Ga naar inhoud

Rootkits gedetecteerd in AVG 2012. Deze zijn niet te verwijderen

Klaas56
 Delen

Aanbevolen berichten

Klaas56 Groentje

Klaas56

Geplaatst:
  • Auteur
Geplaatst:

Emsisoft Emergency Kit scan uitgevoerd.

Melding: Geen verdachte bestanden ontdekt tijdens de scan.

Logbestand bijgevoegd

Computer herstart

AVG scan uitgevoerd

Nog steeds rootkit meldingen.

Meldingen bijgevoegd

Ook uitgevoerd scan Emsisoft Emergency kit HiJackFree

Het op het scherm getoonde logbestand toont een aantal rood gemarkeerde regels

Deze regels hebben betrekking op AVG en betreft de volgende bestanden.

Alle zijn gemarkeerd als zichtbaar "Nee"

avgemcx.exe

avgidsagent.exe

avgnsx.exe

avgrsx.exe

avgtray.exe

avgui.exe

Logbestand bijgevoegd

Klaas Ridderikhoff

Logbestand Emsisoft Emergency Kit:

Emsisoft Emergency Kit - Versie 2.0

Laatste Update: 13-10-2012 18:49:07

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, D:\

Scan archieven: Aan

ADS Scan: Aan

Scan gestart: 16-10-2012 15:57:02

Gescand 706254

Gevonden 0

Scan geëindigd: 16-10-2012 17:35:15

Scantijd: 1:38:13

AVG Rootkit meldingen:

"";"C:\Windows\System32\Drivers\sppb.sys";"atapi.sys, koppelpunt import ataport.SYS AtaPortWritePortUchar -> sppb.sys +0x26D2";"Object is verborgen"

"";"C:\Windows\System32\Drivers\sppb.sys";"atapi.sys, koppelpunt import ataport.SYS AtaPortReadPortUchar -> sppb.sys +0x2040";"Object is verborgen"

"";"C:\Windows\System32\Drivers\sppb.sys";"atapi.sys, koppelpunt import ataport.SYS AtaPortWritePortBufferUshort -> sppb.sys +0x27FC";"Object is verborgen"

"";"C:\Windows\System32\Drivers\sppb.sys";"atapi.sys, koppelpunt import ataport.SYS AtaPortReadPortUshort -> sppb.sys +0x20BE";"Object is verborgen"

"";"C:\Windows\System32\Drivers\sppb.sys";"atapi.sys, koppelpunt import ataport.SYS AtaPortReadPortBufferUshort -> sppb.sys +0x213C";"Object is verborgen"

"";"C:\Windows\System32\Drivers\sppb.sys";"Inline koppelpunt ataport.SYS DllUnload -> sppb.sys +0x2F8AE";"Object is verborgen"

"";"C:\Windows\System32\Drivers\sppb.sys";"i8042prt.sys, koppelpunt import HAL.dll READ_PORT_UCHAR -> sppb.sys +0x12048";"Object is verborgen"

Emsisoft HiJackFree logbestand:

Logbestand van HiJackFree v4.5

Scan opgeslagen om 22:16:07, Datum 16-10-2012

Platform: Windows Vista32 Service Pack 2 (Windows NT 6.0.6002)

MSIE: Internet Explorer v 9.0 Service Pack 2 (9.0.8112.16421)

Lopende processen:

C:\Windows\System32\smss.exe

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\System32\csrss.exe

C:\Windows\System32\wininit.exe

C:\Windows\System32\csrss.exe

C:\Windows\System32\services.exe

C:\Windows\System32\lsass.exe

C:\Windows\System32\lsm.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\SLsvc.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\winlogon.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\wlanext.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Fingerprint Reader Suite\upeksvr.exe

C:\Windows\System32\AEstSrv.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Planisware\Planisware Application Server\basis\OPX2Connect\opx2connect.exe

C:\Program Files\Planisware\Planisware Application Server\basis\OPX2HTTPServer\bin\httpd.exe

C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oracle.exe

C:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE

C:\Program Files\Planisware\Planisware Application Server\basis\OPX2HTTPServer\bin\httpd.exe

C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Windows\System32\stacsv.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\avgemcx.exe

C:\Windows\System32\svchost.exe

C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

C:\Windows\System32\vmnat.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\SearchIndexer.exe

C:\Windows\System32\vmnetdhcp.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\Program Files\AVG\AVG2012\avgidsagent.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\System32\taskeng.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\System32\taskeng.exe

C:\Program Files\TeamViewer\Version6\TeamViewer.exe

C:\Windows\System32\dwm.exe

C:\Windows\explorer.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\VMware\VMware Player\hqtray.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\ApntEx.exe

C:\Program Files\DellTPad\hidfind.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\Nuance\PaperPort\pptd40nt.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\spool\drivers\w32x86\3\CNAP2RPK.EXE

C:\Windows\System32\spool\drivers\w32x86\3\CNAC9SWK.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Fingerprint Reader Suite\psqltray.exe

C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\MyTomTom 3\MyTomTomSA.exe

C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\wbem\WmiPrvSE.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

C:\Windows\System32\svchost.exe

C:\Program Files\AVG\AVG2012\avgui.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Klaas\Desktop\EmsisoftEmergencyKit\start.exe

C:\Install\Capture

C:\Users\Klaas\Desktop\EmsisoftEmergencyKit\Run\a2HiJackFree.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Standaard) =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Links

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Fingerprint Reader Suite\launcher.exe" /startup

O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start

O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"

O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKLM\..\Run: [MyTomTomSA.exe] C:\Program Files\MyTomTom 3\MyTomTomSA.exe

O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

O7 - Regedit - Ingeschakeld

O8 - Extra contextmenu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra contextmenu item: Openen in PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

O8 - Extra contextmenu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra contextmenu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBAR.ICO

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico

O9 - Extra "Tools" menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico

O14 - IERESET.INF: SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

O14 - IERESET.INF: CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

O15 - Vertrouwde Zone: http://wiki.intus.nl

O16 - DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} (Cisco SSL VPN Relay Loader) - https://vpn1.prvlimburg.nl/+CSCOL+/csvrloader32.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E34F52FE-7769-46CE-8F8B-5E8ABAD2E9FC} (CSD ActiveX Installer) - https://vpn1.prvlimburg.nl/CACHE/sdesktop/install/binaries/instweb.cab

O20 - Winlogon Notify: psfus - C:\Windows\system32\psqlpwd.dll

O21 - ShellServiceObjectDelayLoad: WebCheck -

O22 - SharedTaskScheduler: Component Categories cache daemon - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Application Experience-service - C:\Windows\system32\svchost.exe

O23 - Service: Andrea ST Filters Service - C:\Windows\system32\aestsrv.exe

O23 - Service: Application Layer Gateway-service - C:\Windows\System32\alg.exe

O23 - Service: Application Information-service - C:\Windows\system32\svchost.exe

O23 - Service: Windows Audio-service - C:\Windows\System32\svchost.exe

O23 - Service: Windows Audio-service - C:\Windows\System32\svchost.exe

O23 - Service: AVGIDSAgent - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Background Intelligent Transfer Service - C:\Windows\System32\svchost.exe

O23 - Service: DLL-bestand voor Computer Browser-service - C:\Windows\system32\svchost.exe

O23 - Service: Bluetooth Support-service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft Smartcard Certificate Propagation-service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

O23 - Service: COMSysApp - C:\Windows\system32\dllhost.exe

O23 - Service: Cryptografische services - C:\Windows\system32\svchost.exe

O23 - Service: DFSR - C:\Windows\system32\DFSR.exe

O23 - Service: DHCP Client-service - C:\Windows\system32\svchost.exe

O23 - Service: API DLL van DNS Client - C:\Windows\system32\svchost.exe

O23 - Service: Wired AutoConfig-service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft EAPHost-service - C:\Windows\System32\svchost.exe

O23 - Service: Windows Media Center Receiver-service - C:\Windows\ehome\ehRecvr.exe

O23 - Service: Windows Media Center Scheduler-service - C:\Windows\ehome\ehsched.exe

O23 - Service: Windows Media Center Service Launcher - C:\Windows\\system32\svchost.exe

O23 - Service: ReadyBoost-service - C:\Windows\system32\svchost.exe

O23 - Service: Event Logging-service - C:\Windows\System32\svchost.exe

O23 - Service: EventSystem - C:\Windows\system32\svchost.exe

O23 - Service: Intel® PROSet/Wireless Event Log - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: WS Discovery-service - C:\Windows\system32\svchost.exe

O23 - Service: Function Discovery Resource Publication-service - C:\Windows\system32\svchost.exe

O23 - Service: Windows Font Cache-service - C:\Windows\system32\svchost.exe

O23 - Service: Windows Presentation Foundation-host - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

O23 - Service: Google Update Service (gupdate1c8f0be5291664b) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HID-service - C:\Windows\system32\svchost.exe

O23 - Service: Sleutelbeheerservice - C:\Windows\System32\svchost.exe

O23 - Service: Intel® Matrix Storage Event Monitor - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: IKE-extensie - C:\Windows\system32\svchost.exe

O23 - Service: DLL voor PnP-X IP Bus Enumerator - C:\Windows\system32\svchost.exe

O23 - Service: Service die IPv6-connectiviteit via een IPv4-netwerk biedt. - C:\Windows\System32\svchost.exe

O23 - Service: KeyIso - C:\Windows\system32\lsass.exe

O23 - Service: KtmRm - C:\Windows\System32\svchost.exe

O23 - Service: DLL-bestand voor Server-service - C:\Windows\system32\svchost.exe

O23 - Service: DLL-bestand voor Workstation-service - C:\Windows\System32\svchost.exe

O23 - Service: Bronnen voor verkennen van Link-layer - C:\Windows\System32\svchost.exe

O23 - Service: DLL-bestand voor TCPIP NetBios Transport Services - C:\Windows\system32\svchost.exe

O23 - Service: Media Center-bronnen - C:\Windows\system32\svchost.exe

O23 - Service: Multimedia Class Scheduler-service - C:\Windows\system32\svchost.exe

O23 - Service: Mozilla Maintenance Service - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: API van Windows Firewall - C:\Windows\system32\svchost.exe

O23 - Service: MSDTC - C:\Windows\System32\msdtc.exe

O23 - Service: API voor iSCSI-ontdekking - C:\Windows\system32\svchost.exe

O23 - Service: Internationale berichten van Windows® Installer - C:\Windows\system32\msiexec.exe

O23 - Service: Quarantine Agent Service Run-Time - C:\Windows\System32\svchost.exe

O23 - Service: Dll-bestand voor NetLogon-services - C:\Windows\system32\lsass.exe

O23 - Service: Netwerkverbindingsbeheer - C:\Windows\System32\svchost.exe

O23 - Service: Gebruikersinterface van beheer van netwerkprofiel - C:\Windows\System32\svchost.exe

O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Network Location Awareness 2 - C:\Windows\System32\svchost.exe

O23 - Service: Network Store Interface RPC-server - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft Office Diagnostics Service - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

O23 - Service: OPX2Connectbasis - C:\Program Files\Planisware\Planisware Application Server\basis\OPX2Connect\OPX2Connect.exe

O23 - Service: OPX2HTTPServerbasis - C:\Program Files\Planisware\Planisware Application Server\basis\OPX2HTTPServer\bin\httpd.exe

O23 - Service: OPX2IntranetServerdemo - C:\Program Files\Planisware\Planisware Application Server\demo\OPX2Modules\startintranet.exe

O23 - Service: OPX2IntranetServerMOBWEG5_218 - C:\Program Files\Planisware\Planisware Application Server\MOBWEG5_218\OPX2Modules\startintranet.exe

O23 - Service: OPX2IntranetServersp2_1 - C:\Program Files\Planisware\Planisware Application Server\sp2_1\OPX2Modules\startintranet.exe

O23 - Service: OracleJobSchedulerXE - c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe

O23 - Service: OracleMTSRecoveryService - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe

O23 - Service: OracleServiceXE - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE

O23 - Service: OracleXETNSListener - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe

O23 - Service: Office Source Engine - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

O23 - Service: Peer-to-Peer-services - C:\Windows\System32\svchost.exe

O23 - Service: Peer-to-Peer-services - C:\Windows\System32\svchost.exe

O23 - Service: Program Compatibility Assistant-service - C:\Windows\system32\svchost.exe

O23 - Service: PCDSRVC{E9D79540-57D5953E-06020200}_0 - PCDR Kernel Mode Service Helper Driver - c:\program files\dell support center\pcdsrvc.pkms

O23 - Service: PDFProFiltSrvPP - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

O23 - Service: Prestatielogboeken en signalen - C:\Windows\System32\svchost.exe

O23 - Service: Plug en Play-service in gebruikersmodus - C:\Windows\system32\svchost.exe

O23 - Service: Peer-to-Peer-services - C:\Windows\System32\svchost.exe

O23 - Service: Peer-to-Peer-services - C:\Windows\System32\svchost.exe

O23 - Service: DLL-beleidsarchiefbestand - C:\Windows\system32\svchost.exe

O23 - Service: Userenv - C:\Windows\system32\svchost.exe

O23 - Service: Standaardprovider van Beveiligde opslag - C:\Windows\system32\lsass.exe

O23 - Service: Windows NT - C:\Windows\\system32\svchost.exe

O23 - Service: Beheer van automatisch inbellen van Externe toegang - C:\Windows\system32\svchost.exe

O23 - Service: Verbindingsbeheer voor RAS - C:\Windows\system32\svchost.exe

O23 - Service: Dynamisch interfacebeheer - C:\Windows\system32\svchost.exe

O23 - Service: RemoteRegistry - C:\Windows\system32\svchost.exe

O23 - Service: Rpc Locator - C:\Windows\system32\locator.exe

O23 - Service: Smartcard-bronbeheerserver - C:\Windows\system32\svchost.exe

O23 - Service: Task Scheduler-service - C:\Windows\System32\svchost.exe

O23 - Service: Microsoft Smartcard Certificate Propagation-service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft® Windows Back-up-service - C:\Windows\system32\svchost.exe

O23 - Service: System Event Notification-service (SENS) - C:\Windows\system32\svchost.exe

O23 - Service: ServiceLayer - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Terminal Services Configuration-service - C:\Windows\System32\svchost.exe

O23 - Service: Helper-onderdelen voor Microsoft NAT - C:\Windows\System32\svchost.exe

O23 - Service: DLL-bestand voor Windows Shell Services - C:\Windows\System32\svchost.exe

O23 - Service: Skype Updater - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Microsoft Software Licensing Service - C:\Windows\system32\SLsvc.exe

O23 - Service: Gebruikersinterface van kennisgevingsservice van softwarelicenties - C:\Windows\system32\svchost.exe

O23 - Service: SNMP Trap - C:\Windows\System32\snmptrap.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: DLL-bestand voor SSDP-service - C:\Windows\system32\svchost.exe

O23 - Service: Maakt het gebruik van SSTP (Secure Socket Tunneling Protocol) mogelijk om verbinding te maken met externe computers (via VPN). - C:\Windows\system32\svchost.exe

O23 - Service: SigmaTel Audio Service - C:\Windows\system32\STacSV.exe

O23 - Service: Still Image-apparatenservice - C:\Windows\system32\svchost.exe

O23 - Service: stllssvr - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Microsoft®-softwareleverancier voor Volume Shadow Copy-service - C:\Windows\System32\svchost.exe

O23 - Service: Host voor Superfetch-service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft Tablet PC Input Service - C:\Windows\System32\svchost.exe

O23 - Service: Microsoft® Windows Telefoonserver - C:\Windows\System32\svchost.exe

O23 - Service: TBS-service - C:\Windows\System32\svchost.exe

O23 - Service: TeamViewer 6 - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

O23 - Service: Beheer van externe verbindingen via Terminal Server - C:\Windows\System32\svchost.exe

O23 - Service: DLL-bestand voor Windows Shell Services - C:\Windows\System32\svchost.exe

O23 - Service: Multimedia Class Scheduler-service - C:\Windows\system32\svchost.exe

O23 - Service: TomTomHOMEService - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Detectie van interactieve services - C:\Windows\system32\UI0Detect.exe

O23 - Service: UPnP-apparaathost - C:\Windows\system32\svchost.exe

O23 - Service: Beheer van bureaubladvensters - C:\Windows\System32\svchost.exe

O23 - Service: Virtual Disk-service - C:\Windows\System32\vds.exe

O23 - Service: VMware Authorization Service - C:\Program Files\VMware\VMware Player\vmware-authd.exe

O23 - Service: VMware DHCP Service - C:\Windows\system32\vmnetdhcp.exe

O23 - Service: VMware Virtual Mount Manager Extended - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

O23 - Service: VMware NAT Service - C:\Windows\system32\vmnat.exe

O23 - Service: Microsoft® Volume Shadow Copy-service - C:\Windows\system32\vssvc.exe

O23 - Service: Windows Time-service - C:\Windows\system32\svchost.exe

O23 - Service: Windows Connect Now - Config Registrar-service - C:\Windows\System32\svchost.exe

O23 - Service: WcsPlugInService DLL - C:\Windows\system32\svchost.exe

O23 - Service: Dll-bestand voor Web DAV-service - C:\Windows\system32\svchost.exe

O23 - Service: Event Collector-service - C:\Windows\system32\svchost.exe

O23 - Service: Probleemrapporten en oplossingen - C:\Windows\System32\svchost.exe

O23 - Service: Windows Error Reporting-service - C:\Windows\System32\svchost.exe

O23 - Service: Windows Defender - C:\Windows\System32\svchost.exe

O23 - Service: Windows HTTP-services - C:\Windows\system32\svchost.exe

O23 - Service: WMI - C:\Windows\system32\svchost.exe

O23 - Service: WSMan Service - C:\Windows\System32\svchost.exe

O23 - Service: DLL-bestand van Windows WLAN AutoConfig-service - C:\Windows\system32\svchost.exe

O23 - Service: WMI Performance Reverse Adapter - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: Windows Media Player Network Sharing-service - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: WPC Filtering-service - C:\Windows\system32\svchost.exe

O23 - Service: Inventarisatie van draagbare apparaat - C:\Windows\system32\svchost.exe

O23 - Service: Windows Security Center-service - C:\Windows\System32\svchost.exe

O23 - Service: Indexeerfunctie van Microsoft Windows Search - C:\Windows\system32\SearchIndexer.exe

O23 - Service: Windows Update-agent - C:\Windows\system32\svchost.exe

O23 - Service: Windows Driver Foundation - User-mode Driver Framework-service - C:\Windows\system32\svchost.exe

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

De resultaten van Emsisoft en de verdere logjes, bevestigen alleen mijn vermoeden dat AVG - ten onrechte - melding maakt van besmette bestanden. Download - bij wijze van laatste test - eens een andere virusscanner - Avast - en laat deze eens scannen. Benieuwd wat die als resultaat gaat geven ?

Link naar reactie
Delen op andere sites
Klaas56 Groentje

Klaas56

Geplaatst:
  • Auteur
Geplaatst:

Avast geinstalleerd

Volledige systeemscan uitgevoerd: "Geen bedreiging gevonden"

Avast gedeinstalleerd

Herstart computer

Opnieuw scan gedaan met AVG

De Rootkit meldingen zijn nu op wonderbaarlijke wijze verdwenen.

Dus het lijkt mij ook dat het probleem nu inderdaad als opgelost kan worden beschouwd.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.