Hoi Huib,
ben nu bezig met Avira Antivir Rescue system, deze heeft al 3 detections gevonden :
Trojan Horse TR/Dldr.Agent.brk
Trojan Horse TR/Crypt.XPACK.Gen
Window Virus : W32/PatchLoad.A
Het zal nog even duren, voordat hij helemaal klaar is.
Zit alleen nog met het probleem “updaten”, kan op de geinfecteerde PC niet het internet op.
Gr.
Geert
Hier het logje na de TDSSKiller :
21:27:56.0328 0360 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
21:27:56.0343 0360 ============================================================
21:27:56.0343 0360 Current date / time: 2011/11/21 21:27:56.0343
21:27:56.0343 0360 SystemInfo:
21:27:56.0343 0360
21:27:56.0343 0360 OS Version: 5.1.2600 ServicePack: 3.0
21:27:56.0343 0360 Product type: Workstation
21:27:56.0343 0360 ComputerName: PRIV-10A96A7CD4
21:27:56.0343 0360 UserName: Wim
21:27:56.0343 0360 Windows directory: H:\WINDOWS
21:27:56.0343 0360 System windows directory: H:\WINDOWS
21:27:56.0343 0360 Processor architecture: Intel x86
21:27:56.0343 0360 Number of processors: 1
21:27:56.0343 0360 Page size: 0x1000
21:27:56.0343 0360 Boot type: Normal boot
21:27:56.0343 0360 ============================================================
21:27:57.0390 0360 Initialize success
21:27:59.0687 4044 ============================================================
21:27:59.0687 4044 Scan started
21:27:59.0687 4044 Mode: Manual;
21:27:59.0687 4044 ============================================================
21:28:00.0296 4044 Abiosdsk - ok
21:28:00.0312 4044 abp480n5 - ok
21:28:00.0343 4044 ACPI (02273a448ba21a7d447daeb47810d40c) H:\WINDOWS\system32\DRIVERS\ACPI.sys
21:28:00.0343 4044 ACPI - ok
21:28:00.0390 4044 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) H:\WINDOWS\system32\drivers\ACPIEC.sys
21:28:00.0390 4044 ACPIEC - ok
21:28:00.0421 4044 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) H:\WINDOWS\system32\DRIVERS\ADM8511.SYS
21:28:00.0421 4044 ADM8511 - ok
21:28:00.0437 4044 adpu160m - ok
21:28:00.0500 4044 aec (8bed39e3c35d6a489438b8141717a557) H:\WINDOWS\system32\drivers\aec.sys
21:28:00.0500 4044 aec - ok
21:28:00.0515 4044 Aha154x - ok
21:28:00.0531 4044 aic78u2 - ok
21:28:00.0531 4044 aic78xx - ok
21:28:00.0546 4044 AliIde - ok
21:28:00.0640 4044 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) H:\WINDOWS\system32\drivers\Ambfilt.sys
21:28:00.0656 4044 Ambfilt - ok
21:28:00.0671 4044 amsint - ok
21:28:00.0671 4044 asc - ok
21:28:00.0687 4044 asc3350p - ok
21:28:00.0703 4044 asc3550 - ok
21:28:00.0750 4044 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) H:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:28:00.0750 4044 AsyncMac - ok
21:28:00.0750 4044 atapi (9f3a2f5aa6875c72bf062c712cfa2674) H:\WINDOWS\system32\DRIVERS\atapi.sys
21:28:00.0765 4044 atapi - ok
21:28:00.0765 4044 Atdisk - ok
21:28:00.0796 4044 Atmarpc (9916c1225104ba14794209cfa8012159) H:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:28:00.0796 4044 Atmarpc - ok
21:28:00.0843 4044 audstub (d9f724aa26c010a217c97606b160ed68) H:\WINDOWS\system32\DRIVERS\audstub.sys
21:28:00.0843 4044 audstub - ok
21:28:00.0859 4044 Beep (da1f27d85e0d1525f6621372e7b685e9) H:\WINDOWS\system32\drivers\Beep.sys
21:28:00.0859 4044 Beep - ok
21:28:00.0906 4044 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) H:\WINDOWS\system32\Drivers\BrScnUsb.sys
21:28:00.0906 4044 BrScnUsb - ok
21:28:00.0937 4044 BrSerIf (d48c13f4a409aee8dafaddac81e34557) H:\WINDOWS\system32\Drivers\BrSerIf.sys
21:28:00.0937 4044 BrSerIf - ok
21:28:00.0953 4044 BrUsbSer (8fa0ac830a8312912a3aa0c0431cba0d) H:\WINDOWS\system32\Drivers\BrUsbSer.sys
21:28:00.0953 4044 BrUsbSer - ok
21:28:00.0984 4044 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) H:\WINDOWS\system32\drivers\cbidf2k.sys
21:28:00.0984 4044 cbidf2k - ok
21:28:00.0984 4044 cd20xrnt - ok
21:28:01.0015 4044 Cdaudio (c1b486a7658353d33a10cc15211a873b) H:\WINDOWS\system32\drivers\Cdaudio.sys
21:28:01.0015 4044 Cdaudio - ok
21:28:01.0046 4044 Cdfs (c885b02847f5d2fd45a24e219ed93b32) H:\WINDOWS\system32\drivers\Cdfs.sys
21:28:01.0046 4044 Cdfs - ok
21:28:01.0062 4044 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) H:\WINDOWS\system32\DRIVERS\cdrom.sys
21:28:01.0078 4044 Cdrom - ok
21:28:01.0078 4044 Changer - ok
21:28:01.0093 4044 CmdIde - ok
21:28:01.0109 4044 Cpqarray - ok
21:28:01.0125 4044 dac2w2k - ok
21:28:01.0140 4044 dac960nt - ok
21:28:01.0171 4044 Disk (044452051f3e02e7963599fc8f4f3e25) H:\WINDOWS\system32\DRIVERS\disk.sys
21:28:01.0171 4044 Disk - ok
21:28:01.0234 4044 dmboot (dec123e0c75971d0cc7a6c6a75e28429) H:\WINDOWS\system32\drivers\dmboot.sys
21:28:01.0234 4044 dmboot - ok
21:28:01.0265 4044 dmio (7268e66259722f6228c730685b201092) H:\WINDOWS\system32\drivers\dmio.sys
21:28:01.0265 4044 dmio - ok
21:28:01.0296 4044 dmload (e9317282a63ca4d188c0df5e09c6ac5f) H:\WINDOWS\system32\drivers\dmload.sys
21:28:01.0296 4044 dmload - ok
21:28:01.0312 4044 DMusic (8a208dfcf89792a484e76c40e5f50b45) H:\WINDOWS\system32\drivers\DMusic.sys
21:28:01.0312 4044 DMusic - ok
21:28:01.0328 4044 dpti2o - ok
21:28:01.0343 4044 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) H:\WINDOWS\system32\drivers\drmkaud.sys
21:28:01.0343 4044 drmkaud - ok
21:28:01.0390 4044 Fastfat (38d332a6d56af32635675f132548343e) H:\WINDOWS\system32\drivers\Fastfat.sys
21:28:01.0390 4044 Fastfat - ok
21:28:01.0453 4044 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) H:\WINDOWS\system32\DRIVERS\fdc.sys
21:28:01.0453 4044 Fdc - ok
21:28:01.0484 4044 Fips (8bfffb5ac954e19dfdb96d56512aa518) H:\WINDOWS\system32\drivers\Fips.sys
21:28:01.0484 4044 Fips - ok
21:28:01.0531 4044 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) H:\WINDOWS\system32\drivers\Flpydisk.sys
21:28:01.0531 4044 Flpydisk - ok
21:28:01.0546 4044 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) H:\WINDOWS\system32\drivers\fltmgr.sys
21:28:01.0546 4044 FltMgr - ok
21:28:01.0562 4044 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) H:\WINDOWS\system32\drivers\Fs_Rec.sys
21:28:01.0562 4044 Fs_Rec - ok
21:28:01.0578 4044 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) H:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:28:01.0578 4044 Ftdisk - ok
21:28:01.0593 4044 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) H:\WINDOWS\system32\DRIVERS\msgpc.sys
21:28:01.0593 4044 Gpc - ok
21:28:01.0625 4044 grmnusb (d956358054e99e6ffac69cd87e893a89) H:\WINDOWS\system32\drivers\grmnusb.sys
21:28:01.0625 4044 grmnusb - ok
21:28:01.0671 4044 HDAudBus (573c7d0a32852b48f3058cfd8026f511) H:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:28:01.0671 4044 HDAudBus - ok
21:28:01.0703 4044 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) H:\WINDOWS\system32\DRIVERS\hidusb.sys
21:28:01.0703 4044 HidUsb - ok
21:28:01.0718 4044 hpn - ok
21:28:01.0781 4044 HTTP (f80a415ef82cd06ffaf0d971528ead38) H:\WINDOWS\system32\Drivers\HTTP.sys
21:28:01.0781 4044 HTTP - ok
21:28:01.0796 4044 i2omgmt - ok
21:28:01.0796 4044 i2omp - ok
21:28:01.0812 4044 i8042prt (c43372d0682f8e32e4ec21117e089ec0) H:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:28:01.0812 4044 i8042prt - ok
21:28:01.0984 4044 ialm (3b743262b6456167888d15f1121b3bf7) H:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:28:02.0031 4044 ialm - ok
21:28:02.0062 4044 Imapi (083a052659f5310dd8b6a6cb05edcf8e) H:\WINDOWS\system32\DRIVERS\imapi.sys
21:28:02.0062 4044 Imapi - ok
21:28:02.0078 4044 ini910u - ok
21:28:02.0265 4044 IntcAzAudAddService (9037c8bd3e896d7f2803a171fdeaeef4) H:\WINDOWS\system32\drivers\RtkHDAud.sys
21:28:02.0296 4044 IntcAzAudAddService - ok
21:28:02.0453 4044 IntelIde - ok
21:28:02.0484 4044 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) H:\WINDOWS\system32\DRIVERS\intelppm.sys
21:28:02.0484 4044 intelppm - ok
21:28:02.0515 4044 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) H:\WINDOWS\system32\drivers\ip6fw.sys
21:28:02.0515 4044 Ip6Fw - ok
21:28:02.0546 4044 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) H:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:28:02.0546 4044 IpFilterDriver - ok
21:28:02.0578 4044 IpInIp (b87ab476dcf76e72010632b5550955f5) H:\WINDOWS\system32\DRIVERS\ipinip.sys
21:28:02.0578 4044 IpInIp - ok
21:28:02.0625 4044 IpNat (cc748ea12c6effde940ee98098bf96bb) H:\WINDOWS\system32\DRIVERS\ipnat.sys
21:28:02.0625 4044 IpNat - ok
21:28:02.0640 4044 IPSec (23c74d75e36e7158768dd63d92789a91) H:\WINDOWS\system32\DRIVERS\ipsec.sys
21:28:02.0640 4044 IPSec - ok
21:28:02.0671 4044 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) H:\WINDOWS\system32\DRIVERS\irenum.sys
21:28:02.0671 4044 IRENUM - ok
21:28:02.0703 4044 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) H:\WINDOWS\system32\DRIVERS\isapnp.sys
21:28:02.0703 4044 isapnp - ok
21:28:02.0718 4044 Kbdclass (380397621e94b32c744e7b2cc1330390) H:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:28:02.0718 4044 Kbdclass - ok
21:28:02.0750 4044 kmixer (692bcf44383d056aed41b045a323d378) H:\WINDOWS\system32\drivers\kmixer.sys
21:28:02.0750 4044 kmixer - ok
21:28:02.0781 4044 KSecDD (b467646c54cc746128904e1654c750c1) H:\WINDOWS\system32\drivers\KSecDD.sys
21:28:02.0781 4044 KSecDD - ok
21:28:02.0796 4044 lbrtfdc - ok
21:28:02.0906 4044 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) H:\Program Files\LogMeIn\x86\RaInfo.sys
21:28:02.0906 4044 LMIInfo - ok
21:28:02.0937 4044 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) H:\WINDOWS\system32\DRIVERS\lmimirr.sys
21:28:02.0937 4044 lmimirr - ok
21:28:02.0937 4044 LMIRfsClientNP - ok
21:28:02.0968 4044 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) H:\WINDOWS\system32\drivers\LMIRfsDriver.sys
21:28:02.0968 4044 LMIRfsDriver - ok
21:28:03.0015 4044 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) H:\WINDOWS\system32\drivers\mnmdd.sys
21:28:03.0015 4044 mnmdd - ok
21:28:03.0046 4044 Modem (8114eeac353f549331ab73e9af4219ed) H:\WINDOWS\system32\drivers\Modem.sys
21:28:03.0046 4044 Modem - ok
21:28:03.0140 4044 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) H:\WINDOWS\system32\drivers\Monfilt.sys
21:28:03.0140 4044 Monfilt - ok
21:28:03.0187 4044 Mouclass (1a4e2214dd63e4a876463d3427ee8261) H:\WINDOWS\system32\DRIVERS\mouclass.sys
21:28:03.0187 4044 Mouclass - ok
21:28:03.0234 4044 mouhid (18017899254e01371e1a39754d6bf98c) H:\WINDOWS\system32\DRIVERS\mouhid.sys
21:28:03.0234 4044 mouhid - ok
21:28:03.0234 4044 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) H:\WINDOWS\system32\drivers\MountMgr.sys
21:28:03.0250 4044 MountMgr - ok
21:28:03.0265 4044 MpFilter (fee0baded54222e9f1dae9541212aab1) H:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:28:03.0281 4044 MpFilter - ok
21:28:03.0406 4044 MpKsl1fcbbdb9 (5f53edfead46fa7adb78eee9ecce8fdf) h:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{620BB4A8-3389-41E6-84A5-86F1E7574D41}\MpKsl1fcbbdb9.sys
21:28:03.0406 4044 MpKsl1fcbbdb9 - ok
21:28:03.0406 4044 MpKsl88381ce7 - ok
21:28:03.0421 4044 MpKsld1c19e1a - ok
21:28:03.0421 4044 mraid35x - ok
21:28:03.0468 4044 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) H:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:28:03.0468 4044 MRxDAV - ok
21:28:03.0515 4044 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) H:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:28:03.0515 4044 MRxSmb - ok
21:28:03.0531 4044 Msfs (c941ea2454ba8350021d774daf0f1027) H:\WINDOWS\system32\drivers\Msfs.sys
21:28:03.0531 4044 Msfs - ok
21:28:03.0562 4044 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) H:\WINDOWS\system32\drivers\MSKSSRV.sys
21:28:03.0562 4044 MSKSSRV - ok
21:28:03.0578 4044 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) H:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:28:03.0578 4044 MSPCLOCK - ok
21:28:03.0609 4044 MSPQM (bad59648ba099da4a17680b39730cb3d) H:\WINDOWS\system32\drivers\MSPQM.sys
21:28:03.0609 4044 MSPQM - ok
21:28:03.0625 4044 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) H:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:28:03.0625 4044 mssmbios - ok
21:28:03.0656 4044 Mup (de6a75f5c270e756c5508d94b6cf68f5) H:\WINDOWS\system32\drivers\Mup.sys
21:28:03.0656 4044 Mup - ok
21:28:03.0671 4044 NDIS (1df7f42665c94b825322fae71721130d) H:\WINDOWS\system32\drivers\NDIS.sys
21:28:03.0671 4044 NDIS - ok
21:28:03.0718 4044 NdisTapi (0109c4f3850dfbab279542515386ae22) H:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:28:03.0718 4044 NdisTapi - ok
21:28:03.0765 4044 Ndisuio (f927a4434c5028758a842943ef1a3849) H:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:28:03.0765 4044 Ndisuio - ok
21:28:03.0781 4044 NdisWan (edc1531a49c80614b2cfda43ca8659ab) H:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:28:03.0781 4044 NdisWan - ok
21:28:03.0828 4044 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) H:\WINDOWS\system32\drivers\NDProxy.sys
21:28:03.0828 4044 NDProxy - ok
21:28:03.0843 4044 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) H:\WINDOWS\system32\DRIVERS\netbios.sys
21:28:03.0843 4044 NetBIOS - ok
21:28:03.0890 4044 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) H:\WINDOWS\system32\DRIVERS\netbt.sys
21:28:03.0890 4044 NetBT - ok
21:28:03.0921 4044 Npfs (3182d64ae053d6fb034f44b6def8034a) H:\WINDOWS\system32\drivers\Npfs.sys
21:28:03.0921 4044 Npfs - ok
21:28:03.0968 4044 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) H:\WINDOWS\system32\drivers\Ntfs.sys
21:28:03.0968 4044 Ntfs - ok
21:28:04.0000 4044 Null (73c1e1f395918bc2c6dd67af7591a3ad) H:\WINDOWS\system32\drivers\Null.sys
21:28:04.0000 4044 Null - ok
21:28:04.0031 4044 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) H:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:28:04.0031 4044 NwlnkFlt - ok
21:28:04.0046 4044 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) H:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:28:04.0046 4044 NwlnkFwd - ok
21:28:04.0078 4044 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) H:\WINDOWS\system32\drivers\Parport.sys
21:28:04.0078 4044 Parport - ok
21:28:04.0109 4044 PartMgr (beb3ba25197665d82ec7065b724171c6) H:\WINDOWS\system32\drivers\PartMgr.sys
21:28:04.0109 4044 PartMgr - ok
21:28:04.0140 4044 ParVdm (1eade28746a64c21e0a808bb12a63326) H:\WINDOWS\system32\drivers\ParVdm.sys
21:28:04.0140 4044 ParVdm - ok
21:28:04.0140 4044 PCI (3b166f9f753c21aedaa9a6bd76b49655) H:\WINDOWS\system32\DRIVERS\pci.sys
21:28:04.0140 4044 PCI - ok
21:28:04.0156 4044 PCIDump - ok
21:28:04.0171 4044 PCIIde (b31edeba4da28283f6b8dc4756fb9585) H:\WINDOWS\system32\DRIVERS\pciide.sys
21:28:04.0171 4044 PCIIde - ok
21:28:04.0203 4044 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) H:\WINDOWS\system32\drivers\Pcmcia.sys
21:28:04.0218 4044 Pcmcia - ok
21:28:04.0218 4044 PDCOMP - ok
21:28:04.0234 4044 PDFRAME - ok
21:28:04.0250 4044 PDRELI - ok
21:28:04.0250 4044 PDRFRAME - ok
21:28:04.0265 4044 perc2 - ok
21:28:04.0281 4044 perc2hib - ok
21:28:04.0312 4044 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) H:\WINDOWS\system32\DRIVERS\raspptp.sys
21:28:04.0312 4044 PptpMiniport - ok
21:28:04.0328 4044 PSched (09298ec810b07e5d582cb3a3f9255424) H:\WINDOWS\system32\DRIVERS\psched.sys
21:28:04.0343 4044 PSched - ok
21:28:04.0343 4044 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) H:\WINDOWS\system32\DRIVERS\ptilink.sys
21:28:04.0343 4044 Ptilink - ok
21:28:04.0359 4044 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) H:\WINDOWS\system32\Drivers\PxHelp20.sys
21:28:04.0359 4044 PxHelp20 - ok
21:28:04.0375 4044 ql1080 - ok
21:28:04.0390 4044 Ql10wnt - ok
21:28:04.0406 4044 ql12160 - ok
21:28:04.0406 4044 ql1240 - ok
21:28:04.0421 4044 ql1280 - ok
21:28:04.0437 4044 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) H:\WINDOWS\system32\DRIVERS\rasacd.sys
21:28:04.0437 4044 RasAcd - ok
21:28:04.0468 4044 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) H:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:28:04.0468 4044 Rasl2tp - ok
21:28:04.0484 4044 RasPppoe (5bc962f2654137c9909c3d4603587dee) H:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:28:04.0484 4044 RasPppoe - ok
21:28:04.0500 4044 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) H:\WINDOWS\system32\DRIVERS\raspti.sys
21:28:04.0500 4044 Raspti - ok
21:28:04.0500 4044 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) H:\WINDOWS\system32\DRIVERS\rdbss.sys
21:28:04.0515 4044 Rdbss - ok
21:28:04.0515 4044 RDPCDD (4912d5b403614ce99c28420f75353332) H:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:28:04.0515 4044 RDPCDD - ok
21:28:04.0562 4044 rdpdr (15cabd0f7c00c47c70124907916af3f1) H:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:28:04.0562 4044 rdpdr - ok
21:28:04.0609 4044 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) H:\WINDOWS\system32\drivers\RDPWD.sys
21:28:04.0625 4044 RDPWD - ok
21:28:04.0656 4044 redbook (4173bc66e485fd77a03c4819f60bd0da) H:\WINDOWS\system32\DRIVERS\redbook.sys
21:28:04.0656 4044 redbook - ok
21:28:04.0718 4044 RTLE8023xp (bb0ae2171f08129f4f3ff9df20ffbf89) H:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:28:04.0718 4044 RTLE8023xp - ok
21:28:04.0781 4044 SASDIFSV (39763504067962108505bff25f024345) H:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:28:04.0796 4044 SASDIFSV - ok
21:28:04.0812 4044 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) H:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:28:04.0812 4044 SASKUTIL - ok
21:28:04.0859 4044 Secdrv (90a3935d05b494a5a39d37e71f09a677) H:\WINDOWS\system32\DRIVERS\secdrv.sys
21:28:04.0859 4044 Secdrv - ok
21:28:04.0890 4044 serenum (0f29512ccd6bead730039fb4bd2c85ce) H:\WINDOWS\system32\DRIVERS\serenum.sys
21:28:04.0890 4044 serenum - ok
21:28:04.0921 4044 Serial (92c21762653bb2ce51147eb8a9aa654f) H:\WINDOWS\system32\DRIVERS\serial.sys
21:28:04.0921 4044 Serial - ok
21:28:04.0968 4044 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) H:\WINDOWS\system32\drivers\Sfloppy.sys
21:28:04.0968 4044 Sfloppy - ok
21:28:04.0984 4044 Simbad - ok
21:28:05.0000 4044 Sparrow - ok
21:28:05.0015 4044 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) H:\WINDOWS\system32\drivers\splitter.sys
21:28:05.0015 4044 splitter - ok
21:28:05.0031 4044 sr (64d2a7640e0767ecd3bcb38d3200e7ce) H:\WINDOWS\system32\DRIVERS\sr.sys
21:28:05.0031 4044 sr - ok
21:28:05.0078 4044 Srv (47ddfc2f003f7f9f0592c6874962a2e7) H:\WINDOWS\system32\DRIVERS\srv.sys
21:28:05.0078 4044 Srv - ok
21:28:05.0125 4044 swenum (3941d127aef12e93addf6fe6ee027e0f) H:\WINDOWS\system32\DRIVERS\swenum.sys
21:28:05.0125 4044 swenum - ok
21:28:05.0140 4044 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) H:\WINDOWS\system32\drivers\swmidi.sys
21:28:05.0140 4044 swmidi - ok
21:28:05.0156 4044 symc810 - ok
21:28:05.0171 4044 symc8xx - ok
21:28:05.0171 4044 sym_hi - ok
21:28:05.0187 4044 sym_u3 - ok
21:28:05.0218 4044 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) H:\WINDOWS\system32\drivers\sysaudio.sys
21:28:05.0218 4044 sysaudio - ok
21:28:05.0265 4044 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) H:\WINDOWS\system32\DRIVERS\tcpip.sys
21:28:05.0265 4044 Tcpip - ok
21:28:05.0312 4044 TDPIPE (6471a66807f5e104e4885f5b67349397) H:\WINDOWS\system32\drivers\TDPIPE.sys
21:28:05.0312 4044 TDPIPE - ok
21:28:05.0328 4044 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) H:\WINDOWS\system32\drivers\TDTCP.sys
21:28:05.0328 4044 TDTCP - ok
21:28:05.0343 4044 TermDD (88155247177638048422893737429d9e) H:\WINDOWS\system32\DRIVERS\termdd.sys
21:28:05.0343 4044 TermDD - ok
21:28:05.0359 4044 TosIde - ok
21:28:05.0406 4044 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) H:\WINDOWS\system32\drivers\Udfs.sys
21:28:05.0406 4044 Udfs - ok
21:28:05.0421 4044 ultra - ok
21:28:05.0437 4044 Update (402ddc88356b1bac0ee3dd1580c76a31) H:\WINDOWS\system32\DRIVERS\update.sys
21:28:05.0437 4044 Update - ok
21:28:05.0468 4044 usbccgp (173f317ce0db8e21322e71b7e60a27e8) H:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:28:05.0468 4044 usbccgp - ok
21:28:05.0484 4044 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) H:\WINDOWS\system32\DRIVERS\usbehci.sys
21:28:05.0484 4044 usbehci - ok
21:28:05.0515 4044 usbhub (1ab3cdde553b6e064d2e754efe20285c) H:\WINDOWS\system32\DRIVERS\usbhub.sys
21:28:05.0515 4044 usbhub - ok
21:28:05.0546 4044 usbprint (a717c8721046828520c9edf31288fc00) H:\WINDOWS\system32\DRIVERS\usbprint.sys
21:28:05.0546 4044 usbprint - ok
21:28:05.0578 4044 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) H:\WINDOWS\system32\DRIVERS\usbscan.sys
21:28:05.0578 4044 usbscan - ok
21:28:05.0625 4044 usbstor (a32426d9b14a089eaa1d922e0c5801a9) H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:28:05.0625 4044 usbstor - ok
21:28:05.0640 4044 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) H:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:28:05.0640 4044 usbuhci - ok
21:28:05.0656 4044 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) H:\WINDOWS\System32\drivers\vga.sys
21:28:05.0656 4044 VgaSave - ok
21:28:05.0671 4044 ViaIde - ok
21:28:05.0687 4044 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) H:\WINDOWS\system32\drivers\VolSnap.sys
21:28:05.0687 4044 VolSnap - ok
21:28:05.0718 4044 Wanarp (e20b95baedb550f32dd489265c1da1f6) H:\WINDOWS\system32\DRIVERS\wanarp.sys
21:28:05.0718 4044 Wanarp - ok
21:28:05.0734 4044 WDICA - ok
21:28:05.0765 4044 wdmaud (6768acf64b18196494413695f0c3a00f) H:\WINDOWS\system32\drivers\wdmaud.sys
21:28:05.0781 4044 wdmaud - ok
21:28:05.0843 4044 WpdUsb (c1b3d9d75c3fb735f5fa3a5806aded57) H:\WINDOWS\system32\Drivers\wpdusb.sys
21:28:05.0843 4044 WpdUsb - ok
21:28:05.0875 4044 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
21:28:05.0984 4044 \Device\Harddisk0\DR0 - ok
21:28:06.0000 4044 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR10
21:28:06.0015 4044 \Device\Harddisk5\DR10 - ok
21:28:06.0015 4044 Boot (0x1200) (0a4a4b35898f1afc32cc7f8185d5e60d) \Device\Harddisk0\DR0\Partition0
21:28:06.0015 4044 \Device\Harddisk0\DR0\Partition0 - ok
21:28:06.0015 4044 Boot (0x1200) (8005a798c7253081905c9ea272791634) \Device\Harddisk5\DR10\Partition0
21:28:06.0015 4044 \Device\Harddisk5\DR10\Partition0 - ok
21:28:06.0031 4044 ============================================================
21:28:06.0031 4044 Scan finished
21:28:06.0031 4044 ============================================================
21:28:06.0031 4000 Detected object count: 0
21:28:06.0031 4000 Actual detected object count: 0
Hij heeft niks gevonden, MBAM opstarten lukt nog steeds niet. Tevens blijft hij een netwerkadres verkrijgen, maar het lukt niet op internet te komen……
En de hijack log :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:49, on 21-11-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
h:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\brsvc01a.exe
H:\WINDOWS\system32\brss01a.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\SUPERAntiSpyware\SASCORE.EXE
H:\Program Files\Java\jre6\bin\jqs.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
H:\Program Files\LogMeIn\x86\RaMaint.exe
H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Java\jre6\bin\jusched.exe
H:\WINDOWS\RTHDCPL.EXE
H:\WINDOWS\system32\igfxpers.exe
H:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
H:\Program Files\Microsoft Security Client\msseces.exe
H:\Program Files\LogMeIn\x86\LogMeInSystray.exe
H:\WINDOWS\system32\igfxtray.exe
H:\WINDOWS\system32\hkcmd.exe
H:\WINDOWS\system32\igfxsrvc.exe
H:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
H:\Program Files\Brother\ControlCenter3\brccMCtl.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
H:\WINDOWS\system32\wscntfy.exe
H:\WINDOWS\system32\msiexec.exe
H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Netviewer Support - {4BE8B65B-EE14-40C1-B6BB-31E494FE6EBA} - H:\PROGRA~1\Netviewer\Support\Plugin\IE plugin\NVIEPluginSupport.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Netviewer Support - {E1F9EDE7-EF90-4A65-A5A4-D2FFEEA5D469} - H:\PROGRA~1\Netviewer\Support\Plugin\IE plugin\NVIEPluginSupport.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “H:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM\..\Run: H:\Program Files\Brother\Brmfl06b\BrStDvPt.exe
O4 - HKLM\..\Run: H:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: H:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: H:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: “h:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: “H:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM\..\Run: H:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: H:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: H:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: H:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: H:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: “H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\RunOnce: H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: “H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU\..\Run: H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: H:\WINDOWS\system32\Adobe\SHOCKW~1\SwHelper_1100465.exe -Update -1100465 -“Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB0.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.1)” -“http://www.speeleiland.nl/spel/3d_racer_panda_racer.html”
O4 - HKUS\S-1-5-18\..\Run: “h:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: “h:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t (User ‘Default user’)
O4 - Startup: Check for TWS Updates.lnk = H:\Jts\WiseUpdt.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://H:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki… - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirementslab.com/audio/bin/sysreqlab_srlx.cab
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1214597245328
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214597238203
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - H:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - H:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - H:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updateservice (gupdate1ca079a54cc17a0) (gupdate1ca079a54cc17a0) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - H:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - H:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
–
End of file - 10503 bytes
Hallo,
Heb je nou wel of geen internet met die laptop?
Heeft het Avira AntiVir Rescue System wat verwijderd ?
Problemen bij het starten van Malwarebytes' Anti-Malware
Lukt mbam niet en de laptop heeft internet (anders bedraad proberen)
Download ComboFix van één van deze locaties:
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.
1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* ( hier of hier staat een handleiding over hoe je deze kan uitschakelen)
2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de ‘tool’ vastlopen.
* Noot !!! Als er een error wordt getoond met de melding “Illegal operation attempted on a registery key that has been marked for deletion.” herstart dan de computer.
5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
Plaats hierna het Combofix logje samen met een nieuwe HijackThis logje en de antwoorden op mijn vragen.
Ben
Hallo,
Om weer op Internet te komen probeer het volgende :
proxy uitschakelen
Open: Internet Explorer
Klik bovenin op Extra => Internet opties => Verbindingen => LAN-instellingen
bij Een proxyserver voor het LAN-netwerk gebruiken
en Proxyserver niet voor lokale adressen gebruiken
het vinkje verwijderen > OK.
Start Internet Explorer voor de zekerheid opnieuw op.
Download target="_blank">Dr.Web Curelt en sla het op je bureaublad op.
• Dubbelklik drweb-cureit.exe en sta het toe om te express scan te starten.
Indien er een popup verschijnt met het voorstel tot kopen/50% korting mag je deze sluiten.
• De express scan zal de bestanden scannen die momenteel in het geheugen geladen zijn. Wanneer er iets gevonden wordt klik op 'alles selecteren' kies nu voor 'repareren' en uit het kleine menutje dat verschijnt kies je 'verplaatsen'.
• Kies bovenaan in het menu voor Language/Taal en wijzig deze naar Dutch (Nederlands) indien deze bij jou anders staat ingesteld.
• Druk op F9, kies daarna voor het tabblad Acties en stel daar het volgende in onder Malware:
o Adware: Verplaats
o Dialers: Verplaats
o Jokes: Rapportage
o Riskware: Rapportage
o Hacktools: Verplaats
o Haal dan het vinkje weg bij 'Prompt bij actie'.
• Kies daarna voor het tabblad Scan en verwijder het vinkje bij Heuristische analyse.
Druk vervolgens op Toepassen gevolgd door OK.
• Eenmaal als de korte scan is beeindigd vink je aan: Volledige scan.
Druk daarna op het groene pijltje (start knop) om de scan te starten.
• Gevonden bestanden worden naar ‘%USERPROFILE%\DocterWeb\Quarantine’ -map verplaatst indien het herstellen niet mogelijk is.
• Nadat de scan gedaan is ga dan naar Bestand en kies Rapportage lijst opslaan.
Bewaar deze op je bureaublad en sluit daarna Dr.Web CureIt.
• Herstart vervolgens de computer!! Dit is een belangrijke stap want het kan zijn dat Dr.Web CureIt bestanden zal verplaatsen/verwijderen tijdens herstart.
• Na het herstarten, kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.
Ben
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's