Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

N.a.v van een scan Kaspersky ,Graag controle.

Abraham54
33 antwoorden
  • Zou u mijn
    desktop kunnen controleren, n.a.v een scan van Kaspersky Internet Security 2012.

    Windows 7 Home Premium
    Kaspersky Internet Security 2012
    Mbam pro

    En hier gaat het mij eigelijk om
    Zie scan

    [img][img:fbba9cf114]http://i210.photobucket.com/albums/bb290/koper2008/Allerlei%20foto/Kasperskyscan.png[/img:fbba9cf114]

    Is dit nu wel gedecteerd (installeerd op de computer, of niet)

    Want Kaspersky kon niets vinden.
    Scan met Mbam ook niets
    En heb Eset online scanner mee gescand. En die vond ook niets.

    Als het goed is, wat er in de afbeelding staat, dan laten we het zo.
    Maar anders graag even een antwoord hier op. Wat ik verder doen moet.

    Alvast bedankt voor u medewerking.[/img]
  • Laten we eens kijken of een ander tool wel succesvol is:

    [b:8a898a9314]Welk programma[/b:8a898a9314]: Zoek.exe
    [b:8a898a9314]Waarvoor/waarom[/b:8a898a9314]: multifunktioneel tool
    [b:8a898a9314]Moeilijkheidsgraad[/b:8a898a9314]: geen.
    [b:8a898a9314]Download[/b:8a898a9314]: [b:8a898a9314]zoek.exe[/b:8a898a9314]

    [b:8a898a9314]"Zoek.exe van Smeenk" gebruiken[/b:8a898a9314]:
    [list:8a898a9314][*:8a898a9314] [b:8a898a9314]Sluit nu eerst alle nog openstaande programmavensters![/color:8a898a9314][/b:8a898a9314]
    [list:8a898a9314][*:8a898a9314][b:8a898a9314]Windows 2000[/color:8a898a9314][/b:8a898a9314] en [b:8a898a9314]Windows XP[/b:8a898a9314][/color:8a898a9314]: start het tool middels dubbelklik op "[i:8a898a9314]Zoek.exe van Smeenk[/i:8a898a9314]".
    [*:8a898a9314][b:8a898a9314]Windows Vista[/b:8a898a9314][/color:8a898a9314] en [b:8a898a9314]Windows 7[/b:8a898a9314][/color:8a898a9314]: start het tool middels rechtsklik op "[i:8a898a9314]Zoek.exe van Smeenk[/i:8a898a9314]" en dan kiezen voor [i:8a898a9314][b:8a898a9314]Als Administrator uitvoeren[/b:8a898a9314][/i:8a898a9314].[/list:u:8a898a9314][/list:u:8a898a9314]

    Er start nu een zwart CMD/Opdrachtpromptvenster op.
    [list:8a898a9314][*:8a898a9314]Typ nu in dat venster [b:8a898a9314]B[/b:8a898a9314] gevolgd door Enter om "Custom search" te starten.
    [*:8a898a9314]Een kladblokdocument met de naam "input.txt" zal nu openen.
    [*:8a898a9314]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster[/list:u:8a898a9314]

    [b:8a898a9314]
    ArchSMS;
    archsms;
    [/color:8a898a9314][/b:8a898a9314]

    [list:8a898a9314][*:8a898a9314]Wanneer je de blauwe gekleurde tekst in het lege kladblokvenster geplakt hebt, mag je input.txt sluiten, laat de wijzigingen opslaan.[/list:u:8a898a9314]

    [img:8a898a9314]http://www.imgdumper.nl/uploads5/4f4375db0bc34/4f4375db0a8b1-Zoekexe.png[/img:8a898a9314]

    [list:8a898a9314][*:8a898a9314]Hierna begint de scan te lopen, wacht geduldig tot een log opent en post het resultaat in je volgende bericht.[/list:u:8a898a9314]
  • Goedeavond Abraham

    bedankt voor je reactie.
    Moest weer werken vandaag, na de vorst periode.

    Die melding wat Kaspersky had, die had ik ook op 25-01-2012 met de zelfde items.

    Heb het uit gevoerd, zie scan.Maar dat heb wel een uur over gedaan. En ja was het nu al klaar, ik kon er nergens wat aan vinden. Dus zodoende de scan ff er bij.

    [img:5e3e6437a0]http://i210.photobucket.com/albums/bb290/koper2008/Allerlei%20foto/Zoekexe.png[/img:5e3e6437a0]

    Hoor het wel, wat er verder moet gebeuren.
  • Hoi, waarschijnlijk is dat bestand er niet meer of het heeft zich een andere naam gegeven!

    Laten we diep gaan kijken!
    Overigens de volgende enkel de inhoud van de kladbloklogs posten, geen screenprints dus!

    [b:8d4b65ddbc]Stap •1•[/b:8d4b65ddbc][/color:8d4b65ddbc]
    [b:8d4b65ddbc]Welk programma[/b:8d4b65ddbc]: [b:8d4b65ddbc]TDSSStarter.exe[/b:8d4b65ddbc]
    [b:8d4b65ddbc]Waarvoor/waarom[/b:8d4b65ddbc]: Rootkitscanner
    [b:8d4b65ddbc]Moeilijkheidsgraad[/b:8d4b65ddbc]: geen
    Download [b:8d4b65ddbc]TDSSStarter[/b:8d4b65ddbc] naar het bureaublad.
    Tijdelijk downloadlink: [b:8d4b65ddbc]TDSSStarter[/b:8d4b65ddbc]

    [b:8d4b65ddbc]"TDSSSStarter.exe" gebruiken[/b:8d4b65ddbc]:
    [list:8d4b65ddbc][*:8d4b65ddbc] [b:8d4b65ddbc]Sluit nu eerst alle nog openstaande programmavensters![/color:8d4b65ddbc][/b:8d4b65ddbc]
    [list:8d4b65ddbc][*:8d4b65ddbc][b:8d4b65ddbc]Windows 2000[/color:8d4b65ddbc][/b:8d4b65ddbc] en [b:8d4b65ddbc]Windows XP[/b:8d4b65ddbc][/color:8d4b65ddbc]: start het tool middels dubbelklik op "[i:8d4b65ddbc] TDSSStarter .exe[/i:8d4b65ddbc]".
    [*:8d4b65ddbc][b:8d4b65ddbc]Windows Vista[/b:8d4b65ddbc][/color:8d4b65ddbc] en [b:8d4b65ddbc]Windows 7[/b:8d4b65ddbc][/color:8d4b65ddbc]: start het tool middels rechtsklik op "[i:8d4b65ddbc]TDSSStarter.exe[/i:8d4b65ddbc]" en dan kiezen voor [i:8d4b65ddbc][b:8d4b65ddbc]Als Administrator uitvoeren[/b:8d4b65ddbc][/i:8d4b65ddbc].[/list:u:8d4b65ddbc]

    [*:8d4b65ddbc]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
    [*:8d4b65ddbc]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:8d4b65ddbc]


    [b:8d4b65ddbc]Stap •2•[/b:8d4b65ddbc][/color:8d4b65ddbc]
    [b:8d4b65ddbc]Welk programma[/b:8d4b65ddbc]: ComboFix
    [b:8d4b65ddbc]Waarvoor/waarom[/b:8d4b65ddbc]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:8d4b65ddbc]Moeilijkheidsgraad[/b:8d4b65ddbc]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:8d4b65ddbc]Downloadlokatie[/b:8d4b65ddbc]: Dit programma absoluut naar het bureaublad downloaden!
    [b:8d4b65ddbc]Download ComboFix via één van deze locaties[/b:8d4b65ddbc]:
    [list:8d4b65ddbc][*:8d4b65ddbc][b:8d4b65ddbc]Bleepingcomputer[/b:8d4b65ddbc]
    [*:8d4b65ddbc][b:8d4b65ddbc]ForoSpyware[/b:8d4b65ddbc]
    [*:8d4b65ddbc][b:8d4b65ddbc]Geekstogo[/b:8d4b65ddbc][/list:u:8d4b65ddbc]
    [b:8d4b65ddbc]Hier[/b:8d4b65ddbc] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:8d4b65ddbc]Hier[/b:8d4b65ddbc] en [b:8d4b65ddbc]hier[/b:8d4b65ddbc] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:8d4b65ddbc]Voor alle duidelijkheid nogmaals[/b:8d4b65ddbc]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:8d4b65ddbc]Opmerkingen[/b:8d4b65ddbc]:
    [list:8d4b65ddbc][*:8d4b65ddbc] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
    Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:8d4b65ddbc]
    [b:8d4b65ddbc]ComboFix opstarten[/b:8d4b65ddbc]:
    [list:8d4b65ddbc][*:8d4b65ddbc] [b:8d4b65ddbc]Sluit nu eerst alle nog openstaande programmavensters![/color:8d4b65ddbc][/b:8d4b65ddbc]
    [list:8d4b65ddbc][*:8d4b65ddbc][b:8d4b65ddbc]Windows 2000[/color:8d4b65ddbc][/b:8d4b65ddbc] en [b:8d4b65ddbc]Windows XP[/b:8d4b65ddbc][/color:8d4b65ddbc]: start ComboFix.exe middels dubbelklik op ComboFix.exe.
    [*:8d4b65ddbc][b:8d4b65ddbc]Windows Vista[/b:8d4b65ddbc][/color:8d4b65ddbc] en [b:8d4b65ddbc]Windows 7[/b:8d4b65ddbc][/color:8d4b65ddbc]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:8d4b65ddbc][b:8d4b65ddbc]Als Administrator uitvoeren[/b:8d4b65ddbc][/i:8d4b65ddbc].[/list:u:8d4b65ddbc][/list:u:8d4b65ddbc]
    [b:8d4b65ddbc]ComboFix is opgestart[/b:8d4b65ddbc]:
    [list:8d4b65ddbc][*:8d4b65ddbc]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:8d4b65ddbc]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
    [*:8d4b65ddbc]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:8d4b65ddbc]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:8d4b65ddbc]Post de inhoud van dit logbestand in je volgende bericht.
    [*:8d4b65ddbc]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:8d4b65ddbc]
    [b:8d4b65ddbc]Belangrijke opmerking[/b:8d4b65ddbc]:
    [list:8d4b65ddbc][*:8d4b65ddbc][b:8d4b65ddbc]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:8d4b65ddbc][/b:8d4b65ddbc]
    [*:8d4b65ddbc][b:8d4b65ddbc]Illegal operation attempted on a registery key that has been marked for deletion.[/color:8d4b65ddbc][/b:8d4b65ddbc]
    [*:8d4b65ddbc][b:8d4b65ddbc]Start dan de computer opnieuw op.[/color:8d4b65ddbc][/b:8d4b65ddbc][/list:u:8d4b65ddbc]

    [b:8d4b65ddbc]Stap •3•[/b:8d4b65ddbc][/color:8d4b65ddbc]
    [b:8d4b65ddbc]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:8d4b65ddbc]
    [list:8d4b65ddbc][*:8d4b65ddbc] TDSSKStarter-log
    [*:8d4b65ddbc] ComboFix.txt-log
    [/list:u:8d4b65ddbc]
  • Tdssstarter was zo klaar de log.

    Maar combofix, daar is hij al meer dan een halfuur bezig om het log rapport te voorbereiden.

    kan dat kloppen.

    dit doe ik nu eventjes via de laptop.
  • Dat kan inderdaad even duren!
  • Hij is nog steeds bezig, tis maar goed

    dat ik morgen vrij ben.
  • Dat duurt te lang.

    Laat je PC maar opnieuw opstarten en kijk dan of er in C:\ een Combofix.txt te vinden is.
  • Oke, opnieuw opgestart.

    Hier bij de Log

    21:10:37.0992 5552 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
    21:10:37.0992 5552 ============================================================
    21:10:37.0992 5552 Current date / time: 2012/02/23 21:10:37.0992
    21:10:37.0992 5552 SystemInfo:
    21:10:37.0992 5552
    21:10:37.0992 5552 OS Version: 6.1.7601 ServicePack: 1.0
    21:10:37.0992 5552 Product type: Workstation
    21:10:37.0992 5552 ComputerName: XIIT-X
    21:10:38.0008 5552 UserName: Gebruiker
    21:10:38.0008 5552 Windows directory: C:\Windows
    21:10:38.0008 5552 System windows directory: C:\Windows
    21:10:38.0008 5552 Processor architecture: Intel x86
    21:10:38.0008 5552 Number of processors: 4
    21:10:38.0008 5552 Page size: 0x1000
    21:10:38.0008 5552 Boot type: Normal boot
    21:10:38.0008 5552 ============================================================
    21:10:40.0510 5552 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    21:10:40.0526 5552 \Device\Harddisk0\DR0:
    21:10:40.0526 5552 MBR used
    21:10:40.0526 5552 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    21:10:40.0526 5552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB000
    21:10:40.0822 5552 Initialize success
    21:10:40.0822 5552 ============================================================
    21:10:40.0869 5336 ============================================================
    21:10:40.0869 5336 Scan started
    21:10:40.0869 5336 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    21:10:40.0869 5336 ============================================================
    21:10:44.0083 5336 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
    21:10:44.0395 5336 1394ohci - ok
    21:10:44.0722 5336 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
    21:10:44.0769 5336 ACPI - ok
    21:10:45.0019 5336 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
    21:10:45.0206 5336 AcpiPmi - ok
    21:10:45.0549 5336 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    21:10:45.0596 5336 adp94xx - ok
    21:10:45.0799 5336 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    21:10:45.0846 5336 adpahci - ok
    21:10:46.0048 5336 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    21:10:46.0095 5336 adpu320 - ok
    21:10:46.0360 5336 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
    21:10:46.0470 5336 AFD - ok
    21:10:46.0657 5336 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
    21:10:46.0688 5336 agp440 - ok
    21:10:46.0782 5336 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    21:10:46.0813 5336 aic78xx - ok
    21:10:47.0109 5336 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
    21:10:47.0125 5336 aliide - ok
    21:10:47.0234 5336 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
    21:10:47.0281 5336 amdagp - ok
    21:10:47.0499 5336 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
    21:10:47.0530 5336 amdide - ok
    21:10:47.0686 5336 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    21:10:47.0780 5336 AmdK8 - ok
    21:10:47.0952 5336 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    21:10:47.0998 5336 AmdPPM - ok
    21:10:48.0123 5336 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
    21:10:48.0154 5336 amdsata - ok
    21:10:48.0232 5336 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    21:10:48.0279 5336 amdsbs - ok
    21:10:48.0404 5336 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
    21:10:48.0435 5336 amdxata - ok
    21:10:48.0576 5336 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
    21:10:48.0638 5336 AppID - ok
    21:10:49.0044 5336 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    21:10:49.0075 5336 arc - ok
    21:10:49.0215 5336 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    21:10:49.0262 5336 arcsas - ok
    21:10:49.0371 5336 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:10:49.0808 5336 AsyncMac - ok
    21:10:50.0026 5336 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
    21:10:50.0058 5336 atapi - ok
    21:10:50.0463 5336 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    21:10:50.0557 5336 b06bdrv - ok
    21:10:50.0760 5336 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    21:10:50.0822 5336 b57nd60x - ok
    21:10:50.0994 5336 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    21:10:51.0118 5336 Beep - ok
    21:10:51.0259 5336 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    21:10:51.0274 5336 blbdrive - ok
    21:10:51.0352 5336 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
    21:10:51.0399 5336 bowser - ok
    21:10:51.0415 5336 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    21:10:51.0477 5336 BrFiltLo - ok
    21:10:51.0477 5336 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    21:10:51.0524 5336 BrFiltUp - ok
    21:10:51.0633 5336 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    21:10:51.0696 5336 Brserid - ok
    21:10:51.0711 5336 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    21:10:51.0742 5336 BrSerWdm - ok
    21:10:51.0774 5336 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:10:51.0805 5336 BrUsbMdm - ok
    21:10:51.0820 5336 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    21:10:51.0852 5336 BrUsbSer - ok
    21:10:51.0883 5336 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    21:10:51.0898 5336 BTHMODEM - ok
    21:10:51.0976 5336 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    21:10:52.0008 5336 cdfs - ok
    21:10:52.0086 5336 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
    21:10:52.0148 5336 cdrom - ok
    21:10:52.0195 5336 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    21:10:52.0226 5336 circlass - ok
    21:10:52.0257 5336 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    21:10:52.0273 5336 CLFS - ok
    21:10:52.0382 5336 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:10:52.0398 5336 CmBatt - ok
    21:10:52.0522 5336 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
    21:10:52.0538 5336 cmdide - ok
    21:10:52.0616 5336 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
    21:10:52.0647 5336 CNG - ok
    21:10:52.0678 5336 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    21:10:52.0694 5336 Compbatt - ok
    21:10:52.0772 5336 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
    21:10:52.0803 5336 CompositeBus - ok
    21:10:52.0959 5336 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
    21:10:52.0975 5336 cpuz135 - ok
    21:10:53.0006 5336 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    21:10:53.0022 5336 crcdisk - ok
    21:10:53.0100 5336 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
    21:10:53.0131 5336 DfsC - ok
    21:10:53.0162 5336 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    21:10:53.0193 5336 discache - ok
    21:10:53.0240 5336 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    21:10:53.0256 5336 Disk - ok
    21:10:53.0334 5336 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    21:10:53.0365 5336 drmkaud - ok
    21:10:53.0443 5336 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
    21:10:53.0474 5336 DXGKrnl - ok
    21:10:53.0599 5336 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    21:10:53.0708 5336 ebdrv - ok
    21:10:53.0848 5336 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    21:10:53.0864 5336 elxstor - ok
    21:10:53.0911 5336 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
    21:10:53.0926 5336 ErrDev - ok
    21:10:53.0989 5336 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    21:10:54.0020 5336 exfat - ok
    21:10:54.0114 5336 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    21:10:54.0160 5336 fastfat - ok
    21:10:54.0207 5336 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    21:10:54.0238 5336 fdc - ok
    21:10:54.0270 5336 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    21:10:54.0285 5336 FileInfo - ok
    21:10:54.0363 5336 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    21:10:54.0457 5336 Filetrace - ok
    21:10:54.0706 5336 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:10:54.0738 5336 flpydisk - ok
    21:10:54.0784 5336 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    21:10:54.0800 5336 FltMgr - ok
    21:10:54.0831 5336 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    21:10:54.0831 5336 FsDepends - ok
    21:10:54.0847 5336 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    21:10:54.0862 5336 Fs_Rec - ok
    21:10:54.0925 5336 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
    21:10:54.0940 5336 fvevol - ok
    21:10:54.0972 5336 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    21:10:54.0987 5336 gagp30kx - ok
    21:10:55.0018 5336 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    21:10:55.0034 5336 hcw85cir - ok
    21:10:55.0096 5336 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
    21:10:55.0128 5336 HdAudAddService - ok
    21:10:55.0190 5336 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
    21:10:55.0206 5336 HDAudBus - ok
    21:10:55.0252 5336 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    21:10:55.0284 5336 HidBatt - ok
    21:10:55.0315 5336 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    21:10:55.0330 5336 HidBth - ok
    21:10:55.0424 5336 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    21:10:55.0440 5336 HidIr - ok
    21:10:55.0549 5336 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
    21:10:55.0580 5336 HidUsb - ok
    21:10:55.0627 5336 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
    21:10:55.0642 5336 HpSAMD - ok
    21:10:55.0720 5336 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
    21:10:55.0798 5336 HTTP - ok
    21:10:55.0845 5336 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
    21:10:55.0876 5336 hwpolicy - ok
    21:10:55.0970 5336 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
    21:10:56.0032 5336 i8042prt - ok
    21:10:56.0095 5336 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
    21:10:56.0126 5336 iaStorV - ok
    21:10:56.0157 5336 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    21:10:56.0173 5336 iirsp - ok
    21:10:56.0220 5336 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
    21:10:56.0251 5336 intelide - ok
    21:10:56.0298 5336 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    21:10:56.0360 5336 intelppm - ok
    21:10:56.0391 5336 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:10:56.0438 5336 IpFilterDriver - ok
    21:10:56.0516 5336 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
    21:10:56.0594 5336 IPMIDRV - ok
    21:10:56.0625 5336 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    21:10:56.0734 5336 IPNAT - ok
    21:10:56.0797 5336 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    21:10:56.0859 5336 IRENUM - ok
    21:10:56.0906 5336 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
    21:10:56.0953 5336 isapnp - ok
    21:10:57.0000 5336 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
    21:10:57.0031 5336 iScsiPrt - ok
    21:10:57.0109 5336 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    21:10:57.0156 5336 kbdclass - ok
    21:10:57.0202 5336 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
    21:10:57.0249 5336 kbdhid - ok
    21:10:57.0343 5336 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
    21:10:57.0374 5336 KL1 - ok
    21:10:57.0436 5336 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
    21:10:57.0468 5336 kl2 - ok
    21:10:57.0530 5336 KLIF (af04d0ce7939324e9a605b159295706c) C:\Windows\system32\DRIVERS\klif.sys
    21:10:57.0577 5336 KLIF - ok
    21:10:57.0639 5336 KLIM6 (6295a19003f935ecc6ccbe9e2376427b) C:\Windows\system32\DRIVERS\klim6.sys
    21:10:57.0670 5336 KLIM6 - ok
    21:10:57.0748 5336 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
    21:10:57.0780 5336 klmouflt - ok
    21:10:57.0826 5336 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
    21:10:57.0858 5336 KSecDD - ok
    21:10:57.0904 5336 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
    21:10:57.0936 5336 KSecPkg - ok
    21:10:57.0967 5336 L8042Kbd (d88846f9f4f27ae9be584a6e5b6b8753) C:\Windows\system32\DRIVERS\L8042Kbd.sys
    21:10:57.0998 5336 L8042Kbd - ok
    21:10:58.0107 5336 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
    21:10:58.0154 5336 LHidFilt - ok
    21:10:58.0216 5336 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    21:10:58.0279 5336 lltdio - ok
    21:10:58.0310 5336 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
    21:10:58.0341 5336 LMouFilt - ok
    21:10:58.0388 5336 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    21:10:58.0404 5336 LSI_FC - ok
    21:10:58.0466 5336 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    21:10:58.0497 5336 LSI_SAS - ok
    21:10:58.0716 5336 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    21:10:58.0731 5336 LSI_SAS2 - ok
    21:10:58.0762 5336 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    21:10:58.0778 5336 LSI_SCSI - ok
    21:10:58.0809 5336 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    21:10:58.0856 5336 luafv - ok
    21:10:58.0903 5336 LUsbFilt (77030525cd86a93f1af34fa9b96d33ce) C:\Windows\system32\Drivers\LUsbFilt.Sys
    21:10:58.0903 5336 LUsbFilt - ok
    21:10:59.0012 5336 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
    21:10:59.0043 5336 MBAMProtector - ok
    21:10:59.0340 5336 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    21:10:59.0371 5336 megasas - ok
    21:10:59.0496 5336 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    21:11:00.0416 5336 MegaSR - ok
    21:11:00.0744 5336 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    21:11:04.0176 5336 Modem - ok
    21:11:04.0332 5336 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    21:11:04.0363 5336 monitor - ok
    21:11:04.0425 5336 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    21:11:04.0441 5336 mouclass - ok
    21:11:04.0519 5336 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    21:11:04.0550 5336 mouhid - ok
    21:11:04.0644 5336 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
    21:11:04.0659 5336 mountmgr - ok
    21:11:04.0753 5336 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
    21:11:04.0800 5336 mpio - ok
    21:11:05.0096 5336 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    21:11:05.0158 5336 mpsdrv - ok
    21:11:05.0330 5336 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
    21:11:05.0392 5336 MRxDAV - ok
    21:11:05.0704 5336 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:11:05.0829 5336 mrxsmb - ok
    21:11:06.0110 5336 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:11:06.0157 5336 mrxsmb10 - ok
    21:11:06.0547 5336 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:11:06.0578 5336 mrxsmb20 - ok
    21:11:07.0015 5336 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
    21:11:07.0015 5336 msahci - ok
    21:11:07.0296 5336 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
    21:11:07.0311 5336 msdsm - ok
    21:11:07.0623 5336 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    21:11:07.0670 5336 Msfs - ok
    21:11:07.0904 5336 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    21:11:07.0982 5336 mshidkmdf - ok
    21:11:08.0122 5336 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
    21:11:08.0154 5336 msisadrv - ok
    21:11:08.0824 5336 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    21:11:08.0996 5336 MSKSSRV - ok
    21:11:09.0308 5336 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:11:09.0729 5336 MSPCLOCK - ok
    21:11:09.0823 5336 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    21:11:09.0885 5336 MSPQM - ok
    21:11:10.0182 5336 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    21:11:10.0228 5336 MsRPC - ok
    21:11:10.0431 5336 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
    21:11:10.0447 5336 mssmbios - ok
    21:11:10.0572 5336 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    21:11:10.0650 5336 MSTEE - ok
    21:11:10.0821 5336 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    21:11:10.0899 5336 MTConfig - ok
    21:11:11.0055 5336 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys
    21:11:11.0133 5336 MTsensor - ok
    21:11:11.0258 5336 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    21:11:11.0289 5336 Mup - ok
    21:11:11.0430 5336 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS
    wifi.sys
    21:11:11.0492 5336 NativeWifiP - ok
    21:11:11.0601 5336 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers
    dis.sys
    21:11:11.0648 5336 NDIS - ok
    21:11:11.0866 5336 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS
    discap.sys
    21:11:11.0960 5336 NdisCap - ok
    21:11:12.0319 5336 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS
    distapi.sys
    21:11:12.0397 5336 NdisTapi - ok
    21:11:12.0787 5336 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS
    disuio.sys
    21:11:12.0865 5336 Ndisuio - ok
    21:11:13.0192 5336 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS
    diswan.sys
    21:11:13.0239 5336 NdisWan - ok
    21:11:13.0551 5336 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
    21:11:13.0629 5336 NDProxy - ok
    21:11:14.0019 5336 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS
    etbios.sys
    21:11:14.0082 5336 NetBIOS - ok
    21:11:14.0394 5336 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS
    etbt.sys
    21:11:14.0487 5336 NetBT - ok
    21:11:15.0049 5336 netr28 (652881f65b35564575255a0e05e23c55) C:\Windows\system32\DRIVERS
    etr28.sys
    21:11:15.0205 5336 netr28 - ok
    21:11:15.0922 5336 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS
    frd960.sys
    21:11:15.0969 5336 nfrd960 - ok
    21:11:16.0546 5336 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    21:11:16.0656 5336 Npfs - ok
    21:11:16.0921 5336 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers
    siproxy.sys
    21:11:16.0999 5336 nsiproxy - ok
    21:11:17.0389 5336 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
    21:11:17.0498 5336 Ntfs - ok
    21:11:17.0841 5336 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    21:11:17.0919 5336 Null - ok
    21:11:18.0247 5336 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS
    vm62x32.sys
    21:11:18.0294 5336 NVENETFD - ok
    21:11:18.0699 5336 NVHDA (96c27791d5ae5c77e37c61b15112e38d) C:\Windows\system32\drivers
    vhda32v.sys
    21:11:18.0730 5336 NVHDA - ok
    21:11:19.0744 5336 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS
    vlddmkm.sys
    21:11:20.0103 5336 nvlddmkm - ok
    21:11:20.0337 5336 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS
    vmf6232.sys
    21:11:20.0353 5336 NVNET - ok
    21:11:20.0446 5336 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers
    vraid.sys
    21:11:20.0493 5336 nvraid - ok
    21:11:20.0852 5336 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS
    vsmu.sys
    21:11:20.0914 5336 nvsmu - ok
    21:11:21.0055 5336 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers
    vstor.sys
    21:11:21.0117 5336 nvstor - ok
    21:11:21.0258 5336 nvstor32 (032ef66dd96692ad3a9d36160f467f67) C:\Windows\system32\DRIVERS
    vstor32.sys
    21:11:21.0289 5336 nvstor32 - ok
    21:11:21.0398 5336 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers
    v_agp.sys
    21:11:21.0445 5336 nv_agp - ok
    21:11:21.0554 5336 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
    21:11:21.0648 5336 ohci1394 - ok
    21:11:22.0256 5336 OlyCamComm (f4cb9c1991314b1352ddbd8a968e4471) C:\Windows\system32\DRIVERS\OlyCamComm.sys
    21:11:22.0287 5336 OlyCamComm - ok
    21:11:23.0020 5336 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    21:11:23.0036 5336 Parport - ok
    21:11:23.0176 5336 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
    21:11:23.0176 5336 partmgr - ok
    21:11:23.0332 5336 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    21:11:23.0379 5336 Parvdm - ok
    21:11:23.0551 5336 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
    21:11:23.0566 5336 pci - ok
    21:11:23.0598 5336 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
    21:11:23.0613 5336 pciide - ok
    21:11:23.0722 5336 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    21:11:23.0769 5336 pcmcia - ok
    21:11:24.0050 5336 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    21:11:24.0081 5336 pcw - ok
    21:11:24.0268 5336 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    21:11:24.0362 5336 PEAUTH - ok
    21:11:24.0612 5336 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    21:11:24.0690 5336 PptpMiniport - ok
    21:11:24.0939 5336 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    21:11:25.0033 5336 Processor - ok
    21:11:25.0236 5336 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    21:11:25.0345 5336 Psched - ok
    21:11:25.0548 5336 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    21:11:25.0594 5336 ql2300 - ok
    21:11:25.0641 5336 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    21:11:25.0672 5336 ql40xx - ok
    21:11:25.0860 5336 qtsmon (c9e96ed9df5b260806f6ec041662bf0f) C:\Windows\system32\drivers\qtsmon.sys
    21:11:26.0109 5336 qtsmon - ok
    21:11:26.0203 5336 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    21:11:26.0265 5336 QWAVEdrv - ok
    21:11:26.0343 5336 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    21:11:26.0499 5336 RasAcd - ok
    21:11:26.0811 5336 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:11:26.0998 5336 RasAgileVpn - ok
    21:11:27.0123 5336 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:11:27.0186 5336 Rasl2tp - ok
    21:11:27.0248 5336 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:11:27.0295 5336 RasPppoe - ok
    21:11:27.0342 5336 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    21:11:27.0420 5336 RasSstp - ok
    21:11:27.0482 5336 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
    21:11:27.0576 5336 rdbss - ok
    21:11:27.0622 5336 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    21:11:27.0669 5336 rdpbus - ok
    21:11:27.0716 5336 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:11:27.0778 5336 RDPCDD - ok
    21:11:27.0841 5336 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    21:11:27.0903 5336 RDPENCDD - ok
    21:11:27.0950 5336 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    21:11:27.0981 5336 RDPREFMP - ok
    21:11:28.0059 5336 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
    21:11:28.0106 5336 RDPWD - ok
    21:11:28.0184 5336 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
    21:11:28.0231 5336 rdyboost - ok
    21:11:28.0356 5336 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    21:11:28.0449 5336 rspndr - ok
    21:11:28.0558 5336 RTL8192cu (ee2996714b6b12dd4aa2ea65f39b80d3) C:\Windows\system32\DRIVERS\RTL8192cu.sys
    21:11:28.0668 5336 RTL8192cu - ok
    21:11:28.0730 5336 RTLWUSB (691db86b09e13ca5d3e8881141738cc5) C:\Windows\system32\DRIVERS\wg111v2.sys
    21:11:28.0777 5336 RTLWUSB - ok
    21:11:28.0902 5336 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    21:11:28.0933 5336 SASDIFSV - ok
    21:11:29.0026 5336 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    21:11:29.0058 5336 SASKUTIL - ok
    21:11:29.0182 5336 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
    21:11:29.0229 5336 sbp2port - ok
    21:11:29.0292 5336 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
    21:11:29.0401 5336 scfilter - ok
    21:11:29.0494 5336 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    21:11:29.0541 5336 secdrv - ok
    21:11:29.0588 5336 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    21:11:29.0635 5336 Serenum - ok
    21:11:29.0682 5336 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    21:11:29.0728 5336 Serial - ok
    21:11:29.0838 5336 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    21:11:29.0869 5336 sermouse - ok
    21:11:29.0931 5336 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
    21:11:30.0009 5336 sffdisk - ok
    21:11:30.0040 5336 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
    21:11:30.0056 5336 sffp_mmc - ok
    21:11:30.0072 5336 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
    21:11:30.0103 5336 sffp_sd - ok
    21:11:30.0150 5336 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    21:11:30.0196 5336 sfloppy - ok
    21:11:30.0274 5336 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
    21:11:30.0306 5336 sisagp - ok
    21:11:30.0352 5336 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    21:11:30.0384 5336 SiSRaid2 - ok
    21:11:30.0399 5336 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    21:11:30.0446 5336 SiSRaid4 - ok
    21:11:30.0477 5336 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    21:11:30.0555 5336 Smb - ok
    21:11:30.0633 5336 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    21:11:30.0664 5336 spldr - ok
    21:11:30.0727 5336 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
    21:11:30.0805 5336 srv - ok
    21:11:30.0883 5336 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
    21:11:30.0930 5336 srv2 - ok
    21:11:31.0008 5336 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
    21:11:31.0070 5336 srvnet - ok
    21:11:31.0148 5336 StarOpen - ok
    21:11:31.0210 5336 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    21:11:31.0242 5336 stexstor - ok
    21:11:31.0366 5336 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
    21:11:31.0398 5336 swenum - ok
    21:11:31.0507 5336 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
    21:11:31.0585 5336 Tcpip - ok
    21:11:31.0694 5336 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
    21:11:31.0772 5336 TCPIP6 - ok
    21:11:31.0959 5336 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
    21:11:32.0053 5336 tcpipreg - ok
    21:11:32.0443 5336 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
    21:11:32.0583 5336 TDPIPE - ok
    21:11:32.0599 5336 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
    21:11:32.0708 5336 TDTCP - ok
    21:11:32.0739 5336 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
    21:11:32.0786 5336 tdx - ok
    21:11:32.0848 5336 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
    21:11:32.0880 5336 TermDD - ok
    21:11:32.0958 5336 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:11:33.0067 5336 tssecsrv - ok
    21:11:33.0145 5336 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
    21:11:33.0207 5336 TsUsbFlt - ok
    21:11:33.0410 5336 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
    21:11:33.0504 5336 tunnel - ok
    21:11:33.0582 5336 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    21:11:33.0613 5336 uagp35 - ok
    21:11:33.0691 5336 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
    21:11:33.0784 5336 udfs - ok
    21:11:33.0862 5336 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
    21:11:33.0894 5336 uliagpkx - ok
    21:11:33.0956 5336 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
    21:11:34.0003 5336 umbus - ok
    21:11:34.0065 5336 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    21:11:34.0143 5336 UmPass - ok
    21:11:34.0252 5336 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:11:34.0330 5336 usbccgp - ok
    21:11:34.0424 5336 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
    21:11:34.0471 5336 usbcir - ok
    21:11:34.0549 5336 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
    21:11:34.0611 5336 usbehci - ok
    21:11:34.0705 5336 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
    21:11:34.0736 5336 usbhub - ok
    21:11:34.0830 5336 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
    21:11:34.0876 5336 usbohci - ok
    21:11:34.0970 5336 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    21:11:35.0032 5336 usbprint - ok
    21:11:35.0110 5336 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    21:11:35.0173 5336 usbscan - ok
    21:11:35.0235 5336 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:11:35.0329 5336 USBSTOR - ok
    21:11:35.0391 5336 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
    21:11:35.0469 5336 usbuhci - ok
    21:11:35.0532 5336 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
    21:11:35.0578 5336 vdrvroot - ok
    21:11:35.0610 5336 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:11:35.0688 5336 vga - ok
    21:11:35.0703 5336 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    21:11:35.0766 5336 VgaSave - ok
    21:11:35.0812 5336 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
    21:11:35.0828 5336 vhdmp - ok
    21:11:35.0922 5336 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
    21:11:35.0953 5336 viaagp - ok
    21:11:36.0078 5336 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    21:11:36.0140 5336 ViaC7 - ok
    21:11:36.0249 5336 VIAHdAudAddService (4906e025dd6b322c4bbd6b9e35c9993a) C:\Windows\system32\drivers\viahduaa.sys
    21:11:36.0358 5336 VIAHdAudAddService - ok
    21:11:36.0421 5336 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
    21:11:36.0468 5336 viaide - ok
    21:11:36.0530 5336 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
    21:11:36.0561 5336 volmgr - ok
    21:11:36.0639 5336 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    21:11:36.0655 5336 volmgrx - ok
    21:11:36.0717 5336 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
    21:11:36.0764 5336 volsnap - ok
    21:11:36.0842 5336 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    21:11:36.0873 5336 vsmraid - ok
    21:11:36.0889 5336 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
    21:11:36.0904 5336 vwifibus - ok
    21:11:36.0967 5336 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
    21:11:37.0029 5336 vwififlt - ok
    21:11:37.0060 5336 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    21:11:37.0107 5336 WacomPen - ok
    21:11:37.0185 5336 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    21:11:37.0263 5336 WANARP - ok
    21:11:37.0263 5336 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    21:11:37.0294 5336 Wanarpv6 - ok
    21:11:37.0388 5336 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    21:11:37.0435 5336 Wd - ok
    21:11:37.0497 5336 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    21:11:37.0528 5336 Wdf01000 - ok
    21:11:37.0731 5336 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    21:11:37.0809 5336 WfpLwf - ok
    21:11:37.0856 5336 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    21:11:37.0887 5336 WIMMount - ok
    21:11:38.0059 5336 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
    21:11:38.0121 5336 WinUsb - ok
    21:11:38.0230 5336 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
    21:11:38.0293 5336 WmiAcpi - ok
    21:11:38.0355 5336 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    21:11:38.0433 5336 ws2ifsl - ok
    21:11:38.0542 5336 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
    21:11:38.0620 5336 WudfPf - ok
    21:11:38.0714 5336 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    21:11:39.0182 5336 \Device\Harddisk0\DR0 - ok
    21:11:39.0244 5336 Boot (0x1200) (91a6dd1628fea5b979296b2a4b5657c2) \Device\Harddisk0\DR0\Partition0
    21:11:39.0260 5336 \Device\Harddisk0\DR0\Partition0 - ok
    21:11:39.0276 5336 Boot (0x1200) (bf8a8d110c1f794eef528f2a2494a4c7) \Device\Harddisk0\DR0\Partition1
    21:11:39.0276 5336 \Device\Harddisk0\DR0\Partition1 - ok
    21:11:39.0276 5336 ============================================================
    21:11:39.0276 5336 Scan finished
    21:11:39.0276 5336 ============================================================
    21:11:40.0383 2032 Deinitialize success

    ==============================================
    Last Created System Restore Point
    ==============================================
    RP454: 17-2-2012 21:10:19 - Windows Update
    ==============================================

    Older logs
    ==============================================
    C:\TDSSKiller.2.5.17.0_25.01.2012_21.19.59_log.txt
    C:\TDSSKiller.2.7.7.0_25.01.2012_21.20.52_log.txt
    ==============================================
    EOF




    En van Combo staat er alleen

    ComboFix bestandsmap

    en verder niets.
  • Goed, Combofix is dus de eerste keer gecrasht.
    Had jij Kaspersky wel goed kunnen deactiveren?

    Ga nu in ieder geval door met het volgende:

    Download de [b:8cf99344bd]Emsisoft Emergency Kit[/color:8cf99344bd][/b:8cf99344bd] naar het bureaublad en pak het [b:8cf99344bd]ZIP[/b:8cf99344bd] bestand uit.
    [list:8cf99344bd]
    [*:8cf99344bd] Open de map "[b:8cf99344bd]EmsisoftEmergencyKit[/b:8cf99344bd]" en dubbelklik op "[b:8cf99344bd]Start.exe[/b:8cf99344bd]"
    [*:8cf99344bd] Klik nu op "[b:8cf99344bd]Emergency Kit Scanner[/b:8cf99344bd]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:8cf99344bd]Ja[/b:8cf99344bd]"
    [img:8cf99344bd]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:8cf99344bd]
    [*:8cf99344bd] Als de update gereed is en de melding "[b:8cf99344bd]Update process is succesvol afgerond[/b:8cf99344bd]" verschijnt klikt u op "[b:8cf99344bd]menu[/b:8cf99344bd]" en dan op "[b:8cf99344bd]Scan PC[/b:8cf99344bd]"
    [*:8cf99344bd] Selecteer de optie "[b:8cf99344bd]Diep[/b:8cf99344bd]" als deze niet standaard al zo is ingesteld.
    [*:8cf99344bd] Klik Nu op de knop "[b:8cf99344bd]Scan[/b:8cf99344bd]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
    [*:8cf99344bd] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.

    Opmerking:

    Als u deze melding ziet.

    [b:8cf99344bd]C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK [/b:8cf99344bd]

    Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor [b:8cf99344bd] "Versturen als vals alarm (False Positive)".[/b:8cf99344bd]


    [*:8cf99344bd] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:8cf99344bd]verwijder geselecteerde[/b:8cf99344bd]" u zal nu de volgende melding krijgen maar klik hier op "[b:8cf99344bd]Ja[/b:8cf99344bd]"
    [img:8cf99344bd]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:8cf99344bd]
    [*:8cf99344bd] Als het verwijderen gereed is klikt u op de knop "[b:8cf99344bd]View report[/b:8cf99344bd]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:8cf99344bd]a2scan_110730-111615.txt[/b:8cf99344bd]
    [*:8cf99344bd] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
    [*:8cf99344bd] Herstart nu de computer.[/list:u:8cf99344bd]
  • Goedemorgen

    Ben tot nu al weer super blij ,dat ik deze topic geopend heb.

    Door Tdsss of Combofix.
    Werkt nu vastmaken aan de taakbalk ook weer.
    en deze ook zie topic
    http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=216061

    Nu is hij aan het scannen met
    Emisoft Emergency Kit
  • Hoi Klaas, geef in geval de credits maar aan ComboFix.
    Jammer alleen dat er geen log is.
  • Zo ben er weer

    Wat ComboFix betreft had ik Kaspersky wel goed gedectateerd.

    Hier bij de log Emisoft

    Emsisoft Emergency Kit - Versie 1.0
    Laatste Update: 24-2-2012 9:41:39

    Scaninstellingen:

    Scantype: Diepe Scan
    Objecten: Geheugen, Sporen, Cookies, C:\
    Scan archieven: Aan
    Heuristieken: Uit
    ADS Scan: Aan

    Scan gestart: 24-2-2012 9:42:21

    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:66 Ontdekt: Trace.TrackingCookie.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:418 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:419 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2711 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2712 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:5454 Ontdekt: Trace.TrackingCookie.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8532 Ontdekt: Trace.TrackingCookie.fr.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8533 Ontdekt: Trace.TrackingCookie.fr.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14853 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14990 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14991 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:28570 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2

    Gescand

    Bestanden: 271530
    Sporen: 405133
    Cookies: 388
    Processen: 53

    Gevonden

    Bestanden: 0
    Sporen: 0
    Cookies: 14
    Processen: 0
    Registersleutels: 0

    Scan Geëindigd: 24-2-2012 11:26:14
    Scantijd: 1:43:53

    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:28570 Verwijderd Trace.TrackingCookie.statse.webtrendslive!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14990 Verwijderd Trace.TrackingCookie.stat.onestat!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14991 Verwijderd Trace.TrackingCookie.stat.onestat!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8532 Verwijderd Trace.TrackingCookie.fr.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:8533 Verwijderd Trace.TrackingCookie.fr.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:418 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:419 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2711 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:2712 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:14853 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:66 Verwijderd Trace.TrackingCookie.com!A2
    C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\cookies.sqlite:5454 Verwijderd Trace.TrackingCookie.com!A2

    Verwijderd

    Bestanden: 0
    Sporen: 0
    Cookies: 12
  • Alleen maar cookies gevonden!

    Doe het volgende nu:

    [b:30985a48ed]Welk programma[/b:30985a48ed]: sUbs [b:30985a48ed]dds.scr[/b:30985a48ed]
    [b:30985a48ed]Waarvoor/waarom[/b:30985a48ed]: DDS is een diagnosetool en maakt gebruik van scripts.
    [b:30985a48ed]Moeilijkheidsgraad[/b:30985a48ed]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:30985a48ed]Downloadlokatie[/b:30985a48ed]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
    [b:30985a48ed]Download[/b:30985a48ed] sUBs dds.scr [b:30985a48ed]hier[/b:30985a48ed]

    [img:30985a48ed]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:30985a48ed]

    [b:30985a48ed]sUBs dds.scr gebruiken[/b:30985a48ed]:
    [list:30985a48ed][*:30985a48ed][b:30985a48ed]Belangrijk[/b:30985a48ed]: deaktiveer eerst de antivirussoftware en de aktieve spywarescanners!
    [*:30985a48ed] [b:30985a48ed]Sluit vervolgens eerst alle nog openstaande programmavensters![/b:30985a48ed]
    [list:30985a48ed][*:30985a48ed]Windows 2000 en Windows XP: start sUBs dds.scr middels dubbelklik op de snelkoppeling.
    [*:30985a48ed]Windows Vista en Windows 7: start sUBs dds.scr rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:30985a48ed]
    [*:30985a48ed] Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt
    [*:30985a48ed] Kopieer en plak de gehele inhoud van de [b:30985a48ed]DDS-logfile[/b:30985a48ed] in jouw volgende bericht.
    [*:30985a48ed] Attach.txt post je pas wanneer ik er om vraag.[/list:u:30985a48ed]
  • Zal zo snel mogelijk die andere scan uitvoeren.

    Sorry, als dit goed bedoeld is.
    Maar ik heb van mij zelf net een ComboFix gedaan, en nu wou het wel.


    Zie log

    ComboFix 12-02-23.01 - Gebruiker 24-02-2012 12:06:03.5.4 - x86
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3071.1863 [GMT 1:00]
    Gestart vanuit: C:\Users\Gebruiker\Desktop\ComboFix.exe
    AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
    FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
    SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))


    —- Voorgaande Run ——-

    C:\Users\Gebruiker\90840413-6000-11D3-8CFE-0150048383C9\FILES\SETUP\OSE.EXE
    C:\Users\Gebruiker\90840413-6000-11D3-8CFE-0150048383C9\XLVIEW.MSI
    C:\Users\Gebruiker\90840413-6000-11D3-8CFE-0150048383C9\XLVIEWER.CAB
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Fleecetrui no 1.jpg
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Fleecetrui no 2.jpg
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Fleecetrui no 3.jpg
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek
    o 1.JPG
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek
    o 1a.JPG
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek
    o 1b.JPG
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek
    o 1c.JPG
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek
    o 1d.JPG
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek
    o 1e.JPG
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\sam no 1.jpg
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\sam no 2.jpg
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\sam no 3.jpg
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\2002_0110jeansbroek\Thumbs.db
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\FILES\SETUP\OSE.EXE
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\WDVIEWER.CAB
    C:\Users\Gebruiker\90850413-6000-11D3-8CFE-0150048383C9\WORDVIEW.MSI
    C:\Windows\isRS-000.tmp
    C:\Windows\IsUn0413.exe


    (((((((((((((((((((( Bestanden Gemaakt van 2012-01-24 to 2012-02-24 ))))))))))))))))))))))))))))))


    2012-02-24 11:13:39 . 2012-02-24 11:13:39 ——– d—–w- C:\Users\Public\AppData\Local\temp
    2012-02-24 11:13:39 . 2012-02-24 11:13:39 ——– d—–w- C:\Users\Default\AppData\Local\temp
    2012-02-24 10:56:37 . 2012-02-20 00:05:38 6552120 —-a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60667F2F-41B8-489D-9C0A-E71F7BB895CE}\mpengine.dll
    2012-02-23 20:25:58 . 2012-02-24 11:15:32 ——– d—–w- C:\Users\Gebruiker\AppData\Local\temp
    2012-02-23 20:10:32 . 2012-02-23 20:11:40 ——– d—–w- C:\TDSSStarter
    2012-02-23 16:12:32 . 2012-02-23 16:12:32 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\Gena01
    2012-02-17 19:26:09 . 2012-02-17 19:26:18 ——– d—–w- C:\Program Files\Cisco
    2012-02-17 19:24:32 . 2011-07-20 15:57:00 728064 —-a-w- C:\Windows\system32\drivers\RTL8192cu.sys
    2012-02-17 19:23:40 . 2009-03-31 13:31:22 380928 ——w- C:\Windows\RtlUI2.exe
    2012-02-17 19:23:39 . 2012-02-17 19:23:39 ——– d—–w- C:\Program Files\ICIDU
    2012-02-17 19:23:39 . 2010-12-01 08:31:18 451072 ——w- C:\Windows\system32\ISSRemoveSP.exe
    2012-02-17 19:23:39 . 2009-04-02 09:27:18 188416 ——w- C:\Windows\system32\RTLExtUI.dll
    2012-02-17 19:23:39 . 2008-07-01 11:31:16 614400 ——w- C:\Windows\system32\Rtlihvs.dll
    2012-02-15 12:57:20 . 2011-12-30 05:27:56 478720 —-a-w- C:\Windows\system32\timedate.cpl
    2012-02-15 12:57:16 . 2011-12-16 07:52:58 690688 —-a-w- C:\Windows\system32\msvcrt.dll
    2012-02-15 12:57:15 . 2012-01-04 08:58:41 442880 —-a-w- C:\Windows\system32
    tshrui.dll
    2012-02-15 12:57:14 . 2012-01-14 03:35:54 2343424 —-a-w- C:\Windows\system32\win32k.sys
    2012-02-07 20:32:02 . 2012-02-07 20:32:09 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\QuickScan
    2012-02-01 20:29:51 . 2012-02-01 20:30:08 414368 —-a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
    2012-01-31 22:06:56 . 2010-08-12 10:46:14 758784 —-a-w- C:\Windows\system32\cohelper.dll
    2012-01-31 22:06:56 . 2010-08-09 21:33:56 11164 —-a-w- C:\Windows\system32\drivers
    vphy.bin
    .


    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2012-01-29 04:10:42 . 2009-10-29 16:53:55 237072 ——w- C:\Windows\system32\MpSigStub.exe
    2012-01-22 16:34:27 . 2010-02-09 15:14:56 5852 –sha-w- C:\ProgramData\KGyGaAvL.sys
    2011-12-10 14:24:06 . 2009-12-08 16:49:00 20464 —-a-w- C:\Windows\system32\drivers\mbam.sys
    2011-11-27 17:36:31 . 2011-11-27 17:36:40 637848 —-a-w- C:\Windows\system32
    pdeployJava1.dll
    2011-11-27 17:36:31 . 2010-05-08 23:30:38 567184 —-a-w- C:\Windows\system32\deployJava1.dll
    2004-04-27 21:19:20 . 2004-04-27 21:19:20 233160 —-a-w- C:\Program Files\LISTOOL.EXE
    2012-02-19 13:20:31 . 2012-02-09 22:11:49 134104 —-a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))


    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    2012-01-03 15:31:28 1514152 —-a-w- C:\Program Files\Ask.com\GenericAskToolbar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2012-01-03 15:31:28 1514152]

    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 12:17:41 1174016]
    "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2011-09-07 17:07:48 522752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Standby"="c:\Program Files\Common Files\Corel\Standby\Standby.exe" [2010-01-07 12:09:38 105632]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 16:55:10 55824]
    "HDAudDeck"="C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 16:43:14 1486848]
    "EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 08:12:12 976320]
    "Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 13:53:18 460872]
    "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 07:37:53 843712]
    "ApnUpdater"="C:\Program Files\Ask.com\Updater\Updater.exe" [2012-01-03 15:31:34 1391272]
    "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 22:25:58 59240]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\LBTWlgn]
    2009-07-20 11:28:42 72208 —-a-w- c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    2012-02-03 19:59:00 4617600 —-a-w- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
    R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 10:10:02 3276800]
    R3 netr28;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista;C:\Windows\system32\DRIVERS
    etr28.sys [2009-07-13 22:02:53 530944]
    R3 OlyCamComm;OLYMPUS USB Communication Device;C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 13:58:26 21648]
    R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 20:37:50 4640000]
    R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\Windows\system32\DRIVERS\wg111v2.sys [2006-03-27 16:53:28 167808]
    R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 10:24:41 52224]
    R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-29 07:35:44 1343400]
    S1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys [2011-03-04 12:23:20 11352]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 17:36:18 23856]
    S1 qtsmon;qtsmon;C:\Windows\system32\drivers\qtsmon.sys [2010-12-05 20:58:25 72488]
    S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 16:27:02 12880]
    S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 21:55:22 67664]
    S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 23:52:04 48128]
    S2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 23:38:07 116608]
    S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 15:07:14 759048]
    S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 13:10:42 63928]
    S2 cpuz135;cpuz135;C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 14:35:30 21992]
    S2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 16:09:10 1253376]
    S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 13:53:18 652360]
    S2 Realtek11nCU;Realtek11nCU;C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtlService.exe [2010-04-16 15:10:58 36864]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Windows\System32
    vSCPAPISvr.exe [2009-07-08 08:40:00 239648]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19:27:16 19984]
    S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2011-12-10 14:24:06 20464]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers
    vhda32v.sys [2011-04-24 06:39:18 139368]
    S3 RTL8192cu;ICIDU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192cu.sys [2011-07-20 15:57:00 728064]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 18:17:44 1077760]


    Inhoud van de 'Gedeelde Taken' map

    2012-02-23 C:\Windows\Tasks\ParetoLogic Registration3.job
    - C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01:44 . 2009-10-12 05:01:44]

    2012-01-18 C:\Windows\Tasks\ParetoLogic Update Version3.job
    - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01:44 . 2009-10-12 05:01:44]

    2012-01-01 C:\Windows\Tasks\PC Health Advisor Defrag.job
    - C:\Program Files\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30:42 . 2011-10-25 21:30:42]

    2012-01-01 C:\Windows\Tasks\PC Health Advisor.job
    - C:\Program Files\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30:42 . 2011-10-25 21:30:42]

    2012-02-23 C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5266950a-7bbe-4fa4-8790-e905444a7905.job
    - C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52:29 . 2011-05-04 17:52:29]

    2012-01-17 C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 67e4716e-1758-4974-92fa-d5f088a0e513.job
    - C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52:29 . 2011-05-04 17:52:29]


    ——- Bijkomende Scan ——-

    uStart Page = hxxp://www.weerdirect.nl/
    IE: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{761FAEE5-5881-4875-B8A4-9B0153CD0BE4}: NameServer = 192.168.0.1,8.8.8.8
    FF - ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0puaba5v.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.weerdirect.nl/|about:home|about:addons|https://addons.mozilla.org/nl/firefox/extensions/privacy-security/|https://addons.mozilla.org/nl/firefox/extensions/bookmarks/|http://www.xmarks.com/firefox/success/4.0.5|http://www.weerdirect.nl/

    - - - - ORPHANS VERWIJDERD - - - -

    Toolbar-Locked - (no file)



    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\MpsSvc]
    "ImagePath"="."

    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{20182402-24ED-DBEE-0C047CC941A92C12}\{18337038-91FA-1511-718667CAE01F35A0}\{7E9CBDE1-C583-B4C7-27A5326796C918BF}*]
    "UVGVJYB6UQSPF6JR6UE1ONOSMA1"=hex:01,00,01,00,00,00,00,00,3c,a7,2e,28,c9,e8,26,
    60,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E20DD46F-0CC4-5960-1B1F69E13D145F9C}\{B130274E-D0E8-282B-E7F07B1EE1210709}\{71D795F0-66AF-00D6-EF71DCAC5CDD95C3}*]
    "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,ba,93,b4,
    48,97,f2,a9,9c,75,bc,f0,93,ac,98,e4,60,71,28,20,2a,8e,f3,66,89,de,ef,5f,0f,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EDCF6AC6-CDE0-1F6D-043771A983FAB740}\{0B884C8F-0AAB-F925-A63B97C7F3A43931}\{965D33BD-6599-2D1D-7E8A152D666CAEE5}*]
    "UVGVJYB6UQSPF6JR6UE1ONOSMA1"=hex:01,00,01,00,00,00,00,00,3c,a7,2e,28,c9,e8,26,
    60,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F64D8EBD-3DAE-BD3C-0991ACE292CAB5ED}\{17BB8CA8-D706-1AC7-CFA17C6657F849D4}\{8429EDDF-869B-0FCF-6695830B33322B0A}*]
    "{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,ba,93,b4,
    48,97,f2,a9,9c,75,bc,f0,93,ac,98,e4,60,71,28,20,2a,8e,f3,66,89,de,ef,5f,0f,\

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)

    ———————— Andere Aktieve Processen ————————

    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWlan.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\sppsvc.exe

    **************************************************************************

    Voltooingstijd: 2012-02-24 12:20:45 - machine werd herstart
    ComboFix-quarantined-files.txt 2012-02-24 11:20:38

    Pre-Run: 271.133.822.976 bytes beschikbaar
    Post-Run: 270.737.760.256 bytes beschikbaar

    - - End Of File - - 6DD91C283FB19554EFCC876C19D3A295
  • Ik vroeg iets anders, maar heb je nu hetzelfde Combofix bestand gebruikt?
  • Hier bij de log DDS

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.2.0
    Run by Gebruiker at 12:48:57 on 2012-02-24
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3071.1908 [GMT 1:00]
    .
    AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
    SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
    C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtlService.exe
    C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWlan.exe
    C:\Windows\System32
    vSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\Explorer.EXE
    C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Ask.com\Updater\Updater.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files\Common Files\Corel\Standby\Standby.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.weerdirect.nl/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
    BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup
    mRun: [Standby] "c:\program files\common files\corel\standby\Standby.exe" -START
    mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r
    mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [avp] "c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe"
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Toevoegen aan Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2012\ie_banner_deny.htm
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1
    uclea~1\videoget\plugins\VIDEOG~1.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
    DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
    DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{3684D2E1-CE4E-49F6-A09B-C8B04E94266C}\3596475636F6D6349364341434 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{761FAEE5-5881-4875-B8A4-9B0153CD0BE4} : NameServer = 192.168.0.1,8.8.8.8
    TCP: Interfaces\{B2D9438F-4A8B-45F1-8569-663FDBF8FD73} : DhcpNameServer = 192.168.0.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\gebruiker\appdata\roaming\mozilla\firefox\profiles\0puaba5v.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.weerdirect.nl/|about:home|about:addons|https://addons.mozilla.org/nl/firefox/extensions/privacy-security/|https://addons.mozilla.org/nl/firefox/extensions/bookmarks/|http://www.xmarks.com/firefox/success/4.0.5|http://www.weerdirect.nl/
    FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air
    ppdf32.dll
    FF - plugin: c:\program files\google\picasa3
    pPicasa3.dll
    FF - plugin: c:\program files\java\jre7\bin
    ew_plugin
    pjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0
    pctrlui.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 23856]
    R1 qtsmon;qtsmon;c:\windows\system32\drivers\qtsmon.sys [2010-12-5 72488]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
    R2 AVP;Kaspersky Anti-Virus-service;c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe -r –> c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe -r [?]
    R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-1-24 21992]
    R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\common files\magix services\database\bin\FABS.exe [2009-8-27 1253376]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-5 652360]
    R2 Realtek11nCU;Realtek11nCU;c:\program files\icidu\icidu 11n usb wireless lan\RtlService.exe [2012-2-17 36864]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\system32
    vSCPAPISvr.exe [2009-7-8 239648]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-12-8 20464]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
    vhda32v.sys [2011-4-24 139368]
    R3 RTL8192cu;ICIDU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2012-2-17 728064]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-10-30 1077760]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\common files\magix services\database\bin\fbserver.exe [2008-8-7 3276800]
    S3 netr28;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista;c:\windows\system32\drivers
    etr28.sys [2009-6-10 530944]
    S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [2009-9-10 21648]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2006-3-27 167808]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-26 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-29 1343400]
    .
    =============== Created Last 30 ================
    .
    2012-02-24 11:15:26 ——– d—–w- C:\$RECYCLE.BIN
    2012-02-24 11:05:15 ——– d—–w- C:\ComboFix
    2012-02-24 10:56:37 6552120 —-a-w- c:\programdata\microsoft\windows defender\definition updates\{60667f2f-41b8-489d-9c0a-e71f7bb895ce}\mpengine.dll
    2012-02-23 23:31:11 ——– d—–w- c:\users\gebruiker\appdata\local\{BA70DCA6-29F7-4D37-A029-A822C8AA59A3}
    2012-02-23 23:30:53 ——– d—–w- c:\users\gebruiker\appdata\local\{F15AA22F-10C8-418B-BBF6-C028B9632CAC}
    2012-02-23 23:25:15 ——– d—–w- c:\users\gebruiker\appdata\local\{024447C7-3C1C-4913-9519-3AC9BD30110B}
    2012-02-23 23:25:00 ——– d—–w- c:\users\gebruiker\appdata\local\{5B41F9FB-5955-4C8C-A11D-16D3F64B90FE}
    2012-02-23 20:25:58 ——– d—–w- c:\users\gebruiker\appdata\local\temp
    2012-02-23 20:17:20 98816 —-a-w- c:\windows\sed.exe
    2012-02-23 20:17:20 518144 —-a-w- c:\windows\SWREG.exe
    2012-02-23 20:17:20 256000 —-a-w- c:\windows\PEV.exe
    2012-02-23 20:17:20 208896 —-a-w- c:\windows\MBR.exe
    2012-02-23 20:10:32 ——– d—–w- C:\TDSSStarter
    2012-02-23 16:12:32 ——– d—–w- c:\users\gebruiker\appdata\roaming\Gena01
    2012-02-22 20:31:01 ——– d—–w- c:\users\gebruiker\appdata\local\{E1F3EEA8-E661-47F7-9E64-79983EE2094B}
    2012-02-22 20:30:46 ——– d—–w- c:\users\gebruiker\appdata\local\{82303AAB-68B6-44D3-A508-670634008263}
    2012-02-20 19:36:21 ——– d—–w- c:\users\gebruiker\appdata\local\{9A6CF412-B611-4982-8588-56130F9F1B44}
    2012-02-20 19:36:05 ——– d—–w- c:\users\gebruiker\appdata\local\{1019811F-AC2A-41E0-9C83-3C447F57CAA9}
    2012-02-19 10:29:00 ——– d—–w- c:\users\gebruiker\appdata\local\{82296463-37F7-4888-B8B8-7F13D0860E62}
    2012-02-19 10:28:44 ——– d—–w- c:\users\gebruiker\appdata\local\{F79C2EFF-5F5D-4ECA-AC5C-98D6690210D8}
    2012-02-18 09:54:06 ——– d—–w- c:\users\gebruiker\appdata\local\{2F8B0BA6-845F-4116-8C1F-3647A21522AA}
    2012-02-18 09:53:51 ——– d—–w- c:\users\gebruiker\appdata\local\{5A41CEC7-B02A-4A06-87CF-0C5C4FBE9B17}
    2012-02-17 20:06:52 ——– d—–w- c:\users\gebruiker\appdata\local\{1E72C4D4-EE29-45BC-8B44-9589794C55C9}
    2012-02-17 20:06:36 ——– d—–w- c:\users\gebruiker\appdata\local\{60B8FEE8-4798-4D4B-8A5A-A640AEBEF6AF}
    2012-02-17 20:03:25 ——– d—–w- c:\users\gebruiker\appdata\local\{4045A5D5-62E7-40E6-A7E1-BF0FDC221A27}
    2012-02-17 19:31:40 ——– d—–w- c:\users\gebruiker\appdata\local\{6F0EC1C8-D106-42B6-B338-6E257EC12DC2}
    2012-02-17 19:26:09 ——– d—–w- c:\program files\Cisco
    2012-02-17 19:24:32 728064 —-a-w- c:\windows\system32\drivers\RTL8192cu.sys
    2012-02-17 19:23:40 380928 ——w- c:\windows\RtlUI2.exe
    2012-02-17 19:23:39 614400 ——w- c:\windows\system32\Rtlihvs.dll
    2012-02-17 19:23:39 451072 ——w- c:\windows\system32\ISSRemoveSP.exe
    2012-02-17 19:23:39 188416 ——w- c:\windows\system32\RTLExtUI.dll
    2012-02-17 19:23:39 ——– d—–w- c:\program files\ICIDU
    2012-02-16 10:58:27 ——– d—–w- c:\users\gebruiker\appdata\local\{7B67AB62-21A3-4E3D-965C-E1FCB8FCCD99}
    2012-02-16 10:58:15 ——– d—–w- c:\users\gebruiker\appdata\local\{D437030D-1B3F-4EB0-ADF5-D4A3E3B99C78}
    2012-02-15 12:58:52 ——– d—–w- c:\users\gebruiker\appdata\local\{DC1514F3-FC5D-4090-B960-37488367ECF6}
    2012-02-15 12:58:40 ——– d—–w- c:\users\gebruiker\appdata\local\{39AA9792-7E2F-4C7B-97AB-2561E2DA2144}
    2012-02-15 12:57:20 478720 —-a-w- c:\windows\system32\timedate.cpl
    2012-02-15 12:57:16 690688 —-a-w- c:\windows\system32\msvcrt.dll
    2012-02-15 12:57:15 442880 —-a-w- c:\windows\system32
    tshrui.dll
    2012-02-15 12:57:14 2343424 —-a-w- c:\windows\system32\win32k.sys
    2012-02-13 21:53:58 ——– d—–w- c:\users\gebruiker\appdata\local\{11BA6868-AE7B-4E31-9743-F0DCF32A2E68}
    2012-02-13 21:53:43 ——– d—–w- c:\users\gebruiker\appdata\local\{A7122145-B4B9-405A-83BE-BC311C7705F0}
    2012-02-12 10:53:52 ——– d—–w- c:\users\gebruiker\appdata\local\{A4454365-3ECD-49D7-BF3A-F8058662058B}
    2012-02-12 10:53:18 ——– d—–w- c:\users\gebruiker\appdata\local\{7BED1ECC-AC11-4B4B-88FC-F23EF1BFBE89}
    2012-02-11 16:06:18 ——– d—–w- c:\users\gebruiker\appdata\local\{644D91C9-BD09-44C9-95F1-A39B462B9B28}
    2012-02-11 16:06:02 ——– d—–w- c:\users\gebruiker\appdata\local\{0793D0DB-3811-48A7-9197-CD6EF9544170}
    2012-02-10 10:45:31 ——– d—–w- c:\users\gebruiker\appdata\local\{DDD93067-54E1-448F-BC90-79298793FC30}
    2012-02-10 10:45:19 ——– d—–w- c:\users\gebruiker\appdata\local\{82311238-9323-4FF1-BD5B-6E2FB8110BE5}
    2012-02-09 15:30:54 ——– d—–w- c:\users\gebruiker\appdata\local\{2E41C5AE-750F-45AF-B88C-2724F7233E64}
    2012-02-09 15:30:41 ——– d—–w- c:\users\gebruiker\appdata\local\{87353E9A-D349-423F-A972-759AA5911FBE}
    2012-02-08 20:55:36 ——– d—–w- c:\users\gebruiker\appdata\local\{023429B0-0D07-49D8-B0D9-3CD5971EEA4A}
    2012-02-08 19:38:39 ——– d—–w- c:\users\gebruiker\appdata\local\{6A4384F5-DB17-49DF-998E-357FF996EDB1}
    2012-02-07 20:32:02 ——– d—–w- c:\users\gebruiker\appdata\roaming\QuickScan
    2012-02-07 19:38:22 ——– d—–w- c:\users\gebruiker\appdata\local\{38E54F4F-B31A-42FB-8ED7-6820F8C33CC3}
    2012-02-07 19:38:10 ——– d—–w- c:\users\gebruiker\appdata\local\{C3CD0BA9-81A6-4805-97E5-B5A03B32D325}
    2012-02-06 19:53:00 ——– d—–w- c:\users\gebruiker\appdata\local\{D742C306-501D-4153-A171-4512502CDA81}
    2012-02-06 19:52:48 ——– d—–w- c:\users\gebruiker\appdata\local\{EC36C1A7-717B-4E98-9279-E6FC44F5547A}
    2012-02-05 19:49:41 ——– d—–w- c:\users\gebruiker\appdata\local\{9313AF1B-1216-4840-9BE2-65DF67D15875}
    2012-02-05 19:49:29 ——– d—–w- c:\users\gebruiker\appdata\local\{E4E82B75-924D-4A57-96DC-A5DAC512BE4C}
    2012-02-04 12:40:48 ——– d—–w- c:\users\gebruiker\appdata\local\{5236D4A7-F612-45D1-A0A7-875E4F2F1580}
    2012-02-04 12:40:37 ——– d—–w- c:\users\gebruiker\appdata\local\{B8D09761-446E-4C3A-BDFF-DD6B0C4295EB}
    2012-02-03 19:39:07 ——– d—–w- c:\users\gebruiker\appdata\local\{B05174D5-11EC-4B41-AB9E-DB1EEFB58CF3}
    2012-02-03 19:38:56 ——– d—–w- c:\users\gebruiker\appdata\local\{5EC88008-33D0-40C7-9D2D-F635727ADE6D}
    2012-02-02 16:04:09 ——– d—–w- c:\users\gebruiker\appdata\local\{15E33A8A-D61D-4011-A8C1-978DCF401750}
    2012-02-02 16:03:57 ——– d—–w- c:\users\gebruiker\appdata\local\{54A32355-340E-4865-8F1C-C02681C1A145}
    2012-02-01 20:29:51 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-02-01 12:47:16 ——– d—–w- c:\users\gebruiker\appdata\local\{37995663-F59B-4808-952B-27299994F2F5}
    2012-02-01 12:47:04 ——– d—–w- c:\users\gebruiker\appdata\local\{402E8633-248C-442A-9839-12323B792AF5}
    2012-01-31 22:06:56 758784 —-a-w- c:\windows\system32\cohelper.dll
    2012-01-31 22:06:56 11164 —-a-w- c:\windows\system32\drivers
    vphy.bin
    2012-01-31 19:28:30 ——– d—–w- c:\users\gebruiker\appdata\local\{9D4CAF9A-5EA8-4BE3-A7BA-FE0902BFAF82}
    2012-01-31 19:28:19 ——– d—–w- c:\users\gebruiker\appdata\local\{8A0582FA-AD33-41C2-9B93-59DA2371E5E8}
    2012-01-30 19:11:44 ——– d—–w- c:\users\gebruiker\appdata\local\{EED838C2-2980-40DD-8EE2-7E1393CA62FC}
    2012-01-30 19:11:33 ——– d—–w- c:\users\gebruiker\appdata\local\{67D02E15-793A-4EB8-B9B9-2E0E70E1A36A}
    2012-01-29 10:49:01 ——– d—–w- c:\users\gebruiker\appdata\local\{B791AE7F-CD90-41A6-80FC-9E27CFFB8315}
    2012-01-29 10:48:50 ——– d—–w- c:\users\gebruiker\appdata\local\{BCCF8955-832E-4CB3-B08D-10DA39C50537}
    2012-01-28 22:48:17 ——– d—–w- c:\users\gebruiker\appdata\local\{16FE51E5-4F47-4A01-946C-C0797686E500}
    2012-01-28 22:48:05 ——– d—–w- c:\users\gebruiker\appdata\local\{923B7CC7-A94E-46C6-BC0A-09268A3B2DBF}
    2012-01-28 10:47:23 ——– d—–w- c:\users\gebruiker\appdata\local\{9FECD977-B0BD-49ED-B29E-1843C15F2319}
    2012-01-28 10:47:11 ——– d—–w- c:\users\gebruiker\appdata\local\{49B785B5-361B-4B63-BFD0-CD5EF6BC8107}
    2012-01-27 10:41:28 ——– d—–w- c:\users\gebruiker\appdata\local\{88B7B634-3801-4550-BBCB-04AB1837E797}
    2012-01-27 10:41:16 ——– d—–w- c:\users\gebruiker\appdata\local\{1B7409F4-2AD7-495F-A88E-80B457AD8E7A}
    2012-01-26 19:51:23 ——– d—–w- c:\users\gebruiker\appdata\local\{46664126-3B22-4ACC-8591-BEBF5BA636F8}
    2012-01-26 19:51:12 ——– d—–w- c:\users\gebruiker\appdata\local\{BA3A22B4-5114-418D-9A26-0B8D77FA16FD}
    2012-01-26 07:50:41 ——– d—–w- c:\users\gebruiker\appdata\local\{7829AFBD-8626-476A-B617-C96F225D7818}
    2012-01-26 07:50:26 ——– d—–w- c:\users\gebruiker\appdata\local\{B2FB0DFA-4235-4934-AA1E-5A139A0EC9EF}
    2012-01-25 16:11:44 ——– d—–w- c:\users\gebruiker\appdata\local\{5FC06408-9702-4173-94B3-EAD4DB649DF0}
    2012-01-25 16:11:29 ——– d—–w- c:\users\gebruiker\appdata\local\{A4013746-00D8-4B1B-B297-8BDE0BD53783}
    2012-01-25 13:37:10 ——– d—–w- c:\users\gebruiker\appdata\local\{62E220E9-35F1-4820-B5C1-B521F796E6BC}
    .
    ==================== Find3M ====================
    .
    2012-01-29 04:10:42 237072 ——w- c:\windows\system32\MpSigStub.exe
    2012-01-22 16:34:27 5852 –sha-w- c:\programdata\KGyGaAvL.sys
    2011-12-14 03:04:54 1798656 —-a-w- c:\windows\system32\jscript9.dll
    2011-12-14 02:57:18 1127424 —-a-w- c:\windows\system32\wininet.dll
    2011-12-14 02:56:58 1427456 —-a-w- c:\windows\system32\inetcpl.cpl
    2011-12-14 02:50:04 2382848 —-a-w- c:\windows\system32\mshtml.tlb
    2011-12-10 14:24:06 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-11-27 17:36:31 637848 —-a-w- c:\windows\system32
    pdeployJava1.dll
    2011-11-27 17:36:31 567184 —-a-w- c:\windows\system32\deployJava1.dll
    2004-04-27 21:19:20 233160 —-a-w- c:\program files\LISTOOL.EXE
    .
    ============= FINISH: 12:49:10,82 ===============
  • En vertel ook maar waarom jij dat [b:b368067f60]ParetoLogic[/b:b368067f60] in jouw Windows hebt zitten?
    Een volkomen obscuur programma!

    We gaan nu als eerste zoeken waar dat krenh zoal in jouw Windows zit!

    [b:b368067f60]"Zoek.exe" gebruiken[/b:b368067f60]:
    [list:b368067f60][*:b368067f60] [b:b368067f60]Sluit nu eerst alle nog openstaande programmavensters![/color:b368067f60][/b:b368067f60]
    [list:b368067f60][*:b368067f60][b:b368067f60]Windows 2000[/color:b368067f60][/b:b368067f60] en [b:b368067f60]Windows XP[/b:b368067f60][/color:b368067f60]: start het tool middels dubbelklik op "[i:b368067f60]Zoek.exe[/i:b368067f60]".
    [*:b368067f60][b:b368067f60]Windows Vista[/b:b368067f60][/color:b368067f60] en [b:b368067f60]Windows 7[/b:b368067f60][/color:b368067f60]: start het tool middels rechtsklik op "[i:b368067f60]Zoek.exe[/i:b368067f60]" en dan [i:b368067f60][b:b368067f60]Als Administrator uitvoeren[/b:b368067f60][/i:b368067f60].[/list:u:b368067f60][/list:u:b368067f60]

    Er start nu een zwart CMD/Opdrachtpromptvenster op.
    [list:b368067f60][*:b368067f60]Typ nu in dat venster [b:b368067f60]B[/b:b368067f60] gevolgd door Enter om "Custom search" te starten.
    [*:b368067f60]Een kladblokdocument met de naam "input.txt" zal nu openen.
    [*:b368067f60]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster[/list:u:b368067f60]

    [b:b368067f60]
    ParetoLogic;
    paretologic;
    [/color:b368067f60][/b:b368067f60]

    [list:b368067f60][*:b368067f60]Wanneer je de blauwe gekleurde tekst in het lege kladblokvenster geplakt hebt, mag je input.txt sluiten, laat de wijzigingen opslaan.[/list:u:b368067f60]

    [img:b368067f60]http://www.imgdumper.nl/uploads5/4f4375db0bc34/4f4375db0a8b1-Zoekexe.png[/img:b368067f60]

    [list:b368067f60][*:b368067f60]Hierna begint de scan te lopen, wacht geduldig tot een log opent en post het resultaat in je volgende bericht.[/list:u:b368067f60]
  • ComboFix had ik opnieuw gedownload.

    Ja dat progamma had ik voor register opschonen, en drivers bij houden.

    Maar als het verstanderig is om het te verwijderen dan doen we dat.

    Log nu is het wel goed.


    Zoek.exe Version 2.0.0.5 Updated 23-02-2012
    Tool run by Gebruiker on vr 24-02-2012 at 13:06:49,82.

    ==== Folders Found ======================


    2012-01-01 21:17:28 2012-01-01 21:17:28 ——– d—–w- C:\Program Files\ParetoLogic
    2011-01-23 21:24:33 2011-01-23 21:24:33 ——– d—–w- C:\Program Files\Common Files\ParetoLogic
    2011-01-23 21:24:33 2011-01-23 21:24:33 ——– d—–w- C:\ProgramData\ParetoLogic
    2011-01-23 21:24:33 2011-01-23 21:24:33 ——– d—–w- C:\Users\All Users\ParetoLogic
    2011-01-23 21:24:46 2011-01-23 21:24:46 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\ParetoLogic
    2012-01-01 21:17:36 2012-01-02 21:50:44 ——– d—–w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic

    ==== Files Found ======================


    — C:\Program Files\Common Files\ParetoLogic\UUS3\ParetoLogicUpdate.chm —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 70805
    Created time: 2009-10-12 05:01:44
    Modified time: 2009-10-12 05:01:44
    MD5: 99E2832D260ED2A447A63696A7205EF9
    SHA1: D7A72FE79BD6C082EBC8B82D44FDE8494DA78D67


    — C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic\PC Health Advisor\ParetoLogic PC Health Advisor.lnk —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 1107
    Created time: 2012-01-01 21:17:36
    Modified time: 2012-01-01 21:17:36
    MD5: 724B05EB67DDEE9FF3868A1D5341E7B3
    SHA1: 732A2B848FA8FDC9A5957FABAC282FB04C98297B


    — C:\Users\Gebruiker\Desktop\ParetoLogic PC Health Advisor.lnk —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 1071
    Created time: 2012-01-01 21:17:35
    Modified time: 2012-01-01 21:17:36
    MD5: 8936827C064ADC32FE20FB5564614ACA
    SHA1: 8E5CBA7280C203C72949B017F9F585534A0D167C


    — C:\Users\Gebruiker\Documents\Downloads\ParetoLogic PC Health Advisor.exe —
    Company: ParetoLogic Inc.
    File Description: PC Health Advisor Installer
    File Version: 3.0.0.0
    Product Name:
    Copyright: Copyright © 2010 ParetoLogic Inc.
    Original Filename:
    File type: —-a-w-
    File size: 5193608
    Created time: 2011-01-23 21:23:44
    Modified time: 2011-01-23 21:23:45
    MD5: 47E8AF3295F5C2BC64F6AF335D502A69
    SHA1: 3E24751D02BEF712601D36B72E0B229EFD1E0544


    — C:\Windows\System32\Tasks\ParetoLogic Registration3 —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 3124
    Created time: 2011-01-23 21:24:52
    Modified time: 2011-01-23 21:24:52
    MD5: E3D3318FFE4BFCDC5FA3F8E4DC87A6B6
    SHA1: 3BB796AF025D62F8D8DFFF43CE261C7DE83B2C28


    — C:\Windows\System32\Tasks\ParetoLogic Update Version3 —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 3250
    Created time: 2011-01-23 21:24:36
    Modified time: 2011-01-23 21:24:40
    MD5: F430BC26DA99A37B2C1CC02D31BBD023
    SHA1: A74C6CF80F23782A3B9CA62A7CE307F23578D5BE


    — C:\Windows\Tasks\ParetoLogic Registration3.job —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 452
    Created time: 2011-01-23 21:24:52
    Modified time: 2012-02-23 17:00:00
    MD5: 661C366E357DBFF53439867E23A7F245
    SHA1: 1755C4C308EDBD11E8C0750876CCE8F8ABDC9AAF


    — C:\Windows\Tasks\ParetoLogic Update Version3.job —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 426
    Created time: 2011-01-23 21:24:36
    Modified time: 2012-01-18 04:21:04
    MD5: 7198DF725C25E90F110F473BAD447648
    SHA1: D60836446CF3F1E303D1E75D86D78A370E668ADD
  • Dan gaan we nu Paretologic verwijderen.

    [b:5d9b256cde]"Zoek.exe" gebruiken[/b:5d9b256cde]:
    [list:5d9b256cde][*:5d9b256cde] [b:5d9b256cde]Sluit nu eerst alle nog openstaande programmavensters![/color:5d9b256cde][/b:5d9b256cde]
    [list:5d9b256cde][*:5d9b256cde][b:5d9b256cde]Windows 2000[/color:5d9b256cde][/b:5d9b256cde] en [b:5d9b256cde]Windows XP[/b:5d9b256cde][/color:5d9b256cde]: start het tool middels dubbelklik op "[i:5d9b256cde]Zoek.exe[/i:5d9b256cde]".
    [*:5d9b256cde][b:5d9b256cde]Windows Vista[/b:5d9b256cde][/color:5d9b256cde] en [b:5d9b256cde]Windows 7[/b:5d9b256cde][/color:5d9b256cde]: start het tool middels rechtsklik op "[i:5d9b256cde]Zoek.exe[/i:5d9b256cde]" en dan kiezen voor [i:5d9b256cde][b:5d9b256cde]Als Administrator uitvoeren[/b:5d9b256cde][/i:5d9b256cde].[/list:u:5d9b256cde][/list:u:5d9b256cde]

    Er start nu een zwart CMD/Opdrachtpromptvenster op.
    [list:5d9b256cde][*:5d9b256cde]Typ nu in dat venster [b:5d9b256cde]C[/b:5d9b256cde] gevolgd door Enter om "Delete files/folders" te starten.
    [*:5d9b256cde]Een kladblokdocument met de naam "input.txt" zal nu openen.
    [*:5d9b256cde]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster[/list:u:5d9b256cde]

    [b:5d9b256cde]
    C:\Program Files\ParetoLogic;
    C:\Program Files\Common Files\ParetoLogic;
    C:\ProgramData\ParetoLogic;
    C:\Users\All Users\ParetoLogic;
    C:\Users\Gebruiker\AppData\Roaming\ParetoLogic;
    C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic;
    C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic\PC Health Advisor\ParetoLogic PC Health Advisor.lnk;
    C:\Users\Gebruiker\Desktop\ParetoLogic PC Health Advisor.lnk;
    C:\Users\Gebruiker\Documents\Downloads\ParetoLogic PC Health Advisor.exe;
    C:\Windows\System32\Tasks\ParetoLogic Registration3;
    C:\Windows\System32\Tasks\ParetoLogic Update Version3;
    C:\Windows\Tasks\ParetoLogic Registration3.job;
    C:\Windows\Tasks\ParetoLogic Update Version3.job;
    C:\Windows\Tasks\PC Health Advisor Defrag.job;
    C:\Windows\Tasks\PC Health Advisor.job;
    C:\Windows\Temp\*;
    C:\Users\cinxan\AppData\Local\Temp\*;
    [/color:5d9b256cde][/b:5d9b256cde]

    [list:5d9b256cde][*:5d9b256cde]Wanneer je de blauwe gekleurde tekst in het lege kladblokvenster geplakt hebt, mag je input.txt sluiten, laat de wijzigingen opslaan.[/list:u:5d9b256cde]

    [img:5d9b256cde]http://www.imgdumper.nl/uploads5/4f4375db0bc34/4f4375db0a8b1-Zoekexe.png[/img:5d9b256cde]

    [list:5d9b256cde][*:5d9b256cde]Hierna begint de scan te lopen, wacht geduldig tot een log opent en post het resultaat in je volgende bericht.
    [*:5d9b256cde]Het kan gebeuren dat de computer rebooten moet.[/list:u:5d9b256cde]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.