Vraag & Antwoord
newsdot en hijackthis log
8 antwoorden
- Hallo,
Met Spybot een scan gedaan en daaruit bleek dat newsdot aanwezig is. Ik laat Spybot dat verwijderen maar keert toch telkens terug. Hierbij post ik mijn log. Kan iemand aangeven ajb wat ik moet doen.
Alvast dank voor de hulp.
Logfile of HijackThis v1.99.1
Scan saved at 16:44:39, on 11-2-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Personal Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Digital Revolution Tool\drtool.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\Dit.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Digital Image\Monitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\WLAN\WLANUtility\WlanUtility.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.freeze.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SSC Service Utility] C:\Program Files\Digital Revolution Tool\drtool.exe /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [OSS] C:\windows\system32\rk.exe -boot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Personal Firewall\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX5400" /M "Stylus CX5400" /EF "HKCU"
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\Digital Image\Monitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: WlanUtility.lnk = C:\Program Files\WLAN\WLANUtility\WlanUtility.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136582184781
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://virusscan.zdnet.nl/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4664/mcfscan.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe - Probeer eerst het volgende.
In de programmalijst bij Configuratiescherm staan vast programma's in als die Newdot spyware. probeer dat eens te unstallen via die lijst.
Daarna ff wachten tot de expert de log heeft gezien want daar mag ik niets meer over zeggen. - NewDotNet lijkt niet actief op je systeem, misschien staat er ergens nog een uninstaller die niet door Spybot verwijderd wordt.
Doe het volgende maar eens:
ownload ATF cleaner (gemaakt door Atribune)
Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij [b:9778623f02]Select All[/b:9778623f02].
Klik op de knop [b:9778623f02]Empty Selected[/b:9778623f02].
Gebruik je ook Firefox als browser:
Klik op tabblad "Firefox", plaats een vinkje bij [b:9778623f02]Select All[/b:9778623f02].
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit haalt het vinkje weer weg bij "Firefox saved passwords")
Klik op de knop [b:9778623f02]Empty Selected[/b:9778623f02].
Gebruik je ook Opera als browser:
Klik op tabblad "Opera", plaats een vinkje bij [b:9778623f02]Select All[/b:9778623f02].
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop [b:9778623f02]Empty Selected[/b:9778623f02].
Ga naar het tabblad "Main" en klik op de knop [b:9778623f02]Exit[/b:9778623f02] om het programma af te sluiten.
Ga naar start – uitvoeren en tik in: [b:9778623f02] ipconfig /flushdns[/b:9778623f02]
Doe een online scan via Panda's online virus scan.
Krijg je de mogelijkheid om een logje op te slaan dan doe je dit.
Herstart je computer, start HijackThis opnieuw, maak een nieuwe log en post deze ter controle en post ook het logje van Panda. - @ smeenk volgens mij is dit ook een deel van een infectie
O4 - HKLM\..\Run: [Dit] Dit.exe - Hoi sjouwer, ik denk dat het wel mee valt:
http://www.liutilities.com/products/wintaskspro/processlibrary/dit/
Groeten smeenk - Beste Smeenk heb je advies gevold. Hierbij nog een keer Hijack this en pandascan
Logfile of HijackThis v1.99.1
Scan saved at 17:16:53, on 13-2-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Personal Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Digital Revolution Tool\drtool.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Digital Image\Monitor.exe
C:\Program Files\WLAN\WLANUtility\WlanUtility.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.freeze.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SSC Service Utility] C:\Program Files\Digital Revolution Tool\drtool.exe /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [OSS] C:\windows\system32\rk.exe -boot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Personal Firewall\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX5400" /M "Stylus CX5400" /EF "HKCU"
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\Digital Image\Monitor.exe
O4 - Global Startup: WlanUtility.lnk = C:\Program Files\WLAN\WLANUtility\WlanUtility.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136582184781
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://virusscan.zdnet.nl/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4664/mcfscan.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ISSVC.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Pandascan
Incident Status Location
Spyware:spyware/new.net Not disinfected C:\WINDOWS\NDNuninstall6_72.exe
Adware:adware/wintools Not disinfected Windows Registry
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\6jzlrt55.default\cookies.txt[stat.onestat.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\6jzlrt55.default\cookies.txt[.as-eu.falkag.net/]
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\6jzlrt55.default\cookies.txt[.tucows.com/]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\6jzlrt55.default\cookies.txt[]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Geena\Application Data\Mozilla\Firefox\Profiles\sc6dhljq.default\cookies.txt[]
Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00035211.MOZ[]
Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00035212.MOZ[]
Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00035213.MOZ[]
Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00035214.MOZ[]
Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00035215.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035216.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035217.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035218.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035219.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035220.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035221.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035230.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035231.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035239.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035242.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035243.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035244.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035245.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035246.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035247.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035248.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035249.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035250.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035251.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035252.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035253.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035254.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035256.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035257.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035258.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035259.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035260.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035261.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035262.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035263.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035265.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035267.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035268.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035275.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035276.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035277.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035278.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035279.MOZ[]
Spyware:Cookie/2o7.net Not disinfected C:\RECYCLER\NPROTECT\00035292.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035293.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035294.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035482.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035497.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035509.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035510.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035511.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035512.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035513.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035514.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035515.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035516.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035553.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035554.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035555.MOZ[]
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00035556.MOZ[]
Spyware:Cookie/2o7.net Not disinfected C:\RECYCLER\NPROTECT\00035557.MOZ[]
Spyware:Cookie/2o7.net Not disinfected C:\RECYCLER\NPROTECT\00035558.MOZ[]
Spyware:Cookie/2o7.net Not disinfected C:\RECYCLER\NPROTECT\00035559.MOZ[]
Spyware:Cookie/2o7.net Not disinfected C:\RECYCLER\NPROTECT\00035560.MOZ[]
Spyware:Cookie/2o7.net Not disinfected C:\RECYCLER\NPROTECT\00035561.MOZ[]
Spyware:Cookie/2o7.net Not disinfected C:\RECYCLER\NPROTECT\00035569.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035571.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035573.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035579.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035580.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035581.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035582.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035583.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035584.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035585.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035586.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035587.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035658.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035659.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035660.MOZ[]
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\NPROTECT\00035697.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035698.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035699.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035700.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035701.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035702.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035703.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035704.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035705.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035706.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035707.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035708.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035709.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035710.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035712.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035713.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035714.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035735.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035736.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035738.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035739.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035740.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035742.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035744.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035745.MOZ[]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00035746.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035747.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00035748.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035750.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035753.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035757.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035761.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035762.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035765.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035766.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035990.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035991.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035992.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00035993.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036000.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036001.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036002.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036003.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036004.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036005.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036006.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036007.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036008.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036009.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036015.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036029.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036030.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036031.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036032.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036033.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036039.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036040.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036041.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036047.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036048.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036049.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036064.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036065.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036066.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036067.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036069.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036074.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036075.MOZ[]
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\NPROTECT\00036076.MOZ[] - Zoals ik al vermoedde, je hebt nog een uninstaller van NewDotNet op je systeem staan, deze mag je wel manueel verwijderen:
C:\WINDOWS\[b:571ea037e1]NDNuninstall6_72.exe[/b:571ea037e1]
Daarnaast zijn er nog wat restantjes in je register, maar dat kan geen kwaad :wink:
Het logje ziet er wel schoon uit hoor.
Groeten smeenk - smeenk,
Hartelijk dank heb hem gevonden.
Groeten
Michel
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.