Ook al Conhost.exe

[xJennifx]

oke, bij TDSS bij die scan, moet dan bij allebei het vakje staan aangekruist, en dan start scan?

Dus bij Services and Drivers & Boot Sectors.

[kape]

oke, bij TDSS bij die scan, moet dan bij allebei het vakje staan aangekruist, en dan start scan?

Dus bij Services and Drivers & Boot Sectors.

Klopt inderdaad, alletwee aangevinkt en dan scannen.

[xJennifx]

ik heb de TDSS killer scan gedaan.

En nog geen last gehad van conhost.

Hier is het logje:

2011/09/01 18:33:49.0187 0232 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57

2011/09/01 18:33:49.0625 0232 ================================================================================

2011/09/01 18:33:49.0625 0232 SystemInfo:

2011/09/01 18:33:49.0625 0232

2011/09/01 18:33:49.0625 0232 OS Version: 5.1.2600 ServicePack: 2.0

2011/09/01 18:33:49.0625 0232 Product type: Workstation

2011/09/01 18:33:49.0625 0232 ComputerName: DAE2D78565B9407

2011/09/01 18:33:49.0625 0232 UserName: _

2011/09/01 18:33:49.0625 0232 Windows directory: C:\WINDOWS

2011/09/01 18:33:49.0625 0232 System windows directory: C:\WINDOWS

2011/09/01 18:33:49.0625 0232 Processor architecture: Intel x86

2011/09/01 18:33:49.0625 0232 Number of processors: 1

2011/09/01 18:33:49.0625 0232 Page size: 0x1000

2011/09/01 18:33:49.0625 0232 Boot type: Normal boot

2011/09/01 18:33:49.0625 0232 ================================================================================

2011/09/01 18:33:51.0796 0232 Initialize success

2011/09/01 18:34:11.0656 0704 ================================================================================

2011/09/01 18:34:11.0656 0704 Scan started

2011/09/01 18:34:11.0656 0704 Mode: Manual;

2011/09/01 18:34:11.0656 0704 ================================================================================

2011/09/01 18:34:13.0218 0704 ACPI (12139c5b5d7366e54ef3029c65b8ca97) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/09/01 18:34:13.0312 0704 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/09/01 18:34:13.0468 0704 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys

2011/09/01 18:34:13.0546 0704 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys

2011/09/01 18:34:13.0625 0704 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys

2011/09/01 18:34:14.0015 0704 asuskbnt (f5c2ccdb273a546e9c3a15250f1d9165) C:\WINDOWS\system32\drivers\atkkbnt.sys

2011/09/01 18:34:14.0125 0704 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/09/01 18:34:14.0171 0704 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/09/01 18:34:14.0296 0704 ati2mtag (185773dfbb89b62d856f077c6c58fbe3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

2011/09/01 18:34:14.0484 0704 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/09/01 18:34:14.0578 0704 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/09/01 18:34:14.0640 0704 AVGIDSDriver (c403e7f715bb0a851a9dfae16ec4ae42) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

2011/09/01 18:34:14.0687 0704 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

2011/09/01 18:34:14.0765 0704 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

2011/09/01 18:34:14.0828 0704 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

2011/09/01 18:34:14.0875 0704 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

2011/09/01 18:34:14.0937 0704 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

2011/09/01 18:34:14.0984 0704 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

2011/09/01 18:34:15.0046 0704 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

2011/09/01 18:34:15.0125 0704 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/09/01 18:34:15.0218 0704 BthEnum (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys

2011/09/01 18:34:15.0312 0704 BTHMODEM (9df0adf74ce1d6371ed60cf92eb1d9a6) C:\WINDOWS\system32\DRIVERS\bthmodem.sys

2011/09/01 18:34:15.0390 0704 BthPan (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys

2011/09/01 18:34:15.0562 0704 BTHPORT (9ff1251afdb3406104e67196c7abb3a8) C:\WINDOWS\system32\Drivers\BTHport.sys

2011/09/01 18:34:15.0718 0704 BTHUSB (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys

2011/09/01 18:34:15.0796 0704 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/09/01 18:34:15.0890 0704 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/09/01 18:34:16.0078 0704 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/09/01 18:34:16.0171 0704 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/09/01 18:34:16.0250 0704 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/09/01 18:34:16.0421 0704 cmudau (3462d6de7de30c07740b150e9a357a68) C:\WINDOWS\system32\drivers\cmudau.sys

2011/09/01 18:34:16.0515 0704 CoachUsb (fafa3c99864e9df18cb68725bbcf7bca) C:\WINDOWS\system32\DRIVERS\CoachUsb.sys

2011/09/01 18:34:16.0562 0704 CoachVid (7aefe82c02d4933cee4b7cb78c409845) C:\WINDOWS\system32\DRIVERS\CoachVid.sys

2011/09/01 18:34:16.0703 0704 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys

2011/09/01 18:34:16.0859 0704 DCamUSBIntel (5f8366eae94bb1d13cf152431a691add) C:\WINDOWS\system32\Drivers\TP6800.sys

2011/09/01 18:34:17.0046 0704 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/09/01 18:34:17.0140 0704 dmboot (d9542b70560cda5c4f5e62b1eed412cd) C:\WINDOWS\system32\drivers\dmboot.sys

2011/09/01 18:34:17.0234 0704 dmio (b5f7ac6bb9445e9c59e0686fe52a47e8) C:\WINDOWS\system32\drivers\dmio.sys

2011/09/01 18:34:17.0296 0704 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/09/01 18:34:17.0375 0704 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

2011/09/01 18:34:17.0500 0704 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/09/01 18:34:17.0578 0704 EIO (50a9ff679e3cde1023d3ec81a4123f71) C:\WINDOWS\system32\drivers\EIO.sys

2011/09/01 18:34:17.0656 0704 ElbyCDIO (aaa8999a169e39fb8b48ae49cd6ac30a) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

2011/09/01 18:34:17.0703 0704 ElbyDelay (e205c313417da6fa7afe85912a310a65) C:\WINDOWS\system32\Drivers\ElbyDelay.sys

2011/09/01 18:34:17.0781 0704 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/09/01 18:34:17.0843 0704 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/09/01 18:34:17.0890 0704 Fips (dac8cab287a959c2f717d3748177374b) C:\WINDOWS\system32\drivers\Fips.sys

2011/09/01 18:34:17.0937 0704 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/09/01 18:34:18.0000 0704 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2011/09/01 18:34:18.0046 0704 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/09/01 18:34:18.0109 0704 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/09/01 18:34:18.0156 0704 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2011/09/01 18:34:18.0187 0704 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/09/01 18:34:18.0265 0704 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/09/01 18:34:18.0406 0704 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/09/01 18:34:18.0578 0704 i8042prt (ddb567b5fe32d917a34b98de50b3c923) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/09/01 18:34:18.0640 0704 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/09/01 18:34:18.0718 0704 IntelIde (133b243ee5ccc607686a5648b807542d) C:\WINDOWS\system32\DRIVERS\intelide.sys

2011/09/01 18:34:18.0796 0704 intelppm (17f6ae3cb6b478c6054e2e894a6d89bf) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/09/01 18:34:18.0843 0704 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2011/09/01 18:34:18.0921 0704 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/09/01 18:34:18.0984 0704 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/09/01 18:34:19.0031 0704 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/09/01 18:34:19.0093 0704 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/09/01 18:34:19.0156 0704 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/09/01 18:34:19.0203 0704 isapnp (fd298ad13acb19fc43b627aca0806231) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/09/01 18:34:19.0265 0704 JL2005 (e120182410e64825ddaaa102a019edb1) C:\WINDOWS\system32\Drivers\toywdm.sys

2011/09/01 18:34:19.0421 0704 Kbdclass (59549e9180ce29d832289e1a1d9e3c60) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/09/01 18:34:19.0500 0704 kbdhid (6b97674104b15a2dd135f7b365223194) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2011/09/01 18:34:19.0562 0704 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys

2011/09/01 18:34:19.0656 0704 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/09/01 18:34:19.0843 0704 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2011/09/01 18:34:19.0953 0704 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/09/01 18:34:20.0031 0704 Modem (7151be7fe5bd6671bf8ab745c419a42e) C:\WINDOWS\system32\drivers\Modem.sys

2011/09/01 18:34:20.0078 0704 Mouclass (0ff36ca1ac0b7d2e46c291d30b516df1) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/09/01 18:34:20.0156 0704 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/09/01 18:34:20.0218 0704 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/09/01 18:34:20.0312 0704 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/09/01 18:34:20.0406 0704 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/09/01 18:34:20.0484 0704 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

2011/09/01 18:34:20.0546 0704 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/09/01 18:34:20.0578 0704 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/09/01 18:34:20.0640 0704 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/09/01 18:34:20.0718 0704 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/09/01 18:34:20.0796 0704 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/09/01 18:34:20.0859 0704 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys

2011/09/01 18:34:20.0906 0704 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

2011/09/01 18:34:20.0968 0704 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/09/01 18:34:21.0046 0704 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

2011/09/01 18:34:21.0093 0704 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/09/01 18:34:21.0156 0704 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/09/01 18:34:21.0234 0704 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/09/01 18:34:21.0281 0704 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/09/01 18:34:21.0312 0704 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/09/01 18:34:21.0359 0704 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/09/01 18:34:21.0421 0704 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/09/01 18:34:21.0531 0704 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

2011/09/01 18:34:21.0578 0704 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/09/01 18:34:21.0656 0704 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/09/01 18:34:21.0703 0704 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/09/01 18:34:21.0750 0704 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/09/01 18:34:21.0828 0704 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys

2011/09/01 18:34:21.0921 0704 P17 (1db419cb76493f6292ccfbdc3466f5ff) C:\WINDOWS\system32\drivers\P17.sys

2011/09/01 18:34:22.0015 0704 Parport (83a120f43a1424d9c51701fd91d3bc8e) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/09/01 18:34:22.0078 0704 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/09/01 18:34:22.0140 0704 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/09/01 18:34:22.0218 0704 PCI (3060407163c2daf8b0dbc878c3052cf0) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/09/01 18:34:22.0312 0704 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/09/01 18:34:22.0453 0704 Pcmcia (8673108cad88d629ba0f7758ec5b1924) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/09/01 18:34:22.0546 0704 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys

2011/09/01 18:34:22.0953 0704 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/09/01 18:34:22.0984 0704 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/09/01 18:34:23.0062 0704 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/09/01 18:34:23.0125 0704 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/09/01 18:34:23.0375 0704 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/09/01 18:34:23.0453 0704 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/09/01 18:34:23.0531 0704 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/09/01 18:34:23.0546 0704 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/09/01 18:34:23.0593 0704 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/09/01 18:34:23.0640 0704 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/09/01 18:34:23.0734 0704 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/09/01 18:34:23.0875 0704 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/09/01 18:34:23.0937 0704 redbook (7bb9c58a13323f5edc89c88f98c80cba) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/09/01 18:34:24.0046 0704 RFCOMM (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys

2011/09/01 18:34:24.0125 0704 RT25USBAP (05691b0b52575c057e5ac35242e5d231) C:\WINDOWS\system32\DRIVERS\rt25usbap.sys

2011/09/01 18:34:24.0281 0704 RTL8023xp (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys

2011/09/01 18:34:24.0390 0704 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

2011/09/01 18:34:24.0500 0704 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/09/01 18:34:24.0578 0704 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/09/01 18:34:24.0640 0704 Serial (97e86d03d082d369cb025113b4b7b781) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/09/01 18:34:24.0734 0704 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/09/01 18:34:24.0843 0704 simsbus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\simsbus.sys

2011/09/01 18:34:24.0921 0704 simsprt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\simsprt.sys

2011/09/01 18:34:25.0015 0704 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/09/01 18:34:25.0171 0704 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys

2011/09/01 18:34:25.0281 0704 sptd (d390675b8ce45e5fb359338e5e649329) C:\WINDOWS\system32\Drivers\sptd.sys

2011/09/01 18:34:25.0281 0704 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329

2011/09/01 18:34:25.0296 0704 sptd - detected LockedFile.Multi.Generic (1)

2011/09/01 18:34:25.0359 0704 sr (a859c2da6b06024c9b4d995b90fe8175) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/09/01 18:34:25.0437 0704 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/09/01 18:34:25.0578 0704 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/09/01 18:34:25.0609 0704 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/09/01 18:34:25.0671 0704 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

2011/09/01 18:34:25.0843 0704 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/09/01 18:34:25.0921 0704 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys

2011/09/01 18:34:26.0015 0704 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/09/01 18:34:26.0187 0704 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/09/01 18:34:26.0234 0704 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/09/01 18:34:26.0296 0704 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/09/01 18:34:26.0421 0704 toshidpt (62c57e7411b5f20980e70530ca69d5a7) C:\WINDOWS\system32\drivers\Toshidpt.sys

2011/09/01 18:34:26.0531 0704 tosporte (e46fb54be8a2a395fe96633b838baafe) C:\WINDOWS\system32\DRIVERS\tosporte.sys

2011/09/01 18:34:26.0625 0704 Tosrfbd (07fb801d43f3ece221d4a33fda485bc2) C:\WINDOWS\system32\Drivers\tosrfbd.sys

2011/09/01 18:34:26.0703 0704 Tosrfbnp (fe200eece7521061cdad658c6ee4f341) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

2011/09/01 18:34:26.0765 0704 Tosrfcom (d185be751021bcf1e5d58566d408314a) C:\WINDOWS\system32\Drivers\tosrfcom.sys

2011/09/01 18:34:26.0859 0704 Tosrfhid (37bcbccc4a71abbeaee90fd25e1132b2) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

2011/09/01 18:34:26.0953 0704 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

2011/09/01 18:34:27.0031 0704 TosRfSnd (b5518adb2b0029ff95d22e8e7336f49f) C:\WINDOWS\system32\drivers\TosRfSnd.sys

2011/09/01 18:34:27.0093 0704 Tosrfusb (65598d886bdaeae0c1d3cddc454c8383) C:\WINDOWS\system32\Drivers\tosrfusb.sys

2011/09/01 18:34:27.0203 0704 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

2011/09/01 18:34:27.0328 0704 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys

2011/09/01 18:34:27.0484 0704 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys

2011/09/01 18:34:27.0593 0704 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys

2011/09/01 18:34:27.0656 0704 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/09/01 18:34:27.0718 0704 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/09/01 18:34:27.0765 0704 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/09/01 18:34:27.0890 0704 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2011/09/01 18:34:27.0968 0704 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/09/01 18:34:28.0046 0704 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/09/01 18:34:28.0109 0704 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/09/01 18:34:28.0187 0704 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

2011/09/01 18:34:28.0296 0704 VolSnap (4d90d2768b7d0902b011bf6707b10423) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/09/01 18:34:28.0375 0704 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/09/01 18:34:28.0500 0704 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/09/01 18:34:28.0671 0704 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2011/09/01 18:34:28.0812 0704 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/09/01 18:34:28.0875 0704 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/09/01 18:34:28.0937 0704 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/09/01 18:34:29.0078 0704 MBR (0x1B8) (1697c108e3da1941fd3795c70782c3ac) \Device\Harddisk0\DR0

2011/09/01 18:34:29.0093 0704 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)

2011/09/01 18:34:29.0093 0704 Boot (0x1200) (765d90e7caa848ad6efa004df6d8485a) \Device\Harddisk0\DR0\Partition0

2011/09/01 18:34:29.0125 0704 ================================================================================

2011/09/01 18:34:29.0125 0704 Scan finished

2011/09/01 18:34:29.0125 0704 ================================================================================

2011/09/01 18:34:29.0140 3668 Detected object count: 2

2011/09/01 18:34:29.0140 3668 Actual detected object count: 2

2011/09/01 18:35:09.0734 3668 LockedFile.Multi.Generic(sptd) - User select action: Skip

2011/09/01 18:35:09.0750 3668 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot

2011/09/01 18:35:09.0765 3668 \Device\Harddisk0\DR0 - ok

2011/09/01 18:35:09.0765 3668 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure

2011/09/01 18:35:34.0828 2888 Deinitialize success

[kape]

ik heb de TDSS killer scan gedaan.

En nog geen last gehad van conhost.

Dan ben je er nu ook definitief van verlost

Doe nog even het volgende :

Verwijder del.bat en TDSS-killer.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Prestaties en Onderhoud -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

Als dit alles probleemloos is verlopen, mag je hieronder op "opgelost" tokkelen !

[xJennifx]

Bedankt

Hoe kan het dat opeens meerdere mensen met hetzelfde te maken hebben??

[Gast SWAT4]

Mogelijkerwijs een erratum door AVG zelf.

[kape]

Hoe kan het dat opeens meerdere mensen met hetzelfde te maken hebben??

Het is een Rootkit ... maar het blijft altijd een beetje koffiedik kijken om te weten hoe die op je PC is terechtgekomen.

Belangrijkste is dat hij er nu ook weer af is xD

[xJennifx]

oke, heel erg bedankt ik zal hem nu op Opgelost zetten.