Hallo,
Probeer deze tool een of het werkt (er zit een voorbeeld filmpje bij bekijk diee eerst)
Download EDev.zip en plaats het op je bureaublad.
Unzip het en plaats de EDev map naar je usb stick.
Open de MRM map en dubbelklik op MRM.exe
Selecteer ‘GOOD’ pc en klik op Start.
Indien MBAM niet op je pc staat, zal deze worden gedownload, geinstalleerd én geupdate.
Als je het bericht “Einde Fase 1” ziet, neem je de stick uit de ‘GOEDE’ pc.
Plaats nu de USB stick in de ‘SLECHTE’ pc en dubbelklik op MRM.exe (in de map MRM).
Selecteer ‘BAD’ pc en klik dan op Start
Laat MRM zijn werk doen en op het einde zal MBAM een volledige scan doen.
Selecteer en verwijder de gevonden items en post deze log.
INFO: EDev en You Tube clip
Zoals gevraagd.
Voorals nog geen oplossing.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.10.21.02
Windows Vista Service Pack 2 x86 FAT32
Internet Explorer 9.0.8112.16421
User :: PC_VAN_USER
22-10-2013 10:04:19
mbam-log-2013-10-22 (10-04-19).txt
Scan type: Volledige scan (C:\|E:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 308506
Verstreken tijd: 53 minuut/minuten, 14 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 1
C:\Program Files\FLVPlayer\Uninstall\Uninstall.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Via usb stick
Adwarecleaner.
# AdwCleaner v3.010 - Report created 22/10/2013 at 11:25:09
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : User - PC_VAN_USER
# Running from : D:\adwcleaner.exe
# Option : Scan
***** *****
***** *****
***** *****
***** *****
***** *****
-\\ Internet Explorer v9.0.8112.16514
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Via usb stick nog steeds het probleem bestaat nog.
Ik wacht op uw advies.
LG
Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2013-10-22 11:30:40
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 97 GB (64%) free of 152 GB
Total RAM: 2939 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:30:45, on 22-10-2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16514)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\adwcleaner.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\rundll32.exe
D:\RSIT.exe
C:\Program Files\trend micro\User.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnederland.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: NDSTray.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: Skytel.exe
O4 - HKLM\..\Run: %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: “C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe” /start
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User ‘Default user’)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
–
End of file - 7873 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
“NDSTray.exe”=NDSTray.exe
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“RtHDVCpl”=C:\Windows\RtHDVCpl.exe
“Skytel”=C:\Windows\Skytel.exe
“TPwrMain”=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
“HSON”=C:\Program Files\TOSHIBA\TBS\HSON.exe
“SmoothView”=C:\Program Files\Toshiba\SmoothView\SmoothView.exe
“00TCrdMain”=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
“Camera Assistant Software”=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe
“TOSCDSPD”=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
“ehTray.exe”=C:\Windows\ehome\ehTray.exe
“WMPNSCFG”=C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
cfFncEnabler.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup
c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Jumpstart\jswtrayutil.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\igfxdev.dll
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0
“BindDirectlyToPropertySetStorage”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“MSVideo8”=VfWWDM32.dll
“msacm.dvacm”=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2013-10-22 11:30:41 —-D—- C:\Program Files\trend micro
2013-10-22 11:30:40 —-D—- C:\rsit
2013-10-22 11:14:05 —-A—- C:\Windows\system32\drivers\mbamswissarmy.sys
2013-10-22 10:00:53 —-ASH—- C:\hiberfil.sys
2013-10-15 11:28:03 —-A—- C:\Windows\ntbtlog.txt
2013-10-12 03:06:25 —-A—- C:\Windows\system32\vbscript.dll
2013-10-12 03:06:25 —-A—- C:\Windows\system32\mshtmled.dll
2013-10-12 03:06:25 —-A—- C:\Windows\system32\ieui.dll
2013-10-12 03:06:24 —-A—- C:\Windows\system32\wininet.dll
2013-10-12 03:06:24 —-A—- C:\Windows\system32\msfeeds.dll
2013-10-12 03:06:24 —-A—- C:\Windows\system32\jsproxy.dll
2013-10-12 03:06:24 —-A—- C:\Windows\system32\ieUnatt.exe
2013-10-12 03:06:23 —-A—- C:\Windows\system32\url.dll
2013-10-12 03:06:23 —-A—- C:\Windows\system32\jscript9.dll
2013-10-12 03:06:23 —-A—- C:\Windows\system32\jscript.dll
2013-10-12 03:06:23 —-A—- C:\Windows\system32\iertutil.dll
2013-10-12 03:06:22 —-A—- C:\Windows\system32\urlmon.dll
2013-10-12 03:06:22 —-A—- C:\Windows\system32\mshtml.dll
2013-10-12 03:06:20 —-A—- C:\Windows\system32\ieframe.dll
2013-10-11 15:55:02 —-A—- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 15:54:59 —-A—- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 15:54:59 —-A—- C:\Windows\system32\cdd.dll
2013-10-11 15:54:57 —-A—- C:\Windows\system32\FntCache.dll
2013-10-11 15:54:57 —-A—- C:\Windows\system32\DWrite.dll
2013-10-11 15:54:56 —-A—- C:\Windows\system32\d3d10warp.dll
2013-10-11 15:54:56 —-A—- C:\Windows\system32\d3d10level9.dll
2013-10-11 15:54:56 —-A—- C:\Windows\system32\d3d10core.dll
2013-10-11 15:54:56 —-A—- C:\Windows\system32\d3d10_1core.dll
2013-10-11 15:54:56 —-A—- C:\Windows\system32\d3d10_1.dll
2013-10-11 15:54:56 —-A—- C:\Windows\system32\d3d10.dll
2013-10-11 15:54:56 —-A—- C:\Windows\system32\d2d1.dll
2013-10-11 15:54:53 —-A—- C:\Windows\system32\win32k.sys
2013-10-11 15:54:42 —-A—- C:\Windows\system32\drivers\usbuhci.sys
2013-10-11 15:54:42 —-A—- C:\Windows\system32\drivers\usbport.sys
2013-10-11 15:54:42 —-A—- C:\Windows\system32\drivers\usbhub.sys
2013-10-11 15:54:42 —-A—- C:\Windows\system32\drivers\usbehci.sys
2013-10-11 15:54:42 —-A—- C:\Windows\system32\drivers\usbd.sys
2013-10-11 15:54:42 —-A—- C:\Windows\system32\drivers\usbccgp.sys
2013-10-11 15:54:41 —-A—- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-11 15:54:41 —-A—- C:\Windows\system32\drivers\usbvideo.sys
2013-10-11 15:54:40 —-A—- C:\Windows\system32\atmlib.dll
2013-10-11 15:54:40 —-A—- C:\Windows\system32\atmfd.dll
2013-10-11 15:54:39 —-A—- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 15:54:39 —-A—- C:\Windows\system32\comctl32.dll
2013-10-08 11:11:21 —-D—- C:\AdwCleaner
2013-09-30 13:09:59 —-RD—- C:\Program Files\Skype
2013-09-30 13:09:59 —-D—- C:\Program Files\Common Files\Skype
======List of files/folders modified in the last 1 month======
2013-10-22 11:30:45 —-D—- C:\Windows\Prefetch
2013-10-22 11:30:43 —-D—- C:\Windows\Temp
2013-10-22 11:30:41 —-D—- C:\Program Files
2013-10-22 11:14:05 —-D—- C:\Windows\system32\drivers
2013-10-22 11:13:36 —-D—- C:\Windows\inf
2013-10-22 11:13:36 —-AD—- C:\Windows\System32
2013-10-22 11:13:36 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-10-22 11:01:42 —-D—- C:\Windows
2013-10-22 11:00:30 —-D—- C:\Windows\Branding
2013-10-22 10:08:32 —-SHD—- C:\System Volume Information
2013-10-12 03:37:48 —-D—- C:\Windows\Microsoft.NET
2013-10-12 03:37:32 —-RSD—- C:\Windows\assembly
2013-10-12 03:28:21 —-D—- C:\Windows\system32\wbem
2013-10-12 03:28:21 —-D—- C:\Windows\system32\migration
2013-10-12 03:28:21 —-D—- C:\Program Files\Internet Explorer
2013-10-12 03:12:47 —-D—- C:\Windows\winsxs
2013-10-12 03:12:03 —-SHD—- C:\Windows\Installer
2013-10-12 03:07:40 —-D—- C:\Windows\system32\MRT
2013-10-12 03:07:39 —-D—- C:\Windows\Debug
2013-10-12 03:07:36 —-A—- C:\Windows\system32\mrt.exe
2013-10-12 03:06:39 —-D—- C:\Windows\system32\catroot
2013-10-12 03:06:36 —-D—- C:\Windows\system32\catroot2
2013-10-11 15:14:10 —-A—- C:\Windows\system32\FlashPlayerApp.exe
2013-10-08 11:20:34 —-D—- C:\Users\User\AppData\Roaming\Skype
2013-10-08 11:15:24 —-D—- C:\Program Files\Google
2013-10-08 11:14:22 —-HD—- C:\ProgramData
2013-10-08 11:06:04 —-D—- C:\Windows\Tasks
2013-10-08 11:03:11 —-D—- C:\ProgramData\Google
2013-10-08 10:52:27 —-D—- C:\Program Files\Common Files
2013-10-08 10:43:20 —-SD—- C:\Users\User\AppData\Roaming\Microsoft
2013-09-30 13:10:11 —-D—- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
R2 VmbService;Vodafone Mobile Broadband-service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
—————–EOF—————–
Hoi LG,
Download Combofix hier en plaats het op jou bureaublad.
Schakel nu eerst jou virusscanner uit. Deze gaat weer aan nadat computer opnieuw is opgestart.
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,
want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt
van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
De scan kan, afhankelijk van de besmetting 40 tot wel 100 minuten duren, dus denk niet van hij zit vast.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Lukt dit niet in normale modus, dan bovenstaande in veilige modus doen.
Plaats in jou volgende bericht het logje van Combofix en vertel hoe het nu gaat.
Succes,
Huib;)
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's