Vraag & Antwoord
Hoe verwijder ik trojaans paard Generic Trojan??
15 antwoorden
- Hallo, ik denk dat mijn pc geinfecteerd is, Panda Cloud antivirus komt steeds met de boodschap dat ie een Trojaans paard geneutraliseerd heeft nl. "Generic Trojan". Nou heb ik de PC al met allerlei software gecheckt, o.a. SuperAntiSpyware en HitmanPRo maar die vinden óf niks óf niet de bewuste infectie. Panda blijft nl. waarschuwen dat ie wat geneutraliseerd heeft.
Wat is een goede oplossing om dit probleem aan te pakken? Svp uw hulp. - SuperAntiSpyware en HitmanPRo vinden niks, verbazend.
Ga naar [b:c6ec640cbc]start>configuratiescherm>software of programma's en onderdelen[/b:c6ec640cbc] en verwijder daar de huidige (oude) versie van HijackThis.
Download [b:c6ec640cbc]HijackThis Install[/b:c6ec640cbc] naar je bureaublad.
Dubbelklik op [b:c6ec640cbc]HijackThisInstaller.exe[/b:c6ec640cbc] om de installatie te starten.
Dubbelklik op het programma HijackThis en klik op de optie "[b:c6ec640cbc]Main Menu[/b:c6ec640cbc]", en kies voor [b:c6ec640cbc]Do a system scan and save a logfile[/b:c6ec640cbc]. Plaats vervolgens de inhoud van het log dat verschijnt in je volgende post.
[b:c6ec640cbc] - Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:11:41, on 16-5-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe
C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SUPBackGround] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BatteryLifeExtender] C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe /2
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1268940559562
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: SRS WOWXT/TSXT Service (SRS_WOWXT_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
–
End of file - 6196 bytes - Zo verkeert ziet dit er niet uit.
Download [b:2b5866aff6]
naar je Bureaublad en gebruik het volgens deze handleiding.
[i:2b5866aff6] - Logjes ziet er zo uit:
ComboFix 10-05-16.01 - Le Beau 16-05-2010 20:54:28.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1014.655 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Le Beau\Bureaublad\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Le Beau\Menu Start\Programma's\Opstarten\OpenOffice.org 3.2 .lnk
c:\windows\SEC
c:\windows\SEC\DelMt.cmd
c:\windows\SEC\JRE150.exe
c:\windows\SEC\Marker.exe
c:\windows\SEC\MEMIO.sys
c:\windows\SEC\MEMIO.vxd
c:\windows\SEC\MP10FRN.exe
c:\windows\SEC\SECINSTALL.EXE
c:\windows\SEC\SECINSTALL.INI
c:\windows\SEC\StartMem.exe
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-04-16 to 2010-05-16 ))))))))))))))))))))))))))))))
.
2010-05-16 17:31 . 2009-02-18 18:08 43240 —-a-w- c:\windows\system32\drivers\WOWXT_kern_i386.sys
2010-05-16 17:31 . 2009-02-18 18:08 25560 —-a-w- c:\windows\system32\drivers\WOWFilter.sys
2010-05-16 17:31 . 2009-02-18 18:08 36712 —-a-w- c:\windows\system32\drivers\TSXT_kern_i386.sys
2010-05-16 17:31 . 2009-01-09 10:03 79304 —-a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-05-16 17:31 . 2009-01-09 10:03 40552 —-a-w- c:\windows\system32\drivers\mfesmfk.sys
2010-05-16 17:31 . 2009-01-09 10:03 35272 —-a-w- c:\windows\system32\drivers\mfebopk.sys
2010-05-16 17:31 . 2009-01-09 10:03 213640 —-a-w- c:\windows\system32\drivers\mfehidk.sys
2010-05-16 17:31 . 2009-01-09 10:03 34216 —-a-w- c:\windows\system32\drivers\mferkdk.sys
2010-05-16 17:31 . 2008-10-23 11:08 120136 —-a-w- c:\windows\system32\drivers\Mpfp.sys
2010-05-16 17:31 . 2009-04-09 08:07 282624 —-a-w- c:\windows\system32\ykx32mpcoinst.dll
2010-05-16 10:38 . 2010-05-16 14:46 ——– d–h–r- c:\documents and settings\Le Beau\Onlangs geopend
2010-05-16 10:29 . 2010-05-16 14:53 1 —-a-w- c:\documents and settings\Le Beau\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-16 10:28 . 2010-05-16 10:28 ——– d—–w- c:\documents and settings\Le Beau\Application Data\OpenOffice.org
2010-05-16 10:22 . 2010-05-16 10:22 ——– d—–w- c:\program files\OpenOffice.org 3
2010-05-16 10:11 . 2010-05-16 10:11 388096 —-a-r- c:\documents and settings\Le Beau\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-16 10:00 . 2010-05-16 10:02 ——– d—–w- c:\windows\SxsCaPendDel
2010-05-16 09:36 . 2010-05-16 09:30 95024 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-05-16 09:28 . 2010-05-16 10:01 ——– d—–w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-05-16 09:16 . 2010-05-16 09:16 ——– d—–w- c:\program files\Trend Micro
2010-05-16 08:47 . 2010-05-16 08:47 15944 —-a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-05-16 08:47 . 2010-05-16 08:47 ——– d—–w- c:\program files\Hitman Pro 3.5
2010-05-16 08:47 . 2010-05-16 08:47 ——– d—–w- c:\documents and settings\All Users\Application Data\Hitman Pro
2010-05-16 08:38 . 2010-05-16 08:38 ——– d—–w- c:\program files\Enigma Software Group
2010-05-16 08:38 . 2010-05-16 08:41 ——– d—–w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
2010-05-16 08:14 . 2010-05-16 08:14 ——– d—–w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-05-16 08:13 . 2010-05-16 10:04 ——– d—–w- c:\program files\SUPERAntiSpyware
2010-05-16 08:13 . 2010-05-16 10:04 ——– d—–w- c:\program files\Common Files\Wise Installation Wizard
2010-05-16 07:17 . 2010-05-16 07:17 ——– d—–w- c:\windows\Internet Logs
2010-05-15 20:53 . 2010-04-12 15:29 411368 —-a-w- c:\windows\system32\deployJava1.dll
2010-05-15 20:50 . 2010-05-15 20:50 ——– d—–w- c:\documents and settings\Le Beau\Application Data\CheckPoint
2010-05-15 20:49 . 2010-05-16 07:17 ——– d—–w- c:\program files\CheckPoint
2010-05-15 20:49 . 2010-05-15 20:49 4212 —ha-w- c:\windows\system32\zllictbl.dat
2010-05-15 20:42 . 2010-05-15 20:42 ——– d—–w- c:\windows\system32\wbem\Repository
2010-05-15 20:19 . 2010-05-15 20:41 ——– d—–w- c:\documents and settings\Le Beau\Application Data\Search Settings(2)
2010-05-15 17:37 . 2010-05-15 17:37 ——– d—–w- c:\documents and settings\Le Beau\Application Data\Malwarebytes
2010-05-15 17:37 . 2010-05-15 20:41 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2010-05-15 17:37 . 2010-05-15 17:37 ——– d—–w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-15 07:50 . 2010-05-15 20:41 ——– d—–w- c:\documents and settings\NetworkService\UserData
2010-05-13 08:32 . 2010-05-15 20:41 ——– d—–w- c:\program files\PDFCreator
2010-04-24 06:12 . 2010-04-24 06:12 49152 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-04-24 06:12 . 2010-04-24 06:12 45056 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-04-24 06:12 . 2010-04-24 06:12 45056 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-04-24 06:12 . 2010-04-24 06:12 45056 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-04-22 20:12 . 2010-05-15 07:49 ——– d—–w- c:\documents and settings\Le Beau\Application Data\vlc
2010-04-22 20:11 . 2010-04-22 20:11 ——– d—–w- c:\program files\VideoLAN
2010-04-18 16:22 . 2010-04-18 16:22 ——– d—–w- c:\windows\Sun
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-15 20:52 . 2009-05-13 17:00 ——– d—–w- c:\program files\Java
2010-04-24 06:12 . 2010-04-24 06:12 45056 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-04-24 06:12 . 2010-04-24 06:12 308808 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-04-24 06:12 . 2010-04-24 06:12 40960 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-04-24 06:12 . 2010-04-24 06:12 341600 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-04-24 06:12 . 2010-04-24 06:12 14848 —-a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-04-24 06:12 . 2010-04-24 06:11 ——– d—–w- c:\program files\Common Files\Real
2010-04-24 06:12 . 2010-04-24 06:11 ——– d—–w- c:\program files\Real
2010-04-24 06:11 . 2010-04-24 06:11 ——– d—–w- c:\program files\Common Files\xing shared
2010-04-24 06:11 . 2010-04-24 06:11 499712 —-a-w- c:\windows\system32\msvcp71.dll
2010-04-24 06:11 . 2010-04-24 06:11 348160 —-a-w- c:\windows\system32\msvcr71.dll
2010-04-05 07:12 . 2010-04-05 07:12 ——– d—–w- c:\documents and settings\Le Beau\Application Data\Panda Security
2010-03-29 16:44 . 2009-05-14 01:34 364882 —-a-w- c:\windows\system32\perfh013.dat
2010-03-29 16:44 . 2009-05-14 01:34 53850 —-a-w- c:\windows\system32\perfc013.dat
2010-03-29 16:41 . 2010-03-29 16:41 ——– d—–w- c:\program files\Atheros WLAN Client
2010-03-29 16:41 . 2009-05-13 17:02 ——– d–h–w- c:\program files\InstallShield Installation Information
2010-03-29 15:10 . 2010-03-29 15:10 ——– d—–w- c:\program files\Marvell
2010-03-27 21:43 . 2010-03-27 21:43 ——– d—–w- c:\program files\SRS Labs
2010-03-27 20:59 . 2009-05-13 17:05 ——– d—–w- c:\program files\Samsung
2010-03-27 20:22 . 2010-03-27 20:22 152576 —-a-w- c:\documents and settings\Le Beau\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-03-27 20:22 . 2010-03-27 20:22 79488 —-a-w- c:\documents and settings\Le Beau\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-03-23 16:19 . 2010-03-23 16:12 ——– d—–w- c:\program files\GoldWave
2010-03-21 14:21 . 2010-03-21 14:21 ——– d—–w- c:\program files\IrfanView
2010-03-19 16:50 . 2010-03-19 16:50 ——– d—–w- c:\program files\QuickPar
2010-03-19 15:46 . 2010-03-18 18:12 ——– d—–w- c:\documents and settings\Le Beau\Application Data\NewsLeecher
2010-03-19 15:46 . 2010-03-18 16:20 ——– d—–w- c:\program files\FTDv3.8
2010-03-18 19:24 . 2010-03-17 18:59 18112 —-a-w- c:\documents and settings\Le Beau\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-18 18:36 . 2010-03-18 18:36 ——– d—–w- c:\documents and settings\Le Beau\Application Data\Microsoft Web Folders
2010-03-18 18:36 . 2009-05-13 16:57 ——– d—–w- c:\program files\microsoft frontpage
2010-03-18 16:19 . 2010-03-18 16:19 ——– d—–w- c:\program files\7-Zip
2010-03-18 11:35 . 2010-03-18 11:35 ——– d—–w- c:\program files\NewsLeecher
2010-03-18 11:34 . 2010-03-18 11:34 ——– d—–w- c:\program files\DAMN NFO Viewer
2010-03-18 08:20 . 2009-05-13 17:07 ——– d—–w- c:\documents and settings\All Users\Application Data\WinClon
2010-03-17 23:09 . 2010-03-17 23:08 ——– d—–w- c:\program files\CyberLink
2010-03-17 23:08 . 2010-03-17 23:08 ——– d—–w- c:\documents and settings\All Users\Application Data\Temp
2010-03-17 23:08 . 2010-03-17 23:08 36864 —-a-w- c:\documents and settings\All Users\Application Data\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
2010-03-17 23:07 . 2010-03-17 23:07 ——– d—–w- c:\program files\WIDCOMM
2010-03-17 23:07 . 2010-03-17 23:07 0 -c–a-w- c:\windows\system32\drivers\144D_SAMSUNG_N_N120_05CE.mrk
2010-03-17 20:20 . 2010-03-17 20:20 ——– d—–w- c:\program files\CCleaner
2010-03-17 19:02 . 2010-03-17 19:02 ——– d—–w- c:\program files\Microsoft
2010-03-17 19:02 . 2010-03-17 19:02 ——– d—–w- c:\program files\Windows Live
2010-03-17 19:02 . 2010-03-17 19:02 ——– d—–w- c:\program files\Windows Live SkyDrive
2010-03-17 18:59 . 2010-03-17 18:59 ——– d—–w- c:\program files\Common Files\Windows Live
2010-03-17 18:58 . 2010-03-17 18:28 ——– d—–w- c:\program files\Winamp
2010-03-17 18:33 . 2010-03-17 18:33 0 -c–a-w- c:\windows\nsreg.dat
2010-03-17 17:49 . 2010-03-17 17:49 264 —-a-w- c:\windows\system32\PSUNCpl.dat
2010-03-09 11:11 . 2009-05-14 01:34 430080 —-a-w- c:\windows\system32\vbscript.dll
2010-02-26 05:53 . 2009-05-14 01:34 670208 —-a-w- c:\windows\system32\wininet.dll
2010-02-26 05:53 . 2009-05-14 01:33 81920 —-a-w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2009-05-14 01:33 455680 —-a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:09 . 2008-04-14 22:11 2150912 —-a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2008-04-14 22:11 2029056 —-a-w- c:\windows\system32\ntkrnlpa.exe
.
——- Sigcheck ——-
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-15 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-04-15 12:00 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-15 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2010-02-26 . 84D2DE61551FB64A0207BC111A30F9A0 . 3094016 . . [6.00.2900.5945] . . c:\windows\system32\mshtml.dll
[-] 2010-02-26 . 84D2DE61551FB64A0207BC111A30F9A0 . 3094016 . . [6.00.2900.5945] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-02-26 . B86E9813F70A693C192F27A79FB4F01D . 3094528 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
[-] 2009-12-22 . E9536E13EDDB2B72B33CB20182A80086 . 3092480 . . [6.00.2900.5921] . . c:\windows\$NtUninstallKB980182$\mshtml.dll
[-] 2009-12-22 . AB8AB19C3EC6FA71152C50E6C5F452C9 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
[7] 2008-04-15 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB978207$\mshtml.dll
[-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[7] 2008-04-15 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-02-16 . DA6465E0F6BBA4618E40C3D36B263866 . 2150912 . . [5.1.2600.5938] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-10 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 91BB9F7616C0A8BB6ECA10EB6816B21C . 2149888 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . 0F1A4A14A22DC4B839052DE174B57A33 . 2184832 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP2GDR\ntoskrnl.exe
[7] 2009-02-09 . 35BEF358DAB3E53ADF93AAE4D64F4852 . 2190464 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP3GDR\ntoskrnl.exe
[7] 2009-02-09 . AAC6BB111B1ACEAFCD3D3AD569BA3DD3 . 2149888 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB977165-v2$\ntoskrnl.exe
[7] 2008-04-15 . F13A2B659A51AA340F5596E7D604864B . 2149888 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2010-02-26 . 48C55933922D72B990E94CF8656BD05C . 670208 . . [6.00.2900.5945] . . c:\windows\system32\wininet.dll
[-] 2010-02-26 . 48C55933922D72B990E94CF8656BD05C . 670208 . . [6.00.2900.5945] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-02-26 . D3E73E61284082EF6249E3A62D1C79D0 . 671744 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
[-] 2009-12-22 . A21DF8A5A088A16563B30B7F3E70FEF2 . 670208 . . [6.00.2900.5921] . . c:\windows\$NtUninstallKB980182$\wininet.dll
[-] 2009-12-22 . 2ABF21F7978482AF7CFA4DABF8C5B4E6 . 671744 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[7] 2008-04-15 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB978207$\wininet.dll
[-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . 8734043A9B2FD911BA85A8A08F202B91 . 2029056 . . [5.1.2600.5938] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-10 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 1EC8EEA049772D6C6A6D7518589B6B5D . 2028544 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . 06A467DC3FF07102B058B2B41104662F . 2062080 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP2GDR\ntkrnlpa.exe
[7] 2009-02-09 . E03AE5E3171A627D58957B0437DEE4F9 . 2067328 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . 6DCC1CE955F33EC4C0CE271BFA5D3310 . 2028544 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB977165-v2$\ntkrnlpa.exe
[7] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\7cc53337f6052d404723aef4c076967b\SP3QFE\ntkrnlpa.exe
[7] 2008-04-15 . 1B3709F568AF90FDB935FD017C92E5E9 . 2028544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2009-11-02 08:00 312576 —-a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Pending Delete Icon]
@="{0847B599-9191-4A27-BD61-DE11598D3B1B}"
[HKEY_CLASSES_ROOT\CLSID\{0847B599-9191-4A27-BD61-DE11598D3B1B}]
2009-11-02 08:00 312576 —-a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2009-11-02 08:00 312576 —-a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BatteryLifeExtender"="c:\program files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe" [2009-03-13 550912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-18 137752]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"SUPBackGround"="c:\program files\Samsung\Samsung Update Plus\SUPBackGround.exe" [2010-02-03 294912]
"BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-11-27 2768896]
"DMHotKey"="c:\program files\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944]
"MagicKeyboard"="c:\program files\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-14 151552]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2009-10-30 361728]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-24 202256]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-23 603488]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [13-10-2009 16:50 114312]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [13-5-2009 19:00 4300]
R2 NanoServiceMain;NanoServiceMain;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [30-10-2009 18:29 136448]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [30-10-2009 17:18 146952]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [13-10-2009 16:50 95880]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [13-10-2009 16:50 101512]
R2 SRS_WOWXT_Service;SRS WOWXT/TSXT Service;c:\program files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe [19-5-2009 11:39 66792]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [14-5-2009 3:33 14336]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [27-3-2010 23:43 233512]
R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [13-5-2009 19:04 238464]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [13-5-2009 19:02 1684736]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
.
Inhoud van de 'Gedeelde Taken' map
2010-05-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2205146122-2744914269-312741955-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
2010-04-24 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2205146122-2744914269-312741955-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Verzenden naar Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Le Beau\Application Data\Mozilla\Firefox\Profiles\y73exvkm.default\
FF - prefs.js: browser.search.selectedEngine - YouTube
FF - prefs.js: browser.startup.homepage - hxxp://www.scannerforum.nl/search.php?search_id=newposts&sid=f3a771f65d4699f9c56458c4ab3aaff9
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
—- FIREFOX POLICIES —-
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""
;
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties";
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties";
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-16 20:58
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2010-05-16 21:00:18
ComboFix-quarantined-files.txt 2010-05-16 19:00
Pre-Run: 67.163.226.112 bytes beschikbaar
Post-Run: 67.182.841.856 bytes beschikbaar
- - End Of File - - C211F0CB77E3999EFC075E465CB9A2F4 - Beter nu?
- Ja tot nu toe geen gekke meldingen meer
Bedankt voor de hulp! - Download [b:e3a09e9766] (by OldTimer)
[list:e3a09e9766][*:e3a09e9766]Plaats het bestand op je bureaublad.
[*:e3a09e9766]Zorg dat er een internetverbinding is.
[*:e3a09e9766]Klik vervolgens met je rechtermuisknop op OTCleanIt.exe en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator) om het programma te starten.
[*:e3a09e9766]Klik nu op de knop "CleanUp!"
[*:e3a09e9766]Als je firewall, of een ander beveiligingsprogramma, een waarschuwing geeft dat OTC.exe internettoegang wil, mag je dit toestaan, het programma heeft die connectie nodig.
[*:e3a09e9766]OTC zal als laatste vragen of je de computer herstarten wilt, dit mag je toestaan, hiermee verwijdert het zichzelf ook.[/list:u:e3a09e9766]
[i:e3a09e9766][b:e3a09e9766]Nota[/b:e3a09e9766]: Het gebruik van OTC.exe zal alle gebruikte tools(inclusief bijbehorende logs en backupmappen) van je computer doen verwijderen.[/i:e3a09e9766] - Heb ik ook gedaan, system is geheel clean weer
Hartelijk dank! - Mooi mooi. :wink:
- Beste 'juisterr'
Ik heb een gelijkaardig probleem…
AVG blijft zeggen: trojaans paard generic 18.ALCI
Zou je naar het mijne ook even willen kijken aub?
Zou super zijn,
Thanks, - [quote:3fe30572c0="Moeke"]Beste 'juisterr'
Ik heb een gelijkaardig probleem…
AVG blijft zeggen: trojaans paard generic 18.ALCI
Zou je naar het mijne ook even willen kijken aub?
Zou super zijn,
Thanks,[/quote:3fe30572c0]
Beste,
Ik heb hier Vista op mijn PC, maar bij het rechtsklikken (bij HiJack…)
heb ik niet de optie 'uitvoeren als administrator'. Dat staat er niet tussen…
Begrijp er niet veel van… pff
Lastig, hopelijk kan jij me verderhelpen,
Groetjes, - Hallo Moeke, je gaat naar de installatielokatie van HijackThis en dan krijg je wel de optie, om het tool te starten met administratorrechten!
Maar lees dit ook:
Maak een nieuw topic aan - want om je probleem aan een opgelost topic te hangen, dat helpt niet echt!
Dus een eigen topic aamaken met daarin jouw log! - [quote:6e14c3e960="Abraham54"]Hallo Moeke, je gaat naar de installatielokatie van HijackThis en dan krijg je wel de optie, om het tool te starten met administratorrechten!
Maar lees dit ook:
Maak een nieuw topic aan - want om je probleem aan een opgelost topic te hangen, dat helpt niet echt!
Dus een eigen topic aamaken met daarin jouw log![/quote:6e14c3e960]
Beste,
Bedankt voor je reactie,
Ok, zal het onthouden voor volgende keer, bedankt voor de info.
Ik denk dat ik het er heb afgekregen…
AVG zegt er niets meer over en heb ook nog eens met Spybot geprobeerd…
Toch bedankt,
Groetjes,
Moeke - De tools die jij gebruikt geven geen garantie dat je de ongein nu kwijt bent!
Dus wil je zekerheid - dan doe je alsnog datgene wat je al eerder wou doen!
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
