Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Logfile of HijackThis graag checken

juisterr
9 antwoorden
  • Elke programma die ik start minimalistert ie en kan de Internet niet opstarten hij staat een andere startpagina ingesteld.

    Logfile of HijackThis v1.99.1
    Scan saved at 14:08:34, on 13-9-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Ahead
    ero
    ero.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - Default URLSearchHook is missing
    F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: (no name) - {73364D99-1240-4dff-B11A-67E448373048} - C:\WINDOWS\system32\ipv6mons.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm
    O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
    O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: C:\WINDOWS\system32\win_e.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file)
    O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • Nare infectie. Lid van de smitfraudfamilie.

    [b:e8b42f597c]1.[/b:e8b42f597c] Download SmitfraudFix (van[b:e8b42f597c]S!Ri[/b:e8b42f597c]), en pak het uit op je bureaublad.

    [b:e8b42f597c]2.[/b:e8b42f597c] Print onderstaande instrukties uit of kopieer ze naar een .txt bestand.
    Dit, omdat de rest van de fix in veilige modus is en je hier dus niet meer kan terugzoeken.

    [b:e8b42f597c]3.[/b:e8b42f597c] Start op in Veilige modus[/color:e8b42f597c]

    [b:e8b42f597c]4.[/b:e8b42f597c] Open de map [b:e8b42f597c]smitfraudfix[/b:e8b42f597c] en dubbelklik op [b:e8b42f597c]smitfraudfix.cmd[/b:e8b42f597c]
    [list:e8b42f597c]* Kies optie #2 - [b:e8b42f597c]Clean[/b:e8b42f597c] door[b:e8b42f597c]2[/b:e8b42f597c] te typen, en druk op "[b:e8b42f597c]Enter[/b:e8b42f597c]" om de
    geïnfecteerde bestanden te verwijderen.

    [i:e8b42f597c]Je zal een vraag krijgen: ""Registry cleaning - Do you want to clean the registry ?"[/i:e8b42f597c]
    * Antwoord "yes" door [b:e8b42f597c]y[/b:e8b42f597c] te typen en druk op "Enter".
    (Als je pc daarna niet herstart, start hem dan handmatig terug op in normale modus)

    [i:e8b42f597c]Het tooltje zal nu onderzoeken of [b:e8b42f597c]wininet.dll[/b:e8b42f597c] geïnfecteerd is. Je kan dus de vraag krijgen of je
    het geïnfecteerde bestandje wil vervangen.[/i:e8b42f597c]
    *Antwoord dan "yes" door [b:e8b42f597c]y[/b:e8b42f597c] te typen en druk op "Enter".

    [i:e8b42f597c]Het kan zijn dat het tooltje je pc opnieuw laat opstarten om zijn werk te kunnen afmaken.[/i:e8b42f597c]
    * Als dat niet zo is, start je pc dan handmatig opnieuw op in normale modus.[/list:u:e8b42f597c]
    [i:e8b42f597c]Er zal een tekstbestandje openen met de resultaten van de fix. [/i:e8b42f597c]

    [b:e8b42f597c]5.[/b:e8b42f597c] Post de inhoud van dit bestandje in je volgende antwoord,
    samen met een Hijackthis-logje. http://www.hijackthis.nl/forum/viewtopic.php?t=200
    (Je kan het rapport ook vinden in c:\rapport.txt)

    Succes
  • SmitFraudFix v2.87

    Scan done at 10:50:14,25, do 14-09-2006
    Run from C:\Documents and Settings\Jevithan\Bureaublad\SmitfraudFix
    OS: Microsoft Windows XP [versie 5.1.2600] - Windows_NT
    Fix ran in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End


    Logfile of HijackThis v1.99.1
    Scan saved at 11:27:58, on 14-9-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Azureus\Azureus.exe
    C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWare.exe
    C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareControl.exe
    C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe
    C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - Default URLSearchHook is missing
    F2 - REG:system.ini: Shell=explorer.exe
    O2 - BHO: (no name) - {DB397160-38CC-4391-8689-B62F0602A120} - C:\WINDOWS\system32\wmersNLD.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm
    O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
    O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: ,
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file)
    O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • en aub nog

    Er zal een tekstbestandje openen met de resultaten van de fix.

    5. Post de inhoud van dit bestandje in je volgende antwoord,
    samen met een Hijackthis-logje. http://www.hijackthis.nl/forum/viewtopic.php?t=200
    (Je kan het rapport ook vinden in c:\rapport.txt)
  • ow sorry ik heb de bericht weer gewerkt
  • Niks aan de hand maar wil je een nieuw logje maken aub, en dan gewoon op nieuw antwoord klikken en dan het nieuwe logje toevoegen, dus eerdere berichten niet bewerken anders kom ik er niet meer uit.

    eric
  • Logfile of HijackThis v1.99.1
    Scan saved at 11:41:40, on 15-9-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\WWW File Share Pro\NTService.exe
    C:\Program Files\WWW File Share Pro\WWWFileSharePro.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - Default URLSearchHook is missing
    F2 - REG:system.ini: Shell=explorer.exe
    O2 - BHO: (no name) - {DB397160-38CC-4391-8689-B62F0602A120} - C:\WINDOWS\system32\wmersNLD.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm
    O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
    O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: ,
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file)
    O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)


    __________________________________________________
    ewido anti-spyware online scanner
    http://www.ewido.net
    __________________________________________________


    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\~~\Cookies\~~@2o7[2].txt
    Risk: Medium

    Name: TrackingCookie.Yieldmanager
    Path: C:\Documents and Settings\~~\Cookies\~~@ad.yieldmanager[2].txt
    Risk: Medium

    Name: TrackingCookie.Clickhype
    Path: C:\Documents and Settings\~~\Cookies\~~@ad1.clickhype[1].txt
    Risk: Medium

    Name: TrackingCookie.Adbrite
    Path: C:\Documents and Settings\~~\Cookies\~~@adbrite[1].txt
    Risk: Medium

    Name: TrackingCookie.Pointroll
    Path: C:\Documents and Settings\~~\Cookies\~~@ads.pointroll[2].txt
    Risk: Medium

    Name: TrackingCookie.Advertising
    Path: C:\Documents and Settings\~~\Cookies\~~@advertising[1].txt
    Risk: Medium

    Name: TrackingCookie.Falkag
    Path: C:\Documents and Settings\~~\Cookies\~~@as1.falkag[1].txt
    Risk: Medium

    Name: TrackingCookie.Atdmt
    Path: C:\Documents and Settings\~~\Cookies\~~@atdmt[2].txt
    Risk: Medium

    Name: TrackingCookie.Goldenpalace
    Path: C:\Documents and Settings\~~\Cookies\~~@banner.goldenpalace[2].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\~~\Cookies\~~@bluestreak[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\~~\Cookies\~~@bs.serving-sys[1].txt
    Risk: Medium

    Name: TrackingCookie.Burstnet
    Path: C:\Documents and Settings\~~\Cookies\~~@burstnet[1].txt
    Risk: Medium

    Name: TrackingCookie.Burstnet
    Path: C:\Documents and Settings\~~\Cookies\~~@burstnet[3].txt
    Risk: Medium

    Name: TrackingCookie.Casalemedia
    Path: C:\Documents and Settings\~~\Cookies\~~@casalemedia[2].txt
    Risk: Medium

    Name: TrackingCookie.Clickhype
    Path: C:\Documents and Settings\~~\Cookies\~~@clickhype[2].txt
    Risk: Medium

    Name: TrackingCookie.Com
    Path: C:\Documents and Settings\~~\Cookies\~~@com[1].txt
    Risk: Medium

    Name: TrackingCookie.Sextracker
    Path: C:\Documents and Settings\~~\Cookies\~~@counter11.sextracker[1].txt
    Risk: Medium

    Name: TrackingCookie.Doubleclick
    Path: C:\Documents and Settings\~~\Cookies\~~@doubleclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\~~\Cookies\~~@fastclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Goldenpalace
    Path: C:\Documents and Settings\~~\Cookies\~~@goldenpalace[1].txt
    Risk: Medium

    Name: TrackingCookie.Linksynergy
    Path: C:\Documents and Settings\~~\Cookies\~~@linksynergy[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\~~\Cookies\~~@media.fastclick[2].txt
    Risk: Medium

    Name: TrackingCookie.Mediaplex
    Path: C:\Documents and Settings\~~\Cookies\~~@mediaplex[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\~~\Cookies\~~@microsofteup.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\~~\Cookies\~~@msnaccountservices.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\~~\Cookies\~~@msnportal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Revenue
    Path: C:\Documents and Settings\~~\Cookies\~~@revenue[1].txt
    Risk: Medium

    Name: TrackingCookie.Liveperson
    Path: C:\Documents and Settings\~~\Cookies\~~@server.iad.liveperson[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\~~\Cookies\~~@serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.Onestat
    Path: C:\Documents and Settings\~~\Cookies\~~@stat.onestat[2].txt
    Risk: Medium

    Name: TrackingCookie.Statcounter
    Path: C:\Documents and Settings\~~\Cookies\~~@statcounter[2].txt
    Risk: Medium

    Name: TrackingCookie.Webtrendslive
    Path: C:\Documents and Settings\~~\Cookies\~~@statse.webtrendslive[2].txt
    Risk: Medium

    Name: TrackingCookie.Targetnet
    Path: C:\Documents and Settings\~~\Cookies\~~@targetnet[2].txt
    Risk: Medium

    Name: TrackingCookie.Tradedoubler
    Path: C:\Documents and Settings\~~\Cookies\~~@tradedoubler[1].txt
    Risk: Medium

    Name: TrackingCookie.Tribalfusion
    Path: C:\Documents and Settings\~~\Cookies\~~@tribalfusion[2].txt
    Risk: Medium

    Name: TrackingCookie.Burstnet
    Path: C:\Documents and Settings\~~\Cookies\~~@www.burstnet[1].txt
    Risk: Medium

    Name: Worm.Rays
    Path: C:\Documents and Settings\~~\Bureaublad\~~° ZONE\=-=MusiC=-=\avataram mp3\avataram mp3.exe
    Risk: High

    Name: Trojan.Pakes
    Path: C:\Documents and Settings\~~\Bureaublad\~~° ZONE\BURN\Google Earth Pro 3.0\Patch\Google Earth Pro - Patch.exe/THM_AV~1.EXE
    Risk: High

    Name: Trojan.Pakes
    Path: C:\Documents and Settings\~~\Bureaublad\~~° ZONE\BURN\Google Earth Pro 3.0\Patch\Google Earth Pro - Patch.exe/THM_AV~1.EXE
    Risk: High

    Name: Downloader.Small.dnt
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031521.exe
    Risk: High

    Name: Downloader.Small.dnt
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031522.exe
    Risk: High

    Name: Downloader.Small.dnt
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031523.exe
    Risk: High

    Name: Downloader.Small.dnt
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031524.exe
    Risk: High

    Name: Trojan.Pakes
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP87\A0035875.exe
    Risk: High

    Name: Trojan.Sinowal.aq
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP90\A0036950.dll
    Risk: High

    Name: Trojan.Sinowal.aq
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP90\A0036951.dll
    Risk: High

    Name: Trojan.Tanspy
    Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP90\A0036954.dll
    Risk: High

    Name: Not-A-Virus.Downloader.Win32.WinFixer.o
    Path: C:\WINDOWS\Downloaded Program Files\UWA6PM_0001_N91M2107NetInstaller.exe
    Risk: Low

    Name: Proxy.Mitglieder.ei
    Path: C:\WINDOWS\system32\hldrrr.exe
    Risk: High

    Name: Downloader.Small.cgu
    Path: C:\WINDOWS\system32\wmersNLD.dll
    Risk: High
  • Download hier de tool voor mitglieder FK en run die in veilige modus: http://www.pandasoftware.com/download/utilities/
  • Kan je meteen de link geven, ik heb problemen met inloggen.
    Daarom meteen de waar ik meteen op me pc kan opslaan


    Alvast bedankt voor de Reactie.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.