Vraag & Antwoord

Beveiliging & privacy

Logfile of HijackThis graag checken

9 antwoorden
  • Elke programma die ik start minimalistert ie en kan de Internet niet opstarten hij staat een andere startpagina ingesteld. Logfile of HijackThis v1.99.1 Scan saved at 14:08:34, on 13-9-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Azureus\Azureus.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Ahead\nero\nero.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - Default URLSearchHook is missing F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe" O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: (no name) - {73364D99-1240-4dff-B11A-67E448373048} - C:\WINDOWS\system32\ipv6mons.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\win_e.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file) O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • Nare infectie. Lid van de smitfraudfamilie. [b:e8b42f597c]1.[/b:e8b42f597c] Download [url=http://siri.urz.free.fr/Fix/SmitfraudFix.zip]SmitfraudFix[/url] (van[b:e8b42f597c]S!Ri[/b:e8b42f597c]), en pak het uit op je bureaublad. [b:e8b42f597c]2.[/b:e8b42f597c] Print onderstaande instrukties uit of kopieer ze naar een .txt bestand. Dit, omdat de rest van de fix in veilige modus is en je hier dus niet meer kan terugzoeken. [b:e8b42f597c]3.[/b:e8b42f597c] Start op in [url=http://www.virushelp.nl/veilige_modus.htm][color=Blue:e8b42f597c]Veilige modus[/color:e8b42f597c][/url] [b:e8b42f597c]4.[/b:e8b42f597c] Open de map [b:e8b42f597c]smitfraudfix[/b:e8b42f597c] en dubbelklik op [b:e8b42f597c]smitfraudfix.cmd[/b:e8b42f597c] [list:e8b42f597c]* Kies optie #2 - [b:e8b42f597c]Clean[/b:e8b42f597c] door[b:e8b42f597c]2[/b:e8b42f597c] te typen, en druk op "[b:e8b42f597c]Enter[/b:e8b42f597c]" om de geïnfecteerde bestanden te verwijderen. [i:e8b42f597c]Je zal een vraag krijgen: ""Registry cleaning - Do you want to clean the registry ?"[/i:e8b42f597c] * Antwoord "yes" door [b:e8b42f597c]y[/b:e8b42f597c] te typen en druk op "Enter". (Als je pc daarna niet herstart, start hem dan handmatig terug op in normale modus) [i:e8b42f597c]Het tooltje zal nu onderzoeken of [b:e8b42f597c]wininet.dll[/b:e8b42f597c] geïnfecteerd is. Je kan dus de vraag krijgen of je het geïnfecteerde bestandje wil vervangen.[/i:e8b42f597c] *Antwoord dan "yes" door [b:e8b42f597c]y[/b:e8b42f597c] te typen en druk op "Enter". [i:e8b42f597c]Het kan zijn dat het tooltje je pc opnieuw laat opstarten om zijn werk te kunnen afmaken.[/i:e8b42f597c] * Als dat niet zo is, start je pc dan handmatig opnieuw op in normale modus.[/list:u:e8b42f597c] [i:e8b42f597c]Er zal een tekstbestandje openen met de resultaten van de fix. [/i:e8b42f597c] [b:e8b42f597c]5.[/b:e8b42f597c] Post de inhoud van dit bestandje in je volgende antwoord, samen met een Hijackthis-logje. http://www.hijackthis.nl/forum/viewtopic.php?t=200 (Je kan het rapport ook vinden in c:\rapport.txt) Succes
  • SmitFraudFix v2.87 Scan done at 10:50:14,25, do 14-09-2006 Run from C:\Documents and Settings\Jevithan\Bureaublad\SmitfraudFix OS: Microsoft Windows XP [versie 5.1.2600] - Windows_NT Fix ran in safe mode »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Logfile of HijackThis v1.99.1 Scan saved at 11:27:58, on 14-9-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Azureus\Azureus.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWare.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareControl.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - Default URLSearchHook is missing F2 - REG:system.ini: Shell=explorer.exe O2 - BHO: (no name) - {DB397160-38CC-4391-8689-B62F0602A120} - C:\WINDOWS\system32\wmersNLD.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: , O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file) O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • en aub nog Er zal een tekstbestandje openen met de resultaten van de fix. 5. Post de inhoud van dit bestandje in je volgende antwoord, samen met een Hijackthis-logje. http://www.hijackthis.nl/forum/viewtopic.php?t=200 (Je kan het rapport ook vinden in c:\rapport.txt)
  • ow sorry ik heb de bericht weer gewerkt
  • Niks aan de hand maar wil je een nieuw logje maken aub, en dan gewoon op nieuw antwoord klikken en dan het nieuwe logje toevoegen, dus eerdere berichten niet bewerken anders kom ik er niet meer uit. eric
  • Logfile of HijackThis v1.99.1 Scan saved at 11:41:40, on 15-9-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\WWW File Share Pro\NTService.exe C:\Program Files\WWW File Share Pro\WWWFileSharePro.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\eMule\emule.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - Default URLSearchHook is missing F2 - REG:system.ini: Shell=explorer.exe O2 - BHO: (no name) - {DB397160-38CC-4391-8689-B62F0602A120} - C:\WINDOWS\system32\wmersNLD.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: , O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file) O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing) __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.2o7 Path: C:\Documents and Settings\~~\Cookies\~~@2o7[2].txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: C:\Documents and Settings\~~\Cookies\~~@ad.yieldmanager[2].txt Risk: Medium Name: TrackingCookie.Clickhype Path: C:\Documents and Settings\~~\Cookies\~~@ad1.clickhype[1].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\~~\Cookies\~~@adbrite[1].txt Risk: Medium Name: TrackingCookie.Pointroll Path: C:\Documents and Settings\~~\Cookies\~~@ads.pointroll[2].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Documents and Settings\~~\Cookies\~~@advertising[1].txt Risk: Medium Name: TrackingCookie.Falkag Path: C:\Documents and Settings\~~\Cookies\~~@as1.falkag[1].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Documents and Settings\~~\Cookies\~~@atdmt[2].txt Risk: Medium Name: TrackingCookie.Goldenpalace Path: C:\Documents and Settings\~~\Cookies\~~@banner.goldenpalace[2].txt Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\Documents and Settings\~~\Cookies\~~@bluestreak[2].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\~~\Cookies\~~@bs.serving-sys[1].txt Risk: Medium Name: TrackingCookie.Burstnet Path: C:\Documents and Settings\~~\Cookies\~~@burstnet[1].txt Risk: Medium Name: TrackingCookie.Burstnet Path: C:\Documents and Settings\~~\Cookies\~~@burstnet[3].txt Risk: Medium Name: TrackingCookie.Casalemedia Path: C:\Documents and Settings\~~\Cookies\~~@casalemedia[2].txt Risk: Medium Name: TrackingCookie.Clickhype Path: C:\Documents and Settings\~~\Cookies\~~@clickhype[2].txt Risk: Medium Name: TrackingCookie.Com Path: C:\Documents and Settings\~~\Cookies\~~@com[1].txt Risk: Medium Name: TrackingCookie.Sextracker Path: C:\Documents and Settings\~~\Cookies\~~@counter11.sextracker[1].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\~~\Cookies\~~@doubleclick[1].txt Risk: Medium Name: TrackingCookie.Fastclick Path: C:\Documents and Settings\~~\Cookies\~~@fastclick[1].txt Risk: Medium Name: TrackingCookie.Goldenpalace Path: C:\Documents and Settings\~~\Cookies\~~@goldenpalace[1].txt Risk: Medium Name: TrackingCookie.Linksynergy Path: C:\Documents and Settings\~~\Cookies\~~@linksynergy[1].txt Risk: Medium Name: TrackingCookie.Fastclick Path: C:\Documents and Settings\~~\Cookies\~~@media.fastclick[2].txt Risk: Medium Name: TrackingCookie.Mediaplex Path: C:\Documents and Settings\~~\Cookies\~~@mediaplex[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\~~\Cookies\~~@microsofteup.112.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\~~\Cookies\~~@msnaccountservices.112.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\~~\Cookies\~~@msnportal.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Revenue Path: C:\Documents and Settings\~~\Cookies\~~@revenue[1].txt Risk: Medium Name: TrackingCookie.Liveperson Path: C:\Documents and Settings\~~\Cookies\~~@server.iad.liveperson[2].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\~~\Cookies\~~@serving-sys[2].txt Risk: Medium Name: TrackingCookie.Onestat Path: C:\Documents and Settings\~~\Cookies\~~@stat.onestat[2].txt Risk: Medium Name: TrackingCookie.Statcounter Path: C:\Documents and Settings\~~\Cookies\~~@statcounter[2].txt Risk: Medium Name: TrackingCookie.Webtrendslive Path: C:\Documents and Settings\~~\Cookies\~~@statse.webtrendslive[2].txt Risk: Medium Name: TrackingCookie.Targetnet Path: C:\Documents and Settings\~~\Cookies\~~@targetnet[2].txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: C:\Documents and Settings\~~\Cookies\~~@tradedoubler[1].txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: C:\Documents and Settings\~~\Cookies\~~@tribalfusion[2].txt Risk: Medium Name: TrackingCookie.Burstnet Path: C:\Documents and Settings\~~\Cookies\~~@www.burstnet[1].txt Risk: Medium Name: Worm.Rays Path: C:\Documents and Settings\~~\Bureaublad\~~° ZONE\=-=MusiC=-=\avataram mp3\avataram mp3.exe Risk: High Name: Trojan.Pakes Path: C:\Documents and Settings\~~\Bureaublad\~~° ZONE\BURN\Google Earth Pro 3.0\Patch\Google Earth Pro - Patch.exe/THM_AV~1.EXE Risk: High Name: Trojan.Pakes Path: C:\Documents and Settings\~~\Bureaublad\~~° ZONE\BURN\Google Earth Pro 3.0\Patch\Google Earth Pro - Patch.exe/THM_AV~1.EXE Risk: High Name: Downloader.Small.dnt Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031521.exe Risk: High Name: Downloader.Small.dnt Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031522.exe Risk: High Name: Downloader.Small.dnt Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031523.exe Risk: High Name: Downloader.Small.dnt Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP78\A0031524.exe Risk: High Name: Trojan.Pakes Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP87\A0035875.exe Risk: High Name: Trojan.Sinowal.aq Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP90\A0036950.dll Risk: High Name: Trojan.Sinowal.aq Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP90\A0036951.dll Risk: High Name: Trojan.Tanspy Path: C:\System Volume Information\_restore{E24F9E27-8706-41C3-B149-EEA89418E978}\RP90\A0036954.dll Risk: High Name: Not-A-Virus.Downloader.Win32.WinFixer.o Path: C:\WINDOWS\Downloaded Program Files\UWA6PM_0001_N91M2107NetInstaller.exe Risk: Low Name: Proxy.Mitglieder.ei Path: C:\WINDOWS\system32\hldrrr.exe Risk: High Name: Downloader.Small.cgu Path: C:\WINDOWS\system32\wmersNLD.dll Risk: High
  • Download hier de tool voor mitglieder FK en run die in veilige modus: http://www.pandasoftware.com/download/utilities/
  • Kan je meteen de link geven, ik heb problemen met inloggen. Daarom meteen de waar ik meteen op me pc kan opslaan Alvast bedankt voor de Reactie.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.