Ga naar inhoud
  • 0

Trojaans paard Generic 15.CKWE


Anoniem2

Vraag

Beste lezers,\r\n\r\nIk heb de laatste tijd last van een trojan horse. Ik heb AVG free. Die vind ze wel, maar als je op Herstellen klikt, komt er : Opgegeven bestand kan niet worden gevonden.\r\n\r\nAls ik naar de locatie ga namelijk c:windows/temp en ik verwijder de mappen daar, krijg ik een paar minuten later weer een trojan horse in die map.\r\n\r\nIk had mijn pc aanlaten staan toen ik een wedstrijd aan het voetballen was, ik kom terug en hij heeft iets van 25 trojan horses gevonden, allemaal in c:windows/temp. Ik kan ze zovaak verwijderen als ik wil maar ze blijven terugkomen.\r\n\r\nHeb met AVG al gescant, niks gevonden. Met Hitman pro ook niks, met windows Defender ook niks.\r\n\r\nWeet iemand mischien een manier/programma op het voorgoed te verwijderen?\r\n\r\nAlvast bedankt!\r\n\r\n(hieronder screenshots van het probleem)\r\n\r\n[img]http://img6.imageshack.us/img6/8003/virusce.jpg[/img]\r\n[img]http://img695.imageshack.us/img695/9751/virus2.jpg[/img]
Link naar reactie

15 antwoorden op deze vraag

Aanbevolen berichten

  • 0
Download [b][url=http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis]HiJackThis[/url][/b]\r\n\r\nDubbelklik op HJTInstall.exe\r\nHijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.\r\n\r\nHijackThis zal openen na het installeren.\r\nKlik op \"Do a systemscan and save a logfile\". \r\nEr opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets. \r\n\r\nN.B. : gebruikers van Windows Vista en Windows 7 zullen eerst moeten rechtsklikken op HijackThis.exe en dan kiezen voor \"Run as Administrator\".
Link naar reactie
  • 0
Logfile of Trend Micro HijackThis v2.0.3 (BETA)\r\nScan saved at 17:53:12, on 12-12-2009\r\nPlatform: Windows Vista SP1 (WinNT 6.00.1905)\r\nMSIE: Internet Explorer v8.00 (8.00.6001.18865)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\Windows\\system32\\taskeng.exe\r\nC:\\Windows\\system32\\Dwm.exe\r\nC:\\Program Files\\TortoiseSVN\\bin\\TSVNCache.exe\r\nC:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\r\nC:\\Program Files\\Windows Media Player\\wmpnscfg.exe\r\nC:\\Sun\\SDK\\jdk\\bin\\javaw.exe\r\nC:\\Windows\\System32\\mobsync.exe\r\nC:\\Windows\\system32\\wuauclt.exe\r\nC:\\Windows\\explorer.exe\r\nC:\\Program Files\\TortoiseSVN\\bin\\TSVNCache.exe\r\nC:\\Program Files\\Windows Defender\\MSASCui.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Steam\\steam.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\javaw.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Windows\\system32\\SearchProtocolHost.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Windows\\system32\\SearchFilterHost.exe\r\nC:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\r\nC:\\Program Files\\TrendMicro\\HiJackThis\\HiJackThis.exe\r\n\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.msn.nl/[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant = \r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch = \r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nO1 - Hosts: ::1 localhost\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG\\AVG8\\avgssie.dll\r\nO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)\r\nO2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\r\nO2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll\r\nO4 - HKLM\\..\\Run: [AVG8_TRAY] C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe\r\nO4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background\r\nO4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETWORK SERVICE\')\r\nO4 - HKUS\\S-1-5-18\\..\\Run: [RegistryMonitor1] \"C:\\Windows\\TEMP\\vvds.tmp\\svchost.exe\" (User \'SYSTEEM\')\r\nO4 - HKUS\\.DEFAULT\\..\\Run: [RegistryMonitor1] \"C:\\Windows\\TEMP\\vvds.tmp\\svchost.exe\" (User \'Default user\')\r\nO4 - Startup: SDK Tray Menu.lnk = ?\r\nO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\\PROGRA~1\\MICROS~1\\OFFICE11\\EXCEL.EXE/3000\r\nO9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~1\\OFFICE11\\REFIEBAR.DLL\r\nO13 - Gopher Prefix: \r\nO16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - [url]http://cache.systemrequirementslab.com/htdocs/srl_bin/sysreqlab_srl.cab[/url]\r\nO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url]\r\nO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [url]http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab[/url]\r\nO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\\Program Files\\AVG\\AVG8\\avgpp.dll\r\nO20 - AppInit_DLLs: avgrsstx.dll\r\nO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\Windows\\system32\\browseui.dll\r\nO23 - Service: AMD External Events Utility - AMD - C:\\Windows\\system32\\atiesrxx.exe\r\nO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\\PROGRA~1\\AVG\\AVG8\\avgemc.exe\r\nO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\\PROGRA~1\\AVG\\AVG8\\avgwdsvc.exe\r\nO23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\\Program Files\\LogMeIn Hamachi\\hamachi-2.exe\r\nO23 - Service: Hitman Pro 3.5 Crusader (Boot) (HitmanPro35CrusaderBoot) - SurfRight B.V. - C:\\Users\\Gerco\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\BGAAMLTN\\HitmanPro35[1].exe\r\nO23 - Service: PnkBstrA - Unknown owner - C:\\Windows\\system32\\PnkBstrA.exe\r\nO23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files\\Common Files\\Steam\\SteamService.exe\r\n\r\n--\r\nEnd of file - 5612 bytes
Link naar reactie
  • 0
Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator\" of \"Uitvoeren als administrator\". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:\r\n\r\n[B]R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =\r\nO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)\r\nO2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll\r\nO4 - HKUS\\S-1-5-18\\..\\Run: [RegistryMonitor1] \"C:\\Windows\\TEMP\\vvds.tmp\\svchost.exe\" (User \'SYSTEEM\')\r\nO4 - HKUS\\.DEFAULT\\..\\Run: [RegistryMonitor1] \"C:\\Windows\\TEMP\\vvds.tmp\\svchost.exe\" (User \'Default user\')[/B]\r\n\r\nKlik op \'Fix checked\' om de items te verwijderen.\r\n\r\nVerwijder volgende vetgedrukte map :\r\n\r\nC:\\Program Files\\[B]Ask.com[/B]\r\n\r\nDownload [b][url=http://www.besttechie.net/tools/mbam-setup.exe]MBAM (Malwarebytes\' Anti-Malware).[/url][/b]\r\n\r\nDubbelklik op mbam-setup.exe om het programma te installeren.\r\n\r\nZorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes\' Anti-Malware en Start Malwarebytes\' Anti-Malware, Klik daarna op \"Voltooien\".\r\nIndien een update gevonden werd, zal die gedownload en geïnstalleerd worden.\r\nWanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : \"Snelle Scan\", daarna klik op Scan.\r\nHet scannen kan een tijdje duren, dus wees geduldig.\r\nWanneer de scan voltooid is, klik op OK, daarna \"Bekijk Resultaten\" om de resultaten te zien.\r\nZorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.\r\nNa het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder). \r\n\r\nIndien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.\r\nMBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.\r\n\r\nHet log wordt automatisch bewaard door MBAM en kan je terugvinden door op de \"Logs\" tab te klikken in het programma.\r\n\r\nIndien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.\r\n\r\nPlak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.
Link naar reactie
  • 0
[CODE]Malwarebytes\' Anti-Malware 1.42\r\nDatabase versie: 3350\r\nWindows 6.0.6001 Service Pack 1\r\nInternet Explorer 8.0.6001.18865\r\n\r\n12-12-2009 20:02:26\r\nmbam-log-2009-12-12 (20-02-26).txt\r\n\r\nScan type: Snelle Scan\r\nObjecten gescand: 104209\r\nVerstreken tijd: 5 minute(s), 37 second(s)\r\n\r\nGeheugenprocessen geïnfecteerd: 0\r\nGeheugenmodulen geïnfecteerd: 0\r\nRegistersleutels geïnfecteerd: 0\r\nRegisterwaarden geïnfecteerd: 0\r\nRegisterdata bestanden geïnfecteerd: 0\r\nMappen geïnfecteerd: 0\r\nBestanden geïnfecteerd: 1\r\n\r\nGeheugenprocessen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nGeheugenmodulen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegistersleutels geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegisterwaarden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegisterdata bestanden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nMappen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nBestanden geïnfecteerd:\r\nC:\\Users\\Gerco\\Local Settings\\Temporary Internet Files\\Softonic-Eng7_EN.exe (Trojan.Agent) -> Quarantined and deleted successfully.\r\n[/CODE]\r\n\r\n[B]Hijack This :[/B]\r\n\r\n[CODE]Logfile of Trend Micro HijackThis v2.0.3 (BETA)\r\nScan saved at 19:49:42, on 12-12-2009\r\nPlatform: Windows Vista SP1 (WinNT 6.00.1905)\r\nMSIE: Internet Explorer v8.00 (8.00.6001.18865)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\Windows\\system32\\taskeng.exe\r\nC:\\Windows\\system32\\Dwm.exe\r\nC:\\Program Files\\TortoiseSVN\\bin\\TSVNCache.exe\r\nC:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\r\nC:\\Program Files\\Windows Media Player\\wmpnscfg.exe\r\nC:\\Sun\\SDK\\jdk\\bin\\javaw.exe\r\nC:\\Windows\\System32\\mobsync.exe\r\nC:\\Windows\\system32\\wuauclt.exe\r\nC:\\Windows\\explorer.exe\r\nC:\\Program Files\\TortoiseSVN\\bin\\TSVNCache.exe\r\nC:\\Program Files\\Windows Defender\\MSASCui.exe\r\nC:\\Program Files\\Steam\\steam.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\javaw.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\r\nC:\\Windows\\system32\\SearchFilterHost.exe\r\nC:\\Program Files\\TrendMicro\\HiJackThis\\HiJackThis.exe\r\n\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.msn.nl/\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant = \r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch = \r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nO1 - Hosts: ::1 localhost\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG\\AVG8\\avgssie.dll\r\nO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)\r\nO2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\r\nO2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll\r\nO4 - HKLM\\..\\Run: [AVG8_TRAY] C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe\r\nO4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background\r\nO4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETWORK SERVICE\')\r\nO4 - HKUS\\S-1-5-18\\..\\Run: [RegistryMonitor1] \"C:\\Windows\\TEMP\\vvds.tmp\\svchost.exe\" (User \'SYSTEEM\')\r\nO4 - HKUS\\.DEFAULT\\..\\Run: [RegistryMonitor1] \"C:\\Windows\\TEMP\\vvds.tmp\\svchost.exe\" (User \'Default user\')\r\nO4 - Startup: SDK Tray Menu.lnk = ?\r\nO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\\PROGRA~1\\MICROS~1\\OFFICE11\\EXCEL.EXE/3000\r\nO9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~1\\OFFICE11\\REFIEBAR.DLL\r\nO13 - Gopher Prefix: \r\nO16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://cache.systemrequirementslab.com/htdocs/srl_bin/sysreqlab_srl.cab\r\nO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab\r\nO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab\r\nO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\\Program Files\\AVG\\AVG8\\avgpp.dll\r\nO20 - AppInit_DLLs: avgrsstx.dll\r\nO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\Windows\\system32\\browseui.dll\r\nO23 - Service: AMD External Events Utility - AMD - C:\\Windows\\system32\\atiesrxx.exe\r\nO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\\PROGRA~1\\AVG\\AVG8\\avgemc.exe\r\nO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\\PROGRA~1\\AVG\\AVG8\\avgwdsvc.exe\r\nO23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\\Program Files\\LogMeIn Hamachi\\hamachi-2.exe\r\nO23 - Service: Hitman Pro 3.5 Crusader (Boot) (HitmanPro35CrusaderBoot) - SurfRight B.V. - C:\\Users\\Gerco\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\BGAAMLTN\\HitmanPro35[1].exe\r\nO23 - Service: PnkBstrA - Unknown owner - C:\\Windows\\system32\\PnkBstrA.exe\r\nO23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files\\Common Files\\Steam\\SteamService.exe\r\n\r\n--\r\nEnd of file - 5470 bytes\r\n[/CODE]
Link naar reactie
  • 0
Hee, zouden jullie ook even kunnen kijken naar deze? Ik heb ook een trojan horse...\r\n\r\nLogfile of Trend Micro HijackThis v2.0.3 (BETA)\r\nScan saved at 19:40:15, on 4-1-2010\r\nPlatform: Windows XP SP3 (WinNT 5.01.2600)\r\nMSIE: Internet Explorer v8.00 (8.00.6001.18702)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\WINDOWS\\System32\\smss.exe\r\nC:\\WINDOWS\\system32\\winlogon.exe\r\nC:\\WINDOWS\\system32\\services.exe\r\nC:\\WINDOWS\\system32\\lsass.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\EvtEng.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\S24EvMon.exe\r\nC:\\Program Files\\AVG9\\avgchsvx.exe\r\nC:\\Program Files\\AVG9\\avgrsx.exe\r\nC:\\Program Files\\AVG9\\avgcsrvx.exe\r\nC:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nC:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nC:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe\r\nC:\\WINDOWS\\eHome\\ehRecvr.exe\r\nC:\\WINDOWS\\eHome\\ehSched.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nC:\\Program Files\\Common Files\\PC Tools\\sMonitor\\StartManSvc.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\RegSrvc.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\system32\\TODDSrv.exe\r\nC:\\PROGRA~1\\COMMON~1\\X10\\Common\\x10nets.exe\r\nC:\\WINDOWS\\system32\\dllhost.exe\r\nC:\\WINDOWS\\Explorer.EXE\r\nC:\\WINDOWS\\ehome\\ehtray.exe\r\nC:\\WINDOWS\\system32\\igfxtray.exe\r\nC:\\WINDOWS\\system32\\hkcmd.exe\r\nC:\\WINDOWS\\system32\\igfxpers.exe\r\nC:\\WINDOWS\\RTHDCPL.EXE\r\nC:\\WINDOWS\\eHome\\ehmsas.exe\r\nC:\\Program Files\\Apoint2K\\Apoint.exe\r\nC:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe\r\nC:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe\r\nC:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe\r\nC:\\Program Files\\Apoint2K\\Apntex.exe\r\nC:\\WINDOWS\\system32\\ZoomingHook.exe\r\nC:\\WINDOWS\\system32\\TCtrlIOHook.exe\r\nC:\\WINDOWS\\system32\\TPSMain.exe\r\nC:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe\r\nC:\\Program Files\\TOSHIBA\\TOSHIBA Controls\\TFncKy.exe\r\nC:\\Program Files\\TOSHIBA\\Tvs\\TvsTray.exe\r\nC:\\WINDOWS\\system32\\TPSBattM.exe\r\nC:\\Program Files\\TOSHIBA\\ConfigFree\\NDSTray.exe\r\nC:\\Program Files\\TOSHIBA\\TOSHIBA Direct Disc Writer\\ddwmon.exe\r\nC:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\r\nC:\\WINDOWS\\AGRSMMSG.exe\r\nC:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\jusched.exe\r\nC:\\PROGRA~1\\Intel\\Wireless\\Bin\\Dot1XCfg.exe\r\nC:\\Program Files\\iTunes\\iTunesHelper.exe\r\nC:\\WINDOWS\\system32\\ctfmon.exe\r\nC:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe\r\nC:\\Program Files\\iPod\\bin\\iPodService.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSTE08.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqbam08.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe\r\nC:\\WINDOWS\\system32\\spoolsv.exe\r\nC:\\Program Files\\AVG9\\avgwdsvc.exe\r\nC:\\Program Files\\AVG9\\avgam.exe\r\nC:\\Program Files\\AVG9\\avgnsx.exe\r\nC:\\Program Files\\AVG9\\avgtray.exe\r\nC:\\Program Files\\AVG9\\avgcsrvx.exe\r\nC:\\Program Files\\iTunes\\iTunes.exe\r\nC:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\r\nC:\\Program Files\\Windows Live\\Contacts\\wlcomm.exe\r\nC:\\Program Files\\Skype\\Phone\\Skype.exe\r\nC:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\WINDOWS\\system32\\msiexec.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Bureaublad\\Onderhoud\\Trojan horse\\TrendMicro\\HiJackThis\\HiJackThis.exe\r\n\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = [url]http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR[/url]\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.msn.nl[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Internet Connection Wizard,ShellNext = [url]http://www.msn.nl/[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Koppelingen\r\nO2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_printenhancer.dll\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\\Program Files\\Windows Desktop Search\\dsWebAllow.dll\r\nO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG9\\avgssie.dll\r\nO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)\r\nO2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugin.dll\r\nO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll\r\nO4 - HKLM\\..\\Run: [ehTray] C:\\WINDOWS\\ehome\\ehtray.exe\r\nO4 - HKLM\\..\\Run: [igfxtray] C:\\WINDOWS\\system32\\igfxtray.exe\r\nO4 - HKLM\\..\\Run: [igfxhkcmd] C:\\WINDOWS\\system32\\hkcmd.exe\r\nO4 - HKLM\\..\\Run: [igfxpers] C:\\WINDOWS\\system32\\igfxpers.exe\r\nO4 - HKLM\\..\\Run: [RTHDCPL] RTHDCPL.EXE\r\nO4 - HKLM\\..\\Run: [Alcmtr] ALCMTR.EXE\r\nO4 - HKLM\\..\\Run: [Apoint] C:\\Program Files\\Apoint2K\\Apoint.exe\r\nO4 - HKLM\\..\\Run: [PadTouch] C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe\r\nO4 - HKLM\\..\\Run: [CeEKEY] C:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe\r\nO4 - HKLM\\..\\Run: [TPNF] C:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe\r\nO4 - HKLM\\..\\Run: [HWSetup] C:\\Program Files\\TOSHIBA\\TOSHIBA Applet\\HWSetup.exe hwSetUP\r\nO4 - HKLM\\..\\Run: [SVPWUTIL] C:\\Program Files\\Toshiba\\Windows Utilities\\SVPWUTIL.exe SVPwUTIL\r\nO4 - HKLM\\..\\Run: [Zooming] ZoomingHook.exe\r\nO4 - HKLM\\..\\Run: [TCtryIOHook] TCtrlIOHook.exe\r\nO4 - HKLM\\..\\Run: [TPSMain] TPSMain.exe\r\nO4 - HKLM\\..\\Run: [SmoothView] C:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe\r\nO4 - HKLM\\..\\Run: [TFncKy] TFncKy.exe\r\nO4 - HKLM\\..\\Run: [Tvs] C:\\Program Files\\TOSHIBA\\Tvs\\TvsTray.exe\r\nO4 - HKLM\\..\\Run: [NDSTray.exe] NDSTray.exe\r\nO4 - HKLM\\..\\Run: [DDWMon] C:\\Program Files\\TOSHIBA\\TOSHIBA Direct Disc Writer\\\\ddwmon.exe\r\nO4 - HKLM\\..\\Run: [IntelZeroConfig] \"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\"\r\nO4 - HKLM\\..\\Run: [IntelWireless] \"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless\r\nO4 - HKLM\\..\\Run: [AGRSMMSG] AGRSMMSG.exe\r\nO4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"\r\nO4 - HKLM\\..\\Run: [Google Desktop Search] \"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup\r\nO4 - HKLM\\..\\Run: [hpqSRMon] C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe\r\nO4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\r\nO4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\"\r\nO4 - HKLM\\..\\Run: [AVG9_TRAY] C:\\PROGRA~1\\AVG9\\avgtray.exe\r\nO4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime\r\nO4 - HKLM\\..\\Run: [iTunesHelper] \"C:\\Program Files\\iTunes\\iTunesHelper.exe\"\r\nO4 - HKCU\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\ctfmon.exe\r\nO4 - HKCU\\..\\Run: [TOSCDSPD] C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe\r\nO4 - HKCU\\..\\Run: [Google Update] \"C:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c\r\nO4 - HKCU\\..\\RunOnce: [FlashPlayerUpdate] C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_FlashUtil.exe -p\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'Lokale service\')\r\nO4 - HKUS\\S-1-5-20\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'Netwerkservice\')\r\nO4 - HKUS\\S-1-5-18\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'SYSTEM\')\r\nO4 - HKUS\\.DEFAULT\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'Default user\')\r\nO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe\r\nO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\\WINDOWS\\system32\\GPhotos.scr/200\r\nO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office12\\EXCEL.EXE/3000\r\nO9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll\r\nO9 - Extra \'Tools\' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll\r\nO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL\r\nO9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll\r\nO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe\r\nO9 - Extra \'Tools\' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe\r\nO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244303053082[/url]\r\nO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244303123222[/url]\r\nO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\\Program Files\\AVG9\\avgpp.dll\r\nO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL\r\nO20 - AppInit_DLLs: C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL\r\nO20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)\r\nO22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\\WINDOWS\\system32\\browseui.dll\r\nO22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\WINDOWS\\system32\\browseui.dll\r\nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nO23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\\Program Files\\AVG9\\avgwdsvc.exe\r\nO23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nO23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe\r\nO23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\EvtEng.exe\r\nO23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\r\nO23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe\r\nO23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe\r\nO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nO23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\\Program Files\\Common Files\\PC Tools\\sMonitor\\StartManSvc.exe\r\nO23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\RegSrvc.exe\r\nO23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\S24EvMon.exe\r\nO23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\\WINDOWS\\system32\\TODDSrv.exe\r\nO23 - Service: X10 Device Network Service (x10nets) - X10 - C:\\PROGRA~1\\COMMON~1\\X10\\Common\\x10nets.exe\r\n\r\n--\r\nEnd of file - 13071 bytes\r\n\r\n\r\nAlvast bedankt!
Link naar reactie
  • 0
Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator\" of \"Uitvoeren als administrator\". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:\r\n\r\n[B]O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)\r\nO4 - HKLM\\..\\Run: [Alcmtr] ALCMTR.EXE\r\nO4 - HKCU\\..\\RunOnce: [FlashPlayerUpdate] C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_FlashUt il.exe -p\r\nO20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)\r\n[/B]\r\nKlik op \'Fix checked\' om de items te verwijderen.\r\n\r\nDownload [b][url=http://www.besttechie.net/tools/mbam-setup.exe]MBAM (Malwarebytes\' Anti-Malware).[/url][/b]\r\n\r\nDubbelklik op mbam-setup.exe om het programma te installeren.\r\n\r\nZorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes\' Anti-Malware en Start Malwarebytes\' Anti-Malware, Klik daarna op \"Voltooien\".\r\nIndien een update gevonden werd, zal die gedownload en geïnstalleerd worden.\r\nWanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : \"Snelle Scan\", daarna klik op Scan.\r\nHet scannen kan een tijdje duren, dus wees geduldig.\r\nWanneer de scan voltooid is, klik op OK, daarna \"Bekijk Resultaten\" om de resultaten te zien.\r\nZorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.\r\nNa het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder). \r\n\r\nIndien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.\r\nMBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.\r\n\r\nHet log wordt automatisch bewaard door MBAM en kan je terugvinden door op de \"Logs\" tab te klikken in het programma.\r\n\r\nIndien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.\r\n\r\nPlak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.
Link naar reactie
  • 0
Logfile of Trend Micro HijackThis v2.0.3 (BETA)\r\nScan saved at 20:35:48, on 5-1-2010\r\nPlatform: Windows XP SP3 (WinNT 5.01.2600)\r\nMSIE: Internet Explorer v8.00 (8.00.6001.18702)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\WINDOWS\\System32\\smss.exe\r\nC:\\WINDOWS\\system32\\winlogon.exe\r\nC:\\WINDOWS\\system32\\services.exe\r\nC:\\WINDOWS\\system32\\lsass.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\EvtEng.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\S24EvMon.exe\r\nC:\\Program Files\\AVG9\\avgchsvx.exe\r\nC:\\Program Files\\AVG9\\avgrsx.exe\r\nC:\\WINDOWS\\system32\\spoolsv.exe\r\nC:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nC:\\Program Files\\AVG9\\avgcsrvx.exe\r\nC:\\Program Files\\AVG9\\avgwdsvc.exe\r\nC:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nC:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe\r\nC:\\WINDOWS\\eHome\\ehRecvr.exe\r\nC:\\Program Files\\AVG9\\avgam.exe\r\nC:\\Program Files\\AVG9\\avgnsx.exe\r\nC:\\WINDOWS\\eHome\\ehSched.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\Explorer.EXE\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Common Files\\PC Tools\\sMonitor\\StartManSvc.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\RegSrvc.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\system32\\TODDSrv.exe\r\nC:\\PROGRA~1\\COMMON~1\\X10\\Common\\x10nets.exe\r\nC:\\WINDOWS\\system32\\dllhost.exe\r\nC:\\WINDOWS\\ehome\\ehtray.exe\r\nC:\\WINDOWS\\system32\\igfxtray.exe\r\nC:\\WINDOWS\\eHome\\ehmsas.exe\r\nC:\\WINDOWS\\system32\\hkcmd.exe\r\nC:\\WINDOWS\\system32\\igfxpers.exe\r\nC:\\WINDOWS\\RTHDCPL.EXE\r\nC:\\Program Files\\Apoint2K\\Apoint.exe\r\nC:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe\r\nC:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe\r\nC:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe\r\nC:\\Program Files\\Apoint2K\\Apntex.exe\r\nC:\\WINDOWS\\system32\\ZoomingHook.exe\r\nC:\\WINDOWS\\system32\\TCtrlIOHook.exe\r\nC:\\WINDOWS\\system32\\TPSMain.exe\r\nC:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe\r\nC:\\Program Files\\TOSHIBA\\TOSHIBA Controls\\TFncKy.exe\r\nC:\\Program Files\\TOSHIBA\\Tvs\\TvsTray.exe\r\nC:\\WINDOWS\\system32\\TPSBattM.exe\r\nC:\\Program Files\\TOSHIBA\\ConfigFree\\NDSTray.exe\r\nC:\\Program Files\\TOSHIBA\\TOSHIBA Direct Disc Writer\\ddwmon.exe\r\nC:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\r\nC:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\r\nC:\\WINDOWS\\AGRSMMSG.exe\r\nC:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\jusched.exe\r\nC:\\PROGRA~1\\AVG9\\avgtray.exe\r\nC:\\Program Files\\iTunes\\iTunesHelper.exe\r\nC:\\PROGRA~1\\Intel\\Wireless\\Bin\\Dot1XCfg.exe\r\nC:\\WINDOWS\\system32\\ctfmon.exe\r\nC:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe\r\nC:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\r\nC:\\Program Files\\iPod\\bin\\iPodService.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSTE08.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqbam08.exe\r\nC:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe\r\nC:\\Program Files\\Windows Live\\Contacts\\wlcomm.exe\r\nC:\\Program Files\\AVG9\\avgcsrvx.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Program Files\\AVG9\\avgscanx.exe\r\nC:\\Program Files\\AVG9\\avgcsrvx.exe\r\nC:\\Program Files\\Skype\\Phone\\Skype.exe\r\nC:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe\r\nC:\\Program Files\\iTunes\\iTunes.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Bureaublad\\Onderhoud\\Trojan horse\\TrendMicro\\HiJackThis\\HiJackThis.exe\r\nC:\\Documents and Settings\\Linde Oostenbroek\\Bureaublad\\Onderhoud\\malbam\\mbam-setup.exe\r\nC:\\DOCUME~1\\LINDEO~1\\LOCALS~1\\Temp\\is-QTCL9.tmp\\mbam-setup.tmp\r\nC:\\Program Files\\Onderhoud\\Malwarebytes\' Anti-Malware\\mbam.exe\r\n\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = [url]http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR[/url]\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.msn.nl[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Internet Connection Wizard,ShellNext = [url]http://www.msn.nl/[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Koppelingen\r\nO2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_printenhancer.dll\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\\Program Files\\Windows Desktop Search\\dsWebAllow.dll\r\nO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG9\\avgssie.dll\r\nO2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugin.dll\r\nO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll\r\nO4 - HKLM\\..\\Run: [ehTray] C:\\WINDOWS\\ehome\\ehtray.exe\r\nO4 - HKLM\\..\\Run: [igfxtray] C:\\WINDOWS\\system32\\igfxtray.exe\r\nO4 - HKLM\\..\\Run: [igfxhkcmd] C:\\WINDOWS\\system32\\hkcmd.exe\r\nO4 - HKLM\\..\\Run: [igfxpers] C:\\WINDOWS\\system32\\igfxpers.exe\r\nO4 - HKLM\\..\\Run: [RTHDCPL] RTHDCPL.EXE\r\nO4 - HKLM\\..\\Run: [Apoint] C:\\Program Files\\Apoint2K\\Apoint.exe\r\nO4 - HKLM\\..\\Run: [PadTouch] C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe\r\nO4 - HKLM\\..\\Run: [CeEKEY] C:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe\r\nO4 - HKLM\\..\\Run: [TPNF] C:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe\r\nO4 - HKLM\\..\\Run: [HWSetup] C:\\Program Files\\TOSHIBA\\TOSHIBA Applet\\HWSetup.exe hwSetUP\r\nO4 - HKLM\\..\\Run: [SVPWUTIL] C:\\Program Files\\Toshiba\\Windows Utilities\\SVPWUTIL.exe SVPwUTIL\r\nO4 - HKLM\\..\\Run: [Zooming] ZoomingHook.exe\r\nO4 - HKLM\\..\\Run: [TCtryIOHook] TCtrlIOHook.exe\r\nO4 - HKLM\\..\\Run: [TPSMain] TPSMain.exe\r\nO4 - HKLM\\..\\Run: [SmoothView] C:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe\r\nO4 - HKLM\\..\\Run: [TFncKy] TFncKy.exe\r\nO4 - HKLM\\..\\Run: [Tvs] C:\\Program Files\\TOSHIBA\\Tvs\\TvsTray.exe\r\nO4 - HKLM\\..\\Run: [NDSTray.exe] NDSTray.exe\r\nO4 - HKLM\\..\\Run: [DDWMon] C:\\Program Files\\TOSHIBA\\TOSHIBA Direct Disc Writer\\\\ddwmon.exe\r\nO4 - HKLM\\..\\Run: [IntelZeroConfig] \"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\"\r\nO4 - HKLM\\..\\Run: [IntelWireless] \"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless\r\nO4 - HKLM\\..\\Run: [AGRSMMSG] AGRSMMSG.exe\r\nO4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"\r\nO4 - HKLM\\..\\Run: [Google Desktop Search] \"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup\r\nO4 - HKLM\\..\\Run: [hpqSRMon] C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe\r\nO4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\r\nO4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\"\r\nO4 - HKLM\\..\\Run: [AVG9_TRAY] C:\\PROGRA~1\\AVG9\\avgtray.exe\r\nO4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime\r\nO4 - HKLM\\..\\Run: [iTunesHelper] \"C:\\Program Files\\iTunes\\iTunesHelper.exe\"\r\nO4 - HKLM\\..\\RunOnce: [Malwarebytes\' Anti-Malware] C:\\Program Files\\Onderhoud\\Malwarebytes\' Anti-Malware\\mbamgui.exe /install /silent\r\nO4 - HKCU\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\ctfmon.exe\r\nO4 - HKCU\\..\\Run: [TOSCDSPD] C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe\r\nO4 - HKCU\\..\\Run: [Google Update] \"C:\\Documents and Settings\\Linde Oostenbroek\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'Lokale service\')\r\nO4 - HKUS\\S-1-5-20\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'Netwerkservice\')\r\nO4 - HKUS\\S-1-5-18\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'SYSTEM\')\r\nO4 - HKUS\\.DEFAULT\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'Default user\')\r\nO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe\r\nO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\\WINDOWS\\system32\\GPhotos.scr/200\r\nO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office12\\EXCEL.EXE/3000\r\nO9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll\r\nO9 - Extra \'Tools\' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll\r\nO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL\r\nO9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll\r\nO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe\r\nO9 - Extra \'Tools\' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe\r\nO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244303053082[/url]\r\nO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244303123222[/url]\r\nO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\\Program Files\\AVG9\\avgpp.dll\r\nO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL\r\nO20 - AppInit_DLLs: C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL\r\nO22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\\WINDOWS\\system32\\browseui.dll\r\nO22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\WINDOWS\\system32\\browseui.dll\r\nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nO23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\\Program Files\\AVG9\\avgwdsvc.exe\r\nO23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nO23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe\r\nO23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\EvtEng.exe\r\nO23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\r\nO23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe\r\nO23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe\r\nO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nO23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\\Program Files\\Common Files\\PC Tools\\sMonitor\\StartManSvc.exe\r\nO23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\RegSrvc.exe\r\nO23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\S24EvMon.exe\r\nO23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\\WINDOWS\\system32\\TODDSrv.exe\r\nO23 - Service: X10 Device Network Service (x10nets) - X10 - C:\\PROGRA~1\\COMMON~1\\X10\\Common\\x10nets.exe\r\n\r\n--\r\nEnd of file - 13239 bytes
Link naar reactie
  • 0
Bij mbam zijn geen kwaadaardige items meer gevonden:\r\n\r\nMalwarebytes\' Anti-Malware 1.43\r\nDatabase versie: 3497\r\nWindows 5.1.2600 Service Pack 3\r\nInternet Explorer 8.0.6001.18702\r\n\r\n5-1-2010 20:55:11\r\nmbam-log-2010-01-05 (20-55-10).txt\r\n\r\nScan type: Snelle Scan\r\nObjecten gescand: 121781\r\nVerstreken tijd: 18 minute(s), 26 second(s)\r\n\r\nGeheugenprocessen geïnfecteerd: 0\r\nGeheugenmodulen geïnfecteerd: 0\r\nRegistersleutels geïnfecteerd: 0\r\nRegisterwaarden geïnfecteerd: 0\r\nRegisterdata bestanden geïnfecteerd: 0\r\nMappen geïnfecteerd: 0\r\nBestanden geïnfecteerd: 0\r\n\r\nGeheugenprocessen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nGeheugenmodulen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegistersleutels geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegisterwaarden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegisterdata bestanden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nMappen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nBestanden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)
Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Gast
Antwoord op deze vraag...

×   Geplakt als verrijkte tekst.   Herstel opmaak

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in

×
×
  • Nieuwe aanmaken...