Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DesktopLayer.exe


  • Please log in to reply
6 replies to this topic

#1 hilia

hilia

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 03 May 2013 - 05:15 AM

I recently discovered that i was infected with the desktoplayer virus, what probably came with some extra download called watermark.exe (something like that.)

For now i blocked all the srv creations i found (so they cant get executed) i did an online scan (homecall), that detected 37 items that where infected (no import system32 files) and did "fix them". i am currently doing a full scan with "superantispwyare"

i hope anyone could help me to get ride of this virus

Edited by hilia, 03 May 2013 - 05:17 AM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:40 AM

Posted 03 May 2013 - 04:01 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif NOTE. Make sure all logs are pasted not attached.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 hilia

hilia
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 04 May 2013 - 04:14 AM

4/5 Logs file uploaded for now.

-Found out that my own virus scanner did expire (F-secure)

-Removed some loopback adapters of one of the Log Files 

-last log file will be uploaded in a couple of hours 

-Warning about outdated internet explore can be ignored (using Chrome)

 

Rar file with 4/5 Logs

http://www.mediafire.com/?itpk6e41jw31tsa

 

 

 


Edited by hilia, 04 May 2013 - 04:18 AM.


#4 hilia

hilia
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 04 May 2013 - 05:19 AM

First of all my apologies for the double post (couldn't seem to edit my previous post)

 

-Re installed F-Secure and did a full scan, it found 137 viruses , Inclusive in : Malwarebyts

-Removed most of the viruses, The files where F-secure "failed", where deleted.

-Still waiting on the last log file. (lets hope i can still eddit this post)



#5 hilia

hilia
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 04 May 2013 - 07:51 AM

Last 2 logs , (A Cmd is popping up now after a computer restart, is that one of the virus scanners?)

Spoiler
Spoiler

Edited by hilia, 04 May 2013 - 08:03 AM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:40 AM

Posted 04 May 2013 - 01:56 PM

p22002970.gif NOTE. Make sure all logs are pasted not attached.

No links, spoilers etc.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 hilia

hilia
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:40 PM

Posted 04 May 2013 - 02:51 PM

 Results of screen317's Security Check version 0.99.63  
 Windows Vista Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 8 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 SUPERAntiSpyware     
 SpyHunter     
 Java™ 6 Update 37  
 Java 7 Update 13  
 Java™ SE Development Kit 6 Update 31 
 Java™ SE Development Kit 6 Update 37 
 Java SE Development Kit 7 Update 9 
 Java DB 10.6.2.1   
 Java version out of Date! 
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome 26.0.1410.43  
 Google Chrome 26.0.1410.64  
 Google Chrome dmlconf.dat..  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSASCui.exe 
 Windows Defender MSASCui.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 

 

 

 
Windows Vista ™ Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-07-02 08:02] - [2011-04-21 15:16] - 0273408 ____A (Microsoft Corporation) 48EB99503533C27AC6135648E5474457
 
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2010-08-15 16:39] - [2010-06-16 17:59] - 0898952 ____A (Microsoft Corporation) 782568AB6A43160A159B6215B70BCCE9
 
C:\Windows\system32\dnsrslvr.dll
[2011-04-16 10:23] - [2011-03-02 16:49] - 0086528 ____A (Microsoft Corporation) 4805D9A6D281C7A7DEFD9094DEC6AF7D
 
C:\Windows\system32\mpssvc.dll
[2008-01-21 04:24] - [2008-01-21 04:24] - 0393216 ____A (Microsoft Corporation) D1639BA315B0D79DEC49A4B0E1FB929B
 
C:\Windows\system32\bfe.dll
[2008-01-21 04:23] - [2008-01-21 04:23] - 0328704 ____A (Microsoft Corporation) 8582E233C346AEFE759833E8A30DD697
 
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe
[2008-01-21 04:23] - [2008-01-21 04:23] - 1054720 ____A (Microsoft Corporation) D5FB73D19C46ADE183F968E13F186B23
 
C:\Windows\system32\wscsvc.dll
[2008-01-21 04:23] - [2008-01-21 04:23] - 0061440 ____A (Microsoft Corporation) 683DD16B590372F2C9661D277F35E49C
 
C:\Windows\system32\wbem\WMIsvc.dll
[2008-01-21 04:24] - [2008-01-21 04:24] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5
 
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2008-01-21 04:25] - [2008-01-21 04:25] - 0758272 ____A (Microsoft Corporation) 02ED7B4DBC2A3232A389106DA7515C3D
 
C:\Windows\system32\es.dll
[2009-03-10 02:27] - [2009-03-10 02:27] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465
 
C:\Windows\system32\cryptsvc.dll
[2008-01-21 04:24] - [2008-01-21 04:24] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678
 
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2010-04-17 08:17] - [2010-02-18 16:11] - 0190464 ____A (Microsoft Corporation) 6A35D233693EDC29A12742049BC5E37F
 
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2009-07-17 22:17] - [2009-03-03 06:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830
 
 
 
**** End of log ****

 

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.05.04.02
 
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
ronald :: PC_VAN_RONALD [administrator]
 
Protection: Enabled
 
4-5-2013 7:48:44
mbam-log-2013-05-04 (07-48-44).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 256900
Time elapsed: 25 minute(s), 
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 6
HKLM\SYSTEM\CurrentControlSet\Services\wampmysqld (Virus.Ramnit) -> Quarantined and deleted successfully.
HKCR\CLSID\{075A24FD-4418-4841-9C3A-55CD5FFDE375} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKCR\TypeLib\{6BF702B6-B8F4-4653-BED3-A4DC44841604} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKCR\Interface\{8B7DF55E-C842-41FE-A391-DB4FFF5FA7C7} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKCR\NXCOM.NxGameControl.US.2 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{075A24FD-4418-4841-9C3A-55CD5FFDE375} (Virus.Ramnit) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 39
C:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\BBrowse2SSavee\5180d5eb22e4e.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\coontiinUUetosavE\5139e1ffb2c19.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\Nexon\Common\dbghelp.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\NexonUS\NGM\nxgameus.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\Temp\{67626E09-5366-4480-8F1E-93FADF50CA15}\PostBuild.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\ProgramData\wxDownload\510695f10ff6a.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Roaming\Darkcomet.exe (Trojan.MSIL) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\is266766283\Giant-Savings.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\{8590B3C5-4FC7-4D62-AF89-07E55E739133}\Addons\wxdownload_extension.exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\{E814B8B5-FB99-492C-A82C-E26F7FE0E04F}\{DE4DF4A7-8E12-41EE-B7DD-1A9E6E4117EB}\CapabilityTable.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\{E814B8B5-FB99-492C-A82C-E26F7FE0E04F}\{DE4DF4A7-8E12-41EE-B7DD-1A9E6E4117EB}\NVCLOSE.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\{E814B8B5-FB99-492C-A82C-E26F7FE0E04F}\{DE4DF4A7-8E12-41EE-B7DD-1A9E6E4117EB}\NvInstNT.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\{E814B8B5-FB99-492C-A82C-E26F7FE0E04F}\{DE4DF4A7-8E12-41EE-B7DD-1A9E6E4117EB}\nvupnpbr.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\{E814B8B5-FB99-492C-A82C-E26F7FE0E04F}\{DE4DF4A7-8E12-41EE-B7DD-1A9E6E4117EB}\_IsRes.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\{E814B8B5-FB99-492C-A82C-E26F7FE0E04F}\{DE4DF4A7-8E12-41EE-B7DD-1A9E6E4117EB}\_isressm.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsuD051.tmp\FindProcDLL.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsuD051.tmp\manlib.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nswF5F2.tmp\inetc3.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nswF5F2.tmp\System.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsy6417.tmp\chrmPref.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsy6417.tmp\InetLoad.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsy6417.tmp\Processes.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsy6417.tmp\System.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\swtlib-32\swt-win32-3550.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsnD946.tmp\FindProcDLL.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\AppData\Local\Temp\nsnD946.tmp\manlib.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\Downloads\dinput8 (1).dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\Downloads\dinput8.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\Downloads\localhost55.rar (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\Users\ronald\Downloads\LocalHost_Multi-Client_v55_without_dmg_cap_swear_filter_disabled_and_drop_able_nx.rar (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\Users\ronald\Downloads\RedGate-Reflector-8.0.2.313-Keygen_www.PlusCrack.com (1).rar (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Users\ronald\Downloads\Redirector.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
C:\Users\ronald\Downloads\Themida - Winlicense 1.x - 2.x Imports Fixer Edition 1.0 by SnD How to use.rar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\ronald\Local Settings\Temporary Internet Files\Content.IE5\1I72AXGJ\5180d5eb3b399[1].exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Users\ronald\Local Settings\Temporary Internet Files\Content.IE5\1I72AXGJ\5180d6134f0b2[1].exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
 
(end)
 
 

 

MiniToolBox by Farbar  Version:21-04-2013
Windows Vista ™ Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= IP Configuration: ================================
 
Compact Wireless-G USB Network Adapter = Draadloze netwerkverbinding (Connected)
Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = LAN-verbinding (Media disconnected)
 
 
# ----------------------------------
# IPv4-configuratie
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add address name="LAN-verbinding 2" address=121.52.202.8
add address name="LAN-verbinding" address=192.168.0.1
 
 
popd
# Einde van IPv4-configuratie
 
 
 
Windows IP-configuratie
 
   Hostnaam  . . . . . . . . . . . . : PC_van_ronald
   Primair DNS-achtervoegsel . . . . : 
   Knooppunttype . . . . . . . . . . : hybride
   IP-routering ingeschakeld . . . . : nee
   WINS-proxy ingeschakeld . . . . . : nee
 
Ethernet-adapter LAN-verbinding* 25:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Fysiek adres. . . . . . . . . . . : 00-FF-DC-5D-E9-A5
   DHCP ingeschakeld . . . . . . . . : ja
   Autom. configuratie ingeschakeld  : ja
 
Adapter voor draadloos LAN Draadloze netwerkverbinding:
 
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Compact Wireless-G USB Network Adapter
   Fysiek adres. . . . . . . . . . . : 00-23-69-0B-D0-7F
   DHCP ingeschakeld . . . . . . . . : ja
   Autom. configuratie ingeschakeld  : ja
   Link-local IPv6-adres . . . . . . : fe80::9c87:1371:8a17:473f%63(voorkeur) 
   IPv4-adres. . . . . . . . . . . . : 192.168.178.35(voorkeur) 
   Subnetmasker. . . . . . . . . . . : 255.255.255.0
   Lease verkregen . . . . . . . . . : zaterdag 4 mei 2013 6:59:39
   Lease verlopen. . . . . . . . . . : dinsdag 14 mei 2013 6:59:39
   Standaardgateway. . . . . . . . . : 192.168.178.1
   DHCP-server . . . . . . . . . . . : 192.168.178.1
   DNS-servers . . . . . . . . . . . : 192.168.178.1
   NetBIOS via TCPIP . . . . . . . . : ingeschakeld
 
Ethernet-adapter LAN-verbinding:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Fysiek adres. . . . . . . . . . . : 00-24-21-5F-5E-39
   DHCP ingeschakeld . . . . . . . . : nee
   Autom. configuratie ingeschakeld  : ja
 
 
Server:  fritz.fonwlan.box
Address:  192.168.178.1
 
Naam:    google.com
Addresses:  2a00:1450:400c:c00::64
 173.194.78.113
 173.194.78.100
 173.194.78.102
 173.194.78.138
 173.194.78.101
 173.194.78.139
 
 
 
Pingen naar google.com [173.194.78.113] met 32 bytes aan gegevens:
 
Antwoord van 173.194.78.113: bytes=32 tijd=20 ms TTL=49
 
Antwoord van 173.194.78.113: bytes=32 tijd=27 ms TTL=49
 
 
 
Ping-statistieken voor 173.194.78.113:
 
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
 
    (0% verlies).
 
 
 
De gemiddelde tijd voor het uitvoeren van een bewerking in milliseconden:
 
    Minimum = 20ms, Maximum = 27ms, Gemiddelde = 23ms
 
Server:  fritz.fonwlan.box
Address:  192.168.178.1
 
Naam:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
 
Pingen naar yahoo.com [206.190.36.45] met 32 bytes aan gegevens:
 
Antwoord van 206.190.36.45: bytes=32 tijd=172 ms TTL=48
 
Antwoord van 206.190.36.45: bytes=32 tijd=269 ms TTL=48
 
 
 
Ping-statistieken voor 206.190.36.45:
 
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
 
    (0% verlies).
 
 
 
De gemiddelde tijd voor het uitvoeren van een bewerking in milliseconden:
 
    Minimum = 172ms, Maximum = 269ms, Gemiddelde = 220ms
 
 
 
Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
 
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
 
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
 
 
 
Ping-statistieken voor 127.0.0.1:
 
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
 
    (0% verlies).
 
 
 
De gemiddelde tijd voor het uitvoeren van een bewerking in milliseconden:
 
    Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
 
===========================================================================
Interfacelijst
 69 ...00 ff dc 5d e9 a5 ...... Anchorfree HSS VPN Adapter
 63 ...00 23 69 0b d0 7f ...... Compact Wireless-G USB Network Adapter
 10 ...00 24 21 5f 5e 39 ...... Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 68 ...00 00 00 00 00 00 00 e0  isatap.{63F50A02-3C7F-4A4A-B517-75163FB09E99}
 67 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 52 ...00 00 00 00 00 00 00 e0  Microsoft Direct Point-to-point Adapter #2
 49 ...00 00 00 00 00 00 00 e0  Microsoft Direct Point-to-point Adapter
 72 ...00 00 00 00 00 00 00 e0  isatap.{82992085-E36F-479E-9979-AB8F1240E140}
 70 ...00 00 00 00 00 00 00 e0  isatap.{DC5DE9A5-EF98-4B77-B7E2-1212ED9C14CB}
 71 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================
 
IPv4 routetabel
===========================================================================
Actieve routes:
Netwerkadres             Netmasker          Gateway        Interface Metric
          0.0.0.0          0.0.0.0    192.168.178.1   192.168.178.35     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.178.0    255.255.255.0         On-link    192.168.178.35    281
   192.168.178.35  255.255.255.255         On-link    192.168.178.35    281
  192.168.178.255  255.255.255.255         On-link    192.168.178.35    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    192.168.178.35    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    192.168.178.35    281
===========================================================================
Permanente routes:
  Geen
 
IPv6 routetabel
===========================================================================
Actieve routes:
 Indien metrische netwerkbestemming      Gateway
  1    306 ::1/128                  On-link
 63    281 fe80::/64                On-link
 63    281 fe80::9c87:1371:8a17:473f/128
                                    On-link
  1    306 ff00::/8                 On-link
 63    281 ff00::/8                 On-link
===========================================================================
Permanente routes:
  Geen
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 53 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 54 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 55 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 56 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 57 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 58 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 59 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 60 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 61 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 62 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 63 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 64 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/04/2013 07:18:54 AM) (Source: Application Hang) (User: )
Description: Programma Spyhunter4.exe, versie 4.12.13.4202 reageert niet meer op Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en -oplossingen in het Configuratiescherm controleren.
Proces-id: 8c4
Starttijd: 01ce488434e5af26
Eindtijd: 3271
 
Error: (05/04/2013 07:01:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/03/2013 06:40:50 PM) (Source: Application Hang) (User: )
Description: Programma devenv.exe, versie 10.0.30319.1 reageert niet meer op Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en -oplossingen in het Configuratiescherm controleren.
Proces-id: 13f4
Starttijd: 01ce481bd3ac89e0
Eindtijd: 0
 
Error: (05/03/2013 05:46:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/03/2013 02:33:09 PM) (Source: Application Error) (User: )
Description: Toepassing met fout Explorer.EXE, versie 6.0.6001.18164, tijdstempel 0x4907e242, module met fout korwbrkr.dll_unloaded, versie 0.0.0.0, tijdstempel 0x483b995b, uitzonderingscode 0xc0000005, foutmarge 0x65567cf3,
proces-id 0xcb8, starttijd van toepassing 0xExplorer.EXE0.
 
Error: (05/03/2013 11:27:54 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/03/2013 10:49:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/03/2013 10:10:08 AM) (Source: Windows Search Service) (User: )
Description: De update kan niet worden gestart omdat er geen toegang kan worden verkregen tot de inhoudsbronnen. Herstel de fouten en probeer de update opnieuw uit te voeren.
 
Context: toepassing , catalogus SystemIndex
 
Error: (05/03/2013 09:55:44 AM) (Source: Application Error) (User: )
Description: Toepassing met fout fbwmgr.exe, versie 0.0.0.0, tijdstempel 0x517aea40, module met fout fbwmgr.exe, versie 0.0.0.0, tijdstempel 0x517aea40, uitzonderingscode 0x40000015, foutmarge 0x0002ada4,
proces-id 0x1768, starttijd van toepassing 0xfbwmgr.exe0.
 
Error: (05/03/2013 09:55:29 AM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
 
System errors:
=============
Error: (05/04/2013 07:05:56 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032
 
Error: (05/04/2013 07:02:47 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
 
Error: (05/04/2013 07:01:13 AM) (Source: Service Control Manager) (User: )
Description: SQL Server (SQLEXPRESS)%%1053
 
Error: (05/04/2013 07:01:13 AM) (Source: Service Control Manager) (User: )
Description: 30000SQL Server (SQLEXPRESS)
 
Error: (05/04/2013 06:59:37 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
 
Error: (05/03/2013 05:50:15 PM) (Source: ipnathlp) (User: )
Description: De DNS-proxy-agent kan geen 0 bytes geheugen toewijzen. Dit kan wijzen op het feit dat het systeem weinig virtueel geheugen heeft of dat geheugenbeheer een interne fout heeft gevonden.
 
Error: (05/03/2013 05:50:13 PM) (Source: ipnathlp) (User: )
Description: De DNS-proxy-agent kan geen 0 bytes geheugen toewijzen. Dit kan wijzen op het feit dat het systeem weinig virtueel geheugen heeft of dat geheugenbeheer een interne fout heeft gevonden.
 
Error: (05/03/2013 05:50:10 PM) (Source: ipnathlp) (User: )
Description: De DNS-proxy-agent kan geen 0 bytes geheugen toewijzen. Dit kan wijzen op het feit dat het systeem weinig virtueel geheugen heeft of dat geheugenbeheer een interne fout heeft gevonden.
 
Error: (05/03/2013 05:48:25 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032
 
Error: (05/03/2013 05:46:24 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-04 07:15:39.306
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-04 07:15:39.166
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-04 07:15:32.788
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-04 07:15:32.654
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-04 07:15:22.829
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-04 07:15:22.673
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-04 07:15:13.155
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-04 07:15:07.449
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-03 18:25:18.185
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2013-05-03 18:25:17.612
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
.NET Reflector Desktop (Version: 7.7.0.236)
ActiveCheck component for HP Active Support Library (Version: 1.1.18.0)
Additional Components for Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.233)
Adobe Photoshop CS6 (Version: 13.0.0.0)
Adobe Reader 9.3.4 - Nederlands (Version: 9.3.4)
AhnLab Online Security
Android SDK Tools (Version: 1.16)
CodeBlocks (Version: 12.11)
CodeWall 2010 (Version: 4.0.0)
Compatibiliteitspakket voor het 2007 Microsoft Office system (Version: 12.0.6612.1000)
Crystal Reports for Visual Studio (Version: 12.51.0.240)
CyberLink DVD Suite Deluxe (Version: 6.0.2326)
Diagnostisch hulpprogramma voor hardware (Version: 5.1.5048.14)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Entity Framework Designer for Visual Studio 2012 - enu (Version: 11.1.20810.00)
Europe MapleStory for Vista
Evaluatieversie van Microsoft Office voor Thuisgebruik en Studenten 2007
FlashGet3.7 (Version: 3.7.0.1203)
F-Secure Launch pad (Version: 1.71.340.0)
GlassFish Server Open Source Edition 3.1.2.2
Google Chrome (Version: 26.0.1410.64)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Hotspot Shield 2.93 (Version: 2.93)
HP Active Support Library (Version: 3.1.10.1)
HP Customer Experience Enhancements (Version: 5.7.0.2875)
HP MediaSmart TV (Version: 2.2.1622)
HP Odometer (Version: 2.10.0000)
HP Recovery Manager RSS (Version: 92.0.0.9)
HP Support Information (Version: 10.1.0001)
HP Total Care Advisor (Version: 2.4.6171.2860)
HP Total Care Setup (Version: 1.1.2413.2876)
HP Update (Version: 4.000.013.003)
HPAsset component for HP Active Support Library (Version: 2.0.64.3)
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Java DB 10.6.2.1 (Version: 10.6.2.1)
Java SE Development Kit 7 Update 9 (Version: 1.7.0.90)
Java™ 6 Update 37 (Version: 6.0.370)
Java™ SE Development Kit 6 Update 31 (Version: 1.6.0.310)
Java™ SE Development Kit 6 Update 37 (Version: 1.6.0.370)
LabelPrint (Version: 2.5.1103)
LightScribe System Software  1.14.32.1 (Version: 1.14.32.1)
Linksys Wireless Manager (Version: 4.9.9047.0)
MapleStorySEA (Version: 1.25.1)
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 3.5 Language Pack SP1 - nld (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended NLD Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50709)
Microsoft Application Compatibility Toolkit 5.6 (Version: 5.6.7324.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Expression Blend 3 (Version: 3.0.1927.0)
Microsoft Expression Blend 3 SDK (Version: 1.0.1340.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Help Viewer 2.0 (Version: 2.0.50727)
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (Version: 2.0.30717.9005)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (Dutch) (Version: 12.0.6612.1000)
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Dutch) 2007 (Version: 12.0.4518.1017)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service  (Version: 11.0.2100.60)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 4.0 SP1 ENU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (Version: 11.1.20828.01)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (Version: 11.1.20828.01)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x86) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (Version: 2.0.3010.0)
Microsoft System CLR Types for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (Version: 11.0.50727)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86-x64 Compilers (Version: 11.0.50727)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40302)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40307)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD (Version: 10.0.40302)
Microsoft Visual Studio 2010 Ultimate - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2012 Devenv (Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Integrated) (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (Version: 4.0.8876.1)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (Version: 11.0.50727)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (Version: 11.0.50727.42)
Microsoft Visual Studio Express 2012 for Windows Desktop (Version: 11.0.50727)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Test Professional 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Test Professional 2012 (Version: 11.0.50727)
Microsoft Visual Studio Test Professional 2012 (Version: 11.0.50727.1)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (Version: 11.0.50727)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
Microsoft Works (Version: 9.7.0621)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (ARP entry) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Redists) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Shared Components) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Visual Studio) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Documentation (Version: 4.0.20823.0)
Microsoft XNA Game Studio Platform Tools (Version: 1.3.0.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mono for Android 4.4.54 (Version: 4.4.54)
Mono for Windows 3.0.2 (Version: 3.0.2)
MonoDevelop 3.0.6 (Version: 3.0.6)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My HP Games (Version: 1.0.0.62)
MySQL Server 5.5 (Version: 5.5.28)
MySQL Workbench 5.2 CE (Version: 5.2.39)
NetBeans IDE 7.2.1 (Version: 7.2.1)
Nexon Game Manager
NVIDIA Drivers (Version: 1.4)
Pando Media Booster (Version: 2.6.0.9)
Power2Go (Version: 6.0.2325)
PowerDirector (Version: 7.0.2417)
PremiumSoft Navicat 10.0 for MySQL
Prerequisites for SSDT  (Version: 11.0.2100.60)
Pure Networks Platform (Version: 11.1.9044.0)
Python 2.6 pywin32-212 (Version: 2.12)
Python 2.6.1 (Version: 2.6.1150)
Qt 5.0.0 (Version: 5.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5740)
Search Assistant SimpleSpeedy 1.74
SearchNewTab (Version: )
Service Pack 1 for SQL Server 2008 (KB968369) (Version: 10.1.2531.0)
SpyHunter (Version: 4.12.13.4202)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
SUPERAntiSpyware (Version: 5.6.1014)
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
Taalpakket voor Microsoft .NET Framework 4 Extended - NLD (Version: 4.0.30319)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD (Version: 10.0.40302)
TortoiseSVN 1.7.10.23359 (32 bit) (Version: 1.7.23359)
Unlocker 1.9.1 (Version: 1.9.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
WampServer 2.2
Web Deployment Tool (Version: 1.1.0618)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Software Development Kit (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.59.25584)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
WPF Toolkit June 2009 (Version 3.5.40619.1) (Version: 3.5.40619.1)
Xamarin Mono for Android Installer (Version: 3.0.0.0)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 71%
Total physical RAM: 3069.45 MB
Available physical RAM: 876.07 MB
Total Pagefile: 6353.94 MB
Available Pagefile: 3882.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.46 MB
 
========================= Partitions: =====================================
 
1 Drive c: (COMPAQ) (Fixed) (Total:453.9 GB) (Free:253.78 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.86 GB) (Free:1.64 GB) NTFS
 
========================= Users: ========================================
 
Gebruikersaccounts voor \\PC_VAN_RONALD
 
Administrator                               
ronald                   
De opdracht is voltooid.
 
 
**** End of log ****
 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
 
&copy Malwarebytes Corporation 2011-2012
 
OS version: 6.0.6001 Windows Vista Service Pack 1 x86
 
Account is Administrative
 
Internet Explorer version: 8.0.6001.19088
 
Java version: 1.6.0_37
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.666000 GHz
Memory total: 3218554880, free: 1141071872
 
------------ Kernel report ------------
  05/04/2013 11:56:03
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\Drivers\fsbts.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rtlh86.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\taphss6.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
\??\C:\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\WUSB54GCv3.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\Mkd2Nadr.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\RMCAST.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\pnarp.sys
\SystemRoot\system32\DRIVERS\purendis.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\WUDFPf.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
\??\C:\Program Files\F-Secure\apps\CCF_Scanning\fsni32.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
 
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8764aac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006f\
Lower Device Object: 0xffffffff8764d9c0
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
 
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8589c330
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff8576f858
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
 
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
Initializing...
Done!
 
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8589c330, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85dc9d20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8589c330, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8571ab98, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8576f858, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0xffffffffb1cf9700, 0xffffffff8589c330, 0xffffffff85b68040
Lower DeviceData: 0xffffffff91207370, 0xffffffff8576f858, 0xffffffff85a856e8
 
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
 
Device number: 0, partition: 1
 
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232
 
Partition information:
 
  Partition 0 type is Primary (0x7)
  Partition is ACTIVE.
  Partition starts at LBA: 63 Numsec = 951894657
  Partition file system is NTFS
  Partition is bootable
 
  Partition 1 type is Primary (0x7)
  Partition is NOT ACTIVE.
  Partition starts at LBA: 951894720 Numsec = 24872400
 
  Partition 2 type is Empty (0x0)
  Partition is NOT ACTIVE.
  Partition starts at LBA: 0 Numsec = 0
 
  Partition 3 type is Empty (0x0)
  Partition is NOT ACTIVE.
  Partition starts at LBA: 0 Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff8764aac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8764dd20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8764aac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8764d9c0, DeviceName: \Device\0000006f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Done!
Performing system, memory and registry scan...
Scan Interrupted
Done!
=======================================
 
 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
 
Database version: v2013.05.04.04
 
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
ronald :: PC_VAN_RONALD [administrator]
 
4-5-2013 14:01:16
mbar-log-2013-05-04 (14-01-16).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 27404
Time elapsed: 2 hour(s), 4 minute(s), 34 second(s) [aborted]
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users