Pagina 1 van 2 12 LaatsteLaatste
Weergegeven resultaten: 1 t/m 10 van 15
  1. #1
    Erelid   ghost's schermafbeelding
    Geregistreerd
    1 May 2005
    Locatie
    limburg
    Berichten
    2.885
    Bedankjes
    1.777
    Bedankt
    1.626 keer in 1.037 posts

    natuurlijk politievirus maar wat nu?

    Als ik de laptop opstart krijg ik dadelijk , idem als deze link http://www.minatica.be/threads/79491...tijdens-surfen
    politiescherm ,webcam gaat aan en krijg het met niks verwijderd.
    Hoe kan ik een hijackthislogje plaatsen ,als ik telkens dat politiescherm als eerste krijg , en niks anders kan doen ?
    Mijn leugens zijn de waarheid , jullie logen tegen mij en dat is de waarheid

  2. #2
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Hey ghost,

    doe eens volgende:

    Download "HitmanPro" via de onderstaande link bijvoorbeeld naar het bureaublad op een niet geïnfecteerde computer
    Klik hier om de uitgebreide handleiding te raadplegen
    Klik hier om de handleiding voor het uitvoeren van HitmanPro.Kickstart via een Boot-CD

    • HitmanPro downloaden. (Kies hier de 32 of 64 bit versie).
    • Dubbelklik op HitmanPro36.exe of HitmanPro36_64.exe om het programma op te starten.
    • Klik in het beginscherm op de "Kickstartknop" zoals u kunt zien in het onderstaande rode kader.
    • Indien er reeds een USB-stick is aangesloten zal HitmanPro Kickstart deze automatisch herkennen en weergeven.
    • Klik deze USB-stick éénmaal aan waarna u de keuze krijgt om Kickstart te installeren op de USB-stick.


    • Voordat HitmanPro.Kickstart wordt geïnstalleerd wordt de USB-stick opnieuw geformatteerd.
      Waarschuwing! Bij het opnieuw formatteren gaan alle gegevens verloren die op de USB-stick zijn opgeslagen.


    • Nadat de HitmanPro Kickstart USB-stick is aangemaakt zal deze automatisch “veilig verwijderd” worden van het betreffende systeem waarop deze is aangemaakt.
    • Start de geïnfecteerde computer op van de HitmanPro.Kickstart USB-stick. (Hoe u de computer van een USB-stick kunt opstarten lees u hier)


    • Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
    • Klik in het setup scherm nu nogmaals op "Volgende", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is.
    • Als de scan klaar is klik je op "volgende"
    • Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen.
    • Note: indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen.
    • Als het verwijderen gereed is klik je onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
      Post dit logje.
    • Klik nu op de knop "Herstarten".

  3. #3
    Erelid   ghost's schermafbeelding
    Geregistreerd
    1 May 2005
    Locatie
    limburg
    Berichten
    2.885
    Bedankjes
    1.777
    Bedankt
    1.626 keer in 1.037 posts
    het wil niet lukken , het staat op de usb hij start ook op , kan dan ook usb boot options kiezen .
    Maar bij 1. Bypass Master Boot Record [default] krijg ik
    hitmanpro.kickstart booting
    mbr read
    failed to boot

    Als ik dan 2. Regular boot (when bypass did not work) pak krijg ik .
    hitmanpro.kickstart booting
    hitmanpro.kickstart booting
    hitmanpro.kickstart booting
    mbr read - startingbootcode
    Maar er start niks op het blijft stilstaan

    ik ga nu eens proberen via cd
    Laatst gewijzigd door ghost; 28 December 2012 om 20:03
    Mijn leugens zijn de waarheid , jullie logen tegen mij en dat is de waarheid

  4. #4
    Erelid   ghost's schermafbeelding
    Geregistreerd
    1 May 2005
    Locatie
    limburg
    Berichten
    2.885
    Bedankjes
    1.777
    Bedankt
    1.626 keer in 1.037 posts
    juist ook geprobeerd met Plop Boot Manager CD , maar krijg ook boot error noboot device found , please retry it.
    Kan dit ook lukken vb in veilige modus? Ergens iets?
    Mijn leugens zijn de waarheid , jullie logen tegen mij en dat is de waarheid

  5. #5
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Even raad vragen aan de collega's hoor!

  6. #6
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Stap 1
    Start de computer op in de veilige modus met command / opdrachtprompt.



    Zodra het systeem is opgestart in de veilige modus met de command / opdrachtprompt, typt u in dit venster explorer.exe gevolgd door enter.



    Klik bij de melding Windows wordt nu in de veilige modus uitgevoerd op enter.
    Nu zal het bureaublad, inclusief de taakbalk verschijnen zodat u het systeem normaal kunt gebruiken om de malware te verwijderen.
    Note! U zult echter geen verbinding hebben met het internet, zet de te gebruiken tools met behulp van bijvoorbeeld een USB-stick over naar de geïnfecteerde computer.

    Stap 2
    Download de 32 of 64 bit versie van HitmanPro naar het bureaublad.
    Klik hier voor een uitgebreide handleiding van HitmanPro.

    • Houd de linker CTRL toets ingedrukt en dubbelklik op "HitmanPro36.exe" om de "Force Breach" te starten en klik op "volgende" als HitmanPro de processen heeft geblokkeerd.
    • Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
    • Klik in het setup scherm nu nogmaals op "Volgende", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is.
    • Als de scan klaar is klik je op "volgende"
    • Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen.
    • Note: indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen.
    • Als het verwijderen gereed is klik je onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
      Post dit logje.
    • Klik nu op de knop "Herstarten".



    Stap 3
    Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
    DDS - Bleeping Computer download.
    DDS - Bleeping Computer download.
    DDS - Infospyware.




    DDS is een diagnosetool en maakt gebruik van scripts.

    Schakel je beveiligings software uit voordat je DDS uitvoert!
    (hier of hier) kan je lezen hoe je dat doet.

    Dubbelklik op DDS om de tool te starten.

    Er worden nu automatisch twee log bestanden op het bureablad opgeslagen.
    • DDS.txt
    • Attach.txt (Plaats deze alleen indien hierom wordt gevraagd!)

  7. #7
    Erelid   ghost's schermafbeelding
    Geregistreerd
    1 May 2005
    Locatie
    limburg
    Berichten
    2.885
    Bedankjes
    1.777
    Bedankt
    1.626 keer in 1.037 posts
    Na het herstarten van stap2 krijg ik opnieuw dat flikkenscherm . Dus het is nog niet weg want ik kan stap 3 dan ook niet uitvoeren.
    Mijn leugens zijn de waarheid , jullie logen tegen mij en dat is de waarheid

  8. #8
    Erelid   ghost's schermafbeelding
    Geregistreerd
    1 May 2005
    Locatie
    limburg
    Berichten
    2.885
    Bedankjes
    1.777
    Bedankt
    1.626 keer in 1.037 posts
    ik heb wel het logje van de scan


    Code:
    HitmanPro 3.7.0.185
    www.hitmanpro.com
    
       Computer name . . . . : IKBENGHOST-PC
       Windows . . . . . . . : 6.1.1.7601.X64/8
       Safe Mode Boot  . . . : MINIMAL
       User name . . . . . . : ikbenghost-PC\ikbenghost
       UAC . . . . . . . . . : Disabled
       License . . . . . . . : Free
    
       Scan date . . . . . . : 2012-12-29 12:47:52
       Scan mode . . . . . . : Normal
       Scan duration . . . . : 1m 57s
       Disk access mode  . . : Direct disk access (SRB)
       Cloud . . . . . . . . : No connection
       Reboot  . . . . . . . : Yes
    
       Threats . . . . . . . : 0
       Traces  . . . . . . . : 97
    
       Objects scanned . . . : 1.458.269
       Files scanned . . . . : 43.210
       Remnants scanned  . . : 496.887 files / 918.172 keys
    
    Cookies _____________________________________________________________________
    
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adserver01.de
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.nl
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.piximedia.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.prismamediadigital.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.clicmanager.fr
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.fb.telaxo.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.fem-netherlands.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.horyzon-media.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.intergi.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.justpremium.nl
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserve2.adflan.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:adverteerdirect.nl
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertstream.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:adviva.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:be.sitestat.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:bestwestern.solution.weborama.fr
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluemango.solution.weborama.fr
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:bonton.122.2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:clicksor.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:clubmedbelgique.solution.weborama.fr
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:conrad.122.2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:de.sitestat.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:eaeacom.112.2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:fl01.ct2.comclick.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:idfact.adservinginternational.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:kpn.solution.weborama.fr
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:lego.112.2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:myroitracking.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:nl.sitestat.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:novator.122.2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.onestat.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.paypal.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:tpgpost.122.2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:uk.at.atwola.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:unigro.112.2o7.net
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:vodafonebranding.solution.weborama.fr
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww488.smartadserver.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:www3.smartadserver.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:www4.smartadserver.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
       C:\Users\ikbenghost\AppData\Local\Google\Chrome\User Data\Default\Cookies:zeddigitalbe.solution.weborama.fr
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\0ZZLJFBV.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\2H8UQWWH.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\2XI2H9G8.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\4PGNKPHF.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\4RV903Y2.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\51NZOP1P.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\6QHNP3V6.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\IU0OR3OR.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\N3TR0WK2.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\PN6L8HSV.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\R634QQ5Q.txt
       C:\Users\ikbenghost\AppData\Roaming\Microsoft\Windows\Cookies\YRKGCLS0.txt
    Mijn leugens zijn de waarheid , jullie logen tegen mij en dat is de waarheid

  9. #9
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Hoi ghost,

    kun je eens juist zeggen wat er juist verschijnt van dat politie virus?

    is het een van volgende:
    - Office central
    - Afdeling om cybercriminaliteit te bestrijden
    - Federale Dienst voor computerbeveiliging Internetcriminaliteit
    - of iets dergelijks

    Dit is belangrijk om weten omdat er verschillende werkwijzes zijn.

    PS: deze zou het moeten doen: http://www.pcwebplus.nl/phpbb/viewto...p?f=222&t=6657
    Laatst gewijzigd door Rosty; 29 December 2012 om 21:38

  10. #10
    Erelid   ghost's schermafbeelding
    Geregistreerd
    1 May 2005
    Locatie
    limburg
    Berichten
    2.885
    Bedankjes
    1.777
    Bedankt
    1.626 keer in 1.037 posts
    Het was dus die franse gelijk op pcwebplus. De politievirus krijg ik niet meer.
    Hier de logjes.


    Malwarebytes Anti-Malware 1.70.0.1100
    www.malwarebytes.org

    Databaseversie: v2012.12.29.11

    Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden)
    Internet Explorer 9.0.8112.16421
    ikbenghost :: IKBENGHOST-PC [administrator]

    29/12/2012 22:29:51
    mbam-log-2012-12-29 (22-29-51).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 233096
    Verstreken tijd: 3 minuut/minuten, 8 seconde

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 3
    C:\Users\ikbenghost\wgsdgsdgdsgsd.dll (Trojan.FakeMS) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\ikbenghost\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Startup\runctf.lnk (Trojan.Ransom.SUGen) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)



    ddslogje

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
    Run by ikbenghost at 22:39:23 on 2012-12-29
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8078.5883 [GMT 1:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\HitmanPro\hmpsched.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\FBAgent.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\SysWOW64\IoctlSvc.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\HitmanPro\HitmanPro.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files\ASUS\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Windows\AsScrPro.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files (x86)\ASUS\APRP\aprp.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files\Elantech\ETDGesture.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
    C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\Devic eDetector.exe
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.be/
    uDefault_Page_URL = hxxp://asus.msn.com
    mStart Page = hxxp://asus.msn.com
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
    mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    uPolicies-Explorer: NoDriveAutoRun = dword:0
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    TCP: NameServer = 195.130.130.3 195.130.131.3
    TCP: Interfaces\{4C81C85A-B324-472B-8FE4-4C362C4AE8F0} : DHCPNameServer = 195.130.130.3 195.130.131.3
    TCP: Interfaces\{A3BF481A-FB58-45B1-B5B6-83A115DBAA7B} : DHCPNameServer = 195.130.130.3 195.130.131.3
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
    SSODL: WebCheck - <orphaned>
    x64-mStart Page = hxxp://asus.msn.com
    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
    x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
    x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-3-13 16152]
    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpc iflt.sys [2012-12-4 30056]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.s ys [2012-11-24 984144]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-24 370288]
    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
    R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.s ys [2012-12-4 284008]
    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-7-8 379520]
    R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
    R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-2-17 277120]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswF sBlk.sys [2012-11-24 25232]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\as wMonFlt.sys [2012-11-24 71600]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-24 44808]
    R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-2-22 1014096]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-2-22 1104208]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-12 135952]
    R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
    R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-12-29 108904]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-7-8 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-8 161560]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-8 363800]
    R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
    R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-7-8 17152]
    R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
    R3 AsusVBus;AsusVBus;C:\Windows\System32\drivers\Asus VBus.sys [2011-12-21 35968]
    R3 AsusVTouch;AsusVTouch;C:\Windows\System32\drivers\ AsusVTouch.sys [2011-11-8 16512]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-2-22 1304912]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-11-30 94720]
    R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.s ys [2011-11-30 747008]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-3-13 200488]
    R3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2012-12-29 32152]
    R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\ iBtFltCoex.sys [2012-2-14 60928]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-3-13 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-3-13 787736]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-27 25496]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sy s [2012-3-13 103536]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
    S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssflt r.sys [2012-2-24 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-27 34200]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominipor t.sys [2012-11-18 19456]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUs bFlt.sys [2012-11-18 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-18 30208]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-18 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2012-12-29 21:38:55 32152 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys
    2012-12-29 21:28:32 -------- d-----w- C:\Users\ikbenghost\AppData\Roaming\Malwarebytes
    2012-12-29 21:28:06 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-12-29 21:28:05 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-12-29 21:28:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-12-29 21:27:56 -------- d-----w- C:\Users\ikbenghost\AppData\Local\Programs
    2012-12-29 11:47:52 -------- d-----w- C:\Program Files\HitmanPro
    2012-12-29 11:45:17 -------- d-----w- C:\ProgramData\HitmanPro
    2012-12-28 13:17:53 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5A9068C1-5CD9-481B-AC9A-0C653923917A}\mpengine.dll
    2012-12-20 22:51:53 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-20 22:51:53 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-20 22:51:52 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-20 22:51:51 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-20 21:42:15 -------- d-----w- C:\Users\ikbenghost\AppData\Local\Ahead
    2012-12-20 21:38:53 -------- d-----w- C:\Program Files (x86)\Nero
    2012-12-20 21:38:52 -------- d-----w- C:\ProgramData\Nero
    2012-12-11 20:29:10 15728568 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-12-06 15:50:53 -------- d-----w- C:\Users\ikbenghost\AppData\Local\Adobe
    2012-12-05 11:22:28 248320 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp70v.dl l
    2012-12-05 11:21:07 -------- d-----w- C:\Program Files (x86)\Common Files\HP
    2012-12-05 11:21:04 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
    2012-12-05 11:20:48 136704 ----a-w- C:\Windows\System32\hpf3l70v.dll
    2012-12-05 11:20:44 -------- d-----w- C:\Program Files (x86)\HP
    2012-12-05 11:19:43 -------- d-----w- C:\Program Files\HP
    2012-12-05 11:19:15 642360 ----a-w- C:\Windows\System32\hpzids40.dll
    2012-12-05 11:19:14 880640 ----a-w- C:\Windows\System32\hposwia_p02c.dll
    2012-12-05 11:19:14 551424 ----a-w- C:\Windows\System32\hppldcoi.dll
    2012-12-05 11:19:14 515072 ----a-w- C:\Windows\System32\hposc_p02a.dll
    2012-12-05 11:19:14 1403904 ----a-w- C:\Windows\System32\hpost_p02c.dll
    2012-12-04 18:16:22 -------- d-----w- C:\NVIDIA
    2012-12-03 10:13:38 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-03 10:13:38 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-01 21:30:26 -------- d-----w- C:\Users\ikbenghost\AppData\Local\QuickPar
    2012-12-01 21:28:19 -------- d-----w- C:\Program Files (x86)\QuickPar
    2012-11-30 21:43:52 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    .
    ==================== Find3M ====================
    .
    2012-12-29 21:37:11 387 ----a-w- C:\Users\ikbenghost\AppData\Roaming\sp_data.sys
    2012-12-01 05:49:26 3663213 ----a-w- C:\Windows\System32\nvcoproc.bin
    2012-12-01 05:49:26 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
    2012-12-01 05:49:25 63336 ----a-w- C:\Windows\System32\nvshext.dll
    2012-12-01 05:49:25 55144 ----a-w- C:\Windows\System32\nv3dappshextr.dll
    2012-12-01 05:49:25 118120 ----a-w- C:\Windows\System32\nvmctray.dll
    2012-12-01 05:49:24 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
    2012-12-01 05:49:24 877928 ----a-w- C:\Windows\System32\nv3dappshext.dll
    2012-12-01 05:48:41 6223208 ----a-w- C:\Windows\System32\nvcpl.dll
    2012-12-01 05:48:37 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll
    2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2012-11-18 09:19:34 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-11-18 09:19:31 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2012-11-18 09:19:31 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr
    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-15 16:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
    2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
    2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
    2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
    2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
    2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
    2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
    2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
    2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
    2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
    2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
    2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
    2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
    2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
    2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
    2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
    .
    ============= FINISH: 22:40:27,96 ===============


    attachlogje

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 17/11/2012 16:36:23
    System Uptime: 29/12/2012 22:35:53 (0 hours ago)
    .
    Motherboard: ASUSTeK COMPUTER INC. | | N76VM
    Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz | SOCKET 0 | 2301/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 279 GiB total, 209,85 GiB free.
    D: is FIXED (NTFS) - 394 GiB total, 270,135 GiB free.
    E: is Removable
    F: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart C4700 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Photosmart C4700 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Photosmart C4700 series
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Photosmart C4700 series
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam
    .
    ==== System Restore Points ===================
    .
    RP35: 11/12/2012 9:40:10 - Windows Update
    RP36: 13/12/2012 0:22:43 - Windows Update
    RP37: 18/12/2012 8:12:14 - Windows Update
    RP38: 20/12/2012 22:38:08 - DirectX is geïnstalleerd.
    RP39: 20/12/2012 22:38:29 - Installed Nero 8 Trial. Available with Windows Installer version 1.2 and later.
    RP40: 20/12/2012 23:51:31 - Windows Update
    RP41: 25/12/2012 10:04:38 - Windows Update
    RP42: 28/12/2012 14:17:23 - Windows Update
    .
    ==== Installed Programs ======================
    .
    ??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
    ???? ??? Windows Live
    ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
    ???? Windows Live
    ????? Windows Live
    ?????? ??????? ?? Windows Live
    ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
    ??????? Windows Live Mesh ActiveX ???
    ???????? ?????????? Windows Live
    ?????????? Windows Live
    64 Bit HP CIO Components Installer
    Adobe Flash Player 10 Plugin
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.4) MUI
    Alcor Micro USB Card Reader
    ASUS AI Recovery
    ASUS FaceLogon
    ASUS Instant Connect
    ASUS Instant Key
    ASUS LifeFrame3
    ASUS Live Update
    ASUS Music Maker
    ASUS Photo Designer
    ASUS Photo Manager
    ASUS Power4Gear Hybrid
    ASUS Splendid Video Enhancement Technology
    ASUS USB Charger Plus
    ASUS Video Magic
    ASUS Virtual Camera
    ASUS Virtual Touch
    ASUS WebStorage
    ASUSDVD
    AsusScr_N6 Series_ENG
    AsusVibe2.0
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    ATK Package
    avast! Free Antivirus
    Bing Bar
    Bubbletown
    Contrôle ActiveX Windows Live Mesh pour connexions à distance
    Control ActiveX de Windows Live Mesh para conexiones remotas
    Controlo ActiveX do Windows Live Mesh para Ligações Remotas
    CyberLink LabelPrint
    CyberLink MediaEspresso
    CyberLink Power2Go
    CyberLink PowerDirector
    D3DX10
    Deadtime Stories
    Dream Day First Home
    Dream Vacation Solitaire
    ETDWare PS/2-X64 10.5.9.0
    Farm Frenzy 3 - Madagascar
    Fast Boot
    Firebird SQL Server - MAGIX Edition
    Galapago
    Galeria de Fotografias do Windows Live
    Galerie de photos Windows Live
    Galería fotográfica de Windows Live
    Game Park Console
    Go Go Gourmet Chef of the Year
    Google Chrome
    Google Update Helper
    GrabIt 1.7.2 Beta 6 (build 1008)
    HitmanPro 3.7
    HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
    ImgBurn
    InstantOn for NB
    Intel PROSet Wireless
    Intel(R) Manageability Engine Firmware Recovery Agent
    Intel(R) Management Engine Components
    Intel(R) OpenCL CPU Runtime
    Intel(R) Processor Graphics
    Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Intel(R) WiDi
    Intel(R) Wireless Display
    Intel® PROSet/Wireless WiFi Software
    Intel® Trusted Connect Service Client
    Java 7 Update 9
    Java Auto Updater
    Junk Mail filter update
    Mahjong Memoirs
    Malwarebytes Anti-Malware versie 1.70.0.1100
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    MSVCRT
    MSVCRT_amd64
    myBitCast 1.0.0.3
    Nero 8
    neroxml
    Network64
    NVIDIA-configuratiescherm 310.70
    NVIDIA 3D Vision stuurprogramma 310.70
    NVIDIA Grafisch stuurprogramma 310.70
    NVIDIA HD Audio-stuurprogramma 1.3.18.0
    NVIDIA Install Application
    NVIDIA Optimus 1.11.3
    NVIDIA PhysX
    NVIDIA PhysX systeemsoftware 9.12.1031
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.11.3
    NVIDIA Update Components
    Plants vs Zombies
    PS_AIO_06_C4700_SW_Min
    QuickPar 0.9
    Raccolta foto di Windows Live
    Realtek High Definition Audio Driver
    S?????? f?t???af??? t?? Windows Live
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Spotnet
    St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
    Toolbox
    Turbo Fiesta
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    VLC media player 2.0.4
    Windows Live
    Windows Live ???
    Windows Live ????
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Fotogalerie
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinFlash
    WinRAR 4.20 (64-bit)
    Wireless Console 3
    World of Goo
    .
    ==== End Of File ===========================
    Mijn leugens zijn de waarheid , jullie logen tegen mij en dat is de waarheid

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Hier klopt iets niet, maar wat??
    Door Elboulle in forum HijackThis
    Reacties: 4
    Laatste bericht: 21 May 2009, 10:42
  2. Overschakelen van proximus naar base , maar wat met.....?
    Door ghost in forum Mobiele & Home media
    Reacties: 4
    Laatste bericht: 17 November 2008, 23:36
  3. Reacties: 0
    Laatste bericht: 27 June 2006, 13:14
  4. Reacties: 1
    Laatste bericht: 13 June 2005, 12:30

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •