Ga naar inhoud

trojaans paard

bert eskes
 Delen

Aanbevolen berichten

bert eskes Nieuweling

bert eskes

Geplaatst:
Geplaatst:

Geacht Forum,

Ik heb een virus op de computer dat ik niet kan verwijderen via AVG.

Via Google kwam ik bij jullie terecht en ik heb de stappen genomen die via Hijack genomen moesten worden.

Onderstaand vinden jullie mijn kladblok notitie.

Hopelijk kunnen jullie mij helpen.

mvg Bert Eskes

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:50:46, on 10-4-2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVG\AVG2012\avgidsagent.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\AVG\AVG2012\avgemcx.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\RALINK\Common\RaUI.exe

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = #KPN Vandaag

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do-Not-Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome\Application\18.0.1025.152\npchrome_frame.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [FlashIcon] C:\Program Files\\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261484150207

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome\Application\18.0.1025.152\npchrome_frame.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 9341 bytes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Laat daarna AVG opnieuw scannen ... en dan lezen we het resultaat hier wel ;-)

Link naar reactie
Delen op andere sites
bert eskes Nieuweling

bert eskes

Geplaatst:
  • Auteur
Geplaatst:

Beste,

Hieronder vind je het REPORT

De mogelijkheden van verwijderen die TDSSKiller gaf, heb ik nog niet gebruikt.

Wel moet ik de computer herstarten.

Ik hoor zo wel war ik nog meer moet doen??

groeten, Bert

18:32:14.0109 1084 TDSS rootkit removing tool 2.7.27.0 Apr 9 2012 09:53:37

18:32:14.0187 1084 ============================================================

18:32:14.0187 1084 Current date / time: 2012/04/10 18:32:14.0187

18:32:14.0187 1084 SystemInfo:

18:32:14.0187 1084

18:32:14.0187 1084 OS Version: 5.1.2600 ServicePack: 3.0

18:32:14.0187 1084 Product type: Workstation

18:32:14.0187 1084 ComputerName: ESKES-BOVEN

18:32:14.0187 1084 UserName: Bert

18:32:14.0187 1084 Windows directory: C:\WINDOWS

18:32:14.0187 1084 System windows directory: C:\WINDOWS

18:32:14.0187 1084 Processor architecture: Intel x86

18:32:14.0187 1084 Number of processors: 1

18:32:14.0187 1084 Page size: 0x1000

18:32:14.0187 1084 Boot type: Normal boot

18:32:14.0187 1084 ============================================================

18:32:17.0468 1084 Drive \Device\Harddisk0\DR0 - Size: 0x262AE80000 (152.67 Gb), SectorSize: 0x200, Cylinders: 0x4DD9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:32:17.0671 1084 \Device\Harddisk0\DR0:

18:32:17.0718 1084 MBR used

18:32:17.0718 1084 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6E00CCD

18:32:17.0750 1084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x6E00D4B, BlocksNum 0xC34F28D

18:32:17.0796 1084 Initialize success

18:32:17.0796 1084 ============================================================

18:32:23.0531 6012 ============================================================

18:32:23.0531 6012 Scan started

18:32:23.0531 6012 Mode: Manual;

18:32:23.0531 6012 ============================================================

18:32:24.0734 6012 2jmk6.sys - ok

18:32:24.0890 6012 Abiosdsk - ok

18:32:24.0953 6012 abp480n5 - ok

18:32:25.0015 6012 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:32:25.0046 6012 ACPI - ok

18:32:25.0156 6012 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys

18:32:25.0265 6012 ACPIEC - ok

18:32:25.0312 6012 adpu160m - ok

18:32:25.0375 6012 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

18:32:25.0390 6012 aec - ok

18:32:25.0453 6012 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys

18:32:25.0453 6012 AegisP - ok

18:32:25.0500 6012 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

18:32:25.0515 6012 AFD - ok

18:32:25.0546 6012 Aha154x - ok

18:32:25.0578 6012 aic78u2 - ok

18:32:25.0609 6012 aic78xx - ok

18:32:25.0781 6012 ALCXWDM (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

18:32:25.0906 6012 ALCXWDM - ok

18:32:25.0984 6012 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll

18:32:25.0984 6012 Alerter - ok

18:32:26.0015 6012 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe

18:32:26.0031 6012 ALG - ok

18:32:26.0062 6012 AliIde - ok

18:32:26.0093 6012 amsint - ok

18:32:26.0187 6012 APL531 (1fc8a7e5c3aed31f00940c6ab2fd9b49) C:\WINDOWS\system32\Drivers\ov550i.sys

18:32:26.0250 6012 APL531 - ok

18:32:26.0312 6012 Apple Mobile Device (5aa788d5a2c6737bb9c45933985bc1b8) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:32:26.0328 6012 Apple Mobile Device - ok

18:32:26.0406 6012 AppMgmt (434a70fa278eb3c42140e3755c2fa4f8) C:\WINDOWS\System32\appmgmts.dll

18:32:26.0421 6012 AppMgmt - ok

18:32:26.0453 6012 asc - ok

18:32:26.0500 6012 asc3350p - ok

18:32:26.0531 6012 asc3550 - ok

18:32:26.0593 6012 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:32:26.0593 6012 AsyncMac - ok

18:32:26.0625 6012 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

18:32:26.0640 6012 atapi - ok

18:32:26.0671 6012 Atdisk - ok

18:32:26.0718 6012 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:32:26.0718 6012 Atmarpc - ok

18:32:26.0796 6012 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll

18:32:26.0796 6012 AudioSrv - ok

18:32:26.0890 6012 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

18:32:26.0890 6012 audstub - ok

18:32:27.0140 6012 AVGIDSAgent (f5689fba4360be50839999882e0a9d99) C:\Program Files\AVG\AVG2012\avgidsagent.exe

18:32:27.0296 6012 AVGIDSAgent - ok

18:32:27.0359 6012 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys

18:32:27.0375 6012 AVGIDSDriver - ok

18:32:27.0421 6012 AVGIDSEH (f4050c31e6a83cf1e4cdc80d165f7f08) C:\WINDOWS\system32\DRIVERS\avgidsehx.sys

18:32:27.0421 6012 AVGIDSEH - ok

18:32:27.0453 6012 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys

18:32:27.0468 6012 AVGIDSFilter - ok

18:32:27.0500 6012 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys

18:32:27.0500 6012 AVGIDSShim - ok

18:32:27.0562 6012 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

18:32:27.0578 6012 Avgldx86 - ok

18:32:27.0609 6012 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

18:32:27.0609 6012 Avgmfx86 - ok

18:32:27.0687 6012 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

18:32:27.0687 6012 Avgrkx86 - ok

18:32:27.0734 6012 Avgtdix (b2fc9d4de6a2e57a4dfb5a11440c5b85) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

18:32:27.0750 6012 Avgtdix - ok

18:32:27.0890 6012 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

18:32:27.0906 6012 avgwd - ok

18:32:27.0937 6012 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

18:32:27.0968 6012 Beep - ok

18:32:28.0046 6012 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll

18:32:28.0109 6012 BITS - ok

18:32:28.0203 6012 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe

18:32:28.0234 6012 Bonjour Service - ok

18:32:28.0359 6012 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll

18:32:28.0375 6012 Browser - ok

18:32:28.0500 6012 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys

18:32:28.0500 6012 BrScnUsb - ok

18:32:28.0609 6012 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

18:32:28.0703 6012 cbidf2k - ok

18:32:28.0906 6012 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

18:32:28.0906 6012 CCDECODE - ok

18:32:29.0015 6012 cd20xrnt - ok

18:32:29.0078 6012 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

18:32:29.0125 6012 Cdaudio - ok

18:32:30.0062 6012 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

18:32:30.0078 6012 Cdfs - ok

18:32:30.0140 6012 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:32:30.0156 6012 Cdrom - ok

18:32:30.0265 6012 Changer - ok

18:32:30.0390 6012 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe

18:32:30.0390 6012 CiSvc - ok

18:32:30.0578 6012 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe

18:32:30.0578 6012 ClipSrv - ok

18:32:30.0625 6012 CmdIde - ok

18:32:30.0656 6012 COMSysApp - ok

18:32:30.0703 6012 Cpqarray - ok

18:32:30.0750 6012 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll

18:32:30.0750 6012 CryptSvc - ok

18:32:30.0796 6012 dac2w2k - ok

18:32:30.0968 6012 dac960nt - ok

18:32:31.0031 6012 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

18:32:31.0046 6012 DcomLaunch - ok

18:32:31.0140 6012 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll

18:32:31.0156 6012 Dhcp - ok

18:32:31.0187 6012 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

18:32:31.0187 6012 Disk - ok

18:32:31.0250 6012 dmadmin - ok

18:32:31.0312 6012 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys

18:32:31.0328 6012 dmboot - ok

18:32:31.0390 6012 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys

18:32:31.0390 6012 dmio - ok

18:32:31.0468 6012 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

18:32:31.0468 6012 dmload - ok

18:32:31.0500 6012 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll

18:32:31.0500 6012 dmserver - ok

18:32:31.0546 6012 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

18:32:31.0562 6012 DMusic - ok

18:32:31.0593 6012 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll

18:32:31.0609 6012 Dnscache - ok

18:32:31.0687 6012 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll

18:32:31.0703 6012 Dot3svc - ok

18:32:31.0734 6012 dpti2o - ok

18:32:31.0796 6012 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

18:32:31.0812 6012 drmkaud - ok

18:32:31.0875 6012 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll

18:32:31.0875 6012 EapHost - ok

18:32:31.0937 6012 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll

18:32:31.0937 6012 ERSvc - ok

18:32:32.0000 6012 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

18:32:32.0015 6012 Eventlog - ok

18:32:32.0093 6012 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll

18:32:32.0109 6012 EventSystem - ok

18:32:32.0171 6012 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

18:32:32.0187 6012 Fastfat - ok

18:32:32.0281 6012 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

18:32:32.0281 6012 FastUserSwitchingCompatibility - ok

18:32:32.0312 6012 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

18:32:32.0328 6012 Fdc - ok

18:32:32.0359 6012 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys

18:32:32.0421 6012 Fips - ok

18:32:32.0500 6012 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:32:32.0500 6012 Flpydisk - ok

18:32:32.0562 6012 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

18:32:32.0578 6012 FltMgr - ok

18:32:32.0609 6012 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:32:32.0656 6012 Fs_Rec - ok

18:32:32.0734 6012 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:32:32.0734 6012 Ftdisk - ok

18:32:32.0796 6012 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys

18:32:32.0796 6012 gameenum - ok

18:32:32.0906 6012 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:32:32.0906 6012 Gpc - ok

18:32:33.0031 6012 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

18:32:33.0062 6012 gupdate - ok

18:32:33.0078 6012 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

18:32:33.0078 6012 gupdatem - ok

18:32:33.0125 6012 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:32:33.0140 6012 gusvc - ok

18:32:33.0218 6012 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:32:33.0218 6012 helpsvc - ok

18:32:33.0281 6012 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll

18:32:33.0281 6012 HidServ - ok

18:32:33.0343 6012 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:32:33.0359 6012 hidusb - ok

18:32:33.0421 6012 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll

18:32:33.0421 6012 hkmsvc - ok

18:32:33.0468 6012 hpn - ok

18:32:33.0609 6012 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

18:32:33.0625 6012 HTTP - ok

18:32:33.0687 6012 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll

18:32:33.0687 6012 HTTPFilter - ok

18:32:33.0718 6012 i2omgmt - ok

18:32:33.0750 6012 i2omp - ok

18:32:33.0828 6012 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:32:33.0828 6012 i8042prt - ok

18:32:33.0937 6012 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

18:32:33.0937 6012 Imapi - ok

18:32:33.0984 6012 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe

18:32:34.0015 6012 ImapiService - ok

18:32:34.0062 6012 ini910u - ok

18:32:34.0109 6012 IntelIde - ok

18:32:34.0140 6012 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

18:32:34.0140 6012 Ip6Fw - ok

18:32:34.0203 6012 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:32:34.0203 6012 IpFilterDriver - ok

18:32:34.0281 6012 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:32:34.0281 6012 IpInIp - ok

18:32:34.0328 6012 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:32:34.0343 6012 IpNat - ok

18:32:34.0406 6012 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:32:34.0421 6012 IPSec - ok

18:32:34.0468 6012 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

18:32:34.0468 6012 IRENUM - ok

18:32:34.0546 6012 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:32:34.0546 6012 isapnp - ok

18:32:34.0609 6012 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe

18:32:34.0625 6012 JavaQuickStarterService - ok

18:32:34.0687 6012 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:32:34.0687 6012 Kbdclass - ok

18:32:34.0734 6012 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:32:34.0734 6012 kbdhid - ok

18:32:34.0796 6012 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

18:32:34.0796 6012 kmixer - ok

18:32:34.0890 6012 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

18:32:34.0890 6012 KSecDD - ok

18:32:34.0984 6012 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll

18:32:34.0984 6012 lanmanserver - ok

18:32:35.0031 6012 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll

18:32:35.0046 6012 lanmanworkstation - ok

18:32:35.0078 6012 lbrtfdc - ok

18:32:35.0156 6012 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll

18:32:35.0156 6012 LmHosts - ok

18:32:35.0203 6012 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll

18:32:35.0203 6012 Messenger - ok

18:32:35.0296 6012 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

18:32:35.0343 6012 mnmdd - ok

18:32:35.0406 6012 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe

18:32:35.0406 6012 mnmsrvc - ok

18:32:35.0484 6012 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys

18:32:35.0531 6012 Modem - ok

18:32:35.0578 6012 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:32:35.0578 6012 Mouclass - ok

18:32:35.0656 6012 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:32:35.0656 6012 mouhid - ok

18:32:35.0734 6012 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

18:32:35.0734 6012 MountMgr - ok

18:32:35.0812 6012 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys

18:32:35.0812 6012 MpFilter - ok

18:32:36.0015 6012 MpKsl91dd6cc5 (a69630d039c38018689190234f866d77) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7A641C02-DED6-4D17-9355-CBE91DF59C75}\MpKsl91dd6cc5.sys

18:32:36.0015 6012 MpKsl91dd6cc5 - ok

18:32:36.0062 6012 mraid35x - ok

18:32:36.0109 6012 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:32:36.0125 6012 MRxDAV - ok

18:32:36.0187 6012 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:32:36.0234 6012 MRxSmb - ok

18:32:36.0265 6012 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe

18:32:36.0281 6012 MSDTC - ok

18:32:36.0328 6012 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

18:32:36.0328 6012 Msfs - ok

18:32:36.0359 6012 MSIServer - ok

18:32:36.0406 6012 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:32:36.0406 6012 MSKSSRV - ok

18:32:36.0500 6012 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

18:32:36.0515 6012 MsMpSvc - ok

18:32:36.0593 6012 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:32:36.0609 6012 MSPCLOCK - ok

18:32:36.0656 6012 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

18:32:36.0656 6012 MSPQM - ok

18:32:36.0718 6012 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:32:36.0718 6012 mssmbios - ok

18:32:36.0781 6012 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

18:32:36.0781 6012 MSTEE - ok

18:32:36.0953 6012 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

18:32:36.0953 6012 Mup - ok

18:32:37.0000 6012 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

18:32:37.0000 6012 NABTSFEC - ok

18:32:37.0078 6012 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll

18:32:37.0093 6012 napagent - ok

18:32:37.0171 6012 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

18:32:37.0187 6012 NDIS - ok

18:32:37.0250 6012 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

18:32:37.0250 6012 NdisIP - ok

18:32:37.0312 6012 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:32:37.0312 6012 NdisTapi - ok

18:32:37.0375 6012 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:32:37.0375 6012 Ndisuio - ok

18:32:37.0453 6012 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:32:37.0453 6012 NdisWan - ok

18:32:37.0500 6012 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

18:32:37.0515 6012 NDProxy - ok

18:32:37.0562 6012 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

18:32:37.0562 6012 NetBIOS - ok

18:32:37.0640 6012 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

18:32:37.0656 6012 NetBT - ok

18:32:37.0718 6012 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

18:32:37.0734 6012 NetDDE - ok

18:32:37.0734 6012 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe

18:32:37.0750 6012 NetDDEdsdm - ok

18:32:37.0796 6012 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

18:32:37.0796 6012 Netlogon - ok

18:32:37.0921 6012 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll

18:32:37.0953 6012 Netman - ok

18:32:38.0000 6012 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll

18:32:38.0015 6012 Nla - ok

18:32:38.0093 6012 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

18:32:38.0109 6012 Npfs - ok

18:32:38.0156 6012 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

18:32:38.0171 6012 Ntfs - ok

18:32:38.0218 6012 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

18:32:38.0218 6012 NtLmSsp - ok

18:32:38.0281 6012 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll

18:32:38.0296 6012 NtmsSvc - ok

18:32:38.0375 6012 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

18:32:38.0421 6012 Null - ok

18:32:38.0578 6012 nv (9e1f2f09e34c92a96b9900b6a45d5026) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:32:38.0671 6012 nv - ok

18:32:38.0734 6012 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

18:32:38.0765 6012 NVENETFD - ok

18:32:38.0796 6012 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

18:32:38.0812 6012 nvnetbus - ok

18:32:38.0921 6012 NVSvc (0b24ab7cc5b7ed2aa7f438a4072459f4) C:\WINDOWS\system32\nvsvc32.exe

18:32:38.0953 6012 NVSvc - ok

18:32:39.0046 6012 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:32:39.0046 6012 NwlnkFlt - ok

18:32:39.0093 6012 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:32:39.0093 6012 NwlnkFwd - ok

18:32:39.0187 6012 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:32:39.0203 6012 odserv - ok

18:32:39.0250 6012 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:32:39.0296 6012 ose - ok

18:32:39.0375 6012 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys

18:32:39.0375 6012 Parport - ok

18:32:39.0437 6012 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

18:32:39.0437 6012 PartMgr - ok

18:32:39.0500 6012 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

18:32:39.0500 6012 ParVdm - ok

18:32:39.0546 6012 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys

18:32:39.0546 6012 PCI - ok

18:32:39.0578 6012 PCIDump - ok

18:32:39.0625 6012 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

18:32:39.0625 6012 PCIIde - ok

18:32:39.0703 6012 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys

18:32:39.0734 6012 Pcmcia - ok

18:32:39.0781 6012 PDCOMP - ok

18:32:39.0812 6012 PDFRAME - ok

18:32:39.0843 6012 PDRELI - ok

18:32:39.0953 6012 PDRFRAME - ok

18:32:39.0984 6012 perc2 - ok

18:32:39.0984 6012 perc2hib - ok

18:32:40.0093 6012 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe

18:32:40.0093 6012 PlugPlay - ok

18:32:40.0171 6012 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

18:32:40.0171 6012 PolicyAgent - ok

18:32:40.0265 6012 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:32:40.0281 6012 PptpMiniport - ok

18:32:40.0312 6012 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys

18:32:40.0328 6012 Processor - ok

18:32:40.0343 6012 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

18:32:40.0343 6012 ProtectedStorage - ok

18:32:40.0406 6012 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

18:32:40.0421 6012 PSched - ok

18:32:40.0500 6012 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:32:40.0500 6012 Ptilink - ok

18:32:40.0531 6012 ql1080 - ok

18:32:40.0562 6012 Ql10wnt - ok

18:32:40.0593 6012 ql12160 - ok

18:32:40.0625 6012 ql1240 - ok

18:32:40.0656 6012 ql1280 - ok

18:32:40.0703 6012 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:32:40.0703 6012 RasAcd - ok

18:32:40.0765 6012 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll

18:32:40.0765 6012 RasAuto - ok

18:32:40.0828 6012 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:32:40.0843 6012 Rasl2tp - ok

18:32:41.0000 6012 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll

18:32:41.0015 6012 RasMan - ok

18:32:41.0062 6012 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:32:41.0062 6012 RasPppoe - ok

18:32:41.0125 6012 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

18:32:41.0125 6012 Raspti - ok

18:32:41.0187 6012 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:32:41.0203 6012 Rdbss - ok

18:32:41.0281 6012 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:32:41.0281 6012 RDPCDD - ok

18:32:41.0359 6012 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:32:41.0359 6012 rdpdr - ok

18:32:41.0468 6012 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

18:32:41.0484 6012 RDPWD - ok

18:32:41.0531 6012 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe

18:32:41.0531 6012 RDSessMgr - ok

18:32:41.0593 6012 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys

18:32:41.0609 6012 redbook - ok

18:32:41.0687 6012 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll

18:32:41.0687 6012 RemoteAccess - ok

18:32:41.0750 6012 RemoteRegistry (2fd5b89bf9289c774c5c730dea96cd91) C:\WINDOWS\system32\regsvc.dll

18:32:41.0750 6012 RemoteRegistry - ok

18:32:41.0812 6012 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe

18:32:41.0812 6012 RpcLocator - ok

18:32:42.0328 6012 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll

18:32:42.0343 6012 RpcSs - ok

18:32:42.0406 6012 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe

18:32:42.0421 6012 RSVP - ok

18:32:42.0500 6012 RT73 (da4980fad2b7d86d6ed8e35e3874f65e) C:\WINDOWS\system32\DRIVERS\rt73.sys

18:32:42.0531 6012 RT73 - ok

18:32:42.0562 6012 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe

18:32:42.0578 6012 SamSs - ok

18:32:42.0625 6012 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe

18:32:42.0625 6012 SCardSvr - ok

18:32:42.0718 6012 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll

18:32:42.0734 6012 Schedule - ok

18:32:42.0812 6012 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:32:42.0812 6012 Secdrv - ok

18:32:42.0921 6012 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll

18:32:42.0921 6012 seclogon - ok

18:32:42.0968 6012 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll

18:32:42.0968 6012 SENS - ok

18:32:43.0031 6012 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

18:32:43.0031 6012 serenum - ok

18:32:43.0109 6012 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys

18:32:43.0125 6012 Serial - ok

18:32:43.0171 6012 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

18:32:43.0203 6012 Sfloppy - ok

18:32:43.0296 6012 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll

18:32:43.0312 6012 SharedAccess - ok

18:32:43.0390 6012 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

18:32:43.0390 6012 ShellHWDetection - ok

18:32:43.0421 6012 Simbad - ok

18:32:43.0500 6012 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

18:32:43.0500 6012 SLIP - ok

18:32:43.0562 6012 Sparrow - ok

18:32:43.0625 6012 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

18:32:43.0625 6012 splitter - ok

18:32:43.0703 6012 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

18:32:43.0703 6012 Spooler - ok

18:32:43.0781 6012 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys

18:32:43.0781 6012 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

18:32:43.0781 6012 sptd ( LockedFile.Multi.Generic ) - warning

18:32:43.0781 6012 sptd - detected LockedFile.Multi.Generic (1)

18:32:43.0843 6012 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys

18:32:43.0843 6012 sr - ok

18:32:43.0953 6012 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll

18:32:43.0968 6012 srservice - ok

18:32:44.0015 6012 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

18:32:44.0031 6012 Srv - ok

18:32:44.0078 6012 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll

18:32:44.0078 6012 SSDPSRV - ok

18:32:44.0156 6012 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll

18:32:44.0171 6012 stisvc - ok

18:32:44.0250 6012 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

18:32:44.0250 6012 streamip - ok

18:32:44.0328 6012 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

18:32:44.0328 6012 swenum - ok

18:32:44.0375 6012 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

18:32:44.0390 6012 swmidi - ok

18:32:44.0421 6012 SwPrv - ok

18:32:44.0484 6012 symc810 - ok

18:32:44.0515 6012 symc8xx - ok

18:32:44.0562 6012 sym_hi - ok

18:32:44.0609 6012 sym_u3 - ok

18:32:44.0656 6012 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

18:32:44.0656 6012 sysaudio - ok

18:32:44.0750 6012 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe

18:32:44.0750 6012 SysmonLog - ok

18:32:44.0828 6012 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll

18:32:44.0843 6012 TapiSrv - ok

18:32:45.0000 6012 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:32:45.0015 6012 Tcpip - ok

18:32:45.0093 6012 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

18:32:45.0187 6012 TDPIPE - ok

18:32:45.0250 6012 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

18:32:45.0250 6012 TDTCP - ok

18:32:45.0312 6012 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

18:32:45.0312 6012 TermDD - ok

18:32:45.0390 6012 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll

18:32:45.0406 6012 TermService - ok

18:32:45.0484 6012 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll

18:32:45.0500 6012 Themes - ok

18:32:45.0562 6012 TlntSvr (78a2fe13662a119875f10e9ffcb49a8f) C:\WINDOWS\system32\tlntsvr.exe

18:32:45.0562 6012 TlntSvr - ok

18:32:45.0640 6012 TosIde - ok

18:32:45.0703 6012 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll

18:32:45.0703 6012 TrkWks - ok

18:32:45.0781 6012 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

18:32:45.0843 6012 Udfs - ok

18:32:45.0937 6012 ultra - ok

18:32:45.0984 6012 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

18:32:46.0000 6012 Update - ok

18:32:46.0062 6012 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll

18:32:46.0093 6012 upnphost - ok

18:32:46.0171 6012 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe

18:32:46.0171 6012 UPS - ok

18:32:46.0250 6012 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:32:46.0265 6012 usbccgp - ok

18:32:46.0312 6012 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:32:46.0312 6012 usbehci - ok

18:32:46.0359 6012 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:32:46.0359 6012 usbhub - ok

18:32:46.0406 6012 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

18:32:46.0406 6012 usbohci - ok

18:32:46.0453 6012 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:32:46.0468 6012 usbprint - ok

18:32:46.0531 6012 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:32:46.0531 6012 usbstor - ok

18:32:46.0593 6012 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

18:32:46.0593 6012 VgaSave - ok

18:32:46.0625 6012 ViaIde - ok

18:32:46.0671 6012 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys

18:32:46.0687 6012 VolSnap - ok

18:32:46.0750 6012 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe

18:32:46.0765 6012 VSS - ok

18:32:46.0828 6012 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll

18:32:46.0843 6012 W32Time - ok

18:32:46.0984 6012 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:32:46.0984 6012 Wanarp - ok

18:32:47.0031 6012 WDICA - ok

18:32:47.0078 6012 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

18:32:47.0078 6012 wdmaud - ok

18:32:47.0109 6012 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll

18:32:47.0109 6012 WebClient - ok

18:32:47.0171 6012 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll

18:32:47.0187 6012 winmgmt - ok

18:32:47.0281 6012 WmdmPmSN (2628076412ec86c92827ae5202501e5d) C:\WINDOWS\system32\mspmsnsv.dll

18:32:47.0281 6012 WmdmPmSN - ok

18:32:47.0375 6012 Wmi (93f8eb8c7cd4e325ec92edbfc545103d) C:\WINDOWS\System32\advapi32.dll

18:32:47.0390 6012 Wmi - ok

18:32:47.0500 6012 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:32:47.0500 6012 WmiApSrv - ok

18:32:47.0578 6012 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll

18:32:47.0578 6012 wscsvc - ok

18:32:47.0656 6012 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

18:32:47.0656 6012 WSTCODEC - ok

18:32:47.0718 6012 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll

18:32:47.0718 6012 wuauserv - ok

18:32:47.0796 6012 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll

18:32:47.0828 6012 WZCSVC - ok

18:32:47.0953 6012 xcpip - ok

18:32:48.0000 6012 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll

18:32:48.0031 6012 xmlprov - ok

18:32:48.0062 6012 xpsec - ok

18:32:48.0203 6012 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0

18:32:48.0203 6012 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

18:32:48.0203 6012 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

18:32:48.0218 6012 Boot (0x1200) (090fee4fc7bb1e8028fe6641222b9b00) \Device\Harddisk0\DR0\Partition0

18:32:48.0218 6012 \Device\Harddisk0\DR0\Partition0 - ok

18:32:48.0250 6012 Boot (0x1200) (17d12e94e565fc5005d2b1e46fa38200) \Device\Harddisk0\DR0\Partition1

18:32:48.0265 6012 \Device\Harddisk0\DR0\Partition1 - ok

18:32:48.0265 6012 ============================================================

18:32:48.0265 6012 Scan finished

18:32:48.0265 6012 ============================================================

18:32:48.0281 4604 Detected object count: 2

18:32:48.0281 4604 Actual detected object count: 2

18:35:55.0609 4604 sptd ( LockedFile.Multi.Generic ) - skipped by user

18:35:55.0609 4604 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

18:35:56.0062 4604 \Device\Harddisk0\DR0\# - copied to quarantine

18:35:56.0343 4604 \Device\Harddisk0\DR0 - copied to quarantine

18:35:56.0468 4604 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot

18:35:56.0468 4604 \Device\Harddisk0\DR0 - ok

18:35:56.0468 4604 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Heb even je topic heropend, want er moeten nog wat restjes van de besmetting opgeruimd worden.

HijackThis en TDSSKiller zijn enkel nodig bij probleemoplossing. Deze mag je dus beiden manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Prestaties en Onderhoud -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

Indien dit allemaal probleemloos verlopen is, mag je hieronder definitief op "markeer als opgelost" tokkelen !

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.