Virus blokkeert conectie

**redkevin25** · 22-08-12, 18:05

Hallo

Ik kan plots niet meer inloggen op een spelletje: minecraft
Ik kan wel inloggen als ik de pc in veilige modus opstart maar als ik de pc gewoon opstart kan ik niet inloggen.
Firewall en nod32 gecheckt deze blokkeren het niet

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Databaseversie: v2012.08.22.05

Windows 7 Service Pack 1 x86 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrator]

22/08/2012 18:44:24
mbam-log-2012-08-22 (18-44-24).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 196102
Verstreken tijd: 3 minuut/minuten,

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

**redkevin25** · 22-08-12, 18:07

Hijackthis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:13, on 22/08/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\User\Downloads\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
O9 - Extra 'Tools' menuitem: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: ebay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - Unknown owner - C:\Program Files\BlueStacks\HD-Service.exe (file missing)
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - Unknown owner - C:\Program Files\BlueStacks\HD-LogRotatorService.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SetupARService - Realtek Semiconductor. - C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7452 bytes

**redkevin25** · 22-08-12, 18:21

DDS

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by User at 19:18:42 on 2012-08-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3326.2049 [GMT 2:00]
.
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Persoonlijke firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aldi.com
uDefault_Page_URL = hxxp://www.aldi.com
uInternet Settings,ProxyOverride = localhost;127.0.0.1;<local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hypercam toolbar\tbcore3.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\hypercam toolbar\tbcore3.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mif5ba~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 195.130.131.5 195.130.130.133
TCP: Interfaces\{183668C6-F144-4CC9-80A9-1B06638E306E} : DhcpNameServer = 195.130.131.5 195.130.130.133
TCP: Interfaces\{E4661D66-4327-44E5-9EA3-7E44EA5947AB}\4456E69737 : DhcpNameServer = 195.130.131.5 195.130.130.133
TCP: Interfaces\{E4661D66-4327-44E5-9EA3-7E44EA5947AB}\4556B6B69647 : DhcpNameServer = 192.168.137.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\n0ummqif.default\
FF - plugin: c:\program files (x86)\adobe\reader 8.0\reader\browser\nppdf32.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files (x86)\itunes\mozilla plugins\npitunes.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files (x86)\microsoft silverlight\5.1.10411.0\npctrl.dll
FF - plugin: c:\program files (x86)\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin.dll
FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin2.dll
FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin3.dll
FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin4.dll
FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin5.dll
FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin6.dll
FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin7.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32_11_3_300_271.dll
.
---- FIREFOX POLICIES ----
.
FF - user.js: extensions.autoDisableScopes - 14
.
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-1-31 62592]
R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-1-31 24192]
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2012-3-14 50624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-8-11 242240]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-3-14 169080]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2012-3-14 33656]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-6-1 172032]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2012-3-7 913144]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-6-1 5430272]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-6-1 157184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-2-18 230912]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-2-18 579072]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2012-6-17 137488]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-6-2 30392]
S2 SetupARService;SetupARService;c:\program files\realtek\audio\SetupAfterRebootService.exe [2012-8-6 24576]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-13 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-19 113120]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-8-7 52224]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [2010-12-7 1515520]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-19 1343400]
.
=============== Created Last 30 ================
.
2012-08-22 15:46:53 -------- d-----w- c:\users\user\Test
2012-08-21 10:54:16 -------- d-----w- c:\users\user\appdata\local\Temporary Projects
2012-08-21 10:43:30 -------- d-----w- c:\users\user\appdata\roaming\Workrave
2012-08-21 10:43:24 -------- d-----w- c:\program files\Workrave
2012-08-21 10:31:23 7023536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{2aafdcba-4235-4730-9a97-f8e2bfd2e819}\mpengine.dll
2012-08-20 15:33:36 -------- d-----w- c:\program files\HyperCam Toolbar
2012-08-20 15:28:19 -------- d-----r- c:\users\user\Extension
2012-08-20 10:58:26 -------- d-----w- c:\program files\SystemRequirementsLab
2012-08-19 18:17:04 805376 ----a-w- c:\windows\system32\FntCache.dll
2012-08-19 18:17:03 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-08-19 16:35:12 -------- d-----w- c:\program files\VideoLAN
2012-08-19 13:55:54 -------- d-----w- c:\program files\Resource Hacker
2012-08-19 13:13:15 -------- d-----w- c:\users\user\appdata\local\Mozilla
2012-08-19 13:06:37 -------- d-----w- c:\users\user\Inception (2010) [1080p]
2012-08-17 13:29:49 -------- d-----w- c:\users\user\appdata\local\Spotify
2012-08-17 13:29:16 -------- d-----w- c:\users\user\appdata\roaming\Spotify
2012-08-16 17:29:24 -------- d-----w- c:\users\user\appdata\local\Apple Computer
2012-08-16 17:28:54 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-16 17:28:54 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-16 17:27:13 -------- d-----w- c:\program files\iPod
2012-08-16 17:27:12 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-08-16 17:27:12 -------- d-----w- c:\program files\iTunes
2012-08-16 17:26:20 -------- d-----w- c:\users\user\appdata\local\Apple
2012-08-16 17:25:26 -------- d-----w- c:\program files\Bonjour
2012-08-16 12:29:51 -------- d-----w- c:\users\user\appdata\local\TrueImage
2012-08-16 11:45:13 -------- d-----w- c:\users\user\appdata\local\Stratford_Holdings_LLC
2012-08-16 11:44:38 -------- d-----w- c:\program files\Imgur Album Downloader
2012-08-16 09:40:49 -------- d-----w- c:\program files\CCleaner
2012-08-16 09:37:58 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 09:37:57 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 09:37:54 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 09:37:54 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 09:37:51 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-16 09:37:50 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 09:37:49 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 15:03:02 -------- d-----r- C:\Sandbox
2012-08-15 15:02:14 -------- d-----w- c:\program files\Sandboxie
2012-08-15 13:49:24 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-15 13:38:56 -------- d-----w- c:\users\user\mcp70a
2012-08-15 11:21:45 -------- d-----w- c:\users\user\appdata\local\IsolatedStorage
2012-08-15 11:21:40 -------- d-----w- c:\users\user\appdata\local\Red Gate
2012-08-15 11:21:21 -------- d-----w- c:\program files\Red Gate
2012-08-15 11:21:20 -------- d-----w- c:\windows\Downloaded Installations
2012-08-14 09:36:12 -------- d-----w- c:\windows\pss
2012-08-13 18:06:49 -------- d-----w- c:\users\user\appdata\local\{BB3E1258-9A73-4A91-BE1F-249B31DCD5EF}
2012-08-13 16:52:41 -------- d-----w- c:\users\user\appdata\local\BlueStacksSetup
2012-08-13 15:50:00 -------- d-----r- c:\users\user\Dropbox
2012-08-13 15:49:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-13 15:49:22 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-13 15:47:07 -------- d-----w- c:\users\user\appdata\roaming\Dropbox
2012-08-13 09:38:19 -------- d-----w- c:\windows\system32\SPReview
2012-08-12 15:13:43 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
2012-08-12 15:13:35 -------- d-----w- c:\programdata\Malwarebytes
2012-08-12 15:13:34 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-12 15:13:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-12 14:52:26 -------- d-----w- c:\windows\system32\EventProviders
2012-08-11 16:34:36 -------- d--h--w- c:\windows\msdownld.tmp
2012-08-11 16:34:36 -------- d-----w- c:\windows\system32\directx
2012-08-11 16:32:08 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-08-11 16:32:06 -------- d-----w- c:\users\user\appdata\roaming\DAEMON Tools Lite
2012-08-11 16:32:04 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-08-11 16:30:05 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-08-11 13:43:32 -------- d-----w- C:\Fraps
2012-08-10 14:24:13 -------- d-----w- c:\program files\Microsoft SQL Server
2012-08-10 14:23:58 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-08-10 14:23:33 205984 ----a-w- c:\programdata\microsoft\vbexpress\10.0\1033\ResourceCache.dll
2012-08-10 14:22:38 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2012-08-10 14:22:38 -------- d-----w- c:\program files\Microsoft Help Viewer
2012-08-07 16:18:01 -------- d-----w- c:\program files\Core Temp
2012-08-07 10:35:14 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-08-07 10:35:09 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-08-07 10:35:08 3215872 ----a-w- c:\windows\system32\mstscax.dll
2012-08-07 10:35:08 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-08-07 10:35:05 1171456 ----a-w- c:\windows\system32\d3d10warp.dll
2012-08-07 10:35:04 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-08-07 10:35:04 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-08-07 10:35:02 1159168 ----a-w- c:\windows\system32\sysmain.dll
2012-08-07 10:35:01 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2012-08-07 10:35:00 327168 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-08-07 10:33:59 82944 ----a-w- c:\windows\system32\thumbcache.dll
2012-08-07 10:32:59 8704 ----a-w- c:\windows\system32\riched32.dll
2012-08-07 10:31:55 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-08-07 10:31:55 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2012-08-07 10:31:55 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll
2012-08-07 10:31:19 189952 ----a-w- c:\windows\system32\sqmapi.dll
2012-08-07 09:58:16 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-08-07 09:58:16 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-08-07 09:58:15 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-08-07 09:58:14 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-08-07 09:58:14 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-08-07 09:58:14 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-08-07 09:57:57 1699328 ----a-w- c:\windows\system32\esent.dll
2012-08-07 09:57:56 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-08-07 09:57:56 1211264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-07 09:57:54 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-08-07 09:57:53 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-08-07 09:57:53 148864 ----a-w- c:\windows\system32\drivers\storport.sys
2012-08-07 09:57:52 74240 ----a-w- c:\windows\system32\fsutil.exe
2012-08-07 09:42:50 -------- d-----w- c:\windows\system32\wbem\en-US
2012-08-07 09:42:37 1698408 ----a-w- c:\windows\RtlExUpd.dll
2012-08-06 19:55:55 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-06 19:55:55 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-06 19:55:55 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-06 19:55:55 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-06 19:53:08 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-08-06 18:21:16 -------- d-----w- c:\program files\common files\Steam
2012-08-06 18:21:15 -------- d-----w- c:\program files\Steam
2012-08-06 15:20:17 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-08-06 15:10:40 -------- d-----w- c:\users\user\appdata\local\Adobe
2012-08-06 14:50:31 -------- d-----w- c:\program files\uTorrent
2012-08-06 14:49:49 -------- d-----w- c:\users\user\appdata\roaming\uTorrent
2012-08-06 14:39:04 -------- d-----w- c:\users\user\appdata\local\ElevatedDiagnostics
2012-08-06 14:37:47 557056 ------w- c:\windows\system32\Cmeau106.exe
2012-08-06 14:37:47 491520 ------w- c:\windows\system\cmau106.dll
2012-08-06 14:37:47 221184 ------w- c:\windows\system\cm106eye.exe
2012-08-06 14:37:47 143360 ------w- c:\windows\Vmix106.dll
2012-08-06 14:37:38 319968 ----a-w- c:\windows\difxapi.dll
2012-08-06 14:37:38 303104 ------w- c:\windows\system32\CmiInstallResAll.dll
2012-08-06 14:37:25 -------- d-----w- C:\Medion
2012-08-06 14:22:40 -------- d-----r- c:\program files\Skype
2012-08-06 12:48:25 -------- d-----w- c:\users\user\appdata\local\Diagnostics
2012-08-06 10:21:22 -------- d-----w- c:\users\user\appdata\roaming\.techniclauncher
2012-08-06 10:04:37 -------- d-----w- c:\users\user\appdata\roaming\.minecraft
2012-08-06 09:59:27 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2012-08-06 09:59:27 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-08-06 09:59:26 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-08-06 09:59:24 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-08-06 09:59:20 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-08-06 09:57:49 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-08-06 09:57:49 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2012-08-06 09:57:27 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-06 09:55:55 741376 ----a-w- c:\windows\system32\inetcomm.dll
2012-08-06 09:54:58 802304 ----a-w- c:\windows\system32\WFS.exe
2012-08-06 09:54:58 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2012-08-06 09:54:55 534528 ----a-w- c:\windows\system32\EncDec.dll
2012-08-06 09:54:53 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2012-08-06 09:54:45 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-08-06 09:54:43 38912 ----a-w- c:\windows\system32\csrsrv.dll
2012-08-06 09:54:35 642048 ----a-w- c:\windows\system32\CPFilters.dll
2012-08-06 09:54:33 850944 ----a-w- c:\windows\system32\sbe.dll
2012-08-06 09:54:33 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2012-08-06 09:54:24 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-08-06 09:54:23 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-08-06 09:54:12 2616320 ----a-w- c:\windows\explorer.exe
2012-08-06 09:54:02 2342400 ----a-w- c:\windows\system32\msi.dll
2012-08-06 09:52:56 81920 ----a-w- c:\windows\system32\odbccr32.dll
2012-08-06 09:50:26 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-08-06 09:50:21 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-08-06 09:50:17 1137664 ----a-w- c:\windows\system32\mfc42.dll
2012-08-06 09:50:16 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2012-08-06 09:50:02 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-08-06 09:49:30 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-08-06 09:49:30 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-08-06 09:49:25 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-08-06 09:49:24 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-08-06 09:49:24 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-08-06 09:46:25 -------- d-----w- c:\users\user\appdata\roaming\ESET
2012-08-06 09:46:25 -------- d-----w- c:\users\user\appdata\local\ESET
2012-08-06 09:44:56 -------- d-----w- C:\DCIM
2012-08-06 09:38:33 -------- d-----w- c:\program files\ESET
2012-08-06 09:25:05 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-08-06 09:25:05 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-08-06 09:25:05 107520 ----a-w- c:\windows\system32\cdd.dll
2012-08-06 09:18:26 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-08-06 09:18:25 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-08-06 09:18:21 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2012-08-06 09:18:10 122744 ----a-w- c:\windows\system32\BdInstHk.dll
2012-08-06 09:16:38 -------- d-----w- c:\users\user\appdata\local\Google
2012-08-06 09:16:12 -------- d-----w- c:\users\user\appdata\local\Apps
2012-08-06 09:16:11 -------- d-----w- c:\users\user\appdata\local\Deployment
2012-08-06 09:11:01 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-08-06 09:10:46 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-08-06 09:10:24 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-08-06 09:10:24 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-02 07:33:33 -------- d-----w- c:\users\user\appdata\local\ATI
2012-08-02 07:33:15 -------- d-----w- c:\users\user\appdata\local\Power2Go
2012-08-02 07:31:55 -------- d-----w- c:\program files\PlayReady
2012-08-02 07:30:56 -------- d-sh--we c:\programdata\Sjablonen
2012-08-02 07:30:56 -------- d-sh--we c:\programdata\Menu Start
2012-08-02 07:30:56 -------- d-sh--we c:\programdata\Favorieten
2012-08-02 07:30:56 -------- d-sh--we c:\programdata\Documenten
2012-08-02 07:30:56 -------- d-sh--we c:\programdata\Bureaublad
2012-08-02 07:30:56 -------- d-sh--we C:\Documents and Settings
2012-08-02 07:30:56 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-08-15 13:49:14 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-15 13:49:14 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-13 09:41:39 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-11 18:02:12 65536 ----a-w- c:\windows\system32\frapsvid.dll
2012-06-06 18:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 10:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 19:19:57,08 ===============

**Blackbird** · 23-08-12, 00:14

Hoi,

Vanwaar ben je zo zeker dat het malware is, dat dit veroorzaakt?
Ik kan namelijk niets kwaadaardigs in je logs terugvinden.

**redkevin25** · 23-08-12, 09:58

Hallo,

Ik speel dit spel nu 3jaar en heb nooit problemen gehad met inloggen en het rare is als ik de pc in veilige modus opstart hij wel kan inloggen

**Blackbird** · 23-08-12, 12:51

Hoi,

Toch lijkt mij dit geen malwareprobleem. Ik verwijs je daarom ook door naar het subforum Netwerken en internet, aangezien het een online spel betreft.

Ik wil je vragen dit topic linksbovenaan op "Opgelost" te zetten.
Mocht je vragen hebben, dan kan je die uiteraard stellen.

**redkevin25** · 23-08-12, 15:57

Probleem is gevonden: Eset nod32 blokkeerde het ik heb eset moeten verwijderen en alles werkt nu is mijn probleem wij betalen elk jaar 46euro een nod32 licentie is er een mogelijkheid om eset te configuregen dat hij wel toelaat?

mijn pc heeft nu geen anitvirus

**Blackbird** · 23-08-12, 17:26

Hoi,

Ik raad je sowieso aan z.s.m. een anti-virusprogramma te installeren (nu!). Een systeem raakt namelijk zeer snel geïnfecteerd als deze niet goed beschermd is (bij normaal gebruik).

M.b.t. NOD, heb ik dit kunnen vinden: >> Klik hier <<
Een stukje naar onderen zie je "Uitzonderingen" staan, waar je wordt voorgedaan hoe je een uitzondering kan toevoegen.

Succes en laat even weten of het gelukt is.

**redkevin25** · 23-08-12, 18:23

hallo blackbird

Ik heb nu nod32(gewone versie niet the security) en nu werkt alles zoals normaal

dit mag op slot bedankt voor de hulp

**Blackbird** · 24-08-12, 02:45

Prima, graag gedaan.

Onderwerp: Virus blokkeert conectie

Onderwerp Gereedschap

Zoek

Virus blokkeert conectie

Forum Rechten