 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:21:52.0218 3836 Srv - ok
14:21:52.0265 3836 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:21:52.0265 3836 SSDPSRV - ok
14:21:52.0312 3836 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:21:52.0312 3836 stisvc - ok
14:21:52.0328 3836 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:21:52.0328 3836 swenum - ok
14:21:52.0328 3836 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:21:52.0328 3836 swmidi - ok
14:21:52.0328 3836 SwPrv - ok
14:21:52.0343 3836 symc810 - ok
14:21:52.0343 3836 symc8xx - ok
14:21:52.0343 3836 sym_hi - ok
14:21:52.0359 3836 sym_u3 - ok
14:21:52.0359 3836 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:21:52.0359 3836 sysaudio - ok
14:21:52.0390 3836 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:21:52.0421 3836 SysmonLog - ok
14:21:52.0453 3836 [ ABAEC91155E18BE1215B9170EE6B2F13 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:21:52.0453 3836 TapiSrv - ok
14:21:52.0484 3836 [ AD978A1B783B5719720CFF204B666C8E ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:21:52.0484 3836 Tcpip - ok
14:21:52.0515 3836 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:21:52.0515 3836 TDPIPE - ok
14:21:52.0515 3836 [ C0578456F29E5F26285F81B7B71FE57D ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:21:52.0515 3836 TDTCP - ok
14:21:52.0531 3836 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:21:52.0531 3836 TermDD - ok
14:21:52.0562 3836 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll
14:21:52.0562 3836 TermService - ok
14:21:52.0578 3836 [ C28A9E9D28ACDAF8097BE4578C49559B ] Themes C:\WINDOWS\System32\shsvcs.dll
14:21:52.0578 3836 Themes - ok
14:21:52.0593 3836 [ 78A2FE13662A119875F10E9FFCB49A8F ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:21:52.0625 3836 TlntSvr - ok
14:21:52.0625 3836 TosIde - ok
14:21:52.0656 3836 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:21:52.0656 3836 TrkWks - ok
14:21:52.0687 3836 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:21:52.0687 3836 Udfs - ok
14:21:52.0687 3836 ultra - ok
14:21:52.0718 3836 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:21:52.0718 3836 Update - ok
14:21:52.0734 3836 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll
14:21:52.0734 3836 upnphost - ok
14:21:52.0750 3836 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe
14:21:52.0796 3836 UPS - ok
14:21:52.0812 3836 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:21:52.0812 3836 usbccgp - ok
14:21:52.0843 3836 [ 52674B5DBEE499342A599C7771ABECAA ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:21:52.0843 3836 usbehci - ok
14:21:52.0875 3836 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:21:52.0875 3836 usbhub - ok
14:21:52.0906 3836 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:21:52.0906 3836 USBSTOR - ok
14:21:52.0937 3836 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:21:52.0937 3836 usbuhci - ok
14:21:52.0937 3836 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:21:52.0937 3836 VgaSave - ok
14:21:52.0937 3836 ViaIde - ok
14:21:52.0984 3836 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:21:52.0984 3836 VolSnap - ok
14:21:53.0000 3836 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe
14:21:53.0046 3836 VSS - ok
14:21:53.0078 3836 [ 99BDD2DFF6F04482B738A90D74688212 ] W32Time C:\WINDOWS\system32\w32time.dll
14:21:53.0078 3836 W32Time - ok
14:21:53.0093 3836 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:21:53.0093 3836 Wanarp - ok
14:21:53.0093 3836 WDICA - ok
14:21:53.0109 3836 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:21:53.0109 3836 wdmaud - ok
14:21:53.0125 3836 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:21:53.0140 3836 WebClient - ok
14:21:53.0203 3836 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:21:53.0203 3836 winmgmt - ok
14:21:53.0250 3836 [ 250F8D15406269CB3A690B4A4859D92D ] WinRM C:\WINDOWS\system32\WsmSvc.dll
14:21:53.0312 3836 WinRM - ok
14:21:53.0343 3836 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
14:21:53.0343 3836 WmdmPmSN - ok
14:21:53.0390 3836 [ 3EC0FFE81CCCC9B694F5FDF4363F13BF ] Wmi C:\WINDOWS\System32\advapi32.dll
14:21:53.0390 3836 Wmi - ok
14:21:53.0437 3836 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:21:53.0500 3836 WmiApSrv - ok
14:21:53.0562 3836 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:21:53.0781 3836 WMPNetworkSvc - ok
14:21:53.0859 3836 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:21:53.0890 3836 WPFFontCache_v0400 - ok
14:21:53.0921 3836 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:21:53.0921 3836 wscsvc - ok
14:21:53.0953 3836 [ 02E4055488047729B333F99D93877038 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:21:53.0953 3836 wuauserv - ok
14:21:53.0984 3836 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:21:54.0031 3836 WudfPf - ok
14:21:54.0062 3836 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:21:54.0093 3836 WudfRd - ok
14:21:54.0093 3836 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:21:54.0109 3836 WudfSvc - ok
14:21:54.0140 3836 [ 991E417C2D3D07260757F165A8F40589 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:21:54.0156 3836 WZCSVC - ok
14:21:54.0171 3836 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:21:54.0171 3836 xmlprov - ok
14:21:54.0187 3836 ================ Scan global ===============================
14:21:54.0203 3836 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll
14:21:54.0250 3836 [ FB074121388B69F4CCDF4B1BAC86DDAB ] C:\WINDOWS\system32\winsrv.dll
14:21:54.0250 3836 [ FB074121388B69F4CCDF4B1BAC86DDAB ] C:\WINDOWS\system32\winsrv.dll
14:21:54.0281 3836 [ D98A222A707FFE40043E533FE7A6BA24 ] C:\WINDOWS\system32\services.exe
14:21:54.0281 3836 [Global] - ok
14:21:54.0281 3836 ================ Scan MBR ==================================
14:21:54.0312 3836 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
14:21:54.0515 3836 \Device\Harddisk0\DR0 - ok
14:21:54.0515 3836 ================ Scan VBR ==================================
14:21:54.0515 3836 [ 178103E8C5E8C06EBE2D1846FAB24B05 ] \Device\Harddisk0\DR0\Partition1
14:21:54.0515 3836 \Device\Harddisk0\DR0\Partition1 - ok
14:21:54.0515 3836 ============================================================
14:21:54.0515 3836 Scan finished
14:21:54.0515 3836 ============================================================
14:21:54.0531 2660 Detected object count: 0
14:21:54.0531 2660 Actual detected object count: 0

And last, the log of aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-18 14:23:32
-----------------------------
14:23:32.734 OS Version: Windows 5.1.2600 Service Pack 3
14:23:32.734 Number of processors: 2 586 0x170A
14:23:32.734 ComputerName: GEBRUIKER2005 UserName: Gebruiker
14:23:33.343 Initialize success
14:23:43.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:23:43.796 Disk 0 Vendor: WDC_WD1600AAJS-22PSA0 05.06H05 Size: 152627MB BusType: 3
14:23:43.812 Disk 0 MBR read successfully
14:23:43.812 Disk 0 MBR scan
14:23:43.812 Disk 0 Windows XP default MBR code
14:23:43.812 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
14:23:43.812 Disk 0 scanning sectors +312560640
14:23:43.890 Disk 0 scanning C:\WINDOWS\system32\drivers
14:23:47.406 Service scanning
14:23:50.406 Service MpKsl5de60984 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F4C21794-8931-42D0-B43C-45B57410F8DC}\MpKsl5de60984.sys **LOCKED** 32
14:23:54.125 Modules scanning
14:23:56.765 Disk 0 trace - called modules:
14:23:56.812 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
14:23:56.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89c10ab8]
14:23:56.812 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000005f[0x89bbb1a8]
14:23:56.812 5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89c1a030]
14:23:56.812 Scan finished successfully
14:24:03.375 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\MBR.dat"
14:24:03.375 The log file has been saved successfully to "C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\aswMBR.txt"

#4 iLoveElectro

iLoveElectro
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 18 September 2012 - 08:02 AM

The problem seems to be solved... I don't know if it was because of one of the programs you told me to download, but the problems seems to be gone.

Thank you very much, boopme!

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:49 PM

Posted 18 September 2012 - 10:09 AM

It may have been as simple as this
•Flush DNS

•Report IE Proxy Settings

•Reset IE Proxy Settings

•Report FF Proxy Settings

•Reset FF Proxy Settings

Give it a couple days.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 iLoveElectro

iLoveElectro
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 19 September 2012 - 08:16 AM

Damn, it's back. I'll try MiniToolBox again.

-OK, it was RKill to fix the thing for a while.

Edited by iLoveElectro, 19 September 2012 - 08:23 AM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:49 PM

Posted 19 September 2012 - 03:45 PM

I think we have some thing else..

Download Bootkit Remover to your Desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 iLoveElectro

iLoveElectro
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 23 September 2012 - 02:28 PM

I wasn't able to paste it!

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:49 PM

Posted 23 September 2012 - 02:54 PM

OK, appears we will need a deeper look. Please go here....Preparation Guide ,do steps 6-9.
name the new topic possible Bootkit.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users