SSL-certificaat van Xolphin Powered by Cloud VPS - High Availability Cloud Servers Steun Nucia, doneer!
Resultaten 1 tot 11 van de 11
  1. #1

    Technische vaardigheid
    1. Beginner
    Besturingssysteem
    Windows 7 Home Premium 32
    Antivirus
    Norman
    Firewall
    Windows Firewall
    Berichten
    6

    Via internet andere website dan gevraagd. Virus?

    Ik krijg via Google een andere website dan waarnaar ik gezocht heb.
    Dit gebeurt niet elke keer maar wel vaak.
    Volgens mij is dit een virus.
    Ik heb deze site bekeken hiervoor en de stappen uitgevoerd die opgesomd werden om het virus te ontdekken.
    Ik heb een dds.txt bestand maar waar plaats ik de inhoud?
    Toch niet gewoon binnen dit forum?
    Dan kan iedereen dit lezen.
    Kan ik dit naar iemand mailen?

  2. #2
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.342
    Hallo,

    De inhoud van DDS.txt mag je hier plaatsen.
    Plaats ook het logje van MBAM hier.

  3. #3

    Technische vaardigheid
    1. Beginner
    Besturingssysteem
    Windows 7 Home Premium 32
    Antivirus
    Norman
    Firewall
    Windows Firewall
    Berichten
    6

    De gevraagde logbestanden. Waar zit het probleem?

    DDS,TXT:

    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by Westerlo at 17:25:49 on 2011-12-27
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.975 [GMT 1:00]
    .
    AV: Norman Security Suite *Enabled/Updated* {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
    .
    ============== Running Processes ===============
    .
    C:\Program Files\Norman\Npm\Bin\eLogsvc.exe
    C:\Program Files\Norman\Ngs\Bin\Nnf.exe
    C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    C:\WINDOWS\system32\svchost -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\Program Files\Norman\Npm\Bin\Zanda.exe
    C:\Program Files\Norman\npm\bin\nvoy.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Sitecom\Common\RegistryWriter.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Norman\Npm\Bin\scheduler.exe
    C:\Program Files\Norman\Npm\Bin\Njeeves.exe
    C:\Program Files\Norman\nse\bin\NSESVC.EXE
    C:\Program Files\Norman\Npm\Bin\ZLH.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\Program Files\Sitecom\Common\RaUI.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Norman\Nvc\bin\nvcoas.exe
    C:\Program Files\Norman\Nvc\Bin\Nip.exe
    C:\Program Files\Norman\Nvc\Bin\cclaw.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Bar = hxxp://www.google.com/ie
    uStart Page = hxxp://www.google.nl/
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
    BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [Nokia.PCSync] "c:\program files\nokia\nokia pc suite 6\PCSync2.exe" /NoDialog
    uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 6\PCSuite.exe" -onlytray
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [Google Update] "c:\documents and settings\westerlo\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.proplanet.nl/SaniNetViewer/?Badkamer=2011.02.16-15.58-1IX4689463-162442&T=NL&folder=&mode=swok"
    mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
    mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [hpqSRMon]
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\netgea~1.lnk - c:\program files\netgear\wpn111 configuration utility\wpn111.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\nkvmon~1.lnk - c:\program files\nikon\nkview6\NkvMon.exe
    StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\siteco~1.lnk - c:\program files\sitecom\common\RaUI.exe
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1213783661437
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1213783816843
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl.sun.com/webapps/download/AutoDL?BundleId=21871
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
    TCP: Interfaces\{AEB3A61B-D87A-4874-BCE1-9ADD80A78CFE} : DhcpNameServer = 62.179.104.196 213.46.228.196
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\westerlo\application data\mozilla\firefox\profiles\jvz81kv5.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - Bing Search
    FF - prefs.js: browser.startup.homepage - www.google.nl
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\documents and settings\westerlo\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2011-11-23 26744]
    R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2011-11-23 74144]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-10-12 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-10-12 67656]
    R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-7 366152]
    R2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\Ndiskio.sys [2009-10-16 22880]
    R2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2011-11-23 223000]
    R2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\Zanda.exe [2008-6-23 428912]
    R2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2011-11-23 90144]
    R2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2011-11-23 40384]
    R2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2009-3-14 100336]
    R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\sitecom\common\RegistryWriter.exe [2011-3-29 69632]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-7 22216]
    R3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\Nsesvc.exe [2010-6-18 288072]
    R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2008-6-23 24176]
    R3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\Nvcoas.exe [2009-2-20 198168]
    R3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2009-5-13 99312]
    S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
    S3 NVCScheduler;Norman Virus Control Scheduler;"c:\program files\norman\npm\bin\nvcsched.exe" --> c:\program files\norman\npm\bin\Nvcsched.exe [?]
    S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2011-3-29 713344]
    S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-10-12 12872]
    .
    =============== Created Last 30 ================
    .
    2011-12-27 16:10:09 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-12-27 16:01:16 709968 ----a-w- c:\windows\isRS-000.tmp
    2011-12-23 14:22:31 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-12-22 19:53:14 -------- dc----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
    2011-12-22 19:53:14 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-12-22 19:46:04 -------- d--h--r- c:\documents and settings\westerlo\Onlangs geopend
    2011-12-07 13:56:22 -------- d-----w- c:\documents and settings\westerlo\application data\Malwarebytes
    2011-12-07 13:56:17 -------- dc----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-12-07 13:56:13 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-07 13:56:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    .
    ==================== Find3M ====================
    .
    2011-11-23 14:40:48 1859712 ----a-w- c:\windows\system32\win32k.sys
    2011-11-04 19:13:23 916992 ----a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:13:22 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:13:22 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:25:39 385024 ----a-w- c:\windows\system32\html.iec
    2011-11-01 16:07:16 1288192 ----a-w- c:\windows\system32\ole32.dll
    2011-10-28 05:32:20 33280 ----a-w- c:\windows\system32\csrsrv.dll
    2011-10-26 10:50:01 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-10-26 10:50:01 2031616 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-10-18 11:13:37 186880 ----a-w- c:\windows\system32\encdec.dll
    2011-10-10 14:22:51 692736 ----a-w- c:\windows\system32\inetcomm.dll
    .
    ============= FINISH: 17:32:20,20 ===============


    Mbam logfile:
    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Databaseversie: 911122702

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    27-12-2011 17:18:00
    mbam-log-2011-12-27 (17-18-00).txt

    Scantype: Snelle scan
    Objecten gescand: 188675
    Verstreken tijd: 7 minuut/minuten, 43 seconde(n)

    Geheugenprocessen ge´nfecteerd: 0
    Geheugenmodulen ge´nfecteerd: 0
    Registersleutels ge´nfecteerd: 0
    Registerwaarden ge´nfecteerd: 0
    Registerdata ge´nfecteerd: 0
    Mappen ge´nfecteerd: 0
    Bestanden ge´nfecteerd: 0

    Geheugenprocessen ge´nfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen ge´nfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels ge´nfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden ge´nfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata ge´nfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen ge´nfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden ge´nfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

  4. #4
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.342
    Doe dit nog even:
    • Downloadt Defogger en plaats het op je bureaublad: http://www.jpshortstuff.247fixes.com/Defogger.exe
      Dubbelklik op Defogger.exe om de tool te starten.
      In het scherm dat verschijnt klik je op de knop "Disable".
      In het volgende scherm klik je op Ja (Yes) om verder te gaan.
      Wacht tot je de melding 'Finished' krijgt en klik in dat scherm op "Ok".
      Indien DeFogger vraagt om de computer te herstarten doe je dit.
      Krijg je een foutmelding wanneer je Defogger gebruikt, dan zoek je op het bureaublad (of de map van waar je Defogger gestart hebt) naar het bestand defogger_disable en post je de inhoud van dit bestand.
      CD-emulator software kan je weer inschakelen met behulp van Defogger door de tool te starten en op de knop "Re-enable" te klikken.
      Dit doe je pas wanneer we volledig klaar zijn met de analyse van de computer.
    Daarna doe een scan met Gmer:
    • Download Gmer Rootkitscanner: http://www2.gmer.net/download.php
      Plaats het op je bureaublad.
      Het bestand dat je downloadt bestaat uit een willekeurig gekozen combinatie van cijfers en letters. (vb jqb1jln3.exe of ubmp5cd5.exe steeds een combinatie van 8 cijfers en letters)
      Dubbelklik op dit bestand om Gmer te starten.
      Krijg je een melding dat er rootkits actief zijn en er wordt gevraagd om een scan uit te voeren, dan sta je dit niet toe.
      Aan de rechterkant heb je een aantal opties die je kan uit- of aanvinken. Standaard staat alles aangevinkt, dit laat je zo.
      Onder Files moet enkel de systeempartitie aangevinkt zijn. ( De systeempartitie is die partitie waarop je windows ge´nstalleerd is. )
      Haal het vinkje weg bij "show all" ( dit mag niet aangevinkt zijn! )
      Klik nu op de "Scan" knop om de rootkitscan met Gmer te starten.
      Als de scan klaar is klik je op de knop "Save" en sla je het logje op op je bureaublad.
      ( Klik je op knop "Copy", dan wordt de volledige rapportje van de log naar het klembord gekopieerd en kan je via CTRL+V in je volgende post plakken. )
      Om Gmer te sluiten, klik je op de knop "Cancel".

  5. #5

    Technische vaardigheid
    1. Beginner
    Besturingssysteem
    Windows 7 Home Premium 32
    Antivirus
    Norman
    Firewall
    Windows Firewall
    Berichten
    6

    de gmer rootkit scanner duurt al vier uren

    Ik heb de defogger uitgevoerd en hierna de gmer rootkitscanner opgestart.

    de gmer rootkit scanner duurt al vier uren
    is dit normaal?

    Als de gmer rootkit scanner is afgelopen, dien ik dan de log naar jullie te plaatsen?

    Kan ik dan de defogger weer "re-enable"-en?

    Groet,

    Li

  6. #6

    Technische vaardigheid
    1. Beginner
    Besturingssysteem
    Windows 7 Home Premium 32
    Antivirus
    Norman
    Firewall
    Windows Firewall
    Berichten
    6

    Hoe probleem op te lossen na gmer rootskinscan?

    Bij deze de log van de gmer rootkitscanner:

    Kan ik nu met de defogger de re-enable opstarten?

    Kunnen jullie aangeven hoe ik het probleem (zoeken met google kom ik regelmatig op een hele andere website terecht...) kan oplossen?

    Dank je,

    Groet Li

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-01-06 19:28:53
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3250410AS rev.3.AAC
    Running: h2gefksw.exe; Driver: C:\DOCUME~1\Westerlo\LOCALS~1\Temp\pwlyqpob.sys


    ---- System - GMER 1.0.15 ----

    SSDT \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys (Process Security Driver/Norman ASA) ZwCreateEvent [0xA1E549B0]
    SSDT \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys (Process Security Driver/Norman ASA) ZwCreateFile [0xA1E543CE]
    SSDT \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys (Process Security Driver/Norman ASA) ZwCreateProcess [0xA1E53854]
    SSDT \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys (Process Security Driver/Norman ASA) ZwCreateProcessEx [0xA1E53884]
    SSDT \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys (Process Security Driver/Norman ASA) ZwCreateThread [0xA1E538B4]
    SSDT \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys (Process Security Driver/Norman ASA) ZwSetSystemInformation [0xA1E544D8]
    SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xA1D3A620]
    SSDT \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys (Process Security Driver/Norman ASA) ZwWriteVirtualMemory [0xA1E541CC]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text atapi.sys B9F36852 1 Byte [CC] {INT 3 }

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 012E0001
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe[128] ws2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 01D20001
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe[140] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 05E10001
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[180] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[360] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 04B50001
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 00A60001
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe[396] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 035B0001
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[560] ws2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Nikon\NkView6\NkvMon.exe[632] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 009C0001
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 01620001
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\Sitecom\Common\RaUI.exe[664] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe[868] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 01650001
    .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[1044] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 014F0001
    .text C:\Program Files\Norman\Nvc\Bin\Nip.exe[1868] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[1936] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 00DD0001
    .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1952] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 00B00001
    .text C:\Program Files\Norman\nse\bin\NSESVC.EXE[1976] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 029E0001
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\iTunes\iTunesHelper.exe[1984] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 01180001
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1992] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\WINDOWS\system32\ctfmon.exe[2012] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 00BF0001
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 03A20001
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F1A0F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F260F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F230F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F200F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F1D0F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2044] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F170F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0040131F C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 00FF0001
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2068] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Norman\Nvc\Bin\cclaw.exe[2192] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text C:\Program Files\Norman\Nvc\bin\nvcoas.exe[2452] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text D:\Mijn Documenten\Downloads\Defogger(2).exe[2508] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 00AC0001
    .text D:\Mijn Documenten\Downloads\Defogger(2).exe[2508] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text D:\Mijn Documenten\Downloads\h2gefksw.exe[3160] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 003D0001
    .text D:\Mijn Documenten\Downloads\h2gefksw.exe[3160] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 01C20001
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3276] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 00F10001
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] kernel32.dll!FreeLibrary + 15 7C7DAC93 4 Bytes CALL 7170003D
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!htons 71A32E53 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!WSAGetLastError + 2 71A33CD0 4 Bytes JMP 5F0B001E
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!closesocket 71A33E2B 6 Bytes JMP 5F0D0F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!connect 71A34A07 6 Bytes JMP 5F130F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!WSAEventSelect 71A364D9 6 Bytes JMP 5F1F0F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!WSAAsyncSelect 71A40991 6 Bytes JMP 5F1C0F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!WSAConnect 71A40C81 6 Bytes JMP 5F190F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!WSAAccept 71A40DC1 6 Bytes JMP 5F160F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] WS2_32.dll!accept 71A41040 6 Bytes JMP 5F100F5A
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3300] USER32.dll!TrackPopupMenu 7E3E531E 5 Bytes JMP 105D69A2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4036] kernel32.dll!LoadLibraryExW + C4 7C7D1BB9 4 Bytes CALL 01430001

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- Threads - GMER 1.0.15 ----

    Thread System [4:116] 89D9416D
    Thread System [4:308] 89863B90

    ---- EOF - GMER 1.0.15 ----

  7. #7
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.342
    Downloadt TDSSKiller en plaats het op je bureaublad.
    Dubbelklik op TDSSKiller.exe om de tool te starten.
    Klik op "Change parameters" en vink aan:
    - Services and drivers
    - Boot sectors
    - Verify drivers digital signatures
    - Detect TDLFS file system.
    Klik op "OK"
    Klik op de knop "Start Scan" en volg de instructies.
    Wanneer de scan klaar is klik je op de knop "Report".
    Er opent een kladblokbestand. Post de inhoud van dit bestand.
    Geeft TDSSKiller aan om een bestand te genezen (Cure),dan sta je dit toe. In dit geval wordt gevraagd om de computer te herstarten. Doe dit onmiddellijk.
    Na reboot vind je de log op c:\ met de naam TDSSKiller.versie_datum_uur_log.txt.
    Post dat logje.

  8. #8

    Technische vaardigheid
    1. Beginner
    Besturingssysteem
    Windows 7 Home Premium 32
    Antivirus
    Norman
    Firewall
    Windows Firewall
    Berichten
    6

    Dader gevonden

    Volgens mij is de dader gevonden en gecured.
    Er waren twee zaken welke de actie skip hadden. Dien ik hier nog iets mee te doen?

    17:58:17.0703 3288 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
    17:58:17.0812 3288 ============================================================
    17:58:17.0812 3288 Current date / time: 2012/01/09 17:58:17.0812
    17:58:17.0812 3288 SystemInfo:
    17:58:17.0812 3288
    17:58:17.0812 3288 OS Version: 5.1.2600 ServicePack: 3.0
    17:58:17.0812 3288 Product type: Workstation
    17:58:17.0812 3288 ComputerName: MG-212794
    17:58:17.0812 3288 UserName: Westerlo
    17:58:17.0812 3288 Windows directory: C:\WINDOWS
    17:58:17.0812 3288 System windows directory: C:\WINDOWS
    17:58:17.0812 3288 Processor architecture: Intel x86
    17:58:17.0812 3288 Number of processors: 2
    17:58:17.0812 3288 Page size: 0x1000
    17:58:17.0812 3288 Boot type: Normal boot
    17:58:17.0812 3288 ============================================================
    17:58:19.0078 3288 Initialize success
    17:59:14.0765 0636 ============================================================
    17:59:14.0765 0636 Scan started
    17:59:14.0765 0636 Mode: Manual; SigCheck; TDLFS;
    17:59:14.0765 0636 ============================================================
    17:59:15.0390 0636 Abiosdsk - ok
    17:59:15.0406 0636 abp480n5 - ok
    17:59:15.0437 0636 ACPI (d6314c6c65078596556b407b09a7bcdf) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    17:59:15.0500 0636 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: d6314c6c65078596556b407b09a7bcdf, Fake md5: 02273a448ba21a7d447daeb47810d40c
    17:59:15.0500 0636 ACPI ( Virus.Win32.Rloader.a ) - infected
    17:59:15.0500 0636 ACPI - detected Virus.Win32.Rloader.a (0)
    17:59:15.0531 0636 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
    17:59:16.0843 0636 ACPIEC - ok
    17:59:16.0906 0636 adpu160m - ok
    17:59:16.0937 0636 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    17:59:17.0078 0636 aec - ok
    17:59:17.0125 0636 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
    17:59:17.0171 0636 AegisP ( UnsignedFile.Multi.Generic ) - warning
    17:59:17.0171 0636 AegisP - detected UnsignedFile.Multi.Generic (1)
    17:59:17.0218 0636 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    17:59:17.0296 0636 AFD - ok
    17:59:17.0312 0636 Aha154x - ok
    17:59:17.0312 0636 aic78u2 - ok
    17:59:17.0312 0636 aic78xx - ok
    17:59:17.0343 0636 AliIde - ok
    17:59:17.0343 0636 amsint - ok
    17:59:17.0359 0636 asc - ok
    17:59:17.0375 0636 asc3350p - ok
    17:59:17.0375 0636 asc3550 - ok
    17:59:17.0437 0636 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    17:59:17.0546 0636 AsyncMac - ok
    17:59:17.0562 0636 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    17:59:17.0640 0636 atapi - ok
    17:59:17.0656 0636 Atdisk - ok
    17:59:17.0671 0636 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    17:59:17.0812 0636 Atmarpc - ok
    17:59:17.0843 0636 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    17:59:17.0953 0636 audstub - ok
    17:59:18.0000 0636 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    17:59:18.0109 0636 Beep - ok
    17:59:18.0156 0636 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    17:59:18.0281 0636 cbidf2k - ok
    17:59:18.0296 0636 cd20xrnt - ok
    17:59:18.0312 0636 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    17:59:18.0421 0636 Cdaudio - ok
    17:59:18.0453 0636 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    17:59:18.0562 0636 Cdfs - ok
    17:59:18.0578 0636 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    17:59:18.0718 0636 Cdrom - ok
    17:59:18.0718 0636 Changer - ok
    17:59:18.0734 0636 CmdIde - ok
    17:59:18.0750 0636 Cpqarray - ok
    17:59:18.0765 0636 dac2w2k - ok
    17:59:18.0781 0636 dac960nt - ok
    17:59:18.0796 0636 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    17:59:18.0906 0636 Disk - ok
    17:59:18.0953 0636 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
    17:59:19.0156 0636 dmboot - ok
    17:59:19.0234 0636 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
    17:59:19.0359 0636 dmio - ok
    17:59:19.0390 0636 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    17:59:19.0500 0636 dmload - ok
    17:59:19.0546 0636 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    17:59:19.0640 0636 DMusic - ok
    17:59:19.0656 0636 dpti2o - ok
    17:59:19.0671 0636 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    17:59:19.0781 0636 drmkaud - ok
    17:59:19.0812 0636 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    17:59:19.0937 0636 Fastfat - ok
    17:59:19.0953 0636 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    17:59:20.0062 0636 Fdc - ok
    17:59:20.0078 0636 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
    17:59:20.0187 0636 Fips - ok
    17:59:20.0203 0636 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    17:59:20.0312 0636 Flpydisk - ok
    17:59:20.0328 0636 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    17:59:20.0453 0636 FltMgr - ok
    17:59:20.0484 0636 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    17:59:20.0578 0636 Fs_Rec - ok
    17:59:20.0609 0636 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    17:59:20.0750 0636 Ftdisk - ok
    17:59:20.0765 0636 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    17:59:20.0812 0636 GEARAspiWDM - ok
    17:59:20.0859 0636 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    17:59:20.0984 0636 Gpc - ok
    17:59:21.0015 0636 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    17:59:21.0156 0636 HDAudBus - ok
    17:59:21.0187 0636 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    17:59:21.0312 0636 HidUsb - ok
    17:59:21.0328 0636 hpn - ok
    17:59:21.0375 0636 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    17:59:21.0484 0636 HPZid412 - ok
    17:59:21.0531 0636 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    17:59:21.0578 0636 HPZipr12 - ok
    17:59:21.0593 0636 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    17:59:21.0656 0636 HPZius12 - ok
    17:59:21.0687 0636 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    17:59:21.0796 0636 HTTP - ok
    17:59:21.0812 0636 i2omgmt - ok
    17:59:21.0828 0636 i2omp - ok
    17:59:21.0843 0636 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    17:59:21.0953 0636 i8042prt - ok
    17:59:22.0015 0636 ialm (bc1f1ff8d5800398937966cdb0a97fdc) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    17:59:22.0187 0636 ialm - ok
    17:59:22.0218 0636 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    17:59:22.0343 0636 Imapi - ok
    17:59:22.0359 0636 ini910u - ok
    17:59:22.0484 0636 IntcAzAudAddService (c4006af18682fca0d8a011a0a21070f8) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    17:59:22.0937 0636 IntcAzAudAddService - ok
    17:59:22.0984 0636 IntelIde - ok
    17:59:23.0015 0636 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    17:59:23.0140 0636 intelppm - ok
    17:59:23.0156 0636 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    17:59:23.0296 0636 Ip6Fw - ok
    17:59:23.0328 0636 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    17:59:23.0468 0636 IpFilterDriver - ok
    17:59:23.0500 0636 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    17:59:23.0625 0636 IpInIp - ok
    17:59:23.0640 0636 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    17:59:23.0765 0636 IpNat - ok
    17:59:23.0796 0636 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    17:59:23.0937 0636 IPSec - ok
    17:59:24.0015 0636 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    17:59:24.0109 0636 IRENUM - ok
    17:59:24.0140 0636 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    17:59:24.0250 0636 isapnp - ok
    17:59:24.0265 0636 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    17:59:24.0390 0636 Kbdclass - ok
    17:59:24.0406 0636 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    17:59:24.0515 0636 kmixer - ok
    17:59:24.0546 0636 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    17:59:24.0656 0636 KSecDD - ok
    17:59:24.0656 0636 lbrtfdc - ok
    17:59:24.0703 0636 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
    17:59:24.0781 0636 MBAMProtector - ok
    17:59:24.0828 0636 MDC8021X (8fee53c104223973ed9919936d9cd156) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
    17:59:24.0859 0636 MDC8021X ( UnsignedFile.Multi.Generic ) - warning
    17:59:24.0859 0636 MDC8021X - detected UnsignedFile.Multi.Generic (1)
    17:59:24.0890 0636 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    17:59:25.0000 0636 mnmdd - ok
    17:59:25.0031 0636 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
    17:59:25.0140 0636 Modem - ok
    17:59:25.0140 0636 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    17:59:25.0265 0636 Mouclass - ok
    17:59:25.0296 0636 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    17:59:25.0421 0636 mouhid - ok
    17:59:25.0453 0636 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    17:59:25.0562 0636 MountMgr - ok
    17:59:25.0578 0636 mraid35x - ok
    17:59:25.0593 0636 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    17:59:25.0718 0636 MRxDAV - ok
    17:59:25.0765 0636 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    17:59:25.0859 0636 MRxSmb - ok
    17:59:25.0906 0636 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    17:59:26.0015 0636 Msfs - ok
    17:59:26.0031 0636 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    17:59:26.0156 0636 MSKSSRV - ok
    17:59:26.0171 0636 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    17:59:26.0296 0636 MSPCLOCK - ok
    17:59:26.0328 0636 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    17:59:26.0437 0636 MSPQM - ok
    17:59:26.0468 0636 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    17:59:26.0593 0636 mssmbios - ok
    17:59:26.0640 0636 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    17:59:26.0687 0636 Mup - ok
    17:59:26.0703 0636 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    17:59:26.0828 0636 NDIS - ok
    17:59:26.0953 0636 Ndiskio (725123f7aebfef717e3f26b25b149d7a) C:\Program Files\Norman\Nse\bin\NDISKIO.SYS
    17:59:27.0015 0636 Ndiskio - ok
    17:59:27.0109 0636 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    17:59:27.0203 0636 NdisTapi - ok
    17:59:27.0234 0636 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    17:59:27.0343 0636 Ndisuio - ok
    17:59:27.0359 0636 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    17:59:27.0500 0636 NdisWan - ok
    17:59:27.0531 0636 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    17:59:27.0593 0636 NDProxy - ok
    17:59:27.0640 0636 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    17:59:27.0765 0636 NetBIOS - ok
    17:59:27.0781 0636 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    17:59:27.0906 0636 NetBT - ok
    17:59:28.0046 0636 NGS (490757522cded90e6af55dab943ba828) c:\program files\norman\ngs\bin\ngs.sys
    17:59:28.0078 0636 NGS - ok
    17:59:28.0156 0636 nmwcd (65ac8baa2f916ee9203ee48d7fcee605) C:\WINDOWS\system32\drivers\ccdcmb.sys
    17:59:28.0281 0636 nmwcd - ok
    17:59:28.0312 0636 nmwcdc (29af182734a247240d89a0fe63dbef03) C:\WINDOWS\system32\drivers\ccdcmbo.sys
    17:59:28.0375 0636 nmwcdc - ok
    17:59:28.0421 0636 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    17:59:28.0531 0636 Npfs - ok
    17:59:28.0656 0636 NPROSEC (cc405124896f8704b76b81bcd84e9427) C:\Program Files\Norman\Ngs\Bin\nprosec.sys
    17:59:28.0703 0636 NPROSEC - ok
    17:59:28.0750 0636 nregsec (cc0ac51d07884984d04669b496563c95) C:\Program Files\Norman\Ngs\Bin\nregsec.sys
    17:59:28.0796 0636 nregsec - ok
    17:59:28.0890 0636 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    17:59:29.0062 0636 Ntfs - ok
    17:59:29.0093 0636 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    17:59:29.0203 0636 Null - ok
    17:59:29.0250 0636 NvcMFlt (46e8ef8834a1c5f28acd46820bc0555a) C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys
    17:59:29.0281 0636 NvcMFlt - ok
    17:59:29.0312 0636 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    17:59:29.0437 0636 NwlnkFlt - ok
    17:59:29.0437 0636 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    17:59:29.0578 0636 NwlnkFwd - ok
    17:59:29.0609 0636 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
    17:59:29.0750 0636 Parport - ok
    17:59:29.0765 0636 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    17:59:29.0875 0636 PartMgr - ok
    17:59:29.0906 0636 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
    17:59:30.0000 0636 ParVdm - ok
    17:59:30.0031 0636 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
    17:59:30.0093 0636 pccsmcfd - ok
    17:59:30.0125 0636 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
    17:59:30.0250 0636 PCI - ok
    17:59:30.0250 0636 PCIDump - ok
    17:59:30.0281 0636 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
    17:59:30.0390 0636 PCIIde - ok
    17:59:30.0421 0636 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
    17:59:30.0562 0636 Pcmcia - ok
    17:59:30.0578 0636 PDCOMP - ok
    17:59:30.0578 0636 PDFRAME - ok
    17:59:30.0593 0636 PDRELI - ok
    17:59:30.0609 0636 PDRFRAME - ok
    17:59:30.0609 0636 perc2 - ok
    17:59:30.0625 0636 perc2hib - ok
    17:59:30.0703 0636 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    17:59:30.0937 0636 PptpMiniport - ok
    17:59:30.0953 0636 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    17:59:31.0078 0636 PSched - ok
    17:59:31.0093 0636 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    17:59:31.0203 0636 Ptilink - ok
    17:59:31.0218 0636 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    17:59:31.0281 0636 PxHelp20 - ok
    17:59:31.0281 0636 ql1080 - ok
    17:59:31.0296 0636 Ql10wnt - ok
    17:59:31.0296 0636 ql12160 - ok
    17:59:31.0312 0636 ql1240 - ok
    17:59:31.0328 0636 ql1280 - ok
    17:59:31.0343 0636 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    17:59:31.0453 0636 RasAcd - ok
    17:59:31.0500 0636 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    17:59:31.0625 0636 Rasl2tp - ok
    17:59:31.0640 0636 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    17:59:31.0781 0636 RasPppoe - ok
    17:59:31.0796 0636 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    17:59:31.0921 0636 Raspti - ok
    17:59:31.0953 0636 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    17:59:32.0093 0636 Rdbss - ok
    17:59:32.0093 0636 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    17:59:32.0203 0636 RDPCDD - ok
    17:59:32.0250 0636 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    17:59:32.0343 0636 RDPWD - ok
    17:59:32.0375 0636 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
    17:59:32.0500 0636 redbook - ok
    17:59:32.0562 0636 rt2870 (e2e588d92c8e151cd3515ee09fec90e2) C:\WINDOWS\system32\DRIVERS\rt2870.sys
    17:59:32.0687 0636 rt2870 - ok
    17:59:32.0718 0636 RTLE8023xp (badabe0940c01619e8510b90fb314929) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
    17:59:32.0828 0636 RTLE8023xp - ok
    17:59:32.0921 0636 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    17:59:32.0953 0636 SASDIFSV - ok
    17:59:32.0984 0636 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
    17:59:33.0015 0636 SASENUM - ok
    17:59:33.0031 0636 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
    17:59:33.0078 0636 SASKUTIL - ok
    17:59:33.0156 0636 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    17:59:33.0265 0636 Secdrv - ok
    17:59:33.0296 0636 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    17:59:33.0390 0636 serenum - ok
    17:59:33.0406 0636 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
    17:59:33.0531 0636 Serial - ok
    17:59:33.0546 0636 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    17:59:33.0640 0636 Sfloppy - ok
    17:59:33.0687 0636 Simbad - ok
    17:59:33.0703 0636 Sparrow - ok
    17:59:33.0718 0636 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    17:59:33.0828 0636 splitter - ok
    17:59:33.0843 0636 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
    17:59:33.0953 0636 sr - ok
    17:59:34.0000 0636 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    17:59:34.0109 0636 Srv - ok
    17:59:34.0140 0636 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    17:59:34.0234 0636 swenum - ok
    17:59:34.0250 0636 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    17:59:34.0359 0636 swmidi - ok
    17:59:34.0375 0636 symc810 - ok
    17:59:34.0390 0636 symc8xx - ok
    17:59:34.0406 0636 sym_hi - ok
    17:59:34.0406 0636 sym_u3 - ok
    17:59:34.0421 0636 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    17:59:34.0531 0636 sysaudio - ok
    17:59:34.0593 0636 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    17:59:34.0718 0636 Tcpip - ok
    17:59:34.0765 0636 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    17:59:34.0906 0636 TDPIPE - ok
    17:59:34.0921 0636 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    17:59:35.0046 0636 TDTCP - ok
    17:59:35.0062 0636 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    17:59:35.0171 0636 TermDD - ok
    17:59:35.0171 0636 TosIde - ok
    17:59:35.0234 0636 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    17:59:35.0343 0636 Udfs - ok
    17:59:35.0343 0636 ultra - ok
    17:59:35.0390 0636 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    17:59:35.0531 0636 Update - ok
    17:59:35.0578 0636 upperdev (2522747ba661514e3770e508cce45b64) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
    17:59:35.0625 0636 upperdev - ok
    17:59:35.0671 0636 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
    17:59:35.0765 0636 USBAAPL - ok
    17:59:35.0812 0636 usbbus (5aadc9297c39aa249cd994acdba19034) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
    17:59:35.0859 0636 usbbus - ok
    17:59:35.0906 0636 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    17:59:36.0031 0636 usbccgp - ok
    17:59:36.0031 0636 UsbDiag (4650ffe04e5922399b0e932319e6b215) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
    17:59:36.0078 0636 UsbDiag - ok
    17:59:36.0125 0636 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    17:59:36.0250 0636 usbehci - ok
    17:59:36.0265 0636 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    17:59:36.0375 0636 usbhub - ok
    17:59:36.0406 0636 USBModem (2666fe171e0c2e7085ccd5fe0bac09e3) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
    17:59:36.0453 0636 USBModem - ok
    17:59:36.0500 0636 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    17:59:36.0609 0636 usbprint - ok
    17:59:36.0671 0636 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    17:59:36.0796 0636 usbscan - ok
    17:59:36.0828 0636 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
    17:59:36.0937 0636 usbser - ok
    17:59:36.0953 0636 UsbserFilt (8aa5f86a6c3b3234beed9556d145bfac) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
    17:59:37.0015 0636 UsbserFilt - ok
    17:59:37.0046 0636 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    17:59:37.0125 0636 usbstor - ok
    17:59:37.0125 0636 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    17:59:37.0234 0636 usbuhci - ok
    17:59:37.0250 0636 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    17:59:37.0343 0636 VgaSave - ok
    17:59:37.0359 0636 ViaIde - ok
    17:59:37.0375 0636 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
    17:59:37.0484 0636 VolSnap - ok
    17:59:37.0515 0636 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    17:59:37.0609 0636 Wanarp - ok
    17:59:37.0656 0636 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
    17:59:37.0734 0636 Wdf01000 - ok
    17:59:37.0734 0636 WDICA - ok
    17:59:37.0765 0636 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    17:59:37.0906 0636 wdmaud - ok
    17:59:37.0953 0636 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    17:59:38.0046 0636 WpdUsb - ok
    17:59:38.0093 0636 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    17:59:38.0203 0636 WudfPf - ok
    17:59:38.0234 0636 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    17:59:38.0312 0636 WudfRd - ok
    17:59:38.0343 0636 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
    17:59:38.0546 0636 \Device\Harddisk0\DR0 - ok
    17:59:38.0546 0636 Boot (0x1200) (5a75a544497fd1d60d12663be12d795c) \Device\Harddisk0\DR0\Partition0
    17:59:38.0546 0636 \Device\Harddisk0\DR0\Partition0 - ok
    17:59:38.0562 0636 Boot (0x1200) (714cf7d878209d907832d53e29b3fe0e) \Device\Harddisk0\DR0\Partition1
    17:59:38.0562 0636 \Device\Harddisk0\DR0\Partition1 - ok
    17:59:38.0562 0636 ============================================================
    17:59:38.0562 0636 Scan finished
    17:59:38.0562 0636 ============================================================
    17:59:38.0671 1968 Detected object count: 3
    17:59:38.0671 1968 Actual detected object count: 3
    18:00:08.0468 1968 Backup copy found, using it..
    18:00:08.0500 1968 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
    18:00:08.0500 1968 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
    18:00:08.0500 1968 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
    18:00:08.0500 1968 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
    18:00:08.0500 1968 MDC8021X ( UnsignedFile.Multi.Generic ) - skipped by user
    18:00:08.0500 1968 MDC8021X ( UnsignedFile.Multi.Generic ) - User select action: Skip
    18:00:13.0750 2160 Deinitialize success

  9. #9
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.342
    Neen, niets mee doen.
    Zijn er nog problemen nu?

  10. #10

    Technische vaardigheid
    1. Beginner
    Besturingssysteem
    Windows 7 Home Premium 32
    Antivirus
    Norman
    Firewall
    Windows Firewall
    Berichten
    6

    Opgelost! Kan het killer programma ook op andere computer?

    Volgens mij is het probleem nu opgelost!
    De computer van mijn zoon heeft hetzelfde virus.
    Kan ik het killer programma hier ook voor gebruiken om het probleem op te lossen?

  11. #11
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.342
    Kan je proberen. Lukt het niet, dan start je best een nieuw topic.


    Voer de instructies uit die hier gegeven worden: De computer is malware-vrij, wat nu te doen?

    Meer info over hoe je een nieuwe infectie kan voorkomen vind je hier.
    Lees ook dit artikel even door: Niets voor niets.

    De status van deze thread zet ik op opgelost.
    Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk. Dit om het forum netjes en overzichtelijk te houden.
    Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privÚ bericht met verzoek om heropening.

    Happy surfing again.

Forum Rechten

  • Je mag geen nieuwe onderwerpen plaatsen
  • Je mag geen reacties plaatsen
  • Je mag geen bijlagen toevoegen
  • Je mag jouw berichten niet wijzigen