Combofix werk wel.
Je hebt nergens op geklikt tijdens de scan:S
Gewoon geduldig afgewacht:S
Verwijder die combo maar met de link die ik je eerder gaf.
We gaan verder kijken:
Download en plaats het op je bureaublad.
Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Windows 7 en Windows Vista gebruikers:
Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.
Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.
Klik op de knop “Start Scan” en volg de instructies.
Wanneer de scan klaar is klik je op de knop “Report”.
Er opent een kladblokbestand. Post de inhoud van dit bestand.
Herstart de pc als TDSSKiller die optie geeft. (Reboot now)
Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.___log.txt
plaats ook meteen een nieuw HijackThis logje
Succes,
Huib;)
2011/09/03 12:18:23.0187 3216 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/09/03 12:18:23.0343 3216 ================================================================================
2011/09/03 12:18:23.0343 3216 SystemInfo:
2011/09/03 12:18:23.0343 3216
2011/09/03 12:18:23.0343 3216 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/03 12:18:23.0343 3216 Product type: Workstation
2011/09/03 12:18:23.0343 3216 ComputerName: COMPUTER_MCE
2011/09/03 12:18:23.0343 3216 UserName: Gebruiker
2011/09/03 12:18:23.0343 3216 Windows directory: H:\WINDOWS
2011/09/03 12:18:23.0343 3216 System windows directory: H:\WINDOWS
2011/09/03 12:18:23.0343 3216 Processor architecture: Intel x86
2011/09/03 12:18:23.0343 3216 Number of processors: 2
2011/09/03 12:18:23.0343 3216 Page size: 0x1000
2011/09/03 12:18:23.0343 3216 Boot type: Normal boot
2011/09/03 12:18:23.0343 3216 ================================================================================
2011/09/03 12:18:24.0421 3216 Initialize success
2011/09/03 12:18:35.0937 0332 ================================================================================
2011/09/03 12:18:35.0937 0332 Scan started
2011/09/03 12:18:35.0937 0332 Mode: Manual;
2011/09/03 12:18:35.0937 0332 ================================================================================
2011/09/03 12:18:36.0203 0332 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) H:\WINDOWS\system32\drivers\Aavmker4.sys
2011/09/03 12:18:36.0250 0332 ACPI (02273a448ba21a7d447daeb47810d40c) H:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/03 12:18:36.0265 0332 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) H:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/03 12:18:36.0296 0332 adfs (6d7f09cd92a9fef3a8efce66231fdd79) H:\WINDOWS\system32\drivers\adfs.sys
2011/09/03 12:18:36.0343 0332 aec (8bed39e3c35d6a489438b8141717a557) H:\WINDOWS\system32\drivers\aec.sys
2011/09/03 12:18:36.0390 0332 AFD (355556d9e580915118cd7ef736653a89) H:\WINDOWS\System32\drivers\afd.sys
2011/09/03 12:18:36.0484 0332 Arp1394 (b5b8a80875c1dededa8b02765642c32f) H:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/03 12:18:36.0562 0332 aswFsBlk (861cb512e4e850e87dd2316f88d69330) H:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/09/03 12:18:36.0593 0332 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) H:\WINDOWS\system32\drivers\aswMon2.sys
2011/09/03 12:18:36.0625 0332 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) H:\WINDOWS\system32\drivers\aswRdr.sys
2011/09/03 12:18:36.0640 0332 aswSnx (17230708a2028cd995656df455f2e303) H:\WINDOWS\system32\drivers\aswSnx.sys
2011/09/03 12:18:36.0671 0332 aswSP (dbedd9d43b00630966ef05d2d8d04cee) H:\WINDOWS\system32\drivers\aswSP.sys
2011/09/03 12:18:36.0703 0332 aswTdi (984cfce2168286c2511695c2f9621475) H:\WINDOWS\system32\drivers\aswTdi.sys
2011/09/03 12:18:36.0718 0332 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) H:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/03 12:18:36.0750 0332 atapi (9f3a2f5aa6875c72bf062c712cfa2674) H:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/03 12:18:36.0796 0332 AtcL001 (4ee6ffce52629856d9f34c0546fe2c61) H:\WINDOWS\system32\DRIVERS\l151x86.sys
2011/09/03 12:18:36.0828 0332 Atmarpc (9916c1225104ba14794209cfa8012159) H:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/03 12:18:36.0859 0332 audstub (d9f724aa26c010a217c97606b160ed68) H:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/03 12:18:36.0937 0332 Beep (da1f27d85e0d1525f6621372e7b685e9) H:\WINDOWS\system32\drivers\Beep.sys
2011/09/03 12:18:36.0968 0332 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) H:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/03 12:18:37.0000 0332 Cdaudio (c1b486a7658353d33a10cc15211a873b) H:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/03 12:18:37.0015 0332 Cdfs (c885b02847f5d2fd45a24e219ed93b32) H:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/03 12:18:37.0046 0332 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) H:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/03 12:18:37.0156 0332 Disk (044452051f3e02e7963599fc8f4f3e25) H:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/03 12:18:37.0203 0332 dmboot (dec123e0c75971d0cc7a6c6a75e28429) H:\WINDOWS\system32\drivers\dmboot.sys
2011/09/03 12:18:37.0234 0332 dmio (7268e66259722f6228c730685b201092) H:\WINDOWS\system32\drivers\dmio.sys
2011/09/03 12:18:37.0250 0332 dmload (e9317282a63ca4d188c0df5e09c6ac5f) H:\WINDOWS\system32\drivers\dmload.sys
2011/09/03 12:18:37.0265 0332 DMusic (8a208dfcf89792a484e76c40e5f50b45) H:\WINDOWS\system32\drivers\DMusic.sys
2011/09/03 12:18:37.0296 0332 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) H:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/03 12:18:37.0343 0332 Fastfat (38d332a6d56af32635675f132548343e) H:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/03 12:18:37.0375 0332 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) H:\WINDOWS\system32\drivers\Fdc.sys
2011/09/03 12:18:37.0390 0332 Fips (8bfffb5ac954e19dfdb96d56512aa518) H:\WINDOWS\system32\drivers\Fips.sys
2011/09/03 12:18:37.0406 0332 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) H:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/03 12:18:37.0421 0332 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) H:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/03 12:18:37.0437 0332 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) H:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/03 12:18:37.0453 0332 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) H:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/03 12:18:37.0484 0332 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) H:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/03 12:18:37.0546 0332 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) H:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/03 12:18:37.0609 0332 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) H:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/03 12:18:37.0687 0332 HTTP (f80a415ef82cd06ffaf0d971528ead38) H:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/03 12:18:37.0750 0332 i8042prt (c43372d0682f8e32e4ec21117e089ec0) H:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/03 12:18:37.0765 0332 Imapi (083a052659f5310dd8b6a6cb05edcf8e) H:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/03 12:18:37.0906 0332 IntcAzAudAddService (b1a809e7fe19becd5aca61f0e7088c8c) H:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/09/03 12:18:37.0953 0332 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) H:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/03 12:18:37.0984 0332 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) H:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/03 12:18:38.0015 0332 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) H:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/03 12:18:38.0031 0332 IpInIp (b87ab476dcf76e72010632b5550955f5) H:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/03 12:18:38.0046 0332 IpNat (cc748ea12c6effde940ee98098bf96bb) H:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/03 12:18:38.0062 0332 IPSec (23c74d75e36e7158768dd63d92789a91) H:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/03 12:18:38.0078 0332 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) H:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/03 12:18:38.0109 0332 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) H:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/03 12:18:38.0125 0332 Kbdclass (380397621e94b32c744e7b2cc1330390) H:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/03 12:18:38.0187 0332 kbdhid (b833b70fe639f01fb36cedabe57ef031) H:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/03 12:18:38.0203 0332 kmixer (692bcf44383d056aed41b045a323d378) H:\WINDOWS\system32\drivers\kmixer.sys
2011/09/03 12:18:38.0234 0332 KSecDD (b467646c54cc746128904e1654c750c1) H:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/03 12:18:38.0281 0332 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) H:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/09/03 12:18:38.0312 0332 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) H:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/03 12:18:38.0343 0332 Modem (8114eeac353f549331ab73e9af4219ed) H:\WINDOWS\system32\drivers\Modem.sys
2011/09/03 12:18:38.0375 0332 Mouclass (1a4e2214dd63e4a876463d3427ee8261) H:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/03 12:18:38.0406 0332 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) H:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/03 12:18:38.0437 0332 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) H:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/03 12:18:38.0500 0332 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) H:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/03 12:18:38.0546 0332 Msfs (c941ea2454ba8350021d774daf0f1027) H:\WINDOWS\system32\drivers\Msfs.sys
2011/09/03 12:18:38.0578 0332 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) H:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/03 12:18:38.0578 0332 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) H:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/03 12:18:38.0609 0332 MSPQM (bad59648ba099da4a17680b39730cb3d) H:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/03 12:18:38.0640 0332 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) H:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/03 12:18:38.0671 0332 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) H:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/09/03 12:18:38.0687 0332 Mup (de6a75f5c270e756c5508d94b6cf68f5) H:\WINDOWS\system32\drivers\Mup.sys
2011/09/03 12:18:38.0718 0332 NDIS (1df7f42665c94b825322fae71721130d) H:\WINDOWS\system32\drivers\NDIS.sys
2011/09/03 12:18:38.0765 0332 NdisTapi (0109c4f3850dfbab279542515386ae22) H:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/03 12:18:38.0812 0332 Ndisuio (f927a4434c5028758a842943ef1a3849) H:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/03 12:18:38.0828 0332 NdisWan (edc1531a49c80614b2cfda43ca8659ab) H:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/03 12:18:38.0843 0332 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) H:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/03 12:18:38.0859 0332 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) H:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/03 12:18:38.0890 0332 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) H:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/03 12:18:38.0937 0332 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) H:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/09/03 12:18:38.0953 0332 Npfs (3182d64ae053d6fb034f44b6def8034a) H:\WINDOWS\system32\drivers\Npfs.sys
2011/09/03 12:18:38.0984 0332 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) H:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/03 12:18:39.0046 0332 Null (73c1e1f395918bc2c6dd67af7591a3ad) H:\WINDOWS\system32\drivers\Null.sys
2011/09/03 12:18:39.0250 0332 nv (ed9816dbaf6689542ea7d022631906a1) H:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/03 12:18:39.0609 0332 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) H:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/03 12:18:39.0625 0332 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) H:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/03 12:18:39.0671 0332 ohci1394 (ca33832df41afb202ee7aeb05145922f) H:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/03 12:18:39.0687 0332 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) H:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/03 12:18:39.0718 0332 PartMgr (beb3ba25197665d82ec7065b724171c6) H:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/03 12:18:39.0750 0332 ParVdm (1eade28746a64c21e0a808bb12a63326) H:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/03 12:18:39.0765 0332 PCI (3b166f9f753c21aedaa9a6bd76b49655) H:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/03 12:18:39.0812 0332 PCIIde (b31edeba4da28283f6b8dc4756fb9585) H:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/03 12:18:39.0843 0332 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) H:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/03 12:18:39.0968 0332 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) H:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/03 12:18:39.0984 0332 PSched (09298ec810b07e5d582cb3a3f9255424) H:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/03 12:18:40.0015 0332 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) H:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/03 12:18:40.0046 0332 PxHelp20 (40f2031bd9148d3194353ea7dec97a07) H:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/03 12:18:40.0140 0332 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) H:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/03 12:18:40.0156 0332 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) H:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/03 12:18:40.0171 0332 RasPppoe (5bc962f2654137c9909c3d4603587dee) H:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/03 12:18:40.0187 0332 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) H:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/03 12:18:40.0218 0332 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) H:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/03 12:18:40.0218 0332 RDPCDD (4912d5b403614ce99c28420f75353332) H:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/03 12:18:40.0250 0332 rdpdr (15cabd0f7c00c47c70124907916af3f1) H:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/03 12:18:40.0296 0332 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) H:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/03 12:18:40.0312 0332 redbook (4173bc66e485fd77a03c4819f60bd0da) H:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/03 12:18:40.0390 0332 Secdrv (90a3935d05b494a5a39d37e71f09a677) H:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/03 12:18:40.0406 0332 serenum (0f29512ccd6bead730039fb4bd2c85ce) H:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/03 12:18:40.0421 0332 Serial (92c21762653bb2ce51147eb8a9aa654f) H:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/03 12:18:40.0468 0332 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) H:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/03 12:18:40.0531 0332 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) H:\WINDOWS\system32\drivers\splitter.sys
2011/09/03 12:18:40.0546 0332 sr (64d2a7640e0767ecd3bcb38d3200e7ce) H:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/03 12:18:40.0578 0332 Srv (47ddfc2f003f7f9f0592c6874962a2e7) H:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/03 12:18:40.0609 0332 swenum (3941d127aef12e93addf6fe6ee027e0f) H:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/03 12:18:40.0640 0332 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) H:\WINDOWS\system32\drivers\swmidi.sys
2011/09/03 12:18:40.0718 0332 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) H:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/03 12:18:40.0765 0332 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) H:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/03 12:18:40.0781 0332 TDPIPE (6471a66807f5e104e4885f5b67349397) H:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/03 12:18:40.0812 0332 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) H:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/03 12:18:40.0828 0332 TermDD (88155247177638048422893737429d9e) H:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/03 12:18:40.0875 0332 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) H:\WINDOWS\system32\drivers\Udfs.sys
2011/09/03 12:18:40.0937 0332 Update (402ddc88356b1bac0ee3dd1580c76a31) H:\WINDOWS\system32\DRIVERS\update.sys
2011/09/03 12:18:41.0000 0332 usbccgp (173f317ce0db8e21322e71b7e60a27e8) H:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/03 12:18:41.0046 0332 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) H:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/03 12:18:41.0078 0332 usbhub (1ab3cdde553b6e064d2e754efe20285c) H:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/03 12:18:41.0093 0332 usbstor (a32426d9b14a089eaa1d922e0c5801a9) H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/03 12:18:41.0125 0332 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) H:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/03 12:18:41.0156 0332 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) H:\WINDOWS\System32\drivers\vga.sys
2011/09/03 12:18:41.0187 0332 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) H:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/03 12:18:41.0218 0332 Wanarp (e20b95baedb550f32dd489265c1da1f6) H:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/03 12:18:41.0250 0332 wdmaud (6768acf64b18196494413695f0c3a00f) H:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/03 12:18:41.0359 0332 WudfPf (f15feafffbb3644ccc80c5da584e6311) H:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/03 12:18:41.0375 0332 WudfRd (28b524262bce6de1f7ef9f510ba3985b) H:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/03 12:18:41.0406 0332 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
2011/09/03 12:18:41.0484 0332 Boot (0x1200) (dc3aa1d87136712181196e084b104048) \Device\Harddisk0\DR0\Partition0
2011/09/03 12:18:41.0484 0332 ================================================================================
2011/09/03 12:18:41.0484 0332 Scan finished
2011/09/03 12:18:41.0484 0332 ================================================================================
2011/09/03 12:18:41.0500 3348 Detected object count: 0
2011/09/03 12:18:41.0500 3348 Actual detected object count: 0
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:59, on 3-9-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\WINDOWS\ehome\ehtray.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
H:\Program Files\AVAST Software\Avast\avastUI.exe
H:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Windows Desktop Search\WindowsSearch.exe
H:\Program Files\WinZip\WZQKPICK.EXE
H:\WINDOWS\eHome\ehRecvr.exe
H:\WINDOWS\eHome\ehSched.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\system32\PSIService.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\WINDOWS\eHome\ehmsas.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\dllhost.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
H:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.nl/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.nl/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.nl/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorieten
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: H:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: H:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: “H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “H:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: “H:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKLM\..\Run: “H:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe” -startup
O4 - HKCU\..\Run: “H:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU\..\Run: H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: H:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-20\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: H:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: H:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS\.DEFAULT\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)
O4 - Startup: Filters Unlimited Help.lnk = H:\Program Files\Filters\FiltersUnlimited.hlp
O4 - Startup: Important Information.lnk = H:\Program Files\Filters\readme.txt
O4 - Startup: Language Reference.lnk = H:\Program Files\Filters\Reference.hlp
O4 - Startup: Software License.lnk = H:\Program Files\Filters\license.txt
O4 - Global Startup: Windows Search.lnk = H:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = H:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download met Mipony - file://H:\Program Files\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - H:\WINDOWS\system32\PSIService.exe
–
End of file - 7326 bytes
2011/09/03 12:23:03.0062 2740 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/09/03 12:23:03.0218 2740 ================================================================================
2011/09/03 12:23:03.0218 2740 SystemInfo:
2011/09/03 12:23:03.0218 2740
2011/09/03 12:23:03.0218 2740 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/03 12:23:03.0218 2740 Product type: Workstation
2011/09/03 12:23:03.0218 2740 ComputerName: COMPUTER_MCE
2011/09/03 12:23:03.0218 2740 UserName: Gebruiker
2011/09/03 12:23:03.0218 2740 Windows directory: H:\WINDOWS
2011/09/03 12:23:03.0218 2740 System windows directory: H:\WINDOWS
2011/09/03 12:23:03.0218 2740 Processor architecture: Intel x86
2011/09/03 12:23:03.0218 2740 Number of processors: 2
2011/09/03 12:23:03.0218 2740 Page size: 0x1000
2011/09/03 12:23:03.0218 2740 Boot type: Normal boot
2011/09/03 12:23:03.0218 2740 ================================================================================
2011/09/03 12:23:04.0218 2740 Initialize success
2011/09/03 12:23:16.0281 3268 ================================================================================
2011/09/03 12:23:16.0281 3268 Scan started
2011/09/03 12:23:16.0281 3268 Mode: Manual;
2011/09/03 12:23:16.0281 3268 ================================================================================
2011/09/03 12:23:16.0562 3268 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) H:\WINDOWS\system32\drivers\Aavmker4.sys
2011/09/03 12:23:16.0609 3268 ACPI (02273a448ba21a7d447daeb47810d40c) H:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/03 12:23:16.0640 3268 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) H:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/03 12:23:16.0687 3268 adfs (6d7f09cd92a9fef3a8efce66231fdd79) H:\WINDOWS\system32\drivers\adfs.sys
2011/09/03 12:23:16.0718 3268 aec (8bed39e3c35d6a489438b8141717a557) H:\WINDOWS\system32\drivers\aec.sys
2011/09/03 12:23:16.0765 3268 AFD (355556d9e580915118cd7ef736653a89) H:\WINDOWS\System32\drivers\afd.sys
2011/09/03 12:23:16.0859 3268 Arp1394 (b5b8a80875c1dededa8b02765642c32f) H:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/03 12:23:16.0937 3268 aswFsBlk (861cb512e4e850e87dd2316f88d69330) H:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/09/03 12:23:16.0968 3268 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) H:\WINDOWS\system32\drivers\aswMon2.sys
2011/09/03 12:23:17.0000 3268 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) H:\WINDOWS\system32\drivers\aswRdr.sys
2011/09/03 12:23:17.0015 3268 aswSnx (17230708a2028cd995656df455f2e303) H:\WINDOWS\system32\drivers\aswSnx.sys
2011/09/03 12:23:17.0062 3268 aswSP (dbedd9d43b00630966ef05d2d8d04cee) H:\WINDOWS\system32\drivers\aswSP.sys
2011/09/03 12:23:17.0093 3268 aswTdi (984cfce2168286c2511695c2f9621475) H:\WINDOWS\system32\drivers\aswTdi.sys
2011/09/03 12:23:17.0109 3268 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) H:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/03 12:23:17.0109 3268 atapi (9f3a2f5aa6875c72bf062c712cfa2674) H:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/03 12:23:17.0156 3268 AtcL001 (4ee6ffce52629856d9f34c0546fe2c61) H:\WINDOWS\system32\DRIVERS\l151x86.sys
2011/09/03 12:23:17.0187 3268 Atmarpc (9916c1225104ba14794209cfa8012159) H:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/03 12:23:17.0234 3268 audstub (d9f724aa26c010a217c97606b160ed68) H:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/03 12:23:17.0296 3268 Beep (da1f27d85e0d1525f6621372e7b685e9) H:\WINDOWS\system32\drivers\Beep.sys
2011/09/03 12:23:17.0328 3268 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) H:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/03 12:23:17.0359 3268 Cdaudio (c1b486a7658353d33a10cc15211a873b) H:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/03 12:23:17.0406 3268 Cdfs (c885b02847f5d2fd45a24e219ed93b32) H:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/03 12:23:17.0437 3268 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) H:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/03 12:23:17.0531 3268 Disk (044452051f3e02e7963599fc8f4f3e25) H:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/03 12:23:17.0578 3268 dmboot (dec123e0c75971d0cc7a6c6a75e28429) H:\WINDOWS\system32\drivers\dmboot.sys
2011/09/03 12:23:17.0593 3268 dmio (7268e66259722f6228c730685b201092) H:\WINDOWS\system32\drivers\dmio.sys
2011/09/03 12:23:17.0609 3268 dmload (e9317282a63ca4d188c0df5e09c6ac5f) H:\WINDOWS\system32\drivers\dmload.sys
2011/09/03 12:23:17.0640 3268 DMusic (8a208dfcf89792a484e76c40e5f50b45) H:\WINDOWS\system32\drivers\DMusic.sys
2011/09/03 12:23:17.0671 3268 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) H:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/03 12:23:17.0718 3268 Fastfat (38d332a6d56af32635675f132548343e) H:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/03 12:23:17.0734 3268 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) H:\WINDOWS\system32\drivers\Fdc.sys
2011/09/03 12:23:17.0765 3268 Fips (8bfffb5ac954e19dfdb96d56512aa518) H:\WINDOWS\system32\drivers\Fips.sys
2011/09/03 12:23:17.0781 3268 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) H:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/03 12:23:17.0796 3268 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) H:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/03 12:23:17.0812 3268 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) H:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/03 12:23:17.0828 3268 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) H:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/03 12:23:17.0843 3268 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) H:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/03 12:23:17.0890 3268 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) H:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/03 12:23:17.0953 3268 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) H:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/03 12:23:18.0015 3268 HTTP (f80a415ef82cd06ffaf0d971528ead38) H:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/03 12:23:18.0062 3268 i8042prt (c43372d0682f8e32e4ec21117e089ec0) H:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/03 12:23:18.0078 3268 Imapi (083a052659f5310dd8b6a6cb05edcf8e) H:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/03 12:23:18.0234 3268 IntcAzAudAddService (b1a809e7fe19becd5aca61f0e7088c8c) H:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/09/03 12:23:18.0296 3268 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) H:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/03 12:23:18.0328 3268 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) H:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/03 12:23:18.0343 3268 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) H:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/03 12:23:18.0359 3268 IpInIp (b87ab476dcf76e72010632b5550955f5) H:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/03 12:23:18.0375 3268 IpNat (cc748ea12c6effde940ee98098bf96bb) H:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/03 12:23:18.0390 3268 IPSec (23c74d75e36e7158768dd63d92789a91) H:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/03 12:23:18.0406 3268 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) H:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/03 12:23:18.0437 3268 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) H:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/03 12:23:18.0468 3268 Kbdclass (380397621e94b32c744e7b2cc1330390) H:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/03 12:23:18.0484 3268 kbdhid (b833b70fe639f01fb36cedabe57ef031) H:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/03 12:23:18.0500 3268 kmixer (692bcf44383d056aed41b045a323d378) H:\WINDOWS\system32\drivers\kmixer.sys
2011/09/03 12:23:18.0531 3268 KSecDD (b467646c54cc746128904e1654c750c1) H:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/03 12:23:18.0593 3268 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) H:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/09/03 12:23:18.0609 3268 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) H:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/03 12:23:18.0640 3268 Modem (8114eeac353f549331ab73e9af4219ed) H:\WINDOWS\system32\drivers\Modem.sys
2011/09/03 12:23:18.0671 3268 Mouclass (1a4e2214dd63e4a876463d3427ee8261) H:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/03 12:23:18.0718 3268 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) H:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/03 12:23:18.0750 3268 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) H:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/03 12:23:18.0796 3268 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) H:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/03 12:23:18.0843 3268 Msfs (c941ea2454ba8350021d774daf0f1027) H:\WINDOWS\system32\drivers\Msfs.sys
2011/09/03 12:23:18.0875 3268 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) H:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/03 12:23:18.0890 3268 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) H:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/03 12:23:18.0906 3268 MSPQM (bad59648ba099da4a17680b39730cb3d) H:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/03 12:23:18.0937 3268 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) H:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/03 12:23:18.0953 3268 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) H:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/09/03 12:23:18.0984 3268 Mup (de6a75f5c270e756c5508d94b6cf68f5) H:\WINDOWS\system32\drivers\Mup.sys
2011/09/03 12:23:19.0015 3268 NDIS (1df7f42665c94b825322fae71721130d) H:\WINDOWS\system32\drivers\NDIS.sys
2011/09/03 12:23:19.0062 3268 NdisTapi (0109c4f3850dfbab279542515386ae22) H:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/03 12:23:19.0093 3268 Ndisuio (f927a4434c5028758a842943ef1a3849) H:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/03 12:23:19.0093 3268 NdisWan (edc1531a49c80614b2cfda43ca8659ab) H:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/03 12:23:19.0125 3268 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) H:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/03 12:23:19.0140 3268 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) H:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/03 12:23:19.0187 3268 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) H:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/03 12:23:19.0218 3268 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) H:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/09/03 12:23:19.0234 3268 Npfs (3182d64ae053d6fb034f44b6def8034a) H:\WINDOWS\system32\drivers\Npfs.sys
2011/09/03 12:23:19.0281 3268 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) H:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/03 12:23:19.0328 3268 Null (73c1e1f395918bc2c6dd67af7591a3ad) H:\WINDOWS\system32\drivers\Null.sys
2011/09/03 12:23:19.0546 3268 nv (ed9816dbaf6689542ea7d022631906a1) H:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/03 12:23:19.0734 3268 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) H:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/03 12:23:19.0750 3268 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) H:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/03 12:23:19.0796 3268 ohci1394 (ca33832df41afb202ee7aeb05145922f) H:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/03 12:23:19.0812 3268 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) H:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/03 12:23:19.0828 3268 PartMgr (beb3ba25197665d82ec7065b724171c6) H:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/03 12:23:19.0843 3268 ParVdm (1eade28746a64c21e0a808bb12a63326) H:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/03 12:23:19.0859 3268 PCI (3b166f9f753c21aedaa9a6bd76b49655) H:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/03 12:23:19.0906 3268 PCIIde (b31edeba4da28283f6b8dc4756fb9585) H:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/03 12:23:19.0937 3268 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) H:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/03 12:23:20.0062 3268 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) H:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/03 12:23:20.0078 3268 PSched (09298ec810b07e5d582cb3a3f9255424) H:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/03 12:23:20.0093 3268 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) H:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/03 12:23:20.0125 3268 PxHelp20 (40f2031bd9148d3194353ea7dec97a07) H:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/03 12:23:20.0218 3268 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) H:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/03 12:23:20.0234 3268 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) H:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/03 12:23:20.0250 3268 RasPppoe (5bc962f2654137c9909c3d4603587dee) H:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/03 12:23:20.0265 3268 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) H:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/03 12:23:20.0296 3268 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) H:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/03 12:23:20.0312 3268 RDPCDD (4912d5b403614ce99c28420f75353332) H:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/03 12:23:20.0328 3268 rdpdr (15cabd0f7c00c47c70124907916af3f1) H:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/03 12:23:20.0390 3268 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) H:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/03 12:23:20.0406 3268 redbook (4173bc66e485fd77a03c4819f60bd0da) H:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/03 12:23:20.0468 3268 Secdrv (90a3935d05b494a5a39d37e71f09a677) H:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/03 12:23:20.0484 3268 serenum (0f29512ccd6bead730039fb4bd2c85ce) H:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/03 12:23:20.0500 3268 Serial (92c21762653bb2ce51147eb8a9aa654f) H:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/03 12:23:20.0546 3268 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) H:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/03 12:23:20.0609 3268 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) H:\WINDOWS\system32\drivers\splitter.sys
2011/09/03 12:23:20.0625 3268 sr (64d2a7640e0767ecd3bcb38d3200e7ce) H:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/03 12:23:20.0671 3268 Srv (47ddfc2f003f7f9f0592c6874962a2e7) H:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/03 12:23:20.0703 3268 swenum (3941d127aef12e93addf6fe6ee027e0f) H:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/03 12:23:20.0718 3268 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) H:\WINDOWS\system32\drivers\swmidi.sys
2011/09/03 12:23:20.0796 3268 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) H:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/03 12:23:20.0828 3268 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) H:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/03 12:23:20.0859 3268 TDPIPE (6471a66807f5e104e4885f5b67349397) H:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/03 12:23:20.0875 3268 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) H:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/03 12:23:20.0906 3268 TermDD (88155247177638048422893737429d9e) H:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/03 12:23:20.0968 3268 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) H:\WINDOWS\system32\drivers\Udfs.sys
2011/09/03 12:23:21.0015 3268 Update (402ddc88356b1bac0ee3dd1580c76a31) H:\WINDOWS\system32\DRIVERS\update.sys
2011/09/03 12:23:21.0062 3268 usbccgp (173f317ce0db8e21322e71b7e60a27e8) H:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/03 12:23:21.0078 3268 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) H:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/03 12:23:21.0093 3268 usbhub (1ab3cdde553b6e064d2e754efe20285c) H:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/03 12:23:21.0109 3268 usbstor (a32426d9b14a089eaa1d922e0c5801a9) H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/03 12:23:21.0140 3268 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) H:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/03 12:23:21.0156 3268 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) H:\WINDOWS\System32\drivers\vga.sys
2011/09/03 12:23:21.0171 3268 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) H:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/03 12:23:21.0203 3268 Wanarp (e20b95baedb550f32dd489265c1da1f6) H:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/03 12:23:21.0250 3268 wdmaud (6768acf64b18196494413695f0c3a00f) H:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/03 12:23:21.0343 3268 WudfPf (f15feafffbb3644ccc80c5da584e6311) H:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/03 12:23:21.0359 3268 WudfRd (28b524262bce6de1f7ef9f510ba3985b) H:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/03 12:23:21.0390 3268 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
2011/09/03 12:23:21.0468 3268 Boot (0x1200) (dc3aa1d87136712181196e084b104048) \Device\Harddisk0\DR0\Partition0
2011/09/03 12:23:21.0468 3268 ================================================================================
2011/09/03 12:23:21.0468 3268 Scan finished
2011/09/03 12:23:21.0468 3268 ================================================================================
2011/09/03 12:23:21.0484 3568 Detected object count: 0
2011/09/03 12:23:21.0484 3568 Actual detected object count: 0
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:24:10, on 3-9-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\WINDOWS\ehome\ehtray.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
H:\Program Files\AVAST Software\Avast\avastUI.exe
H:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Windows Desktop Search\WindowsSearch.exe
H:\Program Files\WinZip\WZQKPICK.EXE
H:\WINDOWS\eHome\ehRecvr.exe
H:\WINDOWS\eHome\ehSched.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\system32\PSIService.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\WINDOWS\eHome\ehmsas.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\dllhost.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
H:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.nl/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.nl/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.nl/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorieten
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: H:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: H:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: “H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “H:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: “H:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKLM\..\Run: “H:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe” -startup
O4 - HKCU\..\Run: “H:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU\..\Run: H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: H:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-20\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: H:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: H:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS\.DEFAULT\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)
O4 - Startup: Filters Unlimited Help.lnk = H:\Program Files\Filters\FiltersUnlimited.hlp
O4 - Startup: Important Information.lnk = H:\Program Files\Filters\readme.txt
O4 - Startup: Language Reference.lnk = H:\Program Files\Filters\Reference.hlp
O4 - Startup: Software License.lnk = H:\Program Files\Filters\license.txt
O4 - Global Startup: Windows Search.lnk = H:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = H:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download met Mipony - file://H:\Program Files\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - H:\WINDOWS\system32\PSIService.exe
–
End of file - 7326 bytes
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's