Vraag & Antwoord

Beveiliging & privacy

Win32.Outbreak

22 antwoorden
  • Graag advies, via mail zip bestand gekregen en geopend! Hierna werd pc geblokkeerd. Met herstelschijf W7 pc weer aan de praat gekregen. Nu zijn al mijn doc, exel, jpeg, internet favorieten gewijzigd in een onleesbaar bestandsnaam (bijv: AodtyxUsnTJrsvEapj) zonder extension. Inmiddels de Win32.break.out verwijderd van pc. Hierbij log van Emsisoft emergency kit: Bestandseigenschappen:Bestandsnaam:a2emergencykit.exe Bestandspad:C:\Users\Marcel\AppData\Local\Temp\Rar$EX28.608\Run\ Beschrijving:Emsisoft Emergency Kit Bedrijf:Emsisoft GmbH Versie:2.0.0.8 Copyright:(C) 2003-2012 Emsisoft GmbH Grootte:4089256 bytes Gemaakt:6/18/2012 7:28:00 PM Gewijzigd:6/18/2012 7:30:02 PM Attributen:A Procesdetails: Start als service:Nee Gestart door autostart:Nee Open TCP poorten:- Open UDP poorten:- Digitale handtekening: Serienummer:0D264BA95F92C7A55D53EC2B551DE980 Email:info niet beschikbaar Naam (eenvoudig):Emsisoft GmbH Naam (vriendelijk):Emsisoft GmbH Uitgever:DigiCert High Assurance Code Signing CA-1 Geldig vanaf:4/12/2012 2:00:00 AM Geldig tot:6/16/2015 2:00:00 PM Hashes: MD5ECA3697BA291AAE8F03F60BEDFE556D4 SHA150A8C1C0C81BBF551378737502CD7C461C700E7D SHA256A548AB38678524E860675E5BB99546719205FD821CAC2B0B7EE1763E28857DD1 Geladen modules: C:\Users\Marcel\APPDATA\LOCAL\TEMP\RAR$EX28.608\RUN\A2EMERGENCYKIT.EXE C:\Windows\SysWOW64\ntdll.dll C:\Windows\syswow64\kernel32.dll C:\Windows\syswow64\KERNELBASE.dll C:\Windows\syswow64\oleaut32.dll C:\Windows\syswow64\ole32.dll C:\Windows\syswow64\msvcrt.dll C:\Windows\syswow64\GDI32.dll C:\Windows\syswow64\USER32.dll C:\Windows\syswow64\ADVAPI32.dll C:\Windows\SysWOW64\sechost.dll C:\Windows\syswow64\RPCRT4.dll C:\Windows\syswow64\SspiCli.dll C:\Windows\syswow64\CRYPTBASE.dll C:\Windows\syswow64\LPK.dll C:\Windows\syswow64\USP10.dll C:\Windows\system32\msimg32.dll C:\Windows\system32\version.dll C:\Windows\syswow64\shell32.dll C:\Windows\syswow64\SHLWAPI.dll C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll C:\Windows\syswow64\comdlg32.dll C:\Windows\system32\winspool.drv C:\Windows\system32\IMM32.DLL C:\Windows\syswow64\MSCTF.dll C:\Windows\system32\wsock32.dll C:\Windows\syswow64\WS2_32.dll C:\Windows\syswow64\NSI.dll C:\Windows\system32\mswsock.dll C:\Windows\system32\uxtheme.dll c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll C:\Windows\system32\dwmapi.dll C:\Windows\syswow64\PSAPI.dll C:\Users\Marcel\APPDATA\LOCAL\TEMP\RAR$EX28.608\RUN\a2framework.dll C:\Windows\system32\sfc.dll C:\Windows\system32\sfc_os.DLL C:\Windows\system32\iphlpapi.dll C:\Windows\system32\WINNSI.DLL C:\Windows\system32\wtsapi32.dll C:\USERS\MARCEL\APPDATA\LOCAL\TEMP\RAR$EX28.608\RUN\a2update.dll C:\Windows\system32\RICHED20.DLL C:\Windows\syswow64\CLBCatQ.DLL C:\Windows\system32\explorerframe.dll C:\Windows\system32\DUser.dll C:\Windows\system32\DUI70.dll C:\USERS\MARCEL\APPDATA\LOCAL\TEMP\RAR$EX28.608\RUN\a2engine.dll C:\Windows\syswow64\WINTRUST.dll C:\Windows\syswow64\CRYPT32.dll C:\Windows\syswow64\MSASN1.dll C:\Windows\system32\NETAPI32.dll C:\Windows\system32\netutils.dll C:\Windows\system32\srvcli.dll C:\Windows\system32\wkscli.dll C:\Windows\system32\SAMCLI.DLL C:\Users\Marcel\APPDATA\LOCAL\TEMP\RAR$EX28.608\RUN\T3.dll C:\USERS\MARCEL\APPDATA\LOCAL\TEMP\RAR$EX28.608\RUN\quarantine.dll C:\Windows\system32\SAMLIB.dll C:\Windows\system32\CRYPTSP.dll C:\Windows\system32\rsaenh.dll C:\Windows\system32\bcrypt.dll C:\Windows\SysWOW64\bcryptprimitives.dll C:\Windows\syswow64\imagehlp.dll C:\Windows\system32\ncrypt.dll C:\Windows\system32\USERENV.dll C:\Windows\system32\profapi.dll C:\Windows\system32\GPAPI.dll C:\Windows\system32\cryptnet.dll C:\Windows\syswow64\WLDAP32.dll C:\Windows\system32\SensApi.dll C:\Windows\system32\WINHTTP.dll C:\Windows\system32\webio.dll C:\Windows\system32\credssp.dll C:\Windows\System32\wshtcpip.dll C:\Windows\System32\wship6.dll C:\Windows\system32\dhcpcsvc.DLL C:\Windows\system32\dhcpcsvc6.DLL C:\Windows\syswow64\CFGMGR32.dll C:\Windows\system32\DNSAPI.dll C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL C:\Windows\system32\rasadhlp.dll C:\Windows\System32\fwpuclnt.dll C:\Windows\system32\apphelp.dll C:\Windows\SysWow64\EZUPBH~1.DLL C:\Windows\system32\PROPSYS.dll C:\Windows\system32\ntmarta.dll C:\Windows\syswow64\SETUPAPI.dll C:\Windows\syswow64\DEVOBJ.dll C:\Windows\System32\shdocvw.dll C:\Windows\system32\RpcRtRemote.dll C:\Windows\system32\SXS.DLL C:\Windows\SysWOW64\actxprxy.dll Log TDSSStarter: 19:58:14.0666 1300 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 19:58:14.0682 1300 ============================================================ 19:58:14.0682 1300 Current date / time: 2012/06/25 19:58:14.0682 19:58:14.0682 1300 SystemInfo: 19:58:14.0682 1300 19:58:14.0682 1300 OS Version: 6.1.7601 ServicePack: 1.0 19:58:14.0682 1300 Product type: Workstation 19:58:14.0682 1300 ComputerName: MARCEL-HP 19:58:14.0682 1300 UserName: Marcel 19:58:14.0682 1300 Windows directory: C:\Windows 19:58:14.0682 1300 System windows directory: C:\Windows 19:58:14.0682 1300 Running under WOW64 19:58:14.0682 1300 Processor architecture: Intel x64 19:58:14.0682 1300 Number of processors: 4 19:58:14.0682 1300 Page size: 0x1000 19:58:14.0682 1300 Boot type: Normal boot 19:58:14.0682 1300 ============================================================ 19:58:15.0384 1300 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:58:15.0400 1300 Drive \Device\Harddisk5\DR5 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 19:58:15.0400 1300 ============================================================ 19:58:15.0400 1300 \Device\Harddisk0\DR0: 19:58:15.0400 1300 MBR partitions: 19:58:15.0400 1300 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:58:15.0400 1300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2AEE0800 19:58:15.0415 1300 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2AF13800, BlocksNum 0x186A0000 19:58:15.0415 1300 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x435B4000, BlocksNum 0x1260D000 19:58:15.0415 1300 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x55BC1000, BlocksNum 0x1984800 19:58:15.0415 1300 \Device\Harddisk5\DR5: 19:58:15.0415 1300 MBR partitions: 19:58:15.0415 1300 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927 19:58:15.0415 1300 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x61A7966 19:58:15.0415 1300 \Device\Harddisk5\DR5\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x66C97F5 19:58:15.0415 1300 ============================================================ 19:58:15.0462 1300 C: <-> \Device\Harddisk0\DR0\Partition1 19:58:15.0509 1300 D: <-> \Device\Harddisk0\DR0\Partition4 19:58:15.0618 1300 J: <-> \Device\Harddisk0\DR0\Partition2 19:58:15.0696 1300 K: <-> \Device\Harddisk0\DR0\Partition3 19:58:16.0070 1300 N: <-> \Device\Harddisk5\DR5\Partition0 19:58:16.0117 1300 O: <-> \Device\Harddisk5\DR5\Partition1 19:58:16.0164 1300 S: <-> \Device\Harddisk5\DR5\Partition2 19:58:16.0164 1300 ============================================================ 19:58:16.0164 1300 Initialize success 19:58:16.0164 1300 ============================================================ 19:58:16.0258 3044 ============================================================ 19:58:16.0258 3044 Scan started 19:58:16.0258 3044 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent; 19:58:16.0258 3044 ============================================================ 19:58:18.0254 3044 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 19:58:18.0644 3044 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) N:\Software (I)\Emsisoft Emergency Rescue Kit 2.0\Run\a2ddax64.sys 19:58:18.0863 3044 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe 19:58:18.0925 3044 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 19:58:18.0956 3044 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 19:58:19.0190 3044 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:58:20.0735 3044 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:58:20.0797 3044 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 19:58:20.0875 3044 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 19:58:20.0906 3044 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 19:58:20.0938 3044 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:58:21.0140 3044 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe 19:58:21.0281 3044 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 19:58:21.0359 3044 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 19:58:21.0406 3044 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:58:21.0484 3044 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 19:58:21.0515 3044 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 19:58:21.0546 3044 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 19:58:21.0577 3044 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 19:58:21.0640 3044 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 19:58:21.0718 3044 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 19:58:21.0733 3044 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 19:58:21.0796 3044 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 19:58:21.0983 3044 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:58:22.0061 3044 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 19:58:22.0108 3044 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 19:58:22.0123 3044 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 19:58:22.0201 3044 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 19:58:22.0248 3044 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:58:22.0326 3044 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 19:58:22.0404 3044 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:58:22.0482 3044 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:58:22.0638 3044 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 19:58:22.0747 3044 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 19:58:22.0841 3044 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:58:22.0966 3044 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 19:58:23.0075 3044 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:58:23.0122 3044 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:58:23.0215 3044 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 19:58:23.0465 3044 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 19:58:23.0605 3044 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 19:58:23.0668 3044 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 19:58:23.0714 3044 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 19:58:23.0777 3044 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 19:58:23.0855 3044 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 19:58:23.0964 3044 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:58:24.0026 3044 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:58:24.0089 3044 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:58:24.0136 3044 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:58:24.0182 3044 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 19:58:24.0229 3044 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:58:24.0292 3044 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:58:24.0354 3044 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 19:58:24.0448 3044 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:58:24.0541 3044 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys 19:58:24.0604 3044 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 19:58:24.0635 3044 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:58:24.0697 3044 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:58:24.0744 3044 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:58:24.0806 3044 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:58:24.0838 3044 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:58:24.0869 3044 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 19:58:24.0962 3044 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 19:58:25.0009 3044 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 19:58:25.0072 3044 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 19:58:25.0118 3044 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 19:58:25.0196 3044 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 19:58:25.0243 3044 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 19:58:25.0321 3044 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:58:25.0415 3044 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:58:25.0477 3044 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 19:58:25.0524 3044 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 19:58:25.0586 3044 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:58:25.0649 3044 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 19:58:25.0696 3044 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 19:58:25.0758 3044 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 19:58:25.0805 3044 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 19:58:25.0883 3044 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:58:25.0976 3044 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 19:58:26.0039 3044 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:58:26.0756 3044 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 19:58:26.0912 3044 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 19:58:27.0037 3044 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 19:58:27.0115 3044 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:58:27.0209 3044 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 19:58:27.0256 3044 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 19:58:27.0334 3044 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:58:27.0443 3044 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:58:27.0505 3044 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:58:27.0583 3044 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 19:58:27.0677 3044 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 19:58:27.0739 3044 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:58:27.0833 3044 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:58:27.0911 3044 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:58:27.0926 3044 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:58:27.0973 3044 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 19:58:28.0004 3044 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 19:58:28.0082 3044 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 19:58:28.0192 3044 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:58:28.0301 3044 FPLService (71cdc1d7f58d5ec49ebc2e2332ad3fae) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe 19:58:28.0769 3044 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:58:28.0831 3044 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 19:58:28.0862 3044 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:58:28.0956 3044 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 19:58:29.0003 3044 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 19:58:29.0050 3044 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 19:58:29.0159 3044 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:58:29.0159 3044 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:58:29.0206 3044 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 19:58:29.0221 3044 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:58:29.0299 3044 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 19:58:29.0408 3044 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 19:58:29.0455 3044 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 19:58:29.0502 3044 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 19:58:29.0549 3044 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 19:58:29.0580 3044 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 19:58:29.0658 3044 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 19:58:29.0720 3044 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 19:58:29.0783 3044 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 19:58:29.0830 3044 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 19:58:29.0892 3044 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 19:58:29.0986 3044 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 19:58:30.0064 3044 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 19:58:30.0110 3044 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 19:58:30.0157 3044 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 19:58:30.0204 3044 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys 19:58:30.0235 3044 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 19:58:30.0407 3044 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:58:31.0187 3044 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 19:58:31.0436 3044 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 19:58:31.0499 3044 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 19:58:31.0624 3044 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 19:58:31.0655 3044 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 19:58:31.0733 3044 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:58:31.0795 3044 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:58:31.0858 3044 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 19:58:31.0920 3044 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 19:58:31.0967 3044 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:58:32.0014 3044 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:58:32.0029 3044 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 19:58:32.0060 3044 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 19:58:32.0279 3044 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 19:58:32.0326 3044 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 19:58:32.0372 3044 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 19:58:32.0482 3044 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:58:32.0513 3044 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 19:58:32.0544 3044 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 19:58:32.0560 3044 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:58:32.0638 3044 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:58:32.0747 3044 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 19:58:32.0825 3044 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 19:58:32.0903 3044 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:58:32.0996 3044 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:58:33.0028 3044 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:58:33.0137 3044 LMS (d75c4b4a8fe6d7fd74a7eecdbaec729f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 19:58:33.0184 3044 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 19:58:33.0215 3044 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 19:58:33.0230 3044 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 19:58:33.0262 3044 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 19:58:33.0293 3044 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:58:33.0355 3044 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 19:58:33.0402 3044 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:58:33.0527 3044 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 19:58:33.0620 3044 McAWFwk (b6bd99c3e23507a732c474caa620c0d7) c:\PROGRA~1\mcafee\msc\mcawfwk.exe 19:58:33.0683 3044 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 19:58:33.0698 3044 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 19:58:33.0698 3044 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 19:58:33.0714 3044 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 19:58:33.0776 3044 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe 19:58:33.0808 3044 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 19:58:33.0823 3044 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 19:58:33.0870 3044 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 19:58:33.0964 3044 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 19:58:34.0042 3044 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 19:58:34.0088 3044 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 19:58:34.0151 3044 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys 19:58:34.0229 3044 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys 19:58:34.0307 3044 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys 19:58:34.0385 3044 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 19:58:34.0432 3044 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys 19:58:34.0510 3044 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys 19:58:34.0556 3044 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys 19:58:34.0619 3044 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys 19:58:34.0681 3044 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe 19:58:34.0697 3044 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys 19:58:34.0884 3044 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 19:58:35.0009 3044 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:58:35.0102 3044 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:58:35.0180 3044 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:58:35.0227 3044 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 19:58:35.0274 3044 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:58:35.0321 3044 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 19:58:35.0352 3044 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 19:58:35.0414 3044 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:58:35.0492 3044 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 19:58:35.0555 3044 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 19:58:35.0617 3044 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:58:35.0680 3044 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:58:35.0726 3044 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:58:35.0758 3044 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 19:58:35.0851 3044 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 19:58:36.0007 3044 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:58:36.0085 3044 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:58:36.0163 3044 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:58:36.0195 3044 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 19:58:36.0226 3044 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:58:36.0273 3044 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:58:36.0335 3044 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:58:36.0382 3044 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:58:36.0444 3044 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 19:58:36.0460 3044 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 19:58:36.0475 3044 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:58:36.0553 3044 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 19:58:36.0600 3044 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:58:36.0647 3044 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 19:58:36.0725 3044 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:58:36.0803 3044 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 19:58:36.0850 3044 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:58:36.0897 3044 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:58:36.0959 3044 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 19:58:37.0006 3044 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 19:58:37.0068 3044 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 19:58:37.0099 3044 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:58:37.0162 3044 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 19:58:37.0209 3044 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:58:37.0240 3044 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:58:37.0333 3044 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:58:37.0349 3044 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:58:37.0396 3044 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:58:37.0505 3044 netr28x (8b5d2d7cb0ef5b1967860b8ab742a46c) C:\Windows\system32\DRIVERS\netr28x.sys 19:58:37.0645 3044 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:58:37.0645 3044 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:58:37.0708 3044 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 19:58:37.0755 3044 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 19:58:38.0457 3044 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 19:58:38.0722 3044 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:58:38.0769 3044 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:58:38.0815 3044 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:58:39.0112 3044 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 19:58:39.0205 3044 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:58:39.0252 3044 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys 19:58:41.0155 3044 nvlddmkm (67d098d7de8b881a4190edb392df9bb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:58:41.0655 3044 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 19:58:41.0764 3044 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 19:58:41.0857 3044 NVSvc (c5eacd90d63253c8dc11718ef0d63ca9) C:\Windows\system32\nvvsvc.exe 19:58:41.0967 3044 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 19:58:42.0123 3044 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:58:42.0247 3044 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 19:58:42.0294 3044 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:58:42.0388 3044 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:58:42.0466 3044 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:58:42.0513 3044 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 19:58:42.0544 3044 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 19:58:42.0559 3044 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:58:42.0606 3044 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 19:58:42.0669 3044 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 19:58:42.0715 3044 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 19:58:42.0793 3044 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:58:42.0871 3044 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:58:42.0981 3044 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:58:43.0074 3044 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 19:58:43.0199 3044 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 19:58:43.0308 3044 pmxdrv (0bee791c7c7ace453c134e73633c497d) C:\Windows\system32\drivers\pmxdrv.sys 19:58:43.0386 3044 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:58:43.0417 3044 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:58:43.0464 3044 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 19:58:43.0527 3044 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:58:43.0589 3044 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 19:58:43.0667 3044 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 19:58:43.0714 3044 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 19:58:43.0776 3044 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:58:43.0807 3044 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 19:58:43.0932 3044 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 19:58:44.0291 3044 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 19:58:44.0353 3044 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:58:44.0416 3044 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:58:44.0463 3044 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:58:44.0541 3044 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:58:44.0572 3044 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:58:44.0634 3044 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:58:44.0728 3044 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 19:58:44.0775 3044 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:58:44.0915 3044 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:58:45.0071 3044 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 19:58:45.0118 3044 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 19:58:45.0165 3044 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:58:45.0180 3044 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:58:45.0258 3044 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:58:45.0492 3044 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 19:58:45.0695 3044 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 19:58:45.0789 3044 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:58:45.0913 3044 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:58:46.0023 3044 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:58:46.0101 3044 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:58:46.0319 3044 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:58:46.0397 3044 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:58:46.0927 3044 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys 19:58:47.0052 3044 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:58:47.0177 3044 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 19:58:47.0473 3044 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:58:47.0598 3044 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 19:58:47.0707 3044 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 19:58:47.0785 3044 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:58:47.0941 3044 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 19:58:48.0035 3044 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 19:58:48.0097 3044 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:58:48.0175 3044 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 19:58:48.0222 3044 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 19:58:48.0300 3044 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:58:48.0347 3044 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 19:58:48.0409 3044 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 19:58:48.0456 3044 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 19:58:48.0519 3044 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 19:58:48.0581 3044 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 19:58:48.0643 3044 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 19:58:48.0706 3044 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 19:58:48.0784 3044 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 19:58:48.0831 3044 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:58:48.0877 3044 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 19:58:48.0940 3044 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 19:58:48.0971 3044 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 19:58:49.0002 3044 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:58:49.0065 3044 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:58:49.0127 3044 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:58:49.0158 3044 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 19:58:49.0470 3044 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 19:58:49.0751 3044 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:58:49.0876 3044 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 19:58:49.0938 3044 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 19:58:49.0985 3044 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 19:58:50.0032 3044 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:58:50.0094 3044 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:58:50.0188 3044 STacSV (4c351f1a847ebbd3af39a229a699dc29) C:\Program Files\IDT\WDM\STacSV64.exe 19:58:50.0297 3044 Stereo Service (230f0d65431489b01dfa85749debf625) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:58:50.0328 3044 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 19:58:50.0359 3044 STHDA (dcc8845692dea3477bcf6ce9d06c711f) C:\Windows\system32\DRIVERS\stwrt64.sys 19:58:50.0437 3044 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 19:58:50.0484 3044 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 19:58:50.0578 3044 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 19:58:50.0671 3044 SwitchBoard ( UnsignedFile.Multi.Generic ) - [b:98255d0f89][color=red:98255d0f89]warning[/color:98255d0f89][/b:98255d0f89] 19:58:50.0671 3044 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 19:58:50.0703 3044 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:58:50.0890 3044 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 19:58:51.0124 3044 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 19:58:51.0186 3044 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 19:58:51.0280 3044 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:58:53.0542 3044 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 19:58:54.0571 3044 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 19:58:55.0726 3044 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 19:58:55.0929 3044 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:58:55.0991 3044 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 19:58:56.0022 3044 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 19:58:56.0147 3044 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 19:58:56.0241 3044 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 19:58:56.0319 3044 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:58:56.0350 3044 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:58:56.0412 3044 tihub3 (ff879027c552a37897d107be6cedf6df) C:\Windows\system32\drivers\tihub3.sys 19:58:56.0475 3044 tixhci (133c3b4a3e44616f8f571a0ebbef9b74) C:\Windows\system32\drivers\tixhci.sys 19:58:56.0584 3044 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe 19:58:56.0615 3044 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:58:56.0709 3044 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 19:58:56.0787 3044 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:58:56.0849 3044 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 19:58:56.0943 3044 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 19:58:57.0021 3044 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 19:58:57.0083 3044 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 19:58:57.0099 3044 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 19:58:57.0177 3044 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:58:57.0208 3044 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 19:58:57.0239 3044 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 19:58:57.0333 3044 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 19:58:57.0473 3044 UNS (758c2ce427c343f780a205e28555c98d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 19:58:58.0768 3044 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:58:58.0924 3044 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 19:58:59.0002 3044 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 19:58:59.0033 3044 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 19:58:59.0127 3044 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys 19:58:59.0189 3044 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 19:58:59.0267 3044 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:58:59.0298 3044 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:58:59.0407 3044 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 19:58:59.0532 3044 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:58:59.0641 3044 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:58:59.0673 3044 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 19:58:59.0704 3044 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 19:58:59.0766 3044 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:58:59.0797 3044 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:59:00.0016 3044 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 19:59:00.0125 3044 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 19:59:00.0141 3044 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 19:59:00.0203 3044 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 19:59:00.0234 3044 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys 19:59:00.0312 3044 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 19:59:00.0390 3044 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 19:59:01.0092 3044 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 19:59:01.0139 3044 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 19:59:01.0233 3044 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 19:59:01.0295 3044 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:59:01.0389 3044 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 19:59:01.0451 3044 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:59:01.0513 3044 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:59:01.0591 3044 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 19:59:01.0747 3044 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 19:59:01.0888 3044 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:59:01.0935 3044 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 19:59:01.0981 3044 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:59:02.0013 3044 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 19:59:02.0059 3044 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:59:02.0122 3044 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:59:02.0200 3044 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:59:02.0247 3044 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 19:59:02.0278 3044 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:59:02.0340 3044 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:59:02.0387 3044 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:59:02.0449 3044 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:59:02.0481 3044 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:59:02.0559 3044 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:59:02.0668 3044 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 19:59:03.0183 3044 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:59:03.0323 3044 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:59:04.0524 3044 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:59:04.0774 3044 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 19:59:04.0836 3044 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:59:04.0930 3044 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:59:04.0992 3044 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 19:59:05.0039 3044 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:59:05.0086 3044 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 19:59:05.0179 3044 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 19:59:05.0304 3044 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 19:59:05.0429 3044 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:59:05.0491 3044 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 19:59:05.0538 3044 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:59:05.0585 3044 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 19:59:05.0772 3044 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk5\DR5 19:59:06.0209 3044 Boot (0x1200) (3e3ec37ed5e50c3c904b99545c29f2a2) \Device\Harddisk0\DR0\Partition0 19:59:06.0209 3044 Boot (0x1200) (ee93c122ca17d3a48bbc95bf974a437d) \Device\Harddisk0\DR0\Partition1 19:59:06.0225 3044 Boot (0x1200) (37162cfe8320b713d9c13b09b34766cf) \Device\Harddisk0\DR0\Partition2 19:59:06.0240 3044 Boot (0x1200) (e75ffe29f59f2f7a51d90f826ef34bfb) \Device\Harddisk0\DR0\Partition3 19:59:06.0256 3044 Boot (0x1200) (ce36a8f9e1878b9d7cf5c6c4e0659634) \Device\Harddisk0\DR0\Partition4 19:59:06.0271 3044 Boot (0x1200) (edc326038a51168e858461f88b998b59) \Device\Harddisk5\DR5\Partition0 19:59:06.0271 3044 Boot (0x1200) (e09e467748c05793afed98a0a37da02d) \Device\Harddisk5\DR5\Partition1 19:59:06.0271 3044 Boot (0x1200) (d490725ffac699815777ee6df27e5c9f) \Device\Harddisk5\DR5\Partition2 19:59:06.0271 3044 ============================================================ 19:59:06.0271 3044 Scan finished 19:59:06.0271 3044 ============================================================ 19:59:06.0817 3312 Deinitialize success . ============================================== System Restore Point Check: . TDSSKiller Starter Restore Point Created Succesfully ============================================== Registry Export . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] ============================================== EOF en Log Combofix: ComboFix 12-06-25.03 - Marcel 25-06-2012 20:35:50.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6124.4360 [GMT 2:00] Gestart vanuit: c:\users\Marcel\Desktop\ComboFix.exe AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\IsUn0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-25 to 2012-06-25 )))))))))))))))))))))))))))))) . . 2012-06-25 17:57 . 2012-06-25 17:59 -------- d-----w- C:\TDSSStarter 2012-06-21 19:23 . 2012-06-21 19:23 -------- d-----w- c:\program files\Common Files\EPSON 2012-06-21 19:15 . 2010-09-13 13:01 538112 ----a-w- c:\windows\system32\ensppui.dll 2012-06-21 19:15 . 2010-09-13 13:01 538112 ----a-w- c:\windows\system32\enppui.dll 2012-06-21 19:15 . 2010-09-13 13:00 558592 ----a-w- c:\windows\system32\ensppmon.dll 2012-06-21 19:15 . 2010-09-13 13:00 558592 ----a-w- c:\windows\system32\enppmon.dll 2012-06-21 19:15 . 2008-06-18 09:49 250880 ----a-w- c:\windows\system32\enspres.dll 2012-06-21 19:15 . 2008-06-18 09:49 250880 ----a-w- c:\windows\system32\enpres.dll 2012-06-21 19:14 . 2007-04-10 01:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL 2012-06-21 19:14 . 2010-09-29 03:01 118784 ----a-w- c:\windows\system32\E_YLMHTE.DLL 2012-06-21 19:14 . 2010-08-10 03:02 83456 ----a-w- c:\windows\system32\E_YD4BHTE.DLL 2012-06-21 19:14 . 2009-12-08 22:00 464384 ----a-w- c:\windows\system32\esxw2ud.dll 2012-06-21 19:14 . 2009-10-15 22:00 13824 ----a-w- c:\windows\system32\esxcdev.dll 2012-06-21 19:14 . 2009-10-15 22:00 132560 ----a-w- c:\windows\system32\esdevapp.exe 2012-06-21 06:39 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 06:39 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 06:39 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 06:39 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 06:39 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 06:39 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 06:39 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 06:39 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 06:39 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 07:51 . 2002-02-18 16:40 6200 ----a-w- c:\windows\SysWow64\INT13EXT.VXD 2012-06-20 07:49 . 2012-06-20 07:49 -------- d-----w- c:\program files (x86)\Common Files\InstallShield 2012-06-20 06:55 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-20 06:55 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-20 06:55 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-20 06:55 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-20 06:55 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-20 06:55 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-20 06:55 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-18 17:22 . 2012-06-18 17:22 -------- d-----w- c:\program files (x86)\WiseConvert 2012-06-18 15:17 . 2012-06-18 15:20 -------- d-----w- c:\users\Marcel\AppData\Local\NPE 2012-06-17 10:10 . 2012-06-17 10:11 -------- d-----w- c:\programdata\Fighters 2012-06-17 09:16 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-06-17 09:16 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-17 09:14 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-17 09:12 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-17 09:12 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-17 09:12 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-17 09:12 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-17 09:12 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-17 09:12 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-17 09:12 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-06-15 17:30 . 2012-06-25 17:32 -------- d-----w- c:\users\Marcel\AppData\Roaming\Epson 2012-06-15 17:08 . 2012-06-15 17:08 -------- d-----w- c:\users\Marcel\AppData\Local\ABBYY 2012-06-15 17:07 . 2012-06-21 19:21 -------- d-----w- c:\program files (x86)\ABBYY FineReader 9.0 Sprint 2012-06-15 17:07 . 2012-06-15 17:07 -------- d-----w- c:\programdata\ABBYY 2012-06-15 17:07 . 2012-06-15 17:07 -------- d-----w- c:\program files (x86)\Common Files\ABBYY 2012-06-15 17:06 . 2012-06-21 19:19 -------- d-----w- c:\programdata\UDL 2012-06-15 17:03 . 2012-06-15 17:03 -------- d-----w- c:\program files\EpsonNet 2012-06-15 17:03 . 2012-06-15 17:03 -------- d-----w- c:\users\Marcel\AppData\Roaming\InstallShield 2012-06-15 17:03 . 2012-06-15 17:28 -------- d-----w- c:\program files (x86)\EPSON Software 2012-06-15 17:02 . 2012-06-15 17:14 -------- d-----w- c:\programdata\EPSON 2012-06-15 17:02 . 2012-06-15 17:04 -------- d-----w- c:\program files (x86)\epson . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-21 16:34 . 2012-04-24 18:14 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-21 16:34 . 2011-11-25 08:23 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 13:06 . 2012-05-05 13:06 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-03-30 11:35 . 2012-05-09 17:57 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\So
  • Of we dat ooit nog goed krijgen bij jou, betwijfel ik. En natuurlijk heb je helemaal geen back-up van al je documenten, neem ik aan? En waar heb jij dan ComboFix vandaan gehaald?
  • Helaas geen back up van al mijn documenten, weet nu wel beter! ComboFix via een link van een eerdere forum bericht gedownload. Combofix heeft c:\windows\IsUn0413.exe verwijderd. Hierdoor had ik geen explorer en alle microsoft office programma's meer. Om toch weer gebruik te kunnen maken van deze programma's heb ik het eerdere herstelpunt (voor combofix) weer in ere hersteld. Heb je nog suggesties?
  • Ik heb geen houvast op dit moment, ook omdat wat jij in je eerste bericht als virusnaam hebt gebruikt, niet te vinden is via Google. En het Emisoftlog komt mij ook vrij vreemd over. Laten we wat proberen: [b:002deb9f8a]Welk programma[/b:002deb9f8a]: [color=#008000:002deb9f8a][b:002deb9f8a]Malwarebytes MBAM[/b:002deb9f8a][/color:002deb9f8a] [b:002deb9f8a]Waarvoor/waarom[/b:002deb9f8a]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:002deb9f8a]Moeilijkheidsgraad[/b:002deb9f8a]: geen. [b:002deb9f8a]Download Malwarebytes MBAM via één van deze locaties[/b:002deb9f8a]: [list:002deb9f8a][*:002deb9f8a][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:002deb9f8a]Softpedia.com[/b:002deb9f8a][/url][*:002deb9f8a][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:002deb9f8a]Majorgeeks.com[/b:002deb9f8a][/url][/list:u:002deb9f8a] [b:002deb9f8a]Allereerst[/b:002deb9f8a]:[list:002deb9f8a][*:002deb9f8a] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:002deb9f8a] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:002deb9f8a] [b:002deb9f8a]Malwarebytes MBAM opstarten[/b:002deb9f8a]: [list:002deb9f8a][*:002deb9f8a] [b:002deb9f8a][color=#0000FF:002deb9f8a]Sluit nu eerst alle nog openstaande programmavensters![/color:002deb9f8a][/b:002deb9f8a] [list:002deb9f8a][*:002deb9f8a][b:002deb9f8a][color=#0000FF:002deb9f8a]Windows 2000[/color:002deb9f8a][/b:002deb9f8a] en [color=#0000FF:002deb9f8a][b:002deb9f8a]Windows XP[/b:002deb9f8a][/color:002deb9f8a]: start MBAM middels dubbelklik op de snelkoppeling. [*:002deb9f8a][color=#0000FF:002deb9f8a][b:002deb9f8a]Windows Vista[/b:002deb9f8a][/color:002deb9f8a] en [color=#0000FF:002deb9f8a][b:002deb9f8a]Windows 7[/b:002deb9f8a][/color:002deb9f8a]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:002deb9f8a][/list:u:002deb9f8a] [list:002deb9f8a][*:002deb9f8a][b:002deb9f8a]Let op:[/b:002deb9f8a] [list:002deb9f8a][*:002deb9f8a]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:002deb9f8a]Bij de eerstse start kijg je de mogelijkheid de volledige versie tijdelijk te gebruiken of de gratis versie. [*:002deb9f8a]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:002deb9f8a]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:002deb9f8a] [img:002deb9f8a]http://img30.imageshack.us/img30/3928/mbam2.png[/img:002deb9f8a] [*:002deb9f8a][b:002deb9f8a]Doe ook nog het volgende:[/b:002deb9f8a] [list:002deb9f8a][*:002deb9f8a]Zodra het programma gestart is, ga dan naar het tabblad "[b:002deb9f8a]Instellingen[/b:002deb9f8a]". [*:002deb9f8a]Vink hier aan: "[b:002deb9f8a]Sluit Internet Explorer tijdens verwijdering van malware[/b:002deb9f8a]".[/list:u:002deb9f8a][/list:u:002deb9f8a] [b:002deb9f8a]Scannen[/b:002deb9f8a]: [list:002deb9f8a][*:002deb9f8a] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:002deb9f8a]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:002deb9f8a]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:002deb9f8a] [b:002deb9f8a]Infecties gevonden[/b:002deb9f8a]: [list:002deb9f8a][*:002deb9f8a]Klik nu eerst op OK om de melding weg te klikken [*:002deb9f8a]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:002deb9f8a]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:002deb9f8a]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:002deb9f8a]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:002deb9f8a]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:002deb9f8a] [b:002deb9f8a]MBAM-Log[/b:002deb9f8a]: [list:002deb9f8a][*:002deb9f8a] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken.[/list:u:002deb9f8a] [color=#008000:002deb9f8a][b:002deb9f8a]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:002deb9f8a][/color:002deb9f8a]
  • Malwarebytes staat naast McAfee anti virus plus ook op mijn pc. Deze heeft vanaf het begin niets aangetroffen, zie ook log: Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.06.26.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Marcel :: MARCEL-HP [administrator] Realtime bescherming: Ingeschakeld 26-6-2012 20:20:10 mbam-log-2012-06-26 (20-20-10).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 220336 Verstreken tijd: 6 minuut/minuten, 21 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Tevens heb ik regclean pro op mijn pc. Ook deze heeft niets opmerkelijks gevonden.
  • [b:55230fffa9][url=http://www.eset.com/home/products/online-scanner/]Doe de ESET online scan (Klik).[/url][/b:55230fffa9] [list:55230fffa9] [*:55230fffa9]Klik op de knop [b:55230fffa9]ESET Online Scanner[/b:55230fffa9] [*:55230fffa9]Zet een vinkje bij [b:55230fffa9]YES, I accept the Terms of Use[/b:55230fffa9] [*:55230fffa9]Klik op [b:55230fffa9]Start[/b:55230fffa9] [*:55230fffa9]Sta het ActiveX control toe om te installeren. [*:55230fffa9]Zet een vinkje bij de volgende opties: [list:55230fffa9][*:55230fffa9][b:55230fffa9]Remove found threats[/b:55230fffa9] [*:55230fffa9][b:55230fffa9]Scan archives[/b:55230fffa9][/list:u:55230fffa9] [*:55230fffa9]Klik vervolgens op [b:55230fffa9][color=#0000FF:55230fffa9]"Advanced Settings"[/color:55230fffa9][/b:55230fffa9] [list:55230fffa9][*:55230fffa9][b:55230fffa9]Scan for potentially unwanted applications[/b:55230fffa9] [*:55230fffa9][b:55230fffa9]Scan for potentially unsafe applications[/b:55230fffa9] [*:55230fffa9][b:55230fffa9]Enable Anti-Stealth technology [/b:55230fffa9][/list:u:55230fffa9] [*:55230fffa9]Klik op [b:55230fffa9]Start[/b:55230fffa9] [*:55230fffa9]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:55230fffa9]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is. [*:55230fffa9]Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner en klik daar op log.txt [*:55230fffa9]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:55230fffa9] [color=#0000FF:55230fffa9][b:55230fffa9]N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller![/b:55230fffa9][/color:55230fffa9]
  • Virusnaam heb ik in mijn eerste bericht verkeerd geschreven, moet zijn win32.Outbreak zoals in de titel. ESET Online scanner log: ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  • Doe het volgende: [b:276c7f9aad]Welk programma[/b:276c7f9aad]: [color=#008000:276c7f9aad][b:276c7f9aad]Malwarebytes MBAM[/b:276c7f9aad][/color:276c7f9aad] [b:276c7f9aad]Waarvoor/waarom[/b:276c7f9aad]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:276c7f9aad]Moeilijkheidsgraad[/b:276c7f9aad]: geen. [b:276c7f9aad]Download Malwarebytes MBAM via één van deze locaties[/b:276c7f9aad]: [list:276c7f9aad][*:276c7f9aad][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:276c7f9aad]Softpedia.com[/b:276c7f9aad][/url][*:276c7f9aad][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:276c7f9aad]Majorgeeks.com[/b:276c7f9aad][/url][/list:u:276c7f9aad] [b:276c7f9aad]Allereerst[/b:276c7f9aad]:[list:276c7f9aad][*:276c7f9aad] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:276c7f9aad] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:276c7f9aad] [b:276c7f9aad]Malwarebytes MBAM opstarten[/b:276c7f9aad]: [list:276c7f9aad][*:276c7f9aad] [b:276c7f9aad][color=#0000FF:276c7f9aad]Sluit nu eerst alle nog openstaande programmavensters![/color:276c7f9aad][/b:276c7f9aad] [list:276c7f9aad][*:276c7f9aad][b:276c7f9aad][color=#0000FF:276c7f9aad]Windows 2000[/color:276c7f9aad][/b:276c7f9aad] en [color=#0000FF:276c7f9aad][b:276c7f9aad]Windows XP[/b:276c7f9aad][/color:276c7f9aad]: start MBAM middels dubbelklik op de snelkoppeling. [*:276c7f9aad][color=#0000FF:276c7f9aad][b:276c7f9aad]Windows Vista[/b:276c7f9aad][/color:276c7f9aad] en [color=#0000FF:276c7f9aad][b:276c7f9aad]Windows 7[/b:276c7f9aad][/color:276c7f9aad]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:276c7f9aad][/list:u:276c7f9aad] [list:276c7f9aad][*:276c7f9aad][b:276c7f9aad]Let op:[/b:276c7f9aad] [list:276c7f9aad][*:276c7f9aad]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:276c7f9aad]Bij de eerstse start kijg je de mogelijkheid de volledige versie tijdelijk te gebruiken of de gratis versie. [*:276c7f9aad]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:276c7f9aad]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:276c7f9aad] [img:276c7f9aad]http://img30.imageshack.us/img30/3928/mbam2.png[/img:276c7f9aad] [*:276c7f9aad][b:276c7f9aad]Doe ook nog het volgende:[/b:276c7f9aad] [list:276c7f9aad][*:276c7f9aad]Zodra het programma gestart is, ga dan naar het tabblad "[b:276c7f9aad]Instellingen[/b:276c7f9aad]". [*:276c7f9aad]Vink hier aan: "[b:276c7f9aad]Sluit Internet Explorer tijdens verwijdering van malware[/b:276c7f9aad]".[/list:u:276c7f9aad][/list:u:276c7f9aad] [b:276c7f9aad]Scannen[/b:276c7f9aad]: [list:276c7f9aad][*:276c7f9aad] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:276c7f9aad]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:276c7f9aad]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:276c7f9aad] [b:276c7f9aad]Infecties gevonden[/b:276c7f9aad]: [list:276c7f9aad][*:276c7f9aad]Klik nu eerst op OK om de melding weg te klikken [*:276c7f9aad]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:276c7f9aad]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:276c7f9aad]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:276c7f9aad]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:276c7f9aad]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:276c7f9aad] [b:276c7f9aad]MBAM-Log[/b:276c7f9aad]: [list:276c7f9aad][*:276c7f9aad] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken.[/list:u:276c7f9aad] [color=#008000:276c7f9aad][b:276c7f9aad]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:276c7f9aad][/color:276c7f9aad]
  • Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.06.29.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Marcel :: MARCEL-HP [administrator] Realtime bescherming: Ingeschakeld 29-6-2012 17:04:18 mbam-log-2012-06-29 (17-04-18).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 221046 Verstreken tijd: 6 minuut/minuten, 17 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  • [b:c0b285f8d6][url=http://www.eset.com/home/products/online-scanner/]Doe de ESET online scan (Klik).[/url][/b:c0b285f8d6] [list:c0b285f8d6] [*:c0b285f8d6]Klik op de knop [b:c0b285f8d6]ESET Online Scanner[/b:c0b285f8d6] [*:c0b285f8d6]Zet een vinkje bij [b:c0b285f8d6]YES, I accept the Terms of Use[/b:c0b285f8d6] [*:c0b285f8d6]Klik op [b:c0b285f8d6]Start[/b:c0b285f8d6] [*:c0b285f8d6]Sta het ActiveX control toe om te installeren. [*:c0b285f8d6]Zet een vinkje bij de volgende opties: [list:c0b285f8d6][*:c0b285f8d6][b:c0b285f8d6]Remove found threats[/b:c0b285f8d6] [*:c0b285f8d6][b:c0b285f8d6]Scan archives[/b:c0b285f8d6][/list:u:c0b285f8d6] [*:c0b285f8d6]Klik vervolgens op [b:c0b285f8d6][color=#0000FF:c0b285f8d6]"Advanced Settings"[/color:c0b285f8d6][/b:c0b285f8d6] [list:c0b285f8d6][*:c0b285f8d6][b:c0b285f8d6]Scan for potentially unwanted applications[/b:c0b285f8d6] [*:c0b285f8d6][b:c0b285f8d6]Scan for potentially unsafe applications[/b:c0b285f8d6] [*:c0b285f8d6][b:c0b285f8d6]Enable Anti-Stealth technology [/b:c0b285f8d6][/list:u:c0b285f8d6] [*:c0b285f8d6]Klik op [b:c0b285f8d6]Start[/b:c0b285f8d6] [*:c0b285f8d6]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:c0b285f8d6]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is. [*:c0b285f8d6]Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner en klik daar op log.txt [*:c0b285f8d6]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:c0b285f8d6] [color=#0000FF:c0b285f8d6][b:c0b285f8d6]N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller![/b:c0b285f8d6][/color:c0b285f8d6]
  • Via een ander topic vond ik bijgaand programma: A.F.5 Rename your files Mogelijk dat je met dit tool veel documenten weer recht kan zetten. http://www.fauland.com/af5.htm
  • Kan je vertellen hoe A.F.5 Rename your files werkt ? - toevoegen files. - en dan ?
  • ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK Meeste documenten inmiddels weer recht kunnen zetten met A.F.5 Rename. :lol:
  • Kijk aan, dat vind ik dan fijn dat mijn tip over A.F.5 Rename your files jou geholpen heeft. Jouw Windows schijnt ook helemaal schoon te zijn.
  • Dank je voor de goede ondersteuning! :D Groet
  • Vooralsnog laat ik jou nog niet gaan hoor. Want doe ook nog een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is. Download naar je bureaublad [url=http://screen317.spywareinfoforum.org/SecurityCheck.exe][b:c6ef8476ca][color=#0000FF:c6ef8476ca]Security Check[/color:c6ef8476ca][/b:c6ef8476ca][/url]. [list:c6ef8476ca][*:c6ef8476ca] Klik/dubbelklik op [b:c6ef8476ca]SecurityCheck.exe[/b:c6ef8476ca] en let op de instrukties in het zwarte venster. [*:c6ef8476ca] Een Kladblok document genaamd [b:c6ef8476ca]checkup.txt[/b:c6ef8476ca] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad. [*:c6ef8476ca] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:c6ef8476ca] Post de inhoud van [b:c6ef8476ca]checkup.txt [/b:c6ef8476ca]in je volgende post.
  • Ben zelf nog iets aan testen, denk de opl. te hebben. Kom er zo snel mogelijk op terug
  • [verkeerde topic, sorry
  • Results of screen317's Security Check version 0.99.42 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 [b:ffcafa6b1b][u:ffcafa6b1b]``````````````Antivirus/Firewall Check:``````````````[/b:ffcafa6b1b][/u:ffcafa6b1b] McAfeeAntivirus en antispyware [size=1:ffcafa6b1b]WMI entry may not exist for antivirus; attempting automatic update.[/size:ffcafa6b1b] [b:ffcafa6b1b][u:ffcafa6b1b]`````````Anti-malware/Other Utilities Check:`````````[/b:ffcafa6b1b][/u:ffcafa6b1b] Malwarebytes Anti-Malware versie 1.60.1.1000 Adobe Reader X (10.1.3) [b:ffcafa6b1b][u:ffcafa6b1b]````````Process Check: objlist.exe by Laurent````````[/b:ffcafa6b1b][/u:ffcafa6b1b] Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Symantec Norton Online Backup NOBuAgent.exe Symantec Norton Online Backup NOBuClient.exe [b:ffcafa6b1b][u:ffcafa6b1b]`````````````````System Health check`````````````````[/b:ffcafa6b1b][/u:ffcafa6b1b] Total Fragmentation on Drive C: 0% [b:ffcafa6b1b][u:ffcafa6b1b]````````````````````End of Log``````````````````````[/b:ffcafa6b1b][/u:ffcafa6b1b]
  • Dat ziet er goed uit. Gebruik jij als browser Google's Chrome? Indien ja, dan verklaart dit waarom er geen Adobe Flashplayer staat vermeld. Om alles in jouw Windows te controleren op updates geldt het volgende: ga meermaals per jaar naar [b:b0bc1fa580][url=http://secunia.com/vulnerability_scanning/online/]Secunia PSI (klik)[/url][/b:b0bc1fa580] om te controleren of ook alles binnen Windows uptodate is. Want alleen dan is Windows op zijn veiligst! Klik op de Secunia site eerst op de knop [b:b0bc1fa580]Start Scanner[/b:b0bc1fa580] en zet vervolgens op de nieuwe pagina eerst een vinkje bij [b:b0bc1fa580]Enable thorough system inspection[/b:b0bc1fa580] aleer op [b:b0bc1fa580]Start[/b:b0bc1fa580] te klikken! Gebruik je geen Java, dan zal de site niet werken. Dan kan je de [b:b0bc1fa580]Secunia Personal Software Inspector (PSI)[/b:b0bc1fa580] downloaden en installeren. N.B.: na installatie start dit tool automatisch met Windows, maar dat is echt niet nodig en kan uitgescakeld worden! [url]http://secunia.com/vulnerability_scanning/personal/[/url]

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.