Pagina 1 van 2

ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:00
door Kaya
Beste,

Ik heb vandaag een infectie probleem contact gehad met ING inderdaad is ook door hun bevestigd.
zo dat ik te horen gekregen heb zal deze sinowal mebroot kunnen zijn.

hierna loop van de dag de volgende tools gebruikt-
-Malwarebytes Anti-Malware
-aswMBR
-FCleaner_1108_tcm7-83068 (via site ing-cleaner)
-tdsskiller

uiteindelijk heb ik echter niets kunnen ontdekken ook na gebruik van deze tools heb ik geen malware sinowal mebroot gezien op de logs...!

mijn vraag is wie o wie kan eventueel mij helpen om te checken dat ik inderdaad schone pc heb tenminste vanaf nu dan :)

mvg
alvast bedankt....

Re: ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:13
door Kaya
Per ongeluk wil de ik de inhoud wijzigen omdat er foutieve woordjes in stond... maar heb twee keer de zelfde inhoud toegevoegd aan deze forum. Sorry kunnen jullie een van deze liefs de eerste verwijderen a.u.b

mijn excuses

mvg

Re: ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:22
door Phoenix
Hallo Kaya,

De typefout heb ik reeds aangepast en het tweede topic verwijderd.
Je kan alvast even de log bestanden van de volgende programma's plaatsen zodat deze nagekeken kunnen worden.
-Malwarebytes Anti-Malware
-aswMBR
-FCleaner_1108_tcm7-83068 (via site ing-cleaner)
-tdsskiller

Re: ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:27
door Kaya
Deze is de eerste scan mbt Malwarebytes Anti-Malware
--------------------------------------------------------------
Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org" onclick="window.open(this.href);return false;

Databaseversie: 7988

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

20-10-2011 20:25:31
mbam-log-2011-10-20 (20-25-31).txt

Scantype: Snelle scan
Objecten gescand: 175515
Verstreken tijd: 6 minuut/minuten, 53 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 1
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{A6007098-8725-C007-B583-9589E593EF7E} (Trojan.ZbotR.Gen) -> Value: {A6007098-8725-C007-B583-9589E593EF7E} -> Quarantined and deleted successfully.

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Re: ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:30
door Kaya
van deze aswMBR de eerste log is er niet meer deze is nieuwe
--------------------------------------
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-20 22:28:09
-----------------------------
22:28:09.698 OS Version: Windows 6.0.6002 Service Pack 2
22:28:09.698 Number of processors: 2 586 0xF0D
22:28:09.700 ComputerName: LP_MKAYA UserName: MKaya
22:28:10.856 Initialize success
22:28:15.392 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:28:15.395 Disk 0 Vendor: ST9250320AS 0303 Size: 238475MB BusType: 3
22:28:17.649 Disk 0 MBR read successfully
22:28:17.652 Disk 0 MBR scan
22:28:17.655 Disk 0 Windows VISTA default MBR code
22:28:17.683 Disk 0 scanning sectors +488394752
22:28:17.818 Disk 0 scanning C:\Windows\system32\drivers
22:28:26.241 Service scanning
22:28:26.963 Service MpKslb0b24ce3 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{39EC7731-CC27-40C1-B03B-09DBB62F9753}\MpKslb0b24ce3.sys **LOCKED** 32
22:28:26.968 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
22:28:27.592 Modules scanning
22:28:33.407 Disk 0 trace - called modules:
22:28:33.484 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys halmacpi.dll nvlddmkm.sys dxgkrnl.sys ndis.sys athr.sys tcpip.sys NETIO.SYS intelppm.sys watchdog.sys
22:28:33.491 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x855357c0]
22:28:33.498 3 CLASSPNP.SYS[8a1b48b3] -> nt!IofCallDriver -> [0x84f6b860]
22:28:33.508 Scan finished successfully
22:28:44.824 Disk 0 MBR has been saved successfully to "C:\Users\MKaya\Desktop\MBR.dat"
22:28:44.832 The log file has been saved successfully to "C:\Users\MKaya\Desktop\aswMBR.txt"

Re: ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:31
door Kaya
eerste log van TDSSKiller
------------------------------------------
20:33:18.0278 0800 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27
20:33:18.0435 0800 ============================================================
20:33:18.0435 0800 Current date / time: 2011/10/20 20:33:18.0435
20:33:18.0435 0800 SystemInfo:
20:33:18.0435 0800
20:33:18.0435 0800 OS Version: 6.0.6002 ServicePack: 2.0
20:33:18.0435 0800 Product type: Workstation
20:33:18.0435 0800 ComputerName: LP_MKAYA
20:33:18.0436 0800 UserName: MKaya
20:33:18.0436 0800 Windows directory: C:\Windows
20:33:18.0436 0800 System windows directory: C:\Windows
20:33:18.0436 0800 Processor architecture: Intel x86
20:33:18.0436 0800 Number of processors: 2
20:33:18.0436 0800 Page size: 0x1000
20:33:18.0436 0800 Boot type: Normal boot
20:33:18.0436 0800 ============================================================
20:33:21.0525 0800 Initialize success
20:33:26.0440 5912 ============================================================
20:33:26.0441 5912 Scan started
20:33:26.0441 5912 Mode: Manual;
20:33:26.0441 5912 ============================================================
20:33:27.0682 5912 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:33:27.0693 5912 ACPI - ok
20:33:27.0767 5912 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:33:27.0778 5912 adp94xx - ok
20:33:27.0809 5912 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:33:27.0818 5912 adpahci - ok
20:33:27.0842 5912 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:33:27.0846 5912 adpu160m - ok
20:33:27.0875 5912 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:33:27.0880 5912 adpu320 - ok
20:33:27.0941 5912 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:33:27.0948 5912 AFD - ok
20:33:27.0995 5912 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:33:27.0997 5912 agp440 - ok
20:33:28.0054 5912 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:33:28.0057 5912 aic78xx - ok
20:33:28.0084 5912 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:33:28.0086 5912 aliide - ok
20:33:28.0115 5912 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:33:28.0117 5912 amdagp - ok
20:33:28.0133 5912 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:33:28.0134 5912 amdide - ok
20:33:28.0157 5912 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:33:28.0160 5912 AmdK7 - ok
20:33:28.0176 5912 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:33:28.0179 5912 AmdK8 - ok
20:33:28.0226 5912 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:33:28.0229 5912 arc - ok
20:33:28.0256 5912 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:33:28.0259 5912 arcsas - ok
20:33:28.0365 5912 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys
20:33:28.0367 5912 ASMMAP - ok
20:33:28.0505 5912 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:33:28.0507 5912 AsyncMac - ok
20:33:28.0560 5912 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:33:28.0561 5912 atapi - ok
20:33:28.0621 5912 athr (4df523f49694b2884f8e5d870bf3e253) C:\Windows\system32\DRIVERS\athr.sys
20:33:28.0653 5912 athr - ok
20:33:28.0771 5912 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:33:28.0773 5912 Beep - ok
20:33:28.0843 5912 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:33:28.0845 5912 blbdrive - ok
20:33:28.0893 5912 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:33:28.0896 5912 bowser - ok
20:33:28.0922 5912 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:33:28.0924 5912 BrFiltLo - ok
20:33:28.0948 5912 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:33:28.0950 5912 BrFiltUp - ok
20:33:28.0999 5912 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:33:29.0002 5912 Brserid - ok
20:33:29.0030 5912 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:33:29.0032 5912 BrSerWdm - ok
20:33:29.0060 5912 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:33:29.0063 5912 BrUsbMdm - ok
20:33:29.0086 5912 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:33:29.0093 5912 BrUsbSer - ok
20:33:29.0139 5912 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:33:29.0142 5912 BTHMODEM - ok
20:33:29.0183 5912 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:33:29.0186 5912 cdfs - ok
20:33:29.0228 5912 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:33:29.0231 5912 cdrom - ok
20:33:29.0271 5912 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:33:29.0274 5912 circlass - ok
20:33:29.0323 5912 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:33:29.0330 5912 CLFS - ok
20:33:29.0440 5912 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:33:29.0445 5912 CmBatt - ok
20:33:29.0476 5912 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:33:29.0483 5912 cmdide - ok
20:33:29.0527 5912 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:33:29.0530 5912 Compbatt - ok
20:33:29.0560 5912 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:33:29.0563 5912 crcdisk - ok
20:33:29.0591 5912 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:33:29.0594 5912 Crusoe - ok
20:33:29.0656 5912 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:33:29.0659 5912 DfsC - ok
20:33:29.0752 5912 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:33:29.0755 5912 disk - ok
20:33:29.0868 5912 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:33:29.0870 5912 drmkaud - ok
20:33:29.0930 5912 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:33:29.0939 5912 DXGKrnl - ok
20:33:29.0982 5912 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:33:29.0986 5912 E1G60 - ok
20:33:30.0046 5912 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:33:30.0051 5912 Ecache - ok
20:33:30.0118 5912 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:33:30.0128 5912 elxstor - ok
20:33:30.0168 5912 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:33:30.0170 5912 ErrDev - ok
20:33:30.0250 5912 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:33:30.0255 5912 exfat - ok
20:33:30.0298 5912 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:33:30.0302 5912 fastfat - ok
20:33:30.0361 5912 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:33:30.0363 5912 fdc - ok
20:33:30.0393 5912 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:33:30.0397 5912 FileInfo - ok
20:33:30.0416 5912 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:33:30.0422 5912 Filetrace - ok
20:33:30.0459 5912 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:33:30.0462 5912 flpydisk - ok
20:33:30.0502 5912 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:33:30.0507 5912 FltMgr - ok
20:33:30.0547 5912 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:33:30.0549 5912 Fs_Rec - ok
20:33:30.0576 5912 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:33:30.0578 5912 gagp30kx - ok
20:33:30.0636 5912 ghaio (31b40f40e09513addc460f6a297ad474) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
20:33:30.0639 5912 ghaio - ok
20:33:30.0770 5912 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:33:30.0777 5912 HdAudAddService - ok
20:33:30.0827 5912 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:33:30.0841 5912 HDAudBus - ok
20:33:30.0872 5912 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:33:30.0875 5912 HidBth - ok
20:33:30.0903 5912 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:33:30.0905 5912 HidIr - ok
20:33:30.0952 5912 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:33:30.0955 5912 HidUsb - ok
20:33:30.0990 5912 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:33:30.0993 5912 HpCISSs - ok
20:33:31.0045 5912 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
20:33:31.0057 5912 HTTP - ok
20:33:31.0100 5912 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:33:31.0102 5912 i2omp - ok
20:33:31.0162 5912 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:33:31.0165 5912 i8042prt - ok
20:33:31.0203 5912 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:33:31.0210 5912 iaStorV - ok
20:33:31.0240 5912 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:33:31.0243 5912 iirsp - ok
20:33:31.0370 5912 IntcAzAudAddService (0557aaee4c86e2c333acd2baf42a7619) C:\Windows\system32\drivers\RTKVHDA.sys
20:33:31.0438 5912 IntcAzAudAddService - ok
20:33:31.0565 5912 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:33:31.0567 5912 intelide - ok
20:33:31.0616 5912 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:33:31.0619 5912 intelppm - ok
20:33:31.0704 5912 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:33:31.0706 5912 IpFilterDriver - ok
20:33:31.0731 5912 IpInIp - ok
20:33:31.0761 5912 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:33:31.0763 5912 IPMIDRV - ok
20:33:31.0779 5912 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:33:31.0783 5912 IPNAT - ok
20:33:31.0809 5912 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:33:31.0811 5912 IRENUM - ok
20:33:31.0834 5912 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:33:31.0836 5912 isapnp - ok
20:33:31.0875 5912 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:33:31.0879 5912 iScsiPrt - ok
20:33:31.0893 5912 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:33:31.0896 5912 iteatapi - ok
20:33:31.0913 5912 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:33:31.0914 5912 iteraid - ok
20:33:31.0940 5912 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:33:31.0942 5912 kbdclass - ok
20:33:31.0974 5912 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
20:33:31.0976 5912 kbdhid - ok
20:33:32.0000 5912 kbfiltr (27bd4ac228ef6c0d490617c32e86a672) C:\Windows\system32\DRIVERS\kbfiltr.sys
20:33:32.0001 5912 kbfiltr - ok
20:33:32.0087 5912 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
20:33:32.0089 5912 KMWDFILTER - ok
20:33:32.0140 5912 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:33:32.0149 5912 KSecDD - ok
20:33:32.0208 5912 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:33:32.0210 5912 lltdio - ok
20:33:32.0255 5912 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:33:32.0258 5912 LSI_FC - ok
20:33:32.0283 5912 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:33:32.0286 5912 LSI_SAS - ok
20:33:32.0313 5912 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:33:32.0316 5912 LSI_SCSI - ok
20:33:32.0345 5912 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:33:32.0346 5912 luafv - ok
20:33:32.0403 5912 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
20:33:32.0448 5912 MBAMProtector - ok
20:33:32.0488 5912 MBAMSwissArmy - ok
20:33:32.0673 5912 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:33:32.0675 5912 megasas - ok
20:33:32.0717 5912 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:33:32.0725 5912 MegaSR - ok
20:33:32.0750 5912 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:33:32.0752 5912 Modem - ok
20:33:32.0793 5912 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:33:32.0796 5912 monitor - ok
20:33:32.0820 5912 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:33:32.0822 5912 mouclass - ok
20:33:32.0847 5912 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:33:32.0849 5912 mouhid - ok
20:33:32.0868 5912 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:33:32.0870 5912 MountMgr - ok
20:33:32.0915 5912 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
20:33:32.0920 5912 MpFilter - ok
20:33:32.0961 5912 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:33:32.0965 5912 mpio - ok
20:33:33.0055 5912 MpKslec9e954f (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6577DF10-B35F-40D3-9622-01AB35D8FA1C}\MpKslec9e954f.sys
20:33:33.0056 5912 MpKslec9e954f - ok
20:33:33.0135 5912 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:33:33.0137 5912 MpNWMon - ok
20:33:33.0182 5912 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:33:33.0185 5912 mpsdrv - ok
20:33:33.0220 5912 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:33:33.0222 5912 Mraid35x - ok
20:33:33.0260 5912 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:33:33.0264 5912 MRxDAV - ok
20:33:33.0305 5912 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:33:33.0309 5912 mrxsmb - ok
20:33:33.0353 5912 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:33:33.0359 5912 mrxsmb10 - ok
20:33:33.0385 5912 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:33:33.0388 5912 mrxsmb20 - ok
20:33:33.0471 5912 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
20:33:33.0473 5912 msahci - ok
20:33:33.0515 5912 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:33:33.0518 5912 msdsm - ok
20:33:33.0552 5912 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:33:33.0554 5912 Msfs - ok
20:33:33.0597 5912 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:33:33.0599 5912 msisadrv - ok
20:33:33.0653 5912 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:33:33.0655 5912 MSKSSRV - ok
20:33:33.0705 5912 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:33:33.0707 5912 MSPCLOCK - ok
20:33:33.0728 5912 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:33:33.0731 5912 MSPQM - ok
20:33:33.0782 5912 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:33:33.0786 5912 MsRPC - ok
20:33:33.0832 5912 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:33:33.0835 5912 mssmbios - ok
20:33:33.0876 5912 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:33:33.0878 5912 MSTEE - ok
20:33:33.0926 5912 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
20:33:33.0928 5912 MTsensor - ok
20:33:33.0959 5912 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:33:33.0962 5912 Mup - ok
20:33:34.0016 5912 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:33:34.0020 5912 NativeWifiP - ok
20:33:34.0085 5912 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:33:34.0097 5912 NDIS - ok
20:33:34.0151 5912 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:33:34.0153 5912 NdisTapi - ok
20:33:34.0184 5912 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:33:34.0187 5912 Ndisuio - ok
20:33:34.0227 5912 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:33:34.0232 5912 NdisWan - ok
20:33:34.0257 5912 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:33:34.0260 5912 NDProxy - ok
20:33:34.0301 5912 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:33:34.0302 5912 NetBIOS - ok
20:33:34.0338 5912 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:33:34.0343 5912 netbt - ok
20:33:34.0412 5912 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:33:34.0420 5912 nfrd960 - ok
20:33:34.0506 5912 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:33:34.0509 5912 NisDrv - ok
20:33:34.0568 5912 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:33:34.0569 5912 Npfs - ok
20:33:34.0618 5912 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:33:34.0619 5912 nsiproxy - ok
20:33:34.0685 5912 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:33:34.0719 5912 Ntfs - ok
20:33:34.0758 5912 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:33:34.0760 5912 ntrigdigi - ok
20:33:34.0789 5912 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:33:34.0791 5912 Null - ok
20:33:34.0852 5912 NVENETFD (adb84b1e6b837c45443aa25abe9e7012) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:33:34.0886 5912 NVENETFD - ok
20:33:34.0948 5912 NVHDA (79e97cdae5449a59a4798fc5b006c58f) C:\Windows\system32\drivers\nvhda32v.sys
20:33:34.0951 5912 NVHDA - ok
20:33:35.0337 5912 nvlddmkm (4152708c0c24e30dae7fa87d5afe1d7b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:33:35.0550 5912 nvlddmkm - ok
20:33:35.0607 5912 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:33:35.0610 5912 nvraid - ok
20:33:35.0640 5912 nvsmu (736054614ab962d4ec01ef4abce115f1) C:\Windows\system32\DRIVERS\nvsmu.sys
20:33:35.0643 5912 nvsmu - ok
20:33:35.0672 5912 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:33:35.0674 5912 nvstor - ok
20:33:35.0735 5912 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:33:35.0738 5912 nv_agp - ok
20:33:35.0750 5912 NwlnkFlt - ok
20:33:35.0770 5912 NwlnkFwd - ok
20:33:35.0798 5912 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
20:33:35.0801 5912 ohci1394 - ok
20:33:35.0872 5912 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:33:35.0875 5912 Parport - ok
20:33:35.0912 5912 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:33:35.0915 5912 partmgr - ok
20:33:35.0952 5912 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:33:35.0953 5912 Parvdm - ok
20:33:35.0997 5912 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:33:36.0001 5912 pci - ok
20:33:36.0045 5912 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
20:33:36.0047 5912 pciide - ok
20:33:36.0076 5912 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:33:36.0082 5912 pcmcia - ok
20:33:36.0141 5912 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:33:36.0166 5912 PEAUTH - ok
20:33:36.0260 5912 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:33:36.0264 5912 PptpMiniport - ok
20:33:36.0300 5912 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:33:36.0302 5912 Processor - ok
20:33:36.0360 5912 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:33:36.0363 5912 PSched - ok
20:33:36.0390 5912 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
20:33:36.0392 5912 PxHelp20 - ok
20:33:36.0460 5912 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:33:36.0495 5912 ql2300 - ok
20:33:36.0536 5912 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:33:36.0539 5912 ql40xx - ok
20:33:36.0583 5912 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:33:36.0585 5912 QWAVEdrv - ok
20:33:36.0603 5912 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:33:36.0605 5912 RasAcd - ok
20:33:36.0632 5912 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:33:36.0635 5912 Rasl2tp - ok
20:33:36.0670 5912 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:33:36.0672 5912 RasPppoe - ok
20:33:36.0694 5912 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:33:36.0697 5912 RasSstp - ok
20:33:36.0728 5912 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:33:36.0734 5912 rdbss - ok
20:33:36.0749 5912 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:33:36.0751 5912 RDPCDD - ok
20:33:36.0801 5912 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:33:36.0806 5912 rdpdr - ok
20:33:36.0820 5912 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:33:36.0822 5912 RDPENCDD - ok
20:33:36.0864 5912 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:33:36.0868 5912 RDPWD - ok
20:33:36.0925 5912 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:33:36.0928 5912 rspndr - ok
20:33:36.0964 5912 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:33:36.0967 5912 sbp2port - ok
20:33:37.0017 5912 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
20:33:37.0020 5912 sdbus - ok
20:33:37.0055 5912 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:33:37.0057 5912 secdrv - ok
20:33:37.0097 5912 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:33:37.0099 5912 Serenum - ok
20:33:37.0146 5912 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:33:37.0149 5912 Serial - ok
20:33:37.0174 5912 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:33:37.0177 5912 sermouse - ok
20:33:37.0212 5912 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:33:37.0215 5912 sffdisk - ok
20:33:37.0236 5912 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:33:37.0237 5912 sffp_mmc - ok
20:33:37.0251 5912 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:33:37.0253 5912 sffp_sd - ok
20:33:37.0272 5912 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
20:33:37.0274 5912 sfloppy - ok
20:33:37.0315 5912 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:33:37.0318 5912 sisagp - ok
20:33:37.0336 5912 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:33:37.0338 5912 SiSRaid2 - ok
20:33:37.0388 5912 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:33:37.0390 5912 SiSRaid4 - ok
20:33:37.0452 5912 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:33:37.0455 5912 Smb - ok
20:33:37.0514 5912 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
20:33:37.0547 5912 smserial - ok
20:33:37.0733 5912 SNP2UVC (85da7b2a2f248c8c69d7d0a526342683) C:\Windows\system32\DRIVERS\snp2uvc.sys
20:33:37.0776 5912 SNP2UVC - ok
20:33:37.0797 5912 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:33:37.0800 5912 spldr - ok
20:33:37.0861 5912 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:33:37.0868 5912 srv - ok
20:33:37.0909 5912 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:33:37.0914 5912 srv2 - ok
20:33:37.0936 5912 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:33:37.0939 5912 srvnet - ok
20:33:37.0987 5912 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:33:37.0988 5912 swenum - ok
20:33:38.0022 5912 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:33:38.0024 5912 Symc8xx - ok
20:33:38.0045 5912 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:33:38.0047 5912 Sym_hi - ok
20:33:38.0075 5912 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:33:38.0077 5912 Sym_u3 - ok
20:33:38.0117 5912 SynTP (db835c324cd488a86e9bfc2c3fd29cd8) C:\Windows\system32\DRIVERS\SynTP.sys
20:33:38.0122 5912 SynTP - ok
20:33:38.0200 5912 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
20:33:38.0233 5912 Tcpip - ok
20:33:38.0280 5912 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
20:33:38.0289 5912 Tcpip6 - ok
20:33:38.0326 5912 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
20:33:38.0329 5912 tcpipreg - ok
20:33:38.0367 5912 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:33:38.0368 5912 TDPIPE - ok
20:33:38.0396 5912 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:33:38.0398 5912 TDTCP - ok
20:33:38.0462 5912 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:33:38.0465 5912 tdx - ok
20:33:38.0527 5912 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:33:38.0530 5912 TermDD - ok
20:33:38.0589 5912 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:33:38.0591 5912 tssecsrv - ok
20:33:38.0622 5912 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:33:38.0623 5912 tunmp - ok
20:33:38.0656 5912 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
20:33:38.0658 5912 tunnel - ok
20:33:38.0690 5912 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:33:38.0692 5912 uagp35 - ok
20:33:38.0730 5912 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:33:38.0736 5912 udfs - ok
20:33:38.0766 5912 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:33:38.0769 5912 uliagpkx - ok
20:33:38.0797 5912 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:33:38.0802 5912 uliahci - ok
20:33:38.0831 5912 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:33:38.0834 5912 UlSata - ok
20:33:38.0858 5912 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:33:38.0862 5912 ulsata2 - ok
20:33:38.0907 5912 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:33:38.0909 5912 umbus - ok
20:33:38.0940 5912 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:33:38.0944 5912 usbccgp - ok
20:33:38.0961 5912 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:33:38.0965 5912 usbcir - ok
20:33:39.0010 5912 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:33:39.0013 5912 usbehci - ok
20:33:39.0044 5912 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:33:39.0049 5912 usbhub - ok
20:33:39.0072 5912 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:33:39.0074 5912 usbohci - ok
20:33:39.0096 5912 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
20:33:39.0099 5912 usbprint - ok
20:33:39.0130 5912 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:33:39.0131 5912 USBSTOR - ok
20:33:39.0162 5912 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:33:39.0164 5912 usbuhci - ok
20:33:39.0209 5912 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:33:39.0214 5912 usbvideo - ok
20:33:39.0284 5912 VD_FileDisk (a7a771aebb09b7932ba79d086cc7fd21) C:\Windows\system32\drivers\VD_FileDisk.sys
20:33:39.0285 5912 VD_FileDisk - ok
20:33:39.0325 5912 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:33:39.0328 5912 vga - ok
20:33:39.0370 5912 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:33:39.0372 5912 VgaSave - ok
20:33:39.0402 5912 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:33:39.0436 5912 viaagp - ok
20:33:39.0455 5912 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:33:39.0500 5912 ViaC7 - ok
20:33:39.0524 5912 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:33:39.0527 5912 viaide - ok
20:33:39.0559 5912 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:33:39.0562 5912 volmgr - ok
20:33:39.0608 5912 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:33:39.0616 5912 volmgrx - ok
20:33:39.0659 5912 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:33:39.0665 5912 volsnap - ok
20:33:39.0693 5912 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:33:39.0697 5912 vsmraid - ok
20:33:39.0738 5912 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:33:39.0740 5912 WacomPen - ok
20:33:39.0770 5912 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:33:39.0773 5912 Wanarp - ok
20:33:39.0787 5912 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:33:39.0789 5912 Wanarpv6 - ok
20:33:39.0818 5912 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:33:39.0820 5912 Wd - ok
20:33:39.0854 5912 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:33:39.0864 5912 Wdf01000 - ok
20:33:39.0998 5912 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:33:40.0001 5912 WmiAcpi - ok
20:33:40.0066 5912 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:33:40.0068 5912 ws2ifsl - ok
20:33:40.0134 5912 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:33:40.0137 5912 WUDFRd - ok
20:33:40.0200 5912 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
20:33:40.0205 5912 yukonwlh - ok
20:33:40.0236 5912 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:33:40.0249 5912 \Device\Harddisk0\DR0 - ok
20:33:40.0256 5912 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
20:33:40.0264 5912 \Device\Harddisk1\DR1 - ok
20:33:40.0280 5912 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
20:33:40.0287 5912 \Device\Harddisk2\DR2 - ok
20:33:40.0656 5912 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk3\DR3
20:33:40.0845 5912 \Device\Harddisk3\DR3 - ok
20:33:41.0081 5912 Boot (0x1200) (f2d0b35364f8a796b76cd5e31d2fc7e5) \Device\Harddisk0\DR0\Partition0
20:33:41.0083 5912 \Device\Harddisk0\DR0\Partition0 - ok
20:33:41.0125 5912 Boot (0x1200) (c3b4a2804d1c4d0dd33b58a712a6dc98) \Device\Harddisk0\DR0\Partition1
20:33:41.0127 5912 \Device\Harddisk0\DR0\Partition1 - ok
20:33:41.0133 5912 Boot (0x1200) (00925ff98780035b6f8f9c47a193a6cd) \Device\Harddisk1\DR1\Partition0
20:33:41.0135 5912 \Device\Harddisk1\DR1\Partition0 - ok
20:33:41.0142 5912 Boot (0x1200) (f32f964f0b9033c108c1277ef42d8bd5) \Device\Harddisk2\DR2\Partition0
20:33:41.0143 5912 \Device\Harddisk2\DR2\Partition0 - ok
20:33:41.0154 5912 Boot (0x1200) (eb8fceb3d50d9eba70826f76d0fde87e) \Device\Harddisk3\DR3\Partition0
20:33:41.0157 5912 \Device\Harddisk3\DR3\Partition0 - ok
20:33:41.0158 5912 ============================================================
20:33:41.0158 5912 Scan finished
20:33:41.0158 5912 ============================================================
20:33:41.0184 3348 Detected object count: 0
20:33:41.0184 3348 Actual detected object count: 0
20:34:25.0739 2164 Deinitialize success

Re: ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:32
door Kaya
Log van FSCleaner
----------------------------------
[20-10-2011 20:34:34] FCleaner v1.5.0.0 Loading...
[20-10-2011 20:34:34] No malware was found on your system!

Re: ING Tancode/Sms Infectie

Geplaatst: 20 okt 2011 22:37
door Kaya
Beste Phoenix

ik heb vergeten te melden ComboFix

Logs van ComboFix
----------------------
ComboFix 11-10-20.05 - MKaya 20-10-2011 20:50:09.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.3070.1318 [GMT 2:00]
Gestart vanuit: c:\users\MKaya\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MKaya\AppData\Local\promo.exe
c:\users\MKaya\AppData\Local\Setup.exe
C:\WINDOWSTemp
c:\windowstemp\dbisam.lck
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-09-20 to 2011-10-20 ))))))))))))))))))))))))))))))
.
.
2011-10-20 18:57 . 2011-10-20 18:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-20 18:12 . 2011-10-20 18:12 -------- d-----w- c:\programdata\Malwarebytes
2011-10-20 18:12 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-20 18:12 . 2011-10-20 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-20 16:49 . 2011-10-20 16:49 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6577DF10-B35F-40D3-9622-01AB35D8FA1C}\MpKslec9e954f.sys
2011-10-20 16:49 . 2011-10-20 16:49 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6577DF10-B35F-40D3-9622-01AB35D8FA1C}\offreg.dll
2011-10-20 16:49 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6577DF10-B35F-40D3-9622-01AB35D8FA1C}\mpengine.dll
2011-10-18 23:22 . 2011-10-18 23:22 -------- d-----w- c:\program files\FastStone Capture
2011-10-17 15:18 . 2011-10-17 15:22 -------- d-----w- c:\program files\TC UP
2011-10-15 20:30 . 2011-10-15 20:30 -------- d-----w- c:\windows\Davut Kaya Hatim
2011-10-14 22:10 . 2011-10-14 22:10 -------- dc-h--w- c:\programdata\{6C47B826-5902-49BB-BF6B-68F5716FD827}
2011-10-14 15:12 . 2011-10-14 15:15 -------- d-----w- c:\program files\PhotoScape
2011-10-14 15:06 . 2011-10-14 15:06 -------- d-----w- c:\windows\system32\quicktime
2011-10-14 15:06 . 2011-10-16 09:29 -------- d-----w- c:\program files\Videocharge Software
2011-10-14 13:38 . 2011-10-14 13:38 -------- d-----w- c:\programdata\Mr Retro
2011-10-13 18:40 . 2011-10-13 18:40 -------- d-----w- c:\programdata\Anvsoft
2011-10-13 18:39 . 2011-10-13 18:40 -------- d-----w- c:\program files\Wedding Album Maker Gold
2011-10-13 17:40 . 2011-10-13 17:40 102400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{5326F70F-C5F6-4386-9EA9-0CA8FEAF50AF}-Splash.exe
2011-10-13 17:40 . 2011-10-13 17:40 102400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{01B6551F-256D-42AD-9E67-A8F6D952750C}-Splash.exe
2011-10-13 15:20 . 2011-10-13 15:20 -------- dc-h--w- c:\programdata\{738BC746-5FBD-4969-B3F1-6A065E31C7BE}
2011-10-13 15:18 . 2011-10-13 15:18 -------- dc-h--w- c:\programdata\{DD44E1C4-AD22-4508-8355-744AA998F06D}
2011-10-13 15:18 . 2011-10-13 15:18 -------- dc-h--w- c:\programdata\{682FE305-7958-4875-9B95-34673E7151AD}
2011-10-13 15:18 . 2011-10-13 15:18 -------- dc-h--w- c:\programdata\{529BBEB3-0369-420C-BD9C-37553D289203}
2011-10-13 15:17 . 2011-10-13 15:18 -------- dc-h--w- c:\programdata\{E6AF2639-F710-4F5B-8830-95A396FB523F}
2011-10-13 15:17 . 2011-10-13 15:17 -------- dc-h--w- c:\programdata\{AB404F93-CDCE-40D9-8D4E-8606C84D368C}
2011-10-13 15:17 . 2011-10-13 15:17 -------- dc-h--w- c:\programdata\{8265C354-3D13-4FE5-95C7-65F277FF3041}
2011-10-13 15:17 . 2011-10-14 22:10 -------- d-----w- c:\program files\Common Files\Topaz Labs
2011-10-13 15:17 . 2011-10-14 22:10 -------- d-----w- c:\program files\Topaz Labs
2011-10-13 13:23 . 2011-10-13 13:25 -------- d-----w- c:\program files\DownVision
2011-10-12 23:51 . 2011-10-12 23:51 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-10-12 23:50 . 2011-10-12 23:51 -------- d-----w- c:\program files\DivX
2011-10-12 23:50 . 2011-10-12 23:51 -------- d-----w- c:\programdata\DivX
2011-10-12 23:22 . 2011-10-12 23:23 -------- d-----w- c:\program files\Filter Forge Freepack 3 - Frames
2011-10-12 23:12 . 2006-11-10 16:41 1030144 ----a-w- c:\windows\system32\dbghelp-xfw.dll
2011-10-12 23:12 . 2011-10-12 23:12 -------- d-----w- c:\program files\Filter Forge Freepack 2 - Photo Effects
2011-10-12 23:01 . 2011-10-12 23:01 -------- d-----w- c:\program files\Imagenomic
2011-10-11 01:36 . 2010-11-30 09:43 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-10-11 01:35 . 2011-10-11 01:35 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6EF62D24-2387-4D73-8FC5-1312B730412C}\gapaengine.dll
2011-10-10 17:52 . 2011-10-10 17:52 -------- d-----w- c:\program files\GetMiro Toolbar
2011-10-10 17:50 . 2011-10-10 17:50 -------- d-----w- c:\program files\Participatory Culture Foundation
2011-10-09 23:49 . 2011-10-10 19:42 -------- d-----w- C:\Gizli_Bilgiler
2011-10-09 23:39 . 2011-10-09 23:39 -------- d-----w- c:\programdata\Socusoft
2011-10-09 23:35 . 2011-10-09 23:35 -------- d-----w- c:\program files\DVD Photo Slideshow Professional
2011-10-09 23:13 . 2007-04-09 11:23 28552 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2011-10-09 23:13 . 2007-04-09 11:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2011-10-09 23:12 . 2011-10-12 23:51 -------- d-----w- c:\program files\Mozilla Sunbird
2011-10-09 23:11 . 2011-10-11 01:02 -------- d-----w- c:\program files\Microsoft Works
2011-10-09 23:11 . 2011-10-09 23:12 -------- d-----w- c:\windows\SHELLNEW
2011-10-09 23:11 . 2011-10-13 10:47 -------- d-----w- c:\program files\Microsoft.NET
2011-10-09 23:03 . 2011-10-09 23:03 -------- d-----w- c:\program files\GRETECH
2011-10-09 22:59 . 2011-10-09 22:59 -------- d-----w- c:\program files\Common Files\Webroot Shared
2011-10-09 22:59 . 2011-10-09 22:59 -------- d-----w- c:\programdata\Webroot
2011-10-09 22:59 . 2011-10-09 22:59 -------- d-----w- c:\program files\Webroot
2011-10-09 22:58 . 2007-11-26 12:47 194888 ----a-w- c:\windows\Unwash6.exe
2011-10-09 22:47 . 2011-10-10 12:50 -------- d-----w- c:\program files\Common Files\Macromedia
2011-10-09 22:47 . 2011-10-10 12:50 -------- d-----w- c:\program files\Macromedia
2011-10-09 22:40 . 2011-10-09 22:40 -------- d-----w- c:\program files\TeamViewer
2011-10-09 22:37 . 2008-01-21 02:32 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL
2011-10-09 22:36 . 2011-10-09 22:36 -------- d-----w- c:\program files\Common Files\Bullzip
2011-10-09 22:36 . 2010-01-16 15:01 7680 ----a-w- c:\windows\system32\BioPdf.PdfWriter.Lib.dll
2011-10-09 22:36 . 2010-01-07 18:40 131072 ----a-w- c:\windows\system32\bzpdfc.dll
2011-10-09 22:36 . 2008-10-30 20:15 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2011-10-09 22:36 . 2008-07-09 21:19 103424 ----a-w- c:\windows\system32\bzDCT.dll
2011-10-09 22:36 . 2010-01-13 17:57 194560 ----a-w- c:\windows\system32\bzpdf.dll
2011-10-09 22:36 . 1999-05-06 21:00 140288 ----a-w- c:\windows\system32\comdlg32.OCX
2011-10-09 22:36 . 2011-10-09 22:36 -------- d-----w- c:\program files\Bullzip
2011-10-09 22:31 . 2011-10-09 22:32 -------- d-----w- c:\program files\The KMPlayer
2011-10-09 22:29 . 2011-10-14 12:13 -------- d-----w- c:\program files\JDownloader
2011-10-09 22:27 . 2007-04-12 12:19 129024 ----a-w- c:\windows\system32\AVERM.dll
2011-10-09 22:27 . 2006-09-26 11:57 28672 ----a-w- c:\windows\system32\AVEQT.dll
2011-10-09 22:27 . 2011-10-09 22:27 -------- d-----w- c:\program files\Ultra Video Joiner
2011-10-09 22:22 . 2011-10-09 22:22 -------- d-----w- c:\program files\Common Files\Java
2011-10-09 22:21 . 2011-10-09 22:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-09 22:21 . 2011-10-09 22:21 -------- d-----w- c:\program files\Java
2011-10-09 22:12 . 2011-10-09 22:12 -------- d-----w- c:\program files\uTorrent
2011-10-09 22:06 . 2011-10-09 22:07 -------- d-----w- c:\program files\FileZilla FTP Client
2011-10-09 21:07 . 2011-08-03 11:50 6613096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-09 21:07 . 2011-08-03 11:50 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-09 21:07 . 2011-08-03 11:50 16595560 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-09 21:07 . 2011-08-03 11:50 10304104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-09 21:06 . 2011-08-03 11:50 914024 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-09 21:06 . 2011-08-03 11:50 875112 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-09 21:06 . 2011-08-03 11:50 5404776 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-09 21:06 . 2011-08-03 11:50 2391656 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-09 21:06 . 2011-08-03 11:50 2090088 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-09 21:06 . 2011-08-03 11:50 17193576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-09 17:22 . 2011-10-09 17:22 -------- d-----w- c:\programdata\RoboForm
2011-10-09 17:21 . 2011-10-09 17:21 -------- d-----w- c:\program files\Siber Systems
2011-10-09 17:15 . 2011-10-09 17:15 -------- d-----w- c:\windows\Kuran Hatim 3.0
2011-10-09 17:14 . 2011-10-09 17:15 -------- d-----w- c:\program files\Hasenat
2011-10-09 16:53 . 2011-10-09 16:53 -------- d-----w- C:\NVIDIA
2011-10-09 16:46 . 2011-10-09 16:46 -------- d-----w- c:\users\UpdatusUser
2011-10-09 16:44 . 2011-10-09 16:44 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-10-09 16:40 . 2011-05-10 09:41 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-10-09 16:40 . 2011-04-08 05:14 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-10-09 16:40 . 2011-04-08 05:14 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-10-09 16:40 . 2011-10-09 22:02 -------- d-----w- c:\program files\NVIDIA Corporation
2011-10-09 15:13 . 2011-10-09 15:13 -------- d-----r- c:\program files\Skype
2011-10-09 15:13 . 2011-10-09 15:13 -------- d-----w- c:\programdata\Skype
2011-10-09 14:20 . 2011-10-09 14:20 -------- d-----w- c:\windows\PCHEALTH
2011-10-09 14:19 . 2011-10-09 14:22 -------- d-----w- c:\program files\Windows Live
2011-10-09 14:12 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-10-09 13:59 . 2011-10-09 13:59 -------- d-----w- c:\program files\Windows Portable Devices
2011-10-09 13:54 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-10-09 13:54 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-10-09 13:54 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-10-09 13:47 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-10-09 13:47 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-10-09 13:47 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-10-09 13:47 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-10-09 13:47 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-10-09 13:43 . 2011-01-20 16:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-10-09 13:42 . 2011-04-30 06:09 758784 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-10-09 13:40 . 2011-06-17 20:13 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-10-09 13:40 . 2011-06-17 13:31 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-10-09 13:39 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-09 13:39 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-09 13:33 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-10-09 12:48 . 2011-10-09 12:48 -------- d-----w- c:\windows\system32\ca-ES
2011-10-09 12:48 . 2011-10-09 12:48 -------- d-----w- c:\windows\system32\eu-ES
2011-10-09 12:48 . 2011-10-09 12:48 -------- d-----w- c:\windows\system32\vi-VN
2011-10-09 12:44 . 2011-10-09 12:44 -------- d-----w- c:\windows\system32\SPReview
2011-10-09 12:20 . 2009-04-10 21:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2011-10-09 12:20 . 2009-04-10 21:27 57856 ----a-w- c:\windows\system32\compcln.exe
2011-10-09 12:13 . 2009-04-10 21:32 27112 ----a-w- c:\windows\system32\drivers\msahci.sys
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-18 22:53 . 2009-02-12 18:48 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-10-09 14:20 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-03 11:50 . 2011-04-07 20:43 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-08-03 11:50 . 2011-04-07 20:43 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2011-04-07 20:43 599144 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-04-07 20:43 309352 ----a-w- c:\windows\system32\nvhotkey.dll
2011-08-03 11:50 . 2011-04-07 20:43 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-08-03 11:50 . 2011-04-07 20:43 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2011-04-07 20:43 3730024 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-04-07 20:43 2558568 ----a-w- c:\windows\system32\nvsvc.dll
2011-08-03 11:50 . 2008-07-25 08:30 2412136 ----a-w- c:\windows\system32\nvapi.dll
2011-08-03 11:50 . 2008-07-25 08:30 12636776 ----a-w- c:\windows\system32\nvd3dum.dll
2011-08-03 01:31 . 2011-08-03 01:31 311912 ----a-w- c:\windows\system32\nvStreaming.exe
2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-08 07:48 . 2011-10-14 16:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2009-02-12 17:55 157168 ----a-w- c:\programdata\Partner\partner.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-12 39408]
"TC UP"="c:\program files\TC UP\TC UP.exe" [2010-12-25 615936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe" [2008-04-03 87336]
"LanguageShortcut"="c:\program files\ASUSTek\ASUSDVD\Language\Language.exe" [2008-02-22 62760]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-12 6265376]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-17 102400]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-02-12 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-02-12 47672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Skytel"="Skytel.exe" [2008-08-12 1833504]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NoIE4StubProcessing"="c:\windows\system32\reg.exe DELETE HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" [X]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-10-4 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-04 98304]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 135664]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-04 118784]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 135664]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 Partner Service;Partner Service;c:\programdata\Partner\partner.exe [2009-02-12 110576]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 MpKslec9e954f;MpKslec9e954f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6577DF10-B35F-40D3-9622-01AB35D8FA1C}\MpKslec9e954f.sys [2011-10-20 28752]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2010-10-04 64512]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S2 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [2007-11-26 598856]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - 10920836
*NewlyCreated* - ASWMBR
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MPKSLEC9E954F
*Deregistered* - 10920836
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
.
2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 10:16]
.
2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 10:16]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/" onclick="window.open(this.href);return false;
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS" onclick="window.open(this.href);return false;
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Formulieren Invullen - file://c" onclick="window.open(this.href);return false;:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Formulieren opslaan - file://c" onclick="window.open(this.href);return false;:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Menu aanpassen - file://c" onclick="window.open(this.href);return false;:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RoboForm Werkbalk - file://c" onclick="window.open(this.href);return false;:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
FF - ProfilePath - c:\users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl" onclick="window.open(this.href);return false;
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKCU-Run-LightScribe Control Panel - c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net" onclick="window.open(this.href);return false;
Rootkit scan 2011-10-20 20:57
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3078239276-3349614612-1677412284-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3078239276-3349614612-1677412284-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3078239276-3349614612-1677412284-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-3078239276-3349614612-1677412284-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
Voltooingstijd: 2011-10-20 21:00:11
ComboFix-quarantined-files.txt 2011-10-20 19:00
.
Pre-Run: 79.362.523.136 bytes beschikbaar
Post-Run: 79.496.945.664 bytes beschikbaar
.
- - End Of File - - 807F158DC433BEAE42B890B6679FC9B0

Re: ING Tancode/Sms Infectie

Geplaatst: 21 okt 2011 10:27
door Maxstar
Hoi en welkom op het forum,

In de logjes is niets terug te zien van een Sinowal of Mebroot infectie, maar update MBAM en laat deze nogmaals scannen.

Start MalwareBytes' Anti-Malware (MBAM)
  • Klik op het tabblad "Update" en vervolgens op "Controleer op updates"

    Bij problemen!!! (Lees de onderstaande instructies) Klik op het tabblad "scanner"
  • Kies de optie "snelle scan" en klik op "scannen"
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Plaats dit logje in het volgende bericht.

Re: ING Tancode/Sms Infectie

Geplaatst: 21 okt 2011 10:58
door Kaya
Beste Maxstar
hierbij laatste log (van geupdate MBAM)
-----------------------------------
Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org" onclick="window.open(this.href);return false;

Databaseversie: 7992

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

21-10-2011 10:57:16
mbam-log-2011-10-21 (10-57-16).txt

Scantype: Snelle scan
Objecten gescand: 177093
Verstreken tijd: 2 minuut/minuten, 44 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Re: ING Tancode/Sms Infectie

Geplaatst: 21 okt 2011 11:00
door Maxstar
Hoi,

Dat ziet er goed uit, laten we ter controle nog even scannen met de Emsisoft Emergency Kit.

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.
  • Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
  • Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja" Afbeelding
  • Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
  • Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  • Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  • Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  • Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja" Afbeelding
  • Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  • Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  • Herstart nu de computer.

Re: ING Tancode/Sms Infectie

Geplaatst: 21 okt 2011 11:33
door Kaya
Beste Maxstar,

Hierbij log bestanden van Emsisoft Emergency Kit
---------------------------------------------------------
Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 21-10-2011 11:27:55

Scaninstellingen:

Scantype: Snelle Scan
Objecten: Geheugen, Sporen, Cookies
Scan archieven: Uit
Heuristieken: Uit
ADS Scan: Aan

Scan gestart: 21-10-2011 11:28:17

C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:54 Ontdekt: Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:114 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:422 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:430 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:1452 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:2038 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:2039 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:3166 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6206 Ontdekt: Trace.TrackingCookie.www.belstat.nl!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6438 Ontdekt: Trace.TrackingCookie.sales.liveperson.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6619 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6620 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6655 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6809 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6905 Ontdekt: Trace.TrackingCookie.m.webtrends.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6978 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6979 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7038 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7293 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7294 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7351 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7703 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7769 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7770 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7780 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7781 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7782 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7783 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7784 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7785 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7798 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7799 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8185 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8270 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8288 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8289 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8290 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8431 Ontdekt: Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8491 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2

Gescand

Bestanden: 506
Sporen: 401052
Cookies: 1497
Processen: 82

Gevonden

Bestanden: 0
Sporen: 0
Cookies: 45
Processen: 0
Registersleutels: 0

Scan Geëindigd: 21-10-2011 11:30:23
Scantijd: 0:02:06

Re: ING Tancode/Sms Infectie

Geplaatst: 21 okt 2011 11:37
door Maxstar
Hoi,

Je hebt een snelle scan uitgevoerd i.p.v. de diepe scan.

Re: ING Tancode/Sms Infectie

Geplaatst: 21 okt 2011 11:39
door Kaya
Scan Geëindigd: 21-10-2011 11:30:23
Scantijd: 0:02:06

C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8491 Verwijderd Trace.TrackingCookie.statse.webtrendslive!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8270 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8288 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8289 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8290 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7780 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7781 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7782 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7783 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7784 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7785 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7769 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7770 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7038 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6978 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6979 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6905 Verwijderd Trace.TrackingCookie.m.webtrends.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6809 Verwijderd Trace.TrackingCookie.doubleclick.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7703 Verwijderd Trace.TrackingCookie.doubleclick.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6655 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8185 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6438 Verwijderd Trace.TrackingCookie.sales.liveperson.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6206 Verwijderd Trace.TrackingCookie.www.belstat.nl!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:3166 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6619 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:6620 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7293 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7294 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7798 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7799 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:8431 Verwijderd Trace.TrackingCookie.ad.e-kolay.net!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:1452 Verwijderd Trace.TrackingCookie.ad.zanox.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:7351 Verwijderd Trace.TrackingCookie.ad.zanox.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:422 Verwijderd Trace.TrackingCookie.www.belstat.be!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:430 Verwijderd Trace.TrackingCookie.www.belstat.be!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:114 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:2038 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:2039 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\MKaya\AppData\Roaming\Mozilla\Firefox\Profiles\ztueazy4.default\cookies.sqlite:54 Verwijderd Trace.TrackingCookie.tribalfusion.com!A2

Verwijderd

Bestanden: 0
Sporen: 0
Cookies: 39

Re: ING Tancode/Sms Infectie

Geplaatst: 21 okt 2011 11:40
door Kaya
ok nu ga ik diepe scan uitvoeren :)