Vraag & Antwoord

Beveiliging & privacy

Mijn pc is heel traag!

35 antwoorden
  • Mijn pc is de laatste tijd heel erg traag. Als ik op internet ga, dan loopt mijn cpu al op tot 98%. dan zijn de services.exe firefox.exe en plugin-container.exe cpu heel erg hoog Als u dit kan oplossen, is mijn dank heel erg groot R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\veiligheidspakket\NRS\iescript\baselitmus.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\veiligheidspakket\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "c:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\veiligheidspakket\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\veiligheidspakket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [daemon] C:\Documents and Settings\John en Sabine\Application Data\daemon.exe O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; BRI/2; HYVES)" -"http://static.funnygames.nl/games/5/275/275.dcr" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\veiligheidspakket\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\veiligheidspakket\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\veiligheidspakket\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\veiligheidspakket\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 9273 bytes Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.04.04.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 John en Sabine :: EMACHINE-122583 [administrator] 4-4-2012 18:23:12 mbam-log-2012-04-04 (18-23-12).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 197308 Verstreken tijd: 6 minuut/minuten, 29 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 12 C:\Documents and Settings\J en S\Application Data\x0000.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\J en S\Application Data\x0001.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\J en S\Application Data\x0002.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\J en S\Application Data\x0003.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\J en S\Application Data\x0004.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\J en S\Application Data\x0005.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\LocalService\Application Data\x0000.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\LocalService\Application Data\x0001.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\LocalService\Application Data\x0002.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\LocalService\Application Data\x0003.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\LocalService\Application Data\x0004.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\LocalService\Application Data\x0005.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  • Hallo Bulla, [img:3d7de0f3c8]http://www.smartestcomputing.us.com/public/style_emoticons/default/smiley_says_hello.gif[/img:3d7de0f3c8]welkom op dit geweldige forum. [b:3d7de0f3c8]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:3d7de0f3c8] [color=#0000FF:3d7de0f3c8][list:3d7de0f3c8][*:3d7de0f3c8]Lees telkens elke instruktie eerst goed door. [*:3d7de0f3c8]De gegeven instrukties gelden alleen jouw Windows. [*:3d7de0f3c8]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat mogelijk serieuze problemen in Windows veroorzaken. [*:3d7de0f3c8][b:3d7de0f3c8]Installeer geen nieuwe programma's, updates of nieuwe hardware terwijl we met de fix bezig zijn. [*:3d7de0f3c8]Gebruik ook geen andere programma's of tools dan diegenen waartoe ik opdracht geef.[/b:3d7de0f3c8] [*:3d7de0f3c8] Emoticons (smileys) a.u.b. uitzetten, wanneer je een log post. [*:3d7de0f3c8]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:3d7de0f3c8]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:3d7de0f3c8]Ook indien je iets niet begrijpt, meldt dat dan. [*:3d7de0f3c8]De fix, eenmaal gestart, dient afgewerkt te worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:3d7de0f3c8][/color:3d7de0f3c8] [color=#FF0000:3d7de0f3c8][b:3d7de0f3c8]Stap •1•[/b:3d7de0f3c8][/color:3d7de0f3c8] [b:3d7de0f3c8]Welk programma[/b:3d7de0f3c8]: Trend Micro [b:3d7de0f3c8]Hijack This Versie 2.0.4[/b:3d7de0f3c8] [b:3d7de0f3c8]Waarvoor/waarom[/b:3d7de0f3c8]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:3d7de0f3c8]Moeilijkheidsgraad[/b:3d7de0f3c8]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:3d7de0f3c8]Download[/b:3d7de0f3c8] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:3d7de0f3c8]HijackThis Installer[/b:3d7de0f3c8][/url] [b:3d7de0f3c8]Installatie[/b:3d7de0f3c8]: [list:3d7de0f3c8][*:3d7de0f3c8]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:3d7de0f3c8] Gebruikers van [b:3d7de0f3c8]Windows Vista[/b:3d7de0f3c8] en [b:3d7de0f3c8]Windows 7[/b:3d7de0f3c8] gaan daarna naar de installatielokatie van HijackThis. [list:3d7de0f3c8][*:3d7de0f3c8]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen. [*:3d7de0f3c8]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren". [*:3d7de0f3c8]Als laatste wordt dan nog op [b:3d7de0f3c8]Toepassen[/b:3d7de0f3c8] en [b:3d7de0f3c8]OK[/b:3d7de0f3c8] geklikt[/list:u:3d7de0f3c8] [b:3d7de0f3c8]Hijack This gebruiken[/b:3d7de0f3c8]: [list:3d7de0f3c8][*:3d7de0f3c8]Sluit eerst alle openstaande programma's en de webbrowsers. [*:3d7de0f3c8]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:3d7de0f3c8][*:3d7de0f3c8]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:3d7de0f3c8] [*:3d7de0f3c8]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:3d7de0f3c8]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht. [*:3d7de0f3c8]Hierna mag je Hijack This weer sluiten[/list:u:3d7de0f3c8] [color=#FF0000:3d7de0f3c8][b:3d7de0f3c8]Stap •2•[/b:3d7de0f3c8][/color:3d7de0f3c8] [b:3d7de0f3c8]Welk programma[/b:3d7de0f3c8]: Malwarebytes MBAM [b:3d7de0f3c8]Waarvoor/waarom[/b:3d7de0f3c8]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:3d7de0f3c8]Moeilijkheidsgraad[/b:3d7de0f3c8]: geen. [b:3d7de0f3c8]Download Malwarebytes MBAM via één van deze locaties[/b:3d7de0f3c8]: [list:3d7de0f3c8][*:3d7de0f3c8][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:3d7de0f3c8]Softpedia.com[/b:3d7de0f3c8][/url][*:3d7de0f3c8][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:3d7de0f3c8]Majorgeeks.com[/b:3d7de0f3c8][/url][/list:u:3d7de0f3c8] [b:3d7de0f3c8]Allereerst[/b:3d7de0f3c8]:[list:3d7de0f3c8][*:3d7de0f3c8] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:3d7de0f3c8] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:3d7de0f3c8] [b:3d7de0f3c8]Malwarebytes MBAM opstarten[/b:3d7de0f3c8]: [list:3d7de0f3c8][*:3d7de0f3c8] [b:3d7de0f3c8][color=#0000FF:3d7de0f3c8]Sluit nu eerst alle nog openstaande programmavensters![/color:3d7de0f3c8][/b:3d7de0f3c8] [list:3d7de0f3c8][*:3d7de0f3c8][b:3d7de0f3c8][color=#0000FF:3d7de0f3c8]Windows 2000[/color:3d7de0f3c8][/b:3d7de0f3c8] en [color=#0000FF:3d7de0f3c8][b:3d7de0f3c8]Windows XP[/b:3d7de0f3c8][/color:3d7de0f3c8]: start MBAM middels dubbelklik op de snelkoppeling. [*:3d7de0f3c8][color=#0000FF:3d7de0f3c8][b:3d7de0f3c8]Windows Vista[/b:3d7de0f3c8][/color:3d7de0f3c8] en [color=#0000FF:3d7de0f3c8][b:3d7de0f3c8]Windows 7[/b:3d7de0f3c8][/color:3d7de0f3c8]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:3d7de0f3c8][/list:u:3d7de0f3c8] [list:3d7de0f3c8][*:3d7de0f3c8][b:3d7de0f3c8]Let op:[/b:3d7de0f3c8] [list:3d7de0f3c8][*:3d7de0f3c8]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:3d7de0f3c8]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:3d7de0f3c8]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:3d7de0f3c8]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:3d7de0f3c8] [img:3d7de0f3c8]http://img30.imageshack.us/img30/3928/mbam2.png[/img:3d7de0f3c8] [*:3d7de0f3c8][b:3d7de0f3c8]Doe ook nog het volgende:[/b:3d7de0f3c8] [list:3d7de0f3c8][*:3d7de0f3c8]Zodra het programma gestart is, ga dan naar het tabblad "[b:3d7de0f3c8]Instellingen[/b:3d7de0f3c8]". [*:3d7de0f3c8]Vink hier aan: "[b:3d7de0f3c8]Sluit Internet Explorer tijdens verwijdering van malware[/b:3d7de0f3c8]".[/list:u:3d7de0f3c8][/list:u:3d7de0f3c8] [b:3d7de0f3c8]Scannen[/b:3d7de0f3c8]: [list:3d7de0f3c8][*:3d7de0f3c8] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:3d7de0f3c8]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:3d7de0f3c8]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:3d7de0f3c8] [b:3d7de0f3c8]Infecties gevonden[/b:3d7de0f3c8]: [list:3d7de0f3c8][*:3d7de0f3c8]Klik nu eerst op OK om de melding weg te klikken [*:3d7de0f3c8]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:3d7de0f3c8]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:3d7de0f3c8]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:3d7de0f3c8]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:3d7de0f3c8]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:3d7de0f3c8] [b:3d7de0f3c8]MBAM-Log[/b:3d7de0f3c8]: [list:3d7de0f3c8][*:3d7de0f3c8] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:3d7de0f3c8] [b:3d7de0f3c8]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:3d7de0f3c8] [color=#FF0000:3d7de0f3c8][b:3d7de0f3c8]Stap •3•[/b:3d7de0f3c8][/color:3d7de0f3c8] [b:3d7de0f3c8]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:3d7de0f3c8] [list:3d7de0f3c8][*:3d7de0f3c8] een Hijackthis-log [*:3d7de0f3c8] MBAM scanlog[/list:u:3d7de0f3c8]
  • Bedankt voor welkom & het helpen! Ik hoop dat ik het zo goed heb gedaan! Ik heb de 2 logs in de topic starter gezet!
  • Geen flauw idee wat je gedaan hebt. Logs dien je in dit topic in je berichten mee te posten via kopiëren en plakken.
  • In mijn eerste bericht staan de logs.
  • Het HijackThis-log is niet compleet. Post het nogmaals en dan kompleet in jouw volgende bericht.
  • Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:18:59, on 4-4-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe C:\Program Files\veiligheidspakket\Anti-Virus\fsgk32st.exe C:\Program Files\veiligheidspakket\Common\FSMA32.EXE C:\Program Files\veiligheidspakket\Anti-Virus\FSGK32.EXE C:\Program Files\veiligheidspakket\Common\FSHDLL32.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Ralink\Common\RaRegistry.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\veiligheidspakket\FWES\Program\fsdfwd.exe C:\Program Files\veiligheidspakket\Anti-Virus\fssm32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\veiligheidspakket\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\BigFix\bigfix.exe C:\Program Files\Ralink\Common\RaUI.exe C:\Program Files\veiligheidspakket\Anti-Virus\fsav32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hyves.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Hyves R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:5220 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\veiligheidspakket\NRS\iescript\baselitmus.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\veiligheidspakket\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "c:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\veiligheidspakket\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\veiligheidspakket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [daemon] C:\Documents and Settings\John en Sabine\Application Data\daemon.exe O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; BRI/2; HYVES)" -"http://static.funnygames.nl/games/5/275/275.dcr" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\veiligheidspakket\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\veiligheidspakket\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\veiligheidspakket\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\veiligheidspakket\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 9364 bytes
  • Jouw Windows is mede traag doordat er nog Norton onderdelen aktief zijn, die dus met F-Secure in de clinch liggen! Gebruik daarom het [b:49aa96c6e4]Norton-verwijderingsprogramma[/b:49aa96c6e4] om je PC van Norton te bevrijden: http://service1.symantec.com/support/inter/tsgeninfointl.nsf/nl_docid/20050411155130924?OpenDocument&seg=hm&lg=nl&ct=nl Post hierna een nieuw Hijack This-log.
  • Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:41:16, on 4-4-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe C:\Program Files\veiligheidspakket\Anti-Virus\fsgk32st.exe C:\Program Files\veiligheidspakket\Common\FSMA32.EXE C:\Program Files\veiligheidspakket\Anti-Virus\FSGK32.EXE C:\Program Files\veiligheidspakket\Common\FSHDLL32.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Ralink\Common\RaRegistry.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\veiligheidspakket\FWES\Program\fsdfwd.exe C:\Program Files\veiligheidspakket\Anti-Virus\fssm32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\veiligheidspakket\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\BigFix\bigfix.exe C:\Program Files\Ralink\Common\RaUI.exe C:\Program Files\veiligheidspakket\Anti-Virus\fsav32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hyves.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Hyves R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:5220 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\veiligheidspakket\NRS\iescript\baselitmus.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\veiligheidspakket\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "c:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\veiligheidspakket\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\veiligheidspakket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [daemon] C:\Documents and Settings\John en Sabine\Application Data\daemon.exe O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; BRI/2; HYVES)" -"http://static.funnygames.nl/games/5/275/275.dcr" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\veiligheidspakket\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\veiligheidspakket\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\veiligheidspakket\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\veiligheidspakket\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 9217 bytes
  • Vertel nu eerst hoe het nu gaat.
  • Nog steeds erg sloom.. als ik bijv na de site van nos ga en de stream van de voetbalwedstrijd nu wil kijken.. dan hapert ie continu en is de cpu 100%
  • Dan gaan we nu dieper kijken in jouw Windows. [color=#FF0000:5eda9ba813][b:5eda9ba813]Stap •1•[/b:5eda9ba813][/color:5eda9ba813] [b:5eda9ba813]Welk programma[/b:5eda9ba813]: [b:5eda9ba813]TDSSStarter.exe[/b:5eda9ba813] [b:5eda9ba813]Waarvoor/waarom[/b:5eda9ba813]: Rootkitscanner [b:5eda9ba813]Moeilijkheidsgraad[/b:5eda9ba813]: geen Download [b:5eda9ba813][url=http://home.kpn.nl/stefsmeenk/tools/TDSSKStarter.exe]TDSSStarter[/url][/b:5eda9ba813] naar het bureaublad. [b:5eda9ba813]"TDSSSStarter.exe" gebruiken[/b:5eda9ba813]: [list:5eda9ba813][*:5eda9ba813] [b:5eda9ba813][color=#0000FF:5eda9ba813]Sluit nu eerst alle nog openstaande programmavensters![/color:5eda9ba813][/b:5eda9ba813] [list:5eda9ba813][*:5eda9ba813][b:5eda9ba813][color=#0000FF:5eda9ba813]Windows 2000[/color:5eda9ba813][/b:5eda9ba813] en [color=#0000FF:5eda9ba813][b:5eda9ba813]Windows XP[/b:5eda9ba813][/color:5eda9ba813]: start het tool middels dubbelklik op "[i:5eda9ba813] TDSSStarter .exe[/i:5eda9ba813]". [*:5eda9ba813][color=#0000FF:5eda9ba813][b:5eda9ba813]Windows Vista[/b:5eda9ba813][/color:5eda9ba813] en [color=#0000FF:5eda9ba813][b:5eda9ba813]Windows 7[/b:5eda9ba813][/color:5eda9ba813]: start het tool middels rechtsklik op "[i:5eda9ba813]TDSSStarter.exe[/i:5eda9ba813]" en dan kiezen voor [i:5eda9ba813][b:5eda9ba813]Als Administrator uitvoeren[/b:5eda9ba813][/i:5eda9ba813].[/list:u:5eda9ba813] [*:5eda9ba813]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten. [*:5eda9ba813]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:5eda9ba813] [color=#FF0000:5eda9ba813][b:5eda9ba813]Stap •2•[/b:5eda9ba813][/color:5eda9ba813] [b:5eda9ba813]Welk programma[/b:5eda9ba813]: ComboFix [b:5eda9ba813]Waarvoor/waarom[/b:5eda9ba813]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:5eda9ba813]Moeilijkheidsgraad[/b:5eda9ba813]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:5eda9ba813]Downloadlokatie[/b:5eda9ba813]: Dit programma absoluut naar het bureaublad downloaden! [b:5eda9ba813]Download ComboFix via één van deze locaties[/b:5eda9ba813]: [list:5eda9ba813][*:5eda9ba813][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:5eda9ba813]Bleepingcomputer[/b:5eda9ba813][/url] [*:5eda9ba813][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:5eda9ba813]ForoSpyware[/b:5eda9ba813][/url] [*:5eda9ba813][url=http://subs.geekstogo.com/ComboFix.exe][b:5eda9ba813]Geekstogo[/b:5eda9ba813][/url][/list:u:5eda9ba813] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:5eda9ba813]Hier[/b:5eda9ba813][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:5eda9ba813]Hier[/b:5eda9ba813][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:5eda9ba813]hier[/b:5eda9ba813][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:5eda9ba813]Voor alle duidelijkheid nogmaals[/b:5eda9ba813]: ComboFix dient vanaf het bureaublad gestart te worden. [b:5eda9ba813]Opmerkingen[/b:5eda9ba813]: [list:5eda9ba813][*:5eda9ba813] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:5eda9ba813] [b:5eda9ba813]ComboFix opstarten[/b:5eda9ba813]: [list:5eda9ba813][*:5eda9ba813] [b:5eda9ba813][color=#0000FF:5eda9ba813]Sluit nu eerst alle nog openstaande programmavensters![/color:5eda9ba813][/b:5eda9ba813] [list:5eda9ba813][*:5eda9ba813][b:5eda9ba813][color=#0000FF:5eda9ba813]Windows 2000[/color:5eda9ba813][/b:5eda9ba813] en [color=#0000FF:5eda9ba813][b:5eda9ba813]Windows XP[/b:5eda9ba813][/color:5eda9ba813]: start ComboFix.exe middels dubbelklik op ComboFix.exe. [*:5eda9ba813][color=#0000FF:5eda9ba813][b:5eda9ba813]Windows Vista[/b:5eda9ba813][/color:5eda9ba813] en [color=#0000FF:5eda9ba813][b:5eda9ba813]Windows 7[/b:5eda9ba813][/color:5eda9ba813]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:5eda9ba813][b:5eda9ba813]Als Administrator uitvoeren[/b:5eda9ba813][/i:5eda9ba813].[/list:u:5eda9ba813][/list:u:5eda9ba813] [b:5eda9ba813]ComboFix is opgestart[/b:5eda9ba813]: [list:5eda9ba813][*:5eda9ba813]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:5eda9ba813]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen! [*:5eda9ba813]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:5eda9ba813]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:5eda9ba813]Post de inhoud van dit logbestand in je volgende bericht. [*:5eda9ba813]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:5eda9ba813] [b:5eda9ba813]Belangrijke opmerking[/b:5eda9ba813]: [list:5eda9ba813][*:5eda9ba813][b:5eda9ba813][color=Red:5eda9ba813]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:5eda9ba813][/b:5eda9ba813] [*:5eda9ba813][b:5eda9ba813][color=blue:5eda9ba813]Illegal operation attempted on a registery key that has been marked for deletion.[/color:5eda9ba813][/b:5eda9ba813] [*:5eda9ba813][b:5eda9ba813][color=Red:5eda9ba813]Start dan de computer opnieuw op.[/color:5eda9ba813][/b:5eda9ba813][/list:u:5eda9ba813] [color=#FF0000:5eda9ba813][b:5eda9ba813]Stap •3•[/b:5eda9ba813][/color:5eda9ba813] [b:5eda9ba813]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:5eda9ba813] [list:5eda9ba813][*:5eda9ba813] TDSSKStarter-log [*:5eda9ba813] ComboFix.txt-log [/list:u:5eda9ba813]
  • Log van de eerste scan: 22:04:57.0531 2836 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32 22:04:57.0546 2836 ============================================================ 22:04:57.0546 2836 Current date / time: 2012/04/04 22:04:57.0546 22:04:57.0546 2836 SystemInfo: 22:04:57.0546 2836 22:04:57.0546 2836 OS Version: 5.1.2600 ServicePack: 3.0 22:04:57.0546 2836 Product type: Workstation 22:04:57.0546 2836 ComputerName: EMACHINE-122583 22:04:57.0546 2836 UserName: J en S 22:04:57.0546 2836 Windows directory: C:\WINDOWS 22:04:57.0546 2836 System windows directory: C:\WINDOWS 22:04:57.0546 2836 Processor architecture: Intel x86 22:04:57.0546 2836 Number of processors: 2 22:04:57.0546 2836 Page size: 0x1000 22:04:57.0546 2836 Boot type: Normal boot 22:04:57.0546 2836 ============================================================ 22:05:05.0390 2836 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 22:05:05.0500 2836 \Device\Harddisk0\DR0: 22:05:05.0500 2836 MBR used 22:05:05.0500 2836 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x11618800 22:05:05.0593 2836 Initialize success 22:05:05.0593 2836 ============================================================ 22:05:05.0687 2636 ============================================================ 22:05:05.0687 2636 Scan started 22:05:05.0687 2636 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent; 22:05:05.0687 2636 ============================================================ 22:05:07.0421 2636 Abiosdsk - ok 22:05:07.0687 2636 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 22:05:08.0203 2636 abp480n5 - ok 22:05:08.0703 2636 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:05:09.0156 2636 ACPI - ok 22:05:09.0562 2636 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 22:05:09.0890 2636 ACPIEC - ok 22:05:10.0437 2636 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 22:05:10.0765 2636 AdobeFlashPlayerUpdateSvc - ok 22:05:11.0281 2636 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 22:05:11.0750 2636 adpu160m - ok 22:05:12.0375 2636 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 22:05:12.0781 2636 aec - ok 22:05:13.0171 2636 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 22:05:13.0453 2636 AFD - ok 22:05:13.0750 2636 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 22:05:14.0125 2636 agp440 - ok 22:05:14.0531 2636 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 22:05:14.0937 2636 agpCPQ - ok 22:05:15.0421 2636 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 22:05:15.0703 2636 Aha154x - ok 22:05:16.0046 2636 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 22:05:16.0390 2636 aic78u2 - ok 22:05:16.0578 2636 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 22:05:16.0843 2636 aic78xx - ok 22:05:16.0906 2636 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll 22:05:17.0265 2636 Alerter - ok 22:05:17.0437 2636 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe 22:05:17.0671 2636 ALG - ok 22:05:17.0843 2636 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 22:05:18.0187 2636 AliIde - ok 22:05:18.0406 2636 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 22:05:18.0703 2636 alim1541 - ok 22:05:18.0890 2636 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys 22:05:19.0203 2636 Ambfilt - ok 22:05:19.0421 2636 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 22:05:19.0734 2636 amdagp - ok 22:05:19.0906 2636 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 22:05:20.0375 2636 amsint - ok 22:05:20.0500 2636 AppMgmt - ok 22:05:20.0546 2636 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 22:05:20.0968 2636 asc - ok 22:05:21.0187 2636 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 22:05:21.0406 2636 asc3350p - ok 22:05:21.0609 2636 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 22:05:21.0921 2636 asc3550 - ok 22:05:22.0062 2636 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 22:05:22.0281 2636 aspnet_state - ok 22:05:22.0484 2636 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:05:22.0859 2636 AsyncMac - ok 22:05:23.0078 2636 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:05:23.0437 2636 atapi - ok 22:05:23.0593 2636 Atdisk - ok 22:05:23.0640 2636 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:05:23.0953 2636 Atmarpc - ok 22:05:24.0125 2636 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll 22:05:24.0437 2636 AudioSrv - ok 22:05:24.0531 2636 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:05:24.0828 2636 audstub - ok 22:05:25.0078 2636 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:05:25.0421 2636 Beep - ok 22:05:25.0609 2636 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll 22:05:25.0953 2636 BITS - ok 22:05:26.0125 2636 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll 22:05:26.0500 2636 Browser - ok 22:05:26.0718 2636 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 22:05:27.0000 2636 cbidf - ok 22:05:27.0187 2636 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:05:27.0531 2636 cbidf2k - ok 22:05:27.0734 2636 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 22:05:28.0015 2636 CCDECODE - ok 22:05:28.0218 2636 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 22:05:28.0390 2636 cd20xrnt - ok 22:05:28.0609 2636 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:05:29.0031 2636 Cdaudio - ok 22:05:29.0250 2636 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 22:05:29.0578 2636 Cdfs - ok 22:05:29.0765 2636 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:05:29.0921 2636 Cdrom - ok 22:05:30.0093 2636 Changer - ok 22:05:30.0156 2636 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe 22:05:30.0468 2636 CiSvc - ok 22:05:30.0625 2636 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe 22:05:30.0968 2636 ClipSrv - ok 22:05:31.0125 2636 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:05:31.0265 2636 clr_optimization_v2.0.50727_32 - ok 22:05:31.0390 2636 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 22:05:31.0781 2636 CmdIde - ok 22:05:31.0890 2636 COMSysApp - ok 22:05:31.0953 2636 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 22:05:32.0281 2636 Cpqarray - ok 22:05:32.0453 2636 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll 22:05:32.0734 2636 CryptSvc - ok 22:05:33.0000 2636 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 22:05:33.0328 2636 dac2w2k - ok 22:05:33.0531 2636 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 22:05:33.0796 2636 dac960nt - ok 22:05:33.0843 2636 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 22:05:34.0046 2636 DcomLaunch - ok 22:05:34.0218 2636 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll 22:05:34.0531 2636 Dhcp - ok 22:05:34.0625 2636 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 22:05:34.0906 2636 Disk - ok 22:05:35.0015 2636 dmadmin - ok 22:05:35.0093 2636 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 22:05:35.0437 2636 dmboot - ok 22:05:35.0671 2636 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 22:05:36.0015 2636 dmio - ok 22:05:36.0218 2636 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:05:36.0546 2636 dmload - ok 22:05:36.0703 2636 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll 22:05:37.0000 2636 dmserver - ok 22:05:37.0218 2636 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 22:05:37.0531 2636 DMusic - ok 22:05:37.0687 2636 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll 22:05:37.0796 2636 Dnscache - ok 22:05:37.0984 2636 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll 22:05:38.0312 2636 Dot3svc - ok 22:05:38.0531 2636 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 22:05:38.0796 2636 dpti2o - ok 22:05:38.0828 2636 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 22:05:39.0093 2636 drmkaud - ok 22:05:39.0328 2636 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys 22:05:39.0593 2636 eamon - ok 22:05:39.0765 2636 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll 22:05:40.0093 2636 EapHost - ok 22:05:40.0328 2636 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys 22:05:40.0468 2636 ehdrv - ok 22:05:40.0515 2636 epfw (73411c14a8c6062bb6a510772cf2f38c) C:\WINDOWS\system32\DRIVERS\epfw.sys 22:05:40.0640 2636 epfw - ok 22:05:40.0875 2636 epfwtdi (bdde7dd8fcdb1de7e879bb320b0605c0) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys 22:05:40.0984 2636 epfwtdi - ok 22:05:41.0156 2636 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll 22:05:41.0468 2636 ERSvc - ok 22:05:41.0640 2636 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe 22:05:41.0734 2636 ETService ( UnsignedFile.Multi.Generic ) - warning 22:05:41.0734 2636 ETService - detected UnsignedFile.Multi.Generic (1) 22:05:41.0921 2636 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 22:05:42.0156 2636 Eventlog - ok 22:05:42.0328 2636 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll 22:05:42.0468 2636 EventSystem - ok 22:05:42.0671 2636 F-Secure Filter (d4980588ed87f8bb16be43ddd0fbd5fe) C:\Program Files\veiligheidspakket\Anti-Virus\Win2K\FSfilter.sys 22:05:42.0796 2636 F-Secure Filter - ok 22:05:42.0828 2636 F-Secure Gatekeeper (29d12e1e45d93b45d2598e2663bbeff4) C:\Program Files\veiligheidspakket\Anti-Virus\minifilter\fsgk.sys 22:05:42.0968 2636 F-Secure Gatekeeper - ok 22:05:43.0187 2636 F-Secure Gatekeeper Handler Starter (a9be66e05254b20df82e0f7cddeca7dd) C:\Program Files\veiligheidspakket\Anti-Virus\fsgk32st.exe 22:05:43.0390 2636 F-Secure Gatekeeper Handler Starter - ok 22:05:43.0625 2636 F-Secure HIPS (f5aca65237c7511d5803cdc5e7003d75) C:\Program Files\veiligheidspakket\HIPS\drivers\fshs.sys 22:05:43.0750 2636 F-Secure HIPS - ok 22:05:43.0828 2636 F-Secure Recognizer (6ce1195511533c9359f91a9e63792f5e) C:\Program Files\veiligheidspakket\Anti-Virus\Win2K\FSrec.sys 22:05:43.0921 2636 F-Secure Recognizer - ok 22:05:44.0125 2636 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 22:05:44.0437 2636 Fastfat - ok 22:05:44.0609 2636 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 22:05:44.0781 2636 FastUserSwitchingCompatibility - ok 22:05:44.0984 2636 Fax (4914736e61f561dad588af2aaa0df0f0) C:\WINDOWS\system32\fxssvc.exe 22:05:45.0359 2636 Fax - ok 22:05:45.0562 2636 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 22:05:45.0906 2636 Fdc - ok 22:05:45.0937 2636 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 22:05:46.0250 2636 Fips - ok 22:05:46.0468 2636 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 22:05:46.0781 2636 Flpydisk - ok 22:05:46.0828 2636 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 22:05:47.0171 2636 FltMgr - ok 22:05:47.0375 2636 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 22:05:47.0484 2636 FontCache3.0.0.0 - ok 22:05:47.0640 2636 fsbts (343786e182b9c9ae3066e00dec650f50) C:\WINDOWS\system32\Drivers\fsbts.sys 22:05:47.0765 2636 fsbts - ok 22:05:48.0015 2636 FSDFWD (6bc997049c3cb6e39a7660d4c8cefbe0) C:\Program Files\veiligheidspakket\FWES\Program\fsdfwd.exe 22:05:48.0187 2636 FSDFWD - ok 22:05:48.0406 2636 FSFW (d93e91a800af12ccb14f3ee7cd3a22a2) C:\WINDOWS\system32\drivers\fsdfw.sys 22:05:48.0531 2636 FSFW - ok 22:05:48.0781 2636 FSMA (392e85687a902239c01baddf212b1a36) C:\Program Files\veiligheidspakket\Common\FSMA32.EXE 22:05:48.0953 2636 FSMA - ok 22:05:49.0156 2636 FSORSPClient (42aef6a385354aca65fc210ce7ce4d7c) C:\Program Files\veiligheidspakket\ORSP Client\fsorsp.exe 22:05:49.0296 2636 FSORSPClient - ok 22:05:49.0515 2636 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 22:05:49.0640 2636 fssfltr - ok 22:05:49.0890 2636 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 22:05:50.0046 2636 fsssvc - ok 22:05:50.0265 2636 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:05:50.0593 2636 Fs_Rec - ok 22:05:50.0843 2636 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:05:51.0171 2636 Ftdisk - ok 22:05:51.0312 2636 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe 22:05:51.0500 2636 GameConsoleService - ok 22:05:51.0656 2636 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:05:52.0015 2636 Gpc - ok 22:05:52.0187 2636 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 22:05:52.0375 2636 gupdate - ok 22:05:52.0375 2636 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 22:05:52.0500 2636 gupdatem - ok 22:05:52.0671 2636 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 22:05:53.0015 2636 HDAudBus - ok 22:05:53.0156 2636 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 22:05:53.0468 2636 helpsvc - ok 22:05:53.0578 2636 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll 22:05:53.0843 2636 HidServ - ok 22:05:54.0046 2636 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:05:54.0343 2636 hidusb - ok 22:05:54.0375 2636 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll 22:05:54.0703 2636 hkmsvc - ok 22:05:54.0875 2636 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 22:05:55.0156 2636 hpn - ok 22:05:55.0203 2636 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 22:05:55.0390 2636 HPZid412 - ok 22:05:55.0593 2636 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 22:05:55.0734 2636 HPZipr12 - ok 22:05:55.0953 2636 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 22:05:56.0109 2636 HPZius12 - ok 22:05:56.0328 2636 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 22:05:56.0515 2636 HTTP - ok 22:05:56.0671 2636 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll 22:05:56.0968 2636 HTTPFilter - ok 22:05:57.0062 2636 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 22:05:57.0359 2636 i2omgmt - ok 22:05:57.0593 2636 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 22:05:57.0859 2636 i2omp - ok 22:05:57.0921 2636 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:05:58.0234 2636 i8042prt - ok 22:05:58.0625 2636 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 22:05:59.0109 2636 ialm - ok 22:05:59.0312 2636 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:05:59.0796 2636 idsvc - ok 22:06:00.0015 2636 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:06:00.0296 2636 Imapi - ok 22:06:00.0453 2636 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe 22:06:00.0828 2636 ImapiService - ok 22:06:01.0046 2636 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 22:06:01.0359 2636 ini910u - ok 22:06:01.0578 2636 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\WINDOWS\system32\drivers\int15.sys 22:06:01.0718 2636 int15 - ok 22:06:01.0718 2636 int15.sys - ok 22:06:01.0906 2636 IntcAzAudAddService (f9bb9063a6557098dbaf7396e026c922) C:\WINDOWS\system32\drivers\RtkHDAud.sys 22:06:02.0328 2636 IntcAzAudAddService - ok 22:06:02.0515 2636 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 22:06:02.0812 2636 IntelIde - ok 22:06:03.0046 2636 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:06:03.0359 2636 intelppm - ok 22:06:03.0578 2636 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 22:06:03.0890 2636 Ip6Fw - ok 22:06:04.0109 2636 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:06:04.0406 2636 IpFilterDriver - ok 22:06:04.0406 2636 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:06:04.0703 2636 IpInIp - ok 22:06:04.0921 2636 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:06:05.0281 2636 IpNat - ok 22:06:05.0500 2636 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:06:05.0812 2636 IPSec - ok 22:06:06.0031 2636 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:06:06.0234 2636 IRENUM - ok 22:06:06.0453 2636 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:06:06.0765 2636 isapnp - ok 22:06:07.0000 2636 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe 22:06:07.0171 2636 JavaQuickStarterService - ok 22:06:07.0390 2636 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:06:07.0703 2636 Kbdclass - ok 22:06:07.0937 2636 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 22:06:08.0218 2636 kbdhid - ok 22:06:08.0437 2636 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 22:06:08.0750 2636 kmixer - ok 22:06:08.0984 2636 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 22:06:09.0125 2636 KSecDD - ok 22:06:09.0296 2636 LanmanServer (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll 22:06:09.0421 2636 LanmanServer - ok 22:06:09.0593 2636 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll 22:06:09.0765 2636 lanmanworkstation - ok 22:06:09.0953 2636 lbrtfdc - ok 22:06:10.0015 2636 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll 22:06:10.0296 2636 LmHosts - ok 22:06:10.0453 2636 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll 22:06:10.0750 2636 Messenger - ok 22:06:11.0000 2636 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:06:11.0296 2636 mnmdd - ok 22:06:11.0453 2636 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe 22:06:11.0765 2636 mnmsrvc - ok 22:06:12.0000 2636 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 22:06:12.0328 2636 Modem - ok 22:06:12.0578 2636 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys 22:06:12.0843 2636 Monfilt - ok 22:06:13.0062 2636 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:06:13.0359 2636 Mouclass - ok 22:06:13.0578 2636 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 22:06:13.0843 2636 MountMgr - ok 22:06:13.0890 2636 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 22:06:14.0187 2636 mraid35x - ok 22:06:14.0421 2636 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:06:14.0750 2636 MRxDAV - ok 22:06:15.0000 2636 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:06:15.0281 2636 MRxSmb - ok 22:06:15.0453 2636 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe 22:06:15.0750 2636 MSDTC - ok 22:06:15.0859 2636 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 22:06:16.0234 2636 Msfs - ok 22:06:16.0343 2636 MSIServer - ok 22:06:16.0406 2636 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:06:16.0750 2636 MSKSSRV - ok 22:06:16.0984 2636 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:06:17.0296 2636 MSPCLOCK - ok 22:06:17.0484 2636 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 22:06:17.0781 2636 MSPQM - ok 22:06:18.0031 2636 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:06:18.0312 2636 mssmbios - ok 22:06:18.0359 2636 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 22:06:18.0656 2636 MSTEE - ok 22:06:18.0875 2636 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 22:06:19.0031 2636 Mup - ok 22:06:19.0250 2636 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 22:06:19.0578 2636 NABTSFEC - ok 22:06:19.0750 2636 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll 22:06:20.0078 2636 napagent - ok 22:06:20.0312 2636 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 22:06:20.0671 2636 NDIS - ok 22:06:20.0890 2636 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 22:06:21.0187 2636 NdisIP - ok 22:06:21.0234 2636 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:06:21.0359 2636 NdisTapi - ok 22:06:21.0562 2636 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:06:21.0843 2636 Ndisuio - ok 22:06:21.0890 2636 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:06:22.0218 2636 NdisWan - ok 22:06:22.0437 2636 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 22:06:22.0562 2636 NDProxy - ok 22:06:22.0750 2636 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 22:06:23.0046 2636 NetBIOS - ok 22:06:23.0265 2636 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:06:23.0593 2636 NetBT - ok 22:06:23.0765 2636 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 22:06:24.0187 2636 NetDDE - ok 22:06:24.0218 2636 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe 22:06:24.0546 2636 NetDDEdsdm - ok 22:06:24.0718 2636 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 22:06:24.0968 2636 Netlogon - ok 22:06:25.0015 2636 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll 22:06:25.0328 2636 Netman - ok 22:06:25.0500 2636 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:06:25.0593 2636 NetTcpPortSharing - ok 22:06:25.0750 2636 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll 22:06:25.0953 2636 Nla - ok 22:06:26.0171 2636 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 22:06:26.0484 2636 Npfs - ok 22:06:26.0656 2636 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 22:06:27.0015 2636 Ntfs - ok 22:06:27.0187 2636 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 22:06:27.0500 2636 NtLmSsp - ok 22:06:27.0531 2636 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll 22:06:27.0875 2636 NtmsSvc - ok 22:06:28.0093 2636 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:06:28.0343 2636 Null - ok 22:06:28.0375 2636 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:06:28.0703 2636 NwlnkFlt - ok 22:06:28.0921 2636 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:06:29.0234 2636 NwlnkFwd - ok 22:06:29.0406 2636 PAC207 - ok 22:06:29.0484 2636 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 22:06:29.0781 2636 Parport - ok 22:06:30.0000 2636 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 22:06:30.0281 2636 PartMgr - ok 22:06:30.0500 2636 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 22:06:30.0796 2636 ParVdm - ok 22:06:31.0015 2636 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 22:06:31.0328 2636 PCI - ok 22:06:31.0484 2636 PCIDump - ok 22:06:31.0546 2636 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 22:06:31.0828 2636 PCIIde - ok 22:06:32.0046 2636 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 22:06:32.0359 2636 Pcmcia - ok 22:06:32.0531 2636 PDCOMP - ok 22:06:32.0562 2636 PDFRAME - ok 22:06:32.0578 2636 PDRELI - ok 22:06:32.0593 2636 PDRFRAME - ok 22:06:32.0640 2636 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 22:06:32.0890 2636 perc2 - ok 22:06:32.0906 2636 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 22:06:33.0203 2636 perc2hib - ok 22:06:33.0375 2636 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe 22:06:33.0515 2636 PlugPlay - ok 22:06:33.0718 2636 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe 22:06:33.0890 2636 PMBDeviceInfoProvider - ok 22:06:34.0062 2636 Pml Driver HPZ12 (a38b3ce68e7f126190cde4aa3fdf050f) C:\WINDOWS\system32\HPZipm12.exe 22:06:34.0375 2636 Pml Driver HPZ12 - ok 22:06:34.0546 2636 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 22:06:34.0812 2636 PolicyAgent - ok 22:06:34.0906 2636 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:06:35.0187 2636 PptpMiniport - ok 22:06:35.0359 2636 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 22:06:35.0640 2636 ProtectedStorage - ok 22:06:35.0750 2636 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 22:06:36.0062 2636 PSched - ok 22:06:36.0265 2636 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:06:36.0593 2636 Ptilink - ok 22:06:36.0781 2636 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys 22:06:36.0890 2636 PxHelp20 - ok 22:06:37.0109 2636 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 22:06:37.0406 2636 ql1080 - ok 22:06:37.0625 2636 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 22:06:37.0875 2636 Ql10wnt - ok 22:06:37.0906 2636 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 22:06:38.0218 2636 ql12160 - ok 22:06:38.0437 2636 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 22:06:38.0734 2636 ql1240 - ok 22:06:38.0906 2636 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 22:06:39.0187 2636 ql1280 - ok 22:06:39.0343 2636 RalinkRegistryWriter (e155e09229624c69a1a6609c0cb3641f) C:\Program Files\Ralink\Common\RaRegistry.exe 22:06:39.0500 2636 RalinkRegistryWriter - ok 22:06:39.0671 2636 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:06:39.0937 2636 RasAcd - ok 22:06:39.0984 2636 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll 22:06:40.0234 2636 RasAuto - ok 22:06:40.0453 2636 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:06:40.0750 2636 Rasl2tp - ok 22:06:40.0796 2636 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll 22:06:41.0109 2636 RasMan - ok 22:06:41.0328 2636 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:06:41.0640 2636 RasPppoe - ok 22:06:41.0765 2636 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:06:42.0125 2636 Raspti - ok 22:06:42.0171 2636 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:06:42.0500 2636 Rdbss - ok 22:06:42.0671 2636 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:06:42.0906 2636 RDPCDD - ok 22:06:42.0953 2636 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 22:06:43.0296 2636 rdpdr - ok 22:06:43.0515 2636 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 22:06:43.0671 2636 RDPWD - ok 22:06:43.0828 2636 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe 22:06:44.0312 2636 RDSessMgr - ok 22:06:44.0531 2636 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:06:44.0828 2636 redbook - ok 22:06:44.0875 2636 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll 22:06:45.0187 2636 RemoteAccess - ok 22:06:45.0406 2636 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe 22:06:45.0593 2636 RichVideo - ok 22:06:45.0781 2636 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe 22:06:46.0078 2636 RpcLocator - ok 22:06:46.0250 2636 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll 22:06:46.0484 2636 RpcSs - ok 22:06:46.0640 2636 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe 22:06:47.0000 2636 RSVP - ok 22:06:47.0234 2636 RT73 (4ef3f74439aa644bcd8ddc0ed88a5d01) C:\WINDOWS\system32\DRIVERS\rt73.sys 22:06:47.0437 2636 RT73 - ok 22:06:47.0656 2636 RTLE8023xp (f0a21c62b9b835e1c96268eaae31d239) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 22:06:47.0859 2636 RTLE8023xp - ok 22:06:48.0031 2636 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe 22:06:48.0312 2636 SamSs - ok 22:06:48.0359 2636 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe 22:06:48.0734 2636 SCardSvr - ok 22:06:48.0906 2636 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll 22:06:49.0265 2636 Schedule - ok 22:06:49.0484 2636 Scutum50 (f34c06d1c706a6d9433570b087a18b02) C:\WINDOWS\system32\Drivers\Scutum50.sys 22:06:49.0578 2636 Scutum50 ( UnsignedFile.Multi.Generic ) - warning 22:06:49.0578 2636 Scutum50 - detected UnsignedFile.Multi.Generic (1) 22:06:49.0765 2636 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:06:49.0953 2636 Secdrv - ok 22:06:50.0125 2636 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll 22:06:50.0406 2636 seclogon - ok 22:06:50.0453 2636 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll 22:06:50.0921 2636 SENS - ok 22:06:51.0156 2636 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 22:06:51.0421 2636 serenum - ok 22:06:51.0640 2636 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 22:06:51.0906 2636 Serial - ok 22:06:51.0953 2636 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 22:06:52.0234 2636 Sfloppy - ok 22:06:52.0406 2636 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll 22:06:52.0765 2636 SharedAccess - ok 22:06:52.0937 2636 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 22:06:53.0062 2636 ShellHWDetection - ok 22:06:53.0218 2636 Simbad - ok 22:06:53.0281 2636 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 22:06:53.0593 2636 sisagp - ok 22:06:53.0812 2636 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 22:06:54.0156 2636 SLIP - ok 22:06:54.0359 2636 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 22:06:54.0562 2636 Sparrow - ok 22:06:54.0765 2636 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 22:06:55.0046 2636 splitter - ok 22:06:55.0218 2636 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 22:06:55.0375 2636 Spooler - ok 22:06:55.0593 2636 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 22:06:55.0796 2636 sr - ok 22:06:55.0968 2636 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll 22:06:56.0218 2636 srservice - ok 22:06:56.0453 2636 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 22:06:56.0671 2636 Srv - ok 22:06:56.0843 2636 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll 22:06:57.0093 2636 SSDPSRV - ok 22:06:57.0250 2636 STI Simulator (ed78dfad8efcdfbc89500492c4d14645) C:\WINDOWS\System32\PAStiSvc.exe 22:06:57.0359 2636 STI Simulator ( UnsignedFile.Multi.Generic ) - warning 22:06:57.0359 2636 STI Simulator - detected UnsignedFile.Multi.Generic (1) 22:06:57.0468 2636 StillCam (bf8aa066bb0398ddcbc9573153d39b8c) C:\WINDOWS\system32\DRIVERS\serscan.sys 22:06:57.0734 2636 StillCam - ok 22:06:57.0921 2636 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll 22:06:58.0250 2636 stisvc - ok 22:06:58.0453 2636 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 22:06:58.0750 2636 streamip - ok 22:06:58.0968 2636 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:06:59.0250 2636 swenum - ok 22:06:59.0484 2636 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 22:06:59.0765 2636 swmidi - ok 22:06:59.0906 2636 SwPrv - ok 22:06:59.0984 2636 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 22:07:00.0234 2636 symc810 - ok 22:07:00.0453 2636 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 22:07:00.0750 2636 symc8xx - ok 22:07:01.0000 2636 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 22:07:01.0296 2636 sym_hi - ok 22:07:01.0500 2636 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 22:07:01.0796 2636 sym_u3 - ok 22:07:01.0828 2636 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 22:07:02.0140 2636 sysaudio - ok 22:07:02.0296 2636 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe 22:07:02.0687 2636 SysmonLog - ok 22:07:02.0875 2636 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll 22:07:03.0218 2636 TapiSrv - ok 22:07:03.0437 2636 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:07:03.0640 2636 Tcpip - ok 22:07:03.0765 2636 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:07:04.0031 2636 TDPIPE - ok 22:07:04.0062 2636 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 22:07:04.0359 2636 TDTCP - ok 22:07:04.0578 2636 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:07:04.0843 2636 TermDD - ok 22:07:04.0890 2636 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll 22:07:05.0218 2636 TermService - ok 22:07:05.0390 2636 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll 22:07:05.0515 2636 Themes - ok 22:07:05.0625 2636 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 22:07:05.0875 2636 TosIde - ok 22:07:05.0921 2636 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll 22:07:06.0218 2636 TrkWks - ok 22:07:06.0421 2636 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 22:07:06.0718 2636 Udfs - ok 22:07:06.0937 2636 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 22:07:07.0109 2636 ultra - ok 22:07:07.0343 2636 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 22:07:07.0671 2636 Update - ok 22:07:07.0843 2636 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll 22:07:08.0109 2636 upnphost - ok 22:07:08.0265 2636 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe 22:07:08.0562 2636 UPS - ok 22:07:08.0671 2636 usbbus (3cd48971e76bfa457d7a75e58cd48edc) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys 22:07:08.0812 2636 usbbus - ok 22:07:09.0031 2636 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 22:07:09.0328 2636 usbccgp - ok 22:07:09.0359 2636 UsbDiag (46ba8ded8d1439f362cbfe22d132200e) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys 22:07:09.0515 2636 UsbDiag - ok 22:07:09.0750 2636 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:07:10.0031 2636 usbehci - ok 22:07:10.0250 2636 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:07:10.0578 2636 usbhub - ok 22:07:10.0750 2636 USBModem (c828cbd0a15380020443945b975eb701) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys 22:07:10.0906 2636 USBModem - ok 22:07:11.0109 2636 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 22:07:11.0437 2636 usbprint - ok 22:07:11.0640 2636 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 22:07:11.0890 2636 usbscan - ok 22:07:11.0937 2636 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 22:07:12.0250 2636 USBSTOR - ok 22:07:12.0468 2636 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 22:07:12.0734 2636 usbuhci - ok 22:07:12.0796 2636 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 22:07:13.0093 2636 VgaSave - ok 22:07:13.0312 2636 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 22:07:13.0609 2636 viaagp - ok 22:07:13.0609 2636 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 22:07:13.0859 2636 ViaIde - ok 22:07:14.0078 2636 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 22:07:14.0406 2636 VolSnap - ok 22:07:14.0578 2636 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe 22:07:14.0953 2636 VSS - ok 22:07:15.0125 2636 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll 22:07:15.0453 2636 W32Time - ok 22:07:15.0687 2636 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:07:15.0953 2636 Wanarp - ok 22:07:15.0968 2636 WDICA - ok 22:07:16.0015 2636 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 22:07:16.0296 2636 wdmaud - ok 22:07:16.0468 2636 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll 22:07:16.0796 2636 WebClient - ok 22:07:17.0031 2636 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll 22:07:17.0328 2636 winmgmt - ok 22:07:17.0484 2636 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 22:07:17.0687 2636 WmdmPmSN - ok 22:07:17.0890 2636 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe 22:07:18.0187 2636 WmiApSrv - ok 22:07:18.0375 2636 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe 22:07:18.0687 2636 WMPNetworkSvc - ok 22:07:18.0906 2636 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 22:07:19.0218 2636 WS2IFSL - ok 22:07:19.0390 2636 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll 22:07:19.0687 2636 wscsvc - ok 22:07:19.0843 2636 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 22:07:20.0156 2636 WSTCODEC - ok 22:07:20.0328 2636 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll 22:07:20.0609 2636 wuauserv - ok 22:07:20.0734 2636 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 22:07:20.0906 2636 WudfPf - ok 22:07:21.0046 2636 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 22:07:21.0203 2636 WudfSvc - ok 22:07:21.0390 2636 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll 22:07:21.0718 2636 WZCSVC - ok 22:07:21.0828 2636 x8qw.sys - ok 22:07:21.0843 2636 xcpip - ok 22:07:21.0890 2636 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll 22:07:22.0203 2636 xmlprov - ok 22:07:22.0375 2636 xpsec - ok 22:07:22.0406 2636 MBR (0x1B8) (c7725d466cb95c52df88b2d47709d196) \Device\Harddisk0\DR0 22:07:30.0062 2636 \Device\Harddisk0\DR0 - ok 22:07:30.0093 2636 Boot (0x1200) (6f7373a85621135408bf83307b341ae8) \Device\Harddisk0\DR0\Partition0 22:07:30.0093 2636 \Device\Harddisk0\DR0\Partition0 - ok 22:07:30.0093 2636 ============================================================ 22:07:30.0093 2636 Scan finished 22:07:30.0093 2636 ============================================================ 22:07:31.0187 2600 Deinitialize success ============================================== System Restore Point Check: TDSSKiller Starter Restore Point Created Succesfully ============================================== Older logs ============================================== C:\TDSSStarter\Report.log C:\TDSSStarter\Report_04-04-2012_2200_.log ============================================== EOF
  • Dat ziet er in ieder geval goed uit.
  • Ik zal de tweede morgen doen, want ik zie dat er aardig wat voorbereiding bij komt kijken.. en ga zo na bed haha.. alvast bedankt!
  • Welterusten.
  • Ik kwam vandaag thuis van werk. en mijn vriendin was vrij vandaag. Ze zei dat de pc veel sneller was.. en dit is dus ook het geval. Ik denk dat het al geholpen heeft!
  • Toch maar die ComboFixscan doen!
  • In reactie op de PB die je me gestuurd hebt dan maar het volgende: het is inderdaad lang geleden dat je niet meer een reactie hebt hebt gegeven op mijn laatste bericht. Dat je PC inmiddels nog weer langzamer is geworden kan aaan allerlei omstandigheden liggen. Ik hoop dan ook dat je vanaf nu zins bent de fix te volbrengen en niet weer af te haken. Ik heb nu eerst een nieuw overzicht nodig! [b:2839f034d5]Welk programma[/b:2839f034d5]: [color=#008000:2839f034d5][b:2839f034d5]sUbs dds[/b:2839f034d5][/color:2839f034d5] [b:2839f034d5]Waarvoor/waarom[/b:2839f034d5]: DDS is een diagnosetool en maakt gebruik van scripts. [b:2839f034d5]Moeilijkheidsgraad[/b:2839f034d5]: Lees eerst goed wat te doen. [b:2839f034d5]Downloadlokatie[/b:2839f034d5]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen! [b:2839f034d5]Download DDS[/b:2839f034d5] van [b:2839f034d5]sUBS[/b:2839f034d5] van één van deze locaties en plaats het op je [b:2839f034d5]bureaublad[/b:2839f034d5]: [b:2839f034d5][url=http://download.bleepingcomputer.com/sUBs/dds.com]DDS - Bleeping Computer download[/url]. [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS - Bleeping Computer download[/url]. [url=http://www.infospyware.net/sUBs/dds]DDS - Infospyware[/url].[/b:2839f034d5] [img:2839f034d5]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:2839f034d5] [b:2839f034d5]sUBs dds. gebruiken[/b:2839f034d5]: [list:2839f034d5][*:2839f034d5][b:2839f034d5][color=#0000FF:2839f034d5]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:2839f034d5][/b:2839f034d5] [*:2839f034d5] [b:2839f034d5][color=#008000:2839f034d5]Antivirusprogramma en actieve malwarescanners dienen gedeaktiveerd zijn!/COLOR][/b:2839f034d5] [list:2839f034d5][*:2839f034d5][url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:2839f034d5][color=#0000FF]Hier[/color:2839f034d5][/b:2839f034d5][/url] of [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][color=#0000FF:2839f034d5][b:2839f034d5]hier[/b:2839f034d5][/color:2839f034d5][/url] kan je lezen hoe je dat doet.[/list:u:2839f034d5] [list:2839f034d5][*:2839f034d5][b:2839f034d5][color=#0000FF:2839f034d5]Windows 2000[/color:2839f034d5][/b:2839f034d5] en [color=#0000FF:2839f034d5][b:2839f034d5]Windows XP[/b:2839f034d5][/color:2839f034d5]: start sUBs dds. middels dubbelklik op de snelkoppeling. [*:2839f034d5][color=#0000FF:2839f034d5][b:2839f034d5]Windows Vista[/b:2839f034d5][/color:2839f034d5] en [color=#0000FF:2839f034d5][b:2839f034d5]Windows 7[/b:2839f034d5][/color:2839f034d5]: start sUBs dds. rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:2839f034d5][/list:u:2839f034d5] [b:2839f034d5]Na de scan[/b:2839f034d5] [list:2839f034d5][*:2839f034d5] [b:2839f034d5][color=#FF0000:2839f034d5]Heraktiveer nu de actieve beveiligingssoftware[/color:2839f034d5][/b:2839f034d5] [*:2839f034d5]Er worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - let even op het volgende! [*:2839f034d5]Kopieer en plak de gehele inhoud van de [b:2839f034d5]DDS-logfile[/b:2839f034d5] in jouw volgende bericht. [*:2839f034d5]De inhoud van [b:2839f034d5]Attach.txt[/b:2839f034d5] post je wanneer ik daarom vraag.[/list:u:2839f034d5]
  • Dank je. Ik zal er nu mee stoppen, wanner u het zegt. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29 Run by John en Sabine at 21:41:41 on 2012-10-03 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1439 [GMT 2:00] . AV: TELE2 Veiligheidspakket Totaal 9.01 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: TELE2 Veiligheidspakket Totaal 9.01 *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe C:\Program Files\veiligheidspakket\Anti-Virus\fsgk32st.exe C:\Program Files\veiligheidspakket\Common\FSMA32.EXE C:\Program Files\veiligheidspakket\Anti-Virus\FSGK32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Ralink\Common\RaRegistry.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE C:\Program Files\veiligheidspakket\Anti-Virus\fssm32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\BigFix\bigfix.exe C:\Program Files\Ralink\Common\RaUI.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\veiligheidspakket\Common\FSLAUNCH.EXE . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.hotmail.com/ uDefault_Page_URL = hxxp://www.hyves.nl uWindow Title = Windows Internet Explorer provided by Hyves uInternet Settings,ProxyServer = 127.0.0.1:5220 uInternet Settings,ProxyOverride = local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\veiligheidspakket\nrs\iescript\baselitmus.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\veiligheidspakket\nrs\iescript\baselitmus.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [daemon] c:\documents and settings\john en sabine\application data\daemon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [eRecoveryService] mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [F-Secure Manager] "c:\program files\veiligheidspakket\common\FSM32.EXE" /splash mRun: [F-Secure TNB] "c:\program files\veiligheidspakket\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [daemon] c:\documents and settings\localservice\application data\daemon.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\bigfix.lnk - c:\program files\bigfix\bigfix.exe StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe mPolicies-system: EnableLUA = 0 (0x0) IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll LSP: c:\program files\veiligheidspakket\fsps\program\FSLSP.DLL DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{E452E418-4E03-4D0E-BB2A-98210E777701} : DhcpNameServer = 192.168.1.1 Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\john en sabine\application data\mozilla\firefox\profiles\xq1nzwf0.default\ FF - prefs.js: network.proxy.type - 5 FF - plugin: c:\documents and settings\john en sabine\local settings\application data\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll . ============= SERVICES / DRIVERS =============== . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2012-4-3 44240] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2012-4-3 80000] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-12-21 115008] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\veiligheidspakket\hips\drivers\fshs.sys [2012-4-3 68064] R2 ETService;Empowering Technology Service;c:\program files\emachines\emachines recovery management\service\ETService.exe [2010-11-4 24576] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\veiligheidspakket\anti-virus\fsgk32st.exe [2012-4-3 215648] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-11-6 54760] R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\ralink\common\RaRegistry.exe [2010-11-5 185632] R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [2010-11-5 19072] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\veiligheidspakket\anti-virus\minifilter\fsgk.sys [2012-4-3 149672] S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-10 136176] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-3-3 1684736] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\veiligheidspakket\orsp client\fsorsp.exe [2012-4-3 61088] S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-10 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 114144] S3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\drivers\pfc027.sys --> c:\windows\system32\drivers\pfc027.sys [?] S3 x8qw.sys;x8qw.sys;\??\c:\windows\system32\drivers\x8qw.sys --> c:\windows\system32\drivers\x8qw.sys [?] S3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] S3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\veiligheidspakket\anti-virus\win2k\fsfilter.sys [2012-4-3 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\veiligheidspakket\anti-virus\win2k\fsrec.sys [2012-4-3 25184] S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2012-09-07 15:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:17:28 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:17:20 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:17:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:32 385024 ----a-w- c:\windows\system32\html.iec 2012-08-16 07:42:51 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-07-06 13:58:53 78336 ----a-w- c:\windows\system32\browser.dll . ============= FINISH: 21:42:38,87 ===============

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.