• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

SVP Nakijken

Status
Niet open voor verdere reacties.
C

chucky1962

Gewaardeerd
Lid geworden
9 okt 2009
Berichten
1.293
Waarderingsscore
0
mijn pc is traag misschien dat er iets te vinden is.

[hjt]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:56, on 17-6-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\alwil software\avast5\avastsvc.exe
c:\windows\explorer.exe
c:\windows\system32\spoolsv.exe
c:\windows\system32\svchost.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\google\update\googleupdate.exe
c:\program files\common files\logishrd\lvcomser\lvcomser.exe
c:\program files\common files\logishrd\lcommgr\communications_helper.exe
c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe
c:\program files\logitech\quickcam\quickcam.exe
c:\windows\system32\rundll32.exe
c:\program files\nero\nero8\nero backitup\nbservice.exe
c:\program files\hp\hp software update\hpwuschd2.exe
c:\program files\alwil software\avast5\avastui.exe
c:\program files\common files\java\java update\jusched.exe
c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe
c:\program files\common files\nero\lib\nmindexstoresvr.exe
c:\windows\system32\svchost.exe
c:\windows\system32\ioctlsvc.exe
c:\windows\system32\svchost.exe
c:\program files\auslogics\auslogics disk defrag\diskdefrag.exe
c:\program files\microsoft\search enhancement pack\seaport\seaport.exe
c:\windows\system32\ctfmon.exe
o:\programma's\alcohol 120\alcohol 120\starwind\starwindservice.exe
c:\windows\system32\svchost.exe
c:\program files\tuneup utilities 2011\tuneuputilitiesservice32.exe
c:\program files\hp\digital imaging\bin\hpqtra08.exe
c:\windows\system32\uaservice7.exe
c:\program files\logitech\setpoint\setpoint.exe
c:\program files\openoffice.org 3\program\soffice.exe
c:\program files\common files\logishrd\lqcvfx\cocimanager.exe
c:\program files\openoffice.org 3\program\soffice.bin
c:\program files\malwarebytes' anti-malware\mbam.exe
c:\program files\common files\logishrd\khal2\khalmnpr.exe
c:\program files\tuneup utilities 2011\tuneuputilitiesapp32.exe
c:\program files\common files\logishrd\lvcomser\lvcomser.exe
c:\program files\common files\nero\lib\nmindexingservice.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\windows live\contacts\wlcomm.exe
c:\program files\trend micro\hijackthis\hijackthis.exe

r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.ziggo.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant = [noparse]http://search.babylon.com/?babsrc=sp_ss&q={searchterms}&mntrid=8c6fd113000000000000002215cf2062&tlver=1.4.19.19&affid=17160[/noparse]
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
o3 - toolbar: (no name) - {10edb994-47f8-43f7-ae96-f2ea63e9f90f} - (no file)
o4 - hklm\..\run: [zbrowser launcher] c:\program files\logitech\itouch\itouch.exe
o4 - hklm\..\run: [logitechcommunicationsmanager] c:\program files\common files\logishrd\lcommgr\communications_helper.exe
o4 - hklm\..\run: [logitechquickcamribbon] c:\program files\logitech\quickcam\quickcam.exe /hide
o4 - hklm\..\run: [bluetoothauthenticationagent] rundll32.exe bthprops.cpl,,bluetoothauthenticationagent
o4 - hklm\..\run: [nbkeyscan] c:\program files\nero\nero8\nero backitup\nbkeyscan.exe
o4 - hklm\..\run: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
o4 - hklm\..\run: [hp software update] c:\program files\hp\hp software update\hpwuschd2.exe
o4 - hklm\..\run: [kernel and hardware abstraction layer] khalmnpr.exe
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [adobe arm] c:\program files\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [avast5] c:\program files\alwil software\avast5\avastui.exe /nogui
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\common files\java\java update\jusched.exe
o4 - hkcu\..\run: [ldm] c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe
o4 - hkcu\..\run: [indxstoresvr_{79662e04-7c6c-4d9f-84c7-88d8a56b10aa}] c:\program files\common files\nero\lib\nmindexstoresvr.exe aso-616b5711-6dae-4795-a05f-39a1e5104020
o4 - hkcu\..\run: [auslogics disk defrag] c:\program files\auslogics\auslogics disk defrag\diskdefrag.exe -usetray
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [360amigo] c:\program files\360amigo\360amigo.exe -autorun
o4 - startup: openoffice.org 3.3 .lnk = c:\program files\openoffice.org 3\program\quickstart.exe
o4 - global startup: hp digital imaging monitor.lnk = c:\program files\hp\digital imaging\bin\hpqtra08.exe
o4 - global startup: logitech desktop messenger.lnk = c:\program files\logitech\desktop messenger\8876480\program\ldmconf.exe
o4 - global startup: logitech setpoint.lnk = c:\program files\logitech\setpoint\setpoint.exe
o8 - extra context menu item: e&xporteren naar microsoft excel - res://c:\progra~1\micros~3\office12\excel.exe/3000
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~3\office12\refiebar.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o16 - dpf: {34dc6011-88b5-4ea9-ba7a-dc7b4f4437fe} (jordanuploader class) - [noparse]http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab[/noparse]
o16 - dpf: {3ea4fa88-e0be-419a-a732-9b79b87a6ed0} (ctvuaxctrl object) - [noparse]http://dl.tvunetworks.com/tvuax.cab[/noparse]
o16 - dpf: {6414512b-b978-451d-a0d8-fcfdf33e833c} (wuwebcontrol class) - [noparse]http://update.microsoft.com/microsoftupdate/v6/v5controls/en/x86/client/wuweb_site.cab?1233353893171[/noparse]
o16 - dpf: {67dabfbf-d0ab-41fa-9c46-cc0f21721616} - [noparse]http://download.divx.com/player/divxbrowserplugin.cab[/noparse]
o16 - dpf: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (muwebcontrol class) - [noparse]http://update.microsoft.com/microsoftupdate/v6/v5controls/en/x86/client/muweb_site.cab?1233353867015[/noparse]
o16 - dpf: {8feff364-6a5f-4966-a917-a3ac28411659} (sopcore control) - [noparse]http://download.sopcast.cn/download/sopcore.cab[/noparse]
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - [noparse]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/noparse]
o16 - dpf: {e2883e8f-472f-4fb0-9522-ac9bf37916a7} (get_atlcom class) - [noparse]http://platformdl.adobe.com/nos/getplusplus/1.6/gp.cab[/noparse]
o18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~1\common~1\skype\skype4~1.dll
o22 - sharedtaskscheduler: preloader van browseui - {438755c2-a8ba-11d1-b96b-00a0c90312e1} - c:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: cache-daemon voor onderdeelcategorien - {8c7461ef-2b13-11d2-be35-3078302c2030} - c:\windows\system32\browseui.dll
o23 - service: avast! antivirus - avast software - c:\program files\alwil software\avast5\avastsvc.exe
o23 - service: google updateservice (gupdate) (gupdate) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: logitech bluetooth service (lbtserv) - logitech, inc. - c:\program files\common files\logishrd\bluetooth\lbtserv.exe
o23 - service: lvcomser - logitech inc. - c:\program files\common files\logishrd\lvcomser\lvcomser.exe
o23 - service: process monitor (lvprcsrv) - logitech inc. - c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe
o23 - service: lvsrvlauncher - logitech inc. - c:\program files\common files\logishrd\srvlnch\srvlnch.exe
o23 - service: nero backitup scheduler 3 - nero ag - c:\program files\nero\nero8\nero backitup\nbservice.exe
o23 - service: nmindexingservice - nero ag - c:\program files\common files\nero\lib\nmindexingservice.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
o23 - service: plflash deviceiocontrol service - prolific technology inc. - c:\windows\system32\ioctlsvc.exe
o23 - service: servicelayer - unknown owner - c:\program files\pc connectivity solution\servicelayer.exe (file missing)
o23 - service: starwind iscsi service (starwindservice) - rocket division software - o:\programma's\alcohol 120\alcohol 120\starwind\starwindservice.exe
o23 - service: tuneup utilities service (tuneup.utilitiessvc) - tuneup software - c:\program files\tuneup utilities 2011\tuneuputilitiesservice32.exe
o23 - service: securom user access service (v7) (useraccess7) - unknown owner - c:\windows\system32\uaservice7.exe
--
end of file - 10626 bytes

[/hjt]

Malwarebytes log volgt
 
Hoi Jos - wacht even met MBAM!

Doe alles wat ik hieronder heb genoteerd:

1) Welk programma: MBRCheck.exe
Waarvoor/waarom: speciale scan op mbr-rootkits
Moeilijkheidsgraad: geen.
Download MBRCheck.exe

MBRCheck.exe opstarten:
Windows 2000 en Windows XP: start "MBRCheck.exe" middels dubbelklik op "MBRCheck.exe".
Windows Vista en Windows 7: start "MBRCheck.exe" middels rechtsklik op "MBRCheck.exe" en dan kiezen voor "Als Administrator uitvoeren".

  • een zwart scherm toont zich met enkele data erin.
  • Op je bureaublad zal een logbestand met de naam "MBRcheckxxxx.txt" verschijnen.
  • Kopieer nu de inhoud van dat log in je volgende post.


2) [Welk programma: Kaspersky TDSSKiller
Waarvoor/waarom: Rootkitscanner
Moeilijkheidsgraad: geen
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
Download TDSSKiller hier.

Installatie:
  • pak het bestand uit op je bureaublad.

TDSSKiller gebruiken:
  • Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
  • Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor Als Administrator uitvoeren.
  • Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.
4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg


  • Klik vervolgens op de knop "Start Scan" en volg de instructies.
  • Nadat de scan klaar is klik je op de knop "Report".
  • Er opent een kladblokbestand. Post de inhoud van dit bestand.
    • Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).
    • Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt


3) MBAM reeds ge-installeerd:

Welk programma: Malwarebytes MBAM
Waarvoor/waarom: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.

Malwarebytes MBAM opstarten:
Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

Belangrijk: MBAM altijd eerst updaten!
  • Klik in het hoofdmenu van daarvoor op de tab 'Update' en vervolgens op de knop "Controleer op updates".
Scannen:
  • Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
  • Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
  • Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
Infecties gevonden:
  • Klik nu eerst op OK om de melding weg te klikken
  • Klik vervolgens rechtsonder op de knop Bekijk resultaten.
  • Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven dan telkens op 'OK' klikken!
  • Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.
MBAM-Log:
  • Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.
Post aansluitend de inhoud van het MBAM-log.


Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:
  • MBRCheck-log
  • TDSSKiller-log
  • MBAM scanlog
  • laat ook weten wanneer je ergens een probleem mee hebt
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000fffc

Kernel Drivers (total 147):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E6000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB80A8000 46281862.sys
0xB7EB4000 sphg.sys
0xB85AA000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xB7E9C000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xB7E75000 Vax347b.sys
0xB7E46000 ACPI.sys
0xB7E35000 pci.sys
0xB80B8000 isapnp.sys
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80C8000 MountMgr.sys
0xB7E16000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7DF0000 dmio.sys
0xB8330000 PartMgr.sys
0xB80D8000 VolSnap.sys
0xB7DD8000
0xB85AE000 Vax347s.sys
0xB80E8000 disk.sys
0xB80F8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7DB8000 fltmgr.sys
0xB7DA6000 sr.sys
0xB7D8F000 KSecDD.sys
0xB7D7C000 WudfPf.sys
0xB7CEF000 Ntfs.sys
0xB7CC2000 NDIS.sys
0xB7CA8000 Mup.sys
0xB8168000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB74D8000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB74C4000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB749C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8178000 \SystemRoot\system32\DRIVERS\l1e51x86.sys
0xB8388000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB7478000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8390000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB7464000 \SystemRoot\system32\DRIVERS\parport.sys
0xB85B2000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB8570000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
0xB83A8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8198000 \SystemRoot\system32\DRIVERS\L8042mou.Sys
0xB7452000 \SystemRoot\system32\DRIVERS\LMouKE.Sys
0xB83B8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\serial.sys
0xB857C000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8588000 \SystemRoot\system32\drivers\pfc.sys
0xB81C8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB742F000 \SystemRoot\system32\DRIVERS\ks.sys
0xB86AC000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB8238000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB859C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB7378000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB8248000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB8258000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB83E0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB7367000 \SystemRoot\system32\DRIVERS\psched.sys
0xB8268000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB83F0000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8400000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB8278000 \SystemRoot\System32\Drivers\pcouffin.sys
0xB730F000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB8288000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB85CC000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB72B1000 \SystemRoot\system32\DRIVERS\update.sys
0xB7C68000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB8298000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB4EE0000 \SystemRoot\system32\drivers\viahduaa.sys
0xB4EBC000 \SystemRoot\system32\drivers\portcls.sys
0xB82C8000 \SystemRoot\system32\drivers\drmk.sys
0xB82D8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB85D6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB4DA3000 \SystemRoot\system32\DRIVERS\4628186.sys
0xB85DE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB8737000 \SystemRoot\System32\Drivers\Null.SYS
0xB85E2000 \SystemRoot\System32\Drivers\Beep.SYS
0xB82E8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB8468000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB8470000 \SystemRoot\System32\drivers\vga.sys
0xB85E6000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB85EA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8480000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB8490000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB7357000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB4D70000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB4D17000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB4CF1000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB82F8000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB8308000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB4C29000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB84A8000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xB4C07000 \SystemRoot\System32\drivers\afd.sys
0xB8318000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB4BDC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB4B6C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB741F000 \SystemRoot\System32\Drivers\Fips.SYS
0xB73FF000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0xB4B25000 \SystemRoot\System32\Drivers\aswSP.SYS
0xB8398000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xB45DD000 \SystemRoot\system32\DRIVERS\46281861.sys
0xB83C0000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB81F8000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB4218000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB860C000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB4B0D000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8478000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB872A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD5A6000 \SystemRoot\System32\ATMFD.DLL
0xB4AFD000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xB4C71000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xB3E30000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB3BF1000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB395C000 \SystemRoot\system32\drivers\wdmaud.sys
0xB39B9000 \SystemRoot\system32\drivers\sysaudio.sys
0xB866A000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB35E4000 \SystemRoot\system32\DRIVERS\srv.sys
0xB8458000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xB8765000 \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
0xB2886000 \SystemRoot\System32\Drivers\HTTP.sys
0xB290F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB3194000 \SystemRoot\system32\drivers\LVUSBSta.sys
0xB2409000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0xB863C000 \SystemRoot\system32\DRIVERS\lv302af.sys
0xB369C000 \SystemRoot\system32\drivers\usbaudio.sys
0xB234F000 \SystemRoot\system32\DRIVERS\lvrs.sys
0xB282A000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xB28E7000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xB28D7000 \SystemRoot\system32\DRIVERS\HPZius12.sys
0xB3DB0000 \SystemRoot\system32\DRIVERS\HPZid412.sys
0xB3678000 \SystemRoot\system32\DRIVERS\HPZipr12.sys
0xB18B3000 \SystemRoot\system32\drivers\kmixer.sys
0xB2DA0000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB26A6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB8440000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xB196E000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB1838000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB3B01000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB2832000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB8448000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 61):
0 System Idle Process
4 System
544 C:\WINDOWS\system32\smss.exe
492 csrss.exe
604 C:\WINDOWS\system32\winlogon.exe
696 C:\WINDOWS\system32\services.exe
708 C:\WINDOWS\system32\lsass.exe
952 C:\WINDOWS\system32\nvsvc32.exe
1012 C:\WINDOWS\system32\svchost.exe
1120 svchost.exe
1188 C:\WINDOWS\system32\svchost.exe
1220 C:\WINDOWS\system32\svchost.exe
1328 svchost.exe
1436 svchost.exe
1628 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1944 C:\WINDOWS\explorer.exe
468 C:\WINDOWS\system32\spoolsv.exe
1428 svchost.exe
1852 C:\WINDOWS\system32\svchost.exe
1872 C:\Program Files\Java\jre6\bin\jqs.exe
1892 C:\Program Files\Google\Update\GoogleUpdate.exe
948 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
968 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
1032 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
1492 C:\Program Files\Logitech\QuickCam\Quickcam.exe
1036 C:\WINDOWS\system32\rundll32.exe
2076 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
2160 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
2312 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2336 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2456 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
2536 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
2568 C:\WINDOWS\system32\svchost.exe
2320 C:\WINDOWS\system32\IoctlSvc.exe
2552 C:\WINDOWS\system32\svchost.exe
2704 C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
3484 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
3476 C:\WINDOWS\system32\ctfmon.exe
3704 O:\Programma's\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe
3772 C:\WINDOWS\system32\svchost.exe
4072 C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
804 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
980 C:\WINDOWS\system32\UAService7.exe
2192 C:\Program Files\Logitech\SetPoint\SetPoint.exe
2740 C:\Program Files\OpenOffice.org 3\program\soffice.exe
2816 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
3072 C:\Program Files\OpenOffice.org 3\program\soffice.bin
2772 C:\Program Files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe
584 C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
4000 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
2924 C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
1008 alg.exe
800 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
2956 C:\Program Files\Windows Live\Contacts\wlcomm.exe
2736 C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
5944 C:\Program Files\Google\Chrome\Application\chrome.exe
5312 C:\Program Files\Google\Chrome\Application\chrome.exe
2232 C:\Program Files\Google\Chrome\Application\chrome.exe
5540 C:\Program Files\Google\Chrome\Application\chrome.exe
2188 C:\Program Files\Google\Chrome\Application\chrome.exe
5336 C:\Documents and Settings\Marjo\Mijn documenten\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive2 at offset 0x00000000`00007e00 (NTFS)
\\.\J: --> \\.\PhysicalDrive0 at offset 0x0000001d`0d518400 (NTFS)
\\.\M: --> \\.\PhysicalDrive7 at offset 0x00000000`00007e00 (NTFS)
\\.\O: --> \\.\PhysicalDrive7 at offset 0x00000038`270e9200 (NTFS)

PhysicalDrive1 Model Number: ST380815AS, Rev: 3.AAD
PhysicalDrive0 Model Number: WDCWD2500JB-00GVC0, Rev: 08.02D08
PhysicalDrive2 Model Number: ST3250410AS, Rev: 4.AAA
PhysicalDrive7 Model Number: WD5000AAV External, Rev: 1.65

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: F238F1FE114296B6DC7716517DC1DADB3FF3D5C6
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
232 GB \\.\PhysicalDrive2 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
465 GB \\.\PhysicalDrive7 RE: Unknown MBR code
SHA1: D90653CCC05EE39D4D44E1F67C33297D65F3ED4F


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

Done!
 
2011/06/17 14:29:10.0046 5760 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/17 14:29:10.0187 5760 ================================================================================
2011/06/17 14:29:10.0187 5760 SystemInfo:
2011/06/17 14:29:10.0187 5760
2011/06/17 14:29:10.0187 5760 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/17 14:29:10.0187 5760 Product type: Workstation
2011/06/17 14:29:10.0187 5760 ComputerName: CP277997-A
2011/06/17 14:29:10.0203 5760 UserName: Marjo
2011/06/17 14:29:10.0203 5760 Windows directory: C:\WINDOWS
2011/06/17 14:29:10.0203 5760 System windows directory: C:\WINDOWS
2011/06/17 14:29:10.0203 5760 Processor architecture: Intel x86
2011/06/17 14:29:10.0203 5760 Number of processors: 2
2011/06/17 14:29:10.0203 5760 Page size: 0x1000
2011/06/17 14:29:10.0203 5760 Boot type: Normal boot
2011/06/17 14:29:10.0203 5760 ================================================================================
2011/06/17 14:29:11.0718 5760 Initialize success
2011/06/17 14:29:15.0015 4732 ================================================================================
2011/06/17 14:29:15.0015 4732 Scan started
2011/06/17 14:29:15.0015 4732 Mode: Manual;
2011/06/17 14:29:15.0015 4732 ================================================================================
2011/06/17 14:29:16.0062 4732 46281861 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\46281861.sys
2011/06/17 14:29:16.0281 4732 46281862 (a305fad3719c5db0c13d1c2bfd08a04d) C:\WINDOWS\system32\DRIVERS\46281862.sys
2011/06/17 14:29:16.0328 4732 Aavmker4 (479c9835b91147be1a92cb76fad9c6de) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/06/17 14:29:16.0406 4732 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/17 14:29:16.0468 4732 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/17 14:29:16.0531 4732 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/06/17 14:29:16.0562 4732 AFD (8d499b1276012eb907e7a9e0f4d8fda4) C:\WINDOWS\System32\drivers\afd.sys
2011/06/17 14:29:16.0765 4732 asusgsb (d320732bcf5ff856120bd06855c66867) C:\WINDOWS\system32\drivers\asusgsb.sys
2011/06/17 14:29:16.0812 4732 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/06/17 14:29:16.0828 4732 aswMon2 (a1c52b822b7b8a5c2162d38f579f97b7) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/06/17 14:29:16.0843 4732 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/06/17 14:29:16.0890 4732 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\WINDOWS\system32\drivers\aswSP.sys
2011/06/17 14:29:16.0937 4732 aswTdi (1408421505257846eb336feeef33352d) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/06/17 14:29:16.0984 4732 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/17 14:29:17.0015 4732 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/17 14:29:17.0062 4732 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/17 14:29:17.0125 4732 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/17 14:29:17.0187 4732 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/17 14:29:17.0234 4732 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/06/17 14:29:17.0265 4732 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
2011/06/17 14:29:17.0296 4732 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/06/17 14:29:17.0343 4732 BTHPORT (39a4704cadb39af633b6f5da4a9baed1) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/06/17 14:29:17.0359 4732 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/06/17 14:29:17.0562 4732 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/17 14:29:17.0625 4732 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/06/17 14:29:17.0718 4732 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/17 14:29:17.0734 4732 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/17 14:29:17.0765 4732 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/17 14:29:17.0921 4732 Disk (47b6aaec570f2c11d8bad80a064d8ed1) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/17 14:29:18.0000 4732 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/17 14:29:18.0078 4732 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/17 14:29:18.0109 4732 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/17 14:29:18.0156 4732 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/17 14:29:18.0203 4732 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/17 14:29:18.0234 4732 dtscsi (6461e57bb51a848aae26f52427b7cf9e) C:\WINDOWS\System32\Drivers\dtscsi.sys
2011/06/17 14:29:18.0281 4732 ElbyCDIO (64664287ca449c060fe46941dd67dd5f) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
2011/06/17 14:29:18.0328 4732 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/17 14:29:18.0375 4732 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/06/17 14:29:18.0390 4732 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/17 14:29:18.0406 4732 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/06/17 14:29:18.0453 4732 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/06/17 14:29:18.0500 4732 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/06/17 14:29:18.0531 4732 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
2011/06/17 14:29:18.0593 4732 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/17 14:29:18.0625 4732 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/17 14:29:18.0656 4732 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/17 14:29:18.0703 4732 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/06/17 14:29:18.0734 4732 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/17 14:29:18.0828 4732 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/06/17 14:29:18.0859 4732 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/06/17 14:29:18.0890 4732 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/06/17 14:29:18.0921 4732 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/17 14:29:19.0046 4732 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/17 14:29:19.0093 4732 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/17 14:29:19.0187 4732 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/17 14:29:19.0234 4732 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/06/17 14:29:19.0281 4732 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/17 14:29:19.0312 4732 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/17 14:29:19.0359 4732 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/17 14:29:19.0406 4732 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/17 14:29:19.0437 4732 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/17 14:29:19.0468 4732 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/17 14:29:19.0500 4732 itchfltr (936123d83e80c1cb3ea042d7fb98da25) C:\WINDOWS\system32\DRIVERS\itchfltr.sys
2011/06/17 14:29:19.0531 4732 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/17 14:29:19.0562 4732 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/17 14:29:19.0609 4732 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/17 14:29:19.0656 4732 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/17 14:29:19.0687 4732 L1e (d0607058fa4e408b3ed3924f0d9fa2f0) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
2011/06/17 14:29:19.0718 4732 L8042Kbd (0c6e346cde730cf1356dd69ad6e9bc42) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
2011/06/17 14:29:19.0734 4732 L8042mou (8a5993705add14352c9a279fa8338334) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
2011/06/17 14:29:19.0828 4732 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/06/17 14:29:19.0875 4732 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/06/17 14:29:19.0921 4732 LMouKE (9837e55673818ecd8febb47f7f77521a) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
2011/06/17 14:29:19.0968 4732 LVcKap (9ce361764c5dd5fa5506510fe5d2297b) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
2011/06/17 14:29:20.0015 4732 LVPr2Mon (94d03b31f36bb362fa5713470fcf1c79) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/06/17 14:29:20.0062 4732 LVRS (a198cd8a1c813d9ceba29a29d45fc94c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/06/17 14:29:20.0109 4732 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
2011/06/17 14:29:20.0140 4732 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/17 14:29:20.0171 4732 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/17 14:29:20.0250 4732 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
2011/06/17 14:29:20.0328 4732 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/17 14:29:20.0359 4732 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/17 14:29:20.0406 4732 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/17 14:29:20.0531 4732 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/17 14:29:20.0578 4732 MRxSmb (8dd801e28eb76fda2a38907882a0036f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/17 14:29:20.0625 4732 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/17 14:29:20.0671 4732 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/17 14:29:20.0687 4732 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/17 14:29:20.0703 4732 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/17 14:29:20.0734 4732 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/17 14:29:20.0765 4732 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/06/17 14:29:20.0812 4732 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/06/17 14:29:20.0843 4732 Mup (f7b1ad991491f02af6da70b00b8bf114) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/17 14:29:20.0906 4732 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/06/17 14:29:20.0937 4732 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/17 14:29:20.0953 4732 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/06/17 14:29:20.0984 4732 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/17 14:29:21.0015 4732 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/17 14:29:21.0031 4732 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/17 14:29:21.0062 4732 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/17 14:29:21.0109 4732 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/17 14:29:21.0156 4732 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/17 14:29:21.0328 4732 nocashio (03bba4dedefb48c510061529651b453a) C:\WINDOWS\system32\drivers\nocashio.sys
2011/06/17 14:29:21.0375 4732 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/17 14:29:21.0421 4732 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/17 14:29:21.0468 4732 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/17 14:29:21.0656 4732 nv (4f15e1e56703f59c0ac00022162e5308) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/06/17 14:29:21.0875 4732 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/17 14:29:21.0890 4732 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/17 14:29:21.0953 4732 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/17 14:29:21.0984 4732 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/17 14:29:22.0031 4732 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/17 14:29:22.0062 4732 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/06/17 14:29:22.0093 4732 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/17 14:29:22.0171 4732 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/17 14:29:22.0218 4732 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/17 14:29:22.0265 4732 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/06/17 14:29:22.0453 4732 pepifilter (b071495101df7dd946cc6850f0203c8a) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/06/17 14:29:22.0546 4732 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
2011/06/17 14:29:22.0625 4732 PID_PEPI (39c3cdf1f845e8cc14331bbd3799c7cb) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
2011/06/17 14:29:22.0718 4732 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/17 14:29:22.0750 4732 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/17 14:29:22.0781 4732 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/17 14:29:22.0921 4732 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/17 14:29:22.0953 4732 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/17 14:29:22.0968 4732 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/17 14:29:22.0984 4732 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/17 14:29:23.0015 4732 Rdbss (9629383f70db691cb6aa5bbd828cd9a9) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/17 14:29:23.0031 4732 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/17 14:29:23.0062 4732 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/17 14:29:23.0109 4732 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/17 14:29:23.0140 4732 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/17 14:29:23.0187 4732 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/06/17 14:29:23.0265 4732 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/17 14:29:23.0296 4732 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/17 14:29:23.0343 4732 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/17 14:29:23.0406 4732 setup_9.0.0.722_05.08.2010_15-32drv (66ef49622baa18e4d4f1fe4bae1d51b8) C:\WINDOWS\system32\DRIVERS\4628186.sys
2011/06/17 14:29:23.0453 4732 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/17 14:29:23.0515 4732 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/06/17 14:29:23.0625 4732 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/17 14:29:23.0671 4732 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/17 14:29:23.0671 4732 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/17 14:29:23.0671 4732 sptd - detected LockedFile.Multi.Generic (1)
2011/06/17 14:29:23.0734 4732 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/17 14:29:23.0875 4732 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/17 14:29:23.0953 4732 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/06/17 14:29:23.0984 4732 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/17 14:29:24.0015 4732 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/17 14:29:24.0203 4732 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/17 14:29:24.0265 4732 Tcpip (ad978a1b783b5719720cff204b666c8e) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/17 14:29:24.0312 4732 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/17 14:29:24.0359 4732 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/17 14:29:24.0375 4732 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/17 14:29:24.0484 4732 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
2011/06/17 14:29:24.0578 4732 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/17 14:29:24.0640 4732 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/17 14:29:24.0671 4732 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/06/17 14:29:24.0718 4732 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/17 14:29:24.0750 4732 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/17 14:29:24.0765 4732 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/17 14:29:24.0796 4732 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/17 14:29:24.0843 4732 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/17 14:29:24.0859 4732 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/17 14:29:24.0906 4732 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/17 14:29:24.0953 4732 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2011/06/17 14:29:24.0984 4732 Vax347b (cb3400d696bee266c38cae330c2b4337) C:\WINDOWS\system32\DRIVERS\Vax347b.sys
2011/06/17 14:29:25.0015 4732 Vax347s (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\Vax347s.sys
2011/06/17 14:29:25.0031 4732 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/06/17 14:29:25.0140 4732 VIAHdAudAddService (a11c98a43d7239b1d83db79707483b1b) C:\WINDOWS\system32\drivers\viahduaa.sys
2011/06/17 14:29:25.0312 4732 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/17 14:29:25.0343 4732 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/17 14:29:25.0375 4732 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
2011/06/17 14:29:25.0453 4732 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/06/17 14:29:25.0500 4732 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/17 14:29:25.0640 4732 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/06/17 14:29:25.0687 4732 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/06/17 14:29:25.0734 4732 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/17 14:29:25.0765 4732 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/17 14:29:25.0812 4732 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/06/17 14:29:25.0828 4732 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk1\DR1
2011/06/17 14:29:25.0937 4732 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
2011/06/17 14:29:25.0953 4732 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk7\DR11
2011/06/17 14:29:25.0953 4732 ================================================================================
2011/06/17 14:29:25.0953 4732 Scan finished
2011/06/17 14:29:25.0953 4732 ================================================================================
2011/06/17 14:29:25.0968 5524 Detected object count: 1
2011/06/17 14:29:25.0968 5524 Actual detected object count: 1
2011/06/17 14:29:56.0468 5524 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/17 14:29:56.0468 5524 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/17 14:29:56.0515 5524 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2011/06/17 14:29:56.0515 5524 LockedFile.Multi.Generic(sptd) - User select action: Quarantine
 
Bedankt voor de snelle reactie. Dit zijn ze toch wat je bedoelt mbam loopt nu duurt wel ff sorry
 
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Databaseversie: 6876

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17-6-2011 14:36:06
mbam-log-2011-06-17 (14-36-06).txt

Scantype: Snelle scan
Objecten gescand: 164855
Verstreken tijd: 4 minuut/minuten, 42 seconde(n)

Geheugenprocessen genfecteerd: 0
Geheugenmodulen genfecteerd: 0
Registersleutels genfecteerd: 0
Registerwaarden genfecteerd: 0
Registerdata genfecteerd: 0
Mappen genfecteerd: 0
Bestanden genfecteerd: 0

Geheugenprocessen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)


Nou dat zouden ze dan moeten zijn.
 
Ja dat is het en dat had je allemaal in n post kunnen posten, zoals ik gevraagd heb!

Vragen:

1): je hebt een 465 GB HD.

Is dit mogelijk een externe HD die inFAT32 is geformatteerd?
Graag onderzoeken dus.

2) met TDSSKiller, heb je sptd.sys in qarantaine gezet.

Heb jij wel of niet DaemonTools in jouw Windows.
 
hoi Ik heb 3 interne schijven en een extern zijn allemaal NTFS wat ik kan zien en daemontool gebruik ik wel eens maar zit er nu niet op.Moet ik sptd.sys verwijderen.
 
Dat is het probleem met dat sptd.sys - het kan namelijk ook een rootkit zijn!

Wacht er maar even mee!

Die 465GB is wel een externe HD?
Want de MBR hiervan is besmet!
 
De O en de K schijf is de externe. yep die 465 is de externe
 
Hoi Jos, je mag nu het volgende doen:

MBRCheck.exe opstarten:
Windows 2000 en Windows XP: start "MBRCheck.exe" middels dubbelklik op "MBRCheck.exe".
Windows Vista en Windows 7: start "MBRCheck.exe" middels rechtsklik op "MBRCheck.exe" en dan kiezen voor "Als Administrator uitvoeren".

mbrcheck.png


  • Wacht nu totdat je de volgende melding ziet: "Enter 'Y' and hit ENTER for more options, or 'N' to exit.
  • Klik nu op de "Y"-toets en druk vervolgens op de Entertoets.
  • Het programma wil weten wat jij wil gaan doen: geef nu 2 als opdracht en druk vervolgens op de Entertoets.
  • Nu wil het programma weten om welke harddisk het gaat: "Enter the physical disk number to fix (0-99, -1 to cancel):"
  • Geef als nummer nu 7 in en druk op de Entertoets.
  • Je krijgt nu een lijst te zien van besturingssystemen. Gebruik de nummer 1 voor Windows XP en druk weer op de Entertoets.
  • Het programma wil nu jouw keuze bevestigd hebben! Typ YES en druk weer op de Entertoets.
  • klik nu met links op de titelbalk (waarop programmanaam en het pad vermeld staan)
    • in het menu kies je Edit -> All
    • Druk op de Entertoets om de geslekteerde tekst te kopiren.
    • Plak vervolgens de tekst in een kladblok document.
    • Sla dit dokument op je bureaublad op als bijv. "MBRCheck results HD1.txt"
  • Start vervolgens jouw PC opnieuw op
  • Post in je volgende bericht de conclusieregels van het opgeslagen log!
 
Sorry maar hoe bedoel je dit.

klik nu met links op de titelbalk (waarop programmanaam en het pad vermeld staan)
in het menu kies je Edit -> All
Druk op de Entertoets om de geslekteerde tekst te kopiren.
Plak vervolgens de tekst in een kladblok document.
Sla dit dokument op je bureaublad op als bijv. "MBRCheck results HD1.txt"
 
Je ziet dat zwarte schermpje dat ik als voorbeeld hebt geplaatst?

Kijk nu goed naar de bovenrand en wat daar staat.

Bij jou is mogelijk de lokatie anders, maar die rand wordt nu bedoeld!
 
ja die zie ik maar als ik links aanklik krijg ik niet edit
 
Dit

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000fffc

Kernel Drivers (total 147):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E6000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB80A8000 46281862.sys
0xB7EB4000 speu.sys
0xB85AA000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xB7E9C000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xB7E75000 Vax347b.sys
0xB7E46000 ACPI.sys
0xB7E35000 pci.sys
0xB80B8000 isapnp.sys
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80C8000 MountMgr.sys
0xB7E16000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7DF0000 dmio.sys
0xB8330000 PartMgr.sys
0xB80D8000 VolSnap.sys
0xB7DD8000
0xB85AE000 Vax347s.sys
0xB80E8000 disk.sys
0xB80F8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7DB8000 fltmgr.sys
0xB7DA6000 sr.sys
0xB7D8F000 KSecDD.sys
0xB7D7C000 WudfPf.sys
0xB7CEF000 Ntfs.sys
0xB7CC2000 NDIS.sys
0xB7CA8000 Mup.sys
0xB8168000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB74D8000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB74C4000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB749C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8178000 \SystemRoot\system32\DRIVERS\l1e51x86.sys
0xB8388000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB7478000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8390000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB7464000 \SystemRoot\system32\DRIVERS\parport.sys
0xB85B2000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB8570000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
0xB83A8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8198000 \SystemRoot\system32\DRIVERS\L8042mou.Sys
0xB7452000 \SystemRoot\system32\DRIVERS\LMouKE.Sys
0xB83B8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\serial.sys
0xB857C000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8588000 \SystemRoot\system32\drivers\pfc.sys
0xB81C8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB742F000 \SystemRoot\system32\DRIVERS\ks.sys
0xB8694000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB8238000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB859C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB7378000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB8248000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB8258000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB83E0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB7367000 \SystemRoot\system32\DRIVERS\psched.sys
0xB8268000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB83F0000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8400000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB8278000 \SystemRoot\System32\Drivers\pcouffin.sys
0xB730F000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB8288000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB85CC000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB72B1000 \SystemRoot\system32\DRIVERS\update.sys
0xB7C68000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB8298000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB4EE0000 \SystemRoot\system32\drivers\viahduaa.sys
0xB4EBC000 \SystemRoot\system32\drivers\portcls.sys
0xB82C8000 \SystemRoot\system32\drivers\drmk.sys
0xB82D8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB85D6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB4DA3000 \SystemRoot\system32\DRIVERS\4628186.sys
0xB85DE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB8729000 \SystemRoot\System32\Drivers\Null.SYS
0xB85E2000 \SystemRoot\System32\Drivers\Beep.SYS
0xB82E8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB8468000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB8470000 \SystemRoot\System32\drivers\vga.sys
0xB85E6000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB85EA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8480000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB8490000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB7357000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB4D70000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB4D17000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB82F8000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB4CF1000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB8308000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB4C29000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB84A8000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xB4C07000 \SystemRoot\System32\drivers\afd.sys
0xB8318000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB4BDC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB4B6C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB741F000 \SystemRoot\System32\Drivers\Fips.SYS
0xB73FF000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0xB4B25000 \SystemRoot\System32\Drivers\aswSP.SYS
0xB83A0000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xB45DD000 \SystemRoot\system32\DRIVERS\46281861.sys
0xB83D0000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB83E8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB73CF000 \SystemRoot\system32\drivers\LVUSBSta.sys
0xB4343000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0xB73BF000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB85FA000 \SystemRoot\system32\DRIVERS\lv302af.sys
0xB73AF000 \SystemRoot\system32\drivers\usbaudio.sys
0xB42AB000 \SystemRoot\system32\DRIVERS\lvrs.sys
0xB4DF8000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xB8418000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xB8428000 \SystemRoot\system32\DRIVERS\HPZius12.sys
0xB8594000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB739F000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB738F000 \SystemRoot\system32\DRIVERS\HPZid412.sys
0xB8438000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xB81E8000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB4230000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB735F000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB735B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB8448000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xB734B000 \SystemRoot\system32\DRIVERS\HPZipr12.sys
0xB4218000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB8602000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB4B15000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8488000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB87DF000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD5A6000 \SystemRoot\System32\ATMFD.DLL
0xB3F5C000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xB3E98000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xB3D7C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB3BF1000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB864A000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB3829000 \SystemRoot\system32\DRIVERS\srv.sys
0xB3634000 \SystemRoot\system32\drivers\wdmaud.sys
0xB3759000 \SystemRoot\system32\drivers\sysaudio.sys
0xB8398000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xB87B9000 \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
0xB2DAB000 \SystemRoot\System32\Drivers\HTTP.sys
0xB1B6D000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 59):
0 System Idle Process
4 System
544 C:\WINDOWS\system32\smss.exe
804 csrss.exe
860 C:\WINDOWS\system32\winlogon.exe
952 C:\WINDOWS\system32\services.exe
964 C:\WINDOWS\system32\lsass.exe
1204 C:\WINDOWS\system32\nvsvc32.exe
1300 C:\WINDOWS\system32\svchost.exe
1384 svchost.exe
1460 C:\WINDOWS\system32\svchost.exe
1504 C:\WINDOWS\system32\svchost.exe
1600 svchost.exe
1704 svchost.exe
1888 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
456 C:\WINDOWS\system32\spoolsv.exe
832 svchost.exe
1196 C:\WINDOWS\system32\svchost.exe
1272 C:\Program Files\Google\Update\GoogleUpdate.exe
1252 C:\Program Files\Java\jre6\bin\jqs.exe
1732 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
296 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
700 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
1620 C:\WINDOWS\system32\svchost.exe
1608 C:\WINDOWS\system32\IoctlSvc.exe
1360 C:\WINDOWS\system32\svchost.exe
1724 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2248 \Device\HarddiskVolume6\Programma's\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe
2264 C:\WINDOWS\system32\svchost.exe
2304 C:\WINDOWS\explorer.exe
2472 C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
2548 C:\WINDOWS\system32\UAService7.exe
448 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
724 C:\Program Files\Logitech\QuickCam\Quickcam.exe
752 C:\WINDOWS\system32\rundll32.exe
1324 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
1836 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1144 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2116 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
2168 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
2084 C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
2288 C:\WINDOWS\system32\ctfmon.exe
3268 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
3612 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
3760 C:\Program Files\Logitech\SetPoint\SetPoint.exe
2468 C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
2524 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
2768 C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
1004 C:\Program Files\OpenOffice.org 3\program\soffice.exe
3980 C:\Program Files\OpenOffice.org 3\program\soffice.bin
3400 alg.exe
2592 C:\Program Files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe
5236 C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
5372 C:\Program Files\Google\Chrome\Application\chrome.exe
5496 C:\Program Files\Google\Chrome\Application\chrome.exe
1880 C:\Program Files\Google\Chrome\Application\chrome.exe
5636 C:\Program Files\Google\Chrome\Application\chrome.exe
5744 C:\Program Files\Google\Chrome\Application\chrome.exe
5448 C:\Documents and Settings\Marjo\Mijn documenten\Downloads\MBRCheck (1).exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive2 at offset 0x00000000`00007e00 (NTFS)
\\.\J: --> \\.\PhysicalDrive0 at offset 0x0000001d`0d518400 (NTFS)
\\.\M: --> \\.\PhysicalDrive7 at offset 0x00000000`00007e00 (NTFS)
\\.\O: --> \\.\PhysicalDrive7 at offset 0x00000038`270e9200 (NTFS)

PhysicalDrive1 Model Number: ST380815AS, Rev: 3.AAD
PhysicalDrive0 Model Number: WDCWD2500JB-00GVC0, Rev: 08.02D08
PhysicalDrive2 Model Number: ST3250410AS, Rev: 4.AAA
PhysicalDrive7 Model Number: WD5000AAV External, Rev: 1.65

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: F238F1FE114296B6DC7716517DC1DADB3FF3D5C6
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
232 GB \\.\PhysicalDrive2 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
465 GB \\.\PhysicalDrive7 RE: Unknown MBR code
SHA1: D90653CCC05EE39D4D44E1F67C33297D65F3ED4F


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 7Available MBR codes:
[ 0] Default (Windows XP)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 1
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
RE: Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!
 
Hoi Jos, om te controleren of de fix gelukt graag een nieuw MBRCheck-log.
 
zo te zien niet gefix

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000fffc

Kernel Drivers (total 141):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E6000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB80A8000 46281862.sys
0xB7EB4000 spza.sys
0xB85AA000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xB7E9C000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xB7E75000 Vax347b.sys
0xB7E46000 ACPI.sys
0xB7E35000 pci.sys
0xB80B8000 isapnp.sys
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80C8000 MountMgr.sys
0xB7E16000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7DF0000 dmio.sys
0xB8330000 PartMgr.sys
0xB80D8000 VolSnap.sys
0xB7DD8000
0xB85AE000 Vax347s.sys
0xB80E8000 disk.sys
0xB80F8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7DB8000 fltmgr.sys
0xB7DA6000 sr.sys
0xB7D8F000 KSecDD.sys
0xB7D7C000 WudfPf.sys
0xB7CEF000 Ntfs.sys
0xB7CC2000 NDIS.sys
0xB7CA8000 Mup.sys
0xB8168000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB74D8000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB74C4000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB749C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8178000 \SystemRoot\system32\DRIVERS\l1e51x86.sys
0xB8388000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB7478000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8390000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB7464000 \SystemRoot\system32\DRIVERS\parport.sys
0xB85B2000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB8570000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
0xB83A8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8198000 \SystemRoot\system32\DRIVERS\L8042mou.Sys
0xB7452000 \SystemRoot\system32\DRIVERS\LMouKE.Sys
0xB83B8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\serial.sys
0xB857C000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8588000 \SystemRoot\system32\drivers\pfc.sys
0xB81C8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB742F000 \SystemRoot\system32\DRIVERS\ks.sys
0xB8687000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB8238000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB859C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB7378000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB8248000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB8258000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB83E0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB7367000 \SystemRoot\system32\DRIVERS\psched.sys
0xB8268000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB83F0000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8400000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB8278000 \SystemRoot\System32\Drivers\pcouffin.sys
0xB730F000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB8288000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB85CC000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB72B1000 \SystemRoot\system32\DRIVERS\update.sys
0xB7C68000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB8298000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB4EE0000 \SystemRoot\system32\drivers\viahduaa.sys
0xB4EBC000 \SystemRoot\system32\drivers\portcls.sys
0xB82C8000 \SystemRoot\system32\drivers\drmk.sys
0xB82D8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB85D6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB4DA3000 \SystemRoot\system32\DRIVERS\4628186.sys
0xB85DE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB871C000 \SystemRoot\System32\Drivers\Null.SYS
0xB85E2000 \SystemRoot\System32\Drivers\Beep.SYS
0xB82E8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB8468000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB8470000 \SystemRoot\System32\drivers\vga.sys
0xB85E6000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB85EA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8480000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB8490000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB7357000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB4D70000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB4D17000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB4CF1000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB82F8000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB8308000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB4C29000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB84A8000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xB4C07000 \SystemRoot\System32\drivers\afd.sys
0xB8318000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB4BDC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB4B6C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB741F000 \SystemRoot\System32\Drivers\Fips.SYS
0xB73FF000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0xB4B25000 \SystemRoot\System32\Drivers\aswSP.SYS
0xB83A0000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xB45DD000 \SystemRoot\system32\DRIVERS\46281861.sys
0xB83D0000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB83E8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB73CF000 \SystemRoot\system32\drivers\LVUSBSta.sys
0xB4343000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0xB73BF000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB85FC000 \SystemRoot\system32\DRIVERS\lv302af.sys
0xB73AF000 \SystemRoot\system32\drivers\usbaudio.sys
0xB42AB000 \SystemRoot\system32\DRIVERS\lvrs.sys
0xB4DF8000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB739F000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB8410000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xB738F000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB4230000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB8594000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB8598000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB8420000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xB4218000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB8606000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB7C64000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8440000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB87BA000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD5A6000 \SystemRoot\System32\ATMFD.DLL
0xB3F6C000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xB3EB8000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xB3E38000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB3C19000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB862C000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB3829000 \SystemRoot\system32\DRIVERS\srv.sys
0xB379C000 \SystemRoot\system32\drivers\wdmaud.sys
0xB3A01000 \SystemRoot\system32\drivers\sysaudio.sys
0xB8430000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xB8795000 \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
0xB2CBB000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 63):
0 System Idle Process
4 System
544 C:\WINDOWS\system32\smss.exe
788 csrss.exe
836 C:\WINDOWS\system32\winlogon.exe
928 C:\WINDOWS\system32\services.exe
948 C:\WINDOWS\system32\lsass.exe
1176 C:\WINDOWS\system32\nvsvc32.exe
1240 C:\WINDOWS\system32\svchost.exe
1340 svchost.exe
1416 C:\WINDOWS\system32\svchost.exe
1452 C:\WINDOWS\system32\svchost.exe
1556 svchost.exe
1660 svchost.exe
1836 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
416 C:\WINDOWS\system32\spoolsv.exe
768 svchost.exe
1040 C:\WINDOWS\system32\svchost.exe
1192 C:\Program Files\Java\jre6\bin\jqs.exe
1216 C:\Program Files\Google\Update\GoogleUpdate.exe
1712 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
896 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
1632 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
412 C:\WINDOWS\explorer.exe
2104 C:\WINDOWS\system32\svchost.exe
2120 C:\WINDOWS\system32\IoctlSvc.exe
2132 C:\WINDOWS\system32\svchost.exe
2160 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2280 O:\Programma's\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe
2292 C:\WINDOWS\system32\svchost.exe
2392 C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
2448 C:\WINDOWS\system32\UAService7.exe
2660 C:\WINDOWS\system32\wuauclt.exe
3916 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
3964 C:\Program Files\Logitech\QuickCam\Quickcam.exe
3980 C:\WINDOWS\system32\rundll32.exe
4092 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
272 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
504 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
580 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1012 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
1776 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
2148 C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
2272 C:\WINDOWS\system32\ctfmon.exe
3096 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
2304 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
2836 C:\Program Files\Logitech\SetPoint\SetPoint.exe
3408 wmiprvse.exe
3400 C:\Program Files\OpenOffice.org 3\program\soffice.exe
3432 C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
3484 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
3788 C:\Program Files\OpenOffice.org 3\program\soffice.bin
4048 C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
224 alg.exe
3476 C:\Program Files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe
572 C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
600 C:\Program Files\Google\Chrome\Application\chrome.exe
3828 C:\Program Files\Google\Chrome\Application\chrome.exe
1484 C:\Program Files\Google\Chrome\Application\chrome.exe
2596 C:\Program Files\Google\Chrome\Application\chrome.exe
3256 C:\Program Files\Google\Chrome\Application\chrome.exe
3652 wmiprvse.exe
2676 C:\Documents and Settings\Marjo\Mijn documenten\Downloads\MBRCheck (4).exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive2 at offset 0x00000000`00007e00 (NTFS)
\\.\J: --> \\.\PhysicalDrive0 at offset 0x0000001d`0d518400 (NTFS)
\\.\M: --> \\.\PhysicalDrive7 at offset 0x00000000`00007e00 (NTFS)
\\.\O: --> \\.\PhysicalDrive7 at offset 0x00000038`270e9200 (NTFS)

PhysicalDrive1 Model Number: ST380815AS, Rev: 3.AAD
PhysicalDrive0 Model Number: WDCWD2500JB-00GVC0, Rev: 08.02D08
PhysicalDrive2 Model Number: ST3250410AS, Rev: 4.AAA
PhysicalDrive7 Model Number: WD5000AAV External, Rev: 1.65

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: F238F1FE114296B6DC7716517DC1DADB3FF3D5C6
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
232 GB \\.\PhysicalDrive2 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
465 GB \\.\PhysicalDrive7 RE: Unknown MBR code
SHA1: D90653CCC05EE39D4D44E1F67C33297D65F3ED4F


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
 
Hmmm, die externe disk van jou, toen je die aanschafte, was deze toen al in NTFS geformatteerd of heb jij dat achteraf gedaan?
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan