Het is nu zo sep 21, 2014 1:59 am

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles




Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 13 berichten ] 
Auteur Bericht
 Berichttitel: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 1:03 pm 
Offline
Lid

Geregistreerd: di aug 12, 2008 6:36 pm
Berichten: 12
Ik heb gisteren een trojan binnengehaald; ik draai win7 met mse.
Mse kon niet meer worden opgestart, en ook malwarebytes bleef dood.
De trojan zelf noemde win7 internet security 2012.
Via een paar omwegen ben ik erin geslaagd om de besmette bestanden te verwijderen. Daarna mse scan & malwarebytes laten scannen en ook hier alles verwijderd. 2 nieuwe scans van bovengenoemde waren clean dus ik nam aan dat alles weer ok was.
Ik merk nu echter dat er nog een paar zaken niet naar behoren functioneren:

- de firewall staat uit en kan niet aangezet worden (error 0x8007042c)
- windows security center kan ook niet worden gestart
- en het allerbelangrijkste: mijn pc is verdwenen uit het thuisnetwerk en delen kan niet worden ingeschakeld (error: afhankelijkheidsservice of groep kan niet worden gestart windows 7)

Hieronder vinden jullie een log van hijackthis in de hoop dat dit mij verder helpt.

Alvast bedankt!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:37:28, on 11-1-2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\GrabIt\GrabIt.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\GrabIt\external\par2\par2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.nl/nwshp?hl=nl&tab=wn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~2\IDA\idaiehlp.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DepositFiles.com BHO - {9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Deposit IE Toolbar - {6AA40521-14E7-4B1D-B1B4-98528C1388C9} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Ontvang alles met FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Ontvang met FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: Download all with DF Manager - {D5AD327A-A089-4F04-89FD-4EA9812B3913} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BB9E810-9756-4615-B608-92B91164EF0A}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BB9E810-9756-4615-B608-92B91164EF0A}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BB9E810-9756-4615-B608-92B91164EF0A}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~4\Office12\GRA32A~1.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Unknown owner - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek87B - Realtek - C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10238 bytes


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 2:05 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: ma aug 10, 2009 11:16 am
Berichten: 12175
Woonplaats: @ the world wide web
Besturingssysteem: Windows 7
Bescherming: EAM & OA
Hoi,

1. Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:
  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

  • Het venster met de vraag of je de "Evaluatie wil starten" mag je in principe weigeren, deze kan je later ook nog inschakelen.
  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


Let op: Het verkeerd gebruik van onderstaande tool kan zeer ernstige niet herstelbare problemen opleveren.
Laat alleen items verwijderen die als malware/infectie worden aangegeven. Items die als suspicious(verdacht) worden aangegeven NOOIT op eigen houtje gaan verwijderen!!!


2. Download TDSSKiller en plaats het op je bureaublad.
  • Pak de bestanden in tdsskiller.zip uit.
  • Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
  • Let op!!! Windows Vista & 7 gebruikers dienen TDSSkiller als administrator uit te voeren "Rechtermuisknop uitvoeren als",
  • Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
    Afbeelding
  • Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
  • Start nu TDSSkiller opnieuw.
  • Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
    Afbeelding
  • Klik op de knop "Start Scan" en volg de instructies.
  • Wanneer de scan klaar is klik je op de knop "Report".
  • Selecteer de inhoud (log) en plaats deze in uw volgende bericht.
Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt


3. Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.


Afbeelding

DDS is een diagnosetool en maakt gebruik van scripts.

Schakel je beveiligings software uit voordat je DDS uitvoert!

Dubbelklik op DDS om de tool te starten.

DDS zal 2 logfiles openen:
* DDS.txt
* Attach.txt


Een scherm vraagt je om beide logjes op te slaan omdat de logjes weg zullen zijn als je ze sluit.
Sla de logjes op bijvoorbeeld op je bureaublad of een andere plaats waar je ze makkelijk terug vind.

Post het DDS.txt logje met je volgende antwoord. De Attach.txt post je alleen wanneer ik hier om vraag.

Plaats het logje van MBAM, TDSSkiller en DDS in het volgende bericht.

Groet Maxstar

_________________
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Malwarepreventie| Installeren van essentiële updates.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 2:55 pm 
Offline
Lid

Geregistreerd: di aug 12, 2008 6:36 pm
Berichten: 12
bedankt voor je aangeboden hulp alvast, de gevraagde logs vind je hieronder:

malwarebytes:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Databaseversie: v2012.01.10.04

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: WINDOWS-764 [administrator]

10-1-2012 19:29:19
mbam-log-2012-01-10 (19-29-19).txt

Scantype: Volledige scan
Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 38178
Verstreken tijd: 1 minuut/minuten, 54 seconde(n) [beëindigd]

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)


tdsskiller:

13:39:49.0595 3152 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
13:39:49.0815 3152 ============================================================
13:39:49.0815 3152 Current date / time: 2012/01/11 13:39:49.0815
13:39:49.0815 3152 SystemInfo:
13:39:49.0815 3152
13:39:49.0815 3152 OS Version: 6.1.7600 ServicePack: 0.0
13:39:49.0815 3152 Product type: Workstation
13:39:49.0815 3152 ComputerName: WINDOWS-764
13:39:49.0815 3152 UserName: user
13:39:49.0815 3152 Windows directory: C:\Windows
13:39:49.0815 3152 System windows directory: C:\Windows
13:39:49.0815 3152 Running under WOW64
13:39:49.0815 3152 Processor architecture: Intel x64
13:39:49.0815 3152 Number of processors: 4
13:39:49.0815 3152 Page size: 0x1000
13:39:49.0815 3152 Boot type: Normal boot
13:39:49.0815 3152 ============================================================
13:39:50.0802 3152 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
13:39:56.0381 3152 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
13:39:56.0435 3152 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:39:56.0508 3152 Initialize success
13:40:21.0780 3140 ============================================================
13:40:21.0780 3140 Scan started
13:40:21.0780 3140 Mode: Manual; SigCheck; TDLFS;
13:40:21.0780 3140 ============================================================
13:40:24.0298 3140 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
13:40:24.0615 3140 1394ohci - ok
13:40:24.0710 3140 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:40:24.0738 3140 ACPI - ok
13:40:24.0765 3140 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:40:24.0841 3140 AcpiPmi - ok
13:40:24.0943 3140 ADIHdAudAddService (4a30fa79f8253134d398251db614e3c9) C:\Windows\system32\drivers\ADIHdAud.sys
13:40:25.0004 3140 ADIHdAudAddService - ok
13:40:25.0113 3140 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:40:25.0157 3140 adp94xx - ok
13:40:25.0183 3140 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:40:25.0225 3140 adpahci - ok
13:40:25.0235 3140 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:40:25.0255 3140 adpu320 - ok
13:40:25.0307 3140 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
13:40:25.0378 3140 AFD - ok
13:40:25.0442 3140 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:40:25.0460 3140 agp440 - ok
13:40:25.0544 3140 ALCXWDM (853ad8bd8ca940d0f5ac2679a6ed439b) C:\Windows\system32\drivers\RTKVAC64.SYS
13:40:25.0711 3140 ALCXWDM - ok
13:40:25.0733 3140 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:40:25.0759 3140 aliide - ok
13:40:25.0795 3140 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:40:25.0811 3140 amdide - ok
13:40:25.0833 3140 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:40:25.0874 3140 AmdK8 - ok
13:40:25.0882 3140 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:40:25.0919 3140 AmdPPM - ok
13:40:25.0953 3140 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
13:40:25.0992 3140 amdsata - ok
13:40:26.0015 3140 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:40:26.0036 3140 amdsbs - ok
13:40:26.0052 3140 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
13:40:26.0068 3140 amdxata - ok
13:40:26.0076 3140 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:40:26.0209 3140 AppID - ok
13:40:26.0224 3140 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:40:26.0253 3140 arc - ok
13:40:26.0261 3140 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:40:26.0278 3140 arcsas - ok
13:40:26.0308 3140 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:40:26.0439 3140 AsyncMac - ok
13:40:26.0460 3140 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:40:26.0476 3140 atapi - ok
13:40:26.0515 3140 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:40:26.0614 3140 b06bdrv - ok
13:40:26.0637 3140 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:40:26.0694 3140 b57nd60a - ok
13:40:26.0714 3140 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:40:26.0770 3140 Beep - ok
13:40:26.0824 3140 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:40:26.0842 3140 blbdrive - ok
13:40:26.0870 3140 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:40:26.0924 3140 bowser - ok
13:40:26.0970 3140 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:40:27.0007 3140 BrFiltLo - ok
13:40:27.0027 3140 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:40:27.0056 3140 BrFiltUp - ok
13:40:27.0092 3140 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:40:27.0166 3140 Brserid - ok
13:40:27.0173 3140 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:40:27.0242 3140 BrSerWdm - ok
13:40:27.0250 3140 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:40:27.0286 3140 BrUsbMdm - ok
13:40:27.0293 3140 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:40:27.0312 3140 BrUsbSer - ok
13:40:27.0331 3140 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:40:27.0364 3140 BTHMODEM - ok
13:40:27.0393 3140 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:40:27.0435 3140 cdfs - ok
13:40:27.0451 3140 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:40:27.0491 3140 cdrom - ok
13:40:27.0501 3140 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:40:27.0524 3140 circlass - ok
13:40:27.0563 3140 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:40:27.0589 3140 CLFS - ok
13:40:27.0600 3140 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:40:27.0620 3140 CmBatt - ok
13:40:27.0634 3140 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:40:27.0649 3140 cmdide - ok
13:40:27.0670 3140 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
13:40:27.0734 3140 CNG - ok
13:40:27.0755 3140 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:40:27.0772 3140 Compbatt - ok
13:40:27.0781 3140 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:40:27.0822 3140 CompositeBus - ok
13:40:27.0847 3140 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:40:27.0872 3140 crcdisk - ok
13:40:27.0907 3140 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
13:40:27.0976 3140 CSC - ok
13:40:28.0016 3140 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:40:28.0091 3140 DfsC - ok
13:40:28.0101 3140 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:40:28.0181 3140 discache - ok
13:40:28.0269 3140 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:40:28.0287 3140 Disk - ok
13:40:28.0309 3140 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:40:28.0339 3140 drmkaud - ok
13:40:28.0392 3140 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:40:28.0439 3140 DXGKrnl - ok
13:40:28.0539 3140 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:40:28.0673 3140 ebdrv - ok
13:40:28.0705 3140 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:40:28.0733 3140 elxstor - ok
13:40:28.0752 3140 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:40:28.0792 3140 ErrDev - ok
13:40:28.0823 3140 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:40:28.0885 3140 exfat - ok
13:40:28.0894 3140 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:40:28.0948 3140 fastfat - ok
13:40:28.0978 3140 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:40:29.0014 3140 fdc - ok
13:40:29.0027 3140 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:40:29.0045 3140 FileInfo - ok
13:40:29.0060 3140 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:40:29.0114 3140 Filetrace - ok
13:40:29.0122 3140 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:40:29.0140 3140 flpydisk - ok
13:40:29.0151 3140 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:40:29.0174 3140 FltMgr - ok
13:40:29.0185 3140 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:40:29.0202 3140 FsDepends - ok
13:40:29.0224 3140 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:40:29.0240 3140 Fs_Rec - ok
13:40:29.0260 3140 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:40:29.0284 3140 fvevol - ok
13:40:29.0292 3140 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:40:29.0325 3140 gagp30kx - ok
13:40:29.0336 3140 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:40:29.0405 3140 hcw85cir - ok
13:40:29.0416 3140 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
13:40:29.0451 3140 HdAudAddService - ok
13:40:29.0478 3140 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:40:29.0516 3140 HDAudBus - ok
13:40:29.0567 3140 HDJCtrl (5e0d14adbf1ba4c4f59554ba933112bc) C:\Windows\system32\Drivers\HDJCtrl.sys
13:40:29.0638 3140 HDJCtrl - ok
13:40:29.0660 3140 HDJMidi (91b8f0f989454a0a21242bb38ea6c408) C:\Windows\system32\DRIVERS\HDJMidi.sys
13:40:29.0707 3140 HDJMidi - ok
13:40:29.0729 3140 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:40:29.0761 3140 HidBatt - ok
13:40:29.0782 3140 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:40:29.0820 3140 HidBth - ok
13:40:29.0869 3140 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:40:29.0908 3140 HidIr - ok
13:40:29.0976 3140 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:40:29.0997 3140 HidUsb - ok
13:40:30.0009 3140 hotcore3 - ok
13:40:30.0052 3140 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:40:30.0080 3140 HpSAMD - ok
13:40:30.0194 3140 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:40:30.0344 3140 HTTP - ok
13:40:30.0415 3140 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:40:30.0431 3140 hwpolicy - ok
13:40:30.0474 3140 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:40:30.0522 3140 i8042prt - ok
13:40:30.0800 3140 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
13:40:30.0826 3140 iaStorV - ok
13:40:30.0906 3140 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:40:30.0922 3140 iirsp - ok
13:40:30.0990 3140 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
13:40:31.0016 3140 intelide - ok
13:40:31.0044 3140 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:40:31.0101 3140 intelppm - ok
13:40:31.0139 3140 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:40:31.0203 3140 IpFilterDriver - ok
13:40:31.0290 3140 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:40:31.0355 3140 IPMIDRV - ok
13:40:31.0399 3140 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:40:31.0456 3140 IPNAT - ok
13:40:31.0537 3140 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:40:32.0477 3140 IRENUM - ok
13:40:33.0357 3140 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
13:40:33.0379 3140 isapnp - ok
13:40:34.0122 3140 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
13:40:34.0157 3140 iScsiPrt - ok
13:40:34.0537 3140 JRAID (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\DRIVERS\jraid.sys
13:40:34.0555 3140 JRAID - ok
13:40:34.0577 3140 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:40:34.0594 3140 kbdclass - ok
13:40:34.0648 3140 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
13:40:34.0680 3140 kbdhid - ok
13:40:34.0707 3140 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
13:40:34.0728 3140 KSecDD - ok
13:40:34.0738 3140 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
13:40:34.0760 3140 KSecPkg - ok
13:40:34.0779 3140 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:40:34.0837 3140 ksthunk - ok
13:40:34.0848 3140 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
13:40:34.0905 3140 L1E - ok
13:40:34.0920 3140 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:40:34.0974 3140 lltdio - ok
13:40:34.0991 3140 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:40:35.0010 3140 LSI_FC - ok
13:40:35.0019 3140 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:40:35.0038 3140 LSI_SAS - ok
13:40:35.0059 3140 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:40:35.0077 3140 LSI_SAS2 - ok
13:40:35.0086 3140 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:40:35.0103 3140 LSI_SCSI - ok
13:40:35.0112 3140 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:40:35.0171 3140 luafv - ok
13:40:35.0178 3140 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:40:35.0195 3140 megasas - ok
13:40:35.0224 3140 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:40:35.0249 3140 MegaSR - ok
13:40:35.0288 3140 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:40:35.0345 3140 Modem - ok
13:40:35.0379 3140 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:40:35.0427 3140 monitor - ok
13:40:35.0435 3140 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:40:35.0455 3140 mouclass - ok
13:40:35.0463 3140 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:40:35.0498 3140 mouhid - ok
13:40:35.0507 3140 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:40:35.0549 3140 mountmgr - ok
13:40:35.0593 3140 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
13:40:35.0615 3140 MpFilter - ok
13:40:35.0624 3140 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
13:40:35.0644 3140 mpio - ok
13:40:35.0706 3140 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
13:40:35.0731 3140 MpNWMon - ok
13:40:35.0887 3140 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:40:35.0937 3140 mpsdrv - ok
13:40:35.0996 3140 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:40:36.0036 3140 MRxDAV - ok
13:40:36.0075 3140 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:40:36.0177 3140 mrxsmb - ok
13:40:36.0211 3140 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:40:36.0253 3140 mrxsmb10 - ok
13:40:36.0293 3140 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:40:36.0326 3140 mrxsmb20 - ok
13:40:36.0353 3140 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
13:40:36.0369 3140 msahci - ok
13:40:36.0397 3140 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
13:40:36.0416 3140 msdsm - ok
13:40:36.0476 3140 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:40:36.0518 3140 Msfs - ok
13:40:36.0540 3140 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:40:36.0614 3140 mshidkmdf - ok
13:40:36.0638 3140 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
13:40:36.0653 3140 msisadrv - ok
13:40:36.0664 3140 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:40:36.0721 3140 MSKSSRV - ok
13:40:36.0750 3140 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:40:36.0806 3140 MSPCLOCK - ok
13:40:36.0813 3140 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:40:36.0862 3140 MSPQM - ok
13:40:36.0876 3140 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:40:36.0899 3140 MsRPC - ok
13:40:36.0930 3140 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:40:36.0950 3140 mssmbios - ok
13:40:36.0969 3140 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:40:37.0042 3140 MSTEE - ok
13:40:37.0057 3140 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:40:37.0087 3140 MTConfig - ok
13:40:37.0118 3140 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
13:40:37.0158 3140 MTsensor - ok
13:40:37.0166 3140 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:40:37.0193 3140 Mup - ok
13:40:37.0221 3140 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:40:37.0258 3140 NativeWifiP - ok
13:40:37.0387 3140 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:40:37.0453 3140 NDIS - ok
13:40:37.0698 3140 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:40:37.0769 3140 NdisCap - ok
13:40:37.0889 3140 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:40:37.0965 3140 NdisTapi - ok
13:40:38.0006 3140 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:40:38.0057 3140 Ndisuio - ok
13:40:38.0103 3140 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:40:38.0242 3140 NdisWan - ok
13:40:38.0366 3140 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:40:38.0408 3140 NDProxy - ok
13:40:38.0428 3140 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:40:38.0507 3140 NetBIOS - ok
13:40:38.0535 3140 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:40:38.0598 3140 NetBT - ok
13:40:38.0726 3140 netr28ux (eed1fbde98cf5f6d5c0c5b27ab1f68ec) C:\Windows\system32\DRIVERS\netr28ux.sys
13:40:38.0797 3140 netr28ux ( UnsignedFile.Multi.Generic ) - warning
13:40:38.0797 3140 netr28ux - detected UnsignedFile.Multi.Generic (1)
13:40:38.0851 3140 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:40:38.0867 3140 nfrd960 - ok
13:40:38.0924 3140 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:40:38.0940 3140 NisDrv - ok
13:40:38.0990 3140 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
13:40:39.0012 3140 NPF - ok
13:40:39.0019 3140 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:40:39.0059 3140 Npfs - ok
13:40:39.0083 3140 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:40:39.0138 3140 nsiproxy - ok
13:40:39.0204 3140 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
13:40:39.0263 3140 Ntfs - ok
13:40:39.0286 3140 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:40:39.0337 3140 Null - ok
13:40:39.0709 3140 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:40:40.0914 3140 nvlddmkm - ok
13:40:41.0011 3140 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
13:40:41.0045 3140 nvraid - ok
13:40:41.0096 3140 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
13:40:41.0115 3140 nvstor - ok
13:40:41.0166 3140 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
13:40:41.0187 3140 ohci1394 - ok
13:40:41.0252 3140 P17 (634347adebc790b8f07654a3ea8034fd) C:\Windows\system32\drivers\P17.sys
13:40:41.0323 3140 P17 - ok
13:40:41.0336 3140 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:40:41.0356 3140 Parport - ok
13:40:41.0375 3140 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:40:41.0393 3140 partmgr - ok
13:40:41.0410 3140 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
13:40:41.0430 3140 pci - ok
13:40:41.0443 3140 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
13:40:41.0458 3140 pciide - ok
13:40:41.0480 3140 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:40:41.0502 3140 pcmcia - ok
13:40:41.0510 3140 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:40:41.0528 3140 pcw - ok
13:40:41.0562 3140 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:40:41.0630 3140 PEAUTH - ok
13:40:41.0678 3140 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:40:41.0738 3140 PptpMiniport - ok
13:40:41.0757 3140 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:40:41.0791 3140 Processor - ok
13:40:41.0822 3140 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:40:41.0879 3140 Psched - ok
13:40:41.0931 3140 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:40:41.0984 3140 ql2300 - ok
13:40:42.0006 3140 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:40:42.0040 3140 ql40xx - ok
13:40:42.0050 3140 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:40:42.0072 3140 QWAVEdrv - ok
13:40:42.0093 3140 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:40:42.0143 3140 RasAcd - ok
13:40:42.0218 3140 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:40:42.0257 3140 RasAgileVpn - ok
13:40:42.0295 3140 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:40:42.0336 3140 Rasl2tp - ok
13:40:42.0381 3140 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:40:42.0431 3140 RasPppoe - ok
13:40:42.0439 3140 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:40:42.0513 3140 RasSstp - ok
13:40:42.0543 3140 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:40:42.0602 3140 rdbss - ok
13:40:42.0610 3140 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:40:42.0631 3140 rdpbus - ok
13:40:42.0653 3140 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:40:42.0703 3140 RDPCDD - ok
13:40:42.0714 3140 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
13:40:42.0778 3140 RDPDR - ok
13:40:42.0786 3140 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:40:42.0835 3140 RDPENCDD - ok
13:40:42.0844 3140 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:40:42.0884 3140 RDPREFMP - ok
13:40:42.0893 3140 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
13:40:42.0939 3140 RDPWD - ok
13:40:42.0949 3140 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
13:40:42.0969 3140 rdyboost - ok
13:40:43.0017 3140 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:40:43.0073 3140 rspndr - ok
13:40:43.0094 3140 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:40:43.0135 3140 RTL8167 - ok
13:40:43.0180 3140 RTL8187 (333224d4d25f9bcca488e08345083e1c) C:\Windows\system32\DRIVERS\rtl8187.sys
13:40:43.0252 3140 RTL8187 - ok
13:40:43.0271 3140 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
13:40:43.0361 3140 s3cap - ok
13:40:43.0372 3140 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
13:40:43.0389 3140 sbp2port - ok
13:40:43.0434 3140 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:40:43.0482 3140 scfilter - ok
13:40:43.0510 3140 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:40:43.0562 3140 secdrv - ok
13:40:43.0591 3140 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:40:43.0609 3140 Serenum - ok
13:40:43.0618 3140 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:40:43.0637 3140 Serial - ok
13:40:43.0659 3140 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:40:43.0693 3140 sermouse - ok
13:40:43.0708 3140 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:40:43.0765 3140 sffdisk - ok
13:40:43.0773 3140 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:40:43.0800 3140 sffp_mmc - ok
13:40:43.0807 3140 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:40:43.0833 3140 sffp_sd - ok
13:40:43.0855 3140 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:40:43.0873 3140 sfloppy - ok
13:40:43.0907 3140 SI3112 (900a3be57b9f061edac9ebd9532fdf23) C:\Windows\system32\DRIVERS\SI3112.sys
13:40:43.0922 3140 SI3112 - ok
13:40:43.0944 3140 Si3132r5 (68ba8f870e3e37646138497950ffa6a1) C:\Windows\system32\DRIVERS\Si3132r5.sys
13:40:43.0993 3140 Si3132r5 - ok
13:40:44.0014 3140 SiFilter (d053f8045c8a556ac985b7c3d38380a9) C:\Windows\system32\DRIVERS\SiWinAcc.sys
13:40:44.0028 3140 SiFilter - ok
13:40:44.0041 3140 SiRemFil (a39a47183fe9ae97544ebf0f41e013f5) C:\Windows\system32\DRIVERS\SiRemFil.sys
13:40:44.0072 3140 SiRemFil - ok
13:40:44.0080 3140 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:40:44.0097 3140 SiSRaid2 - ok
13:40:44.0106 3140 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:40:44.0122 3140 SiSRaid4 - ok
13:40:44.0201 3140 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:40:44.0276 3140 SmartDefragDriver - ok
13:40:44.0332 3140 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:40:44.0442 3140 Smb - ok
13:40:44.0462 3140 speedfan - ok
13:40:44.0474 3140 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:40:44.0490 3140 spldr - ok
13:40:44.0537 3140 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
13:40:44.0537 3140 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
13:40:44.0547 3140 sptd ( LockedFile.Multi.Generic ) - warning
13:40:44.0547 3140 sptd - detected LockedFile.Multi.Generic (1)
13:40:44.0581 3140 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:40:44.0643 3140 srv - ok
13:40:44.0670 3140 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:40:44.0697 3140 srv2 - ok
13:40:44.0711 3140 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:40:44.0748 3140 srvnet - ok
13:40:44.0798 3140 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:40:44.0829 3140 stexstor - ok
13:40:44.0856 3140 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
13:40:44.0873 3140 storflt - ok
13:40:44.0883 3140 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
13:40:44.0912 3140 storvsc - ok
13:40:44.0931 3140 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:40:44.0948 3140 swenum - ok
13:40:45.0021 3140 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
13:40:45.0092 3140 Tcpip - ok
13:40:45.0123 3140 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
13:40:45.0168 3140 TCPIP6 - ok
13:40:45.0187 3140 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:40:45.0241 3140 tcpipreg - ok
13:40:45.0251 3140 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:40:45.0297 3140 TDPIPE - ok
13:40:45.0305 3140 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:40:45.0343 3140 TDTCP - ok
13:40:45.0363 3140 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:40:45.0425 3140 tdx - ok
13:40:45.0433 3140 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
13:40:45.0450 3140 TermDD - ok
13:40:45.0501 3140 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:40:45.0551 3140 tssecsrv - ok
13:40:45.0608 3140 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:40:45.0666 3140 tunnel - ok
13:40:45.0675 3140 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:40:45.0692 3140 uagp35 - ok
13:40:45.0717 3140 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
13:40:45.0772 3140 udfs - ok
13:40:45.0800 3140 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:40:45.0817 3140 uliagpkx - ok
13:40:45.0825 3140 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:40:45.0855 3140 umbus - ok
13:40:45.0888 3140 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:40:45.0905 3140 UmPass - ok
13:40:45.0956 3140 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys
13:40:46.0053 3140 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
13:40:46.0053 3140 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
13:40:46.0064 3140 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
13:40:46.0106 3140 usbaudio - ok
13:40:46.0150 3140 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\drivers\usbccgp.sys
13:40:46.0225 3140 usbccgp - ok
13:40:46.0246 3140 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
13:40:46.0276 3140 usbcir - ok
13:40:46.0304 3140 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
13:40:46.0345 3140 usbehci - ok
13:40:46.0374 3140 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
13:40:46.0413 3140 usbhub - ok
13:40:46.0431 3140 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
13:40:46.0492 3140 usbohci - ok
13:40:46.0514 3140 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:40:46.0552 3140 usbprint - ok
13:40:46.0572 3140 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\drivers\USBSTOR.SYS
13:40:46.0593 3140 USBSTOR - ok
13:40:46.0614 3140 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:40:46.0631 3140 usbuhci - ok
13:40:46.0677 3140 VBoxDrv (6169466b234093d3da6cc3aaef08f7b4) C:\Windows\system32\DRIVERS\VBoxDrv.sys
13:40:46.0717 3140 VBoxDrv - ok
13:40:46.0737 3140 VBoxNetAdp (020120d38b4c79abc05bcd78ea6b3dbc) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
13:40:46.0758 3140 VBoxNetAdp - ok
13:40:46.0775 3140 VBoxNetFlt (53a71ce5b83dc0afd40b39ad75dc4c78) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
13:40:46.0798 3140 VBoxNetFlt - ok
13:40:46.0826 3140 VBoxUSBMon (2b383a1671a08beeb94ecfaec087f6a5) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
13:40:46.0843 3140 VBoxUSBMon - ok
13:40:46.0857 3140 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:40:46.0873 3140 vdrvroot - ok
13:40:46.0908 3140 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:40:46.0943 3140 vga - ok
13:40:46.0950 3140 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:40:46.0990 3140 VgaSave - ok
13:40:47.0016 3140 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
13:40:47.0049 3140 vhdmp - ok
13:40:47.0071 3140 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
13:40:47.0086 3140 viaide - ok
13:40:47.0111 3140 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
13:40:47.0151 3140 vmbus - ok
13:40:47.0171 3140 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
13:40:47.0203 3140 VMBusHID - ok
13:40:47.0229 3140 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
13:40:47.0247 3140 volmgr - ok
13:40:47.0260 3140 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:40:47.0283 3140 volmgrx - ok
13:40:47.0305 3140 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
13:40:47.0329 3140 volsnap - ok
13:40:47.0344 3140 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:40:47.0363 3140 vsmraid - ok
13:40:47.0373 3140 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:40:47.0395 3140 vwifibus - ok
13:40:47.0403 3140 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:40:47.0439 3140 vwififlt - ok
13:40:47.0469 3140 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:40:47.0499 3140 WacomPen - ok
13:40:47.0519 3140 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:47.0581 3140 WANARP - ok
13:40:47.0586 3140 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:47.0627 3140 Wanarpv6 - ok
13:40:47.0654 3140 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:40:47.0670 3140 Wd - ok
13:40:47.0696 3140 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:40:47.0726 3140 Wdf01000 - ok
13:40:47.0746 3140 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:40:47.0785 3140 WfpLwf - ok
13:40:47.0793 3140 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:40:47.0809 3140 WIMMount - ok
13:40:47.0856 3140 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:40:47.0896 3140 WmiAcpi - ok
13:40:47.0915 3140 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:40:47.0964 3140 ws2ifsl - ok
13:40:47.0997 3140 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:40:48.0057 3140 WudfPf - ok
13:40:48.0078 3140 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:40:48.0138 3140 WUDFRd - ok
13:40:48.0175 3140 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
13:40:48.0231 3140 yukonw7 - ok
13:40:48.0254 3140 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
13:40:48.0701 3140 \Device\Harddisk0\DR0 - ok
13:40:48.0726 3140 MBR (0x1B8) (268e378e9f4954c1da06b774eb1a1da8) \Device\Harddisk1\DR1
13:40:49.0156 3140 \Device\Harddisk1\DR1 - ok
13:40:49.0161 3140 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
13:40:49.0258 3140 \Device\Harddisk2\DR2 - ok
13:40:49.0261 3140 Boot (0x1200) (e21cc95341dbf95a24f67520e71123cc) \Device\Harddisk0\DR0\Partition0
13:40:49.0262 3140 \Device\Harddisk0\DR0\Partition0 - ok
13:40:49.0266 3140 Boot (0x1200) (1cbb340d3a5960ad6c490e06b45b113f) \Device\Harddisk1\DR1\Partition0
13:40:49.0267 3140 \Device\Harddisk1\DR1\Partition0 - ok
13:40:49.0269 3140 Boot (0x1200) (78ef1585c8cf150fe51e34f7d0d95ca1) \Device\Harddisk2\DR2\Partition0
13:40:49.0270 3140 \Device\Harddisk2\DR2\Partition0 - ok
13:40:49.0272 3140 ============================================================
13:40:49.0272 3140 Scan finished
13:40:49.0272 3140 ============================================================
13:40:49.0307 2808 Detected object count: 3
13:40:49.0307 2808 Actual detected object count: 3
13:41:18.0335 2808 HKLM\SYSTEM\ControlSet001\services\netr28ux - will be deleted on reboot
13:41:18.0379 2808 HKLM\SYSTEM\ControlSet002\services\netr28ux - will be deleted on reboot
13:41:18.0401 2808 C:\Windows\system32\DRIVERS\netr28ux.sys - will be deleted on reboot
13:41:18.0401 2808 netr28ux ( UnsignedFile.Multi.Generic ) - User select action: Delete
13:41:18.0403 2808 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
13:41:18.0413 2808 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
13:41:18.0415 2808 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
13:41:18.0415 2808 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
13:41:18.0417 2808 HKLM\SYSTEM\ControlSet001\services\UnlockerDriver5 - will be deleted on reboot
13:41:18.0418 2808 HKLM\SYSTEM\ControlSet002\services\UnlockerDriver5 - will be deleted on reboot
13:41:18.0420 2808 C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys - will be deleted on reboot
13:41:18.0420 2808 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Delete


dds:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by user at 13:48:15 on 2012-01-11
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.3071.1677 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\AEADISRV.EXE
C:\Windows\System32\alg.exe
C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWlan.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\GrabIt\GrabIt.exe
C:\temps\TDSSKiller.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://news.google.nl/nwshp?hl=nl&tab=wn
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll
BHO: IE 4.x-6.x BHO for Internet Download Accelerator: {2a646672-9c3a-4c28-9a7a-1fb0f63f28b6} - C:\PROGRA~2\IDA\idaiehlp.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: DepositFiles IE BHO: {9dfe2fe9-cf99-4adf-a28e-9b5adb8dc74f} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - C:\Program Files (x86)\FlashGet\getflash.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
TB: Deposit IE Toolbar: {6aa40521-14e7-4b1d-b1b4-98528c1388c9} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: &Ontvang alles met FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
IE: &Ontvang met FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: Download ALL with IDA
IE: Download with IDA
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C}
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {D5AD327A-A089-4F04-89FD-4EA9812B3913} - {D5AD327A-A089-4F04-89FD-4EA9812B3913} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2BB9E810-9756-4615-B608-92B91164EF0A} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{2BB9E810-9756-4615-B608-92B91164EF0A} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~4\Office12\GRA32A~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL
{000123B4-9B42-4900-B3F7-F4B073EFC214}
{00C6482D-C502-44C8-8409-FCE54AD9C208}
{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{F156768E-81EF-470C-9057-481BA8380DBA}
{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
{6AA40521-14E7-4B1D-B1B4-98528C1388C9}
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}
mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun-x64: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun-x64: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
IE-X64: {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C}
IE-X64: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\89dudths.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\user\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 HerculesDJControlMP3;Hercules DJ Control MP3;C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2011-12-22 20480]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-12-22 2253120]
R2 Realtek87B;Realtek87B;C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [2011-12-22 40960]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\rtl8187.sys --> C:\Windows\system32\DRIVERS\rtl8187.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-1-10 1153368]
S3 HDJCtrl;Hercules DJ Control MP3 Service;C:\Windows\system32\Drivers\HDJCtrl.sys --> C:\Windows\system32\Drivers\HDJCtrl.sys [?]
S3 HDJMidi;Hercules DJ Control MP3 MIDI;C:\Windows\system32\DRIVERS\HDJMidi.sys --> C:\Windows\system32\DRIVERS\HDJMidi.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2012-01-11 12:44:01 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15F77114-DA6F-407A-97D9-C7510838D733}\offreg.dll
2012-01-11 07:17:14 -------- d-----w- C:\Users\user\AppData\Local\{E54E9163-9714-40BF-A85B-E0C0CD1D8925}
2012-01-11 07:17:03 -------- d-----w- C:\Users\user\AppData\Local\{FCE5BAE2-12D3-4F9F-9763-4068004B7848}
2012-01-11 07:15:09 -------- d-----w- C:\Users\user\AppData\Local\Diagnostics
2012-01-10 18:37:35 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-01-10 18:37:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-01-10 18:31:43 388096 ----a-r- C:\Users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-10 18:31:42 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-01-10 15:58:22 917840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{367F6141-9269-412A-9B92-60BE4DE98235}\gapaengine.dll
2012-01-10 15:58:18 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15F77114-DA6F-407A-97D9-C7510838D733}\mpengine.dll
2012-01-10 15:54:36 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-01-10 15:54:27 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-01-10 13:45:02 -------- d-----w- C:\Users\user\AppData\Roaming\ACD Systems
2012-01-10 13:45:02 -------- d-----w- C:\Users\user\AppData\Local\ACD Systems
2012-01-10 13:18:39 -------- d-----w- C:\Users\user\AppData\Local\Alt.Binz
2012-01-10 12:47:16 -------- d-----w- C:\Program Files (x86)\GridinSoft Trojan Killer
2012-01-10 12:19:30 -------- d-----w- C:\Users\user\AppData\Local\SanctionedMedia
2012-01-09 13:04:03 -------- d-----w- C:\Users\user\AppData\Roaming\NewsLeecher
2012-01-09 09:33:12 -------- d-----w- C:\Users\user\AppData\Roaming\GrabIt
2012-01-09 09:10:52 -------- d-----w- C:\Program Files (x86)\GrabIt
2012-01-09 08:07:38 -------- d-----w- C:\Users\user\AppData\Local\{6E6E260F-4078-4805-B3FF-215088CBD76F}
2012-01-09 08:07:27 -------- d-----w- C:\Users\user\AppData\Local\{94DABC84-8A34-4CD7-8C12-2450655DECEE}
2012-01-06 18:38:01 -------- d-----w- C:\Users\user\AppData\Local\{F6695CC5-65DD-40E2-9284-BA5DD3BEE8C2}
2012-01-06 18:37:50 -------- d-----w- C:\Users\user\AppData\Local\{7C987689-0E0D-455F-9330-8C241673683D}
2012-01-06 13:19:50 -------- d-----w- C:\Program Files (x86)\Boilsoft
2012-01-06 12:54:38 -------- d-----w- C:\Program Files (x86)\Boilsoft Video Joiner
2012-01-06 10:18:39 -------- d-----w- C:\Users\user\AppData\Local\TechSmith
2012-01-06 10:17:37 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-01-06 10:00:41 -------- d-----w- C:\Users\user\AppData\Local\Google
2012-01-06 09:54:42 -------- d-----w- C:\Users\user\AppData\Local\Opera
2012-01-05 09:26:24 -------- d-----w- C:\Users\user\AppData\Local\{6EE50A5B-EBD4-42FF-9866-AB763875A121}
2012-01-05 09:26:12 -------- d-----w- C:\Users\user\AppData\Local\{0CB238CE-9D00-42FF-AE08-1841243492BF}
2012-01-03 12:03:54 -------- d-----w- C:\Users\user\AppData\Roaming\Solveig Multimedia
2012-01-03 09:22:58 -------- d-----w- C:\Users\user\AppData\Roaming\Boilsoft
2012-01-02 15:30:59 -------- d-----w- C:\Users\user\AppData\Roaming\IDM
2012-01-02 15:30:44 -------- d-----w- C:\Program Files (x86)\Internet Download Manager
2012-01-02 15:18:15 -------- d-----w- C:\Users\user\AppData\Local\{2932EFB1-B657-4D70-BDFE-B65EC6F02B2D}
2012-01-02 15:18:04 -------- d-----w- C:\Users\user\AppData\Local\{E964F0B0-F21A-4D11-99D9-71BC305A0928}
2012-01-02 08:00:19 -------- d-----w- C:\Users\user\AppData\Local\{14ABC2CC-85F3-456F-ABD9-C48C4725BF70}
2012-01-02 08:00:08 -------- d-----w- C:\Users\user\AppData\Local\{12152699-69B9-41C7-BE9E-A197461096FA}
2011-12-31 15:01:14 -------- d-----w- C:\ProgramData\Soulseek
2011-12-31 14:48:49 -------- d-----w- C:\Users\user\AppData\Local\{2F9285FA-2A09-4485-8115-15994B0C4D73}
2011-12-31 14:48:38 -------- d-----w- C:\Users\user\AppData\Local\{18982981-484D-4E9E-BBF6-06AC51AEC3A9}
2011-12-30 09:46:54 -------- d-----w- C:\Users\user\FileDownloader
2011-12-30 09:46:47 -------- d-----w- C:\ProgramData\FileDownloader
2011-12-30 09:46:43 -------- d-----w- C:\Program Files (x86)\FDN
2011-12-30 09:35:40 52224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{10289AD8-241D-406C-8168-6508B4D257D6}\components\IDfXpCom.dll
2011-12-30 09:35:38 -------- d-----w- C:\Program Files (x86)\DepositFiles
2011-12-30 08:33:19 -------- d-----w- C:\Users\user\AppData\Local\{6E44C36F-4872-4A75-B51C-8789AD09C627}
2011-12-30 08:33:09 -------- d-----w- C:\Users\user\AppData\Local\{93505F3B-7284-4F88-A60C-BC0CB5029A6B}
2011-12-29 08:23:28 -------- d-----w- C:\Users\user\AppData\Local\{8F32F985-BA28-48AF-BAB1-B60C012305B8}
2011-12-29 08:23:18 -------- d-----w- C:\Users\user\AppData\Local\{6AB6F241-E4FA-428E-AB96-9B613E0835B4}
2011-12-28 14:40:51 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2011-12-28 14:34:27 -------- d-----w- C:\Users\user\AppData\Local\{631B66D7-EBDC-410B-B067-2331E04733D0}
2011-12-28 14:34:03 -------- d-----w- C:\Users\user\AppData\Local\{B7E89762-F5AC-4922-A7FF-B69850211513}
2011-12-27 18:51:53 -------- d-----w- C:\Users\user\AppData\Roaming\IObit
2011-12-27 18:51:52 27992 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2011-12-27 18:51:52 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2011-12-27 18:51:50 -------- d-----w- C:\Program Files (x86)\IObit
2011-12-27 12:37:27 -------- d-----w- C:\Users\user\AppData\Roaming\ProgSense
2011-12-27 12:37:24 -------- d-----w- C:\Users\user\AppData\Roaming\GrabPro
2011-12-27 12:37:20 -------- d-----w- C:\Program Files (x86)\Orbitdownloader
2011-12-27 12:33:59 -------- d-----w- C:\Users\user\AppData\Roaming\DMCache
2011-12-27 12:27:58 -------- d-----w- C:\Program Files (x86)\StreamingStar
2011-12-27 11:53:07 -------- d-----w- C:\Windows\PCHEALTH
2011-12-27 11:51:18 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-12-27 11:50:48 -------- d-----w- C:\Users\user\AppData\Local\Microsoft Help
2011-12-27 11:41:54 -------- d-----w- C:\Users\user\AppData\Roaming\DonationCoder
2011-12-27 11:41:30 -------- d-----w- C:\ProgramData\DonationCoder
2011-12-27 11:38:41 49152 ----a-w- C:\Windows\System32\npptools.dll
2011-12-27 11:19:38 -------- d-----w- C:\Users\user\AppData\Local\ElevatedDiagnostics
2011-12-27 09:00:30 -------- d-----w- C:\Users\user\AppData\Local\{26FEC0BC-A314-431B-8006-7E5927E0F607}
2011-12-27 09:00:09 -------- d-----w- C:\Users\user\AppData\Local\{CA4A8D86-E9AF-4A56-8F24-836264B41994}
2011-12-26 09:47:42 -------- d-----w- C:\Users\user\AppData\Local\{C1D4DCA5-5335-4505-A15F-6B0CB9E90B3C}
2011-12-26 09:47:19 -------- d-----w- C:\Users\user\AppData\Local\{E66E8B7D-2EE0-458C-AEEB-C19396057BF3}
2011-12-26 09:47:19 -------- d-----w- C:\Users\user\AppData\Local\{313B71B0-73D4-4B74-B110-1AA0507A1588}
2011-12-25 20:21:10 -------- d-----w- C:\ProgramData\RELOADED
2011-12-25 19:56:38 -------- d--h--w- C:\Windows\msdownld.tmp
2011-12-25 19:56:36 -------- d-----w- C:\Windows\SysWow64\directx
2011-12-23 12:53:40 -------- d-----w- C:\Users\user\AppData\Local\{81979595-581E-4429-8450-4909982A5048}
2011-12-23 12:53:30 -------- d-----w- C:\Users\user\AppData\Local\{66540890-713B-455B-99D8-AC0E510DE4F8}
2011-12-23 12:48:40 -------- d-----w- C:\Users\user\AppData\Local\Windows Live
2011-12-23 07:15:18 -------- d-----w- C:\Users\user\AppData\Local\SKIDROW
2011-12-23 07:15:15 -------- d-----w- C:\Users\user\AppData\Roaming\Sports Interactive
2011-12-23 07:15:15 -------- d-----w- C:\Users\user\AppData\Local\Sports Interactive
2011-12-23 07:08:31 -------- d-----w- C:\Users\user\AppData\Roaming\NVIDIA
2011-12-23 06:11:32 -------- d-----w- C:\ProgramData\Trymedia
2011-12-23 06:06:26 -------- d-----w- C:\Games
2011-12-22 18:50:49 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-12-22 18:03:42 -------- d-----w- C:\Users\user\AppData\Local\Adobe
2011-12-22 17:59:34 -------- d-----w- C:\Downloads Goed
2011-12-22 17:55:25 -------- d-----w- C:\Users\user\AppData\Local\Spotify
2011-12-22 17:54:52 -------- d-----w- C:\Users\user\AppData\Roaming\Spotify
2011-12-22 17:54:11 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2011-12-22 17:54:09 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Toolbar
2011-12-22 17:54:06 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2011-12-22 17:48:57 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2011-12-22 17:48:56 -------- d-----w- C:\Windows\System32\wbem\en-US
2011-12-22 16:50:14 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-12-22 16:50:14 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-12-22 16:47:06 193232 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2011-12-22 16:45:28 -------- d-----w- C:\Users\user\AppData\Roaming\uTorrent
2011-12-22 16:45:20 -------- d-----w- C:\Users\user\AppData\Roaming\Desktopicon
2011-12-22 16:45:20 -------- d-----w- C:\Program Files (x86)\Unlocker
2011-12-22 16:45:12 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2011-12-22 16:44:52 -------- d-----w- C:\Program Files (x86)\SoulseekNS
2011-12-22 16:44:30 -------- d-----w- C:\Program Files (x86)\EchoSub
2011-12-22 16:44:15 -------- d-----w- C:\Program Files\PeerBlock
2011-12-22 16:43:56 -------- d-----w- C:\Users\user\AppData\Roaming\Malwarebytes
2011-12-22 16:43:50 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-22 16:43:49 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-22 16:43:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-22 16:43:31 839680 ----a-w- C:\Windows\SysWow64\lameACM.acm
2011-12-22 16:43:04 -------- d-----w- C:\Program Files (x86)\SpeedFan
2011-12-22 16:42:53 -------- d-----w- C:\Program Files (x86)\Image Grabber II
2011-12-22 16:42:33 -------- d-----w- C:\Users\user\AppData\Roaming\FlashGet
2011-12-22 16:42:20 -------- d-----w- C:\Program Files (x86)\FlashGet
2011-12-22 16:42:10 2433400 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe
2011-12-22 16:41:58 -------- d-----w- C:\Program Files (x86)\Illustrate
2011-12-22 16:40:19 -------- d-----w- C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2011-12-22 16:39:39 -------- d-----w- C:\Program Files (x86)\CCleaner
2011-12-22 16:39:23 -------- d-----w- C:\Program Files (x86)\Audacity
2011-12-22 16:39:11 -------- d-----w- C:\Program Files (x86)\Ant Movie Catalog
2011-12-22 16:38:40 -------- d-----w- C:\Program Files (x86)\AltBinz
2011-12-22 16:38:21 -------- d-----w- C:\Program Files (x86)\WinPcap
2011-12-22 16:38:06 -------- d-----w- C:\Program Files (x86)\URLSnooper2
2011-12-22 16:37:31 -------- d-----w- C:\Program Files (x86)\The GodFather
2011-12-22 16:36:48 249856 ------w- C:\Windows\Setup1.exe
2011-12-22 16:36:46 73216 ----a-w- C:\Windows\ST6UNST.EXE
2011-12-22 16:35:56 -------- d-----w- C:\Program Files (x86)\Solveig Multimedia
2011-12-22 16:35:56 -------- d-----w- C:\Program Files (x86)\Common Files\Solveig Multimedia
2011-12-22 16:33:51 -------- d-----w- C:\Program Files (x86)\mp3cutter
2011-12-22 16:32:48 -------- d-----w- C:\Program Files (x86)\Imagegrabber II.net
2011-12-22 16:32:25 -------- d-----w- C:\Users\user\AppData\Roaming\Image Grabber II.NET
2011-12-22 16:30:00 -------- d-----w- C:\Program Files (x86)\AllMyMovies
2011-12-22 16:25:50 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-12-22 16:24:59 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-12-22 16:23:59 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-12-22 16:22:20 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2011-12-22 16:22:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-12-22 16:22:20 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-12-22 16:22:19 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-12-22 16:22:19 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2011-12-22 16:22:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-12-22 16:22:18 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-12-22 16:22:18 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-12-22 16:19:32 -------- d-----w- C:\Program Files (x86)\VirtualDJ
2011-12-22 16:16:33 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-22 16:13:39 336896 ----a-w- C:\Windows\System32\HDJSeries.cpl
2011-12-22 16:13:35 28672 ----a-w- C:\Windows\System32\drivers\HDJCtrl.sys
2011-12-22 16:13:35 263680 ----a-w- C:\Windows\System32\drivers\HDJAsioK.sys
2011-12-22 16:13:35 240640 ----a-w- C:\Windows\System32\drivers\HDJMidi.sys
2011-12-22 16:13:35 192000 ----a-w- C:\Windows\System32\drivers\HDJBulk.sys
2011-12-22 16:13:35 1721576 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01009.dll
2011-12-22 16:13:35 157696 ----a-w- C:\Windows\System32\hdjcprop.dll
2011-12-22 16:13:35 141312 ----a-w- C:\Windows\SysWow64\hdjcprop.dll
2011-12-22 16:13:34 -------- d-----w- C:\Program Files\Hercules
2011-12-22 16:12:49 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2011-12-22 16:12:35 -------- d-----w- C:\temps
2011-12-22 16:08:31 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-12-22 16:08:25 837952 ----a-w- C:\Windows\System32\easyupdatusapiu64.dll
2011-12-22 16:08:17 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2011-12-22 16:06:09 502784 ----a-w- C:\Windows\System32\hdjapi.dll
2011-12-22 16:06:09 103936 ----a-w- C:\Windows\System32\hrfdongle.dll
2011-12-22 16:06:07 88064 ----a-w- C:\Windows\SysWow64\HRFDongle.dll
2011-12-22 16:06:07 78848 ----a-w- C:\Windows\System32\HerculesDJDevices.dll
2011-12-22 16:06:07 73728 ----a-w- C:\Windows\SysWow64\HDJSAPI.dll
2011-12-22 16:06:07 499712 ----a-w- C:\Windows\SysWow64\HDJAPI.dll
2011-12-22 16:06:07 -------- d-----w- C:\Program Files\Guillemot
2011-12-22 16:05:38 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-12-22 16:04:36 -------- d-----w- C:\Users\user\AppData\Local\Mozilla
2011-12-22 16:01:37 -------- d-----w- C:\NVIDIA
2011-12-22 16:01:26 1828352 ------w- C:\Windows\System32\adi_oal.dll
2011-12-22 16:01:26 1503232 ------w- C:\Windows\SysWow64\adi_oal.dll
2011-12-22 16:01:26 -------- d-----w- C:\Program Files (x86)\Creative
2011-12-22 16:01:19 73728 ----a-w- C:\Windows\SysWow64\sfwave.ocx
2011-12-22 16:01:19 73728 ----a-w- C:\Windows\SysWow64\AEADICom.dll
2011-12-22 16:01:19 58880 ----a-w- C:\Windows\SysWow64\SFFXComm.dll
2011-12-22 16:01:19 102400 ----a-w- C:\Windows\SysWow64\SFBH.dll
2011-12-22 16:01:09 -------- d-----w- C:\ProgramData\SonicFocus
2011-12-22 16:01:09 -------- d-----w- C:\Program Files (x86)\Analog Devices
.
==================== Find3M ====================
.
2011-12-22 16:35:04 15360 -c--a-w- C:\Windows\System32\slwga.dll
2011-12-22 16:35:04 14336 -c--a-w- C:\Windows\SysWow64\slwga.dll
2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys
2011-11-05 05:17:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:30:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-10-26 05:19:07 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-15 06:25:12 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-15 05:48:52 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-10-14 23:54:52 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
============= FINISH: 13:48:57,33 ===============


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 3:12 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: ma aug 10, 2009 11:16 am
Berichten: 12175
Woonplaats: @ the world wide web
Besturingssysteem: Windows 7
Bescherming: EAM & OA
Hoi,

Waarom heb je nou toch die 'items' door TDSSkiller laten verwijderen? :shock:

Let op: Het verkeerd gebruik van onderstaande tool kan zeer ernstige niet herstelbare problemen opleveren.
Laat alleen items verwijderen die als malware/infectie worden aangegeven. Items die als suspicious(verdacht) worden aangegeven NOOIT op eigen houtje gaan verwijderen!!!


13:40:49.0307 2808 Detected object count: 3
13:40:49.0307 2808 Actual detected object count: 3
13:41:18.0335 2808 HKLM\SYSTEM\ControlSet001\services\netr28ux - will be deleted on reboot
13:41:18.0379 2808 HKLM\SYSTEM\ControlSet002\services\netr28ux - will be deleted on reboot
13:41:18.0401 2808 C:\Windows\system32\DRIVERS\netr28ux.sys - will be deleted on reboot
13:41:18.0401 2808 netr28ux ( UnsignedFile.Multi.Generic ) - User select action: Delete
13:41:18.0403 2808 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
13:41:18.0413 2808 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
13:41:18.0415 2808 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
13:41:18.0415 2808 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
13:41:18.0417 2808 HKLM\SYSTEM\ControlSet001\services\UnlockerDriver5 - will be deleted on reboot
13:41:18.0418 2808 HKLM\SYSTEM\ControlSet002\services\UnlockerDriver5 - will be deleted on reboot
13:41:18.0420 2808 C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys - will be deleted on reboot
13:41:18.0420 2808 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Delete

Groet Maxstar

_________________
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Malwarepreventie| Installeren van essentiële updates.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 4:31 pm 
Offline
Lid

Geregistreerd: di aug 12, 2008 6:36 pm
Berichten: 12
oei, kwestie van gewoonte denkik. als er geen weg terug meer is zal ik mij tot plan b moeten wenden en formateren :s.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 4:36 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: ma aug 10, 2009 11:16 am
Berichten: 12175
Woonplaats: @ the world wide web
Besturingssysteem: Windows 7
Bescherming: EAM & OA
Hoi,

Voordat je gaat formatteren kan je beter eerst een systeemherstelpunt terugplaatsen, en het liefst één voordat je geïnfecteerd raakte.
Hierna kunnen we dan nog even verder kijken en het één en andere controleren.

Groet Maxstar

_________________
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Malwarepreventie| Installeren van essentiële updates.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 4:38 pm 
Offline
Lid

Geregistreerd: di aug 12, 2008 6:36 pm
Berichten: 12
had ik al geprobeerd maar ook systeemherstel lijkt niet te werken.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 4:42 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: ma aug 10, 2009 11:16 am
Berichten: 12175
Woonplaats: @ the world wide web
Besturingssysteem: Windows 7
Bescherming: EAM & OA
Hoi,

Ook niet vanuit de veilige modus? en waar gaat dit precies mis?

Groet Maxstar

_________________
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Malwarepreventie| Installeren van essentiële updates.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 4:51 pm 
Offline
Lid

Geregistreerd: di aug 12, 2008 6:36 pm
Berichten: 12
geen idee waar dit misgelopen is; ik maak regelmatig herstelpunt en als ik deze nu wil opvragen zegt hij dat systeemherstel is uitgeschakeld, ik kan het niet meer activeren ook niet vanuit veilige modus.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 5:02 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: ma aug 10, 2009 11:16 am
Berichten: 12175
Woonplaats: @ the world wide web
Besturingssysteem: Windows 7
Bescherming: EAM & OA
Hoi,

Dan gaan we via een omweg even proberen om een systeemherstelpunt terug te zetten, dit kan via je Windows 7 DVD of een aangemaakte recovery DVD.

Via optie 2 in de recovery omgeving kan je dan een systeemherstelpunt kiezen en terug plaatsen.

Groet Maxstar

_________________
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Malwarepreventie| Installeren van essentiële updates.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 5:04 pm 
Offline
Lid

Geregistreerd: di aug 12, 2008 6:36 pm
Berichten: 12
dat gaat wel even duren vrees ik. ik ga zo ie zo eerst zoveel mogelijk backuppen dan. alvast bedankt.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 11, 2012 5:07 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: ma aug 10, 2009 11:16 am
Berichten: 12175
Woonplaats: @ the world wide web
Besturingssysteem: Windows 7
Bescherming: EAM & OA
Hoi,

Het maken van een backup van je belangrijkste bestanden is sowieso een goed idéé.
pengocha schreef:
dat gaat wel even duren vrees ik.

Dat valt wel mee hoor, je hoeft alleen maar te 'booten' van de Windows 7 of de recovery DVD en vanuit daar systeemherstel starten.
Het is geen herstel / repair installatie hoor als je dat misschien denkt.

Groet Maxstar

_________________
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Malwarepreventie| Installeren van essentiële updates.


Omhoog
 Profiel  
 
 Berichttitel: Re: nasleep trojan?
BerichtGeplaatst: wo jan 25, 2012 9:11 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33592
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro

Aangezien er geen reactie meer op dit topic komt, trek ik de conclusie dat het opgelost is en sluit ik hem. Mocht je het topic terug heropent willen hebben kan je mij of één van de andere helpers of moderators een PM sturen.

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
Geef de vorige berichten weer:  Sorteer op  
Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 13 berichten ] 

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles


Wie is er online

Gebruikers op dit forum: Bing [Bot], Yahoo [Bot] en 1 gast


Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum

Ga naar:  
Powered by phpBB® Forum Software © phpBB Group
phpBB.nl Vertaling