Trojan VB.JV en Harnig.s

Argh, als ik de contents wil posten zegt IE dat dat niet kan!

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0x8EC0C000 C:\Windows\system32\DRIVERS\atikmdag.sys 6701056 bytes (ATI Technologies Inc., ATI Radeon Kernel Mode Driver)
0x81A4B000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x81A4B000 PnpManager 3903488 bytes
0x81A4B000 RAW 3903488 bytes
0x81A4B000 WMIxWDM 3903488 bytes
0x97A10000 Win32k 2109440 bytes
0x97A10000 C:\Windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8AA06000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x82203000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8068F000 PCI_PNP7932 995328 bytes
0x8068F000 C:\Windows\System32\Drivers\spra.sys 995328 bytes
0x8068F000 sptd 995328 bytes
0x8A804000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x804D2000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0x9FC89000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x9F401000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x8F270000 C:\Windows\System32\drivers\dxgkrnl.sys 651264 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8FAAF000 C:\Windows\system32\DRIVERS\netr28u.sys 638976 bytes (Ralink Technology Corp., Ralink 802.11n Wireless Adapter Driver)
0x8F31B000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x8F631000 C:\Windows\system32\DRIVERS\rdpdr.sys 561152 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0x80606000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x820E6000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x80408000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x9F4B1000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x8FA09000 C:\Windows\system32\drivers\csc.sys 372736 bytes (Microsoft Corporation, Windows Client Side Caching Driver)
0x9FC34000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x97C60000 C:\Windows\System32\ATMFD.DLL 311296 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x82005000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8F8C6000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x807B1000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80491000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x82157000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8F768000 C:\Windows\system32\drivers\HdAudio.sys 258048 bytes (Microsoft Corporation, High Definition Audio Function Driver)
0x8F3B3000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8F977000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x8A950000 C:\Windows\system32\DRIVERS\atikmpag.sys 241664 bytes (Advanced Micro Devices, Inc., AMD multi-vendor Miniport Driver)
0x82339000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x82397000 C:\Windows\System32\Drivers\aouchkfj.SYS 233472 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x9F5A9000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8AB16000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8F718000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x81A18000 ACPI_HAL 208896 bytes
0x81A18000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8209A000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x8F90E000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x823D0000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x8F7A7000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8230E000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8F6D7000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x8F9BD000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x9FD86000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x9FC0C000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8AB66000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x805B2000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x8078B000 C:\Windows\System32\Drivers\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8F7D4000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8AB8D000 C:\Windows\System32\DRIVERS\fvevol.sys 147456 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x8F803000 C:\Windows\system32\DRIVERS\MpFilter.sys 143360 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0x821C5000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8ABC2000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x9F569000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x8F849000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x9F58A000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x8207C000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x9F51E000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x8A8EE000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8FBAB000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x8A9C6000 C:\Windows\system32\DRIVERS\serial.sys 106496 bytes (Microsoft Corporation, Serial Device Driver)
0x9F53B000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8A98B000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x9F5E2000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x82374000 C:\Windows\system32\DRIVERS\parport.sys 98304 bytes (Microsoft Corporation, Parallel Port Driver)
0x8A9A3000 C:\Windows\system32\DRIVERS\Rtlh86.sys 98304 bytes (Realtek Corporation , Realtek 8101E/8168/8169 NDIS6 32-bit Driver )
0x8FA64000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x821A3000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x8FB4B000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x8F940000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x8F89C000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x9F554000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8F61C000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8F608000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8F8B2000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8A9EA000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x8FBE8000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8F964000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8ABB1000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x8FB81000 C:\Windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x8F757000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80478000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x820CC000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8FA84000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x8FBCE000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x82064000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8F6BA000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8A941000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x8FB9C000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8AB57000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x805D9000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x821E8000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8F3F1000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x805E8000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x97C50000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8F956000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8F885000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x82056000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8FB61000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x8F70B000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x80682000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x9FD71000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8F83D000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8F30F000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x8FB6E000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x8A9BB000 C:\Windows\system32\DRIVERS\fdc.sys 45056 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0x8238C000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x8F6CA000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8F87A000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x821BA000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x82198000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8A92D000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8F3A8000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8FB92000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8F74D000 C:\Windows\system32\DRIVERS\flpydisk.sys 40960 bytes (Microsoft Corporation, Floppy Driver)
0x8F701000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8FBDE000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8F9B3000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x820DC000 C:\Windows\System32\Drivers\PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0x9FD67000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x8A9E0000 C:\Windows\system32\DRIVERS\serenum.sys 40960 bytes (Microsoft Corporation, Serial Port Enumerator)
0x8FAA5000 C:\Windows\system32\DRIVERS\usbprint.sys 40960 bytes (Microsoft Corporation, USB Printer driver)
0x9FD7D000 C:\Windows\system32\DRIVERS\asyncmac.sys 36864 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0x8ABE3000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8F826000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x8FA7B000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x9FDAE000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x8F893000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x97C30000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8A938000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x80782000 C:\Windows\System32\Drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x82074000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80489000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8FB79000 C:\Windows\System32\Drivers\dump_atapi.sys 32768 bytes
0x8FA9D000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x807F7000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8F86A000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8F872000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8AB4F000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8F836000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8FA94000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x8F82F000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x9FC82000 C:\Windows\system32\DRIVERS\parvdm.sys 28672 bytes (Microsoft Corporation, VDM Parallel Driver)
0x8204F000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x8EC00000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x8672D000 C:\Windows\system32\kdcom.dll 12288 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x8F6D5000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8FA9B000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0x852F41F8 unknown_irp_handler 3592 bytes
0x8825B1F8 unknown_irp_handler 3592 bytes
0x852F31F8 unknown_irp_handler 3592 bytes
0x868B51F8 unknown_irp_handler 3592 bytes
0x867061F8 unknown_irp_handler 3592 bytes
0x870061F8 unknown_irp_handler 3592 bytes
0x86FEC1F8 unknown_irp_handler 3592 bytes
0x8689D1F8 unknown_irp_handler 3592 bytes
0x852F11F8 unknown_irp_handler 3592 bytes
0x866B51F8 unknown_irp_handler 3592 bytes
0x877B01F8 unknown_irp_handler 3592 bytes
!!!!!!!!!!!Hidden driver: 0x864E4292 ?_empty_? 3438 bytes
0x8670D500 unknown_irp_handler 2816 bytes
0x877F5500 unknown_irp_handler 2816 bytes
==============================================
>Stealth
==============================================
0x82074000 WARNING: suspicious driver modification [atapi.sys::0x864E4292]
WARNING: File locked for read access [C:\Windows\system32\drivers\sptd.sys]

Ik krijg dds.txt op een of andere rare manier niet gepost.

Ik krijg de hele tijd de melding dat IE de webpage niet kan laten zien.

[ Voor 218% gewijzigd door Christian_Ku op 16-10-2010 21:46 ]

OK, dat ging op een of andere manier beter. Geen idee waarom ik niet kon posten maar is toch gelukt.

Hier en daar zitten er rare entries in de DDS log (de laatste post dus, niet de eerste zoals je voorstelde, ging mis met posten zoals gezegd). Maar om jullie oog zo neutraal mogelijk te houden en zelf geen stomme dingen te zeggen zal ik dat nog even niet posten.

DDS (Ver_10-10-10.03) - NTFSx86
Run by Christian at 21:37:46,00 on za 16-10-2010
Internet Explorer: 8.0.6001.18975
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.31.1033.18.3326.2117 [GMT 2:00]

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Users\CHRIST~1\AppData\Local\Temp\Eq1.exe
C:\Windows\Ejyfyb.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\conime.exe
C:\Users\Christian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\svchost.exe -k wdisvc
C:\Users\CHRIST~1\AppData\Local\Temp\Eq6.exe
C:\Users\Christian\Desktop\dds.com
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: : {2cb825f0-650b-42cc-812f-68acecb79563} - c:\windows\system32\dlo6a94.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\christian\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Metropolis] rundll32.exe c:\windows\system32\sshnas21.dll,GetHandle
uRun: [KOO9RV9K4Z] c:\users\christ~1\appdata\local\temp\Eq1.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

============= SERVICES / DRIVERS ===============

R?2 ghuandyi;Floppy Disk Controller Helper;c:\windows\system32\svchost.exe -k netsvcs [2010-9-24 21504]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-8-26 176128]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-8-26 6380032]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-8-26 221696]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2010-9-18 604160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-10-16 15:44:27 729600 ----a-w- c:\windows\system32\dlo6A94.dll
2010-10-16 15:44:27 0 ----a-w- c:\windows\system32\dlo6A94.tmp
2010-10-16 15:41:53 212992 ----a-w- c:\windows\Ejyfyb.exe
2010-10-16 15:32:18 212992 ----a-w- c:\windows\Ejyfya.exe
2010-10-16 15:31:57 237568 ----a-w- c:\windows\system32\sshnas21.dll
2010-10-16 11:33:38 -------- d-----w- c:\users\christ~1\appdata\local\SKIDROW
2010-10-16 10:24:30 -------- d-----w- c:\windows\system32\Adobe
2010-10-16 10:05:36 -------- d-----w- c:\windows\system32\appmgmt
2010-10-16 09:43:57 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-10-16 09:43:57 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-10-16 09:43:55 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-10-16 09:43:54 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-10-16 09:41:52 -------- d-----w- c:\windows\system32\AGEIA
2010-10-16 09:41:44 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-10-16 09:33:06 -------- d-----w- c:\windows\system32\vi-VN
2010-10-16 09:33:06 -------- d-----w- c:\windows\system32\eu-ES
2010-10-16 09:33:06 -------- d-----w- c:\windows\system32\ca-ES
2010-10-16 09:30:57 6084944 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{6ef02abc-005d-41be-87c6-96841bc2c0dc}\mpengine.dll
2010-10-16 09:22:22 -------- d-----w- c:\windows\system32\EventProviders
2010-10-14 19:20:30 -------- d-----w- c:\program files\Sid Meier's Civilization V
2010-10-14 18:48:17 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-14 18:48:16 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-14 18:48:13 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-14 18:48:13 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-14 18:48:13 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-14 18:48:12 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-14 18:48:12 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-14 18:48:03 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-14 18:48:03 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2010-10-14 18:46:50 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-14 18:45:51 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-14 18:45:50 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-14 18:45:47 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-14 18:45:27 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-14 18:43:35 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-11 19:13:18 -------- d-----w- c:\users\christian\Office Genuine Advantage
2010-10-09 15:07:54 -------- d-----w- c:\users\christ~1\appdata\local\My Games
2010-10-09 15:00:59 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2010-10-04 21:36:37 -------- d-----w- c:\progra~2\F-Secure
2010-10-04 21:11:17 -------- d-----w- c:\progra~2\regid.1986-12.com.adobe
2010-10-04 20:57:45 -------- d-----w- c:\progra~2\ALM
2010-10-04 20:43:13 -------- d-----w- c:\program files\My Company Name
2010-10-04 20:43:13 -------- d-----w- c:\program files\common files\PX Storage Engine
2010-10-02 14:50:14 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-29 14:37:34 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 14:37:28 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-09-29 14:37:27 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-09-27 20:57:44 2826240 ----a-w- c:\windows\system32\GPhotos.scr
2010-09-26 20:33:15 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

[ Voor 75% gewijzigd door Christian_Ku op 16-10-2010 21:49 ]

2010-09-26 20:33:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-26 20:32:46 -------- d-----w- c:\users\christ~1\appdata\roaming\DAEMON Tools Lite
2010-09-26 20:32:44 -------- d-----w- c:\progra~2\DAEMON Tools Lite
2010-09-26 20:17:26 -------- d-----w- c:\users\christ~1\appdata\local\Adobe
2010-09-26 13:56:59 958464 ----a-w- c:\program files\microsoft games\minesweeper\MineSweeper.exe
2010-09-26 13:55:59 612864 ----a-w- c:\windows\system32\rdpencom.dll
2010-09-26 13:54:59 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2010-09-26 12:32:19 72704 ----a-w- c:\windows\system32\admparse.dll
2010-09-26 12:22:30 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-09-26 12:16:20 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-26 12:16:20 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-26 12:16:20 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-26 12:16:20 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-26 12:16:20 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-26 12:13:45 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-09-26 12:13:38 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2010-09-26 12:13:36 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-26 12:13:35 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-26 12:12:14 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-09-26 12:12:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-09-26 12:12:14 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-09-26 12:12:00 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-09-26 12:11:59 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-09-26 12:11:57 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2010-09-26 12:11:55 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2010-09-26 12:11:49 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-09-26 12:11:48 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2010-09-26 12:11:43 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-09-26 12:11:43 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-09-26 12:11:39 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-26 12:11:30 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-26 12:11:29 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-09-26 12:10:48 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-26 12:10:40 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-09-26 11:36:46 -------- d-----w- C:\PerfLogs
2010-09-25 14:42:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-09-25 14:42:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-09-25 14:42:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-09-25 14:42:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-09-25 14:42:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-09-25 14:42:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-09-25 14:42:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-09-24 05:03:06 2730536 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\default\MpEngine.dll
2010-09-24 05:01:59 92160 ----a-w- c:\windows\system32\wlancfg.dll
2010-09-24 05:00:59 87552 ----a-w- c:\windows\system32\msoert2.dll
2010-09-24 04:59:52 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2010-09-24 04:59:52 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2010-09-24 04:59:50 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2010-09-24 04:59:50 129536 ----a-w- c:\windows\system32\sqmapi.dll
2010-09-24 04:59:42 35328 ----a-w- c:\windows\system32\mspatcha.dll
2010-09-24 04:59:42 305152 ----a-w- c:\windows\system32\msdelta.dll
2010-09-24 04:59:42 258560 ----a-w- c:\windows\system32\dpx.dll
2010-09-23 20:23:01 -------- d-----w- c:\program files\VideoLAN
2010-09-23 20:21:14 165376 ----a-w- c:\windows\system32\unrar.dll
2010-09-23 20:21:10 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-23 20:09:46 -------- d-----w- c:\users\christ~1\appdata\local\Apple Computer
2010-09-23 20:06:49 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-09-23 20:06:48 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-23 20:05:05 -------- d-----w- c:\program files\iPod
2010-09-23 20:05:04 -------- d-----w- c:\program files\iTunes
2010-09-23 20:05:04 -------- d-----w- c:\progra~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-23 19:58:11 -------- d-----w- c:\users\christ~1\appdata\local\Apple
2010-09-23 19:45:42 -------- d-----w- c:\program files\Bonjour

2010-09-19 21:07:12 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-09-19 21:07:12 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-09-19 21:05:32 714240 ----a-w- c:\windows\system32\timedate.cpl
2010-09-19 21:03:52 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
2010-09-19 21:03:51 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
2010-09-19 21:02:49 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2010-09-19 21:00:56 623616 ----a-w- c:\windows\system32\localspl.dll
2010-09-19 20:59:06 9728 ----a-w- c:\windows\system32\lsass.exe
2010-09-19 20:59:06 72704 ----a-w- c:\windows\system32\secur32.dll
2010-09-19 20:59:06 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-09-19 20:59:06 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-09-19 20:59:06 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-09-19 20:59:06 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-09-19 20:57:27 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-09-19 20:57:27 220672 ----a-w- c:\windows\system32\l3codecp.acm
2010-09-19 20:56:43 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-09-19 20:56:43 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-09-19 20:56:43 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-09-19 20:56:43 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-09-19 20:55:35 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-09-19 20:54:06 37888 ----a-w- c:\windows\system32\printcom.dll
2010-09-19 20:53:08 14848 ----a-w- c:\windows\system32\wshrm.dll
2010-09-19 20:49:36 84480 ----a-w- c:\windows\system32\INETRES.dll
2010-09-19 20:49:18 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-09-19 20:48:30 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2010-09-19 20:47:45 243712 ----a-w- c:\windows\system32\rastls.dll
2010-09-19 20:47:25 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-09-19 20:45:09 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-09-19 20:45:09 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-09-19 20:45:09 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-09-19 20:45:09 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-09-19 20:45:09 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-09-19 20:45:09 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-09-19 20:45:09 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-09-19 20:45:08 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-09-19 20:45:08 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-09-19 20:45:08 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-09-19 20:44:38 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-09-19 20:44:13 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-09-19 20:44:13 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2010-09-19 20:07:31 -------- d-----w- c:\users\christ~1\appdata\local\Microsoft Help
2010-09-19 19:54:02 -------- d-----w- c:\program files\SABnzbd
2010-09-19 19:39:10 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-09-19 19:39:10 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-09-19 19:39:10 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-09-18 19:55:09 -------- d-----w- c:\windows\Panther
2010-09-18 19:54:54 -------- d-sh--w- C:\Boot
2010-09-18 10:28:34 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-09-18 10:28:09 98304 ----a-w- c:\windows\system32\cabview.dll
2010-09-18 10:21:19 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2010-09-18 10:21:10 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-09-18 10:13:59 0 ----a-w- c:\windows\ativpsrm.bin
2010-09-18 10:11:57 -------- d-sh--w- c:\windows\Installer
2010-09-18 10:11:48 -------- d-----w- c:\program files\ATI Technologies
2010-09-18 10:11:45 -------- d-----w- c:\program files\ATI
2010-09-18 10:11:22 -------- d-----w- C:\ATI
2010-09-18 10:09:03 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-09-18 10:09:02 -------- d-----w- c:\users\christ~1\appdata\local\Google
2010-09-18 10:08:50 -------- d-----w- c:\users\christ~1\appdata\local\Apps
2010-09-18 10:08:49 -------- d-----w- c:\users\christ~1\appdata\local\Deployment
2010-09-18 10:08:41 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-09-18 10:08:31 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-09-18 10:08:31 171608 ----a-w- c:\windows\system32\wuwebv.dll
2010-09-18 10:07:41 604160 ----a-w- c:\windows\system32\drivers\netr28u.sys
2010-09-18 09:58:26 70144 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNBPP3.DLL

==================== Find3M ====================

2010-09-25 14:59:14 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-09-25 14:59:11 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-09-20 21:22:59 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2010-09-19 20:52:46 43520 ----a-w- c:\windows\system32\msdxm.tlb
2010-09-19 20:50:44 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2010-09-08 09:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04:36 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-08-26 02:01:14 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-26 02:01:04 528384 ----a-w- c:\windows\system32\aticfx32.dll
2010-08-26 01:57:58 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-26 01:57:32 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-08-26 01:57:04 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-08-26 01:55:58 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-08-26 01:55:48 15830016 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-26 01:55:42 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-26 01:55:32 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-26 01:55:26 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-08-26 01:55:18 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-26 01:52:22 3914240 ----a-w- c:\windows\system32\atidxx32.dll
2010-08-26 01:34:36 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-26 01:34:26 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-26 01:33:52 4032512 ----a-w- c:\windows\system32\atiumdag.dll
2010-08-26 01:33:08 4375552 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-26 01:27:56 65536 ----a-w- c:\windows\system32\coinst.dll
2010-08-26 01:25:58 3392000 ----a-w- c:\windows\system32\atiumdva.dll
2010-08-26 01:21:16 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-26 01:21:06 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-08-26 01:21:00 19968 ----a-w- c:\windows\system32\atigktxx.dll
2010-08-26 01:20:08 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-08-26 01:19:56 28160 ----a-w- c:\windows\system32\atiu9pag.dll
2010-08-26 01:19:36 23040 ----a-w- c:\windows\system32\atitmpxx.dll
2010-08-26 01:13:16 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-26 01:13:16 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-10 15:53:15 274944 ----a-w- c:\windows\system32\schannel.dll
2010-07-27 16:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 16:44:10 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-07-27 16:44:10 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 16:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 21:39:13,67 ===============

WOEHOE, eindelijk gelukt...zo hee, dat ging niet vanzelf!

(*@&$(^$@$, ik krijg ook bij pastebin voortdurend het 'connection problem' probleem. In tussen ben ik er al zo'n 8 uur mee bezig denk ik (wel met pauzes natuurlijk) en deze computer is net een maand met nieuwe vista. Op zich ben ik geneigd de handdoek in de ring te gaan gooien.

Gammo, alvast enorm bedankt, mocht je nog snel reageren dan wil ik het nog wel proberen want het is nogal frustrerend dat ik op een of andere manier niet die file inhoud kan posten?!?! Ik snap daar niks van. Een nieuwe install is ook zo gepiept namelijk.

Nou, schiet mij maar dood, computer opnieuw geinstalleerd. Ging best vlot, MSE gedownload en BAM, gevaar!!!!, de trojan DOS/Alureon.A zit kennelijk nog ergens verstopt, ik denk in de MBR.

Bij dezen:

DDS

RKUnhookerLE

En hij bevindt zich volgens MSE hier: boot:\Device\Harddisk0\DR0

[ Voor 9% gewijzigd door Christian_Ku op 17-10-2010 12:19 ]