Ga naar inhoud

Rootkits verwijderen

bartd
 Delen

Aanbevolen berichten

  • Reacties 22
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

bartd Groentje

bartd

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

ik ga ze met avg aanpakken en dan hijackthis verwijderen, herstelpunten verwijderen, ccleaner uitvoeren en ik hoop dat ze weg zullen zijn maar ik vraag me af of deze laatste drie rootkits nog kwaad kunnen en misschien onopgemerkt verder werken in geval ze niet weg zijn?heb ik niet gedaan nog maar hier onder heb ik de rootkitscan van avg gepost en die geeft aan dat er nu 25 rootkits zijn.

aangepast door bartd
Link naar reactie
Delen op andere sites
bartd Groentje

bartd

Geplaatst:
  • Auteur
Geplaatst:

AVG rootkitscan

"Scan ""Anti-Rootkitscan"" is voltooid."

"Rootkits";"25";"0";"25"

""

"Scan is gestart:";"woensdag 11 juli 2012, 22:35:34"

"Scan voltooid:";"woensdag 11 juli 2012, 22:36:44 (1 min. 9 seconde (n))"

"Totaal gescande objecten:";"58114"

"Gebruiker:";"SYSTEM"

"Rootkits"

"";"Bestand";"Infectie";"Resultaat"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_WRITE -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_EA -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_EA -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_FLUSH_BUFFERS -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_VOLUME_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_VOLUME_INFORMATION -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_DIRECTORY_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_FILE_SYSTEM_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_DEVICE_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_INTERNAL_DEVICE_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SHUTDOWN -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_LOCK_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_CLEANUP -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_CREATE_MAILSLOT -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_SECURITY -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_SECURITY -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_POWER -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SYSTEM_CONTROL -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_DEVICE_CHANGE -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_QUERY_QUOTA -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_SET_QUOTA -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"IRP-koppelpunt, \Driver\Tcpip IRP_MJ_PNP -> SSI.SYS +0xC20C";"Object is verborgen"

"";"C:\WINDOWS\System32\drivers\SSI.SYS";"Service function NtSetValueKey hook -> SSI.SYS +0x7270";"Object is verborgen"

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Link naar reactie
Delen op andere sites
bartd Groentje

bartd

Geplaatst:
  • Auteur
Geplaatst:

12:26:54.0312 0768 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35

12:26:54.0484 0768 ============================================================

12:26:54.0484 0768 Current date / time: 2012/07/12 12:26:54.0484

12:26:54.0484 0768 SystemInfo:

12:26:54.0484 0768

12:26:54.0484 0768 OS Version: 5.1.2600 ServicePack: 3.0

12:26:54.0484 0768 Product type: Workstation

12:26:54.0484 0768 ComputerName: LAPTOP

12:26:54.0484 0768 UserName: Gebruiker

12:26:54.0484 0768 Windows directory: C:\WINDOWS

12:26:54.0484 0768 System windows directory: C:\WINDOWS

12:26:54.0484 0768 Processor architecture: Intel x86

12:26:54.0484 0768 Number of processors: 1

12:26:54.0484 0768 Page size: 0x1000

12:26:54.0484 0768 Boot type: Normal boot

12:26:54.0484 0768 ============================================================

12:26:56.0078 0768 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

12:26:56.0078 0768 ============================================================

12:26:56.0078 0768 \Device\Harddisk0\DR0:

12:26:56.0078 0768 MBR partitions:

12:26:56.0078 0768 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x549219, BlocksNum 0x3FF6D8F

12:26:56.0109 0768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x453FFE7, BlocksNum 0x2A83DD8

12:26:56.0109 0768 ============================================================

12:26:56.0218 0768 C: <-> \Device\Harddisk0\DR0\Partition0

12:26:56.0234 0768 D: <-> \Device\Harddisk0\DR0\Partition1

12:26:56.0234 0768 ============================================================

12:26:56.0234 0768 Initialize success

12:26:56.0234 0768 ============================================================

12:27:02.0703 2400 ============================================================

12:27:02.0703 2400 Scan started

12:27:02.0703 2400 Mode: Manual;

12:27:02.0703 2400 ============================================================

12:27:02.0906 2400 Abiosdsk - ok

12:27:02.0906 2400 abp480n5 - ok

12:27:02.0968 2400 ACPI (12139c5b5d7366e54ef3029c65b8ca97) C:\WINDOWS\system32\DRIVERS\ACPI.sys

12:27:02.0968 2400 ACPI - ok

12:27:02.0984 2400 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

12:27:02.0984 2400 ACPIEC - ok

12:27:03.0281 2400 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

12:27:03.0281 2400 AdobeFlashPlayerUpdateSvc - ok

12:27:03.0296 2400 adpu160m - ok

12:27:03.0359 2400 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys

12:27:03.0359 2400 aec - ok

12:27:03.0390 2400 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys

12:27:03.0390 2400 AFD - ok

12:27:03.0406 2400 Aha154x - ok

12:27:03.0421 2400 aic78u2 - ok

12:27:03.0437 2400 aic78xx - ok

12:27:03.0484 2400 ALCXSENS (ba88534a3ceb6161e7432438b9ea4f54) C:\WINDOWS\system32\drivers\ALCXSENS.SYS

12:27:03.0484 2400 ALCXSENS - ok

12:27:03.0531 2400 ALCXWDM (647b8e33e1166829889502a3df2a7ba8) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

12:27:03.0546 2400 ALCXWDM - ok

12:27:03.0609 2400 Alerter (c5ea8facbedbb459c93288b484a59379) C:\WINDOWS\system32\alrsvc.dll

12:27:03.0609 2400 Alerter - ok

12:27:03.0671 2400 ALG (15cff49392f765356ebbf05d87ffb6b2) C:\WINDOWS\System32\alg.exe

12:27:03.0671 2400 ALG - ok

12:27:03.0687 2400 AliIde - ok

12:27:03.0750 2400 AMON (5a50c245e1f02b9f4128c972af0bc1fd) C:\WINDOWS\system32\drivers\amon.sys

12:27:03.0765 2400 AMON - ok

12:27:03.0781 2400 amsint - ok

12:27:03.0875 2400 AppMgmt - ok

12:27:03.0921 2400 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

12:27:03.0921 2400 Arp1394 - ok

12:27:03.0937 2400 asc - ok

12:27:03.0953 2400 asc3350p - ok

12:27:03.0953 2400 asc3550 - ok

12:27:04.0078 2400 aspnet_state (d33c507942299753868204cc7642fa27) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

12:27:04.0078 2400 aspnet_state - ok

12:27:04.0109 2400 asuskbnt (d8cc5ec27f32e1f8a75c40245ac71fb2) C:\WINDOWS\system32\drivers\asuskbnt.sys

12:27:04.0109 2400 asuskbnt - ok

12:27:04.0125 2400 ASUSKeyboardService (ae198f763ae0e81852a339a261b9ff06) c:\WINDOWS\ASUSKBService.exe

12:27:04.0125 2400 ASUSKeyboardService - ok

12:27:04.0187 2400 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

12:27:04.0187 2400 AsyncMac - ok

12:27:04.0218 2400 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

12:27:04.0218 2400 atapi - ok

12:27:04.0234 2400 Atdisk - ok

12:27:04.0281 2400 ATKXPDisplayName (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys

12:27:04.0281 2400 ATKXPDisplayName - ok

12:27:04.0312 2400 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

12:27:04.0328 2400 Atmarpc - ok

12:27:04.0375 2400 AudioSrv (d2aa479b238ff4cd0a5aa26afc1cbe8c) C:\WINDOWS\System32\audiosrv.dll

12:27:04.0375 2400 AudioSrv - ok

12:27:04.0390 2400 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

12:27:04.0390 2400 audstub - ok

12:27:04.0406 2400 Avgfwdx (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

12:27:04.0406 2400 Avgfwdx - ok

12:27:04.0421 2400 Avgfwfd (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

12:27:04.0421 2400 Avgfwfd - ok

12:27:04.0921 2400 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

12:27:04.0984 2400 AVGIDSAgent - ok

12:27:05.0093 2400 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys

12:27:05.0093 2400 AVGIDSDriver - ok

12:27:05.0218 2400 AVGIDSDriverxpx - ok

12:27:05.0296 2400 AVGIDSErHrxpx (277fc6b0f0be23bae7e63f184034b2fe) C:\WINDOWS\system32\Drivers\AVGIDSxx.sys

12:27:05.0296 2400 AVGIDSErHrxpx - ok

12:27:05.0328 2400 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys

12:27:05.0328 2400 AVGIDSFilter - ok

12:27:05.0343 2400 AVGIDSFilterxpx - ok

12:27:05.0359 2400 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys

12:27:05.0359 2400 AVGIDSHX - ok

12:27:05.0390 2400 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys

12:27:05.0390 2400 AVGIDSShim - ok

12:27:05.0406 2400 AVGIDSShimxpx - ok

12:27:05.0468 2400 AvgLdx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

12:27:05.0484 2400 AvgLdx86 - ok

12:27:05.0515 2400 AvgMfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

12:27:05.0515 2400 AvgMfx86 - ok

12:27:05.0531 2400 AvgRkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\Drivers\avgrkx86.sys

12:27:05.0531 2400 AvgRkx86 - ok

12:27:05.0562 2400 AvgTdiX (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

12:27:05.0578 2400 AvgTdiX - ok

12:27:05.0656 2400 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

12:27:05.0671 2400 avgwd - ok

12:27:05.0703 2400 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

12:27:05.0703 2400 Beep - ok

12:27:05.0796 2400 BITS (772027cc5ffaea3e7d10af2691ee7095) C:\WINDOWS\system32\qmgr.dll

12:27:05.0812 2400 BITS - ok

12:27:05.0875 2400 Browser (195b1255d9383aeffbdfa8a11ae4d282) C:\WINDOWS\System32\browser.dll

12:27:05.0875 2400 Browser - ok

12:27:05.0953 2400 Cam5603C (94cb9eaf348136168afa6e6f368af53f) C:\WINDOWS\system32\Drivers\Bs350u2.sys

12:27:05.0953 2400 Cam5603C - ok

12:27:06.0000 2400 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

12:27:06.0000 2400 cbidf2k - ok

12:27:06.0046 2400 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

12:27:06.0046 2400 CCDECODE - ok

12:27:06.0062 2400 cd20xrnt - ok

12:27:06.0078 2400 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

12:27:06.0078 2400 Cdaudio - ok

12:27:06.0109 2400 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

12:27:06.0109 2400 Cdfs - ok

12:27:06.0140 2400 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

12:27:06.0140 2400 Cdrom - ok

12:27:06.0156 2400 Changer - ok

12:27:06.0187 2400 cisvc (81700207389cbe1911a5eaee9fc812ce) C:\WINDOWS\system32\cisvc.exe

12:27:06.0203 2400 cisvc - ok

12:27:06.0250 2400 ClipSrv (64d5673c075dd40e2f55387ee9b0cad7) C:\WINDOWS\system32\clipsrv.exe

12:27:06.0250 2400 ClipSrv - ok

12:27:06.0343 2400 clr_optimization_v2.0.50727_32 (3c4d595e7f9b747325aef28b4adcaae5) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:27:06.0343 2400 clr_optimization_v2.0.50727_32 - ok

12:27:06.0421 2400 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:27:06.0437 2400 clr_optimization_v4.0.30319_32 - ok

12:27:06.0453 2400 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

12:27:06.0453 2400 CmBatt - ok

12:27:06.0468 2400 CmdIde - ok

12:27:06.0484 2400 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys

12:27:06.0484 2400 Compbatt - ok

12:27:06.0562 2400 COMSysApp - ok

12:27:06.0578 2400 Cpqarray - ok

12:27:06.0625 2400 CryptSvc (5f321535d399516b6d780ff9ef8d8b7a) C:\WINDOWS\System32\cryptsvc.dll

12:27:06.0640 2400 CryptSvc - ok

12:27:06.0640 2400 dac2w2k - ok

12:27:06.0656 2400 dac960nt - ok

12:27:06.0734 2400 DcomLaunch (b52bd9db0bd6d01bdb01b0dbfbb804cd) C:\WINDOWS\system32\rpcss.dll

12:27:06.0734 2400 DcomLaunch - ok

12:27:06.0781 2400 Dhcp (7712e5e85d5a31892d91d6e24ec63d44) C:\WINDOWS\System32\dhcpcsvc.dll

12:27:06.0781 2400 Dhcp - ok

12:27:06.0796 2400 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

12:27:06.0796 2400 Disk - ok

12:27:06.0828 2400 dmadmin - ok

12:27:06.0906 2400 dmboot (d9542b70560cda5c4f5e62b1eed412cd) C:\WINDOWS\system32\drivers\dmboot.sys

12:27:06.0921 2400 dmboot - ok

12:27:06.0968 2400 dmio (b5f7ac6bb9445e9c59e0686fe52a47e8) C:\WINDOWS\system32\drivers\dmio.sys

12:27:06.0968 2400 dmio - ok

12:27:07.0000 2400 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

12:27:07.0000 2400 dmload - ok

12:27:07.0062 2400 dmserver (da7063647c9260e4cbeb6bdb648603be) C:\WINDOWS\System32\dmserver.dll

12:27:07.0062 2400 dmserver - ok

12:27:07.0093 2400 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

12:27:07.0093 2400 DMusic - ok

12:27:07.0140 2400 Dnscache (57084f6eb6ec1951aa9b5b2b5eeb8e8b) C:\WINDOWS\System32\dnsrslvr.dll

12:27:07.0140 2400 Dnscache - ok

12:27:07.0171 2400 Dot3svc - ok

12:27:07.0187 2400 dpti2o - ok

12:27:07.0218 2400 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

12:27:07.0218 2400 drmkaud - ok

12:27:07.0250 2400 EapHost - ok

12:27:07.0296 2400 ERSvc (ec0f2b78c2e10f3b2a4a83022af03030) C:\WINDOWS\System32\ersvc.dll

12:27:07.0296 2400 ERSvc - ok

12:27:07.0343 2400 Eventlog (39991cd3c17b7529d039151a88e84499) C:\WINDOWS\system32\services.exe

12:27:07.0343 2400 Eventlog - ok

12:27:07.0390 2400 EventSystem (68180553f674b487be777cfd6be70726) C:\WINDOWS\System32\es.dll

12:27:07.0406 2400 EventSystem - ok

12:27:07.0437 2400 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

12:27:07.0437 2400 Fastfat - ok

12:27:07.0500 2400 FastUserSwitchingCompatibility (d6f2b8963663f2014fafcd8e15e4e778) C:\WINDOWS\System32\shsvcs.dll

12:27:07.0500 2400 FastUserSwitchingCompatibility - ok

12:27:07.0531 2400 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys

12:27:07.0531 2400 Fdc - ok

12:27:07.0562 2400 Fips (dac8cab287a959c2f717d3748177374b) C:\WINDOWS\system32\drivers\Fips.sys

12:27:07.0562 2400 Fips - ok

12:27:07.0578 2400 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys

12:27:07.0578 2400 Flpydisk - ok

12:27:07.0609 2400 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys

12:27:07.0609 2400 FltMgr - ok

12:27:07.0625 2400 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

12:27:07.0625 2400 Fs_Rec - ok

12:27:07.0640 2400 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

12:27:07.0640 2400 Ftdisk - ok

12:27:07.0656 2400 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

12:27:07.0671 2400 Gpc - ok

12:27:07.0687 2400 gv3 (d31fa654d0d457b052ede5568fc8dbcd) C:\WINDOWS\system32\DRIVERS\gv3.sys

12:27:07.0703 2400 gv3 - ok

12:27:07.0765 2400 helpsvc (3f658987c756abfa3384bc830f6c4e21) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

12:27:07.0765 2400 helpsvc - ok

12:27:07.0796 2400 HidServ - ok

12:27:07.0843 2400 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

12:27:07.0843 2400 HidUsb - ok

12:27:07.0875 2400 hkmsvc - ok

12:27:07.0890 2400 hpn - ok

12:27:07.0921 2400 HSFHWICH (1b26b6d250727ba983be1078c9865460) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

12:27:07.0937 2400 HSFHWICH - ok

12:27:08.0000 2400 HSF_DP (7d74f921725ef1ae6c19264f8e8bc3e6) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

12:27:08.0000 2400 HSF_DP - ok

12:27:08.0078 2400 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys

12:27:08.0078 2400 HTTP - ok

12:27:08.0125 2400 HTTPFilter (930a625a3ce2ccbf309ccf02c1f7053d) C:\WINDOWS\System32\w3ssl.dll

12:27:08.0125 2400 HTTPFilter - ok

12:27:08.0140 2400 i2omgmt - ok

12:27:08.0156 2400 i2omp - ok

12:27:08.0187 2400 i8042prt (ddb567b5fe32d917a34b98de50b3c923) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

12:27:08.0187 2400 i8042prt - ok

12:27:08.0250 2400 ialm (84651cab3cad040df1614cd2df408741) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

12:27:08.0250 2400 ialm - ok

12:27:08.0281 2400 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

12:27:08.0281 2400 Imapi - ok

12:27:08.0343 2400 ImapiService (f85149aa4afea9200484715cf15f568d) C:\WINDOWS\System32\imapi.exe

12:27:08.0343 2400 ImapiService - ok

12:27:08.0359 2400 ini910u - ok

12:27:08.0375 2400 IntelIde (133b243ee5ccc607686a5648b807542d) C:\WINDOWS\system32\DRIVERS\intelide.sys

12:27:08.0375 2400 IntelIde - ok

12:27:08.0687 2400 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys

12:27:08.0687 2400 ip6fw - ok

12:27:08.0734 2400 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

12:27:08.0734 2400 IpFilterDriver - ok

12:27:08.0765 2400 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

12:27:08.0765 2400 IpInIp - ok

12:27:08.0796 2400 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys

12:27:08.0796 2400 IpNat - ok

12:27:08.0828 2400 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

12:27:08.0828 2400 IPSec - ok

12:27:08.0843 2400 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys

12:27:08.0843 2400 irda - ok

12:27:08.0859 2400 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

12:27:08.0859 2400 IRENUM - ok

12:27:08.0937 2400 Irmon (ce2aaa68c4482e343772c97ec9938a66) C:\WINDOWS\System32\irmon.dll

12:27:08.0937 2400 Irmon - ok

12:27:08.0953 2400 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys

12:27:08.0953 2400 irsir - ok

12:27:08.0984 2400 isapnp (fd298ad13acb19fc43b627aca0806231) C:\WINDOWS\system32\DRIVERS\isapnp.sys

12:27:08.0984 2400 isapnp - ok

12:27:09.0125 2400 JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Program Files\Java\jre6\bin\jqs.exe

12:27:09.0140 2400 JavaQuickStarterService - ok

12:27:09.0156 2400 Kbdclass (59549e9180ce29d832289e1a1d9e3c60) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

12:27:09.0156 2400 Kbdclass - ok

12:27:09.0187 2400 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys

12:27:09.0187 2400 kmixer - ok

12:27:09.0203 2400 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys

12:27:09.0218 2400 KSecDD - ok

12:27:09.0250 2400 lanmanserver (3b3875c70293eee3633c3a9983cd039b) C:\WINDOWS\System32\srvsvc.dll

12:27:09.0250 2400 lanmanserver - ok

12:27:09.0296 2400 lanmanworkstation (d544ce54055641df74906872ba74ef71) C:\WINDOWS\System32\wkssvc.dll

12:27:09.0296 2400 lanmanworkstation - ok

12:27:09.0312 2400 lbrtfdc - ok

12:27:09.0343 2400 LmHosts (a3a959d256c4bc662f6a29c4809cd583) C:\WINDOWS\System32\lmhsvc.dll

12:27:09.0343 2400 LmHosts - ok

12:27:09.0406 2400 LPDSVC (46d8aad86cf13a292900e4b2efa7aafa) C:\WINDOWS\system32\tcpsvcs.exe

12:27:09.0406 2400 LPDSVC - ok

12:27:09.0421 2400 MDC8021X (0f528e44cdc78365be693ae723e3801c) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys

12:27:09.0421 2400 MDC8021X - ok

12:27:09.0437 2400 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

12:27:09.0437 2400 mdmxsdk - ok

12:27:09.0468 2400 Messenger (1405b1431f51cab25fe9b2ecf13cb198) C:\WINDOWS\System32\msgsvc.dll

12:27:09.0468 2400 Messenger - ok

12:27:09.0484 2400 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

12:27:09.0484 2400 mnmdd - ok

12:27:09.0531 2400 mnmsrvc (8ca3298ee96d6b75f28c991518dc2dd9) C:\WINDOWS\System32\mnmsrvc.exe

12:27:09.0531 2400 mnmsrvc - ok

12:27:09.0562 2400 Modem (7151be7fe5bd6671bf8ab745c419a42e) C:\WINDOWS\system32\drivers\Modem.sys

12:27:09.0562 2400 Modem - ok

12:27:09.0578 2400 Mouclass (0ff36ca1ac0b7d2e46c291d30b516df1) C:\WINDOWS\system32\DRIVERS\mouclass.sys

12:27:09.0578 2400 Mouclass - ok

12:27:09.0640 2400 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

12:27:09.0640 2400 mouhid - ok

12:27:09.0656 2400 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

12:27:09.0656 2400 MountMgr - ok

12:27:09.0671 2400 mraid35x - ok

12:27:09.0687 2400 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

12:27:09.0687 2400 MRxDAV - ok

12:27:09.0750 2400 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

12:27:09.0750 2400 MRxSmb - ok

12:27:09.0796 2400 MSDTC (aefd24aa5703407480527c395ee07565) C:\WINDOWS\System32\msdtc.exe

12:27:09.0812 2400 MSDTC - ok

12:27:09.0828 2400 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

12:27:09.0828 2400 Msfs - ok

12:27:09.0875 2400 MSIRCOMM (ee55f5c64417cc369866d7eafe9b07ab) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys

12:27:09.0875 2400 MSIRCOMM - ok

12:27:09.0906 2400 MSIServer - ok

12:27:09.0921 2400 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

12:27:09.0937 2400 MSKSSRV - ok

12:27:09.0953 2400 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

12:27:09.0953 2400 MSPCLOCK - ok

12:27:09.0968 2400 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

12:27:09.0968 2400 MSPQM - ok

12:27:10.0000 2400 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

12:27:10.0000 2400 mssmbios - ok

12:27:10.0046 2400 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys

12:27:10.0046 2400 MSTEE - ok

12:27:10.0046 2400 MTsensor (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys

12:27:10.0046 2400 MTsensor - ok

12:27:10.0093 2400 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

12:27:10.0109 2400 Mup - ok

12:27:10.0140 2400 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

12:27:10.0140 2400 NABTSFEC - ok

12:27:10.0171 2400 napagent - ok

12:27:10.0203 2400 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

12:27:10.0203 2400 NDIS - ok

12:27:10.0234 2400 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

12:27:10.0234 2400 NdisIP - ok

12:27:10.0250 2400 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

12:27:10.0250 2400 NdisTapi - ok

12:27:10.0281 2400 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

12:27:10.0281 2400 Ndisuio - ok

12:27:10.0296 2400 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:27:10.0296 2400 NdisWan - ok

12:27:10.0312 2400 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

12:27:10.0312 2400 NDProxy - ok

12:27:10.0328 2400 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

12:27:10.0328 2400 NetBIOS - ok

12:27:10.0359 2400 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

12:27:10.0375 2400 NetBT - ok

12:27:10.0437 2400 NetDDE (7e61d52d2d9259c63dfb6c156719d3b4) C:\WINDOWS\system32\netdde.exe

12:27:10.0437 2400 NetDDE - ok

12:27:10.0453 2400 NetDDEdsdm (7e61d52d2d9259c63dfb6c156719d3b4) C:\WINDOWS\system32\netdde.exe

12:27:10.0453 2400 NetDDEdsdm - ok

12:27:10.0531 2400 Netlogon (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\System32\lsass.exe

12:27:10.0531 2400 Netlogon - ok

12:27:10.0578 2400 Netman (f32049792bcbf64954ff964508e47afb) C:\WINDOWS\System32\netman.dll

12:27:10.0593 2400 Netman - ok

12:27:10.0625 2400 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys

12:27:10.0625 2400 NIC1394 - ok

12:27:10.0687 2400 Nla (ff59588e31f864fed9d0258969559a4b) C:\WINDOWS\System32\mswsock.dll

12:27:10.0687 2400 Nla - ok

12:27:10.0812 2400 NOD32krn (11e98f9b6fd6870a3d9446aec8d2f816) C:\Program Files\Eset\nod32krn.exe

12:27:10.0812 2400 NOD32krn - ok

12:27:10.0828 2400 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

12:27:10.0828 2400 Npfs - ok

12:27:10.0906 2400 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys

12:27:10.0921 2400 Ntfs - ok

12:27:10.0953 2400 NtLmSsp (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\System32\lsass.exe

12:27:10.0953 2400 NtLmSsp - ok

12:27:11.0031 2400 NtmsSvc (ac75e028773cbbd7d8b1313f382e7c05) C:\WINDOWS\system32\ntmssvc.dll

12:27:11.0046 2400 NtmsSvc - ok

12:27:11.0078 2400 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

12:27:11.0078 2400 Null - ok

12:27:11.0109 2400 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

12:27:11.0125 2400 NwlnkFlt - ok

12:27:11.0140 2400 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

12:27:11.0140 2400 NwlnkFwd - ok

12:27:11.0187 2400 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

12:27:11.0187 2400 ohci1394 - ok

12:27:11.0218 2400 Parport (83a120f43a1424d9c51701fd91d3bc8e) C:\WINDOWS\system32\DRIVERS\parport.sys

12:27:11.0218 2400 Parport - ok

12:27:11.0234 2400 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

12:27:11.0234 2400 PartMgr - ok

12:27:11.0296 2400 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

12:27:11.0296 2400 ParVdm - ok

12:27:11.0312 2400 PCI (3060407163c2daf8b0dbc878c3052cf0) C:\WINDOWS\system32\DRIVERS\pci.sys

12:27:11.0312 2400 PCI - ok

12:27:11.0328 2400 PCIDump - ok

12:27:11.0328 2400 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

12:27:11.0343 2400 PCIIde - ok

12:27:11.0359 2400 Pcmcia (8673108cad88d629ba0f7758ec5b1924) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

12:27:11.0359 2400 Pcmcia - ok

12:27:11.0375 2400 PDCOMP - ok

12:27:11.0390 2400 PDFRAME - ok

12:27:11.0406 2400 PDRELI - ok

12:27:11.0421 2400 PDRFRAME - ok

12:27:11.0421 2400 perc2 - ok

12:27:11.0437 2400 perc2hib - ok

12:27:11.0500 2400 PlugPlay (39991cd3c17b7529d039151a88e84499) C:\WINDOWS\system32\services.exe

12:27:11.0500 2400 PlugPlay - ok

12:27:11.0531 2400 PolicyAgent (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\System32\lsass.exe

12:27:11.0531 2400 PolicyAgent - ok

12:27:11.0562 2400 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

12:27:11.0562 2400 PptpMiniport - ok

12:27:11.0593 2400 Processor (7eb2687f1fc3134eeb072878c48d91ac) C:\WINDOWS\system32\DRIVERS\processr.sys

12:27:11.0593 2400 Processor - ok

12:27:11.0625 2400 ProtectedStorage (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\system32\lsass.exe

12:27:11.0625 2400 ProtectedStorage - ok

12:27:11.0640 2400 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

12:27:11.0640 2400 PSched - ok

12:27:11.0656 2400 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

12:27:11.0656 2400 Ptilink - ok

12:27:11.0671 2400 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys

12:27:11.0671 2400 PxHelp20 - ok

12:27:11.0687 2400 ql1080 - ok

12:27:11.0703 2400 Ql10wnt - ok

12:27:11.0718 2400 ql12160 - ok

12:27:11.0734 2400 ql1240 - ok

12:27:11.0750 2400 ql1280 - ok

12:27:11.0765 2400 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

12:27:11.0765 2400 RasAcd - ok

12:27:11.0796 2400 RasAuto (8e033b9d88fcdd9fcbd1ed74a2e4cec7) C:\WINDOWS\System32\rasauto.dll

12:27:11.0796 2400 RasAuto - ok

12:27:11.0828 2400 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

12:27:11.0828 2400 Rasirda - ok

12:27:11.0843 2400 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

12:27:11.0859 2400 Rasl2tp - ok

12:27:11.0937 2400 RasMan (a072c4446c549f8b40706659a1c19f4d) C:\WINDOWS\System32\rasmans.dll

12:27:11.0953 2400 RasMan - ok

12:27:11.0968 2400 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

12:27:11.0968 2400 RasPppoe - ok

12:27:11.0984 2400 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

12:27:11.0984 2400 Raspti - ok

12:27:12.0015 2400 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys

12:27:12.0015 2400 Rdbss - ok

12:27:12.0031 2400 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

12:27:12.0031 2400 RDPCDD - ok

12:27:12.0078 2400 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys

12:27:12.0093 2400 RDPWD - ok

12:27:12.0140 2400 RDSessMgr (a81b92d6ae9f0433b14a54dbf63a1ff3) C:\WINDOWS\system32\sessmgr.exe

12:27:12.0140 2400 RDSessMgr - ok

12:27:12.0156 2400 redbook (7bb9c58a13323f5edc89c88f98c80cba) C:\WINDOWS\system32\DRIVERS\redbook.sys

12:27:12.0156 2400 redbook - ok

12:27:12.0218 2400 RegSrvc (3c2f98392d33760d0ee968b077fbc80d) C:\WINDOWS\System32\RegSrvc.exe

12:27:12.0234 2400 RegSrvc - ok

12:27:12.0296 2400 RemoteAccess (bf6297975d92b0950783034257961544) C:\WINDOWS\System32\mprdim.dll

12:27:12.0296 2400 RemoteAccess - ok

12:27:12.0312 2400 rmedia (2f94c9237cefa1305f0c3cd9bb2e803e) C:\WINDOWS\system32\DRIVERS\rmedia.sys

12:27:12.0312 2400 rmedia - ok

12:27:12.0343 2400 RpcLocator (69b970645e78c1ed5fa7caf34a1a13e6) C:\WINDOWS\System32\locator.exe

12:27:12.0343 2400 RpcLocator - ok

12:27:12.0406 2400 RpcSs (b52bd9db0bd6d01bdb01b0dbfbb804cd) C:\WINDOWS\system32\rpcss.dll

12:27:12.0406 2400 RpcSs - ok

12:27:12.0468 2400 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\System32\rsvp.exe

12:27:12.0468 2400 RSVP - ok

12:27:12.0500 2400 RT2500USB (6f6ce24f243458c92b54e0016ad46bd7) C:\WINDOWS\system32\DRIVERS\rt2500usb.sys

12:27:12.0500 2400 RT2500USB - ok

12:27:12.0546 2400 RTL8023xp (e9877aa069dc11b03dbd1d33b8b2a3ca) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys

12:27:12.0546 2400 RTL8023xp - ok

12:27:12.0671 2400 S24EventMonitor (f95688e13b6e1eda9aa410cac08603a9) C:\WINDOWS\System32\S24EvMon.exe

12:27:12.0671 2400 S24EventMonitor - ok

12:27:12.0687 2400 s24trans (41cf7128424f3bdc35b05be3cc8ce7ec) C:\WINDOWS\system32\DRIVERS\s24trans.sys

12:27:12.0687 2400 s24trans - ok

12:27:12.0765 2400 SamSs (34a82debefb057fcccbe15f619fc98a7) C:\WINDOWS\system32\lsass.exe

12:27:12.0765 2400 SamSs - ok

12:27:12.0812 2400 SCardSvr (11344a685293c0a5d228de5381cd9e5d) C:\WINDOWS\System32\SCardSvr.exe

12:27:12.0812 2400 SCardSvr - ok

12:27:12.0875 2400 Schedule (d245b3e32f8ab3b2fb576afcfdec105e) C:\WINDOWS\system32\schedsvc.dll

12:27:12.0875 2400 Schedule - ok

12:27:13.0046 2400 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

12:27:13.0062 2400 SeaPort - ok

12:27:13.0093 2400 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys

12:27:13.0093 2400 Secdrv - ok

12:27:13.0140 2400 seclogon (2d5122859174871c07e8f4640884afbf) C:\WINDOWS\System32\seclogon.dll

12:27:13.0140 2400 seclogon - ok

12:27:13.0171 2400 SENS (08c43746105e0c231ed2ac620c2f0f86) C:\WINDOWS\system32\sens.dll

12:27:13.0171 2400 SENS - ok

12:27:13.0218 2400 Serial (97e86d03d082d369cb025113b4b7b781) C:\WINDOWS\system32\drivers\Serial.sys

12:27:13.0218 2400 Serial - ok

12:27:13.0265 2400 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

12:27:13.0265 2400 Sfloppy - ok

12:27:13.0359 2400 SharedAccess (34f401e1756261320b16d42900a70163) C:\WINDOWS\System32\ipnathlp.dll

12:27:13.0375 2400 SharedAccess - ok

12:27:13.0421 2400 ShellHWDetection (d6f2b8963663f2014fafcd8e15e4e778) C:\WINDOWS\System32\shsvcs.dll

12:27:13.0421 2400 ShellHWDetection - ok

12:27:13.0437 2400 Simbad - ok

12:27:13.0468 2400 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys

12:27:13.0468 2400 SLIP - ok

12:27:13.0500 2400 Sparrow - ok

12:27:13.0562 2400 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys

12:27:13.0562 2400 splitter - ok

12:27:13.0640 2400 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe

12:27:13.0640 2400 Spooler - ok

12:27:13.0937 2400 sr (a859c2da6b06024c9b4d995b90fe8175) C:\WINDOWS\system32\DRIVERS\sr.sys

12:27:13.0937 2400 sr - ok

12:27:14.0250 2400 srservice (0b96a1e4252f663222c9c3bac89f596c) C:\WINDOWS\System32\srsvc.dll

12:27:14.0265 2400 srservice - ok

12:27:15.0390 2400 Srv (ab9c79ed12d65e800aaad3d72a04792f) C:\WINDOWS\system32\DRIVERS\srv.sys

12:27:15.0390 2400 Srv - ok

12:27:15.0875 2400 SSDPSRV (b02fdce64f64cde3aa809d28d25d2a12) C:\WINDOWS\System32\ssdpsrv.dll

12:27:15.0875 2400 SSDPSRV - ok

12:27:15.0906 2400 SSI (9910b19fed16e3e073d48efc4422f29c) C:\WINDOWS\system32\Drivers\SSI.SYS

12:27:15.0906 2400 SSI - ok

12:27:15.0953 2400 stisvc (0bf8de5896d9a02c99c4a4ef896e917e) C:\WINDOWS\system32\wiaservc.dll

12:27:15.0968 2400 stisvc - ok

12:27:16.0015 2400 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

12:27:16.0015 2400 streamip - ok

12:27:16.0281 2400 svcWRSSSDK (b94b99c8f36e2128cabc88b148787034) C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

12:27:16.0312 2400 svcWRSSSDK - ok

12:27:16.0406 2400 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

12:27:16.0421 2400 swenum - ok

12:27:16.0437 2400 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

12:27:16.0437 2400 swmidi - ok

12:27:16.0546 2400 SwPrv - ok

12:27:16.0562 2400 symc810 - ok

12:27:16.0578 2400 symc8xx - ok

12:27:16.0593 2400 sym_hi - ok

12:27:16.0609 2400 sym_u3 - ok

12:27:16.0640 2400 SynTP (38f231b0218a0cb31fa53bf47af90cbe) C:\WINDOWS\system32\DRIVERS\SynTP.sys

12:27:16.0640 2400 SynTP - ok

12:27:16.0671 2400 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

12:27:16.0671 2400 sysaudio - ok

12:27:16.0750 2400 SysmonLog (c4d7d00c5ea67a557c95c44e3a226bad) C:\WINDOWS\system32\smlogsvc.exe

12:27:16.0750 2400 SysmonLog - ok

12:27:16.0812 2400 TapiSrv (c2a4e29888f45e7fc1fd64c83d5ea669) C:\WINDOWS\System32\tapisrv.dll

12:27:16.0812 2400 TapiSrv - ok

12:27:16.0875 2400 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys

12:27:16.0875 2400 Tcpip - ok

12:27:16.0937 2400 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

12:27:16.0937 2400 TDPIPE - ok

12:27:16.0984 2400 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

12:27:16.0984 2400 TDTCP - ok

12:27:17.0000 2400 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

12:27:17.0000 2400 TermDD - ok

12:27:17.0078 2400 TermService (e2ce999886a4636026f157deb886aa94) C:\WINDOWS\System32\termsrv.dll

12:27:17.0078 2400 TermService - ok

12:27:17.0156 2400 Themes (d6f2b8963663f2014fafcd8e15e4e778) C:\WINDOWS\System32\shsvcs.dll

12:27:17.0156 2400 Themes - ok

12:27:17.0171 2400 TosIde - ok

12:27:17.0218 2400 TrkWks (e6ebf15491c5f80c55da23821a75c9dd) C:\WINDOWS\system32\trkwks.dll

12:27:17.0218 2400 TrkWks - ok

12:27:17.0281 2400 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

12:27:17.0281 2400 Udfs - ok

12:27:17.0296 2400 ultra - ok

12:27:17.0343 2400 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys

12:27:17.0343 2400 Update - ok

12:27:17.0421 2400 uploadmgr (3f658987c756abfa3384bc830f6c4e21) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

12:27:17.0421 2400 uploadmgr - ok

12:27:17.0500 2400 upnphost (348b60067b10efa7d7763ee44674108c) C:\WINDOWS\System32\upnphost.dll

12:27:17.0500 2400 upnphost - ok

12:27:17.0562 2400 UPS (5124d4054c62991a65d616f202965740) C:\WINDOWS\System32\ups.exe

12:27:17.0562 2400 UPS - ok

12:27:17.0593 2400 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

12:27:17.0593 2400 usbehci - ok

12:27:17.0609 2400 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

12:27:17.0609 2400 usbhub - ok

12:27:17.0640 2400 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys

12:27:17.0640 2400 usbscan - ok

12:27:17.0703 2400 usbstor (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

12:27:17.0703 2400 usbstor - ok

12:27:17.0734 2400 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

12:27:17.0734 2400 usbuhci - ok

12:27:17.0765 2400 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

12:27:17.0765 2400 VgaSave - ok

12:27:17.0781 2400 ViaIde - ok

12:27:17.0812 2400 Video3D (66ad9ede212263c66dd6b13477fe3887) C:\WINDOWS\system32\Drivers\Video3D.sys

12:27:17.0812 2400 Video3D - ok

12:27:17.0843 2400 VolSnap (4d90d2768b7d0902b011bf6707b10423) C:\WINDOWS\system32\drivers\VolSnap.sys

12:27:17.0843 2400 VolSnap - ok

12:27:17.0921 2400 VSS (faec7a09c545a16b7534ff57cc8e2a4a) C:\WINDOWS\System32\vssvc.exe

12:27:17.0937 2400 VSS - ok

12:27:18.0062 2400 w22n51 (b6cb2cce557ce57c72c3d31e701e6e39) C:\WINDOWS\system32\DRIVERS\w22n51.sys

12:27:18.0078 2400 w22n51 - ok

12:27:18.0203 2400 W32Time (ef361e7a6319c445c21c81a131cf1f99) C:\WINDOWS\System32\w32time.dll

12:27:18.0203 2400 W32Time - ok

12:27:18.0234 2400 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

12:27:18.0234 2400 Wanarp - ok

12:27:18.0250 2400 WDICA - ok

12:27:18.0296 2400 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys

12:27:18.0296 2400 wdmaud - ok

12:27:18.0437 2400 WebClient (fdef269c0f387af8d6fe5df80cb3dbcf) C:\WINDOWS\System32\webclnt.dll

12:27:18.0437 2400 WebClient - ok

12:27:18.0500 2400 winachsf (f3566ea6c3a657eb5a0246ca3ec600eb) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

12:27:18.0515 2400 winachsf - ok

12:27:18.0593 2400 winmgmt (b0e590c9260bb08f0832383fdb6eebfb) C:\WINDOWS\system32\wbem\WMIsvc.dll

12:27:18.0593 2400 winmgmt - ok

12:27:18.0640 2400 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll

12:27:18.0640 2400 WmdmPmSN - ok

12:27:18.0703 2400 WmiApSrv (2398e9f520df78a96fcd577f3a261e98) C:\WINDOWS\System32\wbem\wmiapsrv.exe

12:27:18.0703 2400 WmiApSrv - ok

12:27:18.0828 2400 WMPNetworkSvc (e3f091c0f8fcf97ccd86fb6c1beef185) C:\Program Files\Windows Media Player\WMPNetwk.exe

12:27:18.0843 2400 WMPNetworkSvc - ok

12:27:19.0046 2400 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

12:27:19.0062 2400 WPFFontCache_v0400 - ok

12:27:19.0140 2400 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

12:27:19.0140 2400 WS2IFSL - ok

12:27:19.0234 2400 wscsvc (d24e5fcf419d4e0dff27b08efc022625) C:\WINDOWS\system32\wscsvc.dll

12:27:19.0234 2400 wscsvc - ok

12:27:19.0281 2400 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

12:27:19.0281 2400 WSTCODEC - ok

12:27:19.0421 2400 wuauserv (2c25b42c668a3cf104acbd946d6688bb) C:\WINDOWS\system32\wuauserv.dll

12:27:19.0421 2400 wuauserv - ok

12:27:19.0453 2400 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

12:27:19.0453 2400 WudfPf - ok

12:27:19.0484 2400 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

12:27:19.0500 2400 WudfRd - ok

12:27:19.0546 2400 WudfSvc (ae93084d2d236887ba56467ae42b4955) C:\WINDOWS\System32\WUDFSvc.dll

12:27:19.0546 2400 WudfSvc - ok

12:27:19.0625 2400 WZCSVC (0d87d0a91d7b86ec07223a27cd6bd157) C:\WINDOWS\System32\wzcsvc.dll

12:27:19.0640 2400 WZCSVC - ok

12:27:19.0718 2400 xmlprov (f4c8d4b0a294aaf37fe50c407b6e03f9) C:\WINDOWS\System32\xmlprov.dll

12:27:19.0718 2400 xmlprov - ok

12:27:19.0812 2400 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0

12:27:20.0250 2400 \Device\Harddisk0\DR0 - ok

12:27:20.0265 2400 Boot (0x1200) (4f3e38c4e7cd4d7bd7ed03cfc6e27c0b) \Device\Harddisk0\DR0\Partition0

12:27:20.0265 2400 \Device\Harddisk0\DR0\Partition0 - ok

12:27:20.0296 2400 Boot (0x1200) (ea833db153f6d91bbdd6d8e3c5e42b5f) \Device\Harddisk0\DR0\Partition1

12:27:20.0296 2400 \Device\Harddisk0\DR0\Partition1 - ok

12:27:20.0296 2400 ============================================================

12:27:20.0296 2400 Scan finished

12:27:20.0296 2400 ============================================================

12:27:20.0312 2248 Detected object count: 0

12:27:20.0312 2248 Actual detected object count: 0

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
bartd Groentje

bartd

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-07-13.01 - Gebruiker 13/07/2012 15:44:14.7.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.503.295 [GMT 2:00]

Gestart vanuit: C:\Documents and Settings\Gebruiker\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: NOD32 antivirus systeem 2.51 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-13 to 2012-07-13 ))))))))))))))))))))))))))))))

2012-07-13 13:15:05 . 2012-07-13 13:15:06 -------- d--h--r- C:\Documents and Settings\Gebruiker\Onlangs geopend

2012-07-13 11:45:23 . 2012-07-13 12:32:50 3888 ----a-w- C:\WINDOWS\system32\drivers\NTHANDLE.SYS

2012-07-13 11:25:29 . 2012-07-13 11:25:30 -------- d-----w- C:\Program Files\WhoLockMe

2012-07-13 10:57:04 . 2012-07-13 10:58:22 1491 ----a-w- C:\user.js

2012-07-13 10:56:06 . 2012-07-13 10:56:08 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\Babylon

2012-07-13 10:56:06 . 2012-07-13 10:56:08 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Babylon

2012-07-12 21:57:01 . 2012-07-12 21:57:02 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware

2012-07-12 21:57:01 . 2012-07-03 11:46:44 22344 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys

2012-07-12 10:47:16 . 2012-07-12 10:47:18 -------- d-----w- C:\Documents and Settings\LocalService\Bureaublad

2012-07-11 13:11:11 . 2012-07-11 13:11:12 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\Malwarebytes

2012-07-11 13:10:35 . 2012-07-11 13:10:36 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2012-07-10 21:12:41 . 2012-07-10 21:12:42 -------- d-----w- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

2012-07-10 21:12:33 . 2012-07-10 21:07:46 570304 ----a-w- C:\Program Files\Uninstall Information\ib_uninst_519\uninstall.exe

2012-07-10 21:12:25 . 2012-07-10 21:12:26 -------- d-----w- C:\Program Files\Haali

2012-07-10 21:12:07 . 2012-07-10 21:07:46 570304 ----a-w- C:\Program Files\Uninstall Information\ib_uninst_518\uninstall.exe

2012-07-10 21:10:40 . 2012-07-10 21:07:46 570304 ----a-w- C:\Program Files\Uninstall Information\ib_uninst_455\uninstall.exe

2012-07-10 21:09:59 . 2012-07-10 21:10:00 -------- d-----w- C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google

2012-07-10 21:09:52 . 2012-07-10 21:09:54 -------- d-----w- C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Savings Sidekick

2012-07-10 21:09:48 . 2012-07-10 21:09:50 -------- d-----w- C:\Program Files\Savings Sidekick

2012-07-10 20:49:14 . 2012-07-10 20:49:16 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\BitTorrent

2012-07-10 20:48:24 . 2012-07-10 20:48:26 -------- d-----w- C:\Program Files\bittorrent

2012-07-08 18:12:34 . 2012-07-08 18:12:36 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe

2012-07-08 17:33:03 . 2012-07-08 17:32:50 476936 ----a-w- C:\WINDOWS\system32\npdeployJava1.dll

2012-07-08 17:30:30 . 2012-07-08 17:30:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\McAfee

2012-07-08 13:39:23 . 2012-06-02 13:19:30 15896 ----a-w- C:\WINDOWS\system32\wuapi.dll.mui

2012-07-08 13:08:49 . 2012-07-11 18:51:00 426184 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-07-11 18:51:00 . 2011-08-18 19:37:46 70344 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2012-07-08 17:32:50 . 2010-08-14 21:53:43 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl

2012-07-08 17:32:50 . 2010-05-09 21:47:28 472840 ----a-w- C:\WINDOWS\system32\deployJava1.dll

2012-06-02 13:19:44 . 2009-04-03 13:54:14 18456 ----a-w- C:\WINDOWS\system32\wuaueng.dll.mui

2012-06-02 13:19:38 . 2004-10-13 13:03:23 219160 ----a-w- C:\WINDOWS\system32\wuaucpl.cpl

2012-06-02 13:19:38 . 2004-10-13 13:03:22 329240 ----a-w- C:\WINDOWS\system32\wucltui.dll

2012-06-02 13:19:38 . 2004-10-13 13:03:22 210968 ----a-w- C:\WINDOWS\system32\wuweb.dll

2012-06-02 13:19:34 . 2005-05-26 02:16:30 45080 ----a-w- C:\WINDOWS\system32\wups2.dll

2012-06-02 13:19:34 . 2004-10-15 15:48:44 35864 ----a-w- C:\WINDOWS\system32\wups.dll

2012-06-02 13:19:34 . 2004-07-15 13:19:40 53784 ----a-w- C:\WINDOWS\system32\wuauclt.exe

2012-06-02 13:19:34 . 2002-10-04 12:01:17 97304 ----a-w- C:\WINDOWS\system32\cdm.dll

2012-06-02 13:19:24 . 2009-04-03 13:54:13 15896 ----a-w- C:\WINDOWS\system32\wuaucpl.cpl.mui

2012-06-02 13:19:24 . 2004-10-13 13:03:23 577048 ----a-w- C:\WINDOWS\system32\wuapi.dll

2012-06-02 13:19:18 . 2009-04-03 13:54:15 24088 ----a-w- C:\WINDOWS\system32\wucltui.dll.mui

2012-06-02 13:19:18 . 2004-07-15 13:19:40 1933848 ----a-w- C:\WINDOWS\system32\wuaueng.dll

2012-06-02 13:19:02 . 2009-04-03 15:43:40 18160 ----a-w- C:\WINDOWS\system32\mucltui.dll.mui

2012-06-02 13:18:58 . 2007-02-04 13:23:53 275696 ----a-w- C:\WINDOWS\system32\mucltui.dll

2012-06-02 13:18:58 . 2007-02-04 13:23:53 214256 ----a-w- C:\WINDOWS\system32\muweb.dll

2012-04-19 02:50:26 . 2012-04-19 02:50:26 24896 ----a-w- C:\WINDOWS\system32\drivers\avgidshx.sys

2010-06-28 16:25:38 203776 --sh--w- C:\WINDOWS\system32\unrar.exe

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BisonCom"="C:\WINDOWS\VdCap03C\BisonCom" [X]

"Hcontrol"="C:\WINDOWS\ATK0100\Hcontrol.exe" [2004-05-26 19:44:00 86016]

"SoundMan"="SOUNDMAN.EXE" [2004-05-20 10:46:36 66048]

"ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 10:54:44 172032]

"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-03 10:27:50 98304]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-03 10:27:50 499712]

"PRONoMgr.exe"="c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2004-02-05 14:33:08 86016]

"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2004-05-20 10:50:20 155648]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2004-05-20 10:50:02 118784]

"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-07 06:40:02 118784]

"UpdateReminder"="C:\Program Files\Eset\UpdateReminder.exe" [2011-08-18 18:08:06 462848]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-05-20 10:50:02 118784]

"AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" [2012-04-05 03:12:34 2587008]

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 12:02:04 254696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 23:03:28 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]

2004-03-03 14:48:34 110592 ----a-w- c:\WINDOWS\system32\LgNotify.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0PFDNNT C:\Program Files\Internet Optimizer\12.tmp\0PFDNNT C:\Program Files\Internet Optimizer\0PFDNNT C:\Program Files\Windows ControlAd\WinCtlAdAlt.exe\0PFDNNT C:\Program Files\Windows ControlAd\WinCtlAdShift.dll\0PFDNNT C:\Program Files\Windows ControlAd\WinCtlAd.exe\0PFDNNT C:\Program Files\Windows ControlAd\8E.tmp\0PFDNNT C:\Program Files\Windows ControlAd\0PFDNNT C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL\0PFDNNT C:\WINDOWS\system32\P2P Networking\9D.tmp\0PFDNNT C:\WINDOWS\system32\P2P Networking\0PFDNNT C:\Program Files\SideFind\sfbho13.dll\0PFDNNT C:\Program Files\SideFind\D3.tmp\0PFDNNT C:\Program Files\SideFind\0PFDNNT c:\docume~1\gebrui~1\applic~1\mpegbl~1\liestr~1.exe\0PFDNNT C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\LONG FRAG EACH ANTI\TRUST BASE.EXE\0PFDNNT C:\DOCUME~1\GEBRUI~1\APPLIC~1\BindBoob\base eggs.exe\0PFDNNT C:\DOCUMENTS AND SETTINGS\GEBRUIKER\APPLICATION DATA\BINDBOOB\BASE EGGS.EXE\0SsiEfr.e\0PFDNNT c:\documents and settings\gebruiker\cookies\gebruiker@com[1].txt\0C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ASUS ChkMail.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ASUS ChkMail.lnk

backup=C:\WINDOWS\pss\ASUS ChkMail.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Gebruiker^Menu Start^Programma's^Opstarten^OpenOffice.org 2.0 .lnk]

path=C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten\OpenOffice.org 2.0 .lnk

backup=C:\WINDOWS\pss\OpenOffice.org 2.0 .lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06:34 976832 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04:48 35760 ----a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]

2012-07-10 20:50:14 6077848 ----a-w- C:\Program Files\bittorrent\BitTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hitman Pro Expiration Helper]

2007-02-17 22:28:24 596760 ----a-w- C:\Program Files\Hitman Pro\xphelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear]

2004-01-19 14:33:58 81920 ----a-w- C:\PROGRA~1\Asus\Power4 Gear\BatteryLife.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

2000-10-16 09:37:36 32768 ------r- C:\WINDOWS\system32\rmctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WMPNetworkSvc"=3 (0x3)

"NOD32krn"=2 (0x2)

"AVGIDSAgent"=2 (0x2)

"avgfws9"=2 (0x2)

"avg9wd"=2 (0x2)

"avg9emc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Messenger\\MSMSGS.EXE"=

"C:\\Program Files\\Asus\\ASUS Live Update\\LiveUpdt.exe"=

"C:\\Program Files\\BitTorrent\\bittorrent.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

"C:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"C:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"C:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"C:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

R0 AVGIDSHX;AVGIDSHX;C:\WINDOWS\system32\drivers\avgidshx.sys [19/04/2012 4:50:26 24896]

R0 AvgRkx86;AVG Anti-Rootkit Driver;C:\WINDOWS\system32\drivers\avgrkx86.sys [23/11/2009 20:22:30 31952]

R1 AvgLdx86;AVG AVI Loader Driver;C:\WINDOWS\system32\drivers\avgldx86.sys [1/04/2009 14:52:33 235216]

R1 AvgTdiX;AVG TDI Driver;C:\WINDOWS\system32\drivers\avgtdix.sys [1/04/2009 14:52:39 301248]

R2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53:38 193288]

R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\drivers\avgfwdx.sys [23/11/2009 20:18:01 30104]

R3 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32:00 139856]

R3 AVGIDSFilter;AVGIDSFilter;C:\WINDOWS\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32:06 24144]

R3 AVGIDSShim;AVGIDSShim;C:\WINDOWS\system32\drivers\avgidsshimx.sys [23/12/2011 13:32:08 17232]

S0 AVGIDSErHrxpx;AVG9IDSErHr;C:\WINDOWS\system32\drivers\AVGIDSxx.sys [23/11/2009 20:22:30 25168]

S0 SSI;SSI;C:\WINDOWS\system32\Drivers\SSI.SYS --> C:\WINDOWS\system32\Drivers\SSI.SYS [?]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG2012\avgidsagent.exe [4/07/2012 17:25:54 5160568]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8/07/2012 15:08:52 250056]

S3 ATKXPDisplayName;ATKXPDisplayName;C:\WINDOWS\system32\drivers\ATKACPI.sys [26/05/2004 21:43:00 5760]

S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\drivers\avgfwdx.sys [23/11/2009 20:18:01 30104]

S3 AVGIDSDriverxpx;AVG9IDSDriver;\??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys --> C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [?]

S3 AVGIDSFilterxpx;AVG9IDSFilter;\??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys --> C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [?]

S3 AVGIDSShimxpx;AVG9IDSShim;\??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys --> C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [?]

--- Andere Services/Drivers In Geheugen ---

*Deregistered* - NTHANDLE

Inhoud van de 'Gedeelde Taken' map

2012-07-13 C:\WINDOWS\Tasks\User_Feed_Synchronization-{65B1CF8F-D669-42D6-AF1E-8811023923C3}.job

- C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 09:58:32 . 2009-03-08 02:31:54]

2012-07-13 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 13:08:52 . 2012-07-11 18:51:06]

------- Bijkomende Scan -------

uStart Page = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=a8caf24f000000000000000e3528cbae

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab

- - - - ORPHANS VERWIJDERD - - - -

HKU-Default-Run-PcSync - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

MSConfigStartUp-PcSync - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

MSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.