Vraag & Antwoord

Beveiliging & privacy

Is resultaat scan's voldoende zekerheid voor schoon systeem

11 antwoorden
  • Hallo, Regelmatig (1a2xmnd) scan ik mijn pc met Panda IS, MBAM, en windows defender draait op de achtergrond. Nooit enige probleem gevonden. In juli draaide ik een online scan met ESET. Hierbij ook geen probleem gevonden. Ik heb al vanaf begin dit jaar Kaspersky TSSD killer gedownload en ook stond er nog een bestand tbv Ares installatie. Alles van Ares had ik al eerder verwijderd. Nu dacht ik vandaag weer eens ESET te draaien. En nu werden er 2 bedreigingen gevonden in het installatie bestand van Kaspersky TSSD en in het installatie bestand van Ares. ESET gaf het volgende aan: -Win32/Toggle programma -variant van Win32/Softonic downloader.A programma In de log stond dat deze resp voorkwam in de genoemde installatiebestanden. De genoemde installatiebestanden stonden er ook al voor de scan met ESET in juli. Toen heb ik geen melding van bedreiging gekregen. De kaspersky had ik gedownload van Softonic.com Ik heb nu een eerdere gemaakt image teruggezet. De kaspersky TSSD en het Ares bestand verwijderd. ESET weer gedraaid en nu is er geen bedreiging gevonden. Nu mijn vraag: Is het resultaat van scan's nu voldoende zekerheid voor schoon systeem? vr.gr. Frans
  • Ik vraag mij af waarom je Kaspersky's TDSSKiller bij Softonic vandaan haalt en niet rechtstreeks bij Kaspersky? Bovendien, heb je wel enig idee wat dit tool doet? Overigens met Panda IS hoeft Windows Defender echt niet op de achtergrond mee te lopen. De aktieve spywarescanner van Panda is sowieso stukken beter. Dus deaktiveer Windows Defender, dan kan deze ook niet conflicteren met Panda. [b:f6a60f19cd]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:f6a60f19cd] [color=#0000FF:f6a60f19cd][list:f6a60f19cd][*:f6a60f19cd]Lees alle instrukties goed door. [*:f6a60f19cd]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:f6a60f19cd]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:f6a60f19cd]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:f6a60f19cd]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:f6a60f19cd]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:f6a60f19cd][/color:f6a60f19cd] [color=#FF0000:f6a60f19cd][b:f6a60f19cd]Stap •1•[/b:f6a60f19cd][/color:f6a60f19cd] [b:f6a60f19cd]Welk programma[/b:f6a60f19cd]: Trend Micro [b:f6a60f19cd]Hijack This Versie 2.0.4[/b:f6a60f19cd] [b:f6a60f19cd]Waarvoor/waarom[/b:f6a60f19cd]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:f6a60f19cd]Moeilijkheidsgraad[/b:f6a60f19cd]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:f6a60f19cd]Download[/b:f6a60f19cd] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:f6a60f19cd]HijackThis Installer[/b:f6a60f19cd][/url] [b:f6a60f19cd]Installatie[/b:f6a60f19cd]: [list:f6a60f19cd][*:f6a60f19cd]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:f6a60f19cd] Gebruikers van [b:f6a60f19cd]Windows Vista[/b:f6a60f19cd] en [b:f6a60f19cd]Windows 7[/b:f6a60f19cd] gaan daarna naar de installatielokatie van HijackThis. [list:f6a60f19cd][*:f6a60f19cd]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen. [*:f6a60f19cd]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren". [*:f6a60f19cd]Als laatste wordt dan nog op [b:f6a60f19cd]Toepassen[/b:f6a60f19cd] en [b:f6a60f19cd]OK[/b:f6a60f19cd] geklikt[/list:u:f6a60f19cd] [b:f6a60f19cd]Hijack This gebruiken[/b:f6a60f19cd]: [list:f6a60f19cd][*:f6a60f19cd]Sluit eerst alle openstaande programma's en de webbrowsers. [*:f6a60f19cd]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:f6a60f19cd][*:f6a60f19cd]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:f6a60f19cd] [*:f6a60f19cd]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:f6a60f19cd]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht. [*:f6a60f19cd]Hierna mag je Hijack This weer sluiten[/list:u:f6a60f19cd] [color=#FF0000:f6a60f19cd][b:f6a60f19cd]Stap •2•[/b:f6a60f19cd][/color:f6a60f19cd] [b:f6a60f19cd]Welk programma[/b:f6a60f19cd]: ComboFix [b:f6a60f19cd]Waarvoor/waarom[/b:f6a60f19cd]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:f6a60f19cd]Moeilijkheidsgraad[/b:f6a60f19cd]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:f6a60f19cd]Downloadlokatie[/b:f6a60f19cd]: Dit programma absoluut naar het bureaublad downloaden! [b:f6a60f19cd]Download ComboFix via één van deze locaties[/b:f6a60f19cd]: [list:f6a60f19cd][*:f6a60f19cd][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:f6a60f19cd]Bleepingcomputer[/b:f6a60f19cd][/url] [*:f6a60f19cd][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:f6a60f19cd]ForoSpyware[/b:f6a60f19cd][/url] [*:f6a60f19cd][url=http://subs.geekstogo.com/ComboFix.exe][b:f6a60f19cd]Geekstogo[/b:f6a60f19cd][/url][/list:u:f6a60f19cd] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:f6a60f19cd]Hier[/b:f6a60f19cd][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:f6a60f19cd]Hier[/b:f6a60f19cd][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:f6a60f19cd]hier[/b:f6a60f19cd][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:f6a60f19cd]Voor alle duidelijkheid nogmaals[/b:f6a60f19cd]: ComboFix dient vanaf het bureaublad gestart te worden. [b:f6a60f19cd]Opmerkingen[/b:f6a60f19cd]: [list:f6a60f19cd][*:f6a60f19cd] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:f6a60f19cd]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:f6a60f19cd]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:f6a60f19cd] [b:f6a60f19cd]ComboFix is opgestart[/b:f6a60f19cd]: [list:f6a60f19cd][*:f6a60f19cd]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:f6a60f19cd]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:f6a60f19cd]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:f6a60f19cd]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:f6a60f19cd]Post de inhoud van dit logbestand in je volgende bericht. [*:f6a60f19cd]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:f6a60f19cd] [b:f6a60f19cd]Belangrijke opmerking[/b:f6a60f19cd]: [list:f6a60f19cd][*:f6a60f19cd][b:f6a60f19cd][color=Red:f6a60f19cd]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:f6a60f19cd][/b:f6a60f19cd] [*:f6a60f19cd][b:f6a60f19cd][color=blue:f6a60f19cd]Illegal operation attempted on a registery key that has been marked for deletion.[/color:f6a60f19cd][/b:f6a60f19cd] [*:f6a60f19cd][b:f6a60f19cd][color=Red:f6a60f19cd]Start dan de computer opnieuw op.[/color:f6a60f19cd][/b:f6a60f19cd][/list:u:f6a60f19cd] [color=#FF0000:f6a60f19cd][b:f6a60f19cd]Stap •3•[/b:f6a60f19cd][/color:f6a60f19cd] [b:f6a60f19cd]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:f6a60f19cd] [list:f6a60f19cd][*:f6a60f19cd] een Hijackthis-log [*:f6a60f19cd] ComboFix-scanlog[/list:u:f6a60f19cd]
  • Hallo Abraham, Waarom tssd vanaf softonic realiseerde ik me ok pas later, dus geen specifieke reden. Het programma scant toch maleware in de root? Ik geef toe dat dit geen kennis van zaken is, meer proberen. De logs zal ik vanmiddag posten. De laptop is nu ingebruik ivm thuiswerk. Vr.gr. Frans
  • Hallo Abraham, Hierbij de log's": Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:21:11, on 23-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2011\WebProxy.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\ApVxdWin.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavBckPT.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telegraaf.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe" O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1139200220-3051285767-1385365787-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1139200220-3051285767-1385365787-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: SRS Premium Sound.lnk = ? O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14196 bytes <<>> ComboFix 11-11-22.03 - Frans en Wies 23-11-2011 12:27:28.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3886.2172 [GMT 1:00] Gestart vanuit: c:\users\Frans en Wies\Desktop\ComboFix.exe AV: Panda Internet Security 2011 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} FW: Panda Personal Firewall 2011 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22} SP: Panda Internet Security 2011 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\FullRemove.exe c:\windows\security\Database\tmp.edb . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-23 to 2011-11-23 )))))))))))))))))))))))))))))) . . 2011-11-23 11:33 . 2011-11-23 11:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-11-23 11:33 . 2011-11-23 11:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-22 12:31 . 2011-11-22 12:31 -------- d-----w- c:\windows\system32\Macromed 2011-11-22 12:23 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B98EE4E6-F740-41D4-9930-1746BFDBB6C7}\mpengine.dll 2011-11-22 12:16 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-22 12:16 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll 2011-11-22 12:15 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-22 12:15 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-22 12:31 . 2011-08-11 20:21 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-03 03:06 . 2011-01-24 11:27 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-09-01 05:24 . 2011-10-12 09:55 2309120 ----a-w- c:\windows\system32\jscript9.dll 2011-09-01 05:17 . 2011-10-12 09:55 1389056 ----a-w- c:\windows\system32\wininet.dll 2011-09-01 05:12 . 2011-10-12 09:55 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-09-01 02:35 . 2011-10-12 09:55 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-09-01 02:28 . 2011-10-12 09:55 1126912 ----a-w- c:\windows\SysWow64\wininet.dll 2011-09-01 02:22 . 2011-10-12 09:55 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-08-31 15:00 . 2011-02-03 17:10 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-27 05:37 . 2011-10-12 09:53 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 05:37 . 2011-10-12 09:53 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-08-27 04:26 . 2011-10-12 09:53 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-08-27 04:26 . 2011-10-12 09:53 233472 ----a-w- c:\windows\SysWow64\oleacc.dll 2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll 2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2011-05-03 487424] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-11-13 210216] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "APVXDWIN"="c:\program files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" [2011-09-05 984576] "SCANINICIO"="c:\program files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe" [2010-06-11 68928] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "MDS_Menu"="c:\program files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-3-27 156952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27 135664] R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27 135664] R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-03-01 3246040] R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot64.sys [x] S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x] S1 ShldFlt;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShldFlt.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm6460.sys [x] S2 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT64.SYS [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys [x] S2 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT64.SYS [x] S2 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetm64.SYS [x] S2 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT64.SYS [x] S2 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETTDI64.SYS [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504] S2 PskSvcRetail;Panda PSK service;c:\program files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe [2010-08-16 28992] S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 5790064] S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 487280] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] S2 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT64.SYS [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 NETIMFLT01060042;PANDA NDIS IM Filter Miniport v1.6.0.42;c:\windows\system32\DRIVERS\n64i1642.sys [x] S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x] S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27 08:25] . 2011-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27 08:25] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.telegraaf.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm Trusted Zone: airmilesshop.nl\www TCP: DhcpNameServer = 192.168.178.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) SafeBoot-SolutoService Toolbar-Locked - (no file) AddRemove-ASUS_N_Series_Screensaver - c:\windows\system32\ASUS_N_Series_Screensaver.scr . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe c:\program files (x86)\PANDA SECURITY\PANDA INTERNET SECURITY 2011\WebProxy.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\program files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe c:\program files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe c:\program files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe c:\program files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe c:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE c:\program files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe c:\program files (x86)\Panda Security\Panda Internet Security 2011\AVENGINE.EXE c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe c:\program files (x86)\CyberLink\Shared files\RichVideo.exe . ************************************************************************** . Voltooingstijd: 2011-11-23 12:39:24 - machine werd herstart ComboFix-quarantined-files.txt 2011-11-23 11:39 . Pre-Run: 83.280.990.208 bytes beschikbaar Post-Run: 83.144.159.232 bytes beschikbaar . - - End Of File - - 053CA1D70A39DB2063640015D64D35E4
  • Hallo Frans, je het volgende doen en laat ook weten hoe jouw Windows inmiddels draait: [[b:94a7c46291]Welk programma[/b:94a7c46291]: Kaspersky [b:94a7c46291]TDSSKiller[/b:94a7c46291] [b:94a7c46291]Waarvoor/waarom[/b:94a7c46291]: Rootkitscanner [b:94a7c46291]Moeilijkheidsgraad[/b:94a7c46291]: geen [b:94a7c46291]Downloadlokatie[/b:94a7c46291]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:94a7c46291]Download[/b:94a7c46291] [b:94a7c46291]TDSSKiller[/b:94a7c46291] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:94a7c46291]hier[/b:94a7c46291][/url]. [b:94a7c46291]Installatie[/b:94a7c46291]: [list:94a7c46291][*:94a7c46291] pak het bestand uit op je bureaublad.[/list:u:94a7c46291] [b:94a7c46291]TDSSKiller gebruiken[/b:94a7c46291]: [list:94a7c46291][*:94a7c46291]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:94a7c46291]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:94a7c46291]Als Administrator uitvoeren[/b:94a7c46291]. [*:94a7c46291]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:94a7c46291] [img:94a7c46291]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:94a7c46291] [list:94a7c46291][*:94a7c46291]Klik vervolgens op de knop [b:94a7c46291]"Start Scan"[/b:94a7c46291] en volg de instructies. [*:94a7c46291] Nadat de scan klaar is klik je op de knop [b:94a7c46291]"Report"[/b:94a7c46291]. [*:94a7c46291]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:94a7c46291][*:94a7c46291][b:94a7c46291]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:94a7c46291] [*:94a7c46291]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:94a7c46291]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:94a7c46291][/list:u:94a7c46291][/list:u:94a7c46291]
  • Hallo Abraham, Windows loopt goed, geen probleem. Hierbij de log van TDSS. 17:22:30.0934 2712 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55 17:22:32.0369 2712 ============================================================ 17:22:32.0369 2712 Current date / time: 2011/11/23 17:22:32.0369 17:22:32.0369 2712 SystemInfo: 17:22:32.0369 2712 17:22:32.0369 2712 OS Version: 6.1.7601 ServicePack: 1.0 17:22:32.0369 2712 Product type: Workstation 17:22:32.0369 2712 ComputerName: FRANSENWIES-PC 17:22:32.0369 2712 UserName: Frans en Wies 17:22:32.0369 2712 Windows directory: C:\Windows 17:22:32.0369 2712 System windows directory: C:\Windows 17:22:32.0369 2712 Running under WOW64 17:22:32.0369 2712 Processor architecture: Intel x64 17:22:32.0369 2712 Number of processors: 4 17:22:32.0369 2712 Page size: 0x1000 17:22:32.0369 2712 Boot type: Normal boot 17:22:32.0369 2712 ============================================================ 17:22:35.0785 2712 Initialize success 17:22:41.0854 6288 ============================================================ 17:22:41.0854 6288 Scan started 17:22:41.0854 6288 Mode: Manual; 17:22:41.0854 6288 ============================================================ 17:22:43.0117 6288 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 17:22:43.0133 6288 1394ohci - ok 17:22:43.0180 6288 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 17:22:43.0195 6288 ACPI - ok 17:22:43.0258 6288 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 17:22:43.0273 6288 AcpiPmi - ok 17:22:43.0367 6288 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 17:22:43.0382 6288 adp94xx - ok 17:22:43.0445 6288 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 17:22:43.0460 6288 adpahci - ok 17:22:43.0554 6288 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 17:22:43.0570 6288 adpu320 - ok 17:22:43.0710 6288 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys 17:22:43.0726 6288 afcdp - ok 17:22:43.0960 6288 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 17:22:44.0318 6288 AFD - ok 17:22:44.0490 6288 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 17:22:44.0490 6288 agp440 - ok 17:22:44.0677 6288 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 17:22:44.0677 6288 aliide - ok 17:22:44.0724 6288 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 17:22:44.0724 6288 amdide - ok 17:22:44.0786 6288 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 17:22:44.0802 6288 AmdK8 - ok 17:22:44.0818 6288 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 17:22:44.0833 6288 AmdPPM - ok 17:22:44.0864 6288 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 17:22:44.0864 6288 amdsata - ok 17:22:44.0911 6288 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 17:22:45.0286 6288 amdsbs - ok 17:22:45.0379 6288 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 17:22:45.0379 6288 amdxata - ok 17:22:45.0442 6288 AmFSM (71336e77f98a65efaaeb950902611d3f) C:\Windows\system32\DRIVERS\amm6460.sys 17:22:45.0457 6288 AmFSM - ok 17:22:45.0551 6288 APPFLT (e86908bfe8b20bb8a30e4737ce3284da) C:\Windows\system32\Drivers\APPFLT64.SYS 17:22:45.0566 6288 APPFLT - ok 17:22:45.0660 6288 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 17:22:45.0676 6288 AppID - ok 17:22:45.0769 6288 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 17:22:45.0785 6288 arc - ok 17:22:45.0800 6288 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 17:22:45.0800 6288 arcsas - ok 17:22:45.0863 6288 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 17:22:45.0878 6288 ASMMAP64 - ok 17:22:45.0925 6288 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 17:22:45.0925 6288 AsyncMac - ok 17:22:45.0972 6288 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 17:22:45.0972 6288 atapi - ok 17:22:46.0034 6288 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 17:22:46.0112 6288 athr - ok 17:22:46.0268 6288 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 17:22:46.0612 6288 b06bdrv - ok 17:22:46.0768 6288 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 17:22:46.0783 6288 b57nd60a - ok 17:22:46.0814 6288 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 17:22:46.0830 6288 Beep - ok 17:22:46.0939 6288 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 17:22:46.0939 6288 blbdrive - ok 17:22:47.0002 6288 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 17:22:47.0002 6288 bowser - ok 17:22:47.0080 6288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 17:22:47.0080 6288 BrFiltLo - ok 17:22:47.0142 6288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 17:22:47.0142 6288 BrFiltUp - ok 17:22:47.0236 6288 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 17:22:47.0251 6288 Brserid - ok 17:22:47.0282 6288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 17:22:47.0298 6288 BrSerWdm - ok 17:22:47.0345 6288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 17:22:47.0345 6288 BrUsbMdm - ok 17:22:47.0392 6288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 17:22:47.0407 6288 BrUsbSer - ok 17:22:47.0470 6288 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 17:22:47.0470 6288 BTHMODEM - ok 17:22:47.0548 6288 catchme - ok 17:22:47.0657 6288 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 17:22:47.0672 6288 cdfs - ok 17:22:47.0719 6288 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 17:22:47.0735 6288 cdrom - ok 17:22:47.0875 6288 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 17:22:47.0875 6288 circlass - ok 17:22:47.0938 6288 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 17:22:47.0953 6288 CLFS - ok 17:22:48.0094 6288 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 17:22:48.0094 6288 CmBatt - ok 17:22:48.0125 6288 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 17:22:48.0125 6288 cmdide - ok 17:22:48.0187 6288 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 17:22:48.0203 6288 CNG - ok 17:22:48.0312 6288 ComFiltr (8a64c45f467fb30c47a30ae2819ddd62) C:\Windows\system32\DRIVERS\COMFiltr.sys 17:22:48.0312 6288 ComFiltr - ok 17:22:48.0374 6288 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 17:22:48.0374 6288 Compbatt - ok 17:22:48.0421 6288 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 17:22:48.0421 6288 CompositeBus - ok 17:22:48.0452 6288 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 17:22:48.0468 6288 crcdisk - ok 17:22:48.0515 6288 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys 17:22:48.0530 6288 CVirtA - ok 17:22:48.0655 6288 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys 17:22:48.0983 6288 CVPNDRVA - ok 17:22:49.0264 6288 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 17:22:49.0264 6288 DfsC - ok 17:22:49.0388 6288 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 17:22:49.0388 6288 discache - ok 17:22:49.0435 6288 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 17:22:49.0451 6288 Disk - ok 17:22:49.0498 6288 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 17:22:49.0498 6288 DNE - ok 17:22:49.0654 6288 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 17:22:49.0669 6288 drmkaud - ok 17:22:49.0700 6288 DSAFLT (64648b677d5005749f2fe412254512b7) C:\Windows\system32\Drivers\DSAFLT64.SYS 17:22:49.0700 6288 DSAFLT - ok 17:22:49.0763 6288 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 17:22:49.0778 6288 DXGKrnl - ok 17:22:49.0903 6288 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 17:22:50.0044 6288 ebdrv - ok 17:22:50.0215 6288 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 17:22:50.0231 6288 elxstor - ok 17:22:50.0262 6288 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 17:22:50.0262 6288 ErrDev - ok 17:22:50.0324 6288 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys 17:22:50.0324 6288 ETD - ok 17:22:50.0356 6288 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 17:22:50.0371 6288 exfat - ok 17:22:50.0402 6288 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 17:22:50.0402 6288 fastfat - ok 17:22:50.0449 6288 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 17:22:50.0449 6288 fdc - ok 17:22:50.0496 6288 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 17:22:50.0496 6288 FileInfo - ok 17:22:50.0527 6288 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 17:22:50.0527 6288 Filetrace - ok 17:22:50.0574 6288 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 17:22:50.0590 6288 flpydisk - ok 17:22:50.0621 6288 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 17:22:50.0636 6288 FltMgr - ok 17:22:50.0668 6288 FNETMON (50c6c310a98108a94e985fd46b4e150c) C:\Windows\system32\Drivers\fnetm64.SYS 17:22:50.0668 6288 FNETMON - ok 17:22:50.0714 6288 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 17:22:50.0730 6288 FsDepends - ok 17:22:50.0777 6288 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 17:22:50.0777 6288 fssfltr - ok 17:22:50.0824 6288 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 17:22:50.0824 6288 Fs_Rec - ok 17:22:50.0870 6288 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 17:22:50.0886 6288 fvevol - ok 17:22:50.0917 6288 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 17:22:50.0917 6288 gagp30kx - ok 17:22:51.0073 6288 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 17:22:51.0089 6288 hcw85cir - ok 17:22:51.0151 6288 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 17:22:51.0167 6288 HdAudAddService - ok 17:22:51.0229 6288 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 17:22:51.0229 6288 HDAudBus - ok 17:22:51.0276 6288 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 17:22:51.0292 6288 HECIx64 - ok 17:22:51.0307 6288 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 17:22:51.0323 6288 HidBatt - ok 17:22:51.0338 6288 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 17:22:51.0354 6288 HidBth - ok 17:22:51.0370 6288 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 17:22:51.0385 6288 HidIr - ok 17:22:51.0448 6288 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 17:22:51.0448 6288 HidUsb - ok 17:22:51.0557 6288 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 17:22:51.0572 6288 HpSAMD - ok 17:22:51.0635 6288 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 17:22:51.0994 6288 HTTP - ok 17:22:52.0150 6288 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 17:22:52.0150 6288 hwpolicy - ok 17:22:52.0259 6288 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 17:22:52.0274 6288 i8042prt - ok 17:22:52.0321 6288 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys 17:22:52.0321 6288 iaStor - ok 17:22:52.0430 6288 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 17:22:52.0805 6288 iaStorV - ok 17:22:52.0898 6288 IDSFLT (731791f5391083f0cc8cb5a00bbd5e89) C:\Windows\system32\Drivers\IDSFLT64.SYS 17:22:53.0195 6288 IDSFLT - ok 17:22:53.0600 6288 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys 17:22:53.0990 6288 igfx - ok 17:22:54.0100 6288 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 17:22:54.0443 6288 iirsp - ok 17:22:54.0599 6288 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys 17:22:54.0599 6288 Impcd - ok 17:22:54.0755 6288 IntcAzAudAddService (53019327813ff5ab2964b33b2c61307c) C:\Windows\system32\drivers\RTKVHD64.sys 17:22:54.0786 6288 IntcAzAudAddService - ok 17:22:54.0833 6288 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys 17:22:54.0848 6288 IntcDAud - ok 17:22:54.0864 6288 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 17:22:54.0880 6288 intelide - ok 17:22:54.0926 6288 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 17:22:54.0926 6288 intelppm - ok 17:22:54.0973 6288 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:22:55.0363 6288 IpFilterDriver - ok 17:22:55.0441 6288 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 17:22:55.0441 6288 IPMIDRV - ok 17:22:55.0472 6288 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 17:22:55.0784 6288 IPNAT - ok 17:22:55.0972 6288 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 17:22:55.0987 6288 IRENUM - ok 17:22:56.0018 6288 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 17:22:56.0018 6288 isapnp - ok 17:22:56.0050 6288 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 17:22:56.0065 6288 iScsiPrt - ok 17:22:56.0096 6288 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 17:22:56.0096 6288 kbdclass - ok 17:22:56.0143 6288 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 17:22:56.0159 6288 kbdhid - ok 17:22:56.0190 6288 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 17:22:56.0190 6288 kbfiltr - ok 17:22:56.0237 6288 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 17:22:56.0237 6288 KSecDD - ok 17:22:56.0268 6288 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 17:22:56.0284 6288 KSecPkg - ok 17:22:56.0315 6288 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 17:22:56.0315 6288 ksthunk - ok 17:22:56.0393 6288 L1C (b4a3a05b0f9c81d098b96ab6aa915042) C:\Windows\system32\DRIVERS\L1C62x64.sys 17:22:56.0393 6288 L1C - ok 17:22:56.0440 6288 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 17:22:56.0455 6288 lltdio - ok 17:22:56.0674 6288 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 17:22:56.0674 6288 LSI_FC - ok 17:22:56.0720 6288 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 17:22:56.0736 6288 LSI_SAS - ok 17:22:56.0814 6288 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 17:22:56.0814 6288 LSI_SAS2 - ok 17:22:56.0845 6288 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 17:22:56.0861 6288 LSI_SCSI - ok 17:22:56.0892 6288 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 17:22:56.0892 6288 luafv - ok 17:22:56.0939 6288 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys 17:22:56.0954 6288 lullaby - ok 17:22:57.0001 6288 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 17:22:57.0001 6288 megasas - ok 17:22:57.0032 6288 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 17:22:57.0329 6288 MegaSR - ok 17:22:57.0376 6288 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 17:22:57.0376 6288 Modem - ok 17:22:57.0407 6288 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 17:22:57.0407 6288 monitor - ok 17:22:57.0438 6288 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 17:22:57.0438 6288 mouclass - ok 17:22:57.0563 6288 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 17:22:57.0563 6288 mouhid - ok 17:22:57.0610 6288 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 17:22:57.0625 6288 mountmgr - ok 17:22:57.0688 6288 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 17:22:57.0703 6288 mpio - ok 17:22:57.0750 6288 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 17:22:57.0766 6288 mpsdrv - ok 17:22:57.0844 6288 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 17:22:57.0844 6288 MRxDAV - ok 17:22:57.0953 6288 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 17:22:57.0968 6288 mrxsmb - ok 17:22:58.0015 6288 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:22:58.0031 6288 mrxsmb10 - ok 17:22:58.0062 6288 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:22:58.0078 6288 mrxsmb20 - ok 17:22:58.0140 6288 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 17:22:58.0140 6288 msahci - ok 17:22:58.0187 6288 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 17:22:58.0187 6288 msdsm - ok 17:22:58.0312 6288 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 17:22:58.0312 6288 Msfs - ok 17:22:58.0343 6288 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 17:22:58.0343 6288 mshidkmdf - ok 17:22:58.0390 6288 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 17:22:58.0405 6288 msisadrv - ok 17:22:58.0561 6288 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 17:22:58.0561 6288 MSKSSRV - ok 17:22:58.0608 6288 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 17:22:58.0608 6288 MSPCLOCK - ok 17:22:58.0702 6288 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 17:22:58.0717 6288 MSPQM - ok 17:22:58.0780 6288 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 17:22:58.0780 6288 MsRPC - ok 17:22:58.0858 6288 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 17:22:58.0858 6288 mssmbios - ok 17:22:58.0951 6288 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 17:22:58.0967 6288 MSTEE - ok 17:22:58.0982 6288 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 17:22:58.0982 6288 MTConfig - ok 17:22:59.0076 6288 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys 17:22:59.0076 6288 MTsensor - ok 17:22:59.0123 6288 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 17:22:59.0123 6288 Mup - ok 17:22:59.0248 6288 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 17:22:59.0263 6288 NativeWifiP - ok 17:22:59.0326 6288 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 17:22:59.0357 6288 NDIS - ok 17:22:59.0466 6288 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 17:22:59.0466 6288 NdisCap - ok 17:22:59.0528 6288 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 17:22:59.0544 6288 NdisTapi - ok 17:22:59.0638 6288 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 17:22:59.0638 6288 Ndisuio - ok 17:22:59.0700 6288 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 17:22:59.0716 6288 NdisWan - ok 17:22:59.0762 6288 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 17:22:59.0778 6288 NDProxy - ok 17:22:59.0825 6288 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 17:22:59.0825 6288 NetBIOS - ok 17:22:59.0872 6288 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 17:22:59.0887 6288 NetBT - ok 17:22:59.0934 6288 NETFLTDI (ba99a34a9b5eb737ce54bc0a7c596609) C:\Windows\system32\Drivers\NETTDI64.SYS 17:23:00.0230 6288 NETFLTDI - ok 17:23:00.0246 6288 NETIMFLT01060042 (4d69ebc1a362d392226662560cb8a8b0) C:\Windows\system32\DRIVERS\n64i1642.sys 17:23:00.0246 6288 NETIMFLT01060042 - ok 17:23:00.0355 6288 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 17:23:00.0371 6288 nfrd960 - ok 17:23:00.0418 6288 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 17:23:00.0433 6288 Npfs - ok 17:23:00.0464 6288 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 17:23:00.0464 6288 nsiproxy - ok 17:23:00.0558 6288 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 17:23:01.0073 6288 Ntfs - ok 17:23:01.0166 6288 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 17:23:01.0182 6288 Null - ok 17:23:01.0478 6288 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys 17:23:01.0775 6288 nvlddmkm - ok 17:23:01.0884 6288 nvpciflt (88b625725a297e638b8bc55334d75020) C:\Windows\system32\DRIVERS\nvpciflt.sys 17:23:01.0884 6288 nvpciflt - ok 17:23:01.0931 6288 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 17:23:01.0946 6288 nvraid - ok 17:23:01.0978 6288 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 17:23:01.0993 6288 nvstor - ok 17:23:02.0087 6288 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 17:23:02.0102 6288 nv_agp - ok 17:23:02.0149 6288 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 17:23:02.0165 6288 ohci1394 - ok 17:23:02.0243 6288 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 17:23:02.0243 6288 Parport - ok 17:23:02.0290 6288 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 17:23:02.0290 6288 partmgr - ok 17:23:02.0336 6288 pavboot (337a81b3ff34f9851d245d42a725fc22) C:\Windows\system32\Drivers\pavboot64.sys 17:23:02.0352 6288 pavboot - ok 17:23:02.0446 6288 PavTPK.sys - ok 17:23:02.0539 6288 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 17:23:02.0539 6288 pci - ok 17:23:02.0617 6288 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 17:23:02.0617 6288 pciide - ok 17:23:02.0664 6288 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 17:23:02.0680 6288 pcmcia - ok 17:23:02.0789 6288 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 17:23:02.0789 6288 pcw - ok 17:23:02.0820 6288 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 17:23:02.0851 6288 PEAUTH - ok 17:23:03.0023 6288 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 17:23:03.0038 6288 PptpMiniport - ok 17:23:03.0085 6288 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 17:23:03.0085 6288 Processor - ok 17:23:03.0116 6288 Prot6Flt - ok 17:23:03.0179 6288 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 17:23:03.0179 6288 Psched - ok 17:23:03.0319 6288 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 17:23:03.0772 6288 ql2300 - ok 17:23:03.0818 6288 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 17:23:04.0115 6288 ql40xx - ok 17:23:04.0302 6288 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 17:23:04.0318 6288 QWAVEdrv - ok 17:23:04.0364 6288 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 17:23:04.0380 6288 RasAcd - ok 17:23:04.0442 6288 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 17:23:04.0458 6288 RasAgileVpn - ok 17:23:04.0489 6288 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 17:23:04.0505 6288 Rasl2tp - ok 17:23:04.0645 6288 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 17:23:04.0645 6288 RasPppoe - ok 17:23:04.0676 6288 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 17:23:04.0692 6288 RasSstp - ok 17:23:04.0739 6288 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 17:23:04.0754 6288 rdbss - ok 17:23:04.0801 6288 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 17:23:04.0817 6288 rdpbus - ok 17:23:04.0848 6288 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 17:23:04.0848 6288 RDPCDD - ok 17:23:04.0895 6288 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 17:23:04.0910 6288 RDPENCDD - ok 17:23:04.0942 6288 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 17:23:04.0957 6288 RDPREFMP - ok 17:23:05.0020 6288 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 17:23:05.0020 6288 RDPWD - ok 17:23:05.0098 6288 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 17:23:05.0098 6288 rdyboost - ok 17:23:05.0254 6288 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 17:23:05.0269 6288 rspndr - ok 17:23:05.0316 6288 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 17:23:05.0332 6288 sbp2port - ok 17:23:05.0363 6288 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 17:23:05.0363 6288 scfilter - ok 17:23:05.0425 6288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 17:23:05.0425 6288 secdrv - ok 17:23:05.0534 6288 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 17:23:05.0534 6288 Serenum - ok 17:23:05.0644 6288 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 17:23:05.0659 6288 Serial - ok 17:23:05.0706 6288 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 17:23:05.0706 6288 sermouse - ok 17:23:05.0784 6288 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 17:23:05.0784 6288 sffdisk - ok 17:23:05.0815 6288 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 17:23:05.0815 6288 sffp_mmc - ok 17:23:05.0831 6288 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 17:23:05.0846 6288 sffp_sd - ok 17:23:05.0878 6288 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 17:23:05.0893 6288 sfloppy - ok 17:23:05.0971 6288 ShldFlt (03639a3b26aa808bae79d89fdb4b151c) C:\Windows\system32\DRIVERS\ShldFlt.sys 17:23:05.0971 6288 ShldFlt - ok 17:23:06.0034 6288 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 17:23:06.0034 6288 SiSGbeLH - ok 17:23:06.0080 6288 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 17:23:06.0080 6288 SiSRaid2 - ok 17:23:06.0112 6288 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 17:23:06.0112 6288 SiSRaid4 - ok 17:23:06.0158 6288 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 17:23:06.0158 6288 Smb - ok 17:23:06.0221 6288 snapman (b2c19ae46c5a109679b4fb38058df05a) C:\Windows\system32\DRIVERS\snapman.sys 17:23:06.0236 6288 snapman - ok 17:23:06.0361 6288 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys 17:23:06.0424 6288 SNP2UVC - ok 17:23:06.0486 6288 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 17:23:06.0486 6288 spldr - ok 17:23:06.0626 6288 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 17:23:06.0938 6288 srv - ok 17:23:07.0126 6288 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 17:23:07.0141 6288 srv2 - ok 17:23:07.0172 6288 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 17:23:07.0188 6288 srvnet - ok 17:23:07.0266 6288 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 17:23:07.0282 6288 stexstor - ok 17:23:07.0360 6288 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 17:23:07.0360 6288 swenum - ok 17:23:07.0640 6288 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 17:23:08.0280 6288 Tcpip - ok 17:23:08.0436 6288 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 17:23:08.0452 6288 TCPIP6 - ok 17:23:08.0498 6288 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 17:23:08.0514 6288 tcpipreg - ok 17:23:08.0608 6288 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 17:23:08.0608 6288 TDPIPE - ok 17:23:08.0701 6288 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys 17:23:08.0764 6288 tdrpman273 - ok 17:23:08.0873 6288 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 17:23:08.0888 6288 TDTCP - ok 17:23:08.0935 6288 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 17:23:08.0935 6288 tdx - ok 17:23:08.0982 6288 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 17:23:08.0982 6288 TermDD - ok 17:23:09.0044 6288 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys 17:23:09.0076 6288 timounter - ok 17:23:09.0263 6288 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 17:23:09.0263 6288 tssecsrv - ok 17:23:09.0341 6288 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 17:23:09.0341 6288 TsUsbFlt - ok 17:23:09.0419 6288 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 17:23:09.0746 6288 tunnel - ok 17:23:09.0778 6288 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 17:23:09.0778 6288 uagp35 - ok 17:23:09.0824 6288 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 17:23:09.0856 6288 udfs - ok 17:23:09.0902 6288 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 17:23:09.0902 6288 uliagpkx - ok 17:23:09.0934 6288 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 17:23:09.0934 6288 umbus - ok 17:23:09.0980 6288 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 17:23:09.0980 6288 UmPass - ok 17:23:10.0027 6288 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 17:23:10.0027 6288 usbccgp - ok 17:23:10.0074 6288 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 17:23:10.0074 6288 usbcir - ok 17:23:10.0105 6288 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 17:23:10.0105 6288 usbehci - ok 17:23:10.0152 6288 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 17:23:10.0168 6288 usbhub - ok 17:23:10.0214 6288 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 17:23:10.0214 6288 usbohci - ok 17:23:10.0261 6288 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 17:23:10.0261 6288 usbprint - ok 17:23:10.0292 6288 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS 17:23:10.0308 6288 USBSTOR - ok 17:23:10.0339 6288 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 17:23:10.0355 6288 usbuhci - ok 17:23:10.0402 6288 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 17:23:10.0417 6288 usbvideo - ok 17:23:10.0480 6288 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 17:23:10.0480 6288 vdrvroot - ok 17:23:10.0511 6288 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 17:23:10.0526 6288 vga - ok 17:23:10.0667 6288 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 17:23:10.0667 6288 VgaSave - ok 17:23:10.0714 6288 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 17:23:10.0729 6288 vhdmp - ok 17:23:10.0745 6288 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 17:23:10.0760 6288 viaide - ok 17:23:10.0792 6288 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 17:23:10.0792 6288 volmgr - ok 17:23:10.0838 6288 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 17:23:10.0854 6288 volmgrx - ok 17:23:10.0901 6288 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 17:23:10.0901 6288 volsnap - ok 17:23:10.0948 6288 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 17:23:10.0963 6288 vsmraid - ok 17:23:10.0994 6288 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 17:23:10.0994 6288 vwifibus - ok 17:23:11.0026 6288 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 17:23:11.0026 6288 vwififlt - ok 17:23:11.0088 6288 wacmoumonitor (43ce14e1e17da81ea71dfe686805ed07) C:\Windows\system32\DRIVERS\wacmoumonitor.sys 17:23:11.0088 6288 wacmoumonitor - ok 17:23:11.0150 6288 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys 17:23:11.0150 6288 wacommousefilter - ok 17:23:11.0197 6288 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 17:23:11.0213 6288 WacomPen - ok 17:23:11.0260 6288 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys 17:23:11.0260 6288 wacomvhid - ok 17:23:11.0306 6288 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:23:11.0306 6288 WANARP - ok 17:23:11.0338 6288 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:23:11.0338 6288 Wanarpv6 - ok 17:23:11.0478 6288 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 17:23:11.0494 6288 Wd - ok 17:23:11.0540 6288 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 17:23:11.0587 6288 Wdf01000 - ok 17:23:11.0728 6288 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 17:23:11.0728 6288 WfpLwf - ok 17:23:11.0806 6288 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 17:23:11.0821 6288 WimFltr - ok 17:23:11.0884 6288 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 17:23:11.0884 6288 WIMMount - ok 17:23:12.0071 6288 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 17:23:12.0071 6288 WmiAcpi - ok 17:23:12.0180 6288 WNMFLT (c1b61612fccc6e750ad0a6e19c77ee85) C:\Windows\system32\Drivers\WNMFLT64.SYS 17:23:12.0180 6288 WNMFLT - ok 17:23:12.0274 6288 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 17:23:12.0274 6288 ws2ifsl - ok 17:23:12.0352 6288 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 17:23:12.0367 6288 WudfPf - ok 17:23:12.0414 6288 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 17:23:12.0414 6288 WUDFRd - ok 17:23:12.0476 6288 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 17:23:12.0492 6288 \Device\Harddisk0\DR0 - ok 17:23:12.0508 6288 Boot (0x1200) (7ce69b45b09d2bff3a75ca30a309b1f8) \Device\Harddisk0\DR0\Partition0 17:23:12.0508 6288 \Device\Harddisk0\DR0\Partition0 - ok 17:23:12.0523 6288 Boot (0x1200) (f2e5a209068ece882dac955e174296cc) \Device\Harddisk0\DR0\Partition1 17:23:12.0539 6288 \Device\Harddisk0\DR0\Partition1 - ok 17:23:12.0539 6288 ============================================================ 17:23:12.0539 6288 Scan finished 17:23:12.0539 6288 ============================================================ 17:23:12.0554 4128 Detected object count: 0 17:23:12.0554 4128 Actual detected object count: 0
  • Mooi zo, ook geen rootkits zoals TDL4. We gaan opruimen: [color=#FF0000:9d0479c9c4][b:9d0479c9c4]Stap •1•[/b:9d0479c9c4][/color:9d0479c9c4] [b:9d0479c9c4]TDSSKiller[/b:9d0479c9c4] en dito [b:9d0479c9c4]C:\TDSSKiller[/b:9d0479c9c4]. mag je handmatig verwijderen. [color=#FF0000:9d0479c9c4][b:9d0479c9c4]Stap •2•[/b:9d0479c9c4][/color:9d0479c9c4] ComboFix mag nu verwijderd worden: [list:9d0479c9c4][*:9d0479c9c4] ga daarvoor naar Start - Uitvoeren [*:9d0479c9c4] kopieer en plak hierin het volgende: [b:9d0479c9c4]Combofix /Uninstall[/b:9d0479c9c4] [*:9d0479c9c4] klik daarna op [b:9d0479c9c4]OK[/b:9d0479c9c4]. [*:9d0479c9c4] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:9d0479c9c4] Voorbeeld: [img:9d0479c9c4]http://www.emphyrio.be/images/SMUninstall_combofix.png[/img:9d0479c9c4] Uitvoeren kan ook gestart worden door de toetsen "Windowstoets + R" gelijktijdig in te drukken. [i:9d0479c9c4]Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en reset je Systeemherstel opnieuw.[/i:9d0479c9c4] [color=#FF0000:9d0479c9c4][b:9d0479c9c4]Stap •3•[/b:9d0479c9c4][/color:9d0479c9c4] [b:9d0479c9c4]Welk programma[/b:9d0479c9c4]: TFC. [b:9d0479c9c4]Waarvoor/waarom[/b:9d0479c9c4]:grondige reiniging van Windows. [b:9d0479c9c4]Moeilijkheidsgraad[/b:9d0479c9c4]: geen. [b:9d0479c9c4]Download: [url=http://oldtimer.geekstogo.com/TFC.exe][color=#0000FF:9d0479c9c4]Download TFC naar je bureaublad (klick)[/color:9d0479c9c4] [/b:9d0479c9c4][/url] [b:9d0479c9c4]TFC opstarten[/b:9d0479c9c4]: Windows 2000 en Windows XP: start TFC.exe middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start TFC.exe middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:9d0479c9c4][*:9d0479c9c4] Niet schrikken - het tool sluit alle lopende programma's - ergo: verzeker je dus ervan, dat je werk al is opgeslagen! [*:9d0479c9c4] Vervolgens klik je op de knop [b:9d0479c9c4]Start[/b:9d0479c9c4] om de scan te starten. Deze scan kan kort of langer duren, wees geduldig en laat TFC zijn taak doen en wacht to TFC klaaar is. [*:9d0479c9c4] Indien TFC klaar is, dan komt de melding dat de computer opnieuw opgestart wordt. [*:9d0479c9c4] Gebeurt het afsluiten niet automatisch, start dan zelf de computer opnieuw op. [*:9d0479c9c4] Noot: TFC vertoont geen log![/list:u:9d0479c9c4] [color=#FF0000:9d0479c9c4][b:9d0479c9c4]Stap •4•[/b:9d0479c9c4][/color:9d0479c9c4] Doe ook nog een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is. Download naar je bureaublad [url=http://screen317.spywareinfoforum.org/SecurityCheck.exe][b:9d0479c9c4][color=#0000FF:9d0479c9c4]Security Check[/color:9d0479c9c4][/b:9d0479c9c4][/url]. [list:9d0479c9c4][*:9d0479c9c4] Klik/dubbelklik op [b:9d0479c9c4]SecurityCheck.exe[/b:9d0479c9c4] en let op de instrukties in het zwarte venster. [*:9d0479c9c4] Een Kladblok document genaamd [b:9d0479c9c4]checkup.txt[/b:9d0479c9c4] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad. [*:9d0479c9c4] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:9d0479c9c4] Post de inhoud van [b:9d0479c9c4]checkup.txt [/b:9d0479c9c4]in je volgende post.
  • Hallo Abraham, Hierbij de log: Zie volgende post! Results of screen317's Security Check version 0.99.28 Windows 7 x64 (UAC is enabled) Internet Explorer 9 [b:e7e4625dfe]`````````````````````````````` [u:e7e4625dfe]Antivirus/Firewall Check:[/u:e7e4625dfe][/b:e7e4625dfe] Panda Internet Security 2011 [size=1:e7e4625dfe]WMI entry may not exist for antivirus; attempting automatic update.[/size:e7e4625dfe] [b:e7e4625dfe]``````````````````````````````` [u:e7e4625dfe]Anti-malware/Other Utilities Check:[/u:e7e4625dfe][/b:e7e4625dfe] Malwarebytes' Anti-Malware Java(TM) 6 Update 29 Adobe Flash Player ( 10.0.32.18) [b:e7e4625dfe][color=red:e7e4625dfe]Flash Player out of Date![/color:e7e4625dfe][/b:e7e4625dfe] Adobe Reader 9 [color=red:e7e4625dfe][b:e7e4625dfe](Adobe Reader out of date![/b:e7e4625dfe][/color:e7e4625dfe] [b:e7e4625dfe]```````````````````````````````` Process Check: [u:e7e4625dfe]objlist.exe by Laurent[/u:e7e4625dfe][/b:e7e4625dfe] panda security panda internet security 2011 firewall PSHOST.EXE [b:e7e4625dfe]``````````End of Log````````````[/b:e7e4625dfe]
  • Hallo Abraham, Ik heb Adobe geupdate. Zie onderstaande log. Flashplayer staat nu niet in de log, maar heb hem wel in mijn programma lijst versie 11.1.102.55 Wat ik verder heb gezien is dat de 2 VIR bestanden die combofix verwijderd heeft al sinds 24-12-2009 en 17-3-2011 in mijn systeem zitten. Ik heb dit ook in mijn images van die tijd gezien. Als je googled zijn dit geen onbekende. Het verbaast mij dan ook lichtelijk dat MBAM, Panda , ESET, windows defender hier niks mee gedaan hebben. Het antwoord op mijn vraag "Is het resultaat van scan's nu voldoende zekerheid voor schoon systeem?" is dan ook een duidelijk NEE! Of heb jij hier een verklaring voor? Ik ben blij dat het systeem weer schoon is. Ga na alle actie een nieuw image maken en alle oude maar weggooien. In de 1ste log staat een melding over windows security service, deze is in de 2de log verdwenen. Waarschijnlijk duurt het even voordat deze actief wordt? Ik verneem graag van je of er nog acties nodig zijn. Results of screen317's Security Check version 0.99.28 Windows 7 x64 (UAC is enabled) Internet Explorer 9 [b:328415e2a8]`````````````````````````````` [u:328415e2a8]Antivirus/Firewall Check:[/u:328415e2a8][/b:328415e2a8] [color=red:328415e2a8][b:328415e2a8]Windows Security Center service is not running! This report may not be accurate![/b:328415e2a8][/color:328415e2a8] Panda Internet Security 2011 [size=1:328415e2a8]WMI entry may not exist for antivirus; attempting automatic update.[/size:328415e2a8] [b:328415e2a8]``````````````````````````````` [u:328415e2a8]Anti-malware/Other Utilities Check:[/u:328415e2a8][/b:328415e2a8] Malwarebytes' Anti-Malware Java(TM) 6 Update 29 Adobe Reader X (10.1.1) [b:328415e2a8]```````````````````````````````` Process Check: [u:328415e2a8]objlist.exe by Laurent[/u:328415e2a8][/b:328415e2a8] panda security panda internet security 2011 firewall PSHOST.EXE [b:328415e2a8]``````````End of Log````````````[/b:328415e2a8] Na een tweede run: Results of screen317's Security Check version 0.99.28 Windows 7 x64 (UAC is enabled) Internet Explorer 9 [b:328415e2a8]`````````````````````````````` [u:328415e2a8]Antivirus/Firewall Check:[/u:328415e2a8][/b:328415e2a8] Panda Internet Security 2011 [size=1:328415e2a8]WMI entry may not exist for antivirus; attempting automatic update.[/size:328415e2a8] [b:328415e2a8]``````````````````````````````` [u:328415e2a8]Anti-malware/Other Utilities Check:[/u:328415e2a8][/b:328415e2a8] Malwarebytes' Anti-Malware Java(TM) 6 Update 29 Adobe Reader X (10.1.1) [b:328415e2a8]```````````````````````````````` Process Check: [u:328415e2a8]objlist.exe by Laurent[/u:328415e2a8][/b:328415e2a8] panda security panda internet security 2011 firewall PSHOST.EXE [b:328415e2a8]``````````End of Log````````````[/b:328415e2a8]
  • Je moet het zo zien, dat geen enkele antivirussoftware en spywarescanner 100 % zekerheid biedt. ComboFix is een zeer specialistisch programma en ga het dan ook niet zelf gebruiken. Ik adviseer jou pas een image te maken na de laatste tip te hebben uitgevoerd: ga een paar keer per jaar naar [b:9013e93846][url=http://secunia.com/vulnerability_scanning/online/]Secunia PSI (klik)[/url][/b:9013e93846] om te controleren of ook alles binnen Windows uptodate is. Want alleen dan is Windows op zijn veiligst! Klik op de Secunia site eerst op de knop [b:9013e93846]Start Scanner[/b:9013e93846] en zet vervolgens op de nieuwe pagina eerst een vinkje bij [b:9013e93846]Enable thorough system inspection[/b:9013e93846] aleer op [b:9013e93846]Start[/b:9013e93846] te klikken! Gebruik je geen Java, dan zal de site niet werken. Dan kan je de [b:9013e93846]Secunia Personal Software Inspector (PSI)[/b:9013e93846] downloaden en installeren. N.B.: na installatie start dit tool automatisch met Windows, maar dat is echt niet nodig en kan uitgescakeld worden! [url]http://secunia.com/vulnerability_scanning/personal/[/url]
  • Hallo Abraham, Alle acties zijn nu uitgevoerd. Moest alleen Quicktime vernieuwen. Ik ga zeker niet zelf met combofix e.d. aan de gang. Als ik het niet vertrouw post ik wel een nieuw verzoek. Voor nu, bedankt voor de ondersteuning. vr.gr Frans

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.