Ga naar inhoud

Trojan horse PSW.Agent.ASJX en Trojan horse PSW.Agent.AUET verwijderen


Aanbevolen berichten

ä2scan + resultaten van avg-scan die daana is uitgevoerd. Lijkt een hardnekkig probleem.

Emsisoft Emergency Kit - Versie 2.0

Laatste Update: 11-8-2012 23:39:57

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\

Scan archieven: Aan

ADS Scan: Aan

Scan gestart: 11-8-2012 23:40:27

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_9d64955df7c56982_.sys.zip -> 9d64955df7c56982.sys.1 Ontdekt: Trojan.WinNT.Necurs!E2

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_9d64955df7c56982_.sys.zip -> 9d64955df7c56982.sys Ontdekt: Trojan.WinNT.Necurs!E2

C:\Program Files\AEP\SSLTunnel\InstallVPN.exe Ontdekt: Trojan.Agent!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\rulc.class Ontdekt: Exploit.Java.Blacole!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\rulb.class Ontdekt: Exploit.Java.Blacole!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\ruld.class Ontdekt: Exploit.Java.CVE-2012!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\rula.class Ontdekt: Exploit.Java.Blacole!E2

Gescand 532251

Gevonden 7

Scan geëindigd: 12-8-2012 1:32:07

Scantijd: 1:51:40

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\ruld.class Verwijderd Exploit.Java.CVE-2012!E2

C:\Program Files\AEP\SSLTunnel\InstallVPN.exe Verwijderd Trojan.Agent!E2

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_9d64955df7c56982_.sys.zip -> 9d64955df7c56982.sys.1 Verwijderd Trojan.WinNT.Necurs!E2

Verwijderd 3

AVG-Scan

"";"C:\WINDOWS\system32\winlogon.exe (1164)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (836)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (668)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3988)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (2264)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1796)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1756)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1460)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1212)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (3524)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (3504)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\alg.exe (3164)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (152)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3744)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3672)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3736)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (1608)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3652)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3540)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (492)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (420)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2120)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3556)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1940)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (2320)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3692)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (4052)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3640)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1164):\memory_00ff0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (836):\memory_00b60000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (836):\memory_00ae0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (668):\memory_00930000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (668):\memory_008a0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3988):\memory_00b50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3988):\memory_00ac0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2264):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2264):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1796):\memory_00ad0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1796):\memory_00a10000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1756):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1756):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1460):\memory_00a90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1460):\memory_00640000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1212):\memory_00aa0000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (3524):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (3504):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\alg.exe (3164):\memory_00a60000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (152):\memory_01730000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (152):\memory_00ff0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3744):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3672):\memory_01670000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3736):\memory_01280000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (1608):\memory_01310000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3652):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3540):\memory_010c0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (492):\memory_01a50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (420):\memory_01400000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2120):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3556):\memory_00fc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1940):\memory_01890000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (2320):\memory_067d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3692):\memory_00da0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (4052):\memory_02400000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3640):\memory_008d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"HKLM\SYSTEM\CurrentControlSet\services\atapi";"Found registry key with reference to infected file C:\WINDOWS\system32\DRIVERS\atapi.sys";"Moved to Virus Vault"

"";"C:\WINDOWS\system32\DRIVERS\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

"";"C:\WINDOWS\system32\drivers\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

Link naar reactie
Delen op andere sites

TDSS-killer en avg-scan. tdss heeft niets gevonden, avg blijft problemen signaleren, dit klopt want computer blijft traag en onvoorspelbaar.

20:23:10.0265 2808 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

20:23:10.0750 2808 ============================================================

20:23:10.0750 2808 Current date / time: 2012/08/13 20:23:10.0750

20:23:10.0750 2808 SystemInfo:

20:23:10.0750 2808

20:23:10.0750 2808 OS Version: 5.1.2600 ServicePack: 3.0

20:23:10.0750 2808 Product type: Workstation

20:23:10.0750 2808 ComputerName: MIRJAM-303AF4B9

20:23:10.0750 2808 UserName: Mirjam

20:23:10.0750 2808 Windows directory: C:\WINDOWS

20:23:10.0750 2808 System windows directory: C:\WINDOWS

20:23:10.0750 2808 Processor architecture: Intel x86

20:23:10.0750 2808 Number of processors: 1

20:23:10.0750 2808 Page size: 0x1000

20:23:10.0750 2808 Boot type: Normal boot

20:23:10.0750 2808 ============================================================

20:23:13.0375 2808 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000020

20:23:13.0375 2808 ============================================================

20:23:13.0375 2808 \Device\Harddisk0\DR0:

20:23:13.0375 2808 MBR partitions:

20:23:13.0375 2808 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A84E60

20:23:13.0375 2808 ============================================================

20:23:13.0406 2808 C: <-> \Device\Harddisk0\DR0\Partition0

20:23:13.0406 2808 ============================================================

20:23:13.0406 2808 Initialize success

20:23:13.0406 2808 ============================================================

20:23:38.0640 4336 ============================================================

20:23:38.0640 4336 Scan started

20:23:38.0640 4336 Mode: Manual;

20:23:38.0640 4336 ============================================================

20:23:39.0109 4336 Abiosdsk - ok

20:23:39.0125 4336 abp480n5 - ok

20:23:39.0187 4336 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

20:23:39.0218 4336 ACPI - ok

20:23:39.0265 4336 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

20:23:39.0265 4336 ACPIEC - ok

20:23:39.0359 4336 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

20:23:39.0375 4336 Adobe LM Service - ok

20:23:39.0484 4336 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

20:23:39.0500 4336 AdobeFlashPlayerUpdateSvc - ok

20:23:39.0515 4336 adpu160m - ok

20:23:39.0562 4336 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

20:23:39.0578 4336 aec - ok

20:23:39.0656 4336 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys

20:23:39.0671 4336 AegisP - ok

20:23:39.0734 4336 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

20:23:39.0750 4336 AFD - ok

20:23:39.0750 4336 Aha154x - ok

20:23:39.0765 4336 aic78u2 - ok

20:23:39.0781 4336 aic78xx - ok

20:23:39.0812 4336 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

20:23:39.0812 4336 Alerter - ok

20:23:39.0859 4336 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

20:23:39.0875 4336 ALG - ok

20:23:39.0875 4336 AliIde - ok

20:23:39.0890 4336 amsint - ok

20:23:39.0937 4336 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

20:23:39.0937 4336 AppMgmt - ok

20:23:39.0953 4336 asc - ok

20:23:39.0968 4336 asc3350p - ok

20:23:39.0968 4336 asc3550 - ok

20:23:40.0093 4336 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

20:23:40.0093 4336 aspnet_state - ok

20:23:40.0125 4336 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:23:40.0125 4336 AsyncMac - ok

20:23:40.0140 4336 Atdisk - ok

20:23:40.0171 4336 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

20:23:40.0171 4336 Atmarpc - ok

20:23:40.0203 4336 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

20:23:40.0203 4336 AudioSrv - ok

20:23:40.0250 4336 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

20:23:40.0250 4336 audstub - ok

20:23:40.0687 4336 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

20:23:40.0953 4336 AVGIDSAgent - ok

20:23:41.0109 4336 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

20:23:41.0125 4336 AVGIDSDriver - ok

20:23:41.0187 4336 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

20:23:41.0187 4336 AVGIDSEH - ok

20:23:41.0203 4336 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

20:23:41.0218 4336 AVGIDSFilter - ok

20:23:41.0234 4336 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

20:23:41.0234 4336 AVGIDSShim - ok

20:23:41.0296 4336 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

20:23:41.0328 4336 Avgldx86 - ok

20:23:41.0328 4336 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

20:23:41.0343 4336 Avgmfx86 - ok

20:23:41.0406 4336 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

20:23:41.0421 4336 Avgrkx86 - ok

20:23:41.0468 4336 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

20:23:41.0500 4336 Avgtdix - ok

20:23:41.0656 4336 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

20:23:41.0671 4336 avgwd - ok

20:23:41.0734 4336 b57w2k (2acf06176b9d011567d7f25b83ddd066) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

20:23:41.0750 4336 b57w2k - ok

20:23:41.0796 4336 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

20:23:41.0796 4336 Beep - ok

20:23:41.0875 4336 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

20:23:41.0953 4336 BITS - ok

20:23:42.0000 4336 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

20:23:42.0015 4336 Browser - ok

20:23:42.0140 4336 catchme - ok

20:23:42.0203 4336 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

20:23:42.0203 4336 cbidf2k - ok

20:23:42.0218 4336 cd20xrnt - ok

20:23:42.0234 4336 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

20:23:42.0250 4336 Cdaudio - ok

20:23:42.0296 4336 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

20:23:42.0296 4336 Cdfs - ok

20:23:42.0468 4336 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

20:23:42.0468 4336 Cdrom - ok

20:23:42.0484 4336 cerc6 - ok

20:23:42.0484 4336 CFcatchme - ok

20:23:42.0500 4336 Changer - ok

20:23:42.0531 4336 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

20:23:42.0531 4336 CiSvc - ok

20:23:42.0546 4336 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

20:23:42.0546 4336 ClipSrv - ok

20:23:42.0671 4336 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:23:42.0671 4336 clr_optimization_v2.0.50727_32 - ok

20:23:42.0718 4336 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

20:23:42.0718 4336 CmBatt - ok

20:23:42.0734 4336 CmdIde - ok

20:23:42.0750 4336 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

20:23:42.0750 4336 Compbatt - ok

20:23:42.0765 4336 COMSysApp - ok

20:23:42.0781 4336 Cpqarray - ok

20:23:42.0828 4336 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

20:23:42.0828 4336 CryptSvc - ok

20:23:42.0843 4336 dac2w2k - ok

20:23:42.0859 4336 dac960nt - ok

20:23:42.0921 4336 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

20:23:42.0953 4336 DcomLaunch - ok

20:23:42.0984 4336 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

20:23:43.0000 4336 Dhcp - ok

20:23:43.0031 4336 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

20:23:43.0046 4336 Disk - ok

20:23:43.0062 4336 dmadmin - ok

20:23:43.0156 4336 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

20:23:43.0218 4336 dmboot - ok

20:23:43.0265 4336 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

20:23:43.0281 4336 dmio - ok

20:23:43.0312 4336 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

20:23:43.0328 4336 dmload - ok

20:23:43.0343 4336 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

20:23:43.0343 4336 dmserver - ok

20:23:43.0390 4336 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

20:23:43.0390 4336 DMusic - ok

20:23:43.0453 4336 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

20:23:43.0453 4336 Dnscache - ok

20:23:43.0515 4336 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

20:23:43.0531 4336 Dot3svc - ok

20:23:43.0531 4336 dpti2o - ok

20:23:43.0578 4336 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

20:23:43.0578 4336 drmkaud - ok

20:23:43.0609 4336 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

20:23:43.0609 4336 EapHost - ok

20:23:43.0640 4336 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

20:23:43.0656 4336 ERSvc - ok

20:23:43.0703 4336 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

20:23:43.0734 4336 Eventlog - ok

20:23:43.0812 4336 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

20:23:43.0828 4336 EventSystem - ok

20:23:44.0031 4336 EvtEng (4c6fa3fd55087b7c35707068723a1710) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

20:23:44.0078 4336 EvtEng - ok

20:23:44.0140 4336 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

20:23:44.0156 4336 Fastfat - ok

20:23:44.0203 4336 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

20:23:44.0250 4336 FastUserSwitchingCompatibility - ok

20:23:44.0265 4336 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

20:23:44.0281 4336 Fdc - ok

20:23:44.0296 4336 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

20:23:44.0296 4336 Fips - ok

20:23:44.0312 4336 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

20:23:44.0312 4336 Flpydisk - ok

20:23:44.0500 4336 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

20:23:44.0531 4336 FltMgr - ok

20:23:44.0703 4336 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

20:23:44.0703 4336 FontCache3.0.0.0 - ok

20:23:44.0734 4336 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:23:44.0750 4336 Fs_Rec - ok

20:23:44.0765 4336 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

20:23:44.0781 4336 Ftdisk - ok

20:23:44.0828 4336 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

20:23:44.0843 4336 Gpc - ok

20:23:44.0906 4336 GTIPCI21 (7d074058804ad398f93ca0a08af83ff2) C:\WINDOWS\system32\DRIVERS\gtipci21.sys

20:23:44.0906 4336 GTIPCI21 - ok

20:23:45.0046 4336 gupdate1c9a6233ac2f8f8 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

20:23:45.0046 4336 gupdate1c9a6233ac2f8f8 - ok

20:23:45.0062 4336 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

20:23:45.0062 4336 gupdatem - ok

20:23:45.0125 4336 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

20:23:45.0187 4336 gusvc - ok

20:23:45.0281 4336 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

20:23:45.0281 4336 helpsvc - ok

20:23:45.0312 4336 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

20:23:45.0312 4336 HidServ - ok

20:23:45.0375 4336 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

20:23:45.0375 4336 hidusb - ok

20:23:45.0421 4336 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

20:23:45.0421 4336 hkmsvc - ok

20:23:45.0437 4336 hpn - ok

20:23:45.0500 4336 HSFHWICH (140ba850417896b6b3322048de280368) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

20:23:45.0515 4336 HSFHWICH - ok

20:23:45.0625 4336 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

20:23:45.0671 4336 HSF_DP - ok

20:23:45.0750 4336 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

20:23:45.0765 4336 HTTP - ok

20:23:45.0812 4336 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

20:23:45.0812 4336 HTTPFilter - ok

20:23:45.0828 4336 i2omgmt - ok

20:23:45.0843 4336 i2omp - ok

20:23:45.0875 4336 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

20:23:45.0875 4336 i8042prt - ok

20:23:45.0984 4336 ialm (d705558b6a678e894c5c67430eef67a2) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

20:23:46.0062 4336 ialm - ok

20:23:46.0218 4336 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

20:23:46.0234 4336 IDriverT - ok

20:23:46.0406 4336 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:23:46.0484 4336 idsvc - ok

20:23:46.0593 4336 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

20:23:46.0593 4336 Imapi - ok

20:23:46.0640 4336 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

20:23:46.0671 4336 ImapiService - ok

20:23:46.0687 4336 ini910u - ok

20:23:46.0750 4336 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

20:23:46.0750 4336 IntelIde - ok

20:23:46.0796 4336 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

20:23:46.0812 4336 intelppm - ok

20:23:46.0843 4336 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

20:23:46.0843 4336 Ip6Fw - ok

20:23:46.0875 4336 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:23:46.0875 4336 IpFilterDriver - ok

20:23:46.0890 4336 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

20:23:46.0890 4336 IpInIp - ok

20:23:46.0937 4336 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

20:23:46.0953 4336 IpNat - ok

20:23:47.0015 4336 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

20:23:47.0015 4336 IPSec - ok

20:23:47.0046 4336 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

20:23:47.0062 4336 irda - ok

20:23:47.0109 4336 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

20:23:47.0109 4336 IRENUM - ok

20:23:47.0125 4336 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll

20:23:47.0125 4336 Irmon - ok

20:23:47.0187 4336 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

20:23:47.0187 4336 isapnp - ok

20:23:47.0359 4336 JavaQuickStarterService (511ab23a292497f2c527eee5775b0bfe) C:\Program Files\Java\jre6\bin\jqs.exe

20:23:47.0375 4336 JavaQuickStarterService - ok

20:23:47.0437 4336 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

20:23:47.0437 4336 Kbdclass - ok

20:23:47.0453 4336 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

20:23:47.0468 4336 kbdhid - ok

20:23:47.0515 4336 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

20:23:47.0546 4336 kmixer - ok

20:23:47.0593 4336 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

20:23:47.0609 4336 KSecDD - ok

20:23:47.0640 4336 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

20:23:47.0671 4336 LanmanServer - ok

20:23:47.0734 4336 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

20:23:47.0750 4336 lanmanworkstation - ok

20:23:47.0765 4336 lbrtfdc - ok

20:23:47.0859 4336 LightScribeService (00944d59948596721d17510c94cd3e4f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

20:23:47.0859 4336 LightScribeService - ok

20:23:47.0906 4336 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

20:23:47.0906 4336 LmHosts - ok

20:23:47.0953 4336 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys

20:23:47.0953 4336 MBAMProtector - ok

20:23:48.0062 4336 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

20:23:48.0125 4336 MBAMService - ok

20:23:48.0203 4336 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

20:23:48.0234 4336 MDM - ok

20:23:48.0281 4336 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

20:23:48.0281 4336 mdmxsdk - ok

20:23:48.0343 4336 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

20:23:48.0343 4336 Messenger - ok

20:23:48.0390 4336 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

20:23:48.0390 4336 mnmdd - ok

20:23:48.0437 4336 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

20:23:48.0453 4336 mnmsrvc - ok

20:23:48.0484 4336 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

20:23:48.0484 4336 Modem - ok

20:23:48.0515 4336 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

20:23:48.0515 4336 Mouclass - ok

20:23:48.0562 4336 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

20:23:48.0562 4336 mouhid - ok

20:23:48.0578 4336 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

20:23:48.0578 4336 MountMgr - ok

20:23:48.0593 4336 mraid35x - ok

20:23:48.0671 4336 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

20:23:48.0671 4336 MRxDAV - ok

20:23:48.0765 4336 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:23:48.0796 4336 MRxSmb - ok

20:23:48.0828 4336 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

20:23:48.0828 4336 MSDTC - ok

20:23:48.0859 4336 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

20:23:48.0859 4336 Msfs - ok

20:23:48.0875 4336 MSIServer - ok

20:23:48.0921 4336 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:23:48.0921 4336 MSKSSRV - ok

20:23:48.0953 4336 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:23:48.0953 4336 MSPCLOCK - ok

20:23:48.0984 4336 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

20:23:48.0984 4336 MSPQM - ok

20:23:49.0015 4336 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

20:23:49.0015 4336 mssmbios - ok

20:23:49.0078 4336 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

20:23:49.0093 4336 Mup - ok

20:23:49.0140 4336 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

20:23:49.0171 4336 napagent - ok

20:23:49.0218 4336 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

20:23:49.0234 4336 NDIS - ok

20:23:49.0296 4336 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:23:49.0296 4336 NdisTapi - ok

20:23:49.0359 4336 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:23:49.0359 4336 Ndisuio - ok

20:23:49.0406 4336 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:23:49.0406 4336 NdisWan - ok

20:23:49.0468 4336 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

20:23:49.0468 4336 NDProxy - ok

20:23:49.0484 4336 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

20:23:49.0484 4336 NetBIOS - ok

20:23:49.0515 4336 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

20:23:49.0531 4336 NetBT - ok

20:23:49.0578 4336 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

20:23:49.0609 4336 NetDDE - ok

20:23:49.0609 4336 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

20:23:49.0625 4336 NetDDEdsdm - ok

20:23:49.0671 4336 NetillaVPN (a84ae956ac7f9e493cac07ef98c1a3d1) C:\WINDOWS\system32\DRIVERS\Netva.sys

20:23:49.0671 4336 NetillaVPN - ok

20:23:49.0812 4336 NetillaVPNService (d5480f358c8781f46136df8c669b0d7a) C:\Program Files\AEP\SSLTunnel\nvpns.exe

20:23:49.0859 4336 NetillaVPNService - ok

20:23:49.0906 4336 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:49.0906 4336 Netlogon - ok

20:23:49.0937 4336 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

20:23:49.0968 4336 Netman - ok

20:23:50.0109 4336 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:23:50.0125 4336 NetTcpPortSharing - ok

20:23:50.0203 4336 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

20:23:50.0218 4336 Nla - ok

20:23:50.0250 4336 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

20:23:50.0250 4336 Npfs - ok

20:23:50.0390 4336 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

20:23:50.0437 4336 Ntfs - ok

20:23:50.0453 4336 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:50.0453 4336 NtLmSsp - ok

20:23:50.0515 4336 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

20:23:50.0562 4336 NtmsSvc - ok

20:23:50.0593 4336 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

20:23:50.0593 4336 Null - ok

20:23:50.0656 4336 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

20:23:50.0656 4336 NwlnkFlt - ok

20:23:50.0671 4336 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

20:23:50.0671 4336 NwlnkFwd - ok

20:23:50.0765 4336 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:23:50.0781 4336 ose - ok

20:23:50.0828 4336 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

20:23:50.0843 4336 Parport - ok

20:23:50.0859 4336 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

20:23:50.0859 4336 PartMgr - ok

20:23:50.0875 4336 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

20:23:50.0875 4336 ParVdm - ok

20:23:50.0906 4336 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

20:23:50.0921 4336 PCI - ok

20:23:50.0921 4336 PCIDump - ok

20:23:50.0968 4336 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

20:23:50.0968 4336 PCIIde - ok

20:23:51.0000 4336 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

20:23:51.0000 4336 Pcmcia - ok

20:23:51.0015 4336 PDCOMP - ok

20:23:51.0031 4336 PDFRAME - ok

20:23:51.0031 4336 PDRELI - ok

20:23:51.0046 4336 PDRFRAME - ok

20:23:51.0062 4336 perc2 - ok

20:23:51.0078 4336 perc2hib - ok

20:23:51.0140 4336 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

20:23:51.0140 4336 PlugPlay - ok

20:23:51.0156 4336 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:51.0156 4336 PolicyAgent - ok

20:23:51.0187 4336 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

20:23:51.0187 4336 PptpMiniport - ok

20:23:51.0203 4336 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:51.0203 4336 ProtectedStorage - ok

20:23:51.0218 4336 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

20:23:51.0218 4336 PSched - ok

20:23:51.0234 4336 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

20:23:51.0234 4336 Ptilink - ok

20:23:51.0250 4336 ql1080 - ok

20:23:51.0250 4336 Ql10wnt - ok

20:23:51.0265 4336 ql12160 - ok

20:23:51.0281 4336 ql1240 - ok

20:23:51.0296 4336 ql1280 - ok

20:23:51.0328 4336 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

20:23:51.0328 4336 RasAcd - ok

20:23:51.0375 4336 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

20:23:51.0375 4336 RasAuto - ok

20:23:51.0421 4336 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

20:23:51.0421 4336 Rasirda - ok

20:23:51.0468 4336 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

20:23:51.0468 4336 Rasl2tp - ok

20:23:51.0515 4336 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

20:23:51.0531 4336 RasMan - ok

20:23:51.0546 4336 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

20:23:51.0562 4336 RasPppoe - ok

20:23:51.0593 4336 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

20:23:51.0593 4336 Raspti - ok

20:23:51.0625 4336 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

20:23:51.0640 4336 Rdbss - ok

20:23:51.0656 4336 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

20:23:51.0656 4336 RDPCDD - ok

20:23:51.0718 4336 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

20:23:51.0734 4336 rdpdr - ok

20:23:51.0781 4336 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

20:23:51.0796 4336 RDPWD - ok

20:23:51.0843 4336 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

20:23:51.0859 4336 RDSessMgr - ok

20:23:51.0890 4336 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

20:23:51.0890 4336 redbook - ok

20:23:52.0078 4336 RegSrvc (8ac155995f5d10fc0d3ad949a1a68075) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

20:23:52.0109 4336 RegSrvc - ok

20:23:52.0156 4336 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

20:23:52.0171 4336 RemoteAccess - ok

20:23:52.0218 4336 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

20:23:52.0218 4336 RemoteRegistry - ok

20:23:52.0265 4336 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

20:23:52.0265 4336 RpcLocator - ok

20:23:52.0343 4336 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

20:23:52.0343 4336 RpcSs - ok

20:23:52.0406 4336 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

20:23:52.0421 4336 RSVP - ok

20:23:52.0531 4336 S24EventMonitor (131d50f081d2e29ebd1365b21f6b9736) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

20:23:52.0593 4336 S24EventMonitor - ok

20:23:52.0656 4336 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys

20:23:52.0656 4336 s24trans - ok

20:23:52.0703 4336 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:52.0718 4336 SamSs - ok

20:23:52.0796 4336 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

20:23:52.0796 4336 SASDIFSV - ok

20:23:52.0812 4336 SAS***IL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS

20:23:52.0828 4336 SAS***IL - ok

20:23:52.0875 4336 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

20:23:52.0890 4336 SCardSvr - ok

20:23:52.0968 4336 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

20:23:52.0984 4336 Schedule - ok

20:23:53.0015 4336 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

20:23:53.0015 4336 Secdrv - ok

20:23:53.0078 4336 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

20:23:53.0078 4336 seclogon - ok

20:23:53.0093 4336 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

20:23:53.0093 4336 SENS - ok

20:23:53.0156 4336 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

20:23:53.0156 4336 serenum - ok

20:23:53.0171 4336 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

20:23:53.0171 4336 Serial - ok

20:23:53.0234 4336 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

20:23:53.0234 4336 Sfloppy - ok

20:23:53.0312 4336 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

20:23:53.0343 4336 SharedAccess - ok

20:23:53.0406 4336 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

20:23:53.0421 4336 ShellHWDetection - ok

20:23:53.0421 4336 Simbad - ok

20:23:53.0468 4336 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys

20:23:53.0468 4336 SMCIRDA - ok

20:23:53.0484 4336 Sparrow - ok

20:23:53.0531 4336 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

20:23:53.0531 4336 splitter - ok

20:23:53.0593 4336 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

20:23:53.0609 4336 Spooler - ok

20:23:53.0656 4336 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

20:23:53.0656 4336 sr - ok

20:23:53.0687 4336 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

20:23:53.0718 4336 srservice - ok

20:23:53.0781 4336 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

20:23:53.0781 4336 Srv - ok

20:23:53.0828 4336 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

20:23:53.0828 4336 SSDPSRV - ok

20:23:53.0906 4336 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys

20:23:53.0921 4336 STAC97 - ok

20:23:54.0015 4336 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

20:23:54.0031 4336 stisvc - ok

20:23:54.0093 4336 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

20:23:54.0093 4336 swenum - ok

20:23:54.0140 4336 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

20:23:54.0140 4336 swmidi - ok

20:23:54.0156 4336 SwPrv - ok

20:23:54.0171 4336 symc810 - ok

20:23:54.0187 4336 symc8xx - ok

20:23:54.0187 4336 sym_hi - ok

20:23:54.0203 4336 sym_u3 - ok

20:23:54.0234 4336 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

20:23:54.0250 4336 sysaudio - ok

20:23:54.0296 4336 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

20:23:54.0312 4336 SysmonLog - ok

20:23:54.0375 4336 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

20:23:54.0390 4336 TapiSrv - ok

20:23:54.0500 4336 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:23:54.0515 4336 Tcpip - ok

20:23:54.0578 4336 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

20:23:54.0578 4336 TDPIPE - ok

20:23:54.0609 4336 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

20:23:54.0609 4336 TDTCP - ok

20:23:54.0671 4336 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

20:23:54.0671 4336 TermDD - ok

20:23:54.0750 4336 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

20:23:54.0750 4336 TermService - ok

20:23:54.0781 4336 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

20:23:54.0796 4336 Themes - ok

20:23:54.0843 4336 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

20:23:54.0843 4336 TlntSvr - ok

20:23:54.0859 4336 TosIde - ok

20:23:54.0921 4336 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

20:23:54.0953 4336 TrkWks - ok

20:23:54.0984 4336 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

20:23:54.0984 4336 Udfs - ok

20:23:55.0000 4336 UIUSys - ok

20:23:55.0015 4336 ultra - ok

20:23:55.0093 4336 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

20:23:55.0125 4336 Update - ok

20:23:55.0171 4336 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

20:23:55.0187 4336 upnphost - ok

20:23:55.0218 4336 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

20:23:55.0218 4336 UPS - ok

20:23:55.0265 4336 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

20:23:55.0265 4336 usbccgp - ok

20:23:55.0296 4336 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

20:23:55.0312 4336 usbehci - ok

20:23:55.0328 4336 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

20:23:55.0343 4336 usbhub - ok

20:23:55.0359 4336 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

20:23:55.0359 4336 usbprint - ok

20:23:55.0390 4336 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

20:23:55.0390 4336 usbscan - ok

20:23:55.0437 4336 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

20:23:55.0453 4336 USBSTOR - ok

20:23:55.0468 4336 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

20:23:55.0468 4336 usbuhci - ok

20:23:55.0531 4336 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

20:23:55.0531 4336 VgaSave - ok

20:23:55.0546 4336 ViaIde - ok

20:23:55.0578 4336 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

20:23:55.0578 4336 VolSnap - ok

20:23:55.0640 4336 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

20:23:55.0656 4336 VSS - ok

20:23:55.0875 4336 w29n51 (d6006de6a6ed423d8016a03bc50cbe6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys

20:23:56.0031 4336 w29n51 - ok

20:23:56.0187 4336 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

20:23:56.0203 4336 W32Time - ok

20:23:56.0265 4336 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:23:56.0265 4336 Wanarp - ok

20:23:56.0312 4336 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

20:23:56.0328 4336 wceusbsh - ok

20:23:56.0328 4336 WDICA - ok

20:23:56.0390 4336 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

20:23:56.0390 4336 wdmaud - ok

20:23:56.0421 4336 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

20:23:56.0437 4336 WebClient - ok

20:23:56.0546 4336 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

20:23:56.0593 4336 winachsf - ok

20:23:56.0703 4336 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

20:23:56.0734 4336 winmgmt - ok

20:23:56.0953 4336 WLANKEEPER (8880769b9f88918e27f8e7332aa1aa01) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

20:23:56.0984 4336 WLANKEEPER - ok

20:23:57.0046 4336 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll

20:23:57.0046 4336 WmdmPmSN - ok

20:23:57.0125 4336 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

20:23:57.0187 4336 Wmi - ok

20:23:57.0234 4336 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

20:23:57.0250 4336 WmiApSrv - ok

20:23:57.0343 4336 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

20:23:57.0343 4336 WS2IFSL - ok

20:23:57.0406 4336 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

20:23:57.0406 4336 wscsvc - ok

20:23:57.0453 4336 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

20:23:57.0484 4336 wuauserv - ok

20:23:57.0562 4336 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

20:23:57.0593 4336 WZCSVC - ok

20:23:57.0609 4336 xcpip - ok

20:23:57.0656 4336 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

20:23:57.0671 4336 xmlprov - ok

20:23:57.0687 4336 xpsec - ok

20:23:57.0734 4336 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

20:23:58.0546 4336 \Device\Harddisk0\DR0 - ok

20:23:58.0562 4336 Boot (0x1200) (91d123cdc670794bbef41be835648a46) \Device\Harddisk0\DR0\Partition0

20:23:58.0562 4336 \Device\Harddisk0\DR0\Partition0 - ok

20:23:58.0562 4336 ============================================================

20:23:58.0562 4336 Scan finished

20:23:58.0562 4336 ============================================================

20:23:58.0578 4224 Detected object count: 0

20:23:58.0578 4224 Actual detected object count: 0

20:25:09.0156 4500 Deinitialize success

AVG-scan:

"";"C:\WINDOWS\system32\winlogon.exe (1160)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (672)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (448)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3740)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3124)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1776)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1696)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1436)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1208)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (3708)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (3700)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\alg.exe (3088)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (5016)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (1872)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (1508)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (1284)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3968)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jqs.exe (2488)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3784)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (468)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (328)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2972)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3816)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1900)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (5588)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (2924)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (4076)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (480)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (1936)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3288)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3920)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1160):\memory_00ff0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_00930000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_008a0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (448):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (448):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3740):\memory_00b50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3740):\memory_00ac0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3124):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3124):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1776):\memory_00a90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1776):\memory_00a10000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1436):\memory_00a90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1436):\memory_00640000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1208):\memory_009c0000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (3708):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (3700):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\alg.exe (3088):\memory_00aa0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (5016):\memory_00e10000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (5016):\memory_00d80000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (1872):\memory_00f50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (1508):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (1284):\memory_01230000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3968):\memory_00b20000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jqs.exe (2488):\memory_010d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3784):\memory_010b0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (468):\memory_01a50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (328):\memory_01400000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2972):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3816):\memory_00f70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1900):\memory_01490000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (5588):\memory_00e90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (2924):\memory_008f0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (4076):\memory_00da0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (480):\memory_023d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (1936):\memory_01aa0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3288):\memory_01c70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3920):\memory_008d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\drivers\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

Link naar reactie
Delen op andere sites

Download Dr.Web CureIt en sla het op je bureaublad op.

  • Dubbelklik drweb-cureit.exe en sta het toe om te express scan te starten.
    Indien er een popup verschijnt met het voorstel tot kopen/50% korting mag je deze sluiten.
  • De express scan zal de bestanden scannen die momenteel in het geheugen geladen zijn. Wanneer er iets gevonden wordt klik op 'alles selecteren' kies nu voor 'repareren' en uit het kleine menutje dat verschijnt kies je 'verplaatsen'.
  • Kies bovenaan in het menu voor Language/Taal en wijzig deze naar Dutch (Nederlands) indien deze bij jou anders staat ingesteld.
  • Druk op F9, kies daarna voor het tabblad Acties en stel daar het volgende in onder Malware:

    • Adware: Verplaats
    • Dialers: Verplaats
    • Jokes: Rapportage
    • Riskware: Rapportage
    • Hacktools: Verplaats
    • Haal dan het vinkje weg bij 'Prompt bij actie'.

    [*]Kies daarna voor het tabblad Scan en verwijder het vinkje bij Heuristische analyse.

    Druk vervolgens op Toepassen gevolgd door OK.

    [*]Eenmaal als de korte scan is beëindigd vink je aan: Volledige scan.

    Druk daarna op het groene pijltje (start knop) om de scan te starten.

    [*]Gevonden bestanden worden naar '%USERPROFILE%\DocterWeb\Quarantine' -map verplaatst indien het herstellen niet mogelijk is.

    [*]Nadat de scan gedaan is ga dan naar Bestand en kies Rapportage lijst opslaan.

    Bewaar deze op je bureaublad en sluit daarna Dr.Web CureIt.

    [*]Herstart vervolgens de computer!! Dit is een belangrijke stap want het kan zijn dat Dr.Web CureIt bestanden zal verplaatsen/verwijderen tijdens herstart.

    [*]Na het herstarten, kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.

Link naar reactie
Delen op andere sites

dr web uitgevoerd zoals hierboven, maar helaas heeft en gezinslid de computer uitgezet voordat er een log is opgeslagen. Het hele circus nogmaals laten draaien en log opgeslagen (zeer groot bestand). alles was o.k. , geen virussen o.i.d. gedetecteerd.

Ik heb wel de bestanden die bij de eerste dr-web-scan in quarantine zijn geplaatst genoteerd. Vervolgens AVG laten scannen: meer infecties gedetecteerd dan voorheen!

dr-web-quarantine:

A0060108.dll

A0060573.dll

A0061224.dll

descript.ion

Helper.dll.vir

AVG-scan:

"";"C:\WINDOWS\system32\winlogon.exe (1176)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (672)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3812)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (312)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (2160)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1748)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1696)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1632)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1224)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (3568)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (3560)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\ctfmon.exe (3912)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\alg.exe (2916)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (240)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (108)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3868)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3636)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3876)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3624)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3528)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (536)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (392)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2000)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3596)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1864)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (3476)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (1816)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (2724)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (3884)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgui.exe (4592)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (3756)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (720)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1176):\memory_00bf0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_00930000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_008a0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3812):\memory_00b50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3812):\memory_00ac0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (312):\memory_00b60000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (312):\memory_00ae0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2160):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2160):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1748):\memory_00ae0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1748):\memory_00a50000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1632):\memory_00ae0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1632):\memory_00a60000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1224):\memory_00670000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (3568):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (3560):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\ctfmon.exe (3912):\memory_00b10000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\alg.exe (2916):\memory_00aa0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (240):\memory_00f10000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (240):\memory_00e80000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (108):\memory_00e90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3868):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3636):\memory_01670000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3876):\memory_01280000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3624):\memory_00b20000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3528):\memory_01050000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (536):\memory_02880000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (392):\memory_01ad0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2000):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3596):\memory_00fc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1864):\memory_00fb0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (3476):\memory_01670000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (1816):\memory_008f0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (2724):\memory_00da0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (3884):\memory_019e0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgui.exe (4592):\memory_01430000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (3756):\memory_03760000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (720):\memory_008d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\drivers\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

Link naar reactie
Delen op andere sites

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-08-16 23:26:59

-----------------------------

23:26:59.453 OS Version: Windows 5.1.2600 Service Pack 3

23:26:59.453 Number of processors: 1 586 0xD08

23:26:59.453 ComputerName: MIRJAM-303AF4B9 UserName: Mirjam

23:27:04.375 Initialize success

23:27:39.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

23:27:39.328 Disk 0 Vendor: ST9408114A 8.03 Size: 38154MB BusType: 3

23:27:39.328 Disk 0 MBR read successfully

23:27:39.328 Disk 0 MBR scan

23:27:39.328 Disk 0 Windows XP default MBR code

23:27:39.343 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38153 MB offset 63

23:27:39.359 Disk 0 scanning sectors +78139039

23:27:39.453 Disk 0 scanning C:\WINDOWS\system32\drivers

23:27:45.937 Service scanning

23:27:48.125 Service atapi C:\WINDOWS\system32\DRIVERS\atapi.sys **LOCKED** 32

23:28:01.296 Modules scanning

23:28:08.578 Disk 0 trace - called modules:

23:28:08.593 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS

23:28:08.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8715bab8]

23:28:09.109 3 CLASSPNP.SYS[f75c7fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x871dd940]

23:28:09.109 Scan finished successfully

23:29:08.734 Disk 0 MBR has been saved successfully to "E:\MBR.dat"

23:29:08.750 The log file has been saved successfully to "E:\aswMBR.txt"

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.