Ga naar inhoud

trojaanspaard PSW.agent.ASOI


Aanbevolen berichten

ComboFix 12-01-28.01 - Andre 28-01-2012 13:04:56.3.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2046.1502 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Andre\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Andre\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

FILE ::

"c:\windows\system32\drivers\g2jlzbab.sys"

"c:\windows\system32\drivers\kwreymd.sys"

"d:\fxdrv32.sys"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_FXDRV32

-------\Legacy_G2JLZBAB.SYS

-------\Service_alef

-------\Service_FXDrv32

-------\Service_g2jlzbab.sys

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-28 to 2012-01-28 ))))))))))))))))))))))))))))))

.

.

2012-01-27 23:42 . 2012-01-28 12:02 -------- d--h--r- c:\documents and settings\Andre\Onlangs geopend

2012-01-27 21:12 . 2012-01-27 21:12 -------- d-----w- c:\documents and settings\Andre\Local Settings\Application Data\WinZip

2012-01-27 00:53 . 2012-01-27 23:41 -------- d-----w- c:\documents and settings\Andre\Application Data\ScanSpyware

2012-01-24 21:40 . 2012-01-24 21:42 -------- dc-h--w- c:\windows\ie8

2012-01-23 21:49 . 2012-01-23 21:49 -------- d-----w- c:\documents and settings\Andre\Local Settings\Application Data\Mozilla

2012-01-13 21:24 . 2012-01-13 21:24 -------- d-----w- c:\program files\Nuria

2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-12 22:42 . 2011-12-12 22:42 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2011-12-12 22:42 . 2011-12-12 22:42 1060864 ----a-w- c:\windows\system32\mfc71.dll

2011-12-10 14:24 . 2010-02-12 22:43 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57 . 2007-03-01 12:31 293888 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 14:40 . 2007-03-01 12:31 1859712 ----a-w- c:\windows\system32\win32k.sys

2011-11-20 06:12 . 2007-03-01 12:34 60928 ----a-w- c:\windows\system32\packager.exe

2011-11-16 14:22 . 2007-03-01 12:35 354816 ----a-w- c:\windows\system32\winhttp.dll

2011-11-16 14:22 . 2007-03-01 12:31 152064 ----a-w- c:\windows\system32\schannel.dll

2011-11-04 19:13 . 2007-03-01 12:31 916992 ----a-w- c:\windows\system32\wininet.dll

2011-11-04 19:13 . 2007-03-01 12:33 43520 ------w- c:\windows\system32\licmgr10.dll

2011-11-04 19:13 . 2007-03-01 12:33 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-11-04 11:25 . 2007-03-01 12:33 385024 ------w- c:\windows\system32\html.iec

2011-11-03 15:29 . 2007-03-01 12:34 386560 ----a-w- c:\windows\system32\qdvd.dll

2011-11-03 15:29 . 2007-03-01 12:31 1296384 ----a-w- c:\windows\system32\quartz.dll

2011-11-01 16:07 . 2007-03-01 12:31 1288192 ----a-w- c:\windows\system32\ole32.dll

2004-10-01 14:00 . 2008-01-18 13:41 40960 ----a-w- c:\program files\Uninstall_CDS.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2012-01-27_23.25.46 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-01-28 12:11 . 2012-01-28 12:11 16384 c:\windows\Temp\Perflib_Perfdata_f90.dat

+ 2012-01-28 11:43 . 2012-01-28 11:43 119744 c:\windows\system32\FNTCACHE.DAT

- 2012-01-27 20:47 . 2012-01-27 20:47 119744 c:\windows\system32\FNTCACHE.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Nuria"="c:\program files\Nuria\Nuria.exe" [2011-08-24 1706496]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Agrovision taakplanner"="i:\progra~1\AGROVI~1\Ibms\CMVTaak.exe" [2011-12-21 2720512]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-17 7700480]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"Malwarebytes' Anti-Malware"="c:\program files\andre\mbamgui.exe" [2011-12-24 460872]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\LimeWire Plus\\LimeWire.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"i:\\Program Files\\Agrovision\\Ibms\\IBMS.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13-9-2010 16:27 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7-9-2010 3:48 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-9-2010 3:48 230608]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7-9-2010 3:49 295248]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 6:09 192776]

R2 MBAMService;MBAMService;c:\program files\andre\mbamservice.exe [12-2-2010 23:56 652872]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19-8-2010 21:42 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19-8-2010 21:42 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19-8-2010 21:42 16720]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12-2-2010 23:43 20464]

R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

S2 SampleScanner;USB-Flachbettscanner;c:\windows\system32\drivers\ArtecGT.sys [21-2-2008 22:50 18120]

S3 2sxn2g.sys;2sxn2g.sys;\??\c:\windows\system32\drivers\2sxn2g.sys --> c:\windows\system32\drivers\2sxn2g.sys [?]

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - xcpip

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hetnet.nl/

TCP: DhcpNameServer = 192.168.1.254

DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-28 13:18

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(3204)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\program files\Ahead\InCD\InCDsrv.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\AVG\AVG2012\avgnsx.exe

c:\program files\AVG\AVG2012\avgemcx.exe

c:\windows\system32\nvsvc32.exe

.

**************************************************************************

.

Voltooingstijd: 2012-01-28 13:20:55 - machine werd herstart

ComboFix-quarantined-files.txt 2012-01-28 12:20

ComboFix2.txt 2012-01-28 12:02

ComboFix3.txt 2012-01-27 23:26

.

Pre-Run: 211.477.147.648 bytes beschikbaar

Post-Run: 211.465.560.064 bytes beschikbaar

.

- - End Of File - - D97CDE5E6E379E621373B374D14915CA

---------- Post toegevoegd om 14:00 ---------- Vorige post was om 13:59 ----------

Avg gestart, virus nog aanwezig

Link naar reactie
Delen op andere sites

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Link naar reactie
Delen op andere sites

17:14:58.0796 2648 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27

17:14:58.0937 2648 ============================================================

17:14:58.0937 2648 Current date / time: 2012/01/28 17:14:58.0937

17:14:58.0937 2648 SystemInfo:

17:14:58.0937 2648

17:14:58.0937 2648 OS Version: 5.1.2600 ServicePack: 3.0

17:14:58.0937 2648 Product type: Workstation

17:14:58.0937 2648 ComputerName: SYS10

17:14:58.0937 2648 UserName: Andre

17:14:58.0937 2648 Windows directory: C:\WINDOWS

17:14:58.0937 2648 System windows directory: C:\WINDOWS

17:14:58.0937 2648 Processor architecture: Intel x86

17:14:58.0937 2648 Number of processors: 2

17:14:58.0937 2648 Page size: 0x1000

17:14:58.0937 2648 Boot type: Normal boot

17:14:58.0937 2648 ============================================================

17:14:59.0171 2648 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

17:14:59.0187 2648 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

17:14:59.0250 2648 Initialize success

17:15:00.0843 3692 ============================================================

17:15:00.0843 3692 Scan started

17:15:00.0843 3692 Mode: Manual;

17:15:00.0843 3692 ============================================================

17:15:02.0171 3692 2sxn2g.sys - ok

17:15:02.0187 3692 Abiosdsk - ok

17:15:02.0203 3692 abp480n5 - ok

17:15:02.0234 3692 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:15:02.0234 3692 ACPI - ok

17:15:02.0281 3692 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys

17:15:02.0281 3692 ACPIEC - ok

17:15:02.0296 3692 adpu160m - ok

17:15:02.0328 3692 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

17:15:02.0328 3692 aec - ok

17:15:02.0375 3692 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

17:15:02.0390 3692 AFD - ok

17:15:02.0390 3692 Aha154x - ok

17:15:02.0406 3692 aic78u2 - ok

17:15:02.0421 3692 aic78xx - ok

17:15:02.0453 3692 AliIde - ok

17:15:02.0468 3692 amsint - ok

17:15:02.0484 3692 asc - ok

17:15:02.0515 3692 asc3350p - ok

17:15:02.0531 3692 asc3550 - ok

17:15:02.0609 3692 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:15:02.0609 3692 AsyncMac - ok

17:15:02.0625 3692 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

17:15:02.0625 3692 atapi - ok

17:15:02.0640 3692 Atdisk - ok

17:15:02.0671 3692 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:15:02.0671 3692 Atmarpc - ok

17:15:02.0734 3692 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

17:15:02.0734 3692 audstub - ok

17:15:02.0812 3692 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

17:15:02.0812 3692 AVGIDSDriver - ok

17:15:02.0828 3692 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

17:15:02.0828 3692 AVGIDSEH - ok

17:15:02.0843 3692 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

17:15:02.0843 3692 AVGIDSFilter - ok

17:15:02.0859 3692 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

17:15:02.0859 3692 AVGIDSShim - ok

17:15:02.0875 3692 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

17:15:02.0875 3692 Avgldx86 - ok

17:15:02.0937 3692 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

17:15:02.0937 3692 Avgmfx86 - ok

17:15:02.0937 3692 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

17:15:02.0937 3692 Avgrkx86 - ok

17:15:02.0968 3692 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

17:15:02.0968 3692 Avgtdix - ok

17:15:03.0031 3692 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys

17:15:03.0031 3692 BANTExt - ok

17:15:03.0078 3692 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

17:15:03.0078 3692 Beep - ok

17:15:03.0093 3692 catchme - ok

17:15:03.0156 3692 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

17:15:03.0156 3692 cbidf2k - ok

17:15:03.0171 3692 cd20xrnt - ok

17:15:03.0203 3692 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

17:15:03.0203 3692 Cdaudio - ok

17:15:03.0250 3692 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

17:15:03.0250 3692 Cdfs - ok

17:15:03.0296 3692 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:15:03.0312 3692 Cdrom - ok

17:15:03.0312 3692 Changer - ok

17:15:03.0359 3692 CmdIde - ok

17:15:03.0390 3692 Cpqarray - ok

17:15:03.0406 3692 dac2w2k - ok

17:15:03.0421 3692 dac960nt - ok

17:15:03.0515 3692 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

17:15:03.0515 3692 Disk - ok

17:15:03.0578 3692 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys

17:15:03.0578 3692 dmboot - ok

17:15:03.0593 3692 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys

17:15:03.0593 3692 dmio - ok

17:15:03.0609 3692 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

17:15:03.0609 3692 dmload - ok

17:15:03.0671 3692 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

17:15:03.0671 3692 DMusic - ok

17:15:03.0718 3692 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys

17:15:03.0718 3692 dot4 - ok

17:15:03.0750 3692 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

17:15:03.0750 3692 Dot4Print - ok

17:15:03.0765 3692 dot4usb (f48841c737d7dc9610bf5f49a76c2ed1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys

17:15:03.0765 3692 dot4usb - ok

17:15:03.0812 3692 dpti2o - ok

17:15:03.0968 3692 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

17:15:03.0968 3692 drmkaud - ok

17:15:04.0125 3692 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

17:15:04.0125 3692 Fastfat - ok

17:15:04.0140 3692 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

17:15:04.0140 3692 Fdc - ok

17:15:04.0156 3692 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys

17:15:04.0156 3692 Fips - ok

17:15:04.0171 3692 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

17:15:04.0171 3692 Flpydisk - ok

17:15:04.0218 3692 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

17:15:04.0234 3692 FltMgr - ok

17:15:04.0265 3692 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:15:04.0265 3692 Fs_Rec - ok

17:15:04.0281 3692 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:15:04.0281 3692 Ftdisk - ok

17:15:04.0328 3692 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys

17:15:04.0328 3692 gagp30kx - ok

17:15:04.0390 3692 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:15:04.0390 3692 Gpc - ok

17:15:04.0406 3692 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

17:15:04.0406 3692 HDAudBus - ok

17:15:04.0453 3692 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:15:04.0453 3692 HidUsb - ok

17:15:04.0468 3692 hpn - ok

17:15:04.0515 3692 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

17:15:04.0515 3692 HTTP - ok

17:15:04.0531 3692 i2omgmt - ok

17:15:04.0546 3692 i2omp - ok

17:15:04.0578 3692 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:15:04.0578 3692 i8042prt - ok

17:15:04.0625 3692 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

17:15:04.0625 3692 Imapi - ok

17:15:04.0687 3692 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys

17:15:04.0687 3692 InCDfs - ok

17:15:04.0687 3692 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys

17:15:04.0687 3692 InCDPass - ok

17:15:04.0734 3692 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys

17:15:04.0734 3692 InCDrec - ok

17:15:04.0750 3692 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys

17:15:04.0750 3692 incdrm - ok

17:15:04.0796 3692 ini910u - ok

17:15:04.0953 3692 IntcAzAudAddService (001aaca6ed0e6b00fc5b8faf74977e81) C:\WINDOWS\system32\drivers\RtkHDAud.sys

17:15:04.0984 3692 IntcAzAudAddService - ok

17:15:05.0000 3692 IntelIde - ok

17:15:05.0062 3692 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

17:15:05.0062 3692 Ip6Fw - ok

17:15:05.0078 3692 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:15:05.0093 3692 IpFilterDriver - ok

17:15:05.0140 3692 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:15:05.0140 3692 IpInIp - ok

17:15:05.0171 3692 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:15:05.0171 3692 IpNat - ok

17:15:05.0187 3692 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:15:05.0187 3692 IPSec - ok

17:15:05.0203 3692 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

17:15:05.0203 3692 irda - ok

17:15:05.0218 3692 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

17:15:05.0218 3692 IRENUM - ok

17:15:05.0281 3692 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys

17:15:05.0281 3692 irsir - ok

17:15:05.0343 3692 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:15:05.0343 3692 isapnp - ok

17:15:05.0375 3692 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:15:05.0375 3692 Kbdclass - ok

17:15:05.0406 3692 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

17:15:05.0406 3692 kmixer - ok

17:15:05.0453 3692 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

17:15:05.0453 3692 KSecDD - ok

17:15:05.0484 3692 lbrtfdc - ok

17:15:05.0531 3692 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

17:15:05.0531 3692 MBAMProtector - ok

17:15:05.0609 3692 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

17:15:05.0609 3692 mnmdd - ok

17:15:05.0656 3692 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys

17:15:05.0656 3692 Modem - ok

17:15:05.0687 3692 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:15:05.0687 3692 Mouclass - ok

17:15:05.0750 3692 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

17:15:05.0750 3692 mouhid - ok

17:15:05.0796 3692 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

17:15:05.0796 3692 MountMgr - ok

17:15:05.0828 3692 mraid35x - ok

17:15:05.0875 3692 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:15:05.0875 3692 MRxDAV - ok

17:15:05.0937 3692 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:15:05.0937 3692 MRxSmb - ok

17:15:05.0984 3692 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

17:15:05.0984 3692 Msfs - ok

17:15:06.0046 3692 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:15:06.0046 3692 MSKSSRV - ok

17:15:06.0062 3692 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:15:06.0062 3692 MSPCLOCK - ok

17:15:06.0093 3692 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

17:15:06.0093 3692 MSPQM - ok

17:15:06.0171 3692 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

17:15:06.0171 3692 mssmbios - ok

17:15:06.0218 3692 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

17:15:06.0234 3692 Mup - ok

17:15:06.0296 3692 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

17:15:06.0296 3692 NDIS - ok

17:15:06.0359 3692 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:15:06.0359 3692 NdisTapi - ok

17:15:06.0390 3692 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:15:06.0390 3692 Ndisuio - ok

17:15:06.0421 3692 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:15:06.0421 3692 NdisWan - ok

17:15:06.0484 3692 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

17:15:06.0484 3692 NDProxy - ok

17:15:06.0531 3692 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

17:15:06.0531 3692 NetBIOS - ok

17:15:06.0578 3692 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

17:15:06.0578 3692 NetBT - ok

17:15:06.0625 3692 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

17:15:06.0625 3692 Npfs - ok

17:15:06.0656 3692 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

17:15:06.0656 3692 Ntfs - ok

17:15:06.0734 3692 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

17:15:06.0734 3692 Null - ok

17:15:06.0859 3692 nv (c82f94077e2497e6685da208e2f75b43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

17:15:06.0890 3692 nv - ok

17:15:07.0015 3692 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:15:07.0015 3692 NwlnkFlt - ok

17:15:07.0031 3692 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:15:07.0031 3692 NwlnkFwd - ok

17:15:07.0078 3692 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys

17:15:07.0078 3692 Parport - ok

17:15:07.0093 3692 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

17:15:07.0093 3692 PartMgr - ok

17:15:07.0125 3692 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

17:15:07.0125 3692 ParVdm - ok

17:15:07.0140 3692 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys

17:15:07.0140 3692 PCI - ok

17:15:07.0156 3692 PCIDump - ok

17:15:07.0187 3692 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

17:15:07.0187 3692 PCIIde - ok

17:15:07.0218 3692 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys

17:15:07.0218 3692 Pcmcia - ok

17:15:07.0218 3692 PDCOMP - ok

17:15:07.0234 3692 PDFRAME - ok

17:15:07.0265 3692 PDRELI - ok

17:15:07.0281 3692 PDRFRAME - ok

17:15:07.0296 3692 perc2 - ok

17:15:07.0312 3692 perc2hib - ok

17:15:07.0375 3692 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:15:07.0375 3692 PptpMiniport - ok

17:15:07.0390 3692 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys

17:15:07.0390 3692 Processor - ok

17:15:07.0484 3692 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:15:07.0484 3692 Ptilink - ok

17:15:07.0703 3692 ql1080 - ok

17:15:07.0781 3692 Ql10wnt - ok

17:15:08.0000 3692 ql12160 - ok

17:15:08.0046 3692 ql1240 - ok

17:15:08.0078 3692 ql1280 - ok

17:15:08.0140 3692 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:15:08.0140 3692 RasAcd - ok

17:15:08.0234 3692 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

17:15:08.0234 3692 Rasirda - ok

17:15:08.0359 3692 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:15:08.0359 3692 Rasl2tp - ok

17:15:08.0390 3692 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:15:08.0406 3692 RasPppoe - ok

17:15:08.0437 3692 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

17:15:08.0437 3692 Raspti - ok

17:15:08.0453 3692 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:15:08.0453 3692 Rdbss - ok

17:15:08.0468 3692 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:15:08.0468 3692 RDPCDD - ok

17:15:08.0531 3692 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

17:15:08.0531 3692 RDPWD - ok

17:15:08.0593 3692 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys

17:15:08.0593 3692 redbook - ok

17:15:08.0640 3692 RTL8023xp (c8b370b2b520ac1b8bc66203fcec73db) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys

17:15:08.0656 3692 RTL8023xp - ok

17:15:08.0703 3692 SampleScanner (9d68bbedac2c3744724f6a99cc42d8e1) C:\WINDOWS\system32\DRIVERS\ArtecGT.sys

17:15:08.0703 3692 SampleScanner - ok

17:15:08.0765 3692 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:15:08.0765 3692 Secdrv - ok

17:15:08.0890 3692 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

17:15:08.0890 3692 serenum - ok

17:15:08.0906 3692 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys

17:15:08.0906 3692 Serial - ok

17:15:08.0937 3692 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

17:15:08.0953 3692 Sfloppy - ok

17:15:08.0968 3692 Simbad - ok

17:15:08.0984 3692 Sparrow - ok

17:15:09.0046 3692 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

17:15:09.0046 3692 splitter - ok

17:15:09.0062 3692 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys

17:15:09.0062 3692 sr - ok

17:15:09.0109 3692 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

17:15:09.0109 3692 Srv - ok

17:15:09.0187 3692 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

17:15:09.0187 3692 swenum - ok

17:15:09.0203 3692 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

17:15:09.0203 3692 swmidi - ok

17:15:09.0218 3692 symc810 - ok

17:15:09.0234 3692 symc8xx - ok

17:15:09.0250 3692 sym_hi - ok

17:15:09.0265 3692 sym_u3 - ok

17:15:09.0281 3692 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

17:15:09.0281 3692 sysaudio - ok

17:15:09.0359 3692 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:15:09.0359 3692 Tcpip - ok

17:15:09.0390 3692 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

17:15:09.0390 3692 TDPIPE - ok

17:15:09.0406 3692 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

17:15:09.0406 3692 TDTCP - ok

17:15:09.0437 3692 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

17:15:09.0437 3692 TermDD - ok

17:15:09.0453 3692 TosIde - ok

17:15:09.0500 3692 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

17:15:09.0500 3692 Udfs - ok

17:15:09.0500 3692 ultra - ok

17:15:09.0562 3692 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

17:15:09.0562 3692 Update - ok

17:15:09.0625 3692 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:15:09.0625 3692 usbccgp - ok

17:15:09.0640 3692 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:15:09.0640 3692 usbehci - ok

17:15:09.0687 3692 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:15:09.0687 3692 usbhub - ok

17:15:09.0703 3692 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

17:15:09.0703 3692 usbprint - ok

17:15:09.0750 3692 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:15:09.0750 3692 usbscan - ok

17:15:09.0781 3692 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:15:09.0781 3692 USBSTOR - ok

17:15:09.0796 3692 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

17:15:09.0796 3692 usbuhci - ok

17:15:09.0812 3692 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

17:15:09.0812 3692 VgaSave - ok

17:15:09.0828 3692 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

17:15:09.0828 3692 ViaIde - ok

17:15:09.0859 3692 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys

17:15:09.0875 3692 VolSnap - ok

17:15:09.0921 3692 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:15:09.0921 3692 Wanarp - ok

17:15:09.0921 3692 WDICA - ok

17:15:09.0953 3692 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

17:15:09.0953 3692 wdmaud - ok

17:15:10.0046 3692 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

17:15:10.0046 3692 WS2IFSL - ok

17:15:10.0078 3692 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

17:15:10.0078 3692 WudfPf - ok

17:15:10.0125 3692 xcpip - ok

17:15:10.0156 3692 xpsec - ok

17:15:10.0187 3692 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0

17:15:10.0187 3692 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected

17:15:10.0187 3692 \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0)

17:15:10.0203 3692 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk1\DR1

17:15:10.0203 3692 \Device\Harddisk1\DR1 - ok

17:15:10.0218 3692 Boot (0x1200) (edec404b5c96b1520157f53843553935) \Device\Harddisk0\DR0\Partition0

17:15:10.0218 3692 \Device\Harddisk0\DR0\Partition0 - ok

17:15:10.0218 3692 Boot (0x1200) (1fb55dec7513c7f491e54a7d97c33c02) \Device\Harddisk1\DR1\Partition0

17:15:10.0218 3692 \Device\Harddisk1\DR1\Partition0 - ok

17:15:10.0234 3692 ============================================================

17:15:10.0234 3692 Scan finished

17:15:10.0234 3692 ============================================================

17:15:10.0250 4936 Detected object count: 1

17:15:10.0250 4936 Actual detected object count: 1

17:15:15.0359 4936 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - will be cured on reboot

17:15:15.0375 4936 \Device\Harddisk0\DR0 - ok

17:15:15.0375 4936 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Cure

Link naar reactie
Delen op andere sites

Avg heeft niks gevonden :top:

Computer is veel sneller geworden :top:

André is je heel erg dankbaar, super :top:

---------- Post toegevoegd om 18:13 ---------- Vorige post was om 18:12 ----------

nog 1 vraagje, moet ik alle programma's staan laten of kan ik er een aantal verwijderen??

En is avg als bescherming qua virussen genoeg??

Nogmaals heel erg bedankt :top:

Link naar reactie
Delen op andere sites

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder TDSS Killer en Emsisoft Emergency Kit manueel.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Prestaties en Onderhoud -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

En ja, AVG zou - indien die via updates actueel gehouden worden - moeten volstaan als AV-programma.

Als dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.