Ga naar inhoud

johnnyvtz1990

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    116

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door johnnyvtz1990

  1. johnnyvtz1990
    Opstarten werkt nog steeds traag. Er staan wel wat services aangevinkt bij ms config. Ook de qttask van Quick Time staat steeds aangevinkt terwijl ik die een tijdje terug heb uitgezet. Enig idee hoe ik de qttask van Quick Time uitzet? Heb je ook nog een advies welke services ik nog uit kan zetten? Ik maak wel gebruik van draadloos internet en een printer.
  2. johnnyvtz1990
    Hier mijn combofix log ComboFix 12-06-21.03 - Eigenaar 22-06-2012 13:24:20.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.8 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: McAfee Antivirus en antispyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\invokesi.exe c:\documents and settings\Eigenaar\Application Data\PriceGong c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\1.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\a.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\b.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\c.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\d.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\e.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\f.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\g.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\h.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\i.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\j.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\k.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\l.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\m.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\n.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\o.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\p.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\q.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\r.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\s.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\t.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\u.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\v.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\w.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\wlu.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\x.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\y.txt c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\z.txt c:\documents and settings\Eigenaar\WINDOWS c:\windows\IsUn0413.exe c:\windows\unin0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-22 to 2012-06-22 )))))))))))))))))))))))))))))) . . 2012-06-22 09:58 . 2012-06-22 09:58 -------- d--h--r- c:\documents and settings\Eigenaar\Onlangs geopend 2012-06-18 12:01 . 2012-06-19 20:30 -------- d-----w- c:\documents and settings\Eigenaar\Tracing 2012-06-18 11:58 . 2012-06-18 11:58 -------- d-----w- c:\program files\Windows Live SkyDrive 2012-06-18 11:54 . 2012-06-18 11:54 -------- d-----w- c:\program files\Common Files\Windows Live 2012-06-13 08:41 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-08 11:57 . 2012-06-08 12:05 -------- d-----w- c:\program files\Tomb Raider - Legend 2012-06-01 17:54 . 2012-06-01 17:54 -------- d-----w- c:\program files\SystemRequirementsLab 2012-06-01 17:54 . 2012-06-01 17:54 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab 2012-05-28 09:37 . 2012-05-28 09:37 -------- d-----w- c:\program files\Core Design . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-02 13:19 . 2008-10-16 13:07 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2009-01-30 11:10 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2009-01-30 11:10 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2009-01-30 11:10 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2009-01-30 11:10 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2009-01-30 11:10 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-10-16 13:09 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2008-04-14 20:32 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2008-10-16 13:08 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2009-01-30 11:10 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2008-10-16 13:08 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2009-01-30 11:10 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2008-10-16 13:09 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2009-10-14 15:04 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2009-10-14 15:04 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2009-10-14 15:04 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2008-04-14 20:32 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2008-04-14 20:32 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:55 . 2008-04-14 20:05 1863296 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:44 . 2008-04-14 20:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 14:44 . 2008-04-14 20:32 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 11:39 . 2008-04-14 20:05 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 11:03 . 2012-04-14 18:22 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 11:03 . 2011-05-22 18:27 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-05 03:15 . 2008-04-14 20:11 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2008-04-14 22:11 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:47 . 2009-01-30 11:08 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-04 13:56 . 2012-03-18 09:20 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 5898240] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-03-16 421888] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 17:43 69632 ----a-w- c:\windows\Alcmtr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] 2006-05-04 15:26 2808832 ----a-w- c:\windows\alcwzrd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 20:32 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dcmsvc] 2009-04-07 12:53 30440 ----a-w- c:\program files\dcmsvc\dcmsvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2012-04-04 13:56 462408 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2009-01-30 12:04 5898240 ----a-w- c:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2009-01-30 12:04 86016 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2009-01-30 12:04 1519616 ----a-w- c:\windows\system32\nwiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-03-16 13:30 421888 ----a-w- c:\program files\QuickTime\qttask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 17:04 2879488 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2006-07-21 15:14 86016 ----a-w- c:\windows\SoundMan.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20] 2009-01-30 12:04 200704 ----a-w- c:\windows\system32\sw20.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24] 2009-01-30 12:04 69632 ----a-w- c:\windows\system32\sw24.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WinDefend"=2 (0x2) "TapiSrv"=3 (0x3) "usnjsvc"=3 (0x3) "McShield"=2 (0x2) "ICQ Service"=2 (0x2) "gupdate1c983bb9f60c6d4"=2 (0x2) "gusvc"=2 (0x2) "aspnet_state"=3 (0x3) "clr_optimization_v2.0.50727_32"=3 (0x3) "WMPNetworkSvc"=3 (0x3) "WLSetupSvc"=3 (0x3) "gupdatem"=3 (0x3) "JavaQuickStarterService"=2 (0x2) "WebClient"=2 (0x2) "MDM"=2 (0x2) "RasAuto"=3 (0x3) "RSVP"=3 (0x3) "WSearch"=2 (0x2) "LmHosts"=2 (0x2) "SamSs"=2 (0x2) "seclogon"=2 (0x2) "ose"=3 (0x3) "Netlogon"=3 (0x3) "NtLmSsp"=3 (0x3) "clr_optimization_v4.0.30319_32"=2 (0x2) "Microsoft Office Groove Audit Service"=3 (0x3) "odserv"=3 (0x3) "IDriverT"=3 (0x3) "EhttpSrv"=3 (0x3) "TuneUp.UtilitiesSvc"=2 (0x2) "MBAMService"=2 (0x2) "AdobeFlashPlayerUpdateSvc"=3 (0x3) "NAUpdate"=2 (0x2) "ekrn"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\ICQ6.5\\ICQ.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Cyanide\\Cycling Manager 3\\CYM2003.EXE"= "%windir%\explorer.exe"= %windir%\explorer.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29-7-2010 13:31 115008] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3-8-2010 13:28 95896] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12-8-2010 14:16 810144] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18-3-2012 11:20 22344] S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14-4-2012 20:22 257696] S4 gupdate1c983bb9f60c6d4;Google Update Service (gupdate1c983bb9f60c6d4);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2009 17:50 133104] S4 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2009 17:50 133104] S4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe --> c:\program files\ICQ6Toolbar\ICQ Service.exe [?] S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18-3-2012 11:20 654408] S4 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [23-9-2011 18:37 641832] . Inhoud van de 'Gedeelde Taken' map . 2012-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 11:03] . 2012-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-01-31 15:49] . 2012-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-01-31 15:49] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mSearch Bar = hxxp://www.google.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://91.209.137.70:443/activex/AMC.cab . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-Bar - c:\documents and settings\Eigenaar\Local Settings\Temporary Internet Files\Content.IE5\C138V67J\SETUP[1].exe MSConfigStartUp-DealAssistant - c:\documents and settings\Eigenaar\Application Data\DealAssistant\dealassistant.exe MSConfigStartUp-Windows Defender - c:\program files\Windows Defender\MSASCui.exe AddRemove-Competitie Manager 2000 - c:\program files\Davilex\Shared\UNINST32.EXE AddRemove-Euro 2000 - c:\windows\IsUn0413.exe AddRemove-DealAssistant - c:\documents and settings\Eigenaar\Application Data\DealAssistant\dealassistant.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-22 13:34 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Eset\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) @SACL= "AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\" "DataDir"="ESET\\ESET NOD32 Antivirus\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\" "LanguageId"=dword:00000413 "PackageTag"=dword:6090e758 "ProductBase"=dword:00000000 "ProductCode"="{C8867FA8-526F-4C5A-BCE4-1FB33B637A9B}" "ProductName"="ESET NOD32 Antivirus" "ProductType"="eav" "ProductVersion"="4.2.64.12" "UniqueId"="000927CF4E31C074" "ScannerBuild"=dword:00001dd3 "ScannerVersionId"=dword:000014f0 "ScannerVersion"="Locked/open ESET for status." "ei2"=hex(:c0,7d,84,84,a5,71,a4,62 "ei1"=hex(:00,11,11,7f,00,db,00,00 "ei3"=hex(:7e,4e,6a,4e,00,00,00,00 "ei4"=dword:00000002 . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Voltooingstijd: 2012-06-22 13:38:00 ComboFix-quarantined-files.txt 2012-06-22 11:37 . Pre-Run: 98.023.391.232 bytes beschikbaar Post-Run: 98.341.654.528 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - BADE3BDF54C35ABE3712777FC9F38C2D
  3. johnnyvtz1990
    Mijn muiscursor wil nog wel is verspringen of trillen. Ligt denk ik niet aan de muis. Ook mijn pc start traag op. Het rode lampje blijft een tijdje branden en je hoort hem dan ook laden. Ik heb hier een logje gemaakt alvast. Zijn er nog ander mogelijkheden om deze problemen te verhelpen? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:59:12, on 22-6-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://www.fctwente.nl/twenteradio/AxisCamControl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://91.209.137.70:443/activex/AMC.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5275 bytes
  4. johnnyvtz1990
    Ja dat snap ik maar ook hierbij geeft ie het icoontje aan van ''geen verbinding''. Ik wil het oplopende icoontje weer terughebben.
  5. johnnyvtz1990
    Kunt u precies uitleggen waar ik dat moet doen?
  6. johnnyvtz1990
    Mijn laptop geeft dit icoontje weer terwijl ik wel gewoon internet heb. Ook als ik er met de cursus naar toe gaat geef hij gewoon aan verbonden evenals in het netwerkcentrum. Weet iemand hoe de oplopende staafdiagram weer kan terug krijgen als icoontje.
  7. johnnyvtz1990
    Mijn Windows XP pc van 7 jaar oud start wat traag op, het rode lampje blijft een tijdje aan staan en je hoord hem laden. Voornamelijk ondervind ik problemen bij hotmail en google maps wat niet optimaal werkt op mijn pc. Heb al verschillende programma's in ms config uitgezet die veilig zijn om uit te zetten Heeft iemand nog evt. suggessties van programma's die uit kunnen worden gezet in ms config? beschik wel over een draadloos netwerk waar mijn laptop op draait. Heb malawarebytes al volledig laten doorscannen. Hier een Hijack this log can saved at 20:58:04, on 20-3-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://www.fctwente.nl/twenteradio/AxisCamControl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://91.209.137.70:443/activex/AMC.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6708 bytes
  8. johnnyvtz1990
    Beste Kape, Op het moment ondervind ik geen problemen van de melding. Hier nog een paar vraagjes: Moet ik evt. nog meer programma's installeren om zekerheid te krijgen dat mijn laptop weer schoon is? Malaware gaf deze melding na het doorzoeken van mijn usb stick: 9-3-2012 9:43:17 Real-timebeveiliging van bestandssysteem bestand F:\U3ROM\system.exe Win32/Bflient.K worm opgeschoond door te verwijderen - in quarantaine geplaatst NT AUTHORITY\SYSTEM Gebeurtenis opgetreden tijdens poging om het bestand te openen door programma: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe. Kan deze weer uit de quarantaine verwijderd worden?
  9. johnnyvtz1990
    Op het moment niet ik weet alleen niet wat er opeens met die youtube filmpjes is dat als ik ze doorspoel ze de melding geven. Dit filmpje kan niet geladen worden probeer het later opnieuw.
  10. johnnyvtz1990
    Hier de inhoud van het logje. Ik had zelf het idee dat internet wat trager werkte, maar mijn provider geeft de normale snelheid aan die die normaal ook aangeeft. Maar dat kan ook een idee van mijzelf zijn. Maar denk niet dat het door die aanval komt. Als ik youtube filmpjes doorspoel geeft die soms de melding: kan dit filmpje niet afspelen probeer dit later opnieuw. 21:01:57.0413 4004 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39 21:01:57.0694 4004 ============================================================ 21:01:57.0694 4004 Current date / time: 2012/03/08 21:01:57.0694 21:01:57.0694 4004 SystemInfo: 21:01:57.0694 4004 21:01:57.0694 4004 OS Version: 6.1.7601 ServicePack: 1.0 21:01:57.0694 4004 Product type: Workstation 21:01:57.0694 4004 ComputerName: JOHNNY-TOSH 21:01:57.0694 4004 UserName: Johnny 21:01:57.0694 4004 Windows directory: C:\Windows 21:01:57.0694 4004 System windows directory: C:\Windows 21:01:57.0694 4004 Running under WOW64 21:01:57.0694 4004 Processor architecture: Intel x64 21:01:57.0694 4004 Number of processors: 2 21:01:57.0694 4004 Page size: 0x1000 21:01:57.0694 4004 Boot type: Normal boot 21:01:57.0694 4004 ============================================================ 21:01:59.0020 4004 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:01:59.0036 4004 \Device\Harddisk0\DR0: 21:01:59.0036 4004 MBR used 21:01:59.0036 4004 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0xE86C000 21:01:59.0036 4004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xE934800, BlocksNum 0xE890800 21:01:59.0082 4004 Initialize success 21:01:59.0082 4004 ============================================================ 21:02:13.0247 4044 ============================================================ 21:02:13.0247 4044 Scan started 21:02:13.0247 4044 Mode: Manual; 21:02:13.0247 4044 ============================================================ 21:02:14.0012 4044 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 21:02:14.0105 4044 1394ohci - ok 21:02:14.0308 4044 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 21:02:14.0339 4044 ACPI - ok 21:02:14.0495 4044 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 21:02:14.0542 4044 AcpiPmi - ok 21:02:15.0369 4044 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 21:02:15.0431 4044 adp94xx - ok 21:02:15.0618 4044 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 21:02:15.0681 4044 adpahci - ok 21:02:15.0868 4044 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 21:02:15.0884 4044 adpu320 - ok 21:02:16.0071 4044 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 21:02:16.0071 4044 AFD - ok 21:02:16.0305 4044 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 21:02:16.0352 4044 agp440 - ok 21:02:16.0539 4044 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 21:02:16.0570 4044 aliide - ok 21:02:16.0757 4044 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 21:02:16.0820 4044 amdide - ok 21:02:16.0976 4044 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 21:02:17.0007 4044 AmdK8 - ok 21:02:17.0116 4044 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 21:02:17.0163 4044 AmdPPM - ok 21:02:17.0319 4044 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 21:02:17.0366 4044 amdsata - ok 21:02:17.0522 4044 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 21:02:17.0553 4044 amdsbs - ok 21:02:17.0709 4044 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 21:02:17.0740 4044 amdxata - ok 21:02:17.0927 4044 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 21:02:17.0958 4044 AppID - ok 21:02:18.0146 4044 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 21:02:18.0208 4044 arc - ok 21:02:18.0380 4044 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 21:02:18.0380 4044 arcsas - ok 21:02:18.0598 4044 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 21:02:18.0614 4044 AsyncMac - ok 21:02:18.0879 4044 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 21:02:18.0910 4044 atapi - ok 21:02:19.0206 4044 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys 21:02:19.0284 4044 athr - ok 21:02:19.0456 4044 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 21:02:19.0472 4044 b06bdrv - ok 21:02:19.0659 4044 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 21:02:19.0706 4044 b57nd60a - ok 21:02:19.0830 4044 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 21:02:19.0830 4044 Beep - ok 21:02:20.0049 4044 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 21:02:20.0080 4044 blbdrive - ok 21:02:20.0220 4044 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 21:02:20.0267 4044 bowser - ok 21:02:20.0423 4044 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:02:20.0423 4044 BrFiltLo - ok 21:02:20.0610 4044 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:02:20.0610 4044 BrFiltUp - ok 21:02:20.0798 4044 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 21:02:20.0829 4044 Brserid - ok 21:02:20.0969 4044 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 21:02:21.0032 4044 BrSerWdm - ok 21:02:21.0172 4044 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 21:02:21.0203 4044 BrUsbMdm - ok 21:02:21.0312 4044 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 21:02:21.0328 4044 BrUsbSer - ok 21:02:21.0562 4044 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 21:02:21.0609 4044 BTHMODEM - ok 21:02:21.0843 4044 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 21:02:21.0858 4044 cdfs - ok 21:02:22.0014 4044 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 21:02:22.0061 4044 cdrom - ok 21:02:22.0264 4044 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 21:02:22.0280 4044 circlass - ok 21:02:22.0404 4044 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 21:02:22.0467 4044 CLFS - ok 21:02:22.0654 4044 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 21:02:22.0685 4044 CmBatt - ok 21:02:22.0872 4044 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 21:02:22.0919 4044 cmdide - ok 21:02:23.0106 4044 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 21:02:23.0153 4044 CNG - ok 21:02:23.0340 4044 CnxtHdAudService (7247a4d0875f5f28919e0787e11b7b57) C:\Windows\system32\drivers\CHDRT64.sys 21:02:23.0356 4044 CnxtHdAudService - ok 21:02:23.0543 4044 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 21:02:23.0559 4044 Compbatt - ok 21:02:23.0855 4044 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 21:02:23.0855 4044 CompositeBus - ok 21:02:24.0027 4044 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 21:02:24.0042 4044 crcdisk - ok 21:02:24.0370 4044 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 21:02:24.0370 4044 DfsC - ok 21:02:24.0635 4044 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 21:02:24.0682 4044 discache - ok 21:02:24.0869 4044 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 21:02:24.0900 4044 Disk - ok 21:02:25.0010 4044 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 21:02:25.0025 4044 drmkaud - ok 21:02:25.0166 4044 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 21:02:25.0166 4044 DXGKrnl - ok 21:02:25.0290 4044 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys 21:02:25.0290 4044 eamonm - ok 21:02:25.0836 4044 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 21:02:25.0992 4044 ebdrv - ok 21:02:26.0211 4044 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys 21:02:26.0258 4044 ehdrv - ok 21:02:26.0538 4044 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 21:02:26.0554 4044 elxstor - ok 21:02:26.0710 4044 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys 21:02:26.0757 4044 epfwwfpr - ok 21:02:26.0913 4044 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 21:02:26.0960 4044 ErrDev - ok 21:02:27.0178 4044 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 21:02:27.0256 4044 exfat - ok 21:02:27.0412 4044 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 21:02:27.0459 4044 fastfat - ok 21:02:27.0599 4044 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 21:02:27.0662 4044 fdc - ok 21:02:27.0818 4044 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 21:02:27.0849 4044 FileInfo - ok 21:02:28.0067 4044 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 21:02:28.0114 4044 Filetrace - ok 21:02:28.0317 4044 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 21:02:28.0317 4044 flpydisk - ok 21:02:28.0488 4044 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 21:02:28.0535 4044 FltMgr - ok 21:02:28.0754 4044 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 21:02:28.0785 4044 FsDepends - ok 21:02:29.0034 4044 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 21:02:29.0097 4044 fssfltr - ok 21:02:29.0284 4044 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 21:02:29.0300 4044 Fs_Rec - ok 21:02:29.0565 4044 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 21:02:29.0612 4044 fvevol - ok 21:02:29.0783 4044 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\Windows\system32\DRIVERS\FwLnk.sys 21:02:29.0830 4044 FwLnk - ok 21:02:30.0033 4044 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 21:02:30.0111 4044 gagp30kx - ok 21:02:30.0329 4044 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 21:02:30.0329 4044 hcw85cir - ok 21:02:30.0579 4044 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 21:02:30.0579 4044 HdAudAddService - ok 21:02:30.0750 4044 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 21:02:30.0750 4044 HDAudBus - ok 21:02:30.0875 4044 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 21:02:30.0938 4044 HidBatt - ok 21:02:31.0125 4044 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 21:02:31.0156 4044 HidBth - ok 21:02:31.0312 4044 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 21:02:31.0359 4044 HidIr - ok 21:02:31.0499 4044 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 21:02:31.0562 4044 HidUsb - ok 21:02:31.0733 4044 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 21:02:31.0733 4044 HpSAMD - ok 21:02:32.0014 4044 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 21:02:32.0061 4044 HTTP - ok 21:02:32.0217 4044 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 21:02:32.0248 4044 hwpolicy - ok 21:02:32.0451 4044 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 21:02:32.0498 4044 i8042prt - ok 21:02:32.0747 4044 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys 21:02:32.0763 4044 iaStor - ok 21:02:32.0997 4044 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 21:02:33.0059 4044 iaStorV - ok 21:02:33.0808 4044 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys 21:02:34.0104 4044 igfx - ok 21:02:34.0338 4044 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 21:02:34.0338 4044 iirsp - ok 21:02:34.0526 4044 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 21:02:34.0557 4044 intelide - ok 21:02:34.0791 4044 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 21:02:34.0791 4044 intelppm - ok 21:02:35.0087 4044 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:02:35.0118 4044 IpFilterDriver - ok 21:02:35.0290 4044 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 21:02:35.0290 4044 IPMIDRV - ok 21:02:35.0524 4044 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 21:02:35.0555 4044 IPNAT - ok 21:02:35.0774 4044 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 21:02:35.0774 4044 IRENUM - ok 21:02:36.0132 4044 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 21:02:36.0164 4044 isapnp - ok 21:02:36.0335 4044 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 21:02:36.0382 4044 iScsiPrt - ok 21:02:36.0554 4044 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 21:02:36.0585 4044 kbdclass - ok 21:02:36.0710 4044 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 21:02:36.0725 4044 kbdhid - ok 21:02:36.0975 4044 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 21:02:36.0975 4044 KSecDD - ok 21:02:37.0271 4044 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 21:02:37.0302 4044 KSecPkg - ok 21:02:37.0443 4044 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 21:02:37.0490 4044 ksthunk - ok 21:02:37.0755 4044 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys 21:02:37.0802 4044 L1C - ok 21:02:38.0020 4044 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 21:02:38.0067 4044 lltdio - ok 21:02:38.0254 4044 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 21:02:38.0285 4044 LSI_FC - ok 21:02:38.0457 4044 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 21:02:38.0488 4044 LSI_SAS - ok 21:02:38.0706 4044 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:02:38.0738 4044 LSI_SAS2 - ok 21:02:38.0909 4044 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:02:38.0940 4044 LSI_SCSI - ok 21:02:39.0221 4044 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 21:02:39.0221 4044 luafv - ok 21:02:39.0455 4044 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 21:02:39.0455 4044 MBAMProtector - ok 21:02:39.0627 4044 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 21:02:39.0705 4044 megasas - ok 21:02:39.0845 4044 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 21:02:39.0892 4044 MegaSR - ok 21:02:40.0110 4044 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 21:02:40.0110 4044 Modem - ok 21:02:40.0329 4044 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 21:02:40.0360 4044 monitor - ok 21:02:40.0454 4044 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 21:02:40.0454 4044 mouclass - ok 21:02:40.0594 4044 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 21:02:40.0594 4044 mouhid - ok 21:02:40.0750 4044 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 21:02:40.0797 4044 mountmgr - ok 21:02:40.0984 4044 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 21:02:41.0000 4044 mpio - ok 21:02:41.0156 4044 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 21:02:41.0202 4044 mpsdrv - ok 21:02:41.0327 4044 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 21:02:41.0343 4044 MRxDAV - ok 21:02:41.0546 4044 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:02:41.0577 4044 mrxsmb - ok 21:02:41.0795 4044 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:02:41.0826 4044 mrxsmb10 - ok 21:02:41.0982 4044 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:02:42.0029 4044 mrxsmb20 - ok 21:02:42.0201 4044 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 21:02:42.0232 4044 msahci - ok 21:02:42.0341 4044 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 21:02:42.0388 4044 msdsm - ok 21:02:42.0544 4044 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 21:02:42.0560 4044 Msfs - ok 21:02:42.0731 4044 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 21:02:42.0731 4044 mshidkmdf - ok 21:02:42.0903 4044 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 21:02:42.0934 4044 msisadrv - ok 21:02:43.0121 4044 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 21:02:43.0121 4044 MSKSSRV - ok 21:02:43.0386 4044 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 21:02:43.0386 4044 MSPCLOCK - ok 21:02:43.0574 4044 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 21:02:43.0605 4044 MSPQM - ok 21:02:43.0745 4044 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 21:02:43.0745 4044 MsRPC - ok 21:02:44.0042 4044 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 21:02:44.0042 4044 mssmbios - ok 21:02:44.0260 4044 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 21:02:44.0260 4044 MSTEE - ok 21:02:44.0385 4044 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 21:02:44.0432 4044 MTConfig - ok 21:02:44.0681 4044 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 21:02:44.0712 4044 Mup - ok 21:02:44.0868 4044 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 21:02:44.0931 4044 NativeWifiP - ok 21:02:45.0102 4044 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 21:02:45.0149 4044 NDIS - ok 21:02:45.0290 4044 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 21:02:45.0321 4044 NdisCap - ok 21:02:45.0446 4044 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 21:02:45.0446 4044 NdisTapi - ok 21:02:45.0617 4044 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 21:02:45.0633 4044 Ndisuio - ok 21:02:45.0773 4044 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 21:02:45.0804 4044 NdisWan - ok 21:02:45.0976 4044 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 21:02:46.0054 4044 NDProxy - ok 21:02:46.0319 4044 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 21:02:46.0350 4044 NetBIOS - ok 21:02:46.0475 4044 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 21:02:46.0506 4044 NetBT - ok 21:02:46.0772 4044 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 21:02:46.0834 4044 nfrd960 - ok 21:02:46.0990 4044 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 21:02:47.0021 4044 Npfs - ok 21:02:47.0224 4044 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 21:02:47.0224 4044 nsiproxy - ok 21:02:47.0427 4044 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 21:02:47.0505 4044 Ntfs - ok 21:02:47.0661 4044 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 21:02:47.0692 4044 Null - ok 21:02:47.0895 4044 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 21:02:48.0004 4044 nvraid - ok 21:02:48.0269 4044 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 21:02:48.0316 4044 nvstor - ok 21:02:48.0456 4044 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 21:02:48.0503 4044 nv_agp - ok 21:02:48.0644 4044 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 21:02:48.0690 4044 ohci1394 - ok 21:02:48.0893 4044 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 21:02:48.0924 4044 Parport - ok 21:02:49.0034 4044 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 21:02:49.0080 4044 partmgr - ok 21:02:49.0330 4044 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 21:02:49.0377 4044 pci - ok 21:02:49.0642 4044 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 21:02:49.0673 4044 pciide - ok 21:02:49.0876 4044 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 21:02:49.0907 4044 pcmcia - ok 21:02:50.0048 4044 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 21:02:50.0079 4044 pcw - ok 21:02:50.0219 4044 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 21:02:50.0266 4044 PEAUTH - ok 21:02:50.0438 4044 PGEffect (663962900e7fea522126ba287715bb4a) C:\Windows\system32\DRIVERS\pgeffect.sys 21:02:50.0453 4044 PGEffect - ok 21:02:50.0625 4044 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 21:02:50.0687 4044 PptpMiniport - ok 21:02:50.0828 4044 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 21:02:50.0859 4044 Processor - ok 21:02:50.0984 4044 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 21:02:50.0984 4044 Psched - ok 21:02:51.0218 4044 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 21:02:51.0249 4044 ql2300 - ok 21:02:51.0389 4044 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 21:02:51.0405 4044 ql40xx - ok 21:02:51.0561 4044 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 21:02:51.0592 4044 QWAVEdrv - ok 21:02:51.0701 4044 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 21:02:51.0732 4044 RasAcd - ok 21:02:51.0857 4044 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 21:02:51.0857 4044 RasAgileVpn - ok 21:02:52.0013 4044 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:02:52.0076 4044 Rasl2tp - ok 21:02:52.0216 4044 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 21:02:52.0216 4044 RasPppoe - ok 21:02:52.0403 4044 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 21:02:52.0450 4044 RasSstp - ok 21:02:52.0559 4044 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 21:02:52.0575 4044 rdbss - ok 21:02:52.0746 4044 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 21:02:52.0793 4044 rdpbus - ok 21:02:53.0105 4044 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:02:53.0105 4044 RDPCDD - ok 21:02:53.0230 4044 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 21:02:53.0230 4044 RDPENCDD - ok 21:02:53.0402 4044 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 21:02:53.0402 4044 RDPREFMP - ok 21:02:53.0558 4044 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 21:02:53.0589 4044 RDPWD - ok 21:02:53.0729 4044 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 21:02:53.0745 4044 rdyboost - ok 21:02:53.0963 4044 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 21:02:53.0994 4044 rspndr - ok 21:02:54.0135 4044 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys 21:02:54.0213 4044 RSUSBSTOR - ok 21:02:54.0338 4044 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 21:02:54.0384 4044 sbp2port - ok 21:02:54.0525 4044 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 21:02:54.0540 4044 scfilter - ok 21:02:54.0696 4044 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 21:02:54.0712 4044 secdrv - ok 21:02:54.0852 4044 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 21:02:54.0868 4044 Serenum - ok 21:02:54.0993 4044 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 21:02:55.0055 4044 Serial - ok 21:02:55.0164 4044 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 21:02:55.0196 4044 sermouse - ok 21:02:55.0336 4044 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 21:02:55.0352 4044 sffdisk - ok 21:02:55.0476 4044 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 21:02:55.0508 4044 sffp_mmc - ok 21:02:55.0648 4044 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 21:02:55.0648 4044 sffp_sd - ok 21:02:55.0804 4044 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 21:02:55.0835 4044 sfloppy - ok 21:02:56.0069 4044 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:02:56.0116 4044 SiSRaid2 - ok 21:02:56.0241 4044 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 21:02:56.0272 4044 SiSRaid4 - ok 21:02:56.0537 4044 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 21:02:56.0537 4044 Smb - ok 21:02:56.0771 4044 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 21:02:56.0802 4044 spldr - ok 21:02:56.0912 4044 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 21:02:56.0927 4044 srv - ok 21:02:57.0114 4044 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 21:02:57.0146 4044 srv2 - ok 21:02:57.0239 4044 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 21:02:57.0255 4044 srvnet - ok 21:02:57.0442 4044 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 21:02:57.0458 4044 stexstor - ok 21:02:57.0582 4044 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 21:02:57.0614 4044 swenum - ok 21:02:57.0770 4044 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\Windows\system32\DRIVERS\SynTP.sys 21:02:57.0816 4044 SynTP - ok 21:02:58.0019 4044 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 21:02:58.0082 4044 Tcpip - ok 21:02:58.0284 4044 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 21:02:58.0300 4044 TCPIP6 - ok 21:02:58.0456 4044 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 21:02:58.0472 4044 tcpipreg - ok 21:02:58.0581 4044 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys 21:02:58.0596 4044 tdcmdpst - ok 21:02:58.0737 4044 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 21:02:58.0768 4044 TDPIPE - ok 21:02:58.0877 4044 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 21:02:58.0893 4044 TDTCP - ok 21:02:59.0018 4044 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 21:02:59.0049 4044 tdx - ok 21:02:59.0330 4044 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 21:02:59.0376 4044 TermDD - ok 21:02:59.0657 4044 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:02:59.0673 4044 tssecsrv - ok 21:02:59.0844 4044 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 21:02:59.0891 4044 TsUsbFlt - ok 21:03:00.0094 4044 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 21:03:00.0110 4044 tunnel - ok 21:03:00.0297 4044 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 21:03:00.0312 4044 TVALZ - ok 21:03:00.0453 4044 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 21:03:00.0484 4044 uagp35 - ok 21:03:00.0640 4044 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 21:03:00.0656 4044 udfs - ok 21:03:00.0843 4044 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 21:03:00.0874 4044 uliagpkx - ok 21:03:01.0014 4044 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 21:03:01.0046 4044 umbus - ok 21:03:01.0155 4044 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 21:03:01.0170 4044 UmPass - ok 21:03:01.0326 4044 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 21:03:01.0358 4044 usbccgp - ok 21:03:01.0498 4044 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 21:03:01.0498 4044 usbcir - ok 21:03:01.0638 4044 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 21:03:01.0670 4044 usbehci - ok 21:03:01.0841 4044 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 21:03:01.0872 4044 usbhub - ok 21:03:02.0013 4044 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 21:03:02.0060 4044 usbohci - ok 21:03:02.0200 4044 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 21:03:02.0231 4044 usbprint - ok 21:03:02.0387 4044 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:03:02.0450 4044 USBSTOR - ok 21:03:02.0668 4044 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 21:03:02.0684 4044 usbuhci - ok 21:03:02.0887 4044 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 21:03:02.0949 4044 usbvideo - ok 21:03:03.0089 4044 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 21:03:03.0152 4044 vdrvroot - ok 21:03:03.0339 4044 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 21:03:03.0355 4044 vga - ok 21:03:03.0557 4044 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 21:03:03.0589 4044 VgaSave - ok 21:03:03.0854 4044 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 21:03:03.0901 4044 vhdmp - ok 21:03:04.0259 4044 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 21:03:04.0291 4044 viaide - ok 21:03:04.0759 4044 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 21:03:04.0805 4044 volmgr - ok 21:03:05.0117 4044 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 21:03:05.0117 4044 volmgrx - ok 21:03:05.0258 4044 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 21:03:05.0305 4044 volsnap - ok 21:03:05.0507 4044 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 21:03:05.0554 4044 vsmraid - ok 21:03:05.0679 4044 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 21:03:05.0710 4044 vwifibus - ok 21:03:05.0866 4044 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 21:03:05.0866 4044 vwififlt - ok 21:03:06.0007 4044 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 21:03:06.0038 4044 vwifimp - ok 21:03:06.0163 4044 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 21:03:06.0163 4044 WacomPen - ok 21:03:06.0319 4044 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:03:06.0350 4044 WANARP - ok 21:03:06.0365 4044 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:03:06.0365 4044 Wanarpv6 - ok 21:03:06.0553 4044 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 21:03:06.0553 4044 Wd - ok 21:03:06.0771 4044 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 21:03:06.0787 4044 Wdf01000 - ok 21:03:07.0036 4044 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 21:03:07.0067 4044 WfpLwf - ok 21:03:07.0239 4044 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 21:03:07.0270 4044 WIMMount - ok 21:03:07.0457 4044 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 21:03:07.0504 4044 WinUsb - ok 21:03:07.0676 4044 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 21:03:07.0723 4044 WmiAcpi - ok 21:03:07.0863 4044 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 21:03:07.0879 4044 ws2ifsl - ok 21:03:08.0081 4044 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 21:03:08.0113 4044 WudfPf - ok 21:03:08.0315 4044 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:03:08.0581 4044 WUDFRd - ok 21:03:08.0612 4044 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 21:03:08.0674 4044 \Device\Harddisk0\DR0 - ok 21:03:08.0690 4044 Boot (0x1200) (89540baaaafe3750096443a75f288002) \Device\Harddisk0\DR0\Partition0 21:03:08.0690 4044 \Device\Harddisk0\DR0\Partition0 - ok 21:03:08.0783 4044 Boot (0x1200) (303d4d4749efccf3762f1d1d314e72e5) \Device\Harddisk0\DR0\Partition1 21:03:08.0783 4044 \Device\Harddisk0\DR0\Partition1 - ok 21:03:08.0783 4044 ============================================================ 21:03:08.0783 4044 Scan finished 21:03:08.0783 4044 ============================================================ 21:03:08.0799 2592 Detected object count: 0 21:03:08.0799 2592 Actual detected object count: 0
  11. johnnyvtz1990
    Voor de rest heb ik nog een paar vragjes over Trojan Downloader: Hoe weet ik zeker dat het virus weg is van mijn laptop? Wat voor virus is het eigenlijk en wat doet het precies? Waarom gaf NOD aan opschonen niet mogelijk?
  12. johnnyvtz1990
    Mijn laptop geeft bij het afsluiten steeds een bericht afsluiten forceren. Dit was al lang voor de Trojan Downloader. Maar hij sluit daarne wel weer af hoe kan dit?
  13. johnnyvtz1990
    Op het moment krijg ik geen trojan meldingen, heb ik maar eén keer gehad toen ik die melding voor het eerst kreeg toen ik op het internet surfde. Heb het werkgeheugen doorgescand en de hele laptop maar hij vind geen bedreigingen. Een ICT leraar van bij mij op school zegt dat als NOD het al aangeeft er geen probleem is. Meestal als ik een virus oploop geeft de virusscanner het niet aan. Is de kust nu veilig op mijn laptop? of kan er eventueel nog meer gebeuren. Ik weet niet of Trojan Downloader kwaadaardig is? Dit is het logje met twee meldingen die Malaware bij de eerste scan op 5 maart al had gedicteerd en verwijderd. Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.03.05.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Johnny :: JOHNNY-TOSH [administrator] Realtime bescherming: Ingeschakeld 5-3-2012 21:54:04 mbam-log-2012-03-05 (21-54-04).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 188330 Verstreken tijd: 5 minuut/minuten, 9 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKCR\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887} (Heuristics.Shuriken) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\ProgramData\Windows\msseedir.dll (Heuristics.Shuriken) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  14. johnnyvtz1990
    Beste, Hier het logje. Er werden geen bestanden aangetroffen. De volgende bestanden bleven in hijacktthis staan en werden niet zoals alle anderen verwijderd. Heb ik soms iets verkeerd gedaan omdat er iets bij stond over internet? Had malaware bytes al eerder gebruikt en toen vond die twee bestanden die die heeft verwijder. Graag hoor ik meer van jullie. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Hier het logje Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.03.06.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Johnny :: JOHNNY-TOSH [administrator] Realtime bescherming: Ingeschakeld 6-3-2012 21:03:17 mbam-log-2012-03-06 (21-03-17).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 187891 Verstreken tijd: 2 minuut/minuten, 14 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  15. johnnyvtz1990
    Hallo Kape of Kweezie Wabbit hier heb ik het logje. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:42:10, on 6-3-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe C:\Users\Johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IVSO2DA8\HijackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Toshiba | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files (x86)\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\tbuTor.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: http://www.mediapluspro.com O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13369 bytes
  16. johnnyvtz1990
    Ik surfde gisteren op het internet en liep ineens tegen de volgende melding aan van mijn NOD virusscanner. Scanner van opstartbestanden bestand Werkgeheugen » iexplore.exe(4160) een variant van Win32/TrojanDownloader.Mebload.AR trojaans paard opschonen niet mogelijk Ik heb malwarebytes erop losgelaten en hij vond 2 geinfecteerde bestanden die ik vervolgens heb verwijderd. Ik heb het nogmaals opnieuw gescand maar hij vond niks meer. Kan iemand mij misschien vertellen hoe ik kan controleren of dit trojaans paard is verwijdert of wat voor gratis programma's ik evt. nog meer kan gebruiken.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.