Blauw scherm na opstarten 0x000000e4

[anoniem]

Hallo, Ik ben een beetje ten einde raad! Sinds gisteren, krijg ik op het moment dat ik de computer opstart en Windows binnen kom, een blauw scherm met de code: 0x000000e4. Nu heb ik Avast, zowel als Malwarebytes laten lopen en die had het een en ander opgepikt maar het heeft niets geholpen. Net voordat mijn laptop crashte, vroeg m'n computer om toestemming om bepaalde bestanden op te starten. Exe bestanden met wat letters door elkaar. zdvlkndvl.exe bijvoorbeeld. Ik weet niet meer wat voor iets er stond, het waren er een paar en ik kon ze niet, dus drukte op nee. Dit gebeurde vlak nadat ik naar een (schijnbaar geïnfecteerde webpagina ging vanuit een plaatje van Google. Vanaf toen gebeurt dit. Help aub! Ik ben ten einde raad! Ik heb gelezen dat dit niet persé een virus hoeft te zijn, dus ik hoop van niet!! Mvg, William

[anoniem]

Hij heeft gescand en wat dingen verwijderd. Nu die ik een grote scan met MWAM, om resterende dingen te verwijderen. Nu 46 minuten aan het scannen, 2 geïnfecteerde objecten gevonden. Wil je dat ik hierna een log post van MWAM?

[anoniem]

Ik wil naast het log van MBAM ook het log van Kaspersky's TDSSKiller.

[anoniem]

Dat is goed, dan doe ik nogmaals de log van Kaspersky en daarna doe ik de scan van MBAM.

[anoniem]

Wat MBAM betreft - eerst updaten dan enkel de snelle scan gebruiken! Beide logs dan posten!

[anoniem]

Bij deze eerst de log van Kaspersky: 2011/06/14 20:36:09.0840 0700 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48 2011/06/14 20:36:11.0053 0700 ================================================================================ 2011/06/14 20:36:11.0053 0700 SystemInfo: 2011/06/14 20:36:11.0053 0700 2011/06/14 20:36:11.0053 0700 OS Version: 6.1.7600 ServicePack: 0.0 2011/06/14 20:36:11.0053 0700 Product type: Workstation 2011/06/14 20:36:11.0053 0700 ComputerName: CHRIS-PC 2011/06/14 20:36:11.0053 0700 UserName: chris 2011/06/14 20:36:11.0053 0700 Windows directory: C:\Windows 2011/06/14 20:36:11.0053 0700 System windows directory: C:\Windows 2011/06/14 20:36:11.0053 0700 Processor architecture: Intel x86 2011/06/14 20:36:11.0053 0700 Number of processors: 2 2011/06/14 20:36:11.0053 0700 Page size: 0x1000 2011/06/14 20:36:11.0053 0700 Boot type: Safe boot with network 2011/06/14 20:36:11.0053 0700 ================================================================================ 2011/06/14 20:36:12.0413 0700 Initialize success 2011/06/14 20:36:14.0496 0600 ================================================================================ 2011/06/14 20:36:14.0496 0600 Scan started 2011/06/14 20:36:14.0496 0600 Mode: Manual; 2011/06/14 20:36:14.0496 0600 ================================================================================ 2011/06/14 20:36:15.0928 0600 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/06/14 20:36:16.0022 0600 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 2011/06/14 20:36:16.0080 0600 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/06/14 20:36:16.0173 0600 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/06/14 20:36:16.0259 0600 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/06/14 20:36:16.0295 0600 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/06/14 20:36:16.0426 0600 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys 2011/06/14 20:36:16.0484 0600 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 2011/06/14 20:36:16.0567 0600 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/06/14 20:36:16.0656 0600 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 2011/06/14 20:36:16.0737 0600 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 2011/06/14 20:36:16.0760 0600 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 2011/06/14 20:36:16.0822 0600 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/06/14 20:36:17.0031 0600 amdkmdag (71edf946145d2bead3c16f4fd2fa3773) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/06/14 20:36:17.0116 0600 amdkmdap (41876830a043176f7902e781238f95ef) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/06/14 20:36:17.0167 0600 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/06/14 20:36:17.0232 0600 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys 2011/06/14 20:36:17.0320 0600 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/06/14 20:36:17.0345 0600 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys 2011/06/14 20:36:17.0408 0600 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 2011/06/14 20:36:17.0500 0600 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/06/14 20:36:17.0525 0600 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/06/14 20:36:17.0622 0600 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\Windows\system32\drivers\aswFsBlk.sys 2011/06/14 20:36:17.0710 0600 aswMonFlt (9bdc8e9ce17b773f69d2c6696c768c4f) C:\Windows\system32\drivers\aswMonFlt.sys 2011/06/14 20:36:17.0790 0600 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\Windows\system32\drivers\aswRdr.sys 2011/06/14 20:36:17.0885 0600 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\Windows\system32\drivers\aswSnx.sys 2011/06/14 20:36:17.0934 0600 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\Windows\system32\drivers\aswSP.sys 2011/06/14 20:36:18.0002 0600 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\Windows\system32\drivers\aswTdi.sys 2011/06/14 20:36:18.0045 0600 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/14 20:36:18.0105 0600 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 2011/06/14 20:36:18.0214 0600 athr (8d6e8178ab4379c932c34a109d27c5a9) C:\Windows\system32\DRIVERS\athr.sys 2011/06/14 20:36:18.0398 0600 atikmdag (71edf946145d2bead3c16f4fd2fa3773) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/06/14 20:36:18.0571 0600 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/06/14 20:36:18.0658 0600 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/06/14 20:36:18.0722 0600 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/06/14 20:36:18.0820 0600 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/06/14 20:36:18.0917 0600 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/14 20:36:18.0962 0600 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/06/14 20:36:19.0010 0600 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/06/14 20:36:19.0063 0600 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/06/14 20:36:19.0127 0600 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011%\Drivers\BrSerWdm.sys 2011/06/14 20:36:19.0191 0600 BrUsbMdm (bd3A\Windows\System32\Drivers\BrUsbMdm.sys 2011/06/14 20:36:19.0269 0600 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/06/14 20:36:19.0313 0600 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/06/14 20:36:19.0611 0600 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/14 20:36:19.0714 0600 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/14 20:36:19.0811 0600 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/06/14 20:36:19.0867 0600 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/06/14 20:36:20.0004 0600 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/06/14 20:36:20.0037 0600 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 2011/06/14 20:36:20.0082 0600 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/06/14 20:36:20.0161 0600 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/06/14 20:36:20.0249 0600 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/06/14 20:36:20.0517 0600 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/06/14 20:36:20.0666 0600 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 2011/06/14 20:36:20.0794 0600 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys 2011/06/14 20:36:21.0162 0600 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/06/14 20:36:21.0235 0600 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/06/14 20:36:21.0317 0600 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/06/14 20:36:21.0411 0600 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 2011/06/14 20:36:21.0461 0600 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/14 20:36:21.0578 0600 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/06/14 20:36:21.0644 0600 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/06/14 20:36:21.0664 0600 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 2011/06/14 20:36:21.0713 0600 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/06/14 20:36:21.0758 0600 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/06/14 20:36:21.0820 0600 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/14 20:36:21.0859 0600 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/06/14 20:36:21.0893 0600 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/06/14 20:36:21.0919 0600 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/14 20:36:21.0982 0600 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/06/14 20:36:22.0016 0600 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/06/14 20:36:22.0039 0600 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/14 20:36:22.0136 0600 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 2011/06/14 20:36:22.0158 0600 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/06/14 20:36:22.0188 0600 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/06/14 20:36:22.0260 0600 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 2011/06/14 20:36:22.0332 0600 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/14 20:36:22.0358 0600 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/06/14 20:36:22.0387 0600 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/06/14 20:36:22.0455 0600 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/06/14 20:36:22.0538 0600 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/14 20:36:22.0593 0600 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/06/14 20:36:22.0675 0600 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 2011/06/14 20:36:22.0704 0600 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 2011/06/14 20:36:22.0727 0600 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/14 20:36:22.0796 0600 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/06/14 20:36:22.0885 0600 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/06/14 20:36:23.0061 0600 IntcAzAudAddService (441a9adce9394e18ff6c23f77c983c04) C:\Windows\system32\drivers\RTKVHDA.sys 2011/06/14 20:36:23.0106 0600 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 2011/06/14 20:36:23.0166 0600 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/14 20:36:23.0219 0600 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/06/14 20:36:23.0281 0600 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/06/14 20:36:23.0296 0600 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/06/14 20:36:23.0361 0600 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/06/14 20:36:23.0404 0600 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 2011/06/14 20:36:23.0459 0600 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/14 20:36:23.0538 0600 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/14 20:36:23.0707 0600 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/14 20:36:23.0755 0600 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/14 20:36:23.0801 0600 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys 2011/06/14 20:36:23.0870 0600 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/14 20:36:23.0938 0600 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/06/14 20:36:23.0963 0600 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/06/14 20:36:23.0994 0600 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/06/14 20:36:24.0025 0600 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/06/14 20:36:24.0104 0600 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/06/14 20:36:24.0132 0600 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/06/14 20:36:24.0156 0600 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/06/14 20:36:24.0190 0600 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/06/14 20:36:24.0273 0600 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/14 20:36:24.0365 0600 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/14 20:36:24.0389 0600 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/14 20:36:24.0457 0600 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 2011/06/14 20:36:24.0493 0600 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 2011/06/14 20:36:25.0130 0600 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/14 20:36:25.0166 0600 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 2011/06/14 20:36:25.0253 0600 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/14 20:36:25.0307 0600 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/14 20:36:25.0342 0600 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/14 20:36:25.0387 0600 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 2011/06/14 20:36:25.0424 0600 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 2011/06/14 20:36:25.0461 0600 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/06/14 20:36:25.0493 0600 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/06/14 20:36:25.0519 0600 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/06/14 20:36:25.0608 0600 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/14 20:36:25.0630 0600 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/14 20:36:25.0647 0600 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/06/14 20:36:25.0675 0600 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/06/14 20:36:25.0701 0600 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/14 20:36:25.0724 0600 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/06/14 20:36:25.0739 0600 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/06/14 20:36:25.0771 0600 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/06/14 20:36:25.0856 0600 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/14 20:36:25.0934 0600 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 2011/06/14 20:36:25.0999 0600 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/06/14 20:36:26.0068 0600 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/14 20:36:26.0105 0600 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/14 20:36:26.0125 0600 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/14 20:36:26.0143 0600 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 2011/06/14 20:36:26.0166 0600 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/14 20:36:26.0187 0600 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/14 20:36:26.0250 0600 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/06/14 20:36:26.0289 0600 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/06/14 20:36:26.0313 0600 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/14 20:36:26.0384 0600 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys 2011/06/14 20:36:26.0442 0600 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/06/14 20:36:26.0507 0600 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/06/14 20:36:26.0576 0600 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys 2011/06/14 20:36:26.0593 0600 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/06/14 20:36:26.0624 0600 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/06/14 20:36:26.0652 0600 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/06/14 20:36:26.0711 0600 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 2011/06/14 20:36:26.0748 0600 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/06/14 20:36:26.0804 0600 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 2011/06/14 20:36:26.0830 0600 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 2011/06/14 20:36:26.0848 0600 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/06/14 20:36:26.0879 0600 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/06/14 20:36:26.0914 0600 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/06/14 20:36:27.0130 0600 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/14 20:36:27.0164 0600 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/06/14 20:36:27.0237 0600 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/14 20:36:27.0292 0600 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/06/14 20:36:27.0372 0600 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/06/14 20:36:27.0402 0600 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/14 20:36:27.0424 0600 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/14 20:36:27.0502 0600 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/06/14 20:36:27.0542 0600 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/14 20:36:27.0589 0600 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/14 20:36:27.0658 0600 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/06/14 20:36:27.0684 0600 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/14 20:36:27.0705 0600 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/06/14 20:36:27.0730 0600 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/14 20:36:27.0770 0600 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 2011/06/14 20:36:27.0837 0600 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/14 20:36:27.0876 0600 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/06/14 20:36:27.0899 0600 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys 2011/06/14 20:36:27.0972 0600 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 2011/06/14 20:36:28.0067 0600 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/14 20:36:28.0148 0600 RSUSBSTOR (f1ed9ffa59c369e72bc53a7631346f61) C:\Windows\system32\Drivers\RtsUStor.sys 2011/06/14 20:36:28.0218 0600 RTHDMIAzAudService (2fdc33b63f80fbfe95203c2186af0ce8) C:\Windows\system32\drivers\RtHDMIV.sys 2011/06/14 20:36:28.0293 0600 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys 2011/06/14 20:36:28.0333 0600 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 2011/06/14 20:36:28.0371 0600 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/06/14 20:36:28.0642 0600 SCDEmu (3b35ce540758bbabb721e234cb5a4f3f) C:\Windows\system32\drivers\SCDEmu.sys 2011/06/14 20:36:28.0670 0600 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 2011/06/14 20:36:28.0750 0600 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/06/14 20:36:28.0828 0600 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/06/14 20:36:28.0852 0600 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/06/14 20:36:28.0885 0600 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/06/14 20:36:28.0940 0600 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/06/14 20:36:28.0966 0600 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/06/14 20:36:28.0983 0600 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/06/14 20:36:29.0005 0600 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/06/14 20:36:29.0078 0600 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 2011/06/14 20:36:29.0109 0600 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/06/14 20:36:29.0132 0600 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/06/14 20:36:29.0151 0600 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/06/14 20:36:29.0227 0600 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/06/14 20:36:29.0336 0600 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys 2011/06/14 20:36:29.0398 0600 srv (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys 2011/06/14 20:36:29.0463 0600 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/14 20:36:29.0518 0600 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/14 20:36:29.0629 0600 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/06/14 20:36:29.0703 0600 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 2011/06/14 20:36:29.0733 0600 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 2011/06/14 20:36:29.0769 0600 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/14 20:36:29.0862 0600 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys 2011/06/14 20:36:29.0962 0600 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/14 20:36:30.0003 0600 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/14 20:36:30.0032 0600 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 2011/06/14 20:36:30.0056 0600 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys 2011/06/14 20:36:30.0080 0600 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/14 20:36:30.0107 0600 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/14 20:36:30.0194 0600 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/14 20:36:30.0338 0600 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys 2011/06/14 20:36:30.0410 0600 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/14 20:36:30.0435 0600 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/06/14 20:36:30.0468 0600 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/14 20:36:30.0529 0600 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/06/14 20:36:30.0579 0600 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/14 20:36:30.0642 0600 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/06/14 20:36:30.0736 0600 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys 2011/06/14 20:36:30.0779 0600 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/14 20:36:30.0828 0600 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 2011/06/14 20:36:30.0877 0600 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/14 20:36:30.0956 0600 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/14 20:36:30.0999 0600 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 2011/06/14 20:36:31.0027 0600 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/14 20:36:31.0047 0600 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/06/14 20:36:31.0067 0600 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/06/14 20:36:31.0163 0600 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys 2011/06/14 20:36:31.0201 0600 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/06/14 20:36:31.0243 0600 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/14 20:36:31.0291 0600 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/06/14 20:36:31.0316 0600 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/06/14 20:36:31.0365 0600 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 2011/06/14 20:36:31.0408 0600 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/06/14 20:36:31.0434 0600 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 2011/06/14 20:36:31.0494 0600 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 2011/06/14 20:36:31.0519 0600 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 2011/06/14 20:36:31.0551 0600 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/06/14 20:36:31.0582 0600 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/06/14 20:36:31.0602 0600 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 2011/06/14 20:36:31.0637 0600 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/06/14 20:36:31.0678 0600 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/06/14 20:36:31.0736 0600 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/06/14 20:36:31.0771 0600 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/06/14 20:36:31.0815 0600 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/14 20:36:31.0831 0600 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/14 20:36:31.0878 0600 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/06/14 20:36:31.0931 0600 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/14 20:36:32.0029 0600 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/06/14 20:36:32.0050 0600 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/06/14 20:36:32.0176 0600 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/06/14 20:36:32.0241 0600 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/14 20:36:32.0279 0600 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 2011/06/14 20:36:32.0300 0600 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/14 20:36:32.0402 0600 xusb21 (276842a27953be204a2507096f09b1f3) C:\Windows\system32\DRIVERS\xusb21.sys 2011/06/14 20:36:32.0471 0600 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/06/14 20:36:32.0486 0600 ================================================================================ 2011/06/14 20:36:32.0486 0600 Scan finished 2011/06/14 20:36:32.0486 0600 ================================================================================ 2011/06/14 20:36:32.0498 0112 Detected object count: 0 2011/06/14 20:36:32.0498 0112 Actual detected object count: 0 En hier de log van de snelle scan met MBAM: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Databaseversie: 6854 Windows 6.1.7600 (Safe Mode) Internet Explorer 9.0.7930.16406 14-6-2011 21:11:26 mbam-log-2011-06-14 (21-11-26).txt Scantype: Snelle scan Objecten gescand: 156489 Verstreken tijd: 2 minuut/minuten, 44 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Nu gaf ie, toen ik een grote scan aan het doen was (die onderbroken was per ongeluk) wel aan dat hij 2 geïnfecteerde bestanden had gevonden maar in de snelle scan niet..Vond ik wel even de moeite waard om te vermelden (denk ik).

[anoniem]

Je mag het volgende gaan doen: [b:a3df52d957][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:a3df52d957] [list:a3df52d957] [*:a3df52d957]Klik op de knop [b:a3df52d957]ESET Online Scanner[/b:a3df52d957] [*:a3df52d957]Zet een vinkje bij [b:a3df52d957]YES, I accept the Terms of Use[/b:a3df52d957] [*:a3df52d957]Klik op [b:a3df52d957]Start[/b:a3df52d957] [*:a3df52d957]Sta het ActiveX control toe om te installeren. [*:a3df52d957]Klik op [b:a3df52d957]"Advanced settings"[/b:a3df52d957] [*:a3df52d957]Zet een vinkje bij de volgende opties: [list:a3df52d957][*:a3df52d957][b:a3df52d957]Remove found threats[/b:a3df52d957] [*:a3df52d957][b:a3df52d957]Scan archives[/b:a3df52d957] [*:a3df52d957][b:a3df52d957]Scan for potentially unwanted applications[/b:a3df52d957] [*:a3df52d957][b:a3df52d957]Scan for potentially unsafe applications[/b:a3df52d957] [*:a3df52d957][b:a3df52d957]Enable Anti-Stealth technology [/b:a3df52d957][/list:u:a3df52d957] [*:a3df52d957]Klik op [b:a3df52d957]Start[/b:a3df52d957] [*:a3df52d957]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:a3df52d957]Je mag het venster sluiten wanneer de scan klaar is. [*:a3df52d957]Gebruik [b:a3df52d957]Kladblok[/b:a3df52d957] om het logje te openen. Dit logje vind je in de lokatie C:\Program Files\EsetOnlineScanner\[b:a3df52d957]log.txt[/b:a3df52d957] [*:a3df52d957]Kopieer en plak de inhoud van dit logje in je volgende bericht.[/list:u:a3df52d957] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!

[anoniem]

Dit heb ik twee keer geprobeerd maar na ongeveer een uur scannen, bevriest m'n computer gewoon..

[anoniem]

De online scan doet je computer bevriezen... Doe daarom het volgende: [b:f2f3cf8bb0]Welk programma[/b:f2f3cf8bb0]: sUbs [b:f2f3cf8bb0]dds.scr[/b:f2f3cf8bb0] [b:f2f3cf8bb0]Waarvoor/waarom[/b:f2f3cf8bb0]: DDS is een diagnosetool en maakt gebruik van scripts. [b:f2f3cf8bb0]Moeilijkheidsgraad[/b:f2f3cf8bb0]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:f2f3cf8bb0]Downloadlokatie[/b:f2f3cf8bb0]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen! [b:f2f3cf8bb0]Download[/b:f2f3cf8bb0] sUBs dds.scr [url=http://download.bleepingcomputer.com/sUBs/dds.scr][b:f2f3cf8bb0]hier[/b:f2f3cf8bb0][/url] [img:f2f3cf8bb0]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:f2f3cf8bb0] [b:f2f3cf8bb0]sUBs dds.scr gebruiken[/b:f2f3cf8bb0]: [list:f2f3cf8bb0][*:f2f3cf8bb0][b:f2f3cf8bb0][color=Red:f2f3cf8bb0]Belangrijk[/color:f2f3cf8bb0][/b:f2f3cf8bb0]: deaktiveer eerst de antivirussoftware en de aktieve spywarescanners! [*:f2f3cf8bb0] [b:f2f3cf8bb0][color=Blue:f2f3cf8bb0]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:f2f3cf8bb0][/b:f2f3cf8bb0] [*:f2f3cf8bb0]Windows 2000 en Windows XP: start sUBs dds.scr middels dubbelklik op de snelkoppeling. [*:f2f3cf8bb0]Windows Vista en Windows 7: start sUBs dds.scr rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [*:f2f3cf8bb0] Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - post de inhoud van beide logs.[/list:u:f2f3cf8bb0]

[anoniem]

Beste Abraham, Hier onder de logs: DDS: . DDS (Ver_2011-06-12.02) - NTFSx86 NETWORK Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_26 Run by chris at 18:08:02 on 2011-06-15 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.3067.2647 [GMT 2:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [KB984437.exe] "c:\windows\system32\config\systemprofile\appdata\roaming\KB984437.exe" mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} - hxxp://www.fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{31CDAAC5-4CAC-4274-AFB9-ECA143C7B453} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{9ED94C3B-8D0E-4B13-ABB4-FC5B79F1D1BF} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\qrcra0jp.default\ FF - prefs.js: browser.startup.homepage - www.google.nl FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 9\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 9\plugins\npwachk.dll FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . ============= SERVICES / DRIVERS =============== . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-30 218688] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-1-25 193640] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-15 441176] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-15 307928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-7-7 176128] S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-15 19544] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-3-15 53592] S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-26 42184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-5-7 1051976] S3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-7-7 5882368] S3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-7-7 210944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] SUnknown WatAdminSvc;WatAdminSvc; [x] . =============== Created Last 30 ================ . 2011-06-14 16:57:13 -------- d-----w- c:\windows\pss 2011-06-14 16:35:13 54016 ----a-w- c:\windows\system32\drivers\dmyjdje.sys 2011-06-13 22:47:09 293376 ----a-w- c:\windows\system32\browserchoice.exe 2011-06-13 19:26:34 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-06-13 19:26:34 573440 ----a-w- c:\windows\system32\odbc32.dll 2011-06-13 19:26:34 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-06-13 19:26:34 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-06-13 19:26:34 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-06-13 17:00:21 -------- d-sh--w- C:\$RECYCLE.BIN 2011-06-13 16:26:24 -------- d-----w- c:\users\chris\appdata\local\temp 2011-06-13 16:15:39 98816 ----a-w- c:\windows\sed.exe 2011-06-13 16:15:39 518144 ----a-w- c:\windows\SWREG.exe 2011-06-13 16:15:39 256512 ----a-w- c:\windows\PEV.exe 2011-06-13 16:15:39 208896 ----a-w- c:\windows\MBR.exe 2011-06-13 12:22:10 -------- d-----w- c:\program files\ESET 2011-06-12 21:34:03 -------- d-----w- c:\program files\WhiteSmoke 2011-06-12 19:34:52 -------- d-----w- c:\users\chris\appdata\roaming\Elephant Games 2011-06-12 19:34:52 -------- d-----w- c:\programdata\Elephant Games 2011-06-08 13:39:36 -------- d-----w- c:\programdata\MumboJumbo 2011-06-06 14:24:28 -------- d-----w- C:\found.000 2011-06-04 22:48:14 -------- d-----w- c:\users\chris\appdata\roaming\MumboJumbo 2011-06-03 14:20:06 -------- d-----w- c:\users\chris\appdata\roaming\ERS G-Studio 2011-05-16 20:49:16 -------- d-----w- c:\program files\Toontrack . ==================== Find3M ==================== . 2011-06-14 16:57:28 409088 ----a-w- c:\windows\system32\systemcpl.dll 2011-06-14 16:57:28 13824 ----a-w- c:\windows\system32\slwga.dll 2011-05-29 07:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 07:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-16 14:48:21 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr 2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-05-04 02:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-04-09 16:55:44 15453336 ----a-w- c:\windows\system32\xlive.dll 2011-04-09 16:55:42 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-09 05:56:38 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-03-30 19:25:10 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-03-22 23:07:58 214592 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-03-22 23:07:58 214592 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-03-22 22:45:03 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-03-21 23:38:50 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-03-21 22:44:25 139152 ----a-w- c:\users\chris\appdata\roaming\PnkBstrK.sys 2011-03-21 22:44:07 794408 ----a-w- c:\windows\system32\pbsvc.exe . ============= FINISH: 18:09:27,01 =============== Attach.txt: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-06-12.02) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 22-1-2011 16:46:19 System Uptime: 15-6-2011 17:59:48 (1 hours ago) . Motherboard: Packard Bell BV | | Etna GM Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | U2E1 | 1995/166mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 286 GiB total, 81,478 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: avast! Network Shield Support Device ID: ROOT\LEGACY_ASWTDI\0000 Manufacturer: Name: avast! Network Shield Support PNP Device ID: ROOT\LEGACY_ASWTDI\0000 Service: aswTdi . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: sptd Device ID: ROOT\LEGACY_SPTD\0000 Manufacturer: Name: sptd PNP Device ID: ROOT\LEGACY_SPTD\0000 Service: sptd . ==== System Restore Points =================== . RP171: 9-5-2011 21:27:52 - Windows Update RP172: 13-5-2011 16:19:02 - Windows Update RP173: 15-5-2011 1:46:18 - Windows Update RP174: 16-5-2011 17:48:01 - Removed EZdrummer RP175: 16-5-2011 17:49:51 - Removed EZXClaustrophobic RP176: 16-5-2011 22:48:28 - Installed EZdrummer RP177: 27-5-2011 17:56:22 - Scheduled Checkpoint RP178: 4-6-2011 16:01:37 - Scheduled Checkpoint RP179: 8-6-2011 23:41:30 - Installed Adobe Reader X - Nederlands. RP180: 10-6-2011 21:47:32 - Windows Update RP181: 13-6-2011 21:23:27 - Removed Adobe Reader X - Nederlands. RP182: 13-6-2011 21:39:34 - Installed Java(TM) 6 Update 26 RP183: 14-6-2011 0:46:52 - Windows Update . ==== Installed Programs ====================== . 7-Zip 9.20 Aangifte inkomstenbelasting 2009 Adobe Audition 3.0 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Shockwave Player 11.5 Amnesia - The Dark Descent Apple Application Support Apple Mobile Device Support Apple Software Update ASIO4ALL Atheros Driver Installation Program ATI Catalyst Install Manager avast! Free Antivirus BitTorrent Bonjour Burnout(TM) Paradise The Ultimate Box Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility CCC Help English CCleaner Championship Manager 2010 Championship Manager 2010 (September Data Patch) Collab DAEMON Tools Lite Driver Genius Professional Edition EA SPORTS(TM) FIFA Online ESET Online Scanner v3 EZdrummer EZXClaustrophobic EZXCocktail EZXDfh EZXJazz EZXNashville EZXTwisted F1 2010 Far Cry 2 Feedback Tool FIFA 11 FL Studio 10 FL Studio 8 GemistDownloader GrabIt 1.7.2 Beta 4 (build 997) Grand Theft Auto IV Grand Theft Auto: Episodes From Liberty City IL Download Manager Java Auto Updater Java(TM) 6 Update 26 Malwarebytes' Anti-Malware versie 1.51.0.1200 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Xbox 360 Accessories 1.2 Mozilla Firefox 5.0 (x86 nl) MSVCRT Native Instruments Kore Player Native Instruments Massive v1.0.1.008 VSTi DXi RTAS Native Instruments Service Center Need for Speed(TM) Hot Pursuit Need for Speed™ SHIFT NVIDIA PhysX OpenAL OpenOffice.org 3.3 PoiZone PowerISO Pro Evolution Soccer 2011 PunkBuster Services QuickTime Rapture3D 2.4.4 Game Realtek HDMI Audio Driver for ATI Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Revo Uninstaller 1.91 Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) SIW version 2010.07.14 Skype Toolbars Skype™ 5.1 SoulSeek 157 NS 13c Steam Tom Clancy's Splinter Cell Conviction Toolbar Cleaner 1.0 Toxic Biohazard Trilogy TuneUp Utilities TuneUp Utilities Language Pack (nl-NL) Ubisoft Game Launcher VLC media player 1.1.6 Winamp Winamp Detector Plug-in Windows Live - Hulpprogramma voor uploaden Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Messenger Windows Media Player Firefox Plugin WinPatrol WinRAR . ==== End Of File ===========================

[anoniem]

Je hebt een heel viezer rootkit in jouw Windows zitten. Omdie te verwijderen dient Systeemherstel volledig uitgeschakeld te zijn. Staat Systeemherstel in jouw Windows aan of uit?

[anoniem]

[quote:46f06d4260="Abraham54"]Je hebt een heel viezer rootkit in jouw Windows zitten. Omdie te verwijderen dient Systeemherstel volledig uitgeschakeld te zijn. Staat Systeemherstel in jouw Windows aan of uit?[/quote:46f06d4260] Die staat geloof ik aan. Hoe kan ik deze uit zetten? Denk je dat dit te verhelpen valt?

[anoniem]

Systeem herstel uitzetten: Het is belangrijk dat de systeemherstelpunten opgeschoond worden! • Klik Computer met rechts aan en kies voor [b:86f94d510d]Eigenschappen[/b:86f94d510d]. • Klik in het nieuwe venster in de linkerkolom op [b:86f94d510d]Geavanceerde instellingen[/b:86f94d510d]. • Klik in het venster [b:86f94d510d]Systeemeigenschappen[/b:86f94d510d] op de tab [b:86f94d510d]Systeembeveiliging[/b:86f94d510d] En dan zorg je ervoor dat Systeemherstel voor alle schijven wordt uitgeschakeld. Het beste is daarna eerst je PC te herstarten. Daarna mag je verder gaan met onderstaande: [b:86f94d510d][url=http://swandog46.geekstogo.com/avenger2/download.php]Download The Avenger naar je bureaublad[/url][/b:86f94d510d] • Unzip op je bureaublad het gedownloade bestand. • [b:86f94d510d]Avenger opstarten[/b:86f94d510d]: • Windows 2000 en Windows XP: start Avenger middels dubbelklik op het tool. • Windows Vista en Windows 7: start Avenger middels rechtsklik op het tool en dan kiezen voor "Als Administrator uitvoeren". • Haal het vinkje weg bij "Scan voor rootkits". • Kopieer nu de vetgedrukte regels • Plak deze nu in het venster "Input Script here": [b:86f94d510d]Files to delete: c:\windows\MBR.exe [/b:86f94d510d] • Klik vervolgens op de knop "Execute". • Avenger zal aangeven dat de computer gaat herstarten, dus sta dit toe. • Na herstarten opent een logfile - avenger.txt -. • Post aansluitend de inhoud van deze logfile.[/quote] [b:86f94d510d][color=Red:86f94d510d]Opgelet: Bovenstaande code werd enkel gemaakt voor deze computer/gebruiker/situatie. Indien deze code op een andere computer wordt gebruikt kan dit tot totale uitval van die computer leiden![/color:86f94d510d][/b:86f94d510d]

[anoniem]

In systeemeigenschappen staan alleen de tabs Computernaam, Hardware, Geavanceerd en Externe Verbindingen. In Geavanceerd staat wel een kopje 'Opstart En Herstelinstellingen'.

[anoniem]

Sorry, foutje van mij - je moet de tab SYSTEEMBEVEILIGING hebben!

[anoniem]

In veilige modus gaf hij geen log, dus heb ik het voor de zekerheid nogmaals gedaan in normale modus en toen gaf hij het volgende aan in de log: Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Error: file "c:\windows\MBR.exe" not found! Deletion of file "c:\windows\MBR.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Completed script processing. ******************* Finished! Terminate. Ofwel, dat bestand is iig verwijderd!

[anoniem]

Waarom heb je The Avenger in eerste plaats in veilige modus gebruikt? Daarover staat niks in mijn opdracht! Post een nieuw DDS-log - nu enkel [b:1df2f49373]DDS.txt[/b:1df2f49373]

[anoniem]

[quote:8a7feaf690="Abraham54"]Waarom heb je The Avenger in eerste plaats in veilige modus gebruikt? Daarover staat niks in mijn opdracht! Post een nieuw DDS-log - nu enkel [b:8a7feaf690]DDS.txt[/b:8a7feaf690][/quote:8a7feaf690] Per ongeluk, sorry. Hier de DDS.txt: . DDS (Ver_2011-06-12.02) - NTFSx86 NETWORK Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_26 Run by chris at 23:02:27 on 2011-06-15 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.3067.2583 [GMT 2:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskmgr.exe C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [KB984437.exe] "c:\windows\system32\config\systemprofile\appdata\roaming\KB984437.exe" mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} - hxxp://www.fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{31CDAAC5-4CAC-4274-AFB9-ECA143C7B453} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{9ED94C3B-8D0E-4B13-ABB4-FC5B79F1D1BF} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\qrcra0jp.default\ FF - prefs.js: browser.startup.homepage - www.google.nl FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 9\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 9\plugins\npwachk.dll FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . ============= SERVICES / DRIVERS =============== . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-30 218688] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-1-25 193640] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-15 441176] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-15 307928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-7-7 176128] S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-15 19544] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-3-15 53592] S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-26 42184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-5-7 1051976] S3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-7-7 5882368] S3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-7-7 210944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] SUnknown WatAdminSvc;WatAdminSvc; [x] . =============== Created Last 30 ================ . 2011-06-14 16:57:13 -------- d-----w- c:\windows\pss 2011-06-14 16:35:13 54016 ----a-w- c:\windows\system32\drivers\dmyjdje.sys 2011-06-13 22:47:09 293376 ----a-w- c:\windows\system32\browserchoice.exe 2011-06-13 19:26:34 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-06-13 19:26:34 573440 ----a-w- c:\windows\system32\odbc32.dll 2011-06-13 19:26:34 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-06-13 19:26:34 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-06-13 19:26:34 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-06-13 17:00:21 -------- d-sh--w- C:\$RECYCLE.BIN 2011-06-13 16:26:24 -------- d-----w- c:\users\chris\appdata\local\temp 2011-06-13 16:15:39 98816 ----a-w- c:\windows\sed.exe 2011-06-13 16:15:39 518144 ----a-w- c:\windows\SWREG.exe 2011-06-13 16:15:39 256512 ----a-w- c:\windows\PEV.exe 2011-06-13 12:22:10 -------- d-----w- c:\program files\ESET 2011-06-12 21:34:03 -------- d-----w- c:\program files\WhiteSmoke 2011-06-12 19:34:52 -------- d-----w- c:\users\chris\appdata\roaming\Elephant Games 2011-06-12 19:34:52 -------- d-----w- c:\programdata\Elephant Games 2011-06-08 13:39:36 -------- d-----w- c:\programdata\MumboJumbo 2011-06-06 14:24:28 -------- d-----w- C:\found.000 2011-06-04 22:48:14 -------- d-----w- c:\users\chris\appdata\roaming\MumboJumbo 2011-06-03 14:20:06 -------- d-----w- c:\users\chris\appdata\roaming\ERS G-Studio . ==================== Find3M ==================== . 2011-06-15 19:11:35 409088 ----a-w- c:\windows\system32\systemcpl.dll 2011-06-15 19:11:35 13824 ----a-w- c:\windows\system32\slwga.dll 2011-05-29 07:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 07:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-16 14:48:21 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr 2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-05-04 02:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-04-09 16:55:44 15453336 ----a-w- c:\windows\system32\xlive.dll 2011-04-09 16:55:42 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-09 05:56:38 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-03-30 19:25:10 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-03-22 23:07:58 214592 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-03-22 23:07:58 214592 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-03-22 22:45:03 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-03-21 23:38:50 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-03-21 22:44:25 139152 ----a-w- c:\users\chris\appdata\roaming\PnkBstrK.sys 2011-03-21 22:44:07 794408 ----a-w- c:\windows\system32\pbsvc.exe . ============= FINISH: 23:03:29,58 ===============

[anoniem]

Hoi Caveman, het is in ieder geval goed gegaan! Nu gaan we voor een specialistische scanner: ConboFix. [b:f4139de3ac]Welk programma[/b:f4139de3ac]: ComboFix [b:f4139de3ac]Waarvoor/waarom[/b:f4139de3ac]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:f4139de3ac]Moeilijkheidsgraad[/b:f4139de3ac]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:f4139de3ac]Downloadlokatie[/b:f4139de3ac]: Dit programma absoluut naar het bureaublad downloaden! [b:f4139de3ac]Download ComboFix via één van deze locaties[/b:f4139de3ac]: [list:f4139de3ac][*:f4139de3ac][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:f4139de3ac]Bleepingcomputer[/b:f4139de3ac][/url] [*:f4139de3ac][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:f4139de3ac]ForoSpyware[/b:f4139de3ac][/url] [*:f4139de3ac][url=http://subs.geekstogo.com/ComboFix.exe][b:f4139de3ac]Geekstogo[/b:f4139de3ac][/url][/list:u:f4139de3ac] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:f4139de3ac]Hier[/b:f4139de3ac][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:f4139de3ac]Hier[/b:f4139de3ac][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:f4139de3ac]hier[/b:f4139de3ac][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:f4139de3ac]Voor alle duidelijkheid nogmaals[/b:f4139de3ac]: ComboFix dient vanaf het bureaublad gestart te worden. [b:f4139de3ac]Opmerkingen[/b:f4139de3ac]: [list:f4139de3ac][*:f4139de3ac] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:f4139de3ac]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:f4139de3ac]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:f4139de3ac] [b:f4139de3ac]ComboFix is opgestart[/b:f4139de3ac]: [list:f4139de3ac][*:f4139de3ac]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:f4139de3ac]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:f4139de3ac]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:f4139de3ac]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:f4139de3ac]Post de inhoud van dit logbestand in je volgende bericht. [*:f4139de3ac]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:f4139de3ac] [b:f4139de3ac]Belangrijke opmerking[/b:f4139de3ac]: [list:f4139de3ac][*:f4139de3ac][b:f4139de3ac][color=Red:f4139de3ac]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:f4139de3ac][/b:f4139de3ac] [*:f4139de3ac][b:f4139de3ac][color=blue:f4139de3ac]Illegal operation attempted on a registery key that has been marked for deletion.[/color:f4139de3ac][/b:f4139de3ac] [*:f4139de3ac][b:f4139de3ac][color=Red:f4139de3ac]Start dan de computer opnieuw op.[/color:f4139de3ac][/b:f4139de3ac][/list:u:f4139de3ac]

[anoniem]

ComboFix 11-06-11.01 - chris 15-06-2011 23:41:29.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.3067.2340 [GMT 2:00] Gestart vanuit: c:\users\chris\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\Drivers\dmyjdje.sys . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-15 to 2011-06-15 )))))))))))))))))))))))))))))) . . 2011-06-15 22:02 . 2011-06-15 22:03 -------- d-----w- c:\users\chris\AppData\Local\temp 2011-06-15 22:02 . 2011-06-15 22:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-13 22:47 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe 2011-06-13 19:26 . 2010-10-16 04:34 573440 ----a-w- c:\windows\system32\odbc32.dll 2011-06-13 19:26 . 2010-10-16 04:33 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-06-13 19:26 . 2010-10-16 04:33 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-06-13 19:26 . 2010-10-16 04:33 987136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-06-13 19:26 . 2010-10-16 04:33 208896 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-06-13 12:22 . 2011-06-13 12:22 -------- d-----w- c:\program files\ESET 2011-06-12 21:34 . 2011-06-14 02:06 -------- d-----w- c:\program files\WhiteSmoke 2011-06-12 19:34 . 2011-06-12 19:34 -------- d-----w- c:\users\chris\AppData\Roaming\Elephant Games 2011-06-12 19:34 . 2011-06-12 19:34 -------- d-----w- c:\programdata\Elephant Games 2011-06-08 13:39 . 2011-06-12 16:53 -------- d-----w- c:\programdata\MumboJumbo 2011-06-06 14:24 . 2011-06-06 14:24 -------- d-----w- C:\found.000 2011-06-04 22:48 . 2011-06-04 22:48 -------- d-----w- c:\users\chris\AppData\Roaming\MumboJumbo 2011-06-03 14:20 . 2011-06-03 14:20 -------- d-----w- c:\users\chris\AppData\Roaming\ERS G-Studio . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-15 19:11 . 2011-02-10 17:21 13824 ----a-w- c:\windows\system32\slwga.dll 2011-06-15 19:11 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll 2011-05-29 07:11 . 2011-01-23 12:38 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 07:11 . 2011-01-23 12:38 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-16 14:48 . 2011-05-16 14:48 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-10 12:10 . 2011-03-15 12:18 40112 ----a-w- c:\windows\avastSS.scr 2011-05-10 12:10 . 2011-03-15 12:18 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-05-10 12:03 . 2011-03-15 12:19 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-10 12:03 . 2011-03-15 12:19 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-05-10 12:02 . 2011-03-15 12:19 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-05-10 11:59 . 2011-03-15 12:19 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-05-10 11:59 . 2011-03-15 12:19 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-05-10 11:59 . 2011-03-15 12:19 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-05-04 02:52 . 2011-01-22 20:54 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll 2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2011-04-09 06:13 . 2011-05-11 09:51 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-04-09 06:13 . 2011-05-11 09:51 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-09 05:56 . 2011-05-13 13:39 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-03-30 19:25 . 2011-03-30 19:25 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-03-22 23:07 . 2011-03-21 23:41 214592 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-03-22 23:07 . 2011-01-24 14:35 214592 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-03-22 22:45 . 2011-01-24 14:35 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-03-21 23:38 . 2011-01-24 14:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-03-21 22:44 . 2011-01-24 14:35 139152 ----a-w- c:\users\chris\AppData\Roaming\PnkBstrK.sys 2011-03-21 22:44 . 2011-01-24 14:35 794408 ----a-w- c:\windows\system32\pbsvc.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2011-01-22 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll [7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2010-11-17 329096] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-06 9394792] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" . R1 MpKsl0b23077e;MpKsl0b23077e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3AEF6FF7-23A2-49C3-98BD-7523D6F3FC39}\MpKsl0b23077e.sys [x] R1 MpKsl3da37183;MpKsl3da37183;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B46F1CD-3932-4299-995B-FB457B59B6F6}\MpKsl3da37183.sys [x] R1 MpKsl3ee365fb;MpKsl3ee365fb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEE9EE21-12DE-4AB6-BB02-292557A2E9CC}\MpKsl3ee365fb.sys [x] R1 MpKsl40f1ff5e;MpKsl40f1ff5e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{088FCD57-D462-4E14-B483-A2E8B09BE3CC}\MpKsl40f1ff5e.sys [x] R1 MpKsl5fb80aac;MpKsl5fb80aac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{24DFFBFF-DE76-45DB-8B1D-CEC81C1D906F}\MpKsl5fb80aac.sys [x] R1 MpKsl6f79eec8;MpKsl6f79eec8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEE9EE21-12DE-4AB6-BB02-292557A2E9CC}\MpKsl6f79eec8.sys [x] R1 MpKsl74f13669;MpKsl74f13669;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{088FCD57-D462-4E14-B483-A2E8B09BE3CC}\MpKsl74f13669.sys [x] R1 MpKsl7e7fa5aa;MpKsl7e7fa5aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0E4E3AC2-019C-48CF-BCBC-50E4E3B988E5}\MpKsl7e7fa5aa.sys [x] R1 MpKsl855a6fb4;MpKsl855a6fb4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3E3847D-7AB9-4B75-91E8-067076C6B630}\MpKsl855a6fb4.sys [x] R1 MpKsl8f64b385;MpKsl8f64b385;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{623F0ABE-AD31-4B3E-B9FB-CBB4E460B1E0}\MpKsl8f64b385.sys [x] R1 MpKsl90fe6279;MpKsl90fe6279;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71E54884-DF44-432B-A934-BE7A3ECC25A3}\MpKsl90fe6279.sys [x] R1 MpKslbc31b152;MpKslbc31b152;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B46F1CD-3932-4299-995B-FB457B59B6F6}\MpKslbc31b152.sys [x] R1 MpKslc478554e;MpKslc478554e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F369D9A-BCEF-4F53-8BBB-8C66837B7629}\MpKslc478554e.sys [x] R1 MpKslc9214b83;MpKslc9214b83;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3E3847D-7AB9-4B75-91E8-067076C6B630}\MpKslc9214b83.sys [x] R1 MpKslca0afb45;MpKslca0afb45;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71E54884-DF44-432B-A934-BE7A3ECC25A3}\MpKslca0afb45.sys [x] R1 MpKslcaafffb1;MpKslcaafffb1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0E4E3AC2-019C-48CF-BCBC-50E4E3B988E5}\MpKslcaafffb1.sys [x] R1 MpKsld2177935;MpKsld2177935;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{24DFFBFF-DE76-45DB-8B1D-CEC81C1D906F}\MpKsld2177935.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 cpuz134;cpuz134;c:\users\chris\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x] R3 WatAdminSvc;WatAdminSvc; [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-23 691696] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-30 218688] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-07-07 176128] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-07-07 5882368] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-07-07 210944] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 193640] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] . . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.1.1 DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} - hxxp://www.fifa-online.ene.easports.com/fo3-theme/addons/EAFO3AXLauncher.cabF - ProfilePath - c:\users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\qrcra0jp.default\ FF - prefs.js: browser.startup.homepage - www.google.nl FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . - - - - ORPHANS VERWIJDERD - - - - . HKU-Default-Run-KB984437.exe - c:\windows\system32\config\systemprofile\AppData\Roaming\KB984437.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TDPIPE] "ImagePath"="system32\drivers\tdpipe.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TDTCP] "ImagePath"="system32\drivers\tdtcp.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\tdx] "ImagePath"="system32\DRIVERS\tdx.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TermDD] "ImagePath"="system32\DRIVERS\termdd.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TermService] "ServiceDll"="%SystemRoot%\System32\termsrv.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Themes] "ServiceDll"="%SystemRoot%\system32\themeservice.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\THREADORDER] "ServiceDll"="%SystemRoot%\system32\mmcss.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrkWks] "ServiceDll"="%SystemRoot%\System32\trkwks.dll" -- . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller] "ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TSDDD] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\tssecsrv] "ImagePath"="System32\DRIVERS\tssecsrv.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TuneUp.Defrag] "ImagePath"="c:\program files\TuneUp Utilities 2010\TuneUpDefragService.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TuneUp.UtilitiesSvc] "ImagePath"="\"c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe\"" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\TuneUpUtilitiesDrv] "ImagePath"="\??\c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\tunnel] "ImagePath"="system32\DRIVERS\tunnel.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\uagp35] "ImagePath"="\SystemRoot\system32\DRIVERS\uagp35.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\udfs] "ImagePath"="system32\DRIVERS\udfs.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\UGatherer] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\UGTHRSVC] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\UI0Detect] "ImagePath"="%SystemRoot%\system32\UI0Detect.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\uliagpkx] "ImagePath"="\SystemRoot\system32\DRIVERS\uliagpkx.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\umbus] "ImagePath"="system32\DRIVERS\umbus.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\UmPass] "ImagePath"="\SystemRoot\system32\DRIVERS\umpass.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\UmRdpService] "ServiceDll"="%SystemRoot%\System32\umrdp.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\upnphost] "ServiceDll"="%SystemRoot%\System32\upnphost.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbaudio] "ImagePath"="system32\drivers\usbaudio.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbccgp] "ImagePath"="system32\DRIVERS\usbccgp.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbcir] "ImagePath"="\SystemRoot\system32\DRIVERS\usbcir.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbehci] "ImagePath"="system32\DRIVERS\usbehci.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbhub] "ImagePath"="system32\DRIVERS\usbhub.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbohci] "ImagePath"="\SystemRoot\system32\DRIVERS\usbohci.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbprint] "ImagePath"="\SystemRoot\system32\DRIVERS\usbprint.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\USBSTOR] "ImagePath"="system32\DRIVERS\USBSTOR.SYS" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbuhci] "ImagePath"="system32\DRIVERS\usbuhci.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbvideo] "ImagePath"="System32\Drivers\usbvideo.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\UxSms] "ServiceDll"="%SystemRoot%\System32\uxsms.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\UxTuneUp] "ServiceDll"="%SystemRoot%\System32\uxtuneup.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\VaultSvc] "ImagePath"="%SystemRoot%\system32\lsass.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vdrvroot] "ImagePath"="system32\DRIVERS\vdrvroot.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vds] "ImagePath"="%SystemRoot%\System32\vds.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vga] "ImagePath"="system32\DRIVERS\vgapnp.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\VgaSave] "ImagePath"="\SystemRoot\System32\drivers\vga.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vhdmp] "ImagePath"="\SystemRoot\system32\DRIVERS\vhdmp.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\viaagp] "ImagePath"="\SystemRoot\system32\DRIVERS\viaagp.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\ViaC7] "ImagePath"="\SystemRoot\system32\DRIVERS\viac7.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\viaide] "ImagePath"="\SystemRoot\system32\DRIVERS\viaide.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vmbus] "ImagePath"="\SystemRoot\system32\DRIVERS\vmbus.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMBusHID] "ImagePath"="\SystemRoot\system32\DRIVERS\VMBusHID.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\volmgr] "ImagePath"="system32\DRIVERS\volmgr.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\volmgrx] "ImagePath"="System32\drivers\volmgrx.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\volsnap] "ImagePath"="system32\DRIVERS\volsnap.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vsmraid] "ImagePath"="\SystemRoot\system32\DRIVERS\vsmraid.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\VSS] "ImagePath"="%systemroot%\system32\vssvc.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vwifibus] "ImagePath"="system32\DRIVERS\vwifibus.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\vwififlt] "ImagePath"="system32\DRIVERS\vwififlt.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\W32Time] "ServiceDll"="%systemroot%\system32\w32time.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\W3SVC] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WacomPen] "ImagePath"="\SystemRoot\system32\DRIVERS\wacompen.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WANARP] "ImagePath"="system32\DRIVERS\wanarp.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wanarpv6] "ImagePath"="system32\DRIVERS\wanarp.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WatAdminSvc] "ImagePath"="%SystemRoot%\system32\Wat\WatAdminSvc.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wbengine] "ImagePath"="\"%systemroot%\system32\wbengine.exe\"" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WbioSrvc] "ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wcncsvc] "ServiceDll"="%SystemRoot%\System32\wcncsvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WcsPlugInService] "ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wd] "ImagePath"="\SystemRoot\system32\DRIVERS\wd.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wdf01000] "ImagePath"="system32\drivers\Wdf01000.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WdiServiceHost] "ServiceDll"="%SystemRoot%\system32\wdi.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WdiSystemHost] "ServiceDll"="%SystemRoot%\system32\wdi.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WebClient] "ServiceDll"="%SystemRoot%\System32\webclnt.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wecsvc] "ServiceDll"="%SystemRoot%\system32\wecsvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wercplsupport] "ServiceDll"="%SystemRoot%\System32\wercplsupport.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WerSvc] "ServiceDll"="%SystemRoot%\System32\WerSvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WfpLwf] "ImagePath"="system32\DRIVERS\wfplwf.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WIMMount] "ImagePath"="system32\drivers\wimmount.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinDefend] "ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Windows Workflow Foundation 3.0.0.0] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinHttpAutoProxySvc] "ServiceDll"="winhttp.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winmgmt] "ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinRM] "ServiceDll"="%SystemRoot%\system32\WsmSvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winsock] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinSock2] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wlansvc] "ServiceDll"="%SystemRoot%\System32\wlansvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wlidsvc] "ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE\"" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WmiAcpi] "ImagePath"="system32\DRIVERS\wmiacpi.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WmiApRpl] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wmiApSrv] "ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WMPNetworkSvc] "ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\"" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WPCSvc] "ServiceDll"="%SystemRoot%\System32\wpcsvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WPDBusEnum] "ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\ws2ifsl] "ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\servicesZL_MACHINE\system\ControlSet001\services\wscsvc] "ServiceDll"2 . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WSearch] "ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WSearchIdxPi] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wuauserv] "ServiceDll"="%systemroot%\system32\wuaueng.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WudfPf] "ImagePath"="system32\drivers\WudfPf.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WUDFRd] "ImagePath"="system32\DRIVERS\WUDFRd.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wudfsvc] "ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\WwanSvc] "ServiceDll"="%SystemRoot%\System32\wwansvc.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\xmlprov] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\xusb21] "ImagePath"="system32\DRIVERS\xusb21.sys" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{31CDAAC5-4CAC-4274-AFB9-ECA143C7B453}] . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{9ED94C3B-8D0E-4B13-ABB4-FC5B79F1D1BF}] . Voltooingstijd: 2011-06-16 00:08:15 ComboFix-quarantined-files.txt 2011-06-15 22:08 ComboFix2.txt 2011-06-13 17:10 ComboFix3.txt 2011-06-13 15:42 . Pre-Run: 148.992.200.704 bytes beschikbaar Post-Run: 148.942.856.192 bytes beschikbaar . - - End Of File - - E5588424141A012F871A00E06F289C34

[anoniem]

Prima gedaan. Hoe draait jouw Windows inmiddels na de laatste behandelingen?