Computer Forum voor al uw vragen en problemen.

 
dennis20
PC Web Plus - Member
PC Web Plus - Member
Onderwerp Auteur
Berichten: 3
Lid geworden op: za 09 jul, 2011 01:00:49
OS: xp

Brief ING dat ik een virus heb binnen gekregen.

za 09 jul, 2011 01:10:48

Hallo,

Ik heb een brief van de ing binnen dat is een virus binnen heb gekregen en dat ik dat zal moeten verderen.

Ik heb nu de stappenplan van infecties gedaan en daarvan heb ik de volgende logs :

MBAM : adware adparatus verwijderd.

haijackthis :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:46:49, on 9-7-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\windows\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
c:\program files\teamviewer\version6\TeamViewer_Desktop.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O1 - Hosts: 78.159.125.67 www.google.no
O1 - Hosts: 78.159.125.67 www.google.nl
O1 - Hosts: 78.159.125.67 www.google.com
O1 - Hosts: 78.159.125.67 www.google.se
O1 - Hosts: 78.159.125.67 uk.search.yahoo.com
O1 - Hosts: 78.159.125.67 www.google.pt
O1 - Hosts: 78.159.125.67 www.google.es
O1 - Hosts: 78.159.125.67 www.google.ca
O1 - Hosts: 78.159.125.67 www.google.be
O1 - Hosts: 78.159.125.67 www.google.fi
O1 - Hosts: 78.159.125.67 www.google.com.br
O1 - Hosts: 78.159.125.67 www.google.co.uk
O1 - Hosts: 78.159.125.67 www.google.dk
O1 - Hosts: 78.159.125.67 www.google.co.jp
O1 - Hosts: 78.159.125.67 www.google.fr
O1 - Hosts: 78.159.125.67 www.google.co.za
O1 - Hosts: 78.159.125.67 www.google.de
O1 - Hosts: 78.159.125.67 www.google.ch
O1 - Hosts: 78.159.125.67 www.google.at
O1 - Hosts: 78.159.125.67 www.google.it
O1 - Hosts: 78.159.125.67 search.yahoo.com
O1 - Hosts: 78.159.125.67 www.google.ie
O1 - Hosts: 78.159.125.67 us.search.yahoo.com
O1 - Hosts: 78.159.125.67 www.google.gr
O1 - Hosts: 78.159.125.67 www.google.com.mx
O1 - Hosts: 78.159.125.67 www.google.com.au
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3224185140
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\windows\system32\Ati2evxx.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updateservice (gupdate1c9f2a5ad8d9012) (gupdate1c9f2a5ad8d9012) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 10247 bytes





DDS:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Christiene at 0:52:03 on 2011-07-09
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2046.1332 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ===============
.
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost -k DcomLaunch
svchost.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\windows\system32\spoolsv.exe
svchost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\windows\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
c:\program files\teamviewer\version6\TeamViewer_Desktop.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
C:\WINDOWS\system32\msiexec.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.euro.dell.com/
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://www.euro.dell.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: Mirar: {d15c7d18-0b70-40ab-935c-88052751d95b} -
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [<NO NAME>]
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [dlbxmon.exe] "c:\program files\dell photo aio printer 962\dlbxmon.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mic273~1\office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftup ... 3224185140
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{A38C794D-065F-4DE7-94C0-C247CEB8B7C5} : DhcpNameServer = 192.168.2.1
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 78.159.125.67 www.google.no
Hosts: 78.159.125.67 www.google.nl
Hosts: 78.159.125.67 www.google.com
Hosts: 78.159.125.67 www.google.se
Hosts: 78.159.125.67 uk.search.yahoo.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-3-13 35168]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-10-7 472280]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-8 366640]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2005-4-27 833168]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-8 22712]
S2 gupdate1c9f2a5ad8d9012;Google Updateservice (gupdate1c9f2a5ad8d9012);c:\program files\google\update\GoogleUpdate.exe [2009-6-21 133104]
S2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-7-8 2337144]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-6-21 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-7-8 39984]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [2006-2-25 152576]
.
=============== Created Last 30 ================
.
2011-07-08 22:45:41 388096 ----a-r- c:\documents and settings\christiene\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-07-08 22:45:38 -------- d-----w- c:\program files\Trend Micro
2011-07-08 19:49:00 -------- d-----w- c:\documents and settings\christiene\application data\TeamViewer
2011-07-08 19:48:49 -------- d-----w- c:\program files\TeamViewer
2011-07-08 19:42:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-08 19:42:18 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-08 19:42:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-07 19:13:48 -------- d-----w- c:\documents and settings\christiene\local settings\application data\ESET
2011-07-01 19:22:55 -------- d-----w- c:\documents and settings\christiene\application data\Piic
2011-07-01 19:22:55 -------- d-----w- c:\documents and settings\christiene\application data\Ogilaw
2011-06-21 19:58:19 -------- d-----w- c:\program files\MyTomTom 3
2011-06-15 18:49:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
.
==================== Find3M ====================
.
2011-07-08 19:45:47 1409 ----a-w- c:\windows\QTFont.for
2011-07-01 12:59:29 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-17 20:42:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-07 16:51:58 770384 ----a-w- c:\windows\system32\msvcr100.dll
2011-05-19 17:01:13 17480 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-05-02 15:31:53 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:06 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:05:05 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05:04 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:33 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
============= FINISH: 0:52:31,21 ===============

Is het nu weg??

Mvg dennis

 
dennis20
PC Web Plus - Member
PC Web Plus - Member
Onderwerp Auteur
Berichten: 3
Lid geworden op: za 09 jul, 2011 01:00:49
OS: xp

Re: Brief ING dat ik een virus heb binnen gekregen.

za 09 jul, 2011 01:57:54

EDIT : Nog een logje van Superantispyware :

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/09/2011 at 01:52 AM

Application Version : 4.55.1000

Core Rules Database Version : 7390
Trace Rules Database Version: 5202

Scan type : Complete Scan
Total Scan Time : 00:38:07

Memory items scanned : 514
Memory threats detected : 0
Registry items scanned : 7166
Registry threats detected : 7
File items scanned : 26897
File threats detected : 279

Adware.IST/YourSiteBar
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86227D9C-0EFE-4F8A-AA55-30386A3F5686}
HKCR\CLSID\{86227D9C-0EFE-4F8A-AA55-30386A3F5686}
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86227D9C-0EFE-4F8A-AA55-30386A3F5686}

Rogue.AntiVirusPlus
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2B5AAB8-2183-4BE7-81A6-F11493C45872}
HKCR\CLSID\{C2B5AAB8-2183-4BE7-81A6-F11493C45872}
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2B5AAB8-2183-4BE7-81A6-F11493C45872}

Adware.Tracking Cookie
C:\Documents and Settings\Christiene\Cookies\christiene@int.sitestat[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAK0NQJL.txt
C:\Documents and Settings\Christiene\Cookies\christiene@CA5FY36W.txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAZV2S5S.txt
C:\Documents and Settings\Christiene\Cookies\christiene@ns[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.googleadservices[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@hetnet[5].txt
C:\Documents and Settings\Christiene\Cookies\christiene@as1.falkag[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.belstat[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@tribalfusion[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[6].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.searchenginetracking[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[9].txt
C:\Documents and Settings\Christiene\Cookies\christiene@in.getclicky[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@statcounter[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@mediaplex[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@klo[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@ad.adparatus[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@hetnet[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@adserver.adremedy[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@stats.ilsemedia[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@postbanknv.112.2o7[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@rivm-nl[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[8].txt
C:\Documents and Settings\Christiene\Cookies\christiene@mmedia.t134[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@vandijk[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[3].txt
C:\Documents and Settings\Christiene\Cookies\christiene@advertising[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@piaggio.122.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@ad.zanox[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@bvn[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@bs.serving-sys[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@rivm[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@werkenbij[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@zbox.zanox[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.googleadservices[3].txt
C:\Documents and Settings\Christiene\Cookies\christiene@abnamronl.122.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[7].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAIZVDVE.txt
C:\Documents and Settings\Christiene\Cookies\christiene@serving-sys[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@imrworldwide[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@microsoftwlmailmkt.112.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[10].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.mailfemale[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@umc[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@doubleclick[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.belstat[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CA2BSNF1.txt
C:\Documents and Settings\Christiene\Cookies\christiene@omroep-nl[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@int.sitestat[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@msnportal.112.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@media6degrees[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@simpel.adservinginternational[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@content.yieldmanager[3].txt
C:\Documents and Settings\Christiene\Cookies\christiene@hetnet[4].txt
C:\Documents and Settings\Christiene\Cookies\christiene@stat.onestat[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@searchtrack[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@collective-media[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[5].txt
C:\Documents and Settings\Christiene\Cookies\christiene@bluemango.solution.weborama[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@hotelbookers.112.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@statse.webtrendslive[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@bfast[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@intermediair[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@eyewonder[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@ad.yieldmanager[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@bt.ilsemedia[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@hetnet[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAQ8B7JB.txt
C:\Documents and Settings\Christiene\Cookies\christiene@checkstat[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@tradedoubler[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAYU8EOB.txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[4].txt
C:\Documents and Settings\Christiene\Cookies\christiene@overture[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@weborama[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAP2FK99.txt
C:\Documents and Settings\Christiene\Cookies\christiene@kpn.122.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAIWTJG7.txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAE1PBJ7.txt
C:\Documents and Settings\Christiene\Cookies\christiene@eas.apm.emediate[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@specificclick[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@mailfemale[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@apmebf[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@partypoker[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@ad.360yield[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@microsoftwlmessengermkt.112.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@bluestreak[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@hetnet[3].txt
C:\Documents and Settings\Christiene\Cookies\christiene@ehg-asco.hitbox[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@nl.sitestat[11].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.googleadservices[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@content.yieldmanager[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@edsa.122.2o7[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@himedia.individuad[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@beacons.hottraffic[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@openx.motomedia[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@adserver.cyberned[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.cpcadnet[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@invitemedia[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAUY8JEC.txt
C:\Documents and Settings\Christiene\Cookies\christiene@adtech[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@ad.muzzy[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CA8FH2RT.txt
C:\Documents and Settings\Christiene\Cookies\christiene@CA0T16IX.txt
C:\Documents and Settings\Christiene\Cookies\christiene@fastclick[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.etracker[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@adbrite[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@vodafonebranding.solution.weborama[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAHWGLFW.txt
C:\Documents and Settings\Christiene\Cookies\christiene@media.photobucket[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@bizzclick[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAIBTWQ6.txt
C:\Documents and Settings\Christiene\Cookies\christiene@revsci[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@n-traffic[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@yieldmanager[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CA5QMTKM.txt
C:\Documents and Settings\Christiene\Cookies\christiene@trafficmp[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAKZDM7E.txt
C:\Documents and Settings\Christiene\Cookies\christiene@ads.creative-serving[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@surfmedia[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@fl01.ct2.comclick[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.windowsmedia[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@advertise[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@clicks.searchmirror[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@clickbank[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@adserver.adremedy[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@zedo[2].txt
C:\Documents and Settings\Christiene\Cookies\christiene@stats.edgevertising[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.tracklead[1].txt
C:\Documents and Settings\Christiene\Cookies\christiene@CAEG2XR3.txt
C:\Documents and Settings\Christiene\Cookies\christiene@www.cpcadnet[2].txt
hottraffic.nl [ C:\Documents and Settings\Christiene\Application Data\Macromedia\Flash Player\#SharedObjects\WGFPH3TP ]
www.surfmedia.nl [ C:\Documents and Settings\Christiene\Application Data\Macromedia\Flash Player\#SharedObjects\WGFPH3TP ]
yieldmanager.edgesuite.net [ C:\Documents and Settings\Christiene\Application Data\Macromedia\Flash Player\#SharedObjects\WGFPH3TP ]
.2o7.net [ C:\Documents and Settings\Christiene\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
da-tracking.com [ C:\Documents and Settings\Christiene\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
da-tracking.com [ C:\Documents and Settings\Christiene\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
149.memecounter.com [ C:\Documents and Settings\Joris\Application Data\Macromedia\Flash Player\#SharedObjects\K2PKFJB5 ]
beacons.hottraffic.nl [ C:\Documents and Settings\Joris\Application Data\Macromedia\Flash Player\#SharedObjects\K2PKFJB5 ]
c2.zedo.com [ C:\Documents and Settings\Joris\Application Data\Macromedia\Flash Player\#SharedObjects\K2PKFJB5 ]
hottraffic.nl [ C:\Documents and Settings\Joris\Application Data\Macromedia\Flash Player\#SharedObjects\K2PKFJB5 ]
m1.emea.2mdn.net [ C:\Documents and Settings\Joris\Application Data\Macromedia\Flash Player\#SharedObjects\K2PKFJB5 ]
C:\Documents and Settings\Joris\Cookies\joris@ads.adgoto[1].txt
C:\Documents and Settings\Joris\Cookies\joris@2o7[2].txt
C:\Documents and Settings\Joris\Cookies\joris@adserver.adremedy[1].txt
C:\Documents and Settings\Joris\Cookies\joris@adserver.adremedy[2].txt
C:\Documents and Settings\Joris\Cookies\joris@casalemedia[1].txt
C:\Documents and Settings\Joris\Cookies\joris@tribalfusion[2].txt
C:\Documents and Settings\Joris\Cookies\joris@ad.yieldmanager[2].txt
C:\Documents and Settings\Joris\Cookies\joris@revenue[2].txt
C:\Documents and Settings\Joris\Cookies\joris@realmedia[2].txt
C:\Documents and Settings\Joris\Cookies\joris@apmebf[2].txt
C:\Documents and Settings\Joris\Cookies\joris@xiti[1].txt
C:\Documents and Settings\Joris\Cookies\joris@sexthe[2].txt
C:\Documents and Settings\Joris\Cookies\joris@zedo[1].txt
C:\Documents and Settings\Joris\Cookies\joris@serving-sys[1].txt
C:\Documents and Settings\Joris\Cookies\joris@fastclick[1].txt
C:\Documents and Settings\Joris\Cookies\joris@stat.onestat[1].txt
C:\Documents and Settings\Joris\Cookies\joris@overture[2].txt
C:\Documents and Settings\Joris\Cookies\joris@msnportal.112.2o7[1].txt
C:\Documents and Settings\Joris\Cookies\joris@media6degrees[2].txt
C:\Documents and Settings\Joris\Cookies\joris@www.searchenginetracking[1].txt
C:\Documents and Settings\Joris\Cookies\joris@thephonehouse.solution.weborama[2].txt
C:\Documents and Settings\Joris\Cookies\joris@stats.adbrite[1].txt
C:\Documents and Settings\Joris\Cookies\joris@mediaplex[2].txt
C:\Documents and Settings\Joris\Cookies\joris@eezy.adservinginternational[2].txt
C:\Documents and Settings\Joris\Cookies\joris@www.humornsex[1].txt
C:\Documents and Settings\Joris\Cookies\joris@adserver.roadside[2].txt
C:\Documents and Settings\Joris\Cookies\joris@www.humornsex[2].txt
C:\Documents and Settings\Joris\Cookies\joris@weborama[2].txt
C:\Documents and Settings\Joris\Cookies\joris@www.googleadservices[2].txt
C:\Documents and Settings\Joris\Cookies\joris@ads.humornsex[2].txt
C:\Documents and Settings\Joris\Cookies\joris@ohra.adservinginternational[2].txt
C:\Documents and Settings\Joris\Cookies\joris@doubleclick[2].txt
C:\Documents and Settings\Joris\Cookies\joris@bluestreak[1].txt
C:\Documents and Settings\Joris\Cookies\joris@hitbox[1].txt
C:\Documents and Settings\Joris\Cookies\joris@marketbanker[1].txt
C:\Documents and Settings\Joris\Cookies\joris@indextools[2].txt
C:\Documents and Settings\Joris\Cookies\joris@humornsex[2].txt
C:\Documents and Settings\Joris\Cookies\joris@ehg-foxmovies.hitbox[2].txt
C:\Documents and Settings\Joris\Cookies\joris@ads.adtop[1].txt
C:\Documents and Settings\Joris\Cookies\joris@adservice4.tibaco[2].txt
C:\Documents and Settings\Joris\Cookies\joris@statcounter[1].txt
C:\Documents and Settings\Joris\Cookies\joris@adtech[1].txt
C:\Documents and Settings\Joris\Cookies\joris@server.cpmstar[2].txt
C:\Documents and Settings\Joris\Cookies\joris@adserver2.spele[1].txt
C:\Documents and Settings\Joris\Cookies\joris@adserv01[1].txt
C:\Documents and Settings\Joris\Cookies\joris@adopt.euroclick[2].txt
C:\Documents and Settings\Joris\Cookies\joris@bluemango.solution.weborama[2].txt
C:\Documents and Settings\Joris\Cookies\joris@gjacket.adbureau[2].txt
C:\Documents and Settings\Joris\Cookies\joris@ad.trackbar[1].txt
C:\Documents and Settings\Joris\Cookies\joris@beacons.hottraffic[1].txt
C:\Documents and Settings\Joris\Cookies\joris@247realmedia[1].txt
C:\Documents and Settings\Joris\Cookies\joris@bs.serving-sys[2].txt
C:\Documents and Settings\Joris\Cookies\joris@ad.adtoma[1].txt
C:\Documents and Settings\Joris\Cookies\joris@advertising[2].txt
C:\Documents and Settings\Joris\Cookies\joris@tradedoubler[2].txt
C:\Documents and Settings\Joris\Cookies\joris@content.yieldmanager[3].txt
C:\Documents and Settings\Joris\Cookies\joris@content.yieldmanager[2].txt
C:\Documents and Settings\Joris\Cookies\joris@edsa.122.2o7[1].txt
C:\Documents and Settings\Joris\Cookies\joris@revsci[2].txt
C:\Documents and Settings\Joris\Cookies\joris@adbrite[1].txt
C:\Documents and Settings\Joris\Cookies\joris@atdmt[1].txt
hottraffic.nl [ C:\Documents and Settings\zwaluwjachtbouw\Application Data\Macromedia\Flash Player\#SharedObjects\9MDPBDTT ]
s0.2mdn.net [ C:\Documents and Settings\zwaluwjachtbouw\Application Data\Macromedia\Flash Player\#SharedObjects\9MDPBDTT ]
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@azjmp[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@atdmt[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@revsci[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@yieldmanager[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@2o7[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@stat.onestat[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@ad.yieldmanager[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@doubleclick[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@bluestreak[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@msnportal.112.2o7[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@apmebf[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@stats.ilsemedia[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@detelegraaf.112.2o7[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@vodafonebranding.solution.weborama[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@ehg-reed.hitbox[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@indextools[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@www.googleadservices[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@ad.adtoma[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@zanox[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@pixel.ilsemedia[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@m1.webstats.motigo[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@hitbox[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@gsmweb.solution.weborama[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@tradefx.advertserve[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@phg.hitbox[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@smartadserver[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@ads.worldstarhiphop[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@invitemedia[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@specificclick[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@advertising[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@ehg-eset.hitbox[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@ad.zanox[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@adtech[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@adxpose[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@beacons.hottraffic[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@bluemango.solution.weborama[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@brugmedia[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@bs.serving-sys[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@content.yieldmanager[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@eas.apm.emediate[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@edsa.122.2o7[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@fastclick[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@mediaplex[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@serving-sys[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@tradedoubler[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@weborama[2].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@www2.mystats[1].txt
C:\Documents and Settings\zwaluwjachtbouw\Cookies\zwaluwjachtbouw@www8.addfreestats[1].txt
www.cpcadnet.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.cpcadnet.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
nl.sitestat.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
nl.sitestat.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.weborama.fr [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sizz.solution.weborama.fr [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sizz.solution.weborama.fr [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sizz.solution.weborama.fr [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sizz.solution.weborama.fr [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
nl.sitestat.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
nl.sitestat.com [ C:\Documents and Settings\zwaluwjachtbouw\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Adware.IST/ISTBar (Slotch Bar)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest [ Never ]
 
Gebruikersavatar
Maxstar
Administrator
Administrator
Berichten: 41337
Lid geworden op: za 27 sep, 2008 10:18:07
Kennisniveau: (3) Expert
OS: Windows 10
AV: Emsisoft Internet Security
Contacteer:

Re: Brief ING dat ik een virus heb binnen gekregen.

za 09 jul, 2011 09:42:31

Hoi en welkom op het forum,

1. Start Malwarebytes en klik op tabblad Meer functies tab
Klik hier op Fileassasin starten
Daarna zal een nieuw venster openen
Kopieer en plak het volgende in het veld bij bestandsnaam :

C:\WINDOWS\system32\drivers\etc\hosts

Klik daarna op openen en kies voor JA om het Hosts bestand te verwijderen.
Afbeelding

Download HostsXpert
Unzip het programma naar je Bureaublad.
Open de map en dubbelklik op Hoster.exe
Klik op "Restore Microsofts Original Hosts File"
Klik op "OK" en sluit het programma.


2. Start MalwareBytes' Anti-Malware (MBAM)
  • Klik op het tabblad "Update" en vervolgens op "Controleer op updates"

    Bij problemen!!! (Lees de onderstaande instructies)

    Klik op het tabblad "scanner"
  • Kies de optie "snelle scan" en klik op "scannen"
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


3. Download TDSSKiller en plaats het op je bureaublad.
  • Pak de bestanden in tdsskiller.zip uit.
  • Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
  • Let op!!! Windows Vista & 7 gebruikers dienen TDSSkiller als administrator uit te voeren "Rechtermuisknop uitvoeren als",
  • Klik op de knop "Start Scan" en volg de instructies.
  • Wanneer de scan klaar is klik je op de knop "Report".
  • Er opent een kladblokbestand. Post de inhoud van dit bestand.

Plaats het logje van MBAM en TDSSkiller samen met een nieuw DDS logje in het volgende bericht.
Met vriendelijke groet,

Maxstar


Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
 
dennis20
PC Web Plus - Member
PC Web Plus - Member
Onderwerp Auteur
Berichten: 3
Lid geworden op: za 09 jul, 2011 01:00:49
OS: xp

Re: Brief ING dat ik een virus heb binnen gekregen.

za 09 jul, 2011 11:55:09

hallo,

Bedankt voor de reactie.

Ik heb gedaan wat u zei en ik heb de volgende logs :


MBAM :

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Databaseversie: 7056

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9-7-2011 11:44:04
mbam-log-2011-07-09 (11-44-04).txt

Scantype: Snelle scan
Objecten gescand: 229327
Verstreken tijd: 14 minuut/minuten, 31 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)



tdsskiller :
2011/07/09 11:50:32.0015 4040 TDSS rootkit removing tool 2.5.9.0 Jul 1 2011 18:45:21
2011/07/09 11:50:32.0187 4040 ================================================================================
2011/07/09 11:50:32.0187 4040 SystemInfo:
2011/07/09 11:50:32.0187 4040
2011/07/09 11:50:32.0187 4040 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/09 11:50:32.0187 4040 Product type: Workstation
2011/07/09 11:50:32.0187 4040 ComputerName: JANJAK
2011/07/09 11:50:32.0187 4040 UserName: Christiene
2011/07/09 11:50:32.0187 4040 Windows directory: C:\windows
2011/07/09 11:50:32.0187 4040 System windows directory: C:\windows
2011/07/09 11:50:32.0187 4040 Processor architecture: Intel x86
2011/07/09 11:50:32.0187 4040 Number of processors: 2
2011/07/09 11:50:32.0187 4040 Page size: 0x1000
2011/07/09 11:50:32.0187 4040 Boot type: Normal boot
2011/07/09 11:50:32.0187 4040 ================================================================================
2011/07/09 11:50:33.0234 4040 Initialize success
2011/07/09 11:50:36.0203 1948 ================================================================================
2011/07/09 11:50:36.0203 1948 Scan started
2011/07/09 11:50:36.0203 1948 Mode: Manual;
2011/07/09 11:50:36.0203 1948 ================================================================================
2011/07/09 11:50:37.0968 1948 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\windows\system32\DRIVERS\ABP480N5.SYS
2011/07/09 11:50:38.0000 1948 ACPI (02273a448ba21a7d447daeb47810d40c) C:\windows\system32\DRIVERS\ACPI.sys
2011/07/09 11:50:38.0031 1948 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\windows\system32\drivers\ACPIEC.sys
2011/07/09 11:50:38.0062 1948 adpu160m (9a11864873da202c996558b2106b0bbc) C:\windows\system32\DRIVERS\adpu160m.sys
2011/07/09 11:50:38.0109 1948 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys
2011/07/09 11:50:38.0156 1948 AFD (355556d9e580915118cd7ef736653a89) C:\windows\System32\drivers\afd.sys
2011/07/09 11:50:38.0187 1948 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\windows\system32\DRIVERS\agp440.sys
2011/07/09 11:50:38.0218 1948 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\windows\system32\DRIVERS\agpCPQ.sys
2011/07/09 11:50:38.0234 1948 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\windows\system32\DRIVERS\aha154x.sys
2011/07/09 11:50:38.0265 1948 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\windows\system32\DRIVERS\aic78u2.sys
2011/07/09 11:50:38.0281 1948 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\windows\system32\DRIVERS\aic78xx.sys
2011/07/09 11:50:38.0312 1948 AliIde (1140ab9938809700b46bb88e46d72a96) C:\windows\system32\DRIVERS\aliide.sys
2011/07/09 11:50:38.0343 1948 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\windows\system32\DRIVERS\alim1541.sys
2011/07/09 11:50:38.0359 1948 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\windows\system32\DRIVERS\amdagp.sys
2011/07/09 11:50:38.0390 1948 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\windows\system32\DRIVERS\amsint.sys
2011/07/09 11:50:38.0406 1948 asc (62d318e9a0c8fc9b780008e724283707) C:\windows\system32\DRIVERS\asc.sys
2011/07/09 11:50:38.0437 1948 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\windows\system32\DRIVERS\asc3350p.sys
2011/07/09 11:50:38.0453 1948 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\windows\system32\DRIVERS\asc3550.sys
2011/07/09 11:50:38.0531 1948 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys
2011/07/09 11:50:38.0578 1948 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys
2011/07/09 11:50:38.0640 1948 ati2mtag (f0d0b0cdec0be32d775f404cac2604bf) C:\windows\system32\DRIVERS\ati2mtag.sys
2011/07/09 11:50:38.0656 1948 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys
2011/07/09 11:50:38.0687 1948 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys
2011/07/09 11:50:38.0718 1948 bcm4sbxp (e727776a56a51b7e6b7c87c02ea8b405) C:\windows\system32\DRIVERS\bcm4sbxp.sys
2011/07/09 11:50:38.0750 1948 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys
2011/07/09 11:50:38.0765 1948 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\DRIVERS\cbidf2k.sys
2011/07/09 11:50:38.0796 1948 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys
2011/07/09 11:50:38.0828 1948 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\windows\system32\DRIVERS\CCDECODE.sys
2011/07/09 11:50:38.0859 1948 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\windows\system32\DRIVERS\cd20xrnt.sys
2011/07/09 11:50:38.0875 1948 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys
2011/07/09 11:50:38.0906 1948 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys
2011/07/09 11:50:38.0937 1948 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\windows\system32\DRIVERS\cdrom.sys
2011/07/09 11:50:39.0000 1948 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\windows\system32\DRIVERS\cmdide.sys
2011/07/09 11:50:39.0031 1948 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\windows\system32\DRIVERS\cpqarray.sys
2011/07/09 11:50:39.0062 1948 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\windows\system32\DRIVERS\dac2w2k.sys
2011/07/09 11:50:39.0093 1948 dac960nt (683789caa3864eb46125ae86ff677d34) C:\windows\system32\DRIVERS\dac960nt.sys
2011/07/09 11:50:39.0125 1948 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys
2011/07/09 11:50:39.0187 1948 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\windows\system32\drivers\dmboot.sys
2011/07/09 11:50:39.0218 1948 dmio (7268e66259722f6228c730685b201092) C:\windows\system32\drivers\dmio.sys
2011/07/09 11:50:39.0250 1948 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys
2011/07/09 11:50:39.0281 1948 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys
2011/07/09 11:50:39.0312 1948 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\windows\system32\DRIVERS\dpti2o.sys
2011/07/09 11:50:39.0343 1948 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys
2011/07/09 11:50:39.0390 1948 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\windows\system32\drivers\drvmcdb.sys
2011/07/09 11:50:39.0406 1948 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\windows\system32\drivers\drvnddm.sys
2011/07/09 11:50:39.0437 1948 E100B (be27de641e52d8b295dea40b213318f7) C:\windows\system32\DRIVERS\e100b325.sys
2011/07/09 11:50:39.0484 1948 eamon (a777d095402b31b0aafe7f19c89fb3a1) C:\windows\system32\DRIVERS\eamon.sys
2011/07/09 11:50:39.0515 1948 easdrv (e6dffb60bdbd91749eab4d45bc8926a9) C:\windows\system32\DRIVERS\easdrv.sys
2011/07/09 11:50:39.0562 1948 epfwtdir (bb2e195088af3f6091ef9f8e42f0581f) C:\windows\system32\DRIVERS\epfwtdir.sys
2011/07/09 11:50:39.0625 1948 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys
2011/07/09 11:50:39.0656 1948 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\DRIVERS\fdc.sys
2011/07/09 11:50:39.0671 1948 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\windows\system32\drivers\Fips.sys
2011/07/09 11:50:39.0703 1948 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\DRIVERS\flpydisk.sys
2011/07/09 11:50:39.0734 1948 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\drivers\fltmgr.sys
2011/07/09 11:50:39.0750 1948 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys
2011/07/09 11:50:39.0781 1948 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\windows\system32\DRIVERS\ftdisk.sys
2011/07/09 11:50:39.0812 1948 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys
2011/07/09 11:50:39.0890 1948 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys
2011/07/09 11:50:39.0906 1948 hpn (b028377dea0546a5fcfba928a8aefae0) C:\windows\system32\DRIVERS\hpn.sys
2011/07/09 11:50:39.0953 1948 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\windows\system32\Drivers\HTTP.sys
2011/07/09 11:50:40.0000 1948 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\windows\system32\drivers\i2omgmt.sys
2011/07/09 11:50:40.0031 1948 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\windows\system32\DRIVERS\i2omp.sys
2011/07/09 11:50:40.0062 1948 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\windows\system32\DRIVERS\i8042prt.sys
2011/07/09 11:50:40.0109 1948 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys
2011/07/09 11:50:40.0125 1948 ini910u (4a40e045faee58631fd8d91afc620719) C:\windows\system32\DRIVERS\ini910u.sys
2011/07/09 11:50:40.0156 1948 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\windows\system32\DRIVERS\intelide.sys
2011/07/09 11:50:40.0203 1948 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\windows\system32\DRIVERS\intelppm.sys
2011/07/09 11:50:40.0234 1948 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\drivers\ip6fw.sys
2011/07/09 11:50:40.0250 1948 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/07/09 11:50:40.0281 1948 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys
2011/07/09 11:50:40.0328 1948 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys
2011/07/09 11:50:40.0359 1948 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys
2011/07/09 11:50:40.0406 1948 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys
2011/07/09 11:50:40.0453 1948 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\windows\system32\DRIVERS\isapnp.sys
2011/07/09 11:50:40.0484 1948 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\windows\system32\DRIVERS\kbdclass.sys
2011/07/09 11:50:40.0500 1948 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\windows\system32\DRIVERS\kbdhid.sys
2011/07/09 11:50:40.0546 1948 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys
2011/07/09 11:50:40.0562 1948 KSecDD (b467646c54cc746128904e1654c750c1) C:\windows\system32\drivers\KSecDD.sys
2011/07/09 11:50:40.0640 1948 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\windows\system32\drivers\mbam.sys
2011/07/09 11:50:40.0687 1948 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys
2011/07/09 11:50:40.0734 1948 Modem (8114eeac353f549331ab73e9af4219ed) C:\windows\system32\drivers\Modem.sys
2011/07/09 11:50:40.0781 1948 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\windows\system32\DRIVERS\mouclass.sys
2011/07/09 11:50:40.0828 1948 mouhid (18017899254e01371e1a39754d6bf98c) C:\windows\system32\DRIVERS\mouhid.sys
2011/07/09 11:50:40.0859 1948 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys
2011/07/09 11:50:40.0875 1948 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\windows\system32\DRIVERS\mraid35x.sys
2011/07/09 11:50:40.0906 1948 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys
2011/07/09 11:50:40.0953 1948 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/07/09 11:50:41.0000 1948 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys
2011/07/09 11:50:41.0046 1948 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\windows\system32\drivers\MSKSSRV.sys
2011/07/09 11:50:41.0093 1948 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/07/09 11:50:41.0125 1948 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\windows\system32\drivers\MSPQM.sys
2011/07/09 11:50:41.0156 1948 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys
2011/07/09 11:50:41.0187 1948 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\windows\system32\drivers\MSTEE.sys
2011/07/09 11:50:41.0203 1948 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\windows\system32\drivers\Mup.sys
2011/07/09 11:50:41.0250 1948 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\windows\system32\DRIVERS\NABTSFEC.sys
2011/07/09 11:50:41.0296 1948 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys
2011/07/09 11:50:41.0343 1948 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\windows\system32\DRIVERS\NdisIP.sys
2011/07/09 11:50:41.0390 1948 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\windows\system32\DRIVERS\ndistapi.sys
2011/07/09 11:50:41.0437 1948 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys
2011/07/09 11:50:41.0468 1948 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys
2011/07/09 11:50:41.0500 1948 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\windows\system32\drivers\NDProxy.sys
2011/07/09 11:50:41.0531 1948 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys
2011/07/09 11:50:41.0578 1948 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys
2011/07/09 11:50:41.0640 1948 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys
2011/07/09 11:50:41.0687 1948 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys
2011/07/09 11:50:41.0750 1948 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys
2011/07/09 11:50:41.0828 1948 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\windows\system32\DRIVERS\nv4_mini.sys
2011/07/09 11:50:41.0859 1948 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys
2011/07/09 11:50:41.0890 1948 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys
2011/07/09 11:50:41.0953 1948 omci (53d5f1278d9edb21689bbbcecc09108d) C:\windows\system32\DRIVERS\omci.sys
2011/07/09 11:50:42.0000 1948 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\windows\system32\DRIVERS\parport.sys
2011/07/09 11:50:42.0015 1948 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys
2011/07/09 11:50:42.0062 1948 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\windows\system32\drivers\ParVdm.sys
2011/07/09 11:50:42.0078 1948 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\windows\system32\DRIVERS\pci.sys
2011/07/09 11:50:42.0125 1948 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\windows\system32\DRIVERS\pciide.sys
2011/07/09 11:50:42.0156 1948 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\windows\system32\drivers\Pcmcia.sys
2011/07/09 11:50:42.0250 1948 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\windows\system32\DRIVERS\perc2.sys
2011/07/09 11:50:42.0281 1948 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\windows\system32\DRIVERS\perc2hib.sys
2011/07/09 11:50:42.0359 1948 PID_0920 (9b4aff0adade21cba680e074f6be600b) C:\windows\system32\DRIVERS\LV532AV.SYS
2011/07/09 11:50:42.0406 1948 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys
2011/07/09 11:50:42.0437 1948 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys
2011/07/09 11:50:42.0468 1948 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys
2011/07/09 11:50:42.0500 1948 PxHelp20 (86724469cd077901706854974cd13c3e) C:\windows\system32\Drivers\PxHelp20.sys
2011/07/09 11:50:42.0531 1948 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\windows\system32\DRIVERS\ql1080.sys
2011/07/09 11:50:42.0546 1948 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\windows\system32\DRIVERS\ql10wnt.sys
2011/07/09 11:50:42.0578 1948 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\windows\system32\DRIVERS\ql12160.sys
2011/07/09 11:50:42.0593 1948 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\windows\system32\DRIVERS\ql1240.sys
2011/07/09 11:50:42.0625 1948 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\windows\system32\DRIVERS\ql1280.sys
2011/07/09 11:50:42.0656 1948 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys
2011/07/09 11:50:42.0671 1948 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/07/09 11:50:42.0703 1948 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys
2011/07/09 11:50:42.0734 1948 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys
2011/07/09 11:50:42.0781 1948 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys
2011/07/09 11:50:42.0796 1948 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/07/09 11:50:42.0890 1948 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys
2011/07/09 11:50:43.0156 1948 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\windows\system32\drivers\RDPWD.sys
2011/07/09 11:50:43.0406 1948 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\windows\system32\DRIVERS\redbook.sys
2011/07/09 11:50:43.0640 1948 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/07/09 11:50:43.0671 1948 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/07/09 11:50:43.0734 1948 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys
2011/07/09 11:50:43.0812 1948 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\windows\system32\drivers\senfilt.sys
2011/07/09 11:50:43.0875 1948 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\windows\system32\DRIVERS\serenum.sys
2011/07/09 11:50:43.0921 1948 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\windows\system32\DRIVERS\serial.sys
2011/07/09 11:50:44.0031 1948 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\drivers\Sfloppy.sys
2011/07/09 11:50:44.0125 1948 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\windows\system32\DRIVERS\sisagp.sys
2011/07/09 11:50:44.0171 1948 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\windows\system32\DRIVERS\SLIP.sys
2011/07/09 11:50:44.0218 1948 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\windows\system32\drivers\smwdm.sys
2011/07/09 11:50:44.0250 1948 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\windows\system32\DRIVERS\sparrow.sys
2011/07/09 11:50:44.0265 1948 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys
2011/07/09 11:50:44.0296 1948 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\windows\system32\DRIVERS\sr.sys
2011/07/09 11:50:44.0359 1948 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\windows\system32\DRIVERS\srv.sys
2011/07/09 11:50:44.0406 1948 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\windows\system32\drivers\sscdbhk5.sys
2011/07/09 11:50:44.0437 1948 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\windows\system32\drivers\ssrtln.sys
2011/07/09 11:50:44.0484 1948 streamip (77813007ba6265c4b6098187e6ed79d2) C:\windows\system32\DRIVERS\StreamIP.sys
2011/07/09 11:50:44.0500 1948 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys
2011/07/09 11:50:44.0531 1948 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys
2011/07/09 11:50:44.0562 1948 symc810 (1ff3217614018630d0a6758630fc698c) C:\windows\system32\DRIVERS\symc810.sys
2011/07/09 11:50:44.0593 1948 symc8xx (070e001d95cf725186ef8b20335f933c) C:\windows\system32\DRIVERS\symc8xx.sys
2011/07/09 11:50:44.0640 1948 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
2011/07/09 11:50:44.0656 1948 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\windows\system32\DRIVERS\sym_hi.sys
2011/07/09 11:50:44.0671 1948 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\windows\system32\DRIVERS\sym_u3.sys
2011/07/09 11:50:44.0703 1948 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys
2011/07/09 11:50:44.0765 1948 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\windows\system32\DRIVERS\tcpip.sys
2011/07/09 11:50:44.0796 1948 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys
2011/07/09 11:50:44.0812 1948 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys
2011/07/09 11:50:44.0859 1948 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys
2011/07/09 11:50:44.0906 1948 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\windows\system32\dla\tfsnboio.sys
2011/07/09 11:50:44.0921 1948 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\windows\system32\dla\tfsncofs.sys
2011/07/09 11:50:44.0953 1948 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\windows\system32\dla\tfsndrct.sys
2011/07/09 11:50:44.0968 1948 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\windows\system32\dla\tfsndres.sys
2011/07/09 11:50:45.0000 1948 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\windows\system32\dla\tfsnifs.sys
2011/07/09 11:50:45.0015 1948 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\windows\system32\dla\tfsnopio.sys
2011/07/09 11:50:45.0046 1948 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\windows\system32\dla\tfsnpool.sys
2011/07/09 11:50:45.0062 1948 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\windows\system32\dla\tfsnudf.sys
2011/07/09 11:50:45.0093 1948 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\windows\system32\dla\tfsnudfa.sys
2011/07/09 11:50:45.0140 1948 toshidpt (62c57e7411b5f20980e70530ca69d5a7) C:\windows\system32\drivers\Toshidpt.sys
2011/07/09 11:50:45.0156 1948 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\windows\system32\DRIVERS\toside.sys
2011/07/09 11:50:45.0187 1948 tosporte (e46fb54be8a2a395fe96633b838baafe) C:\windows\system32\DRIVERS\tosporte.sys
2011/07/09 11:50:45.0203 1948 Tosrfbd (07fb801d43f3ece221d4a33fda485bc2) C:\windows\system32\Drivers\tosrfbd.sys
2011/07/09 11:50:45.0234 1948 Tosrfbnp (fe200eece7521061cdad658c6ee4f341) C:\windows\system32\Drivers\tosrfbnp.sys
2011/07/09 11:50:45.0265 1948 Tosrfcom (d185be751021bcf1e5d58566d408314a) C:\windows\system32\Drivers\tosrfcom.sys
2011/07/09 11:50:45.0281 1948 Tosrfhid (37bcbccc4a71abbeaee90fd25e1132b2) C:\windows\system32\DRIVERS\Tosrfhid.sys
2011/07/09 11:50:45.0312 1948 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\windows\system32\DRIVERS\tosrfnds.sys
2011/07/09 11:50:45.0328 1948 TosRfSnd (b5518adb2b0029ff95d22e8e7336f49f) C:\windows\system32\drivers\TosRfSnd.sys
2011/07/09 11:50:45.0359 1948 Tosrfusb (65598d886bdaeae0c1d3cddc454c8383) C:\windows\system32\Drivers\tosrfusb.sys
2011/07/09 11:50:45.0390 1948 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys
2011/07/09 11:50:45.0421 1948 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\windows\system32\DRIVERS\ultra.sys
2011/07/09 11:50:45.0453 1948 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys
2011/07/09 11:50:45.0484 1948 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys
2011/07/09 11:50:45.0515 1948 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys
2011/07/09 11:50:45.0546 1948 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys
2011/07/09 11:50:45.0562 1948 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys
2011/07/09 11:50:45.0593 1948 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys
2011/07/09 11:50:45.0625 1948 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/07/09 11:50:45.0656 1948 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys
2011/07/09 11:50:45.0703 1948 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\windows\system32\DRIVERS\usb8023x.sys
2011/07/09 11:50:45.0734 1948 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys
2011/07/09 11:50:45.0765 1948 viaagp (754292ce5848b3738281b4f3607eaef4) C:\windows\system32\DRIVERS\viaagp.sys
2011/07/09 11:50:45.0781 1948 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\windows\system32\DRIVERS\viaide.sys
2011/07/09 11:50:45.0796 1948 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\windows\system32\drivers\VolSnap.sys
2011/07/09 11:50:45.0843 1948 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys
2011/07/09 11:50:45.0906 1948 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys
2011/07/09 11:50:46.0015 1948 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\windows\system32\DRIVERS\wpdusb.sys
2011/07/09 11:50:46.0046 1948 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\windows\System32\drivers\ws2ifsl.sys
2011/07/09 11:50:46.0078 1948 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\windows\system32\DRIVERS\WSTCODEC.SYS
2011/07/09 11:50:46.0109 1948 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\windows\system32\DRIVERS\WudfPf.sys
2011/07/09 11:50:46.0125 1948 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\windows\system32\DRIVERS\wudfrd.sys
2011/07/09 11:50:46.0187 1948 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/09 11:50:46.0203 1948 Boot (0x1200) (44d6cc76479474b4e803e56f40c0fe8f) \Device\Harddisk0\DR0\Partition0
2011/07/09 11:50:46.0218 1948 ================================================================================
2011/07/09 11:50:46.0218 1948 Scan finished
2011/07/09 11:50:46.0218 1948 ================================================================================
2011/07/09 11:50:46.0234 3424 Detected object count: 0
2011/07/09 11:50:46.0234 3424 Actual detected object count: 0



DDS:
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Christiene at 11:51:37 on 2011-07-09
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2046.1349 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ===============
.
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost -k DcomLaunch
svchost.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\windows\system32\spoolsv.exe
svchost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\windows\Explorer.EXE
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.euro.dell.com/
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://www.euro.dell.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: Mirar: {d15c7d18-0b70-40ab-935c-88052751d95b} -
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [<NO NAME>]
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [dlbxmon.exe] "c:\program files\dell photo aio printer 962\dlbxmon.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mic273~1\office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftup ... 3224185140
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{A38C794D-065F-4DE7-94C0-C247CEB8B7C5} : DhcpNameServer = 192.168.2.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-3-13 35168]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-10-7 472280]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-8 366640]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2005-4-27 833168]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-7-8 2337144]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-8 22712]
S2 gupdate1c9f2a5ad8d9012;Google Updateservice (gupdate1c9f2a5ad8d9012);c:\program files\google\update\GoogleUpdate.exe [2009-6-21 133104]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-6-21 133104]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [2006-2-25 152576]
.
=============== Created Last 30 ================
.
2011-07-08 23:12:39 -------- d-----w- c:\documents and settings\christiene\application data\SUPERAntiSpyware.com
2011-07-08 23:12:39 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-07-08 23:12:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-08 22:45:41 388096 ----a-r- c:\documents and settings\christiene\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-07-08 22:45:38 -------- d-----w- c:\program files\Trend Micro
2011-07-08 19:49:00 -------- d-----w- c:\documents and settings\christiene\application data\TeamViewer
2011-07-08 19:48:49 -------- d-----w- c:\program files\TeamViewer
2011-07-08 19:42:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-08 19:42:18 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-08 19:42:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-07 19:13:48 -------- d-----w- c:\documents and settings\christiene\local settings\application data\ESET
2011-07-01 19:22:55 -------- d-----w- c:\documents and settings\christiene\application data\Piic
2011-07-01 19:22:55 -------- d-----w- c:\documents and settings\christiene\application data\Ogilaw
2011-06-21 19:58:19 -------- d-----w- c:\program files\MyTomTom 3
2011-06-15 18:49:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
.
==================== Find3M ====================
.
2011-07-09 09:24:18 1409 ----a-w- c:\windows\QTFont.for
2011-07-01 12:59:29 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-17 20:42:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-07 16:51:58 770384 ----a-w- c:\windows\system32\msvcr100.dll
2011-05-19 17:01:13 17480 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-05-02 15:31:53 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:06 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:05:05 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05:04 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:33 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
============= FINISH: 11:52:06,79 ===============


is het nu weg?

Mvg dennis
 
Gebruikersavatar
Maxstar
Administrator
Administrator
Berichten: 41337
Lid geworden op: za 27 sep, 2008 10:18:07
Kennisniveau: (3) Expert
OS: Windows 10
AV: Emsisoft Internet Security
Contacteer:

Re: Brief ING dat ik een virus heb binnen gekregen.

za 09 jul, 2011 12:18:08

Hoi,

De logjes zie er goed uit, maar voer ter controle nog even de ING cleaner en een online scan uit.

1. Ga naar ING.nl/cleaner en druk op Virus verwijdertool.
Sla het bestand genaamd "FCleaner_tcmx-xxxxx" op je bureaublad op.

Voer het bestand uit (openen). Indien er iets gevonden wordt krijg je de mogelijkheid om op "Clean" te drukken. Doe dit ook.
Je zult een aftelscherm in beeld krijgen. Dit zorgt ervoor dat je systeem opnieuw opgestart wordt.

Na herstart zal een een logbestand op je bureaublad verschijnen genaamd FCleaner_<datum>_<tijd>.log.

Ga naar Daniel's Logupload (klik op de link).

Druk op "Bladeren..." en ga naar je bureaublad toe. Selecteer nu het bestand FCleaner_<datum>_<tijd>.log.
Druk nu op Toevoegen. Je zult een link terug krijgen, plaats deze in je volgende reactie.


2. Internet Explorer
Let op!!! Windows Vista & 7 gebruikers dienen Internet Explorer als administrator uit te voeren "Rechtermuisknop uitvoeren als administrator",
Ga naar de site : http://www.bitdefender.com/scanner/online/free.html
  • Klik op de knop "Start Scanner"
  • Vink de optie "I agree with the Terms and Conditions" aan en klik op "Start here"
  • Als er gevraagd wordt om de invoeg toepassing te installeren dan sta je dit toe.
    • Afbeelding
  • Als er een melding komt van UAC (Gebruikersaccountbeheer) klikt u op "Ja"
  • Klik nu op "Start scan" en doe verder niets op de PC.
  • Klik als de scan gereed is op "Click here to view report"
  • Selecteer de inhoud hiervan en kopieer dit in uw volgende bericht.

Firefox
Ga naar de site : http://www.bitdefender.com/scanner/online/free.html
  • Klik op de knop "Start Scanner"
  • Klik nu op de knop "Free scan now"
  • Klik op "toestaan" als er gevraagd wordt om de extensie van BitDefender te installeren.
  • Laat hierna Firefox "herstarten" sluit hierna het venster "add-ons"
  • Klik nu nogmaals op "Free scan now" en doe verder niets op de PC.
  • Indien de scan gereed is klikt op "View report"
  • Er wordt nu een kladblok bestand geopend, plaats de inhoud hiervan in uw volgende bericht.
Met vriendelijke groet,

Maxstar


Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
 
Gebruikersavatar
Maxstar
Administrator
Administrator
Berichten: 41337
Lid geworden op: za 27 sep, 2008 10:18:07
Kennisniveau: (3) Expert
OS: Windows 10
AV: Emsisoft Internet Security
Contacteer:

Re: Brief ING dat ik een virus heb binnen gekregen.

ma 11 jul, 2011 16:14:06

Hoi,

Wil het lukken?
Met vriendelijke groet,

Maxstar


Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
 
Gebruikersavatar
Maxstar
Administrator
Administrator
Berichten: 41337
Lid geworden op: za 27 sep, 2008 10:18:07
Kennisniveau: (3) Expert
OS: Windows 10
AV: Emsisoft Internet Security
Contacteer:

Re: Brief ING dat ik een virus heb binnen gekregen.

wo 31 aug, 2011 16:25:26

Bij gebrek aan feedback wordt dit topic gesloten en verplaatst naar de sectie opgeloste problemen / logs.

Als u dit topic heropent wilt hebben, dan kunt u mij of één van moderators een (PB) privébericht sturen met een link naar dit betreffende topic.

Indien het topic al langere tijd is gesloten kunt u het beste hier een nieuw topic aanmaken, en eventueel verwijzen naar dit topic.


Voor alle andere vragen kunt u in het juiste forum een nieuw onderwerp starten.
Met vriendelijke groet,

Maxstar


Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Wie is er online

Gebruikers op dit forum: Google [Bot] en 18 gasten