Virus mediashifting

[Izzy13]

Hallo,

Ik had sinds afgelopen weekend ineens dat ik mijn laptop opstartte en ik kon nog gewoon mijn wachtwoord intypen maar als ik dan normaal mijn bureaublad kreeg te zien, kreeg ik nu alleen een zwart scherm. Dit heb ik kunnen omzeilen door taakbeheer te starten en een nieuwe taak "explorer.exe" te openen. Hierdoor kon ik wel weer gewoon bij al mijn documenten en op internet. Maar hierna zag ik dat zodra ik internet wilde openen of iets wilde googlen dat hij automatisch naar mediashifting.com ging. Ik heb dus gegoogled (op werk) hiernaar en kwam bij jullie terecht. Bij het andere topic over dit virus. Daar heb ik vervolgens het antwoord van seniorke opgevolgd. Eerst MalwareBytes AntiMalware gedownload en gescand. Hier kwamen aardig wat infecties uit, vervolgens opnieuw opgestart en ik kreeg zomaar ineens mijn bureaublad weer, helaas nog steeds als ik wilde googlen mediashifting... Dus toen ook het tweede deel hiervan gedaan, TDSSkiller gedownload en dit ook gedaan. Ook hier kwamen weer een aantal infecties uit. Weer opnieuw opgestart en nu gaat het googlen wel goed. Maar ik zag net wel dat er automatisch een tweede scherm werd opgestart waar wel weer mediashifting op kwam. Dus ik twijfel nu of mijn laptop helemaal schoon is. Wie kan mijn helpen? Ik heb evt. ook de logs nog van MalwareBytes en van TDSSkiller.

 

[marbie94]

Ik zou het gewoon even afwachten en als het nog terugkomt zou ik systeemherstel gebruiken. Hiermee heb ik zelf ook al eens zo'n soort virus verwijderd.

 

[bassie9]

Wil je er echt goed en zeker vanaf komen, dan zou je Windows opnieuw moeten installeren, maar misschien werkt systeemherstel ook. Kijk eens terug in je geschiedenis wat je de dag voordat je je laptop opstartte en een zwart scherm kreeg op welke sites je bent geweest:thumb:

 

[gebruiker2334]

Verdachte toolbars kunnen een oorzaak ziijn. Dit virus raakt op je computer omdat je software niet Up to Date is , zoals je Java en Adobe software.

Ik heb evt. ook de logs nog van MalwareBytes en van TDSSkiller.

Wil je die eens plaatsen.
Systeemherstel is niet echt een oplossing omdat de besmetting al in herstelpunten kan zitten. Een betere oplossing is dan alle herstelpunten te verwijderen.

 

[Izzy13]

Ik zit nu op mijn werk, maar als ik vanmiddag weer thuis ben, zal ik de logs plaatsen.
Ik wist trouwens niet dat doordat de software van Java en Adobe niet up to date is dat je daardoor virussen op je computer kunt krijgen. Dat weet ik dan ook weer, en zal ik nu ook op gaan letten!

 

[Izzy13]

Log van Malwarebytes:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Databaseversie: v2012.01.18.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19170
Ilonka :: PC_VAN_ILONKA [administrator]

18-1-2012 15:56:47
mbam-log-2012-01-18 (15-56-47).txt

Scantype: Volledige scan
Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 292256
Verstreken tijd: 2 uur/uren, 47 minuut/minuten, 13 seconde(n)

Geheugenprocessen gedetecteerd: 3
C:\Users\Ilonka\AppData\Roaming\A2DE3\lvvm.exe (Trojan.Gbot) -> 1484 -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Ilonka\AppData\Roaming\Microsoft\3418\B38.exe (Trojan.Gbot) -> 3296 -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Ilonka\AppData\Roaming\840A2\CAF34.exe (Trojan.Gbot) -> 5024 -> Zal worden verwijderd tijdens het herstarten.

Geheugenmodulen gedetecteerd: 1
C:\Windows\System32\SfCtlCom.dll (Rootkit.0Access) -> Zal worden verwijderd tijdens het herstarten.

Registersleutels gedetecteerd: 6
HKCU\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\affri (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|B38.exe (Trojan.Gbot) -> Data: C:\Users\Ilonka\AppData\Roaming\Microsoft\3418\B38.exe -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Backdoor.CycBot) -> Data: C:\Users\Ilonka\AppData\Roaming\A2DE3\lvvm.exe -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Hijack.Shell.Gen) -> Data: explorer.exe,C:\Users\Ilonka\AppData\Roaming\840A2\CAF34.exe -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{B7FB21A4-4FC0-2F72-9754-CE07B4143B4F} (Trojan.ZbotR.Gen) -> Data: C:\Users\Ilonka\AppData\Roaming\Quaqbys\idemop.exe -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Gbot) -> Slecht: (C:\Users\Ilonka\AppData\Roaming\A2DE3\lvvm.exe) Goed: () -> Succesvol in quarantaine geplaatst en gerepareerd.

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 10
C:\Windows\System32\SfCtlCom.dll (Rootkit.0Access) -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Ilonka\AppData\Roaming\A2DE3\lvvm.exe (Trojan.Gbot) -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Ilonka\AppData\Roaming\Microsoft\3418\B38.exe (Trojan.Gbot) -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Ilonka\AppData\Roaming\840A2\CAF34.exe (Trojan.Gbot) -> Zal worden verwijderd tijdens het herstarten.
C:\Windows\assembly\GAC_MSIL\Desktop.ini (Rootkit.0Access) -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Ilonka\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Ilonka\AppData\Roaming\Quaqbys\idemop.exe (Trojan.ZbotR.Gen) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Log van TDSSkiller:

19:23:56.0720 4216 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
19:23:57.0032 4216 ============================================================
19:23:57.0032 4216 Current date / time: 2012/01/18 19:23:57.0032
19:23:57.0032 4216 SystemInfo:
19:23:57.0032 4216
19:23:57.0032 4216 OS Version: 6.0.6002 ServicePack: 2.0
19:23:57.0032 4216 Product type: Workstation
19:23:57.0032 4216 ComputerName: PC_VAN_ILONKA
19:23:57.0032 4216 UserName: Ilonka
19:23:57.0032 4216 Windows directory: C:\Windows
19:23:57.0032 4216 System windows directory: C:\Windows
19:23:57.0032 4216 Processor architecture: Intel x86
19:23:57.0032 4216 Number of processors: 2
19:23:57.0032 4216 Page size: 0x1000
19:23:57.0032 4216 Boot type: Normal boot
19:23:57.0032 4216 ============================================================
19:23:59.0340 4216 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:23:59.0465 4216 Initialize success
19:24:43.0147 4588 ============================================================
19:24:43.0147 4588 Scan started
19:24:43.0147 4588 Mode: Manual; SigCheck; TDLFS;
19:24:43.0147 4588 ============================================================
19:24:46.0907 4588 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:24:47.0078 4588 ACPI - ok
19:24:47.0172 4588 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:24:47.0219 4588 adp94xx - ok
19:24:47.0312 4588 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:24:47.0344 4588 adpahci - ok
19:24:47.0453 4588 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:24:47.0484 4588 adpu160m - ok
19:24:47.0921 4588 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:24:47.0936 4588 adpu320 - ok
19:24:48.0373 4588 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:24:48.0514 4588 AFD - ok
19:24:48.0701 4588 AgereSoftModem (d31d1a92479bd8c0d050a6ffbdd410d9) C:\Windows\system32\DRIVERS\AGRSM.sys
19:24:48.0810 4588 AgereSoftModem - ok
19:24:48.0950 4588 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:24:48.0982 4588 agp440 - ok
19:24:49.0075 4588 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:24:49.0106 4588 aic78xx - ok
19:24:49.0184 4588 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:24:49.0216 4588 aliide - ok
19:24:49.0309 4588 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:24:49.0325 4588 amdagp - ok
19:24:49.0387 4588 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:24:49.0434 4588 amdide - ok
19:24:49.0559 4588 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:24:49.0808 4588 AmdK7 - ok
19:24:49.0918 4588 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:24:50.0027 4588 AmdK8 - ok
19:24:50.0183 4588 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:24:50.0354 4588 ApfiltrService - ok
19:24:50.0526 4588 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:24:50.0557 4588 arc - ok
19:24:50.0651 4588 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:24:50.0682 4588 arcsas - ok
19:24:50.0838 4588 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:24:51.0041 4588 AsyncMac - ok
19:24:51.0181 4588 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:24:51.0212 4588 atapi - ok
19:24:51.0400 4588 athr (2846f5ee802889d500fcf5cc48b28381) C:\Windows\system32\DRIVERS\athr.sys
19:24:51.0790 4588 athr - ok
19:24:51.0946 4588 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:24:52.0133 4588 b57nd60x - ok
19:24:52.0351 4588 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:24:52.0429 4588 Beep - ok
19:24:52.0554 4588 blbdrive - ok
19:24:52.0648 4588 BOCDRIVE - ok
19:24:52.0819 4588 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:24:53.0084 4588 bowser - ok
19:24:53.0209 4588 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:24:53.0381 4588 BrFiltLo - ok
19:24:53.0521 4588 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:24:53.0552 4588 BrFiltUp - ok
19:24:53.0677 4588 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:24:53.0786 4588 Brserid - ok
19:24:53.0911 4588 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:24:54.0020 4588 BrSerWdm - ok
19:24:54.0083 4588 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:24:54.0176 4588 BrUsbMdm - ok
19:24:54.0254 4588 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:24:54.0348 4588 BrUsbSer - ok
19:24:54.0473 4588 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:24:54.0582 4588 BTHMODEM - ok
19:24:54.0816 4588 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:24:54.0925 4588 cdfs - ok
19:24:55.0066 4588 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:24:55.0144 4588 cdrom - ok
19:24:55.0300 4588 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
19:24:55.0534 4588 cfwids - ok
19:24:55.0705 4588 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:24:55.0799 4588 circlass - ok
19:24:55.0924 4588 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:24:55.0955 4588 CLFS - ok
19:24:56.0189 4588 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:24:56.0267 4588 CmBatt - ok
19:24:56.0392 4588 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:24:56.0407 4588 cmdide - ok
19:24:56.0563 4588 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:24:56.0594 4588 Compbatt - ok
19:24:56.0766 4588 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:24:56.0797 4588 crcdisk - ok
19:24:56.0875 4588 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:24:56.0969 4588 Crusoe - ok
19:24:57.0109 4588 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:24:57.0203 4588 DfsC - ok
19:24:57.0530 4588 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:24:57.0562 4588 disk - ok
19:24:57.0718 4588 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
19:24:57.0749 4588 DKbFltr - ok
19:24:57.0889 4588 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
19:24:57.0905 4588 DritekPortIO - ok
19:24:58.0061 4588 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:24:58.0139 4588 drmkaud - ok
19:24:58.0326 4588 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:24:58.0466 4588 DXGKrnl - ok
19:24:58.0591 4588 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:24:58.0669 4588 E1G60 - ok
19:24:58.0841 4588 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:24:58.0872 4588 Ecache - ok
19:24:59.0028 4588 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:24:59.0059 4588 elxstor - ok
19:24:59.0262 4588 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:24:59.0340 4588 exfat - ok
19:24:59.0512 4588 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:24:59.0558 4588 fastfat - ok
19:24:59.0683 4588 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:24:59.0777 4588 fdc - ok
19:24:59.0964 4588 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:24:59.0980 4588 FileInfo - ok
19:25:00.0136 4588 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:25:00.0214 4588 Filetrace - ok
19:25:00.0354 4588 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:25:00.0463 4588 flpydisk - ok
19:25:00.0619 4588 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:25:00.0650 4588 FltMgr - ok
19:25:00.0838 4588 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
19:25:00.0853 4588 fssfltr - ok
19:25:01.0009 4588 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:25:01.0056 4588 Fs_Rec - ok
19:25:01.0181 4588 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:25:01.0212 4588 gagp30kx - ok
19:25:01.0368 4588 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:25:01.0399 4588 GEARAspiWDM - ok
19:25:01.0586 4588 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:25:01.0696 4588 HdAudAddService - ok
19:25:01.0898 4588 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:25:01.0976 4588 HDAudBus - ok
19:25:02.0148 4588 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:25:02.0257 4588 HidBth - ok
19:25:02.0413 4588 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:25:02.0522 4588 HidIr - ok
19:25:02.0678 4588 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:25:02.0756 4588 HidUsb - ok
19:25:02.0881 4588 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:25:02.0912 4588 HpCISSs - ok
19:25:03.0022 4588 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:25:03.0084 4588 HSFHWAZL - ok
19:25:03.0209 4588 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:25:03.0490 4588 HSF_DPV - ok
19:25:03.0661 4588 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:25:03.0724 4588 HSXHWAZL - ok
19:25:04.0363 4588 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:25:04.0582 4588 HTTP - ok
19:25:04.0722 4588 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:25:04.0738 4588 i2omp - ok
19:25:04.0909 4588 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:25:04.0987 4588 i8042prt - ok
19:25:05.0206 4588 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:25:05.0237 4588 iaStorV - ok
19:25:05.0346 4588 igfx (f93a6b133a2fa961cd49ddbcc16449bb) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:25:05.0486 4588 igfx - ok
19:25:05.0611 4588 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:25:05.0627 4588 iirsp - ok
19:25:05.0798 4588 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
19:25:05.0814 4588 int15 - ok
19:25:06.0032 4588 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
19:25:06.0173 4588 IntcAzAudAddService - ok
19:25:06.0344 4588 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
19:25:06.0376 4588 intelide - ok
19:25:06.0485 4588 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:25:06.0563 4588 intelppm - ok
19:25:06.0703 4588 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:25:06.0781 4588 IpFilterDriver - ok
19:25:06.0906 4588 IpInIp - ok
19:25:07.0031 4588 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:25:07.0124 4588 IPMIDRV - ok
19:25:07.0218 4588 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:25:07.0265 4588 IPNAT - ok
19:25:07.0374 4588 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:25:07.0452 4588 IRENUM - ok
19:25:07.0561 4588 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:25:07.0577 4588 isapnp - ok
19:25:07.0717 4588 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:25:07.0748 4588 iScsiPrt - ok
19:25:07.0826 4588 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:25:07.0873 4588 iteatapi - ok
19:25:07.0998 4588 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:25:08.0029 4588 iteraid - ok
19:25:08.0201 4588 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:25:08.0232 4588 kbdclass - ok
19:25:08.0372 4588 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:25:08.0450 4588 kbdhid - ok
19:25:08.0575 4588 KMWDFilter (f0c9f373ce7e0d71d903aa88af3c50a7) C:\Windows\System32\Drivers\KMWDFilter.SYS
19:25:08.0622 4588 KMWDFilter ( UnsignedFile.Multi.Generic ) - warning
19:25:08.0622 4588 KMWDFilter - detected UnsignedFile.Multi.Generic (1)
19:25:08.0778 4588 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
19:25:08.0856 4588 KSecDD - ok
19:25:09.0059 4588 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:25:09.0121 4588 lltdio - ok
19:25:09.0230 4588 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:25:09.0262 4588 LSI_FC - ok
19:25:09.0340 4588 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:25:09.0371 4588 LSI_SAS - ok
19:25:09.0402 4588 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:25:09.0433 4588 LSI_SCSI - ok
19:25:09.0636 4588 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:25:09.0698 4588 luafv - ok
19:25:09.0886 4588 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:25:09.0932 4588 mdmxsdk - ok
19:25:10.0026 4588 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:25:10.0057 4588 megasas - ok
19:25:10.0135 4588 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
19:25:10.0166 4588 mfeapfk - ok
19:25:10.0322 4588 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
19:25:10.0354 4588 mfeavfk - ok
19:25:10.0510 4588 mfeavfk01 - ok
19:25:10.0634 4588 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
19:25:10.0775 4588 mfebopk - ok
19:25:10.0931 4588 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
19:25:10.0962 4588 mfefirek - ok
19:25:11.0118 4588 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
19:25:11.0196 4588 mfehidk - ok
19:25:11.0336 4588 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
19:25:11.0352 4588 mfenlfk - ok
19:25:11.0508 4588 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
19:25:11.0524 4588 mferkdet - ok
19:25:11.0664 4588 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
19:25:11.0820 4588 mfewfpk - ok
19:25:11.0945 4588 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:25:11.0992 4588 Modem - ok
19:25:12.0148 4588 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:25:12.0226 4588 monitor - ok
19:25:12.0397 4588 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:25:12.0428 4588 mouclass - ok
19:25:12.0506 4588 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:25:12.0569 4588 mouhid - ok
19:25:12.0662 4588 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:25:12.0694 4588 MountMgr - ok
19:25:12.0803 4588 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:25:12.0818 4588 mpio - ok
19:25:12.0928 4588 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:25:12.0990 4588 mpsdrv - ok
19:25:13.0068 4588 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:25:13.0099 4588 Mraid35x - ok
19:25:13.0193 4588 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:25:13.0318 4588 MRxDAV - ok
19:25:13.0427 4588 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:25:13.0505 4588 mrxsmb - ok
19:25:13.0661 4588 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:25:13.0708 4588 mrxsmb10 - ok
19:25:13.0864 4588 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:25:13.0895 4588 mrxsmb20 - ok
19:25:14.0004 4588 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
19:25:14.0035 4588 msahci - ok
19:25:14.0113 4588 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:25:14.0144 4588 msdsm - ok
19:25:14.0269 4588 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:25:14.0332 4588 Msfs - ok
19:25:14.0425 4588 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:25:14.0456 4588 msisadrv - ok
19:25:14.0597 4588 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:25:14.0659 4588 MSKSSRV - ok
19:25:14.0737 4588 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:25:14.0800 4588 MSPCLOCK - ok
19:25:14.0893 4588 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:25:14.0940 4588 MSPQM - ok
19:25:15.0096 4588 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:25:15.0127 4588 MsRPC - ok
19:25:15.0236 4588 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:25:15.0268 4588 mssmbios - ok
19:25:15.0377 4588 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:25:15.0439 4588 MSTEE - ok
19:25:15.0704 4588 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:25:15.0720 4588 Mup - ok
19:25:15.0892 4588 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:25:15.0954 4588 NativeWifiP - ok
19:25:16.0235 4588 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:25:16.0328 4588 NDIS - ok
19:25:16.0500 4588 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:25:16.0578 4588 NdisTapi - ok
19:25:16.0734 4588 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:25:16.0828 4588 Ndisuio - ok
19:25:17.0015 4588 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:25:17.0062 4588 NdisWan - ok
19:25:17.0202 4588 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:25:17.0249 4588 NDProxy - ok
19:25:17.0374 4588 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:25:17.0436 4588 NetBIOS - ok
19:25:17.0576 4588 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:25:17.0639 4588 netbt - ok
19:25:17.0779 4588 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:25:17.0810 4588 nfrd960 - ok
19:25:17.0920 4588 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:25:17.0966 4588 Npfs - ok
19:25:18.0076 4588 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:25:18.0154 4588 nsiproxy - ok
19:25:18.0278 4588 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:25:18.0356 4588 Ntfs - ok
19:25:18.0466 4588 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
19:25:18.0512 4588 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
19:25:18.0512 4588 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
19:25:18.0637 4588 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:25:18.0746 4588 ntrigdigi - ok
19:25:18.0902 4588 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:25:18.0965 4588 Null - ok
19:25:19.0090 4588 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:25:19.0121 4588 nvraid - ok
19:25:19.0199 4588 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:25:19.0230 4588 nvstor - ok
19:25:19.0292 4588 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:25:19.0324 4588 nv_agp - ok
19:25:19.0386 4588 NwlnkFlt - ok
19:25:19.0417 4588 NwlnkFwd - ok
19:25:19.0464 4588 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:25:19.0542 4588 ohci1394 - ok
19:25:19.0667 4588 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
19:25:19.0729 4588 PAC207 - ok
19:25:19.0854 4588 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:25:19.0948 4588 Parport - ok
19:25:20.0057 4588 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:25:20.0072 4588 partmgr - ok
19:25:20.0150 4588 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:25:20.0228 4588 Parvdm - ok
19:25:20.0353 4588 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:25:20.0384 4588 pci - ok
19:25:20.0494 4588 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\DRIVERS\pciide.sys
19:25:20.0509 4588 pciide - ok
19:25:20.0634 4588 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:25:20.0665 4588 pcmcia - ok
19:25:20.0821 4588 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:25:20.0946 4588 PEAUTH - ok
19:25:21.0071 4588 pfc - ok
19:25:21.0258 4588 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:25:21.0320 4588 PptpMiniport - ok
19:25:21.0445 4588 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:25:21.0523 4588 Processor - ok
19:25:21.0632 4588 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:25:21.0679 4588 PSched - ok
19:25:21.0757 4588 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
19:25:21.0788 4588 PSDFilter - ok
19:25:21.0851 4588 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
19:25:21.0882 4588 PSDNServ - ok
19:25:21.0898 4588 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
19:25:21.0913 4588 psdvdisk - ok
19:25:22.0038 4588 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:25:22.0100 4588 ql2300 - ok
19:25:22.0241 4588 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:25:22.0256 4588 ql40xx - ok
19:25:22.0397 4588 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:25:22.0490 4588 QWAVEdrv - ok
19:25:22.0600 4588 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:25:22.0693 4588 RasAcd - ok
19:25:22.0865 4588 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:25:22.0943 4588 Rasl2tp - ok
19:25:23.0099 4588 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:25:23.0161 4588 RasPppoe - ok
19:25:23.0302 4588 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:25:23.0333 4588 RasSstp - ok
19:25:23.0504 4588 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:25:23.0551 4588 rdbss - ok
19:25:23.0723 4588 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:25:23.0785 4588 RDPCDD - ok
19:25:23.0926 4588 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
19:25:24.0019 4588 rdpdr - ok
19:25:24.0175 4588 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:25:24.0238 4588 RDPENCDD - ok
19:25:24.0394 4588 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
19:25:24.0456 4588 RDPWD - ok
19:25:24.0643 4588 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:25:24.0690 4588 rspndr - ok
19:25:24.0815 4588 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:25:24.0830 4588 sbp2port - ok
19:25:24.0955 4588 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:25:25.0018 4588 secdrv - ok
19:25:25.0049 4588 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:25:25.0127 4588 Serenum - ok
19:25:25.0205 4588 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:25:25.0283 4588 Serial - ok
19:25:25.0376 4588 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:25:25.0454 4588 sermouse - ok
19:25:25.0548 4588 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
19:25:25.0642 4588 sffdisk - ok
19:25:25.0766 4588 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:25:25.0860 4588 sffp_mmc - ok
19:25:25.0954 4588 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
19:25:26.0063 4588 sffp_sd - ok
19:25:26.0156 4588 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:25:26.0281 4588 sfloppy - ok
19:25:26.0437 4588 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:25:26.0468 4588 sisagp - ok
19:25:26.0656 4588 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:25:26.0671 4588 SiSRaid2 - ok
19:25:26.0796 4588 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:25:26.0874 4588 SiSRaid4 - ok
19:25:26.0999 4588 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:25:27.0046 4588 Smb - ok
19:25:27.0217 4588 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:25:27.0264 4588 spldr - ok
19:25:27.0451 4588 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:25:27.0545 4588 srv - ok
19:25:27.0685 4588 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:25:27.0748 4588 srv2 - ok
19:25:27.0904 4588 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:25:27.0950 4588 srvnet - ok
19:25:28.0122 4588 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:25:28.0169 4588 swenum - ok
19:25:28.0294 4588 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:25:28.0340 4588 Symc8xx - ok
19:25:28.0496 4588 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:25:28.0528 4588 Sym_hi - ok
19:25:28.0637 4588 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:25:28.0668 4588 Sym_u3 - ok
19:25:28.0824 4588 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:25:28.0918 4588 Tcpip - ok
19:25:29.0105 4588 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:25:29.0152 4588 Tcpip6 - ok
19:25:29.0308 4588 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:25:29.0448 4588 tcpipreg - ok
19:25:29.0604 4588 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:25:29.0666 4588 TDPIPE - ok
19:25:29.0838 4588 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:25:29.0916 4588 TDTCP - ok
19:25:30.0134 4588 tdx (9926af0e4a1ab2138bf6eab88eff989c) C:\Windows\system32\DRIVERS\tdx.sys
19:25:30.0883 4588 tdx ( Virus.Win32.ZAccess.g ) - infected
19:25:30.0883 4588 tdx - detected Virus.Win32.ZAccess.g (0)
19:25:31.0039 4588 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:25:31.0055 4588 TermDD - ok
19:25:31.0211 4588 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:25:31.0273 4588 tssecsrv - ok
19:25:31.0367 4588 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:25:31.0445 4588 tunmp - ok
19:25:31.0585 4588 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:25:31.0616 4588 tunnel - ok
19:25:31.0757 4588 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:25:31.0772 4588 uagp35 - ok
19:25:31.0882 4588 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:25:31.0928 4588 udfs - ok
19:25:32.0053 4588 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:25:32.0084 4588 uliagpkx - ok
19:25:32.0194 4588 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:25:32.0225 4588 uliahci - ok
19:25:32.0303 4588 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:25:32.0365 4588 UlSata - ok
19:25:32.0490 4588 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:25:32.0521 4588 ulsata2 - ok
19:25:32.0630 4588 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:25:32.0708 4588 umbus - ok
19:25:32.0833 4588 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
19:25:32.0911 4588 USBAAPL - ok
19:25:33.0052 4588 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:25:33.0114 4588 usbccgp - ok
19:25:33.0317 4588 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:25:33.0426 4588 usbcir - ok
19:25:33.0613 4588 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:25:33.0676 4588 usbehci - ok
19:25:33.0847 4588 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:25:33.0910 4588 usbhub - ok
19:25:34.0331 4588 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:25:34.0471 4588 usbohci - ok
19:25:34.0627 4588 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:25:34.0674 4588 usbprint - ok
19:25:34.0846 4588 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:25:34.0924 4588 usbscan - ok
19:25:35.0048 4588 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:25:35.0111 4588 USBSTOR - ok
19:25:35.0282 4588 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:25:35.0360 4588 usbuhci - ok
19:25:35.0501 4588 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:25:35.0610 4588 vga - ok
19:25:35.0782 4588 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:25:35.0860 4588 VgaSave - ok
19:25:35.0984 4588 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:25:36.0016 4588 viaagp - ok
19:25:36.0109 4588 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:25:36.0218 4588 ViaC7 - ok
19:25:36.0312 4588 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:25:36.0343 4588 viaide - ok
19:25:36.0593 4588 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:25:36.0624 4588 volmgr - ok
19:25:36.0796 4588 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:25:36.0827 4588 volmgrx - ok
19:25:37.0092 4588 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:25:37.0139 4588 volsnap - ok
19:25:37.0326 4588 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:25:37.0373 4588 vsmraid - ok
19:25:37.0872 4588 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:25:37.0966 4588 WacomPen - ok
19:25:38.0137 4588 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:25:38.0200 4588 Wanarp - ok
19:25:38.0200 4588 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:25:38.0246 4588 Wanarpv6 - ok
19:25:38.0543 4588 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:25:38.0558 4588 Wd - ok
19:25:38.0730 4588 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:25:38.0792 4588 Wdf01000 - ok
19:25:38.0948 4588 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:25:39.0229 4588 winachsf - ok
19:25:39.0463 4588 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:25:39.0682 4588 WmiAcpi - ok
19:25:39.0869 4588 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:25:39.0962 4588 WpdUsb - ok
19:25:40.0150 4588 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:25:40.0228 4588 ws2ifsl - ok
19:25:40.0399 4588 WSVD (2584df81cc9f7e7bd3545691106f8cae) C:\Windows\system32\drivers\WSVD.sys
19:25:40.0571 4588 WSVD - ok
19:25:40.0742 4588 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:25:40.0789 4588 WUDFRd - ok
19:25:40.0945 4588 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
19:25:40.0976 4588 XAudio - ok
19:25:41.0023 4588 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
19:25:45.0313 4588 \Device\Harddisk0\DR0 - ok
19:25:45.0344 4588 Boot (0x1200) (48c7e7b96e4590e2c4b21486c2b3b9e8) \Device\Harddisk0\DR0\Partition0
19:25:45.0344 4588 \Device\Harddisk0\DR0\Partition0 - ok
19:25:45.0376 4588 Boot (0x1200) (2e35c5d09c58c57df898e101cdcea80a) \Device\Harddisk0\DR0\Partition1
19:25:45.0376 4588 \Device\Harddisk0\DR0\Partition1 - ok
19:25:45.0376 4588 ============================================================
19:25:45.0376 4588 Scan finished
19:25:45.0376 4588 ============================================================
19:25:45.0469 6064 Detected object count: 3
19:25:45.0469 6064 Actual detected object count: 3
19:26:27.0449 6064 HKLM\SYSTEM\ControlSet001\services\KMWDFilter - will be deleted on reboot
19:26:27.0542 6064 HKLM\SYSTEM\ControlSet003\services\KMWDFilter - will be deleted on reboot
19:26:27.0558 6064 C:\Windows\System32\Drivers\KMWDFilter.SYS - will be deleted on reboot
19:26:27.0558 6064 KMWDFilter ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:26:27.0558 6064 HKLM\SYSTEM\ControlSet001\services\NTIDrvr - will be deleted on reboot
19:26:27.0574 6064 HKLM\SYSTEM\ControlSet003\services\NTIDrvr - will be deleted on reboot
19:26:27.0574 6064 C:\Windows\system32\DRIVERS\NTIDrvr.sys - will be deleted on reboot
19:26:27.0574 6064 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:26:27.0932 6064 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\tdx.sys) error 1813
19:26:37.0838 6064 Backup copy found, using it..
19:26:37.0854 6064 C:\Windows\system32\DRIVERS\tdx.sys - will be cured on reboot
19:26:44.0890 6064 tdx ( Virus.Win32.ZAccess.g ) - User select action: Cure

 

[Izzy13]

Die website van mediashifting start dus nog wel af en toe op, maar ik krijg dan wel de melding dat de pagina niet kan worden weergegeven.

 

[kleineblaag]

Die website van mediashifting start dus nog wel af en toe op, maar ik krijg dan wel de melding dat de pagina niet kan worden weergegeven.

Dat zal best, maar het is belangrijk dat je nu absoluut geen internetbankieren meer gebruikt en als je dat al wel hebt gedaan je op een andere (uiteraard onbesmette) computer je wachtwoord veranderd.

Geloof me dit is een rotvirus ik heb het ook gehad en ik heb uiteindelijk maar gereïnstalled.

Ik zou eventueel ook een back-up van belangrijke bestanden/foto's maken.

M.v.g.

Kleine Blaag