Ga naar inhoud

langdurige opstart

steven02
 Delen

Aanbevolen berichten

  • Reacties 41
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

steven02 Leerling

steven02

Geplaatst:
  • Auteur
Geplaatst:

Het opstarten in veilige modus lukt opnieuw! Ik heb wel niet onmiddellijk de indruk dat het opstarten veel sneller gaat, ook tijdens het surfen loopt hij soms wel eens vast? Kan dit te maken hebben met de anti virus? Ik heb momenteel avast, welke is hiervoor het meeste aangeraden?

Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst: (aangepast)

Kan je toch nog eens kijken om dat bewuste Malwarebytes logje te plaatsen?

Zodoende kunnen we eens kijken welke virussen er juist gevonden zijn.

je zou de logs moeten terugvinden op deze locatie:

C:\Gebruikers\Steven\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Om de map "Roaming" te kunnen zien, moet je wel eerst je verborgen mappen zichtbaar maken.

aangepast door Jion
Link naar reactie
Delen op andere sites
steven02 Leerling

steven02

Geplaatst:
  • Auteur
Geplaatst:

Beste,

Ik heb toch de 2 logs terug gevonden waarin er een detectie vastgesteld werd, hopelijk ben je hier iets mee.

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Mijzelf :: ACER1705SCI [administrator]

Protection: Enabled

19/06/2013 22:38:47

mbam-log-2013-06-19 (22-38-47).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 224389

Time elapsed: 20 minute(s), 37 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 1

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent.RNS) -> Data: explorer.exe,C:\Documents and Settings\Mijzelf\Application Data\skype.dat -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Documents and Settings\Mijzelf\Application Data\skype.dat (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.06.20.08

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Mijzelf :: ACER1705SCI [administrator]

Protection: Disabled

20/06/2013 20:27:33

mbam-log-2013-06-20 (20-27-33).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 226172

Time elapsed: 11 minute(s), 20 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Documents and Settings\Mijzelf\Local Settings\Temp\jxiwjdx (Malware.Packer.SRR) -> Quarantined and deleted successfully.

(end)

Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst:

Download TDSSKiller en plaats het op je bureaublad.


  • Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.

    [*] Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).

    [*] Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"

    [*] Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.

    [*] Start nu TDSSkiller opnieuw.

    [*] Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

    51c8a229933ed-tdsskiller.PNG

    [*] Klik op de knop "Start Scan" en volg de instructies.


    • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
    • Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt
    • Voeg dit log-bestand als bijlage toe aan het volgende bericht.

Link naar reactie
Delen op andere sites
steven02 Leerling

steven02

Geplaatst:
  • Auteur
Geplaatst:

Beste,

Hieronder het logbestand uit TDSSkiller.

18:49:42.0812 2572 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:49:43.0046 2572 ============================================================

18:49:43.0046 2572 Current date / time: 2013/07/01 18:49:43.0046

18:49:43.0046 2572 SystemInfo:

18:49:43.0046 2572

18:49:43.0046 2572 OS Version: 5.1.2600 ServicePack: 3.0

18:49:43.0046 2572 Product type: Workstation

18:49:43.0046 2572 ComputerName: ACER1705SCI

18:49:43.0046 2572 UserName: Mijzelf

18:49:43.0046 2572 Windows directory: C:\WINDOWS

18:49:43.0046 2572 System windows directory: C:\WINDOWS

18:49:43.0062 2572 Processor architecture: Intel x86

18:49:43.0062 2572 Number of processors: 1

18:49:43.0062 2572 Page size: 0x1000

18:49:43.0062 2572 Boot type: Normal boot

18:49:43.0062 2572 ============================================================

18:49:44.0343 2572 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:49:44.0343 2572 ============================================================

18:49:44.0343 2572 \Device\Harddisk0\DR0:

18:49:44.0343 2572 MBR partitions:

18:49:44.0343 2572 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBE0DDF6

18:49:44.0375 2572 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0xBE0DE74, BlocksNum 0x218594D

18:49:44.0375 2572 ============================================================

18:49:44.0375 2572 D: <-> \Device\Harddisk0\DR0\Partition2

18:49:44.0406 2572 C: <-> \Device\Harddisk0\DR0\Partition1

18:49:44.0406 2572 ============================================================

18:49:44.0406 2572 Initialize success

18:49:44.0406 2572 ============================================================

18:49:50.0296 3656 ============================================================

18:49:50.0296 3656 Scan started

18:49:50.0296 3656 Mode: Manual; SigCheck; TDLFS;

18:49:50.0296 3656 ============================================================

18:49:50.0625 3656 ================ Scan system memory ========================

18:49:50.0625 3656 System memory - ok

18:49:50.0640 3656 ================ Scan services =============================

18:49:51.0000 3656 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys

18:49:51.0140 3656 Aavmker4 - ok

18:49:51.0156 3656 Abiosdsk - ok

18:49:51.0171 3656 abp480n5 - ok

18:49:51.0203 3656 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:49:51.0500 3656 ACPI - ok

18:49:51.0531 3656 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:49:51.0765 3656 ACPIEC - ok

18:49:51.0765 3656 adpu160m - ok

18:49:51.0796 3656 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:49:52.0031 3656 aec - ok

18:49:52.0062 3656 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:49:52.0109 3656 AFD - ok

18:49:52.0187 3656 [ E66AE825C42B668A90E67E7E41EEEEE7 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys

18:49:52.0265 3656 AgereSoftModem - ok

18:49:52.0281 3656 Aha154x - ok

18:49:52.0296 3656 aic78u2 - ok

18:49:52.0312 3656 aic78xx - ok

18:49:52.0359 3656 [ B07116C0F3E0E0BDE9B8ECD3D806FFC4 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS

18:49:52.0421 3656 ALCXWDM - ok

18:49:52.0453 3656 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:49:52.0765 3656 Alerter - ok

18:49:52.0968 3656 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe

18:49:53.0312 3656 ALG - ok

18:49:53.0328 3656 AliIde - ok

18:49:53.0343 3656 amsint - ok

18:49:53.0484 3656 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

18:49:53.0515 3656 Apple Mobile Device - ok

18:49:53.0515 3656 AppMgmt - ok

18:49:53.0546 3656 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:49:53.0781 3656 Arp1394 - ok

18:49:53.0781 3656 asc - ok

18:49:53.0796 3656 asc3350p - ok

18:49:53.0812 3656 asc3550 - ok

18:49:53.0906 3656 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

18:49:53.0921 3656 aspnet_state - ok

18:49:53.0968 3656 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys

18:49:53.0984 3656 aswFsBlk - ok

18:49:54.0031 3656 [ CCAFDA4AB7F3738142B3BA7DA311FFB0 ] aswFW C:\WINDOWS\system32\drivers\aswFW.sys

18:49:54.0109 3656 aswFW - ok

18:49:54.0140 3656 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys

18:49:54.0156 3656 aswKbd - ok

18:49:54.0203 3656 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys

18:49:54.0218 3656 aswMon2 - ok

18:49:54.0218 3656 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\WINDOWS\system32\DRIVERS\aswNdis.sys

18:49:54.0250 3656 aswNdis - ok

18:49:54.0281 3656 [ DCF8B68A3A6217F87CA7FA95F535B47E ] aswNdis2 C:\WINDOWS\system32\drivers\aswNdis2.sys

18:49:54.0296 3656 aswNdis2 - ok

18:49:54.0312 3656 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys

18:49:54.0328 3656 aswRdr - ok

18:49:54.0406 3656 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys

18:49:54.0515 3656 aswSnx - ok

18:49:54.0609 3656 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys

18:49:54.0671 3656 aswSP - ok

18:49:54.0687 3656 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys

18:49:54.0718 3656 aswTdi - ok

18:49:54.0734 3656 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:49:54.0953 3656 AsyncMac - ok

18:49:55.0000 3656 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:49:55.0203 3656 atapi - ok

18:49:55.0218 3656 Atdisk - ok

18:49:55.0234 3656 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:49:55.0515 3656 Atmarpc - ok

18:49:55.0546 3656 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:49:55.0906 3656 AudioSrv - ok

18:49:55.0953 3656 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:49:56.0265 3656 audstub - ok

18:49:56.0453 3656 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

18:49:56.0468 3656 avast! Antivirus - ok

18:49:56.0593 3656 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\Alwil Software\Avast5\afwServ.exe

18:49:56.0625 3656 avast! Firewall - ok

18:49:56.0671 3656 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:49:57.0078 3656 Beep - ok

18:49:57.0421 3656 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll

18:49:57.0812 3656 BITS - ok

18:49:57.0859 3656 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll

18:49:58.0015 3656 Browser - ok

18:49:58.0796 3656 catchme - ok

18:49:58.0859 3656 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:49:59.0265 3656 cbidf2k - ok

18:49:59.0265 3656 cd20xrnt - ok

18:49:59.0312 3656 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:49:59.0671 3656 Cdaudio - ok

18:49:59.0750 3656 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:49:59.0953 3656 Cdfs - ok

18:49:59.0968 3656 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:50:00.0187 3656 Cdrom - ok

18:50:00.0203 3656 Changer - ok

18:50:00.0234 3656 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:50:00.0468 3656 CiSvc - ok

18:50:00.0484 3656 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:50:00.0687 3656 ClipSrv - ok

18:50:00.0734 3656 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:50:00.0750 3656 clr_optimization_v2.0.50727_32 - ok

18:50:00.0781 3656 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:50:00.0984 3656 CmBatt - ok

18:50:01.0000 3656 CmdIde - ok

18:50:01.0031 3656 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:50:01.0234 3656 Compbatt - ok

18:50:01.0250 3656 COMSysApp - ok

18:50:01.0281 3656 Cpqarray - ok

18:50:01.0328 3656 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:50:01.0515 3656 CryptSvc - ok

18:50:01.0531 3656 dac2w2k - ok

18:50:01.0546 3656 dac960nt - ok

18:50:01.0593 3656 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:50:01.0750 3656 DcomLaunch - ok

18:50:01.0796 3656 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:50:01.0984 3656 Dhcp - ok

18:50:02.0015 3656 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:50:02.0203 3656 Disk - ok

18:50:02.0250 3656 [ 4B474C4B3932BCA5C2D44AD38BCD465F ] DKbFltr C:\WINDOWS\system32\Drivers\DKbFltr.sys

18:50:02.0265 3656 DKbFltr ( UnsignedFile.Multi.Generic ) - warning

18:50:02.0265 3656 DKbFltr - detected UnsignedFile.Multi.Generic (1)

18:50:02.0281 3656 dmadmin - ok

18:50:02.0359 3656 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:50:02.0593 3656 dmboot - ok

18:50:02.0640 3656 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:50:02.0859 3656 dmio - ok

18:50:02.0921 3656 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:50:03.0140 3656 dmload - ok

18:50:03.0187 3656 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll

18:50:03.0375 3656 dmserver - ok

18:50:03.0406 3656 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:50:03.0609 3656 DMusic - ok

18:50:03.0640 3656 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:50:03.0765 3656 Dnscache - ok

18:50:03.0812 3656 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:50:04.0015 3656 Dot3svc - ok

18:50:04.0031 3656 dpti2o - ok

18:50:04.0078 3656 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:50:04.0281 3656 drmkaud - ok

18:50:04.0312 3656 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:50:04.0531 3656 EapHost - ok

18:50:04.0578 3656 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:50:05.0281 3656 ERSvc - ok

18:50:05.0312 3656 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe

18:50:05.0421 3656 Eventlog - ok

18:50:05.0468 3656 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll

18:50:05.0500 3656 EventSystem - ok

18:50:05.0531 3656 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:50:05.0734 3656 Fastfat - ok

18:50:05.0781 3656 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:50:05.0812 3656 FastUserSwitchingCompatibility - ok

18:50:05.0843 3656 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

18:50:06.0046 3656 Fdc - ok

18:50:06.0078 3656 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:50:06.0281 3656 Fips - ok

18:50:06.0296 3656 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:50:06.0484 3656 Flpydisk - ok

18:50:06.0531 3656 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:50:06.0734 3656 FltMgr - ok

18:50:06.0812 3656 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:50:06.0843 3656 FontCache3.0.0.0 - ok

18:50:06.0875 3656 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:50:07.0109 3656 Fs_Rec - ok

18:50:07.0140 3656 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:50:07.0375 3656 Ftdisk - ok

18:50:07.0421 3656 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:50:07.0437 3656 GEARAspiWDM - ok

18:50:07.0468 3656 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:50:07.0656 3656 Gpc - ok

18:50:07.0734 3656 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

18:50:07.0750 3656 gupdate - ok

18:50:07.0765 3656 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

18:50:07.0781 3656 gupdatem - ok

18:50:07.0859 3656 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:50:07.0875 3656 gusvc - ok

18:50:07.0937 3656 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:50:08.0140 3656 helpsvc - ok

18:50:08.0156 3656 HidServ - ok

18:50:08.0187 3656 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:50:08.0390 3656 HidUsb - ok

18:50:08.0437 3656 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:50:08.0640 3656 hkmsvc - ok

18:50:08.0734 3656 [ C5F00D15AA15CB7F55A027FF75E44BB7 ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

18:50:08.0890 3656 HP Port Resolver - ok

18:50:08.0906 3656 [ C5A288E4CEEF5A26D105117BAA3763AB ] HP Status Server C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

18:50:09.0046 3656 HP Status Server - ok

18:50:09.0046 3656 hpn - ok

18:50:09.0093 3656 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:50:09.0125 3656 HPZid412 - ok

18:50:09.0156 3656 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:50:09.0203 3656 HPZipr12 - ok

18:50:09.0234 3656 [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:50:09.0265 3656 HPZius12 - ok

18:50:09.0312 3656 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:50:09.0343 3656 HTTP - ok

18:50:09.0375 3656 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:50:09.0578 3656 HTTPFilter - ok

18:50:09.0593 3656 i2omgmt - ok

18:50:09.0609 3656 i2omp - ok

18:50:09.0640 3656 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:50:09.0859 3656 i8042prt - ok

18:50:09.0953 3656 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:50:10.0015 3656 idsvc - ok

18:50:10.0031 3656 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:50:10.0250 3656 Imapi - ok

18:50:10.0296 3656 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe

18:50:10.0500 3656 ImapiService - ok

18:50:10.0515 3656 ini910u - ok

18:50:10.0546 3656 IntelIde - ok

18:50:10.0593 3656 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:50:10.0796 3656 intelppm - ok

18:50:10.0828 3656 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:50:11.0031 3656 Ip6Fw - ok

18:50:11.0062 3656 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:50:11.0312 3656 IpFilterDriver - ok

18:50:11.0343 3656 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:50:11.0531 3656 IpInIp - ok

18:50:11.0562 3656 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:50:11.0765 3656 IpNat - ok

18:50:11.0812 3656 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:50:11.0843 3656 iPod Service - ok

18:50:11.0875 3656 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:50:12.0078 3656 IPSec - ok

18:50:12.0109 3656 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:50:12.0312 3656 IRENUM - ok

18:50:12.0343 3656 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:50:12.0531 3656 isapnp - ok

18:50:12.0609 3656 [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

18:50:12.0625 3656 JavaQuickStarterService - ok

18:50:12.0656 3656 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:50:12.0859 3656 Kbdclass - ok

18:50:12.0875 3656 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:50:13.0093 3656 kmixer - ok

18:50:13.0125 3656 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:50:13.0156 3656 KSecDD - ok

18:50:13.0203 3656 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:50:13.0234 3656 lanmanserver - ok

18:50:13.0281 3656 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:50:13.0312 3656 lanmanworkstation - ok

18:50:13.0312 3656 lbrtfdc - ok

18:50:13.0406 3656 [ 00944D59948596721D17510C94CD3E4F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

18:50:13.0421 3656 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

18:50:13.0421 3656 LightScribeService - detected UnsignedFile.Multi.Generic (1)

18:50:13.0453 3656 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:50:13.0671 3656 LmHosts - ok

18:50:13.0718 3656 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

18:50:13.0734 3656 MBAMProtector - ok

18:50:13.0812 3656 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

18:50:13.0828 3656 MBAMScheduler - ok

18:50:13.0875 3656 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

18:50:13.0921 3656 MBAMService - ok

18:50:13.0968 3656 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:50:14.0171 3656 Messenger - ok

18:50:14.0203 3656 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:50:14.0437 3656 mnmdd - ok

18:50:14.0468 3656 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

18:50:14.0687 3656 mnmsrvc - ok

18:50:14.0734 3656 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:50:14.0953 3656 Modem - ok

18:50:14.0968 3656 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:50:15.0171 3656 Mouclass - ok

18:50:15.0203 3656 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:50:15.0531 3656 mouhid - ok

18:50:15.0578 3656 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:50:15.0875 3656 MountMgr - ok

18:50:15.0906 3656 mraid35x - ok

18:50:15.0937 3656 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:50:16.0203 3656 MRxDAV - ok

18:50:16.0250 3656 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:50:16.0312 3656 MRxSmb - ok

18:50:16.0359 3656 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe

18:50:16.0562 3656 MSDTC - ok

18:50:16.0578 3656 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:50:16.0781 3656 Msfs - ok

18:50:16.0796 3656 MSIServer - ok

18:50:16.0828 3656 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:50:17.0046 3656 MSKSSRV - ok

18:50:17.0078 3656 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:50:17.0265 3656 MSPCLOCK - ok

18:50:17.0296 3656 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:50:17.0515 3656 MSPQM - ok

18:50:17.0531 3656 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:50:17.0734 3656 mssmbios - ok

18:50:17.0765 3656 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:50:17.0796 3656 Mup - ok

18:50:17.0843 3656 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll

18:50:18.0062 3656 napagent - ok

18:50:18.0109 3656 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:50:18.0328 3656 NDIS - ok

18:50:18.0359 3656 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:50:18.0390 3656 NdisTapi - ok

18:50:18.0406 3656 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:50:18.0609 3656 Ndisuio - ok

18:50:18.0656 3656 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:50:18.0859 3656 NdisWan - ok

18:50:19.0140 3656 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:50:19.0171 3656 NDProxy - ok

18:50:19.0187 3656 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:50:19.0375 3656 NetBIOS - ok

18:50:19.0406 3656 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:50:19.0593 3656 NetBT - ok

18:50:19.0625 3656 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe

18:50:19.0828 3656 NetDDE - ok

18:50:19.0828 3656 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:50:20.0031 3656 NetDDEdsdm - ok

18:50:20.0062 3656 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:50:20.0296 3656 Netlogon - ok

18:50:20.0312 3656 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll

18:50:20.0515 3656 Netman - ok

18:50:20.0578 3656 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:50:20.0593 3656 NetTcpPortSharing - ok

18:50:20.0625 3656 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:50:20.0828 3656 NIC1394 - ok

18:50:20.0843 3656 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll

18:50:20.0968 3656 Nla - ok

18:50:20.0984 3656 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:50:21.0187 3656 Npfs - ok

18:50:21.0234 3656 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:50:21.0437 3656 Ntfs - ok

18:50:21.0453 3656 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

18:50:21.0640 3656 NtLmSsp - ok

18:50:21.0687 3656 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:50:21.0921 3656 NtmsSvc - ok

18:50:21.0937 3656 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

18:50:22.0187 3656 Null - ok

18:50:22.0265 3656 [ A1946DC75F5D9458783D236AADA04A09 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:50:22.0343 3656 nv - ok

18:50:22.0359 3656 [ 6635591C7E6C47F68524CAA27BB39F88 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

18:50:22.0390 3656 NVSvc - ok

18:50:22.0437 3656 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:50:22.0671 3656 NwlnkFlt - ok

18:50:22.0671 3656 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:50:22.0906 3656 NwlnkFwd - ok

18:50:22.0953 3656 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:50:23.0156 3656 ohci1394 - ok

18:50:23.0187 3656 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

18:50:23.0390 3656 Parport - ok

18:50:23.0421 3656 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:50:23.0609 3656 PartMgr - ok

18:50:23.0656 3656 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:50:23.0875 3656 ParVdm - ok

18:50:23.0906 3656 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:50:24.0109 3656 PCI - ok

18:50:24.0125 3656 PCIDump - ok

18:50:24.0125 3656 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:50:24.0375 3656 PCIIde - ok

18:50:24.0390 3656 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys

18:50:24.0578 3656 Pcmcia - ok

18:50:24.0578 3656 PDCOMP - ok

18:50:24.0593 3656 PDFRAME - ok

18:50:24.0609 3656 PDRELI - ok

18:50:24.0609 3656 PDRFRAME - ok

18:50:24.0625 3656 perc2 - ok

18:50:24.0640 3656 perc2hib - ok

18:50:24.0671 3656 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe

18:50:24.0781 3656 PlugPlay - ok

18:50:24.0812 3656 [ A38B3CE68E7F126190CDE4AA3FDF050F ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe

18:50:24.0937 3656 Pml Driver HPZ12 - ok

18:50:24.0953 3656 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:50:25.0171 3656 PolicyAgent - ok

18:50:25.0203 3656 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:50:25.0390 3656 PptpMiniport - ok

18:50:25.0468 3656 [ E16774ADF65A5BE9738D33B96E64F347 ] PRISM C:\WINDOWS\system32\DRIVERS\EXPRESS.sys

18:50:25.0531 3656 PRISM - ok

18:50:25.0546 3656 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:50:25.0734 3656 ProtectedStorage - ok

18:50:25.0765 3656 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

18:50:25.0968 3656 PSched - ok

18:50:26.0000 3656 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:50:26.0234 3656 Ptilink - ok

18:50:26.0265 3656 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:50:26.0281 3656 PxHelp20 - ok

18:50:26.0281 3656 ql1080 - ok

18:50:26.0296 3656 Ql10wnt - ok

18:50:26.0312 3656 ql12160 - ok

18:50:26.0312 3656 ql1240 - ok

18:50:26.0328 3656 ql1280 - ok

18:50:26.0375 3656 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:50:26.0609 3656 RasAcd - ok

18:50:26.0640 3656 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:50:26.0828 3656 RasAuto - ok

18:50:26.0859 3656 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:50:27.0062 3656 Rasl2tp - ok

18:50:27.0109 3656 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll

18:50:27.0328 3656 RasMan - ok

18:50:27.0343 3656 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:50:27.0546 3656 RasPppoe - ok

18:50:27.0562 3656 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:50:27.0781 3656 Raspti - ok

18:50:27.0812 3656 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:50:28.0000 3656 Rdbss - ok

18:50:28.0015 3656 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:50:28.0265 3656 RDPCDD - ok

18:50:28.0328 3656 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:50:28.0359 3656 RDPWD - ok

18:50:28.0390 3656 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:50:28.0578 3656 RDSessMgr - ok

18:50:28.0625 3656 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:50:28.0812 3656 redbook - ok

18:50:28.0859 3656 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

18:50:29.0062 3656 RemoteAccess - ok

18:50:29.0093 3656 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe

18:50:29.0312 3656 RpcLocator - ok

18:50:29.0328 3656 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\System32\rpcss.dll

18:50:29.0437 3656 RpcSs - ok

18:50:29.0484 3656 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe

18:50:29.0734 3656 RSVP - ok

18:50:29.0750 3656 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe

18:50:29.0937 3656 SamSs - ok

18:50:29.0984 3656 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:50:30.0203 3656 SCardSvr - ok

18:50:30.0250 3656 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:50:30.0468 3656 Schedule - ok

18:50:30.0500 3656 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:50:30.0718 3656 Secdrv - ok

18:50:30.0750 3656 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll

18:50:31.0125 3656 seclogon - ok

18:50:31.0156 3656 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll

18:50:31.0390 3656 SENS - ok

18:50:31.0406 3656 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

18:50:31.0609 3656 serenum - ok

18:50:31.0625 3656 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

18:50:31.0812 3656 Serial - ok

18:50:31.0890 3656 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:50:32.0078 3656 Sfloppy - ok

18:50:32.0140 3656 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:50:32.0375 3656 SharedAccess - ok

18:50:32.0406 3656 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:50:32.0421 3656 ShellHWDetection - ok

18:50:32.0437 3656 Simbad - ok

18:50:32.0484 3656 [ FCBB10EEBFBCE575CA48543F40DCF4BF ] sisagp C:\WINDOWS\system32\DRIVERS\SISAGPX.sys

18:50:32.0515 3656 sisagp - ok

18:50:32.0546 3656 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys

18:50:32.0734 3656 SISNIC - ok

18:50:32.0750 3656 Sparrow - ok

18:50:32.0781 3656 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:50:33.0000 3656 splitter - ok

18:50:33.0031 3656 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:50:33.0078 3656 Spooler - ok

18:50:33.0109 3656 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:50:33.0312 3656 sr - ok

18:50:33.0359 3656 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll

18:50:33.0562 3656 srservice - ok

18:50:33.0609 3656 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:50:33.0671 3656 Srv - ok

18:50:33.0718 3656 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:50:33.0906 3656 SSDPSRV - ok

18:50:33.0953 3656 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:50:34.0187 3656 stisvc - ok

18:50:34.0218 3656 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:50:34.0421 3656 swenum - ok

18:50:34.0437 3656 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:50:34.0640 3656 swmidi - ok

18:50:34.0640 3656 SwPrv - ok

18:50:34.0671 3656 symc810 - ok

18:50:34.0687 3656 symc8xx - ok

18:50:34.0703 3656 sym_hi - ok

18:50:34.0718 3656 sym_u3 - ok

18:50:34.0781 3656 [ DECAF721585F9DB53D60D70FD064B6BB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:50:34.0796 3656 SynTP - ok

18:50:34.0843 3656 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:50:35.0046 3656 sysaudio - ok

18:50:35.0093 3656 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:50:35.0312 3656 SysmonLog - ok

18:50:35.0375 3656 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:50:35.0578 3656 TapiSrv - ok

18:50:35.0609 3656 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:50:35.0750 3656 Tcpip - ok

18:50:35.0796 3656 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:50:36.0015 3656 TDPIPE - ok

18:50:36.0015 3656 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:50:36.0234 3656 TDTCP - ok

18:50:36.0265 3656 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:50:36.0468 3656 TermDD - ok

18:50:36.0515 3656 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll

18:50:36.0718 3656 TermService - ok

18:50:36.0765 3656 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll

18:50:36.0781 3656 Themes - ok

18:50:36.0812 3656 TosIde - ok

18:50:36.0843 3656 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:50:37.0062 3656 TrkWks - ok

18:50:37.0093 3656 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:50:37.0296 3656 Udfs - ok

18:50:37.0312 3656 ultra - ok

18:50:37.0375 3656 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:50:37.0609 3656 Update - ok

18:50:37.0656 3656 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll

18:50:37.0859 3656 upnphost - ok

18:50:37.0890 3656 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe

18:50:38.0093 3656 UPS - ok

18:50:38.0125 3656 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:50:38.0328 3656 usbccgp - ok

18:50:38.0375 3656 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:50:38.0562 3656 usbehci - ok

18:50:38.0609 3656 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:50:38.0828 3656 usbhub - ok

18:50:38.0859 3656 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

18:50:39.0062 3656 usbohci - ok

18:50:39.0093 3656 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:50:39.0312 3656 usbprint - ok

18:50:39.0359 3656 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:50:39.0562 3656 usbscan - ok

18:50:39.0578 3656 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:50:39.0781 3656 USBSTOR - ok

18:50:39.0812 3656 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:50:40.0000 3656 VgaSave - ok

18:50:40.0015 3656 ViaIde - ok

18:50:40.0062 3656 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:50:40.0265 3656 VolSnap - ok

18:50:40.0312 3656 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe

18:50:40.0531 3656 VSS - ok

18:50:40.0562 3656 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll

18:50:40.0781 3656 W32Time - ok

18:50:40.0812 3656 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:50:41.0000 3656 Wanarp - ok

18:50:41.0015 3656 WDICA - ok

18:50:41.0062 3656 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:50:41.0250 3656 wdmaud - ok

18:50:41.0296 3656 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll

18:50:41.0515 3656 WebClient - ok

18:50:41.0593 3656 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:50:41.0812 3656 winmgmt - ok

18:50:41.0859 3656 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:50:41.0890 3656 WmdmPmSN - ok

18:50:41.0937 3656 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:50:42.0140 3656 WmiApSrv - ok

18:50:42.0218 3656 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:50:42.0281 3656 WMPNetworkSvc - ok

18:50:42.0328 3656 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:50:42.0562 3656 WS2IFSL - ok

18:50:42.0609 3656 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:50:42.0812 3656 wscsvc - ok

18:50:42.0843 3656 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:50:43.0046 3656 wuauserv - ok

18:50:43.0078 3656 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:50:43.0109 3656 WudfPf - ok

18:50:43.0140 3656 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:50:43.0171 3656 WudfRd - ok

18:50:43.0187 3656 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:50:43.0218 3656 WudfSvc - ok

18:50:43.0265 3656 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:50:43.0484 3656 WZCSVC - ok

18:50:43.0531 3656 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:50:43.0734 3656 xmlprov - ok

18:50:43.0750 3656 ================ Scan global ===============================

18:50:43.0781 3656 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll

18:50:43.0828 3656 [ 6D43938F4980D62E091AE2F755FC259B ] C:\WINDOWS\system32\winsrv.dll

18:50:43.0859 3656 [ 6D43938F4980D62E091AE2F755FC259B ] C:\WINDOWS\system32\winsrv.dll

18:50:43.0875 3656 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe

18:50:43.0875 3656 [Global] - ok

18:50:43.0890 3656 ================ Scan MBR ==================================

18:50:43.0906 3656 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0

18:50:44.0109 3656 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

18:50:44.0109 3656 \Device\Harddisk0\DR0 - detected TDSS File System (1)

18:50:44.0109 3656 ================ Scan VBR ==================================

18:50:44.0109 3656 [ A6D810D90453049E63E9A4C4B54DC3D8 ] \Device\Harddisk0\DR0\Partition1

18:50:44.0125 3656 \Device\Harddisk0\DR0\Partition1 - ok

18:50:44.0140 3656 [ 6E82B092BF0E74F58A62EB517BFB1668 ] \Device\Harddisk0\DR0\Partition2

18:50:44.0140 3656 \Device\Harddisk0\DR0\Partition2 - ok

18:50:44.0156 3656 ============================================================

18:50:44.0156 3656 Scan finished

18:50:44.0156 3656 ============================================================

18:50:44.0281 3344 Detected object count: 3

18:50:44.0281 3344 Actual detected object count: 3

18:51:05.0265 3344 DKbFltr ( UnsignedFile.Multi.Generic ) - skipped by user

18:51:05.0265 3344 DKbFltr ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:51:05.0265 3344 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

18:51:05.0265 3344 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:51:05.0281 3344 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

18:51:05.0281 3344 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst: (aangepast)

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

  • Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
  • Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"
    4f8d1a3bd3fbd-EmsisoftEK11.jpg
  • Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
  • Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  • Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  • Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  • Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"
    4f8d1a4d61ffa-EmsisoftEK2.jpg
  • Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  • Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  • Herstart nu de computer.

aangepast door kape
Link naar reactie
Delen op andere sites
steven02 Leerling

steven02

Geplaatst:
  • Auteur
Geplaatst:

Jion,

Met deze heb ik wel één en ander kunnen opkuisen. hieronder het Log bestand.

Emsisoft Emergency Kit - Versie 3.0

Laatste Update: 2/07/2013 19:49:01

Scaninstellingen:

Scanmodus: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, D:\

Detecteer riskware: Uit

Scan archieven: Aan

ADS Scan: Aan

Bestandsextensiefilter: Uit

Geavanceerde cache: Aan

Directe schijftoegang: Uit

Scan gestart: 2/07/2013 19:51:42

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\31\7f8aaf5f-5ca347f1 Ontdekt: Exploit.Java.CVE-2012-1723 (A)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\49\8f37e31-29441c0c -> rt0a/rt0b.class Ontdekt: Exploit.Java.Blacole.O (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\49\8f37e31-29441c0c -> rt0a/rt0c.class Ontdekt: Exploit.Java.Blacole.O (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\49\8f37e31-29441c0c -> rt0a/rt0a.class Ontdekt: Exploit.Java.Blacole.O (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\49\8f37e31-29441c0c -> rt0a/rt0d.class Ontdekt: Exploit.Java.Blacole.O (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\4\4069d904-672566c8 -> ax/os.class Ontdekt: Exploit.Java.Blacole.U (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\52\443d4974-406f99b5 -> nggcr/hpskktfpsswbwsfuaf.class Ontdekt: Exploit.Java.CVE.U (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\52\443d4974-406f99b5 -> nggcr/ugmskqqmjjjbpne.class Ontdekt: Exploit.Java.Blacole.R (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\58\1c23d47a-68b6c069 -> sa/sc.class Ontdekt: Exploit.Java.CVE-2012-0507.AI (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\58\1c23d47a-68b6c069 -> sa/sb.class Ontdekt: Exploit.Java.CVE-2012-0507.AI (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\58\1c23d47a-68b6c069 -> sa/sa.class Ontdekt: Exploit.Java.CVE-2012-0507.AI (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\58\1c23d47a-68b6c069 -> sa/M.class Ontdekt: Exploit.Java.CVE-2012-0507.AI (B)

Gescand 458703

Gevonden 12

Scan geëindigd: 2/07/2013 22:12:00

Scantijd: 2:20:18

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\58\1c23d47a-68b6c069 -> sa/sc.class Verwijderd Exploit.Java.CVE-2012-0507.AI (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\52\443d4974-406f99b5 -> nggcr/ugmskqqmjjjbpne.class Verwijderd Exploit.Java.Blacole.R (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\4\4069d904-672566c8 -> ax/os.class Verwijderd Exploit.Java.Blacole.U (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\49\8f37e31-29441c0c -> rt0a/rt0b.class Verwijderd Exploit.Java.Blacole.O (B)

C:\Documents and Settings\Mijzelf\Application Data\Sun\Java\Deployment\cache\6.0\31\7f8aaf5f-5ca347f1 Verwijderd Exploit.Java.CVE-2012-1723 (A)

Verwijderd 5

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.