Ga naar inhoud

hannibal1979

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    14

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door hannibal1979

  1. hannibal1979
    Hoi Asus, Als ik het goed begrijp, dan kun je de software (en printer) niet installeren op een computer met windows xp dus.... Dus eigenlijk, kan ik de printer beter door het raam gooien (heb je er toch nog 1 keer plezier van ) Bedankt voor jullie hulp!!!! groeten, André
  2. hannibal1979
    Ja heb windows-xp geselecteerd, en toen Software en driver met volledige functionaliteit voor HP Officejet en PSC en dan download je het volgende bestand: rw2_021_w02_nld En toen uitvoeren bestand, en daarna krijg ik die foutmelding.....
  3. hannibal1979
    Hoi Asus, Hp software gedelete...., Ccleaner gedraaid 2x, computer opnieuw opgestart, software geinstalleerd via jou link, maar krijg dan een foutmelding: Het systeem kan geen toegang krijgen tot het bestand...... Hoe kan dit??? gr andré
  4. hannibal1979
    Hoi, Ik heb een hp psc 1200 all-in-one printer gekregen. Windows xp heeft dat ding keurig herkent, en geinstalleerd, maar de printer zegt dat de cardrige's niet goed zijn terwijl die nog vrij nieuw zijn. Heb de cardrige's schoongemaakt, maar de printer geeft nog steeds een fout aan. Nu heb ik ook de orginele installatie cd, maar die kan ik niet installeren..... het wil gewoon niet... setup wil niet.. ik krijg de foutmelding: het systeem kan geen toegang krijgen tot het bestand. Heb via internet ook al geprobeerd, om software te downloaden, maar dat lukt ook niet. Op de orginele software, staat een schoonmaak programma voor de cardige's, vandaar dat ik de software nodig heb.... tenminste dat denk ik.... Heeft iemand een suggestie???? Groeten, André
  5. hannibal1979
    Ok, alle overbodige software verwijdert, avg nog een keer laten scannen, ccleaner gedraaid, alle problems gefixt. Dus volgens mij is alles ok Mag ik je nog heel hartelijk bedanken voor alle hulp.
  6. hannibal1979
    Avg heeft niks gevonden Computer is veel sneller geworden André is je heel erg dankbaar, super ---------- Post toegevoegd om 18:13 ---------- Vorige post was om 18:12 ---------- nog 1 vraagje, moet ik alle programma's staan laten of kan ik er een aantal verwijderen?? En is avg als bescherming qua virussen genoeg?? Nogmaals heel erg bedankt
  7. hannibal1979
    17:14:58.0796 2648 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27 17:14:58.0937 2648 ============================================================ 17:14:58.0937 2648 Current date / time: 2012/01/28 17:14:58.0937 17:14:58.0937 2648 SystemInfo: 17:14:58.0937 2648 17:14:58.0937 2648 OS Version: 5.1.2600 ServicePack: 3.0 17:14:58.0937 2648 Product type: Workstation 17:14:58.0937 2648 ComputerName: SYS10 17:14:58.0937 2648 UserName: Andre 17:14:58.0937 2648 Windows directory: C:\WINDOWS 17:14:58.0937 2648 System windows directory: C:\WINDOWS 17:14:58.0937 2648 Processor architecture: Intel x86 17:14:58.0937 2648 Number of processors: 2 17:14:58.0937 2648 Page size: 0x1000 17:14:58.0937 2648 Boot type: Normal boot 17:14:58.0937 2648 ============================================================ 17:14:59.0171 2648 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 17:14:59.0187 2648 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 17:14:59.0250 2648 Initialize success 17:15:00.0843 3692 ============================================================ 17:15:00.0843 3692 Scan started 17:15:00.0843 3692 Mode: Manual; 17:15:00.0843 3692 ============================================================ 17:15:02.0171 3692 2sxn2g.sys - ok 17:15:02.0187 3692 Abiosdsk - ok 17:15:02.0203 3692 abp480n5 - ok 17:15:02.0234 3692 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 17:15:02.0234 3692 ACPI - ok 17:15:02.0281 3692 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 17:15:02.0281 3692 ACPIEC - ok 17:15:02.0296 3692 adpu160m - ok 17:15:02.0328 3692 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 17:15:02.0328 3692 aec - ok 17:15:02.0375 3692 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 17:15:02.0390 3692 AFD - ok 17:15:02.0390 3692 Aha154x - ok 17:15:02.0406 3692 aic78u2 - ok 17:15:02.0421 3692 aic78xx - ok 17:15:02.0453 3692 AliIde - ok 17:15:02.0468 3692 amsint - ok 17:15:02.0484 3692 asc - ok 17:15:02.0515 3692 asc3350p - ok 17:15:02.0531 3692 asc3550 - ok 17:15:02.0609 3692 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 17:15:02.0609 3692 AsyncMac - ok 17:15:02.0625 3692 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 17:15:02.0625 3692 atapi - ok 17:15:02.0640 3692 Atdisk - ok 17:15:02.0671 3692 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 17:15:02.0671 3692 Atmarpc - ok 17:15:02.0734 3692 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 17:15:02.0734 3692 audstub - ok 17:15:02.0812 3692 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 17:15:02.0812 3692 AVGIDSDriver - ok 17:15:02.0828 3692 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys 17:15:02.0828 3692 AVGIDSEH - ok 17:15:02.0843 3692 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 17:15:02.0843 3692 AVGIDSFilter - ok 17:15:02.0859 3692 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 17:15:02.0859 3692 AVGIDSShim - ok 17:15:02.0875 3692 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 17:15:02.0875 3692 Avgldx86 - ok 17:15:02.0937 3692 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 17:15:02.0937 3692 Avgmfx86 - ok 17:15:02.0937 3692 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 17:15:02.0937 3692 Avgrkx86 - ok 17:15:02.0968 3692 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys 17:15:02.0968 3692 Avgtdix - ok 17:15:03.0031 3692 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys 17:15:03.0031 3692 BANTExt - ok 17:15:03.0078 3692 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 17:15:03.0078 3692 Beep - ok 17:15:03.0093 3692 catchme - ok 17:15:03.0156 3692 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 17:15:03.0156 3692 cbidf2k - ok 17:15:03.0171 3692 cd20xrnt - ok 17:15:03.0203 3692 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 17:15:03.0203 3692 Cdaudio - ok 17:15:03.0250 3692 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 17:15:03.0250 3692 Cdfs - ok 17:15:03.0296 3692 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 17:15:03.0312 3692 Cdrom - ok 17:15:03.0312 3692 Changer - ok 17:15:03.0359 3692 CmdIde - ok 17:15:03.0390 3692 Cpqarray - ok 17:15:03.0406 3692 dac2w2k - ok 17:15:03.0421 3692 dac960nt - ok 17:15:03.0515 3692 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 17:15:03.0515 3692 Disk - ok 17:15:03.0578 3692 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 17:15:03.0578 3692 dmboot - ok 17:15:03.0593 3692 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 17:15:03.0593 3692 dmio - ok 17:15:03.0609 3692 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 17:15:03.0609 3692 dmload - ok 17:15:03.0671 3692 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 17:15:03.0671 3692 DMusic - ok 17:15:03.0718 3692 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys 17:15:03.0718 3692 dot4 - ok 17:15:03.0750 3692 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys 17:15:03.0750 3692 Dot4Print - ok 17:15:03.0765 3692 dot4usb (f48841c737d7dc9610bf5f49a76c2ed1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys 17:15:03.0765 3692 dot4usb - ok 17:15:03.0812 3692 dpti2o - ok 17:15:03.0968 3692 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 17:15:03.0968 3692 drmkaud - ok 17:15:04.0125 3692 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 17:15:04.0125 3692 Fastfat - ok 17:15:04.0140 3692 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 17:15:04.0140 3692 Fdc - ok 17:15:04.0156 3692 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 17:15:04.0156 3692 Fips - ok 17:15:04.0171 3692 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 17:15:04.0171 3692 Flpydisk - ok 17:15:04.0218 3692 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 17:15:04.0234 3692 FltMgr - ok 17:15:04.0265 3692 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:15:04.0265 3692 Fs_Rec - ok 17:15:04.0281 3692 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 17:15:04.0281 3692 Ftdisk - ok 17:15:04.0328 3692 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys 17:15:04.0328 3692 gagp30kx - ok 17:15:04.0390 3692 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 17:15:04.0390 3692 Gpc - ok 17:15:04.0406 3692 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 17:15:04.0406 3692 HDAudBus - ok 17:15:04.0453 3692 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 17:15:04.0453 3692 HidUsb - ok 17:15:04.0468 3692 hpn - ok 17:15:04.0515 3692 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 17:15:04.0515 3692 HTTP - ok 17:15:04.0531 3692 i2omgmt - ok 17:15:04.0546 3692 i2omp - ok 17:15:04.0578 3692 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 17:15:04.0578 3692 i8042prt - ok 17:15:04.0625 3692 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 17:15:04.0625 3692 Imapi - ok 17:15:04.0687 3692 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys 17:15:04.0687 3692 InCDfs - ok 17:15:04.0687 3692 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys 17:15:04.0687 3692 InCDPass - ok 17:15:04.0734 3692 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys 17:15:04.0734 3692 InCDrec - ok 17:15:04.0750 3692 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys 17:15:04.0750 3692 incdrm - ok 17:15:04.0796 3692 ini910u - ok 17:15:04.0953 3692 IntcAzAudAddService (001aaca6ed0e6b00fc5b8faf74977e81) C:\WINDOWS\system32\drivers\RtkHDAud.sys 17:15:04.0984 3692 IntcAzAudAddService - ok 17:15:05.0000 3692 IntelIde - ok 17:15:05.0062 3692 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 17:15:05.0062 3692 Ip6Fw - ok 17:15:05.0078 3692 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:15:05.0093 3692 IpFilterDriver - ok 17:15:05.0140 3692 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 17:15:05.0140 3692 IpInIp - ok 17:15:05.0171 3692 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 17:15:05.0171 3692 IpNat - ok 17:15:05.0187 3692 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 17:15:05.0187 3692 IPSec - ok 17:15:05.0203 3692 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys 17:15:05.0203 3692 irda - ok 17:15:05.0218 3692 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 17:15:05.0218 3692 IRENUM - ok 17:15:05.0281 3692 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys 17:15:05.0281 3692 irsir - ok 17:15:05.0343 3692 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 17:15:05.0343 3692 isapnp - ok 17:15:05.0375 3692 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 17:15:05.0375 3692 Kbdclass - ok 17:15:05.0406 3692 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 17:15:05.0406 3692 kmixer - ok 17:15:05.0453 3692 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 17:15:05.0453 3692 KSecDD - ok 17:15:05.0484 3692 lbrtfdc - ok 17:15:05.0531 3692 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 17:15:05.0531 3692 MBAMProtector - ok 17:15:05.0609 3692 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 17:15:05.0609 3692 mnmdd - ok 17:15:05.0656 3692 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 17:15:05.0656 3692 Modem - ok 17:15:05.0687 3692 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 17:15:05.0687 3692 Mouclass - ok 17:15:05.0750 3692 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 17:15:05.0750 3692 mouhid - ok 17:15:05.0796 3692 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 17:15:05.0796 3692 MountMgr - ok 17:15:05.0828 3692 mraid35x - ok 17:15:05.0875 3692 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 17:15:05.0875 3692 MRxDAV - ok 17:15:05.0937 3692 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:15:05.0937 3692 MRxSmb - ok 17:15:05.0984 3692 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 17:15:05.0984 3692 Msfs - ok 17:15:06.0046 3692 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 17:15:06.0046 3692 MSKSSRV - ok 17:15:06.0062 3692 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 17:15:06.0062 3692 MSPCLOCK - ok 17:15:06.0093 3692 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 17:15:06.0093 3692 MSPQM - ok 17:15:06.0171 3692 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 17:15:06.0171 3692 mssmbios - ok 17:15:06.0218 3692 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 17:15:06.0234 3692 Mup - ok 17:15:06.0296 3692 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 17:15:06.0296 3692 NDIS - ok 17:15:06.0359 3692 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:15:06.0359 3692 NdisTapi - ok 17:15:06.0390 3692 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 17:15:06.0390 3692 Ndisuio - ok 17:15:06.0421 3692 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:15:06.0421 3692 NdisWan - ok 17:15:06.0484 3692 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 17:15:06.0484 3692 NDProxy - ok 17:15:06.0531 3692 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 17:15:06.0531 3692 NetBIOS - ok 17:15:06.0578 3692 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 17:15:06.0578 3692 NetBT - ok 17:15:06.0625 3692 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 17:15:06.0625 3692 Npfs - ok 17:15:06.0656 3692 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 17:15:06.0656 3692 Ntfs - ok 17:15:06.0734 3692 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 17:15:06.0734 3692 Null - ok 17:15:06.0859 3692 nv (c82f94077e2497e6685da208e2f75b43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 17:15:06.0890 3692 nv - ok 17:15:07.0015 3692 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 17:15:07.0015 3692 NwlnkFlt - ok 17:15:07.0031 3692 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 17:15:07.0031 3692 NwlnkFwd - ok 17:15:07.0078 3692 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 17:15:07.0078 3692 Parport - ok 17:15:07.0093 3692 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 17:15:07.0093 3692 PartMgr - ok 17:15:07.0125 3692 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 17:15:07.0125 3692 ParVdm - ok 17:15:07.0140 3692 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 17:15:07.0140 3692 PCI - ok 17:15:07.0156 3692 PCIDump - ok 17:15:07.0187 3692 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 17:15:07.0187 3692 PCIIde - ok 17:15:07.0218 3692 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 17:15:07.0218 3692 Pcmcia - ok 17:15:07.0218 3692 PDCOMP - ok 17:15:07.0234 3692 PDFRAME - ok 17:15:07.0265 3692 PDRELI - ok 17:15:07.0281 3692 PDRFRAME - ok 17:15:07.0296 3692 perc2 - ok 17:15:07.0312 3692 perc2hib - ok 17:15:07.0375 3692 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 17:15:07.0375 3692 PptpMiniport - ok 17:15:07.0390 3692 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys 17:15:07.0390 3692 Processor - ok 17:15:07.0484 3692 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 17:15:07.0484 3692 Ptilink - ok 17:15:07.0703 3692 ql1080 - ok 17:15:07.0781 3692 Ql10wnt - ok 17:15:08.0000 3692 ql12160 - ok 17:15:08.0046 3692 ql1240 - ok 17:15:08.0078 3692 ql1280 - ok 17:15:08.0140 3692 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:15:08.0140 3692 RasAcd - ok 17:15:08.0234 3692 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 17:15:08.0234 3692 Rasirda - ok 17:15:08.0359 3692 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 17:15:08.0359 3692 Rasl2tp - ok 17:15:08.0390 3692 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:15:08.0406 3692 RasPppoe - ok 17:15:08.0437 3692 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 17:15:08.0437 3692 Raspti - ok 17:15:08.0453 3692 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:15:08.0453 3692 Rdbss - ok 17:15:08.0468 3692 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 17:15:08.0468 3692 RDPCDD - ok 17:15:08.0531 3692 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 17:15:08.0531 3692 RDPWD - ok 17:15:08.0593 3692 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 17:15:08.0593 3692 redbook - ok 17:15:08.0640 3692 RTL8023xp (c8b370b2b520ac1b8bc66203fcec73db) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 17:15:08.0656 3692 RTL8023xp - ok 17:15:08.0703 3692 SampleScanner (9d68bbedac2c3744724f6a99cc42d8e1) C:\WINDOWS\system32\DRIVERS\ArtecGT.sys 17:15:08.0703 3692 SampleScanner - ok 17:15:08.0765 3692 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 17:15:08.0765 3692 Secdrv - ok 17:15:08.0890 3692 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 17:15:08.0890 3692 serenum - ok 17:15:08.0906 3692 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 17:15:08.0906 3692 Serial - ok 17:15:08.0937 3692 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 17:15:08.0953 3692 Sfloppy - ok 17:15:08.0968 3692 Simbad - ok 17:15:08.0984 3692 Sparrow - ok 17:15:09.0046 3692 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 17:15:09.0046 3692 splitter - ok 17:15:09.0062 3692 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 17:15:09.0062 3692 sr - ok 17:15:09.0109 3692 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 17:15:09.0109 3692 Srv - ok 17:15:09.0187 3692 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 17:15:09.0187 3692 swenum - ok 17:15:09.0203 3692 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 17:15:09.0203 3692 swmidi - ok 17:15:09.0218 3692 symc810 - ok 17:15:09.0234 3692 symc8xx - ok 17:15:09.0250 3692 sym_hi - ok 17:15:09.0265 3692 sym_u3 - ok 17:15:09.0281 3692 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 17:15:09.0281 3692 sysaudio - ok 17:15:09.0359 3692 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 17:15:09.0359 3692 Tcpip - ok 17:15:09.0390 3692 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 17:15:09.0390 3692 TDPIPE - ok 17:15:09.0406 3692 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 17:15:09.0406 3692 TDTCP - ok 17:15:09.0437 3692 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 17:15:09.0437 3692 TermDD - ok 17:15:09.0453 3692 TosIde - ok 17:15:09.0500 3692 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 17:15:09.0500 3692 Udfs - ok 17:15:09.0500 3692 ultra - ok 17:15:09.0562 3692 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 17:15:09.0562 3692 Update - ok 17:15:09.0625 3692 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 17:15:09.0625 3692 usbccgp - ok 17:15:09.0640 3692 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 17:15:09.0640 3692 usbehci - ok 17:15:09.0687 3692 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 17:15:09.0687 3692 usbhub - ok 17:15:09.0703 3692 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 17:15:09.0703 3692 usbprint - ok 17:15:09.0750 3692 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 17:15:09.0750 3692 usbscan - ok 17:15:09.0781 3692 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 17:15:09.0781 3692 USBSTOR - ok 17:15:09.0796 3692 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 17:15:09.0796 3692 usbuhci - ok 17:15:09.0812 3692 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 17:15:09.0812 3692 VgaSave - ok 17:15:09.0828 3692 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 17:15:09.0828 3692 ViaIde - ok 17:15:09.0859 3692 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 17:15:09.0875 3692 VolSnap - ok 17:15:09.0921 3692 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 17:15:09.0921 3692 Wanarp - ok 17:15:09.0921 3692 WDICA - ok 17:15:09.0953 3692 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 17:15:09.0953 3692 wdmaud - ok 17:15:10.0046 3692 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 17:15:10.0046 3692 WS2IFSL - ok 17:15:10.0078 3692 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 17:15:10.0078 3692 WudfPf - ok 17:15:10.0125 3692 xcpip - ok 17:15:10.0156 3692 xpsec - ok 17:15:10.0187 3692 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0 17:15:10.0187 3692 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected 17:15:10.0187 3692 \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0) 17:15:10.0203 3692 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk1\DR1 17:15:10.0203 3692 \Device\Harddisk1\DR1 - ok 17:15:10.0218 3692 Boot (0x1200) (edec404b5c96b1520157f53843553935) \Device\Harddisk0\DR0\Partition0 17:15:10.0218 3692 \Device\Harddisk0\DR0\Partition0 - ok 17:15:10.0218 3692 Boot (0x1200) (1fb55dec7513c7f491e54a7d97c33c02) \Device\Harddisk1\DR1\Partition0 17:15:10.0218 3692 \Device\Harddisk1\DR1\Partition0 - ok 17:15:10.0234 3692 ============================================================ 17:15:10.0234 3692 Scan finished 17:15:10.0234 3692 ============================================================ 17:15:10.0250 4936 Detected object count: 1 17:15:10.0250 4936 Actual detected object count: 1 17:15:15.0359 4936 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - will be cured on reboot 17:15:15.0375 4936 \Device\Harddisk0\DR0 - ok 17:15:15.0375 4936 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Cure
  8. hannibal1979
    ComboFix 12-01-28.01 - Andre 28-01-2012 13:04:56.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2046.1502 [GMT 1:00] Gestart vanuit: c:\documents and settings\Andre\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Andre\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . FILE :: "c:\windows\system32\drivers\g2jlzbab.sys" "c:\windows\system32\drivers\kwreymd.sys" "d:\fxdrv32.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_FXDRV32 -------\Legacy_G2JLZBAB.SYS -------\Service_alef -------\Service_FXDrv32 -------\Service_g2jlzbab.sys . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-28 to 2012-01-28 )))))))))))))))))))))))))))))) . . 2012-01-27 23:42 . 2012-01-28 12:02 -------- d--h--r- c:\documents and settings\Andre\Onlangs geopend 2012-01-27 21:12 . 2012-01-27 21:12 -------- d-----w- c:\documents and settings\Andre\Local Settings\Application Data\WinZip 2012-01-27 00:53 . 2012-01-27 23:41 -------- d-----w- c:\documents and settings\Andre\Application Data\ScanSpyware 2012-01-24 21:40 . 2012-01-24 21:42 -------- dc-h--w- c:\windows\ie8 2012-01-23 21:49 . 2012-01-23 21:49 -------- d-----w- c:\documents and settings\Andre\Local Settings\Application Data\Mozilla 2012-01-13 21:24 . 2012-01-13 21:24 -------- d-----w- c:\program files\Nuria 2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-12 22:42 . 2011-12-12 22:42 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2011-12-12 22:42 . 2011-12-12 22:42 1060864 ----a-w- c:\windows\system32\mfc71.dll 2011-12-10 14:24 . 2010-02-12 22:43 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-25 21:57 . 2007-03-01 12:31 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2007-03-01 12:31 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2007-03-01 12:34 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:22 . 2007-03-01 12:35 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:22 . 2007-03-01 12:31 152064 ----a-w- c:\windows\system32\schannel.dll 2011-11-04 19:13 . 2007-03-01 12:31 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2007-03-01 12:33 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2007-03-01 12:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2007-03-01 12:33 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2007-03-01 12:34 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2007-03-01 12:31 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:07 . 2007-03-01 12:31 1288192 ----a-w- c:\windows\system32\ole32.dll 2004-10-01 14:00 . 2008-01-18 13:41 40960 ----a-w- c:\program files\Uninstall_CDS.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-01-27_23.25.46 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-28 12:11 . 2012-01-28 12:11 16384 c:\windows\Temp\Perflib_Perfdata_f90.dat + 2012-01-28 11:43 . 2012-01-28 11:43 119744 c:\windows\system32\FNTCACHE.DAT - 2012-01-27 20:47 . 2012-01-27 20:47 119744 c:\windows\system32\FNTCACHE.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nuria"="c:\program files\Nuria\Nuria.exe" [2011-08-24 1706496] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Agrovision taakplanner"="i:\progra~1\AGROVI~1\Ibms\CMVTaak.exe" [2011-12-21 2720512] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-17 7700480] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "Malwarebytes' Anti-Malware"="c:\program files\andre\mbamgui.exe" [2011-12-24 460872] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "i:\\Program Files\\Agrovision\\Ibms\\IBMS.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13-9-2010 16:27 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7-9-2010 3:48 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-9-2010 3:48 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7-9-2010 3:49 295248] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 6:09 192776] R2 MBAMService;MBAMService;c:\program files\andre\mbamservice.exe [12-2-2010 23:56 652872] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19-8-2010 21:42 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19-8-2010 21:42 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19-8-2010 21:42 16720] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12-2-2010 23:43 20464] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S2 SampleScanner;USB-Flachbettscanner;c:\windows\system32\drivers\ArtecGT.sys [21-2-2008 22:50 18120] S3 2sxn2g.sys;2sxn2g.sys;\??\c:\windows\system32\drivers\2sxn2g.sys --> c:\windows\system32\drivers\2sxn2g.sys [?] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - xcpip . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hetnet.nl/ TCP: DhcpNameServer = 192.168.1.254 DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-28 13:18 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3204) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\program files\Ahead\InCD\InCDsrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\program files\AVG\AVG2012\avgemcx.exe c:\windows\system32\nvsvc32.exe . ************************************************************************** . Voltooingstijd: 2012-01-28 13:20:55 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-28 12:20 ComboFix2.txt 2012-01-28 12:02 ComboFix3.txt 2012-01-27 23:26 . Pre-Run: 211.477.147.648 bytes beschikbaar Post-Run: 211.465.560.064 bytes beschikbaar . - - End Of File - - D97CDE5E6E379E621373B374D14915CA ---------- Post toegevoegd om 14:00 ---------- Vorige post was om 13:59 ---------- Avg gestart, virus nog aanwezig
  9. hannibal1979
    ComboFix 12-01-27.01 - Andre 28-01-2012 0:22.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2046.1443 [GMT 1:00] Gestart vanuit: c:\documents and settings\Andre\Bureaublad\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Andre\Application Data\Ufzi c:\documents and settings\Andre\Application Data\Ufzi\wier.yzs c:\documents and settings\Andre\Application Data\Uzihu c:\documents and settings\Andre\Application Data\Uzihu\weboa.exe c:\windows\system32\PowerToyReadme.htm c:\windows\system32\run.bat c:\windows\system32\SET78.tmp c:\windows\system32\SET7A.tmp c:\windows\system32\SET7E.tmp c:\windows\system32\SET86.tmp c:\windows\system32\Thumbs.db I:\Autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-27 to 2012-01-27 )))))))))))))))))))))))))))))) . . 2012-01-27 21:12 . 2012-01-27 21:12 -------- d-----w- c:\documents and settings\Andre\Local Settings\Application Data\WinZip 2012-01-27 00:53 . 2012-01-27 00:53 -------- d-----w- c:\documents and settings\Andre\Application Data\ScanSpyware 2012-01-27 00:53 . 2012-01-27 00:53 -------- d-----w- c:\program files\ScanSpyware 2012-01-27 00:53 . 2008-09-07 16:22 8704 ----a-w- c:\windows\system32\ssbtsr.exe 2012-01-26 22:43 . 2012-01-27 22:37 -------- d--h--r- c:\documents and settings\Andre\Onlangs geopend 2012-01-24 21:40 . 2012-01-24 21:42 -------- dc-h--w- c:\windows\ie8 2012-01-23 21:49 . 2012-01-23 21:49 -------- d-----w- c:\documents and settings\Andre\Local Settings\Application Data\Mozilla 2012-01-13 21:24 . 2012-01-13 21:24 -------- d-----w- c:\program files\Nuria 2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-12 22:42 . 2011-12-12 22:42 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2011-12-12 22:42 . 2011-12-12 22:42 1060864 ----a-w- c:\windows\system32\mfc71.dll 2011-12-10 14:24 . 2010-02-12 22:43 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-25 21:57 . 2007-03-01 12:31 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2007-03-01 12:31 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2007-03-01 12:34 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:22 . 2007-03-01 12:35 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:22 . 2007-03-01 12:31 152064 ----a-w- c:\windows\system32\schannel.dll 2011-11-04 19:13 . 2007-03-01 12:31 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2007-03-01 12:33 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2007-03-01 12:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2007-03-01 12:33 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2007-03-01 12:34 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2007-03-01 12:31 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:07 . 2007-03-01 12:31 1288192 ----a-w- c:\windows\system32\ole32.dll 2004-10-01 14:00 . 2008-01-18 13:41 40960 ----a-w- c:\program files\Uninstall_CDS.exe 2011-12-21 08:03 . 2012-01-23 21:48 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nuria"="c:\program files\Nuria\Nuria.exe" [2011-08-24 1706496] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Agrovision taakplanner"="i:\progra~1\AGROVI~1\Ibms\CMVTaak.exe" [2011-12-21 2720512] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-17 7700480] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "Malwarebytes' Anti-Malware"="c:\program files\andre\mbamgui.exe" [2011-12-24 460872] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "i:\\Program Files\\Agrovision\\Ibms\\IBMS.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13-9-2010 16:27 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7-9-2010 3:48 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-9-2010 3:48 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7-9-2010 3:49 295248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 6:09 192776] R2 MBAMService;MBAMService;c:\program files\andre\mbamservice.exe [12-2-2010 23:56 652872] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19-8-2010 21:42 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19-8-2010 21:42 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19-8-2010 21:42 16720] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12-2-2010 23:43 20464] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S0 alef;alef;c:\windows\system32\drivers\kwreymd.sys --> c:\windows\system32\drivers\kwreymd.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248] S2 SampleScanner;USB-Flachbettscanner;c:\windows\system32\drivers\ArtecGT.sys [21-2-2008 22:50 18120] S3 2sxn2g.sys;2sxn2g.sys;\??\c:\windows\system32\drivers\2sxn2g.sys --> c:\windows\system32\drivers\2sxn2g.sys [?] S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?] S3 g2jlzbab.sys;g2jlzbab.sys;\??\c:\windows\system32\drivers\g2jlzbab.sys --> c:\windows\system32\drivers\g2jlzbab.sys [?] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hetnet.nl/ TCP: DhcpNameServer = 192.168.1.254 DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\Andre\Application Data\Mozilla\Firefox\Profiles\mmqcvu7e.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-28 00:25 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-01-28 00:26:59 ComboFix-quarantined-files.txt 2012-01-27 23:26 . Pre-Run: 211.279.798.272 bytes beschikbaar Post-Run: 211.490.885.632 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - E29E013ABAD583986813B0D9FDB508D5 ---------- Post toegevoegd om 00:35 ---------- Vorige post was om 00:30 ---------- Avg opnieuw laten scannen, maar het virus is nog steeds aanwezig volgens avg...... Bedankt voor je reactie !!!!!!
  10. hannibal1979
    ik probeer het "even" Bedankt voor alle hulp
  11. hannibal1979
    ja nog steeds het zelfde virus, maar is nog aan het scannen C:\WINDOWS\System32\services.exe (724) :memory_00d60000 Trojaans paard PSW.Agent.ASOI ---------- Post toegevoegd om 00:06 ---------- Vorige post was om 23:54 ---------- Scan is voltooid, en geeft aan dat ie het niet kan verwijderen of in quarantaine kan plaatsen. Kan de map wel vinden, waar het virus in zit, maar kan/mag ik deze verwijderen?? Of heb ik weer domme ideeen??
  12. hannibal1979
    Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 27-1-2012 22:33:29 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\, I:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 27-1-2012 22:34:24 C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt Ontdekt: Trace.TrackingCookie.com!A2 C:\Documents and Settings\Andre\Application Data\Sun\Java\Deployment\cache\6.0\0\10b2ee80-28f2365f/Update.class Ontdekt: Exploit.Java.Blacole!IK C:\Documents and Settings\Andre\Application Data\Sun\Java\Deployment\cache\6.0\18\73555b52-122afe23/Update.class Ontdekt: Exploit.Java.CVE-2011!IK C:\Documents and Settings\Andre\LimeWire Saved\Nieuwe map (2)\Nieuwe map\Nieuwe map (2)\houston gangbang 500 - anal sex, groupsex,.mpg Ontdekt: Trojan-Clicker.ASX.Wimad!IK C:\TDSSKiller_Quarantine\13.12.2011_00.33.22\mbr0000\mbr0000\tsk0000.dta Ontdekt: Trojan.DOS.Sinowal!IK Gescand Bestanden: 181822 Sporen: 463751 Cookies: 163 Processen: 33 Gevonden Bestanden: 4 Sporen: 0 Cookies: 1 Processen: 0 Registersleutels: 0 Scan Geëindigd: 27-1-2012 23:32:25 Scantijd: 0:58:01 C:\TDSSKiller_Quarantine\13.12.2011_00.33.22\mbr0000\mbr0000\tsk0000.dta Verwijderd Trojan.DOS.Sinowal!IK C:\Documents and Settings\Andre\LimeWire Saved\Nieuwe map (2)\Nieuwe map\Nieuwe map (2)\houston gangbang 500 - anal sex, groupsex,.mpg Verwijderd Trojan-Clicker.ASX.Wimad!IK C:\Documents and Settings\Andre\Application Data\Sun\Java\Deployment\cache\6.0\18\73555b52-122afe23/Update.class Verwijderd Exploit.Java.CVE-2011!IK C:\Documents and Settings\Andre\Application Data\Sun\Java\Deployment\cache\6.0\0\10b2ee80-28f2365f/Update.class Verwijderd Exploit.Java.Blacole!IK C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt Verwijderd Trace.TrackingCookie.com!A2 Verwijderd Bestanden: 4 Sporen: 0 Cookies: 1
  13. hannibal1979
    Malwarebyte gedraaid voor de 2e keer, maar zegt niks gevonden te hebben, alleen avg geeft aan dat ie er nog wel is......
  14. hannibal1979
    Hallo, Avg geeft aan dat ik een trojaans paard PSW.agent.ASOI heb hijackthis gedaan, en dit kwam eruit. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:56:53, on 26-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\andre\mbamservice.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe I:\PROGRA~1\AGROVI~1\Ibms\CMVTaak.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\andre\mbamgui.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nuria\Nuria.exe C:\Program Files\AVG\AVG2012\avgui.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\andre\mbam.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.live.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Net - Het Net heet voortaan KPN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O4 - HKLM\..\Run: [Agrovision taakplanner] I:\PROGRA~1\AGROVI~1\Ibms\CMVTaak.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\andre\mbamgui.exe" /starttray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Nuria] C:\Program Files\Nuria\Nuria.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} - http://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/MSNPUpld.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\andre\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4113 bytes Ben nu bezig met antimalware van malwarebytes, maar dat duurt nog ff. heb al eerder animalware gedaan, en computer opnieuw opgestart, maar probleem is nog niet verholpen. Iemand????
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.