Ga naar inhoud

trojan:dos/alureon.f


Aanbevolen berichten

Goeiemorgen,

Heb sinds enkele dagen een virus genaamd Trojan:Dos/Alureon.F in mijn computer.

In het begin zag ik geen progamma`s meer en harde schijven waren leeg maar inmiddels kan ik weer computeren en doet alles het weer maar virus is nog aanwezig en computer is zeer langzaam.

Groetjes en fijne kerstdagen hans

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:00:31, on 25-12-2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\DVD Flick\dvdflick.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\DVD Flick\bin\ffmpeg.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Users\Gebruiker\AppData\Roaming\WinSec.exe

O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Users\Gebruiker\AppData\Roaming\WinSec.exe

O4 - HKUS\S-1-5-21-3453599878-2687871336-313622418-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3453599878-2687871336-313622418-1001\..\Run: [] (User 'UpdatusUser')

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9622 bytes

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Databaseversie: 911122501

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

25-12-2011 11:00:08

mbam-log-2011-12-25 (10-59-31).txt

Scantype: Snelle scan

Objecten gescand: 210566

Verstreken tijd: 5 minuut/minuten, 10 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 4

Registerwaarden geïnfecteerd: 2

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 2

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\CLSID\{JVX65FI3-M4WU-33RE-166O-82MYIA582C86} (Trojan.Agent) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{JVX65FI3-M4WU-33RE-166O-82MYIA582C86} (Trojan.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\4ECYTQ9SIC (Trojan.FakeAlert.SA) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\W1WIWQ1NPG (Trojan.FakeAlert.SA) -> No action taken.

Registerwaarden geïnfecteerd:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.Agent) -> Value: Policies -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.Agent) -> Value: Policies -> No action taken.

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

c:\$RECYCLE.BIN\s-1-5-21-3453599878-2687871336-313622418-1000\$RIU7WS0.exe (PUP.BundleOffer.Downloader.S) -> No action taken.

c:\Users\gebruiker\AppData\Roaming\WinSec.exe (Trojan.Agent) -> No action taken.

Link naar reactie
Delen op andere sites

Hartelijk dank voor de snelle reactie ik heb nu een scan gemaakt en stuur hem nu door

Bedank hans

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:07:08, on 25-12-2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe

C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Users\Gebruiker\AppData\Roaming\WinSec.exe

O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Users\Gebruiker\AppData\Roaming\WinSec.exe

O4 - HKUS\S-1-5-21-3453599878-2687871336-313622418-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3453599878-2687871336-313622418-1001\..\Run: [] (User 'UpdatusUser')

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9482 bytes

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Users\Gebruiker\AppData\Roaming\WinSec.exe

O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Users\Gebruiker\AppData\Roaming\WinSec.exe

O4 - HKUS\S-1-5-21-3453599878-2687871336-313622418-1001\..\Run: [] (User 'UpdatusUser')

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Klik op 'Fix checked' om de items te verwijderen.

Maak dan een nieuw logje met Malwarebytes en HijackThis en hang beiden in je volgende bericht.

Link naar reactie
Delen op andere sites

Dankje

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Databaseversie: 911122501

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

25-12-2011 12:31:35

mbam-log-2011-12-25 (10-59-31).txt

Scantype: Snelle scan

Objecten gescand: 210662

Verstreken tijd: 2 minuut/minuten, 17 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 4

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 1

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\CLSID\{JVX65FI3-M4WU-33RE-166O-82MYIA582C86} (Trojan.Agent) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{JVX65FI3-M4WU-33RE-166O-82MYIA582C86} (Trojan.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\4ECYTQ9SIC (Trojan.FakeAlert.SA) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\W1WIWQ1NPG (Trojan.FakeAlert.SA) -> No action taken.

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

c:\Users\gebruiker\AppData\Roaming\WinSec.exe (Trojan.Agent) -> No action taken.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:35:40, on 25-12-2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

O4 - HKUS\S-1-5-21-3453599878-2687871336-313622418-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8827 bytes

---------- Post toegevoegd om 12:44 ---------- Vorige post was om 12:36 ----------

Was nog wat vergeten te melden heb geprobeerd spyware doctor te instaleren maar geeft dan altijd fout meldingen PctsGui.exe.

dat zou de trojan moeten verwijderen volgens engelse site maar nogmaals het lukte niet te instaleren.

Groetjes hans

Link naar reactie
Delen op andere sites

Bij Malwarebytes lijken de gevonden items niet verwijderd te zijn. "No action taken" wijst alvast in die richting. Wil je dat nog eens uitvoeren en dan wél kiezen voor "verwijderen".

En dan mag je dit doen:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Alweer hartelijk bedank,

ComboFix 11-12-24.10 - Gebruiker 25-12-2011 14:51:03.2.2 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.4094.2898 [GMT 1:00]

Gestart vanuit: c:\users\Gebruiker\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: PC Tools Spyware Doctor *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Gebruiker\AppData\Roaming\Gebruikerlog.dat

c:\users\Gebruiker\AppData\Roaming\vso_ts_preview.xml

c:\windows\security\Database\tmp.edb

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_RkHit

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-11-25 to 2011-12-25 ))))))))))))))))))))))))))))))

.

.

2011-12-25 14:32 . 2011-12-25 14:32 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{97112EB0-3CAF-4BE2-ADD7-1E4DC94025A7}\offreg.dll

2011-12-25 14:29 . 2011-12-25 14:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2011-12-25 14:29 . 2011-12-25 14:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-25 14:29 . 2011-12-25 14:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2011-12-25 09:52 . 2011-12-25 09:52 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes

2011-12-25 09:52 . 2011-12-25 09:52 -------- d-----w- c:\programdata\Malwarebytes

2011-12-25 09:52 . 2011-12-25 09:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-12-25 09:49 . 2011-12-25 09:49 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-12-25 09:49 . 2011-12-25 09:49 -------- d-----w- c:\program files (x86)\Trend Micro

2011-12-24 14:25 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{97112EB0-3CAF-4BE2-ADD7-1E4DC94025A7}\mpengine.dll

2011-12-23 18:55 . 2011-12-24 08:46 -------- d-----w- c:\program files (x86)\WinUtilities

2011-12-23 18:55 . 2010-07-25 21:23 56496 ----a-w- c:\windows\SysWow64\wbhelp2.dll

2011-12-23 18:55 . 2010-07-25 21:23 544768 ----a-w- c:\windows\SysWow64\wbocx.ocx

2011-12-23 18:55 . 2010-07-25 21:23 33968 ----a-w- c:\windows\SysWow64\anim.dll

2011-12-23 18:55 . 2010-07-25 21:23 258352 ----a-w- c:\windows\SysWow64\unicows.dll

2011-12-23 18:55 . 2010-07-25 21:23 4608 ----a-w- c:\windows\SysWow64\W95INF32.DLL

2011-12-23 18:55 . 2010-07-25 21:23 2272 ----a-w- c:\windows\SysWow64\W95INF16.DLL

2011-12-23 17:20 . 2011-12-23 17:20 -------- d-----w- c:\program files (x86)\PC Tools Registry Tool

2011-12-23 17:18 . 2011-09-28 12:14 70760 ----a-w- c:\windows\system32\drivers\PCTBD64.sys

2011-12-23 17:17 . 2011-11-22 18:38 141312 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys

2011-12-23 17:17 . 2011-11-22 18:38 337048 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys

2011-12-23 17:16 . 2011-11-22 18:41 14776 ----a-w- c:\windows\system32\drivers\pctBTFix64.sys

2011-12-23 17:16 . 2011-11-22 18:43 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys

2011-12-23 17:16 . 2011-12-23 17:16 -------- d-----w- c:\program files (x86)\PC Tools

2011-12-23 17:15 . 2011-10-07 16:52 816016 ----a-w- c:\windows\system32\drivers\pctEFA64.sys

2011-12-23 17:15 . 2011-10-07 16:52 452872 ----a-w- c:\windows\system32\drivers\pctDS64.sys

2011-12-23 17:14 . 2011-11-14 14:12 367912 ----a-w- c:\windows\system32\drivers\PCTCore64.sys

2011-12-23 17:14 . 2011-11-22 18:42 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys

2011-12-23 17:14 . 2011-12-23 17:16 -------- d-----w- c:\program files (x86)\Common Files\PC Tools

2011-12-23 17:14 . 2011-12-23 17:16 -------- d-----w- c:\programdata\PC Tools

2011-12-23 15:43 . 2011-12-23 18:52 -------- d-----w- c:\program files (x86)\Advanced PC Tweaker

2011-12-23 14:26 . 2011-12-23 14:26 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-23 14:26 . 2011-12-23 14:26 -------- d-----w- c:\program files\Hitman Pro 3.5

2011-12-22 15:51 . 2011-12-22 15:51 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\TuneUp Software

2011-12-22 15:51 . 2011-12-22 15:51 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2011-12-22 09:33 . 2011-12-22 09:33 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2011-12-22 08:31 . 2011-11-14 15:06 767952 ----a-w- c:\windows\BDTSupport.dll

2011-12-22 08:31 . 2011-11-14 15:07 149456 ----a-w- c:\windows\SGDetectionTool.dll

2011-12-22 08:31 . 2011-11-14 15:07 2246608 ----a-w- c:\windows\PCTBDCore.dll

2011-12-22 08:31 . 2011-11-14 15:07 1681360 ----a-w- c:\windows\PCTBDRes.dll

2011-12-22 07:34 . 2011-12-22 11:31 -------- d-----w- c:\program files (x86)\Spyware Doctor

2011-12-21 18:27 . 2011-12-21 18:27 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\TestApp

2011-11-27 10:33 . 2008-01-31 19:00 83144 ----a-w- c:\windows\SysWow64\PICCLP32.OCX

2011-11-27 10:33 . 2011-11-27 10:33 -------- d-----w- c:\program files (x86)\DVD Slim Free

2011-11-27 09:50 . 2011-11-27 09:50 -------- d-----w- c:\programdata\Brother

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-21 11:40 . 2011-08-06 11:30 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-11-15 13:29 . 2011-06-05 09:06 222080 ------w- c:\windows\SysWow64\MpSigStub.exe

2011-11-15 13:29 . 2011-02-19 21:37 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-10-15 08:53 . 2011-08-17 16:16 1533248 ----a-w- c:\windows\system32\nvdispco64.dll

2011-10-15 08:53 . 2011-08-17 16:16 1454400 ----a-w- c:\windows\system32\nvgenco64.dll

2011-10-15 08:53 . 2011-06-12 07:41 3074368 ----a-w- c:\windows\system32\nvsvcr.dll

2011-10-15 08:53 . 2011-02-23 00:58 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll

2011-10-15 08:53 . 2011-02-23 00:58 2808128 ----a-w- c:\windows\system32\nvapi64.dll

2011-10-15 08:53 . 2011-02-23 00:58 15693120 ----a-w- c:\windows\system32\nvd3dumx.dll

2011-10-15 08:53 . 2011-02-22 23:39 837952 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll

2011-10-15 08:53 . 2011-02-22 23:39 10406208 ----a-w- c:\windows\system32\nvcpl.dll

2011-10-15 08:53 . 2011-02-22 23:39 5067584 ----a-w- c:\windows\system32\nvsvc64.dll

2011-10-15 08:53 . 2011-02-22 23:38 222528 ----a-w- c:\windows\system32\nvmctray.dll

2011-10-15 08:53 . 2011-02-22 23:38 1640768 ----a-w- c:\windows\system32\nvvsvc.exe

2011-10-15 08:53 . 2011-02-22 23:38 137536 ----a-w- c:\windows\system32\nvshext.dll

2011-10-14 23:54 . 2011-10-14 23:54 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2011-10-12 12:19 . 2011-10-12 12:19 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD756CC3-5D0B-49DB-B1E8-713939DC66D6}\gapaengine.dll

2011-10-03 16:47 . 2011-10-03 16:47 0 ----a-w- c:\users\Gebruiker\AppData\Local\BIT6BBD.tmp

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]

"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"DisableStartupSound"= 1 (0x1)

"DisableStatusMessages"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 0 (0x0)

"NoFileAssociate"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoThumbnailCache"= 1 (0x1)

"DisableThumbnailsOnNetworkFolders"= 1 (0x1)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R0 johci;JMicron 1394 Filter Driver;c:\windows\system32\drivers\johci.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 2310_00;2310_00;c:\windows\system32\drivers\2310_00.sys [x]

R3 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys [x]

R3 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [x]

R3 arcm_a64;arcm_a64;c:\windows\system32\drivers\arcm_a64.sys [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]

R3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]

R3 hptiop;hptiop;c:\windows\system32\drivers\hptiop.sys [x]

R3 hptmv;hptmv;c:\windows\system32\drivers\hptmv.sys [x]

R3 hptmv6;hptmv6;c:\windows\system32\drivers\hptmv6.sys [x]

R3 IAMTVE;Stuurprogramma voor Intel® Active Management Technology - KCS;c:\windows\system32\drivers\IAMTVE.sys [x]

R3 IAMTXPE;Stuurprogramma voor Intel® Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXPE.sys [x]

R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [x]

R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [x]

R3 MegaSR1;MegaSR1;c:\windows\system32\drivers\MegaSR1.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [x]

R3 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]

R3 nvamacpi;nvamacpi;c:\windows\system32\drivers\NVAMACPI.sys [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 Pnp680;Pnp680;c:\windows\system32\drivers\pnp680.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 rr172x;rr172x;c:\windows\system32\drivers\rr172x.sys [x]

R3 rr174x;rr174x;c:\windows\system32\drivers\rr174x.sys [x]

R3 rr2210;rr2210;c:\windows\system32\drivers\rr2210.sys [x]

R3 rr232x;rr232x;c:\windows\system32\drivers\rr232x.sys [x]

R3 rr2340;rr2340;c:\windows\system32\drivers\rr2340.sys [x]

R3 rr2522;rr2522;c:\windows\system32\drivers\rr2522.sys [x]

R3 rr62x;rr62x;c:\windows\system32\drivers\rr62x.sys [x]

R3 Ser2at;ATEN USB to Serial port driver;c:\windows\system32\drivers\ser2at64.sys [x]

R3 SI3112r;SI3112r;c:\windows\system32\drivers\SI3112r.sys [x]

R3 SI3114;SI3114;c:\windows\system32\drivers\SI3114.sys [x]

R3 SI3124;SI3124;c:\windows\system32\drivers\SI3124.sys [x]

R3 Si3124r5;Si3124r5;c:\windows\system32\drivers\Si3124r5.sys [x]

R3 Si3531;Si3531;c:\windows\system32\drivers\Si3531.sys [x]

R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x]

R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 vcrdrx64;VIA MSP Card Reader Host Controller;c:\windows\system32\drivers\vcrdrx64.sys [x]

R3 VGPU;VGPU; [x]

R3 viamrx64;viamrx64;c:\windows\system32\drivers\viamrx64.sys [x]

R3 videX64;videX64;c:\windows\system32\drivers\videX64.sys [x]

R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [x]

S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [x]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]

S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]

S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfiltx64.sys [x]

S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2011-11-14 546768]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]

S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]

S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2011-11-22 402336]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [x]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]

S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2011-12-23 c:\windows\Tasks\One-Click Tweak.job

- c:\program files (x86)\Advanced PC Tweaker\OneClick.exe [2011-12-23 09:02]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-03 11842152]

"combofix"="c:\combofix\CF12511.3XE" [2010-11-20 345088]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uDefault_Search_URL = hxxp://www.google.com/ie

uLocal Page = c:\windows\SYSTEM32\blank.htm

mLocal Page = c:\windows\SYSTEM32\blank.htm

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.130.3 195.130.131.3

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\SysWOW64\brsvc01a.exe

c:\windows\SysWOW64\brss01a.exe

c:\program files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

c:\program files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

c:\program files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

.

**************************************************************************

.

Voltooingstijd: 2011-12-25 15:54:06 - machine werd herstart

ComboFix-quarantined-files.txt 2011-12-25 14:53

.

Pre-Run: 35.576.782.848 bytes beschikbaar

Post-Run: 35.463.663.616 bytes beschikbaar

.

- - End Of File - - 26BDF0CE44D240D0891C3A976FEDB871

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Databaseversie: 911122501

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

25-12-2011 15:58:59

mbam-log-2011-12-25 (15-58-59).txt

Scantype: Snelle scan

Objecten gescand: 207385

Verstreken tijd: 1 minuut/minuten, 48 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:59:52, on 25-12-2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

O4 - HKUS\S-1-5-21-3453599878-2687871336-313622418-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8696 bytes

Nogmaals bedank en groet hans

heb Microsoft security essentials nogmaals laten lopen en geeft weer het virus aan.

wat nu.

aangepast door gmbh
Link naar reactie
Delen op andere sites

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Link naar reactie
Delen op andere sites

Goeiemorgen,

10:07:58.0085 4780 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16

10:07:58.0165 4780 ============================================================

10:07:58.0165 4780 Current date / time: 2011/12/26 10:07:58.0165

10:07:58.0165 4780 SystemInfo:

10:07:58.0165 4780

10:07:58.0165 4780 OS Version: 6.1.7601 ServicePack: 1.0

10:07:58.0165 4780 Product type: Workstation

10:07:58.0165 4780 ComputerName: HANS

10:07:58.0165 4780 UserName: Gebruiker

10:07:58.0165 4780 Windows directory: C:\Windows

10:07:58.0165 4780 System windows directory: C:\Windows

10:07:58.0165 4780 Running under WOW64

10:07:58.0165 4780 Processor architecture: Intel x64

10:07:58.0165 4780 Number of processors: 2

10:07:58.0165 4780 Page size: 0x1000

10:07:58.0165 4780 Boot type: Normal boot

10:07:58.0165 4780 ============================================================

10:07:59.0955 4780 Initialize success

10:08:11.0355 4428 ============================================================

10:08:11.0355 4428 Scan started

10:08:11.0355 4428 Mode: Manual;

10:08:11.0355 4428 ============================================================

10:08:12.0165 4428 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys

10:08:12.0175 4428 1394ohci - ok

10:08:12.0305 4428 2310_00 (ec6b48ef62c5ac40bb4cc1f3fbecf5a6) C:\Windows\system32\drivers\2310_00.sys

10:08:12.0315 4428 2310_00 - ok

10:08:12.0385 4428 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

10:08:12.0385 4428 ACPI - ok

10:08:12.0485 4428 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

10:08:12.0485 4428 AcpiPmi - ok

10:08:12.0635 4428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

10:08:12.0645 4428 adp94xx - ok

10:08:12.0705 4428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

10:08:12.0715 4428 adpahci - ok

10:08:12.0745 4428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

10:08:12.0745 4428 adpu320 - ok

10:08:12.0815 4428 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys

10:08:12.0825 4428 AFD - ok

10:08:12.0855 4428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

10:08:12.0855 4428 agp440 - ok

10:08:12.0905 4428 ahcix64s (367bb1682a128ddf23182b370769771e) C:\Windows\system32\drivers\ahcix64s.sys

10:08:12.0905 4428 ahcix64s - ok

10:08:12.0965 4428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

10:08:12.0965 4428 aliide - ok

10:08:12.0995 4428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

10:08:12.0995 4428 amdide - ok

10:08:13.0065 4428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

10:08:13.0065 4428 AmdK8 - ok

10:08:13.0085 4428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

10:08:13.0085 4428 AmdPPM - ok

10:08:13.0135 4428 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys

10:08:13.0135 4428 amdsata - ok

10:08:13.0195 4428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

10:08:13.0195 4428 amdsbs - ok

10:08:13.0225 4428 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys

10:08:13.0225 4428 amdxata - ok

10:08:13.0265 4428 amd_sata (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\drivers\amd_sata.sys

10:08:13.0265 4428 amd_sata - ok

10:08:13.0375 4428 amd_xata (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\drivers\amd_xata.sys

10:08:13.0375 4428 amd_xata - ok

10:08:13.0415 4428 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

10:08:13.0415 4428 AppID - ok

10:08:13.0465 4428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

10:08:13.0465 4428 arc - ok

10:08:13.0485 4428 arcm_a64 (8d51c40aee6e50ebd594b86571fabbdc) C:\Windows\system32\drivers\arcm_a64.sys

10:08:13.0485 4428 arcm_a64 - ok

10:08:13.0505 4428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

10:08:13.0505 4428 arcsas - ok

10:08:13.0575 4428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

10:08:13.0585 4428 AsyncMac - ok

10:08:13.0595 4428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

10:08:13.0595 4428 atapi - ok

10:08:13.0645 4428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

10:08:13.0665 4428 b06bdrv - ok

10:08:13.0685 4428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

10:08:13.0695 4428 b57nd60a - ok

10:08:13.0735 4428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

10:08:13.0745 4428 Beep - ok

10:08:13.0785 4428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

10:08:13.0795 4428 blbdrive - ok

10:08:13.0805 4428 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

10:08:13.0805 4428 bowser - ok

10:08:13.0825 4428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

10:08:13.0825 4428 BrFiltLo - ok

10:08:13.0845 4428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

10:08:13.0845 4428 BrFiltUp - ok

10:08:13.0895 4428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

10:08:13.0905 4428 Brserid - ok

10:08:13.0925 4428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

10:08:13.0925 4428 BrSerWdm - ok

10:08:13.0935 4428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:08:13.0945 4428 BrUsbMdm - ok

10:08:13.0955 4428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

10:08:13.0965 4428 BrUsbSer - ok

10:08:14.0025 4428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

10:08:14.0035 4428 BTHMODEM - ok

10:08:14.0095 4428 catchme - ok

10:08:14.0115 4428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

10:08:14.0115 4428 cdfs - ok

10:08:14.0135 4428 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

10:08:14.0145 4428 cdrom - ok

10:08:14.0195 4428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

10:08:14.0195 4428 circlass - ok

10:08:14.0235 4428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

10:08:14.0245 4428 CLFS - ok

10:08:14.0275 4428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

10:08:14.0275 4428 CmBatt - ok

10:08:14.0285 4428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

10:08:14.0285 4428 cmdide - ok

10:08:14.0315 4428 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

10:08:14.0325 4428 CNG - ok

10:08:14.0365 4428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

10:08:14.0365 4428 Compbatt - ok

10:08:14.0375 4428 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

10:08:14.0375 4428 CompositeBus - ok

10:08:14.0395 4428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

10:08:14.0395 4428 crcdisk - ok

10:08:14.0445 4428 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

10:08:14.0465 4428 CSC - ok

10:08:14.0525 4428 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys

10:08:14.0525 4428 dc3d - ok

10:08:14.0565 4428 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

10:08:14.0565 4428 DfsC - ok

10:08:14.0585 4428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

10:08:14.0585 4428 discache - ok

10:08:14.0705 4428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

10:08:14.0705 4428 Disk - ok

10:08:14.0715 4428 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys

10:08:14.0715 4428 dmvsc - ok

10:08:14.0755 4428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

10:08:14.0765 4428 drmkaud - ok

10:08:14.0805 4428 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

10:08:14.0815 4428 DXGKrnl - ok

10:08:14.0845 4428 e1express (47a9164ca8726fcb29ecacfbfca6ccab) C:\Windows\system32\DRIVERS\e1e6232e.sys

10:08:14.0845 4428 e1express - ok

10:08:14.0875 4428 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys

10:08:14.0875 4428 E1G60 - ok

10:08:14.0945 4428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

10:08:15.0015 4428 ebdrv - ok

10:08:15.0055 4428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

10:08:15.0075 4428 elxstor - ok

10:08:15.0095 4428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

10:08:15.0105 4428 ErrDev - ok

10:08:15.0135 4428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

10:08:15.0135 4428 exfat - ok

10:08:15.0155 4428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

10:08:15.0165 4428 fastfat - ok

10:08:15.0185 4428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

10:08:15.0185 4428 fdc - ok

10:08:15.0205 4428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

10:08:15.0215 4428 FileInfo - ok

10:08:15.0235 4428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

10:08:15.0235 4428 Filetrace - ok

10:08:15.0265 4428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

10:08:15.0265 4428 flpydisk - ok

10:08:15.0295 4428 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

10:08:15.0305 4428 FltMgr - ok

10:08:15.0335 4428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

10:08:15.0345 4428 FsDepends - ok

10:08:15.0355 4428 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

10:08:15.0365 4428 Fs_Rec - ok

10:08:15.0385 4428 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

10:08:15.0385 4428 fvevol - ok

10:08:15.0405 4428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

10:08:15.0405 4428 gagp30kx - ok

10:08:15.0445 4428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

10:08:15.0445 4428 hcw85cir - ok

10:08:15.0485 4428 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

10:08:15.0505 4428 HdAudAddService - ok

10:08:15.0515 4428 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

10:08:15.0525 4428 HDAudBus - ok

10:08:15.0545 4428 HECIx64 (3ce9668e4ad154424b39efac30c49deb) C:\Windows\system32\drivers\HECIx64.sys

10:08:15.0545 4428 HECIx64 - ok

10:08:15.0565 4428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

10:08:15.0575 4428 HidBatt - ok

10:08:15.0585 4428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

10:08:15.0595 4428 HidBth - ok

10:08:15.0615 4428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

10:08:15.0615 4428 HidIr - ok

10:08:15.0645 4428 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

10:08:15.0655 4428 HidUsb - ok

10:08:15.0695 4428 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

10:08:15.0705 4428 HpSAMD - ok

10:08:15.0715 4428 hptiop (0c7d692643f892b786a45cb9afee2729) C:\Windows\system32\drivers\hptiop.sys

10:08:15.0725 4428 hptiop - ok

10:08:15.0765 4428 hptmv (93850720522b3015ce0ab56c78c2b219) C:\Windows\system32\drivers\hptmv.sys

10:08:15.0775 4428 hptmv - ok

10:08:15.0795 4428 hptmv6 (99fa9a613b09a82340b39ca522f6aaac) C:\Windows\system32\drivers\hptmv6.sys

10:08:15.0805 4428 hptmv6 - ok

10:08:15.0835 4428 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

10:08:15.0855 4428 HTTP - ok

10:08:15.0865 4428 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

10:08:15.0865 4428 hwpolicy - ok

10:08:15.0885 4428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

10:08:15.0885 4428 i8042prt - ok

10:08:15.0915 4428 IAMTVE (87a72502c8ac5e89b5a46ff6e874f5c5) C:\Windows\system32\drivers\IAMTVE.sys

10:08:15.0915 4428 IAMTVE - ok

10:08:15.0935 4428 IAMTXPE (5516f8e518a2f6a8755498f3e73957cf) C:\Windows\system32\drivers\IAMTXPE.sys

10:08:15.0945 4428 IAMTXPE - ok

10:08:15.0985 4428 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\drivers\iaStor.sys

10:08:15.0985 4428 iaStor - ok

10:08:16.0015 4428 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys

10:08:16.0025 4428 iaStorV - ok

10:08:16.0045 4428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

10:08:16.0055 4428 iirsp - ok

10:08:16.0145 4428 IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys

10:08:16.0165 4428 IntcAzAudAddService - ok

10:08:16.0205 4428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

10:08:16.0205 4428 intelide - ok

10:08:16.0235 4428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

10:08:16.0235 4428 intelppm - ok

10:08:16.0275 4428 ioatdma1 (e45575812630b049ce0f679d87561a4d) C:\Windows\System32\Drivers\qd162x64.sys

10:08:16.0275 4428 ioatdma1 - ok

10:08:16.0295 4428 ioatdma2 (2c23820dd9e81199e60f553eb50bc449) C:\Windows\System32\Drivers\qd262x64.sys

10:08:16.0305 4428 ioatdma2 - ok

10:08:16.0325 4428 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:08:16.0325 4428 IpFilterDriver - ok

10:08:16.0345 4428 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

10:08:16.0345 4428 IPMIDRV - ok

10:08:16.0365 4428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

10:08:16.0365 4428 IPNAT - ok

10:08:16.0385 4428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

10:08:16.0385 4428 IRENUM - ok

10:08:16.0405 4428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

10:08:16.0415 4428 isapnp - ok

10:08:16.0445 4428 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

10:08:16.0445 4428 iScsiPrt - ok

10:08:16.0535 4428 ISODrive (88bb5280137dc9a7e9989c475763cd08) C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys

10:08:16.0545 4428 ISODrive - ok

10:08:16.0585 4428 iteraid (149965167ed18c14f6e080a781684e13) C:\Windows\system32\drivers\iteraid.sys

10:08:16.0585 4428 iteraid - ok

10:08:16.0605 4428 johci (148a8e14340e640aca1d316133960d64) C:\Windows\system32\drivers\johci.sys

10:08:16.0605 4428 johci - ok

10:08:16.0615 4428 JRAID (79a55e8907f34ab569029505418c35ef) C:\Windows\system32\drivers\jraid.sys

10:08:16.0625 4428 JRAID - ok

10:08:16.0635 4428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

10:08:16.0635 4428 kbdclass - ok

10:08:16.0655 4428 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

10:08:16.0665 4428 kbdhid - ok

10:08:16.0685 4428 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

10:08:16.0685 4428 KSecDD - ok

10:08:16.0705 4428 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

10:08:16.0705 4428 KSecPkg - ok

10:08:16.0725 4428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

10:08:16.0725 4428 ksthunk - ok

10:08:16.0785 4428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

10:08:16.0785 4428 lltdio - ok

10:08:16.0825 4428 LSI_FC (d7b77b486804af25838aa51734f65e2c) C:\Windows\system32\drivers\lsi_fc.sys

10:08:16.0825 4428 LSI_FC - ok

10:08:16.0835 4428 LSI_SAS (9efb958d24dc05044af90f6d548590ce) C:\Windows\system32\drivers\lsi_sas.sys

10:08:16.0845 4428 LSI_SAS - ok

10:08:16.0875 4428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

10:08:16.0875 4428 LSI_SAS2 - ok

10:08:16.0885 4428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

10:08:16.0885 4428 LSI_SCSI - ok

10:08:16.0905 4428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

10:08:16.0905 4428 luafv - ok

10:08:16.0915 4428 megasas (e2e92687f505bf15d07b4315866b4a44) C:\Windows\system32\drivers\megasas.sys

10:08:16.0925 4428 megasas - ok

10:08:16.0935 4428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

10:08:16.0935 4428 MegaSR - ok

10:08:16.0955 4428 MegaSR1 (6d884467fdd4ea15040ca0d5d34c067c) C:\Windows\system32\drivers\MegaSR1.sys

10:08:16.0975 4428 MegaSR1 - ok

10:08:17.0025 4428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

10:08:17.0025 4428 Modem - ok

10:08:17.0035 4428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

10:08:17.0045 4428 monitor - ok

10:08:17.0055 4428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

10:08:17.0055 4428 mouclass - ok

10:08:17.0095 4428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

10:08:17.0105 4428 mouhid - ok

10:08:17.0125 4428 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

10:08:17.0125 4428 mountmgr - ok

10:08:17.0185 4428 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys

10:08:17.0185 4428 MpFilter - ok

10:08:17.0215 4428 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

10:08:17.0215 4428 mpio - ok

10:08:17.0235 4428 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys

10:08:17.0245 4428 MpNWMon - ok

10:08:17.0255 4428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

10:08:17.0275 4428 mpsdrv - ok

10:08:17.0295 4428 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

10:08:17.0295 4428 MRxDAV - ok

10:08:17.0325 4428 mrxsmb (faf015b07e3a2874a790a39b7d2c579f) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:08:17.0325 4428 mrxsmb - ok

10:08:17.0355 4428 mrxsmb10 (08e2345df129082bcdffdc1440f9c00d) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:08:17.0365 4428 mrxsmb10 - ok

10:08:17.0385 4428 mrxsmb20 (108d87409c5812ef47d81e22843e8c9d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:08:17.0385 4428 mrxsmb20 - ok

10:08:17.0395 4428 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

10:08:17.0405 4428 msahci - ok

10:08:17.0415 4428 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

10:08:17.0415 4428 msdsm - ok

10:08:17.0435 4428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

10:08:17.0435 4428 Msfs - ok

10:08:17.0455 4428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

10:08:17.0455 4428 mshidkmdf - ok

10:08:17.0485 4428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

10:08:17.0485 4428 msisadrv - ok

10:08:17.0525 4428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

10:08:17.0525 4428 MSKSSRV - ok

10:08:17.0555 4428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

10:08:17.0555 4428 MSPCLOCK - ok

10:08:17.0565 4428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

10:08:17.0575 4428 MSPQM - ok

10:08:17.0605 4428 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

10:08:17.0615 4428 MsRPC - ok

10:08:17.0635 4428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

10:08:17.0635 4428 mssmbios - ok

10:08:17.0655 4428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

10:08:17.0655 4428 MSTEE - ok

10:08:17.0685 4428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

10:08:17.0685 4428 MTConfig - ok

10:08:17.0705 4428 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\drivers\ASACPI.sys

10:08:17.0715 4428 MTsensor - ok

10:08:17.0735 4428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

10:08:17.0735 4428 Mup - ok

10:08:17.0755 4428 mv61xx (8274fe4fbe25d28fe2637b167ec76a5c) C:\Windows\system32\drivers\mv61xx.sys

10:08:17.0755 4428 mv61xx - ok

10:08:17.0775 4428 mv91xx (c752ab67a50f921622fe65725d1f6856) C:\Windows\system32\drivers\mv91xx.sys

10:08:17.0775 4428 mv91xx - ok

10:08:17.0855 4428 NAL (696c1013b21d174808432d6c87170594) C:\Windows\system32\Drivers\iqvw64e.sys

10:08:17.0865 4428 NAL - ok

10:08:17.0925 4428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

10:08:17.0925 4428 NativeWifiP - ok

10:08:17.0975 4428 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

10:08:17.0995 4428 NDIS - ok

10:08:18.0035 4428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

10:08:18.0035 4428 NdisCap - ok

10:08:18.0075 4428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

10:08:18.0085 4428 NdisTapi - ok

10:08:18.0105 4428 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

10:08:18.0105 4428 Ndisuio - ok

10:08:18.0125 4428 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

10:08:18.0125 4428 NdisWan - ok

10:08:18.0145 4428 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

10:08:18.0155 4428 NDProxy - ok

10:08:18.0165 4428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

10:08:18.0165 4428 NetBIOS - ok

10:08:18.0185 4428 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

10:08:18.0185 4428 NetBT - ok

10:08:18.0265 4428 netr28ux (8ea8424621a537a57da63473b5d4cee2) C:\Windows\system32\DRIVERS\netr28ux.sys

10:08:18.0275 4428 netr28ux - ok

10:08:18.0315 4428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

10:08:18.0325 4428 nfrd960 - ok

10:08:18.0355 4428 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

10:08:18.0355 4428 NisDrv - ok

10:08:18.0425 4428 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys

10:08:18.0435 4428 nmwcd - ok

10:08:18.0485 4428 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys

10:08:18.0495 4428 nmwcdc - ok

10:08:18.0515 4428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

10:08:18.0515 4428 Npfs - ok

10:08:18.0535 4428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

10:08:18.0535 4428 nsiproxy - ok

10:08:18.0585 4428 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys

10:08:18.0625 4428 Ntfs - ok

10:08:18.0665 4428 NuidFltr (9924bdc1882f8c92335e26483bd1fb24) C:\Windows\system32\DRIVERS\NuidFltr.sys

10:08:18.0675 4428 NuidFltr - ok

10:08:18.0685 4428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

10:08:18.0695 4428 Null - ok

10:08:18.0705 4428 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys

10:08:18.0715 4428 nusb3hub - ok

10:08:18.0725 4428 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys

10:08:18.0735 4428 nusb3xhc - ok

10:08:18.0755 4428 nvamacpi (7fd5c060cb907489a5702f628226f54a) C:\Windows\system32\drivers\NVAMACPI.sys

10:08:18.0755 4428 nvamacpi - ok

10:08:18.0975 4428 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys

10:08:19.0035 4428 nvlddmkm - ok

10:08:19.0075 4428 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys

10:08:19.0075 4428 nvraid - ok

10:08:19.0115 4428 nvrd64 (694f5e9d9d624d47f432f5b2e66a0528) C:\Windows\system32\drivers\nvrd64.sys

10:08:19.0115 4428 nvrd64 - ok

10:08:19.0135 4428 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\drivers\nvsmu.sys

10:08:19.0135 4428 nvsmu - ok

10:08:19.0175 4428 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys

10:08:19.0175 4428 nvstor - ok

10:08:19.0185 4428 nvstor64 (05de5dc43afe6cab78f9c7ca044cbcbe) C:\Windows\system32\drivers\nvstor64.sys

10:08:19.0195 4428 nvstor64 - ok

10:08:19.0235 4428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

10:08:19.0235 4428 nv_agp - ok

10:08:19.0265 4428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

10:08:19.0265 4428 ohci1394 - ok

10:08:19.0335 4428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

10:08:19.0335 4428 Parport - ok

10:08:19.0355 4428 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

10:08:19.0365 4428 partmgr - ok

10:08:19.0415 4428 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

10:08:19.0425 4428 pccsmcfd - ok

10:08:19.0445 4428 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

10:08:19.0455 4428 pci - ok

10:08:19.0475 4428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

10:08:19.0475 4428 pciide - ok

10:08:19.0495 4428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

10:08:19.0505 4428 pcmcia - ok

10:08:19.0545 4428 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys

10:08:19.0565 4428 pcouffin - ok

10:08:19.0585 4428 PCTBD (7b92f2574a45a99da507a153c7920e8a) C:\Windows\system32\Drivers\PCTBD64.sys

10:08:19.0585 4428 PCTBD - ok

10:08:19.0635 4428 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys

10:08:19.0645 4428 PCTCore - ok

10:08:19.0675 4428 pctDS (00cdbcb3178668c780a0c186b958a433) C:\Windows\system32\drivers\pctDS64.sys

10:08:19.0675 4428 pctDS - ok

10:08:19.0705 4428 pctEFA (6a509ceeb76361d12f0efe28e48f2221) C:\Windows\system32\drivers\pctEFA64.sys

10:08:19.0725 4428 pctEFA - ok

10:08:19.0755 4428 PCTSD (778fddd69020ae21e6c34062bb07a7c9) C:\Windows\system32\Drivers\PCTSD64.sys

10:08:19.0755 4428 PCTSD - ok

10:08:19.0775 4428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

10:08:19.0775 4428 pcw - ok

10:08:19.0805 4428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

10:08:19.0825 4428 PEAUTH - ok

10:08:19.0855 4428 Pnp680 (608a144310828c21ddf745124b10f833) C:\Windows\system32\drivers\pnp680.sys

10:08:19.0855 4428 Pnp680 - ok

10:08:19.0905 4428 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys

10:08:19.0905 4428 Point64 - ok

10:08:19.0965 4428 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

10:08:19.0975 4428 PptpMiniport - ok

10:08:20.0005 4428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

10:08:20.0005 4428 Processor - ok

10:08:20.0045 4428 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

10:08:20.0045 4428 Psched - ok

10:08:20.0105 4428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

10:08:20.0135 4428 ql2300 - ok

10:08:20.0155 4428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

10:08:20.0165 4428 ql40xx - ok

10:08:20.0185 4428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

10:08:20.0185 4428 QWAVEdrv - ok

10:08:20.0205 4428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

10:08:20.0215 4428 RasAcd - ok

10:08:20.0245 4428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:08:20.0255 4428 RasAgileVpn - ok

10:08:20.0275 4428 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:08:20.0275 4428 Rasl2tp - ok

10:08:20.0295 4428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

10:08:20.0305 4428 RasPppoe - ok

10:08:20.0345 4428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

10:08:20.0355 4428 RasSstp - ok

10:08:20.0375 4428 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

10:08:20.0375 4428 rdbss - ok

10:08:20.0395 4428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

10:08:20.0395 4428 rdpbus - ok

10:08:20.0405 4428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:08:20.0415 4428 RDPCDD - ok

10:08:20.0435 4428 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

10:08:20.0435 4428 RDPDR - ok

10:08:20.0475 4428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

10:08:20.0475 4428 RDPENCDD - ok

10:08:20.0495 4428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

10:08:20.0495 4428 RDPREFMP - ok

10:08:20.0545 4428 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

10:08:20.0545 4428 RdpVideoMiniport - ok

10:08:20.0565 4428 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

10:08:20.0565 4428 RDPWD - ok

10:08:20.0585 4428 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

10:08:20.0595 4428 rdyboost - ok

10:08:20.0645 4428 rr172x (c65da638943dcc758b663c9c39470a40) C:\Windows\system32\drivers\rr172x.sys

10:08:20.0655 4428 rr172x - ok

10:08:20.0675 4428 rr174x (20fe64775abdd03d48f32c3c153595ee) C:\Windows\system32\drivers\rr174x.sys

10:08:20.0685 4428 rr174x - ok

10:08:20.0695 4428 rr2210 (74ac0a271e058f095134e73ae3821449) C:\Windows\system32\drivers\rr2210.sys

10:08:20.0705 4428 rr2210 - ok

10:08:20.0725 4428 rr232x (c6972c4a30a8eb089a0dd74b440dbe8e) C:\Windows\system32\drivers\rr232x.sys

10:08:20.0725 4428 rr232x - ok

10:08:20.0745 4428 rr2340 (1853b57cdff4a74616c9bfa36294852c) C:\Windows\system32\drivers\rr2340.sys

10:08:20.0755 4428 rr2340 - ok

10:08:20.0775 4428 rr2522 (690c03513b27ee5cb1678498a0c80338) C:\Windows\system32\drivers\rr2522.sys

10:08:20.0785 4428 rr2522 - ok

10:08:20.0805 4428 rr62x (c508cc13962ecdc08276a32b5210ed1f) C:\Windows\system32\drivers\rr62x.sys

10:08:20.0835 4428 rr62x - ok

10:08:20.0855 4428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

10:08:20.0855 4428 rspndr - ok

10:08:20.0875 4428 RTSTOR (6ef529ede403010e1e7796325e3a4b3d) C:\Windows\system32\drivers\RTSTOR64.SYS

10:08:20.0875 4428 RTSTOR - ok

10:08:20.0895 4428 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

10:08:20.0905 4428 s3cap - ok

10:08:20.0925 4428 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

10:08:20.0925 4428 sbp2port - ok

10:08:20.0955 4428 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

10:08:20.0955 4428 scfilter - ok

10:08:20.0985 4428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

10:08:20.0985 4428 secdrv - ok

10:08:21.0005 4428 Ser2at (210285d5fdfb06fc25f889c7487cd4e2) C:\Windows\system32\drivers\ser2at64.sys

10:08:21.0015 4428 Ser2at - ok

10:08:21.0035 4428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

10:08:21.0035 4428 Serenum - ok

10:08:21.0045 4428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

10:08:21.0045 4428 Serial - ok

10:08:21.0085 4428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

10:08:21.0085 4428 sermouse - ok

10:08:21.0125 4428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

10:08:21.0125 4428 sffdisk - ok

10:08:21.0135 4428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

10:08:21.0145 4428 sffp_mmc - ok

10:08:21.0165 4428 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

10:08:21.0165 4428 sffp_sd - ok

10:08:21.0175 4428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

10:08:21.0175 4428 sfloppy - ok

10:08:21.0195 4428 SI3112r (e2512862265d97db53df788bfa9053a0) C:\Windows\system32\drivers\SI3112r.sys

10:08:21.0195 4428 SI3112r - ok

10:08:21.0215 4428 SI3114 (ca263222eb177e2e48b86d5eaa3ff75a) C:\Windows\system32\drivers\SI3114.sys

10:08:21.0215 4428 SI3114 - ok

10:08:21.0235 4428 SI3114r (4891290048ec8f693fc6df66b9cbddde) C:\Windows\system32\drivers\SI3114R.sys

10:08:21.0235 4428 SI3114r - ok

10:08:21.0245 4428 SI3124 (7fd4f1bb790d21eaeb2101c97178a501) C:\Windows\system32\drivers\SI3124.sys

10:08:21.0245 4428 SI3124 - ok

10:08:21.0275 4428 Si3124r5 (993e75b5952a642d8407ed252efd8d82) C:\Windows\system32\drivers\Si3124r5.sys

10:08:21.0275 4428 Si3124r5 - ok

10:08:21.0285 4428 SI3132 (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\drivers\SI3132.sys

10:08:21.0285 4428 SI3132 - ok

10:08:21.0315 4428 Si3531 (904828d8fb78c353f8ef4e74c75e4534) C:\Windows\system32\drivers\Si3531.sys

10:08:21.0345 4428 Si3531 - ok

10:08:21.0375 4428 SiFilter (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\drivers\SiWinAcc.sys

10:08:21.0375 4428 SiFilter - ok

10:08:21.0395 4428 SiRemFil (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\drivers\SiRemFil.sys

10:08:21.0395 4428 SiRemFil - ok

10:08:21.0415 4428 SISAGP (5ff60b0a945343c05f929379b4089525) C:\Windows\system32\drivers\SISAGPX.sys

10:08:21.0415 4428 SISAGP - ok

10:08:21.0435 4428 SiSRaid2 (c18b076615486eeeebc14aa1bd2162f8) C:\Windows\system32\drivers\SiSRaid2.sys

10:08:21.0445 4428 SiSRaid2 - ok

10:08:21.0465 4428 SiSRaid4 (a836528fa53422956c0dcedb8f58b9ee) C:\Windows\system32\drivers\sisraid4.sys

10:08:21.0465 4428 SiSRaid4 - ok

10:08:21.0495 4428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

10:08:21.0495 4428 Smb - ok

10:08:21.0545 4428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

10:08:21.0545 4428 spldr - ok

10:08:21.0575 4428 srv (2098b8556d1cec2aca9a29cd479e3692) C:\Windows\system32\DRIVERS\srv.sys

10:08:21.0585 4428 srv - ok

10:08:21.0605 4428 srv2 (d0f73a42040f21f92fd314b42ac5c9e7) C:\Windows\system32\DRIVERS\srv2.sys

10:08:21.0615 4428 srv2 - ok

10:08:21.0635 4428 srvnet (2ba8f3250828ccdb4204ecf2c6f40b6a) C:\Windows\system32\DRIVERS\srvnet.sys

10:08:21.0635 4428 srvnet - ok

10:08:21.0765 4428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

10:08:21.0765 4428 stexstor - ok

10:08:21.0785 4428 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

10:08:21.0785 4428 storflt - ok

10:08:21.0815 4428 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

10:08:21.0815 4428 storvsc - ok

10:08:21.0825 4428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

10:08:21.0825 4428 swenum - ok

10:08:21.0865 4428 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\Synth3dVsc.sys

10:08:21.0865 4428 Synth3dVsc - ok

10:08:21.0925 4428 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys

10:08:21.0955 4428 Tcpip - ok

10:08:22.0005 4428 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys

10:08:22.0025 4428 TCPIP6 - ok

10:08:22.0045 4428 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

10:08:22.0045 4428 tcpipreg - ok

10:08:22.0065 4428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

10:08:22.0065 4428 TDPIPE - ok

10:08:22.0085 4428 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

10:08:22.0085 4428 TDTCP - ok

10:08:22.0105 4428 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

10:08:22.0105 4428 tdx - ok

10:08:22.0125 4428 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

10:08:22.0125 4428 TermDD - ok

10:08:22.0145 4428 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys

10:08:22.0145 4428 terminpt - ok

10:08:22.0175 4428 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:08:22.0185 4428 tssecsrv - ok

10:08:22.0195 4428 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

10:08:22.0195 4428 TsUsbFlt - ok

10:08:22.0235 4428 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

10:08:22.0245 4428 TsUsbGD - ok

10:08:22.0275 4428 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys

10:08:22.0285 4428 tsusbhub - ok

10:08:22.0325 4428 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

10:08:22.0335 4428 tunnel - ok

10:08:22.0375 4428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

10:08:22.0375 4428 uagp35 - ok

10:08:22.0415 4428 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

10:08:22.0425 4428 udfs - ok

10:08:22.0475 4428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

10:08:22.0475 4428 uliagpkx - ok

10:08:22.0495 4428 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

10:08:22.0505 4428 umbus - ok

10:08:22.0545 4428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

10:08:22.0545 4428 UmPass - ok

10:08:22.0605 4428 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys

10:08:22.0615 4428 upperdev - ok

10:08:22.0645 4428 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys

10:08:22.0655 4428 usbccgp - ok

10:08:22.0685 4428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

10:08:22.0685 4428 usbcir - ok

10:08:22.0735 4428 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys

10:08:22.0735 4428 usbehci - ok

10:08:22.0765 4428 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys

10:08:22.0775 4428 usbhub - ok

10:08:22.0805 4428 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys

10:08:22.0805 4428 usbohci - ok

10:08:22.0845 4428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

10:08:22.0855 4428 usbprint - ok

10:08:22.0895 4428 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

10:08:22.0895 4428 usbscan - ok

10:08:22.0965 4428 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys

10:08:22.0975 4428 usbser - ok

10:08:22.0995 4428 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys

10:08:23.0005 4428 UsbserFilt - ok

10:08:23.0025 4428 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:08:23.0025 4428 USBSTOR - ok

10:08:23.0045 4428 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

10:08:23.0045 4428 usbuhci - ok

10:08:23.0085 4428 vcrdrx64 (24e1cfd111642df9549c8a0ea50b974c) C:\Windows\system32\drivers\vcrdrx64.sys

10:08:23.0095 4428 vcrdrx64 - ok

10:08:23.0115 4428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

10:08:23.0115 4428 vdrvroot - ok

10:08:23.0145 4428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

10:08:23.0145 4428 vga - ok

10:08:23.0155 4428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

10:08:23.0165 4428 VgaSave - ok

10:08:23.0175 4428 VGPU - ok

10:08:23.0185 4428 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

10:08:23.0195 4428 vhdmp - ok

10:08:23.0215 4428 viaagp1 (8b1ea4185548812d8a4bbb7bf54bf2d5) C:\Windows\system32\drivers\viaagp1.sys

10:08:23.0225 4428 viaagp1 - ok

10:08:23.0235 4428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

10:08:23.0245 4428 viaide - ok

10:08:23.0265 4428 viamrx64 (7c7ae561f4a92bc3b75ffe03d7d5cba2) C:\Windows\system32\drivers\viamrx64.sys

10:08:23.0275 4428 viamrx64 - ok

10:08:23.0285 4428 videX64 (fb2643a01a538c2e4625cde64e51680f) C:\Windows\system32\drivers\videX64.sys

10:08:23.0295 4428 videX64 - ok

10:08:23.0315 4428 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

10:08:23.0325 4428 vmbus - ok

10:08:23.0345 4428 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

10:08:23.0345 4428 VMBusHID - ok

10:08:23.0365 4428 vmci (f4da273db364b14877f28938dcd6c2c3) C:\Windows\system32\drivers\vmci.sys

10:08:23.0375 4428 vmci - ok

10:08:23.0395 4428 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

10:08:23.0395 4428 volmgr - ok

10:08:23.0425 4428 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

10:08:23.0425 4428 volmgrx - ok

10:08:23.0445 4428 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

10:08:23.0455 4428 volsnap - ok

10:08:23.0465 4428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

10:08:23.0475 4428 vsmraid - ok

10:08:23.0495 4428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

10:08:23.0495 4428 vwifibus - ok

10:08:23.0515 4428 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

10:08:23.0515 4428 vwififlt - ok

10:08:23.0545 4428 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

10:08:23.0545 4428 vwifimp - ok

10:08:23.0585 4428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

10:08:23.0585 4428 WacomPen - ok

10:08:23.0605 4428 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:08:23.0605 4428 WANARP - ok

10:08:23.0605 4428 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:08:23.0615 4428 Wanarpv6 - ok

10:08:23.0665 4428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

10:08:23.0675 4428 Wd - ok

10:08:23.0705 4428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

10:08:23.0715 4428 Wdf01000 - ok

10:08:23.0765 4428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

10:08:23.0775 4428 WfpLwf - ok

10:08:23.0795 4428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

10:08:23.0795 4428 WIMMount - ok

10:08:23.0845 4428 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

10:08:23.0855 4428 WinUsb - ok

10:08:23.0915 4428 WmBEnum (7a58ba979f7acb3fc5310c771a1cf155) C:\Windows\system32\drivers\WmBEnum.sys

10:08:23.0915 4428 WmBEnum - ok

10:08:23.0935 4428 WmFilter (8693a75c3ffd4a0c9e32be621fda71fb) C:\Windows\system32\drivers\WmFilter.sys

10:08:23.0945 4428 WmFilter - ok

10:08:23.0965 4428 WmHidLo (e53e1727dadc3192ac63506c3b25f5b0) C:\Windows\system32\drivers\WmHidLo.sys

10:08:23.0965 4428 WmHidLo - ok

10:08:23.0995 4428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

10:08:23.0995 4428 WmiAcpi - ok

10:08:24.0025 4428 WmVirHid (3d9266ccd0f1edb020c7aa24d527942b) C:\Windows\system32\drivers\WmVirHid.sys

10:08:24.0025 4428 WmVirHid - ok

10:08:24.0045 4428 WmXlCore (3cffdf56a00408913b1e51c67f999e2e) C:\Windows\system32\drivers\WmXlCore.sys

10:08:24.0045 4428 WmXlCore - ok

10:08:24.0075 4428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

10:08:24.0075 4428 ws2ifsl - ok

10:08:24.0105 4428 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

10:08:24.0105 4428 WudfPf - ok

10:08:24.0125 4428 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:08:24.0125 4428 WUDFRd - ok

10:08:24.0145 4428 xfiltx64 (fe48ae43d06c1cf6ec1244fa3562d203) C:\Windows\system32\drivers\xfiltx64.sys

10:08:24.0145 4428 xfiltx64 - ok

10:08:24.0155 4428 MBR (0x1B8) (ff7863841677a4309189a975bb59e8c5) \Device\Harddisk0\DR0

10:08:24.0175 4428 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected

10:08:24.0175 4428 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)

10:08:24.0185 4428 Boot (0x1200) (e91e351157cd20b83bacb96235753d0a) \Device\Harddisk0\DR0\Partition0

10:08:24.0185 4428 \Device\Harddisk0\DR0\Partition0 - ok

10:08:24.0215 4428 Boot (0x1200) (36ee9ba9150275eaf75765a0d1427e3a) \Device\Harddisk0\DR0\Partition1

10:08:24.0215 4428 \Device\Harddisk0\DR0\Partition1 - ok

10:08:24.0245 4428 Boot (0x1200) (3429a5336ba18d22c4c9f3c4ff29eee6) \Device\Harddisk0\DR0\Partition2

10:08:24.0255 4428 \Device\Harddisk0\DR0\Partition2 - ok

10:08:24.0255 4428 ============================================================

10:08:24.0255 4428 Scan finished

10:08:24.0255 4428 ============================================================

10:08:24.0265 4216 Detected object count: 1

10:08:24.0265 4216 Actual detected object count: 1

10:08:47.0155 4216 \Device\Harddisk0\DR0 - processing error

10:09:06.0605 4216 \Device\Harddisk0\DR0 - will be restored on reboot

10:09:06.0605 4216 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore

10:09:12.0235 4784 Deinitialize success

Groetjes Hans bedank

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.