bike devil
25 November 2006, 11:02
probleem kan bureaublad niet meer wijzigen
mijn log
Logfile of HijackThis v1.99.1
Scan saved at 10:00:09, on 25-11-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 7.exe
C:\Program Files\Telemeter 3.0\telemeter3.exe
C:\Program Files\HIS iTurbo\iTurbo.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\BandwidthMeterPro\BWMeterPro.exe
C:\Program Files\Save\Save.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\outlook express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.******.be/forum/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Helperobject voor Encarta Winkler Prins Webassistent - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Encarta Winkler Prins Webassistent - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 7.exe
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTurbo] "C:\Program Files\HIS iTurbo\iTurbo.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [BandwidthMeterPro] C:\Program Files\BandwidthMeterPro\BWMeterPro.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Telenet Nieuwsflash.lnk = C:\Program Files\Telenet Nieuwsflash\Nieuwdsdestkop_breedband.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://www.telenet.be/sys/tisp/ocx/PlaNetSysInfo.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://telenet.extrafilm.be/NET/Import/ImageUploader3.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
jurgenv
25 November 2006, 13:37
* Je kan deze instructies best uitprinten of opslaan in een kladblokbestand, want straks zal je in veilige modus
moeten gaan werken, en dan is deze pagina niet beschikbaar (geen internet)
* Download smitRem.exe (http://www.downloads.subratam.org/smitRem.exe) en sla dit op op het Bureaublad.
Dubbelklik op het bestand en pak het uit naar zijn eigen map op het Bureaublad.
* Download en installeer AVG Anti-Spyware (http://www.ewido.net/en/download/).
Na de installatie, open AVG Anti-Spyware:
* onder "Status", klik op Change state naast "Resident shield". (wijzig van active naar inactive!)
* onder "Update", klik op de Start update knop.
* onder "Scanner", tab "Settings":- onder "How to act?", klik op "Recommended actions" en selecteer Quarantine. (ZEER BELANGRIJK!)
* onder "Reports", selecteer Automatically generate report after every scan en verwijder het vinkje bij Only if threats were found
Sluit AVG Anti-Spyware. Laat het nog niet scannen.
* Als je Adaware SE nog niet geïnstalleerd hebt, download, installeer en update het dan volgens de richtlijnen
die je kan vinden op: http://users.pandora.be/marcvn/spyware/1414188.htm
Download link van Ad-aware: http://www.lavasoftusa.com/products/ad-aware_se_personal.php
* Start je computer op in VEILIGE MODUS (http://users.pandora.be/marcvn/spyware/1378056.htm)
* Open de smitrem-map op je bureaublad, en dubbelklik op RunThis.bat. Volg de aanwijzigingen op het scherm.
Je bureaublad en ikoontjes zullen even verdwijnen en daarna terug verschijnen, dit is normaal.
Wacht tot het tooltje zijn werk heeft gedaan en Disk Cleanup afgelopen is. Dit kan enige tijd duren, dus wees geduldig.
* Voer een volledige scan uit met Adaware en verwijder alles wat gevonden wordt.
* Start AVG Anti-Spyware.* Klik op Scan en kies Complete System Scan.
Na de scan; volg onderstaande instructies :
BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt !
* Draag er zorg voor dat Set all elements to: op Quarantine staat (1),
zoniet klik op de link en kies Quarantine in de popup menu. (2)
(Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !)
* Onderaan het venster klik op de Apply all Actions knop. (3)
http://home.scarlet.be/~topalex/ewidoscan.jpg
* Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop Save Report.
* Ga dan naar Start -> configuratiescherm -> vormgeving en thema's -> bureaublad ->bureaublad aanpassen -> Website -> haal het vinkje weg bij "Security Info" als het er nog staat.
* Herstart je computer in normale modus.
* Download ATF cleaner (http://www.atribune.org/ccount/click.php?id=1) (by Atribune)
Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.
Gebruik je ook Firefox als browser:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit verwijdert het vinkje bij "Firefox saved passwords")
Klik op de knop Empty Selected.
Gebruik je ook Opera als browser:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.
* Doe een online scan via Panda's online virus scan (http://www.pandasoftware.com/activescan/com/activescan_principal.htm) en bewaar het rapport dat je krijgt na het scannen
* Herstart je pc nogmaals en plaats dan een nieuw logje van Hijackthis, samen met het rapport van AVG Anti-Spyware 7.5 en Panda, Post de log van de smitRem tool, die je hier kan vinden: C:\smitfiles.txt.
bike devil
26 November 2006, 11:28
probleem met start pagina is opgelost
ik had het progje active disktop calender lopen en deze was de boosdoener
deze aflsuiten en probleem opgelost
toch bedankt voor de uitleg :good:
jurgenv
26 November 2006, 14:13
probleem met start pagina is opgelost
ik had het progje active disktop calender lopen en deze was de boosdoener
deze aflsuiten en probleem opgelost
toch bedankt voor de uitleg :good:
Kan ik toch de gevraagde logs zien? Er was trouwens meer aan de hand.
bike devil
28 November 2006, 09:02
ok nieuwe log
ik heb wel ergens een fout gedaan in avg antispyware heb ze verwijderd ipv quarantine te plaatsen kan dat kwaad
mijn schuld sorry beetje te vlug willen weken
Logfile of HijackThis v1.99.1
Scan saved at 7:49:20, on 28-11-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 7.exe
C:\Program Files\Telemeter 3.0\telemeter3.exe
C:\Program Files\HIS iTurbo\iTurbo.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\BandwidthMeterPro\BWMeterPro.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.******.be/forum/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Helperobject voor Encarta Winkler Prins Webassistent - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Encarta Winkler Prins Webassistent - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 7.exe
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTurbo] "C:\Program Files\HIS iTurbo\iTurbo.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [BandwidthMeterPro] C:\Program Files\BandwidthMeterPro\BWMeterPro.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Telenet Nieuwsflash.lnk = C:\Program Files\Telenet Nieuwsflash\Nieuwdsdestkop_breedband.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://www.telenet.be/sys/tisp/ocx/PlaNetSysInfo.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://telenet.extrafilm.be/NET/Import/ImageUploader3.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
smitRem © log file
version 3.2
by noahdfear
Microsoft Windows XP [versie 5.1.2600]
"IE"="6.0000"
Running from
C:\Documents and Settings\andy\Bureaublad\smit map\smitRem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run SharedTask Export
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C 2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\Browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461E F-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\Browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Appinitdll check ........ Thank you Grinler!
dumphive.exe (C)2000-2004 Markus Stephany
REGEDIT4
[Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
XP Firewall allowed access
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"="C:\\Program Files\\Sierra\\FEAR\\FEAR.exe:*:Enabled:FEAR"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinD VD"
"G:\\tools via rars\\wmmwm\\winks,moods,muggins,weemees and meegos\\mcoinstall.exe"="G:\\tools via rars\\wmmwm\\winks,moods,muggins,weemees and meegos\\mcoinstall.exe:*:Enabled:mcoinstall"
"C:\\Program Files\\THQ\\FSW Ten Hammers\\fsw2.exe"="C:\\Program Files\\THQ\\FSW Ten Hammers\\fsw2.exe:*:Disabled:\"Full Spectrum Warrrior 2: Ten Hammers\" Game"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\EA SPORTS\\2006 FIFA World Cup (TM)\\FIFAWC06.exe"="C:\\Program Files\\EA SPORTS\\2006 FIFA World Cup (TM)\\FIFAWC06.exe:*:Enabled:FIFAWC06"
"C:\\Program Files\\UltraVNC\\winvnc.exe"="C:\\Program Files\\UltraVNC\\winvnc.exe:*:Enabled:VNC server for Win32"
"F:\\FIFAWC06.EXE"="F:\\FIFAWC06.EXE:*:Enabled:FIFAWC06"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Micr osoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Een DLL-bestand als toepassing starten"
"C:\\Program Files\\SmartFTP\\SmartFTP.exe"="C:\\Program Files\\SmartFTP\\SmartFTP.exe:*:Enabled:SmartFTP Client"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
checking for drsmartload2 key
drsmartload2 key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
AlfaCleaner uninstaller NOT present
SpyFalcon uninstaller NOT present
SpywareQuake uninstaller NOT present
SpywareSheriff uninstaller NOT present
Trust Cleaner uninstaller NOT present
SpyHeal uninstaller NOT present
VirusBurst uninstaller NOT present
BraveSentry uninstaller NOT present
AntiVermins uninstaller NOT present
VirusBursters uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
amcompat.tlb
nscompat.tlb
logfiles
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 888 'explorer.exe'
Killing PID 888 'explorer.exe'
Starting registry repairs
Registry repairs complete
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SharedTask Export after registry fix
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C 2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\Browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461E F-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\Browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deleting files
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN! :)
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 22:20:18 26-11-2006
+ Scan result:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned with backup (quarantined).
C:\Program Files\Eset\infected\PNCNIGDA.NQF -> Adware.SaveNow : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Cleaned with backup (quarantined).
HKLM\SOFTWARE\WhenUSave -> Adware.SaveNow : Cleaned with backup (quarantined).
HKLM\SOFTWARE\WhenUSave\Partners -> Adware.SaveNow : Cleaned with backup (quarantined).
HKLM\SOFTWARE\WhenUSave\Partners\BSPL -> Adware.SaveNow : Cleaned with backup (quarantined).
HKU\S-1-5-21-823518204-1343024091-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \\WhenUSave -> Adware.SaveNow : Cleaned with backup (quarantined).
G:\tools via rars\setup.exe/update.dll -> Adware.Underground : Cleaned with backup (quarantined).
G:\tools zonder instal\165 STANDALONE Programs for Win XP\ROOT\~\PROGRAMS\SystemTools\SAMInside\SAMInside .exe -> Not-A-Virus.HackTool.Win32.SAMInside.23 : Cleaned with backup (quarantined).
G:\windows versie's\Pgm's\folding\FAH3Console.exe -> Not-A-Virus.NetTool.Win32.CalcFolding@Home : Cleaned with backup (quarantined).
G:\tools zonder instal\165 STANDALONE Programs for Win XP\ROOT\~\PROGRAMS\Internet Tools\emailpassview\MailPassView.exe -> Not-A-Virus.PSWTool.Win32.MailPassView.130 : Cleaned with backup (quarantined).
G:\tools zonder instal\165 STANDALONE Programs for Win XP\ROOT\~\PROGRAMS\Internet Tools\Outlooker\Outlooker.exe -> Not-A-Virus.PSWTool.Win32.Outlooker : Cleaned with backup (quarantined).
:mozilla.16:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.323:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.350:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.242:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.243:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.92:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.106:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.126:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.127:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.128:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.129:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@e-2dj6wfkyqoajgbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@e-2dj6wfliugcpmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@e-2dj6wfmywgajccp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@e-2dj6wgmysldpeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@e-2dj6whlooocpeeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@e-2dj6whlycmcpebp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.47:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.57:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.190:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Gamershell : Cleaned.
:mozilla.228:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.303:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.I12 : Cleaned.
:mozilla.271:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.384:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.385:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.386:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.387:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.388:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.408:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.409:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.410:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.411:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@ads.planetactive[2].txt -> TrackingCookie.Planetactive : Cleaned.
:mozilla.52:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Quarterserver : Cleaned.
:mozilla.361:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.427:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.415:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.416:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.417:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.418:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.419:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.390:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.391:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.392:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.393:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.109:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.110:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.111:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.112:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.113:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.114:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.115:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.116:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.262:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.332:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.333:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.334:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.335:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.336:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.66:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.67:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.68:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.69:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.404:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.425:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.426:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.448:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.620:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.43:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.44:C:\Documents and Settings\andy\Application Data\Mozilla\Firefox\Profiles\rdk6h6r6.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\andy\Cookies\andy@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\Eset\infected\YAVJV2BA.NQF -> Trojan.Agent.qt : Cleaned with backup (quarantined).
::Report end
jurgenv
28 November 2006, 18:19
* Je Java software is verouderd. oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem. Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:
Download de nieuwste versie hier: Java Runtime Environment (JRE) 5.0 Update 10 (http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=22&PartDetailId=jre-1.5.0_10-oth-JPR&SiteId=JSC&TransactionId=noreg).
Vink het volgende aan waar er staat: "Accept License Agreement".
De pagina zal herladen.
Klik op de link om Windows Offline Installation te downloaden met Meerdere-talen En bewaar het naar je bureaublad.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm en dubbelklik op software en verwijder alle oudere versies van Java.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart dan je pc.
Dubbelkik dan op jre-1_5_0_10-windows-i586-p.exe op je bureaublad om de nieuwste versie van Java te installeren.
* Voor de rest ziet het er goed uit.