virus "vista antispyware 2012"

**enriquejean** · 17 januari 2012, 19:02

Ik kreeg steeds meldingen van "vista antispyware 2012" op mijn laptop. Dit is geen virusscan die op mijn computer is geïnstalleerd. Daarom negeerde ik deze meldingen ook. Toen ik mijn eigen virusscan wilde activeren/ laten scannen kon dit niet, omdat ik gelijk werd doorgewezen naar "vista antispyware 2012".

Daarom heb ik het stappenplan van minatica.be gevolgd. Wil iemand laten weten wat er precies aan de hand is/was met mijn computer en wat ik nog moet doen?

Malwarebytes Log:
Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.0.1800
www.malwarebytes.org

Databaseversie: v2012.01.17.02

Windows Vista Service Pack 2 x86 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 9.0.8112.16421
Gebruiker :: PC_VAN_GEBRUIKE [administrator]

Realtime bescherming: Uitgeschakeld

17-1-2012 17:19:24
mbam-log-2012-01-17 (17-19-24).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 175980
Verstreken tijd: 6 minuut/minuten, 39 seconde

Geheugenprocessen gedetecteerd: 1
C:\Users\Gebruiker\AppData\Local\eyu.exe (Trojan.ExeShell.Gen) -> 808 -> Zal worden verwijderd tijdens het herstarten.

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |DAT317C.tmp.exe (Trojan.FakeAlert) -> Data: C:\Users\GEBRUI~1\AppData\Local\Temp\DAT317C.tmp.e xe -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run |Smad (Trojan.Agent) -> Data: "C:\Users\Gebruiker\AppData\Local\SanctionedMedia\ Smad\Smad.exe" -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 1
HKCR\.exe| (Hijacked.exeFile) -> Slecht: (avap) Goed: (exefile) -> Succesvol in quarantaine geplaatst en gerepareerd.

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 7
C:\Users\Gebruiker\AppData\Local\eyu.exe (Trojan.ExeShell.Gen) -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Gebruiker\AppData\Local\Temp\cnrsemxaow.e xe (Trojan.FakeMS) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Gebruiker\AppData\Local\Temp\msimg32.dll (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Gebruiker\AppData\Local\Temp\omrecnaxsw.e xe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Gebruiker\Downloads\DownloadSetup (49).exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Gebruiker\Local Settings\eyu.exe (Trojan.FakeMS) -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Gebruiker\Local Settings\Application Data\eyu.exe (Trojan.ExeShell.Gen) -> Zal worden verwijderd tijdens het herstarten.

(einde)

HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:33, on 17-1-2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Norman\Npm\Bin\Zlh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp325.exe
C:\Windows\vsnp325.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Norman\Nvc\Bin\Nip.exe
C:\Program Files\Norman\Nvc\Bin\cclaw.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\App lication\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\App lication\chrome.exe
C:\Users\Gebruiker\Downloads\HJT map\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\Ba bylonToolbar.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\Babyl onToolbarTlbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\Windows\vsnp325.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gebruiker\AppData\Local\Google\Update\Go ogleUpdate.exe" /c
O4 - Startup: Mediacontrole PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe
O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 9644 bytes

**Rosty** · 17 januari 2012, 21:15

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Let op!!! Windows Vista & 7 gebruikers dienen TDSSkiller als administrator uit te voeren "Rechtermuisknop uitvoeren als",
Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
Start nu TDSSkiller opnieuw.
Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
Klik op de knop "Start Scan" en volg de instructies.
Wanneer de scan klaar is klik je op de knop "Report".
Selecteer de inhoud (log) en plaats deze in uw volgende bericht.

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
Note: Indien je een waarschuwing krijgt over sptd.sys dan mag je deze 'skippen' deze hoort bij Emulatiesoftware zoals Daemon Tools.

Download ComboFix van één van deze locaties:
Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
Klik hier
Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.
ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.
**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.
Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

Klik op Ja om verder te gaan met het scannen naar malware.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht samen met de log van TDSSkiller.

**enriquejean** · 18 januari 2012, 22:03

Log TDSSkiller:
22:02:54.0506 1784 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
22:02:54.0678 1784 ================================================== ==========
22:02:54.0678 1784 Current date / time: 2012/01/18 22:02:54.0678
22:02:54.0678 1784 SystemInfo:
22:02:54.0678 1784
22:02:54.0678 1784 OS Version: 6.0.6002 ServicePack: 2.0
22:02:54.0678 1784 Product type: Workstation
22:02:54.0678 1784 ComputerName: PC_VAN_GEBRUIKE
22:02:54.0678 1784 UserName: Gebruiker
22:02:54.0678 1784 Windows directory: C:\Windows
22:02:54.0678 1784 System windows directory: C:\Windows
22:02:54.0678 1784 Processor architecture: Intel x86
22:02:54.0678 1784 Number of processors: 2
22:02:54.0678 1784 Page size: 0x1000
22:02:54.0678 1784 Boot type: Safe boot with network
22:02:54.0678 1784 ================================================== ==========
22:02:55.0099 1784 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4BB55, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
22:02:55.0192 1784 Initialize success

Log ComboFix:
ComboFix 12-01-18.04 - Gebruiker 18-01-2012 21:48:21.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3062.2407 [GMT 1:00]
Gestart vanuit: c:\users\Gebruiker\Downloads\ComboFix.exe
AV: Norman Security Suite *Enabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
SP: Norman Security Suite *Enabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-18 to 2012-01-18 ))))))))))))))))))))))))))))))
.
.
2012-01-18 20:57 . 2012-01-18 20:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-18 19:52 . 2012-01-18 20:25 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BA1217B-520C-4C73-9252-2005A61678E8}\offreg.dll
2012-01-17 19:24 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-17 19:24 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-17 19:24 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-17 19:24 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-17 19:24 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-17 19:24 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-17 17:09 . 2012-01-17 17:09 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Insta ller\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-17 17:09 . 2012-01-17 17:09 -------- d-----w- c:\program files\Trend Micro
2012-01-17 16:18 . 2012-01-17 16:18 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes
2012-01-17 16:17 . 2012-01-17 16:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-17 16:17 . 2012-01-17 16:17 -------- d-----w- c:\programdata\Malwarebytes
2012-01-17 16:17 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-17 10:21 . 2012-01-17 10:21 -------- d-----w- c:\windows\nl
2012-01-17 10:16 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BA1217B-520C-4C73-9252-2005A61678E8}\mpengine.dll
2012-01-17 10:15 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2012-01-17 10:15 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2012-01-17 10:15 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-01-16 13:53 . 2012-01-16 13:53 -------- d-----w- c:\users\Gebruiker\AppData\Local\SanctionedMedia
2012-01-11 11:03 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 11:03 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 11:03 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 11:03 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 11:03 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 11:03 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 11:03 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 11:03 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2012-01-18 20:18 . 2008-08-05 00:53 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-01-17 10:15 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\pp crlconfig600.dll
2011-11-23 13:37 . 2011-12-16 17:50 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42 . 2011-12-16 17:49 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-17 12:53 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-17 12:53 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-17 12:53 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-17 12:53 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-28 06:03 . 2011-09-26 08:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-27 08:01 . 2011-12-16 17:50 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01 . 2011-12-16 17:50 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 15:56 . 2011-12-16 17:49 49152 ----a-w- c:\windows\system32\csrsrv.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\AD SMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-18 7737344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2008-02-22 133656]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"SMSERIAL"="sm56hlpr.exe" [2005-05-26 544768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2011-03-22 189824]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Gebruiker\AppData\Roaming\Microsoft\Windo ws\Start Menu\Programs\Startup\
Mediacontrole PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2010-3-8 333088]
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3561352516-3508474791-1394534531-1000]
"EnableNotificationsRef"=dword:00000006
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - 67642976
*NewlyCreated* - ECACHE
*Deregistered* - 67642976
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-15 20:35]
.
2012-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-15 20:35]
.
2012-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3561352516-3508474791-1394534531-1000Core.job
- c:\users\Gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe [2011-10-28 09:20]
.
2012-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3561352516-3508474791-1394534531-1000UA.job
- c:\users\Gebruiker\AppData\Local\Google\Update\Goo gleUpdate.exe [2011-10-28 09:20]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
AddRemove-FoxTab FLV Player - c:\users\Gebruiker\FoxTabFLVPlayer\Uninstall\Unins tall.exe
.
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-18 21:57
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
.
C:\ADSM_PData_0150
.
Scan succesvol afgerond
verborgen bestanden: 1
.
************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3561352516-3508474791-1394534531-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3561352516-3508474791-1394534531-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3561352516-3508474791-1394534531-1000\Software\SecuROM\License information*]
"datasecu"=hex:f9,5b,ac,73,97,56,e0,3a,36,de,7a,76 ,60,51,68,82,99,0f,2a,c9,d7,
62,8e,01,f6,95,4f,1b,16,32,ce,ab,a2,f4,b8,88,01,da ,f8,ac,8c,37,ff,1b,45,a8,\
"rkeysecu"=hex:64,87,57,6f,ff,7b,6d,91,ab,7f,86,19 ,dd,c7,56,f8
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(1228)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
Voltooingstijd: 2012-01-18 21:59:41
ComboFix-quarantined-files.txt 2012-01-18 20:59
.
Pre-Run: 35.519.115.264 bytes beschikbaar
Post-Run: 35.352.158.208 bytes beschikbaar
.
- - End Of File - - 1F59BD9C0E0978E49B78AE6C1F70815A

**enriquejean** · 20 januari 2012, 17:01

Heeft er al weer iemand naar gekeken? Moet er nog iets gebeuren?

**Rosty** · 20 januari 2012, 18:54

Kun je eens de volledige log van TDSSkiller posten aub?

**enriquejean** · 20 januari 2012, 19:02

19:00:02.0023 5216 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
19:00:02.0330 5216 ================================================== ==========
19:00:02.0330 5216 Current date / time: 2012/01/20 19:00:02.0330
19:00:02.0330 5216 SystemInfo:
19:00:02.0330 5216
19:00:02.0330 5216 OS Version: 6.0.6002 ServicePack: 2.0
19:00:02.0330 5216 Product type: Workstation
19:00:02.0331 5216 ComputerName: PC_VAN_GEBRUIKE
19:00:02.0331 5216 UserName: Gebruiker
19:00:02.0331 5216 Windows directory: C:\Windows
19:00:02.0331 5216 System windows directory: C:\Windows
19:00:02.0331 5216 Processor architecture: Intel x86
19:00:02.0331 5216 Number of processors: 2
19:00:02.0331 5216 Page size: 0x1000
19:00:02.0331 5216 Boot type: Normal boot
19:00:02.0331 5216 ================================================== ==========
19:00:04.0042 5216 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4BB55, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
19:00:04.0153 5216 Initialize success
19:00:17.0796 0740 ================================================== ==========
19:00:17.0796 0740 Scan started
19:00:17.0796 0740 Mode: Manual; SigCheck; TDLFS;
19:00:17.0796 0740 ================================================== ==========
19:00:18.0509 0740 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:00:18.0918 0740 ACPI - ok
19:00:19.0108 0740 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:00:19.0315 0740 adp94xx - ok
19:00:19.0493 0740 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:00:19.0666 0740 adpahci - ok
19:00:19.0710 0740 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:00:19.0870 0740 adpu160m - ok
19:00:20.0076 0740 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:00:20.0253 0740 adpu320 - ok
19:00:20.0451 0740 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:00:20.0728 0740 AFD - ok
19:00:20.0862 0740 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:00:20.0962 0740 agp440 - ok
19:00:21.0010 0740 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:00:21.0171 0740 aic78xx - ok
19:00:21.0284 0740 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:00:21.0365 0740 aliide - ok
19:00:21.0470 0740 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:00:21.0579 0740 amdagp - ok
19:00:21.0676 0740 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:00:21.0755 0740 amdide - ok
19:00:21.0812 0740 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:00:22.0097 0740 AmdK7 - ok
19:00:22.0223 0740 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:00:22.0417 0740 AmdK8 - ok
19:00:22.0588 0740 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:00:22.0729 0740 arc - ok
19:00:22.0828 0740 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:00:22.0968 0740 arcsas - ok
19:00:23.0110 0740 AsDsm (4385e371c25c94c804e9d3152bd9e1f7) C:\Windows\system32\drivers\AsDsm.sys
19:00:23.0276 0740 AsDsm - ok
19:00:23.0454 0740 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys
19:00:23.0524 0740 ASMMAP - ok
19:00:23.0671 0740 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:00:23.0842 0740 AsyncMac - ok
19:00:23.0973 0740 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:00:24.0063 0740 atapi - ok
19:00:24.0241 0740 athr (44362605f5fff00c9b7696b47680a8c5) C:\Windows\system32\DRIVERS\athr.sys
19:00:24.0503 0740 athr - ok
19:00:24.0667 0740 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:00:24.0797 0740 Beep - ok
19:00:24.0940 0740 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:00:25.0104 0740 blbdrive - ok
19:00:25.0260 0740 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:00:25.0432 0740 bowser - ok
19:00:25.0582 0740 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:00:25.0784 0740 BrFiltLo - ok
19:00:25.0905 0740 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:00:26.0054 0740 BrFiltUp - ok
19:00:26.0215 0740 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:00:26.0545 0740 Brserid - ok
19:00:26.0668 0740 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:00:26.0906 0740 BrSerWdm - ok
19:00:27.0033 0740 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:00:27.0225 0740 BrUsbMdm - ok
19:00:27.0352 0740 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:00:27.0555 0740 BrUsbSer - ok
19:00:27.0678 0740 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:00:27.0893 0740 BTHMODEM - ok
19:00:28.0062 0740 catchme - ok
19:00:28.0221 0740 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:00:28.0393 0740 cdfs - ok
19:00:28.0555 0740 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:00:28.0744 0740 cdrom - ok
19:00:29.0163 0740 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:00:29.0346 0740 circlass - ok
19:00:29.0591 0740 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:00:29.0787 0740 CLFS - ok
19:00:29.0943 0740 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:00:30.0079 0740 CmBatt - ok
19:00:30.0223 0740 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:00:30.0304 0740 cmdide - ok
19:00:30.0395 0740 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:00:30.0480 0740 Compbatt - ok
19:00:30.0599 0740 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:00:30.0692 0740 crcdisk - ok
19:00:30.0731 0740 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:00:30.0889 0740 Crusoe - ok
19:00:31.0054 0740 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:00:31.0200 0740 DfsC - ok
19:00:31.0375 0740 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:00:31.0476 0740 disk - ok
19:00:31.0640 0740 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
19:00:31.0838 0740 Dot4 - ok
19:00:31.0978 0740 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:00:32.0120 0740 Dot4Print - ok
19:00:32.0260 0740 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
19:00:32.0408 0740 dot4usb - ok
19:00:32.0541 0740 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:00:32.0666 0740 drmkaud - ok
19:00:32.0823 0740 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:00:33.0062 0740 DXGKrnl - ok
19:00:33.0189 0740 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:00:33.0408 0740 E1G60 - ok
19:00:33.0595 0740 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:00:33.0772 0740 Ecache - ok
19:00:34.0023 0740 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:00:34.0205 0740 elxstor - ok
19:00:34.0342 0740 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:00:34.0497 0740 ErrDev - ok
19:00:34.0665 0740 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:00:34.0835 0740 exfat - ok
19:00:34.0964 0740 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:00:35.0082 0740 fastfat - ok
19:00:35.0135 0740 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:00:35.0298 0740 fdc - ok
19:00:35.0447 0740 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:00:35.0557 0740 FileInfo - ok
19:00:35.0589 0740 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:00:35.0738 0740 Filetrace - ok
19:00:35.0884 0740 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:00:36.0043 0740 flpydisk - ok
19:00:36.0187 0740 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:00:36.0354 0740 FltMgr - ok
19:00:36.0511 0740 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:00:36.0632 0740 Fs_Rec - ok
19:00:36.0760 0740 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:00:36.0874 0740 gagp30kx - ok
19:00:37.0022 0740 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:00:37.0107 0740 GEARAspiWDM - ok
19:00:37.0219 0740 ghaio (31b40f40e09513addc460f6a297ad474) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
19:00:37.0296 0740 ghaio - ok
19:00:37.0468 0740 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:00:37.0723 0740 HdAudAddService - ok
19:00:37.0890 0740 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:00:38.0184 0740 HDAudBus - ok
19:00:38.0334 0740 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:00:38.0554 0740 HidBth - ok
19:00:38.0698 0740 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:00:38.0926 0740 HidIr - ok
19:00:39.0097 0740 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:00:39.0296 0740 HidUsb - ok
19:00:39.0447 0740 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:00:39.0592 0740 HpCISSs - ok
19:00:39.0747 0740 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:00:40.0043 0740 HTTP - ok
19:00:40.0172 0740 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:00:40.0284 0740 i2omp - ok
19:00:40.0427 0740 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:00:40.0572 0740 i8042prt - ok
19:00:40.0735 0740 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
19:00:40.0779 0740 iaStor - ok
19:00:40.0842 0740 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:00:41.0030 0740 iaStorV - ok
19:00:41.0262 0740 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:00:41.0944 0740 igfx - ok
19:00:42.0084 0740 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:00:42.0209 0740 iirsp - ok
19:00:42.0443 0740 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
19:00:42.0833 0740 IntcAzAudAddService - ok
19:00:43.0004 0740 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:00:43.0082 0740 intelide - ok
19:00:43.0192 0740 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:00:43.0348 0740 intelppm - ok
19:00:43.0488 0740 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:00:43.0706 0740 IpFilterDriver - ok
19:00:43.0816 0740 IpInIp - ok
19:00:43.0862 0740 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:00:44.0034 0740 IPMIDRV - ok
19:00:44.0174 0740 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:00:44.0393 0740 IPNAT - ok
19:00:44.0533 0740 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:00:44.0674 0740 IRENUM - ok
19:00:44.0814 0740 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:00:44.0923 0740 isapnp - ok
19:00:45.0064 0740 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:00:45.0204 0740 iScsiPrt - ok
19:00:45.0344 0740 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:00:45.0454 0740 iteatapi - ok
19:00:45.0547 0740 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:00:45.0656 0740 iteraid - ok
19:00:45.0734 0740 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:00:45.0844 0740 kbdclass - ok
19:00:45.0968 0740 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
19:00:46.0093 0740 kbdhid - ok
19:00:46.0234 0740 kbfiltr (cc2a86d7bbf14977340dca61bbcba771) C:\Windows\system32\DRIVERS\kbfiltr.sys
19:00:46.0343 0740 kbfiltr - ok
19:00:46.0499 0740 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:00:46.0733 0740 KSecDD - ok
19:00:46.0904 0740 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:00:47.0060 0740 lltdio - ok
19:00:47.0170 0740 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:00:47.0310 0740 LSI_FC - ok
19:00:47.0404 0740 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:00:47.0560 0740 LSI_SAS - ok
19:00:47.0684 0740 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:00:47.0840 0740 LSI_SCSI - ok
19:00:47.0950 0740 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:00:48.0137 0740 luafv - ok
19:00:48.0262 0740 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
19:00:48.0355 0740 MBAMProtector - ok
19:00:48.0464 0740 mchInjDrv (971e5f47b57f182f5a70e118f21a6d64) C:\Program Files\Norman\Npm\Bin\NmchInjDrv.sys
19:00:48.0527 0740 mchInjDrv - ok
19:00:48.0667 0740 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:00:48.0776 0740 megasas - ok
19:00:48.0932 0740 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:00:49.0135 0740 MegaSR - ok
19:00:49.0276 0740 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:00:49.0416 0740 Modem - ok
19:00:49.0541 0740 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:00:49.0712 0740 monitor - ok
19:00:49.0837 0740 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:00:49.0931 0740 mouclass - ok
19:00:50.0009 0740 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:00:50.0149 0740 mouhid - ok
19:00:50.0290 0740 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:00:50.0383 0740 MountMgr - ok
19:00:50.0477 0740 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:00:50.0633 0740 mpio - ok
19:00:50.0711 0740 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:00:50.0898 0740 mpsdrv - ok
19:00:51.0054 0740 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:00:51.0163 0740 Mraid35x - ok
19:00:51.0272 0740 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:00:51.0428 0740 MRxDAV - ok
19:00:51.0569 0740 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:00:51.0818 0740 mrxsmb - ok
19:00:51.0974 0740 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:00:52.0146 0740 mrxsmb10 - ok
19:00:52.0224 0740 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:00:52.0411 0740 mrxsmb20 - ok
19:00:52.0536 0740 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
19:00:52.0645 0740 msahci - ok
19:00:52.0739 0740 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:00:52.0895 0740 msdsm - ok
19:00:53.0004 0740 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:00:53.0129 0740 Msfs - ok
19:00:53.0254 0740 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:00:53.0363 0740 msisadrv - ok
19:00:53.0472 0740 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:00:53.0612 0740 MSKSSRV - ok
19:00:53.0753 0740 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:00:53.0878 0740 MSPCLOCK - ok
19:00:53.0956 0740 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:00:54.0096 0740 MSPQM - ok
19:00:54.0252 0740 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:00:54.0361 0740 MsRPC - ok
19:00:54.0486 0740 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:00:54.0580 0740 mssmbios - ok
19:00:54.0673 0740 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:00:54.0782 0740 MSTEE - ok
19:00:54.0907 0740 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
19:00:55.0001 0740 MTsensor - ok
19:00:55.0094 0740 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:00:55.0204 0740 Mup - ok
19:00:55.0360 0740 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:00:55.0578 0740 NativeWifiP - ok
19:00:55.0750 0740 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:00:55.0999 0740 NDIS - ok
19:00:56.0140 0740 Ndiskio (725123f7aebfef717e3f26b25b149d7a) C:\Program Files\Norman\Nse\Bin\NDISKIO.SYS
19:00:56.0202 0740 Ndiskio - ok
19:00:56.0327 0740 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:00:56.0467 0740 NdisTapi - ok
19:00:56.0592 0740 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:00:56.0732 0740 Ndisuio - ok
19:00:56.0888 0740 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:00:57.0044 0740 NdisWan - ok
19:00:57.0169 0740 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:00:57.0341 0740 NDProxy - ok
19:00:57.0497 0740 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:00:57.0653 0740 NetBIOS - ok
19:00:57.0809 0740 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:00:57.0965 0740 netbt - ok
19:00:58.0121 0740 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:00:58.0230 0740 nfrd960 - ok
19:00:58.0355 0740 NGS (490757522cded90e6af55dab943ba828) c:\program files\norman\ngs\bin\ngs.sys
19:00:58.0433 0740 NGS - ok
19:00:58.0604 0740 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:00:58.0745 0740 Npfs - ok
19:00:58.0854 0740 NPROSEC (cc405124896f8704b76b81bcd84e9427) C:\Program Files\Norman\Ngs\Bin\nprosec.sys
19:00:58.0963 0740 NPROSEC - ok
19:00:59.0057 0740 nregsec (cc0ac51d07884984d04669b496563c95) C:\Program Files\Norman\Ngs\Bin\nregsec.sys
19:00:59.0166 0740 nregsec - ok
19:00:59.0306 0740 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:00:59.0462 0740 nsiproxy - ok
19:00:59.0650 0740 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:01:00.0008 0740 Ntfs - ok
19:01:00.0133 0740 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:01:00.0352 0740 ntrigdigi - ok
19:01:00.0476 0740 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:01:00.0601 0740 Null - ok
19:01:00.0742 0740 NvcMFlt (18930db94d16580767ecee7a48d41b06) C:\Windows\system32\DRIVERS\nvcv32mf.sys
19:01:00.0835 0740 NvcMFlt - ok
19:01:00.0944 0740 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:01:01.0116 0740 nvraid - ok
19:01:01.0241 0740 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:01:01.0350 0740 nvstor - ok
19:01:01.0412 0740 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:01:01.0553 0740 nv_agp - ok
19:01:01.0615 0740 NwlnkFlt - ok
19:01:01.0662 0740 NwlnkFwd - ok
19:01:01.0740 0740 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
19:01:01.0927 0740 ohci1394 - ok
19:01:02.0083 0740 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:01:02.0333 0740 Parport - ok
19:01:02.0520 0740 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:01:02.0629 0740 partmgr - ok
19:01:02.0738 0740 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:01:02.0926 0740 Parvdm - ok
19:01:03.0082 0740 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:01:03.0222 0740 pci - ok
19:01:03.0362 0740 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:01:03.0440 0740 pciide - ok
19:01:03.0581 0740 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
19:01:03.0737 0740 pcmcia - ok
19:01:03.0940 0740 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:01:04.0298 0740 PEAUTH - ok
19:01:04.0517 0740 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:01:04.0704 0740 PptpMiniport - ok
19:01:04.0829 0740 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:01:05.0000 0740 Processor - ok
19:01:05.0156 0740 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:01:05.0328 0740 PSched - ok
19:01:05.0484 0740 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
19:01:05.0624 0740 PxHelp20 - ok
19:01:05.0796 0740 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:01:06.0092 0740 ql2300 - ok
19:01:06.0248 0740 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:01:06.0404 0740 ql40xx - ok
19:01:06.0545 0740 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:01:06.0701 0740 QWAVEdrv - ok
19:01:06.0826 0740 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:01:06.0950 0740 RasAcd - ok
19:01:07.0013 0740 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:07.0216 0740 Rasl2tp - ok
19:01:07.0372 0740 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:07.0528 0740 RasPppoe - ok
19:01:07.0621 0740 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:01:07.0793 0740 RasSstp - ok
19:01:07.0918 0740 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:01:08.0167 0740 rdbss - ok
19:01:08.0292 0740 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:08.0432 0740 RDPCDD - ok
19:01:08.0573 0740 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:01:08.0776 0740 rdpdr - ok
19:01:08.0963 0740 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:01:09.0103 0740 RDPENCDD - ok
19:01:09.0259 0740 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
19:01:09.0478 0740 RDPWD - ok
19:01:09.0618 0740 rimmptsk (c35ca13d3627ebd9dd12a23ce781bc3d) C:\Windows\system32\DRIVERS\rimmptsk.sys
19:01:09.0758 0740 rimmptsk - ok
19:01:09.0883 0740 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:01:10.0008 0740 rimsptsk - ok
19:01:10.0148 0740 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:01:10.0351 0740 rspndr - ok
19:01:10.0476 0740 RTL8023xp (5c5612756b380bcedbf566a780ff9afe) C:\Windows\system32\DRIVERS\Rtnicxp.sys
19:01:10.0648 0740 RTL8023xp - ok
19:01:10.0788 0740 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:01:10.0944 0740 sbp2port - ok
19:01:11.0116 0740 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
19:01:11.0287 0740 sdbus - ok
19:01:11.0443 0740 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:01:11.0646 0740 secdrv - ok
19:01:11.0786 0740 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:01:11.0989 0740 Serenum - ok
19:01:12.0130 0740 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:01:12.0348 0740 Serial - ok
19:01:12.0473 0740 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:01:12.0613 0740 sermouse - ok
19:01:12.0769 0740 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:01:12.0910 0740 sffdisk - ok
19:01:13.0050 0740 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:01:13.0222 0740 sffp_mmc - ok
19:01:13.0362 0740 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:01:13.0502 0740 sffp_sd - ok
19:01:13.0690 0740 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
19:01:13.0924 0740 sfloppy - ok
19:01:14.0532 0740 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:01:14.0657 0740 sisagp - ok
19:01:15.0203 0740 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:01:15.0343 0740 SiSRaid2 - ok
19:01:15.0608 0740 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:01:15.0764 0740 SiSRaid4 - ok
19:01:15.0889 0740 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:01:16.0076 0740 Smb - ok
19:01:16.0232 0740 smserial (34d634366fc57524f5932eaec40e4fcb) C:\Windows\system32\DRIVERS\smserial.sys
19:01:16.0544 0740 smserial - ok
19:01:17.0309 0740 SNP325 (7aec975d1e0fe3b92276b120d05fa065) C:\Windows\system32\DRIVERS\snp325.sys
19:01:18.0401 0740 SNP325 - ok
19:01:18.0541 0740 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:01:18.0635 0740 spldr - ok
19:01:18.0760 0740 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:01:18.0978 0740 srv - ok
19:01:19.0134 0740 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:01:19.0352 0740 srv2 - ok
19:01:19.0493 0740 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:01:19.0680 0740 srvnet - ok
19:01:19.0867 0740 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:01:19.0961 0740 swenum - ok
19:01:20.0086 0740 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:01:20.0210 0740 Symc8xx - ok
19:01:20.0320 0740 SymIM - ok
19:01:20.0366 0740 SymIMMP - ok
19:01:20.0429 0740 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:01:20.0538 0740 Sym_hi - ok
19:01:20.0663 0740 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:01:20.0788 0740 Sym_u3 - ok
19:01:20.0881 0740 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
19:01:21.0053 0740 SynTP - ok
19:01:21.0302 0740 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:01:21.0583 0740 Tcpip - ok
19:01:21.0770 0740 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:01:21.0895 0740 Tcpip6 - ok
19:01:21.0989 0740 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:01:22.0129 0740 tcpipreg - ok
19:01:22.0270 0740 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:01:22.0410 0740 TDPIPE - ok
19:01:22.0504 0740 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:01:22.0660 0740 TDTCP - ok
19:01:22.0784 0740 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:01:22.0956 0740 tdx - ok
19:01:23.0050 0740 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:01:23.0174 0740 TermDD - ok
19:01:23.0315 0740 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:01:23.0471 0740 tssecsrv - ok
19:01:23.0611 0740 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:01:23.0752 0740 tunmp - ok
19:01:23.0892 0740 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:01:24.0032 0740 tunnel - ok
19:01:24.0173 0740 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:01:24.0282 0740 uagp35 - ok
19:01:24.0438 0740 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:01:24.0656 0740 udfs - ok
19:01:24.0812 0740 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:01:24.0922 0740 uliagpkx - ok
19:01:25.0046 0740 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:01:25.0234 0740 uliahci - ok
19:01:25.0296 0740 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:01:25.0468 0740 UlSata - ok
19:01:25.0561 0740 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:01:25.0717 0740 ulsata2 - ok
19:01:25.0795 0740 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:01:25.0936 0740 umbus - ok
19:01:26.0045 0740 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:01:26.0201 0740 usbccgp - ok
19:01:26.0341 0740 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:01:26.0591 0740 usbcir - ok
19:01:26.0731 0740 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:01:26.0903 0740 usbehci - ok
19:01:27.0043 0740 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:01:27.0246 0740 usbhub - ok
19:01:27.0386 0740 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:01:27.0574 0740 usbohci - ok
19:01:27.0683 0740 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:01:27.0823 0740 usbprint - ok
19:01:27.0995 0740 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:01:28.0135 0740 usbscan - ok
19:01:28.0260 0740 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:01:28.0416 0740 USBSTOR - ok
19:01:28.0525 0740 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:01:28.0666 0740 usbuhci - ok
19:01:28.0822 0740 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:01:29.0040 0740 usbvideo - ok
19:01:29.0196 0740 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:01:29.0336 0740 vga - ok
19:01:29.0461 0740 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:01:29.0617 0740 VgaSave - ok
19:01:29.0726 0740 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:01:29.0851 0740 viaagp - ok
19:01:29.0898 0740 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:01:30.0085 0740 ViaC7 - ok
19:01:30.0210 0740 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:01:30.0304 0740 viaide - ok
19:01:30.0444 0740 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:01:30.0538 0740 volmgr - ok
19:01:30.0662 0740 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:01:30.0881 0740 volmgrx - ok
19:01:31.0099 0740 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:01:31.0271 0740 volsnap - ok
19:01:31.0411 0740 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:01:31.0583 0740 vsmraid - ok
19:01:31.0739 0740 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:01:31.0926 0740 WacomPen - ok
19:01:32.0066 0740 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:01:32.0222 0740 Wanarp - ok
19:01:32.0269 0740 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:01:32.0332 0740 Wanarpv6 - ok
19:01:32.0472 0740 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:01:32.0581 0740 Wd - ok
19:01:32.0659 0740 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:01:32.0893 0740 Wdf01000 - ok
19:01:33.0190 0740 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:01:33.0330 0740 WmiAcpi - ok
19:01:33.0517 0740 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:01:33.0642 0740 ws2ifsl - ok
19:01:33.0798 0740 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:01:34.0016 0740 WUDFRd - ok
19:01:34.0172 0740 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
19:01:34.0406 0740 yukonwlh - ok
19:01:34.0438 0740 MBR (0x1B8) (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk0\DR0
19:01:34.0625 0740 \Device\Harddisk0\DR0 - ok
19:01:34.0625 0740 Boot (0x1200) (077325c2757ef32167f29e6756a41bfb) \Device\Harddisk0\DR0\Partition0
19:01:34.0625 0740 \Device\Harddisk0\DR0\Partition0 - ok
19:01:34.0656 0740 Boot (0x1200) (4f09e750af98b778f23b5fdcd9ff4c35) \Device\Harddisk0\DR0\Partition1
19:01:34.0656 0740 \Device\Harddisk0\DR0\Partition1 - ok
19:01:34.0656 0740 ================================================== ==========
19:01:34.0656 0740 Scan finished
19:01:34.0656 0740 ================================================== ==========
19:01:34.0718 5360 Detected object count: 0
19:01:34.0718 5360 Actual detected object count: 0

**Rosty** · 20 januari 2012, 20:10

Nog problemen nu?

**enriquejean** · 21 januari 2012, 11:48

Nee, het is inderdaad opgelost. Hartstikke bedankt!!

**Rosty** · 21 januari 2012, 13:33

Ga naar Start - Uitvoeren
en Geef hier het volgende in: Combofix /Uninstall
Druk daarna op OK.
Als het goed is krijg je dan een melding dat Combofix verwijderd werd.

Voorbeeld:

Discussie: virus "vista antispyware 2012"

Discussietools

Discussie doorzoeken

Weergave

virus "vista antispyware 2012"

De volgende gebruiker bedankt Rosty voor deze nuttige post:

De volgende gebruiker bedankt Rosty voor deze nuttige post:

Discussie informatie

Users Browsing this Thread

Soortgelijke discussies

Virus: "vista antispyware 2012"

vista anti-spyware virus

[Vista] update van Service pack 1 voor vista

Windows Vista een virus?

Vista - AVG Anti-virus

Tags voor deze discussie

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten