Weergegeven resultaten: 1 t/m 7 van 7
  1. 21 September 2006, 21:32 #1
    Gertjeeuuhh
    Gertjeeuuhh is offline
    Gevorderd   Gertjeeuuhh's schermafbeelding
    Geregistreerd
    14 August 2005
    Locatie
    Meerbeke ( Ninove )
    Berichten
    271
    Bedankjes
    91
    Bedankt
    39 keer in 21 posts

    Beschaamd Problemen na klik op link.

    Hallo.

    Ik heb een probleem , het staat hier beschreven :

    http://www.ivanhoejupiler.be/t37473-...k-op-link.html



    Nu heb ik een logje gemaakt en vraag ik je om er eens naar te kijken,

    Het Logje:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:29:09, on 21/09/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\U2Nob29uamFucyBHZXJ0\command.exe
    D:\Program Files\Network Monitor\netmon.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\wscntfy.exe
    D:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    D:\Program Files\Winamp\winampa.exe
    D:\Program Files\Picasa2\PicasaMediaDetector.exe
    D:\Program Files\MessengerPlus! 3\MsgPlus.exe
    D:\Program Files\QuickTime\qttask.exe
    D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\dfndrff_e7.exe
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\Program Files\Common Files\{1CC554D2-057D-2067-0828-010719010020}\Update.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Steam\Steam.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\MSN Messenger\msnmsgr.exe
    D:\Program Files\Xfire\Xfire.exe
    c:\DXC1205b.exe
    c:\dfndrff_e10.exe
    D:\WINDOWS\system32\wuauclt.exe
    D:\WINDOWS\system32\rundll32.exe
    D:\WINDOWS\system32\taskmgr.exe
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    D:\Program Files\WinRAR\WinRAR.exe
    D:\Documents and Settings\Gert Schoonjans\Bureaublad\hijackthis[1]\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - D:\Program Files\SurfSideKick 3\SskBho.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - D:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - D:\Program Files\ToolBar888\MyToolBar.dll
    O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - (no file)
    O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] D:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SweetIM] D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [keyboard] c:\\kybrdff_e10.exe
    O4 - HKLM\..\Run: [defender] c:\\dfndrff_e10.exe
    O4 - HKLM\..\Run: [wgr89510] RUNDLL32.EXE w0659412.dll,n 0048950c0000000a0659412
    O4 - HKLM\..\Run: [SurfSideKick 3] D:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - HKLM\..\Run: [newname] C:\\nwnmff_e7.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [SweetIM] D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [SurfSideKick 3] D:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - D:\Documents and Settings\Gert Schoonjans\Menu Start\Programma's\IMVU\Run IMVU.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: repairs303169590.dll
    O20 - Winlogon Notify: URL - D:\WINDOWS\system32\hr0s05d7e.dll
    O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Command Service (cmdService) - Unknown owner - D:\WINDOWS\U2Nob29uamFucyBHZXJ0\command.exe
    O23 - Service: Network Monitor - Unknown owner - D:\Program Files\Network Monitor\netmon.exe




    PPLLLZZZ HEELP ME!!
    Sig was te groot
  2. 21 September 2006, 21:46 #2
    Gertjeeuuhh
    Gertjeeuuhh is offline
    Gevorderd   Gertjeeuuhh's schermafbeelding
    Geregistreerd
    14 August 2005
    Locatie
    Meerbeke ( Ninove )
    Berichten
    271
    Bedankjes
    91
    Bedankt
    39 keer in 21 posts
    Hallo ik heb combofix gebruikt en hier is het logje van Combofix:

    Gert Schoonjans - 06-09-21 21:38:41,72 Service Pack 2
    ComboFix 06.09.21 - Running from: "D:\Documents and Settings\Gert Schoonjans\Bureaublad"
    ((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))

    REGISTRY ENTRIES REMOVED:
    [HKEY_CLASSES_ROOT\CLSID\{E3AF9E3B-31BD-47E2-BFED-68B3C049A0B4}]
    @=""
    [HKEY_CLASSES_ROOT\CLSID\{E3AF9E3B-31BD-47E2-BFED-68B3C049A0B4}\Implemented Categories]
    @=""
    [HKEY_CLASSES_ROOT\CLSID\{E3AF9E3B-31BD-47E2-BFED-68B3C049A0B4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""
    [HKEY_CLASSES_ROOT\CLSID\{E3AF9E3B-31BD-47E2-BFED-68B3C049A0B4}\InprocServer32]
    @="D:\\WINDOWS\\system32\\ilseng.dll"
    "ThreadingModel"="Apartment"

    * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

    FILES REMOVED:
    D:\WINDOWS\system32\g040lahm1d4a.dll
    D:\WINDOWS\system32\g4040edqeh0e0.dll
    D:\WINDOWS\system32\gppul3791.dll
    D:\WINDOWS\system32\hr0s05d7e.dll
    D:\WINDOWS\system32\hr8s05l7e.dll
    D:\WINDOWS\system32\ifsso.dll
    D:\WINDOWS\system32\ilseng.dll
    D:\WINDOWS\system32\kjd101.dll
    D:\WINDOWS\system32\lv0u09d9e.dll
    D:\WINDOWS\system32\petorsvc.dll
    D:\WINDOWS\system32\guard.tmp

    Granting sedebugprivilege to Administrators ... successful


    ((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))

    D:\WINDOWS\system32\repairs303169590.dll
    D:\Documents and Settings\Gert Schoonjans\Application Data\Sskcwrd.dll
    D:\Documents and Settings\Gert Schoonjans\Application Data\Sskdmns.dll
    D:\Documents and Settings\Gert Schoonjans\Application Data\Sskknwrd.dll
    D:\Documents and Settings\Gert Schoonjans\Application Data\Sskuknwrd.dll
    D:\WINDOWS\system32\bk.exe
    D:\Program Files\surfsidekick 3\Ssk.exe
    D:\Program Files\surfsidekick 3\SskBho.dll
    D:\Program Files\surfsidekick 3\SskCore.dll

    * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\M72BIXWF\dfndrff_e[1].exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\6FG1QPMF\drsmartload1135a[1].exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\6TG1Q961\drsmartload46a[1].exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\M72BIXWF\drsmartload849a[1].exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\OFGJ63UB\drsmartload45a[1].exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\6FG1QPMF\kybrdff_e[1].exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\6TG1Q961\MTE3NDI6ODoxNg[1].exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\M72BIXWF\nwnmff_e[1].exe
    D:\WINDOWS\uninstall_nmon.vbs
    D:\WINDOWS\system32\atmtd.dll
    D:\WINDOWS\system32\atmtd.dll._
    D:\Documents and Settings\LocalService\Application Data\NetMon
    D:\Program Files\TheSearchAccelerator
    D:\Program Files\ToolBar888
    D:\Program Files\Deskbar
    D:\Program Files\network monitor
    D:\Program Files\Common Files\{1CC554D2-057D-2067-0828-010719010020}
    D:\WINDOWS\U2Nob29uamFucyBHZXJ0

    ((((((((((((((((((((((((((((((( Files Created from 2006-08-21 to 2006-09-21 ))))))))))))))))))))))))))))))))))

    2006-09-17 20:44 61,952 --a------ D:\WINDOWS\system32\wgr89510.dll
    2006-09-17 20:44 29,696 --a------ D:\WINDOWS\system32\w0659412.dll
    2006-09-17 20:44 1,233 --a------ D:\WINDOWS\system32\wgr89510.sys
    2006-09-14 20:05 58,952 --------- D:\WINDOWS\system32\MsgPlusLoader.dll
    2006-09-10 16:46 54,272 --a------ D:\WINDOWS\system32\vfwwdm32.dll
    2006-09-10 16:43 61,440 --a------ D:\WINDOWS\system32\dsncp106.dll
    2006-09-10 16:43 53,248 --a------ D:\WINDOWS\amcap.exe
    2006-09-10 16:43 45,056 --a------ D:\WINDOWS\system32\vsncp106.dll
    2006-09-10 16:43 307,200 --a------ D:\WINDOWS\vidcap32.exe
    2006-09-10 16:43 28,672 --a------ D:\WINDOWS\vsncp106.exe
    2006-09-10 16:43 20,480 --a------ D:\WINDOWS\dsncp106.exe
    2006-09-10 16:43 120,884 --a------ D:\WINDOWS\usncp106.exe
    2006-09-08 18:11 304,128 --a------ D:\WINDOWS\IsUninst.exe
    2006-09-08 18:11 225,280 --a------ D:\WINDOWS\system32\awrtl30.dll
    2006-09-08 18:11 111,616 --------- D:\WINDOWS\system32\Ltih30tb.dll
    2006-09-08 18:10 299,520 --a------ D:\WINDOWS\uninst.exe
    2006-09-03 21:42 720,896 --a------ D:\WINDOWS\iun6002ev.exe
    2006-09-03 21:35 86,016 --a------ D:\WINDOWS\unvise32.exe
    2006-08-27 21:47 92,208 --------- D:\WINDOWS\system32\WING.DLL
    2006-08-27 21:47 305,152 --a------ D:\WINDOWS\IsUn0413.exe
    2006-08-27 21:47 188,960 --------- D:\WINDOWS\system32\WINGDE.DLL
    2006-08-27 21:47 12,800 --------- D:\WINDOWS\system32\WING32.DLL

    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))

    2006-09-21 21:40 -------- d-------- D:\Program Files\Common Files
    2006-09-21 21:38 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\Xfire
    2006-09-21 21:15 -------- d-------- D:\Program Files\Steam
    2006-09-19 21:52 -------- d--h----- D:\Program Files\InstallShield Installation Information
    2006-09-19 21:52 -------- d-------- D:\Program Files\Google
    2006-09-19 21:52 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\Google
    2006-09-17 21:44 -------- d-------- D:\Program Files\MSN Messenger
    2006-09-17 21:19 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\Lavasoft
    2006-09-17 21:18 -------- d-------- D:\Program Files\Lavasoft
    2006-09-14 21:26 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\AVG7
    2006-09-14 21:25 777472 --a------ D:\WINDOWS\system32\drivers\avg7core.sys
    2006-09-14 21:25 4288 --a------ D:\WINDOWS\system32\drivers\avg7rsw.sys
    2006-09-14 21:25 27904 --a------ D:\WINDOWS\system32\drivers\avg7rsxp.sys
    2006-09-14 21:25 23424 --a------ D:\WINDOWS\system32\drivers\avgmfrs.sys
    2006-09-14 20:38 -------- d---s---- D:\Documents and Settings\Gert Schoonjans\Application Data\Microsoft
    2006-09-14 20:38 -------- d-------- D:\Program Files\Macrogaming
    2006-09-13 19:19 -------- d---s---- D:\Program Files\Xfire
    2006-09-12 21:48 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\Autodesk
    2006-09-10 16:43 -------- d-------- D:\Program Files\Common Files\sncp106
    2006-09-09 22:06 -------- d-------- D:\Program Files\Visiosonic
    2006-09-09 18:24 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\MixMeister Technology
    2006-09-09 18:16 -------- d-------- D:\Program Files\MixMeister Pro 5
    2006-09-09 11:37 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\Adobe
    2006-09-08 18:12 -------- d-------- D:\Program Files\AutoCAD 2002
    2006-09-08 18:11 -------- d-------- D:\Program Files\WexTech
    2006-09-08 18:11 -------- d-------- D:\Program Files\Common Files\Wextech Shared
    2006-09-08 18:11 -------- d-------- D:\Program Files\Common Files\LHSPF
    2006-09-08 18:11 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\Help
    2006-09-08 18:09 -------- d-------- D:\Program Files\Microsoft Office
    2006-09-08 18:09 -------- d-------- D:\Program Files\Common Files\Designer
    2006-09-08 18:09 -------- d-------- D:\Program Files\Common Files\Autodesk Shared
    2006-09-03 21:42 -------- d-------- D:\Program Files\tnhteam
    2006-08-27 21:47 -------- d-------- D:\Program Files\LEGO Media
    2006-08-27 20:50 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\ArcSoft
    2006-08-27 13:02 -------- d-------- D:\Program Files\QuickTime
    2006-08-25 22:04 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\MSNInstaller
    2006-08-25 15:38 24504 --a------ D:\Documents and Settings\Gert Schoonjans\Application Data\GDIPFONTCACHEV1.DAT
    2006-08-21 14:28 16896 --a------ D:\WINDOWS\system32\fltlib.dll
    2006-08-21 11:14 23040 --a------ D:\WINDOWS\system32\fltmc.exe
    2006-08-21 11:14 128896 --a------ D:\WINDOWS\system32\drivers\fltmgr.sys
    2006-08-18 13:32 -------- d-------- D:\Program Files\GTA3CarEditor
    2006-08-17 15:43 720896 --a------ D:\WINDOWS\iun6002.exe
    2006-08-17 15:43 -------- d-------- D:\Program Files\BlueVoda Website Builder
    2006-08-17 11:00 -------- d-------- D:\Program Files\MessengerPlus! 3
    2006-08-16 10:14 -------- d-------- D:\Program Files\Internet Explorer
    2006-08-14 22:49 -------- d-------- D:\Program Files\WinRAR
    2006-08-14 19:44 -------- d-------- D:\Program Files\Picasa2
    2006-08-08 18:30 -------- d-------- D:\Program Files\IMVU
    2006-08-08 18:30 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\IMVU
    2006-08-08 17:23 -------- d-------- D:\Program Files\Ipswitch
    2006-08-08 17:23 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\Ipswitch
    2006-08-07 22:40 -------- d-------- D:\Program Files\Winamp
    2006-08-07 17:48 -------- d-------- D:\Program Files\SHOUTcast
    2006-08-07 17:14 -------- d-------- D:\Program Files\Windows Media Player
    2006-08-07 13:58 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\LimeWire
    2006-08-07 11:44 -------- d-------- D:\Program Files\MSN Apps
    2006-08-07 11:33 -------- d-------- D:\Program Files\Common Files\Microsoft Shared
    2006-07-27 15:26 679424 --a------ D:\WINDOWS\system32\inetcomm.dll
    2006-07-25 14:05 -------- d-------- D:\Documents and Settings\Gert Schoonjans\Application Data\AdobeUM
    2006-07-25 13:35 -------- d-------- D:\Program Files\Liekes
    2006-07-25 13:32 -------- d-------- D:\Program Files\GTA 3
    2006-07-21 10:29 72704 --a------ D:\WINDOWS\system32\hlink.dll
    2006-06-22 22:25 62 --ahs---- D:\Documents and Settings\Gert Schoonjans\Application Data\desktop.ini
    2006-06-22 07:17 69120 --a------ D:\WINDOWS\system32\ciodm.dll
    2006-06-22 07:17 1440768 --a------ D:\WINDOWS\system32\query.dll

    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "CTFMON.EXE"="D:\\WINDOWS\\system32\\ctfmon.ex e"
    "Steam"="\"D:\\Program Files\\Steam\\Steam.exe\" -silent"
    "MSMSGS"="\"D:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "SweetIM"="D:\\Program Files\\Macrogaming\\SweetIM\\SweetIM.exe"
    "MessengerPlus3"="\"D:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\" /WinStart"
    "msnmsgr"="\"D:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "SunJavaUpdateSched"="D:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe"
    "WinampAgent"="D:\\Program Files\\Winamp\\winampa.exe"
    "Picasa Media Detector"="D:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
    "MessengerPlus3"="\"D:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\""
    "QuickTime Task"="\"D:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "SweetIM"="D:\\Program Files\\Macrogaming\\SweetIM\\SweetIM.exe"
    "wgr89510"="RUNDLL32.EXE w0659412.dll,n 0048950c0000000a0659412"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\OptionalComponents]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000000
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Mijn huidige introductiepagina"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00 ,9a,03,00,00,42,03,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00 ,00,00,00,00,00,00
    "CurrentState"=dword:40000004
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff ,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23 ,00,00,00,a4,00,00,00,9a,00,\
    00,00,01,00,00,00
    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run]
    "CTFMON.EXE"="D:\\WINDOWS\\system32\\CTFMON.EX E"
    "msnmsgr"="\"D:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="D:\\WINDOWS\\system32\\CTFMON.EX E"
    "msnmsgr"="\"D:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\explorer\Run]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001
    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\policies\explorer\Run]
    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\explorer\Run]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders
    securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

    Completion time: Thu 21/09/2006 21:41:15.36
    ComboFix.txt


    en hier is het nieuwe logje van Hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:46:37, on 21/09/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\wscntfy.exe
    D:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    D:\Program Files\Winamp\winampa.exe
    D:\Program Files\Picasa2\PicasaMediaDetector.exe
    D:\Program Files\MessengerPlus! 3\MsgPlus.exe
    D:\Program Files\QuickTime\qttask.exe
    D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Steam\Steam.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\MSN Messenger\msnmsgr.exe
    D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    D:\Program Files\Xfire\Xfire.exe
    D:\WINDOWS\system32\wuauclt.exe
    D:\WINDOWS\system32\wuauclt.exe
    D:\WINDOWS\system32\NOTEPAD.EXE
    D:\Program Files\Internet Explorer\iexplore.exe
    D:\Documents and Settings\Gert Schoonjans\Bureaublad\hijackthis[1]\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] D:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SweetIM] D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [wgr89510] RUNDLL32.EXE w0659412.dll,n 0048950c0000000a0659412
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [SweetIM] D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] ~"D:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - D:\Documents and Settings\Gert Schoonjans\Menu Start\Programma's\IMVU\Run IMVU.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe



    voor wie me helpt: THNX
    Sig was te groot
  3. 22 September 2006, 16:46 #3
    Gertjeeuuhh
    Gertjeeuuhh is offline
    Gevorderd   Gertjeeuuhh's schermafbeelding
    Geregistreerd
    14 August 2005
    Locatie
    Meerbeke ( Ninove )
    Berichten
    271
    Bedankjes
    91
    Bedankt
    39 keer in 21 posts
    Wil er aub iem naar kijke plz
    Sig was te groot
  4. 22 September 2006, 17:15 #4
    Martijnc
    Martijnc is offline
    Erelid/Spyware Slayer  
    Geregistreerd
    10 May 2005
    Berichten
    1.887
    Bedankjes
    111
    Bedankt
    362 keer in 239 posts
    Hallo,

    * Ga naar start ==> Configuratiescherm ==> Software en verwijder MSN.
    Ga naar deze map en verwijder hem:
    C:\Program Files\MSN Messsenger

    * Plaats HijackThis in een vaste map!

    * Start HijackThis en klik op "Do a system scan only" en vink de volgende regels aan:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com


    * Sluit alle andere vensters en klik "fix checked"

    * Download en installeer Ewido Anti-Spyware 4.0.
    Start Ewido.
    • klik achter "Resident Shield" op "change state", zodat "active" verandert in "inactive".
    • klik achter "Automatic updates" op "change state", zodat "active" verandert in "inactive".
      (Negeer de "Your computer is at risk" melding die Ewido nu geeft.)
    • Klik in het menu bovenaan op Update en klik op de Start Update knop. Wacht tot de updates zijn binnengehaald.
    • Klik in het menu bovenaan op Scanner en kies Settings.
      - Klik onder "How to act?" op Recommended Actions en selecteer Quarantine (belangrijk!).
      - Zorg ervoor dat onder Reports is aangevinkt: Automatically generate report after every scan.
      - Zorg ervoor dat onder Reports géén vinkje staat voor: Only if threats were found.
    • Klik op Scan en kies Complete System Scan.
    • Na afloop van de scan, klik je op Apply All Actions.
    • Wanneer je de melding krijgt All actions have been applied, klik je onderaan op de knop Save Report. Het rapport van de scan wordt nu opgeslagen in de map Program Files\ewido anti-spyware 4.0\Reports.
      Klik je daarna op de knop Save report as, dan krijg je de mogelijkheid om het rapportje op een andere plaats op te slaan. Sla het rapport op op een plaats waar je het gemakkelijk kunt terugvinden, bijv. je bureaublad.
    • Sluit Ewido af.
    • Kopieer het rapport van de scan en plaats dat hier in je volgende bericht samen met een nieuw HijackThis logje.
  5. 22 September 2006, 19:17 #5
    Gertjeeuuhh
    Gertjeeuuhh is offline
    Gevorderd   Gertjeeuuhh's schermafbeelding
    Geregistreerd
    14 August 2005
    Locatie
    Meerbeke ( Ninove )
    Berichten
    271
    Bedankjes
    91
    Bedankt
    39 keer in 21 posts
    LOGJE VAN EWIDO:

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------
    + Created at: 19:15:49 22/09/2006
    + Scan result:

    C:\_RESTORE\TEMP\BBI8033.0 -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    C:\_RESTORE\TEMP\GUU3361.0 -> Adware.Gator : Cleaned with backup (quarantined).
    C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
    C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\_RESTORE\TEMP\NEWDOT~1.0 -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\_RESTORE\TEMP\NEWDOT~3.0 -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\WINDOWS\SYSTEM32\rlls.dll -> Adware.RK : Cleaned with backup (quarantined).
    C:\ucmoreiex.exe/IUCMORE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
    C:\ucmoreiex.exe/UCMTSAIE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
    C:\ucmoreiex.exe/empty_00000001 -> Adware.Ucmore : Cleaned with backup (quarantined).
    [312] D:\WINDOWS\system32\wgr89510.dll -> Downloader.Agent.awb : Cleaned with backup (quarantined).
    C:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll -> Downloader.Small : Cleaned with backup (quarantined).
    C:\ac3_0010.exe -> Downloader.Small : Cleaned with backup (quarantined).
    C:\MTE3NDI6ODoxNgnew.exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
    C:\drsmartload.exe -> Downloader.VB.ach : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lieve De Cremer\Local Settings\Temporary Internet Files\Content.IE5\NBXHTL9U\ABoxInst_int12[1].exe -> Downloader.VB.ft : Cleaned with backup (quarantined).
    C:\SS1001newer.exe -> Dropper.Small.qn : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lieve De Cremer\Local Settings\Temporary Internet Files\Content.IE5\XUS2BHH8\WinFixer2005ScannerInst all[1].exe -> Not-A-Virus.Downloader.Win32.Agent.c : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\XD2WQQZU\ErrorSafeScannerInstall _nl[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lieve De Cremer\Local Settings\Temporary Internet Files\Content.IE5\P8TXFPTF\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lieve De Cremer\Local Settings\Temporary Internet Files\Content.IE5\QRO3XMFI\send_ocx_sof[2].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@2o7[3].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@microsofteup.11 2.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@wrigley.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@66.220.17[1].txt -> TrackingCookie.66.220.17.154 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@eztracks.aavalu e[1].txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@ads.addynami x[1].txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@z1.adserver[3].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@ads18.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@casinopays[1].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@crbanner.cas inopays[2].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@adopt.eurocl ick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@as-eu.falkag[3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@media.fastcl ick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@ehg-hitent.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@ehg-autodesk.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@counter.hitslin k[2].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@counter.hits link[2].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@creatives.internetfuel[1].txt -> TrackingCookie.Internetfuel : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@internetfuel[1].txt -> TrackingCookie.Internetfuel : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@server.iad.live person[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@server.iad.live person[5].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@server.iad.live person[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@server.iad.l iveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@server.iad.l iveperson[5].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@lop[1].txt -> TrackingCookie.Lop : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@lop[3].txt -> TrackingCookie.Lop : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@www.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@images.lop[2].txt -> TrackingCookie.Lop : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@data3.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@popunder.paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@ads.pointrol l[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@ads.pointrol l[3].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@stats1.reliable stats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@stats1.reliable stats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@stats1.reliable stats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@stats1.relia blestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@stats1.relia blestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@ads1.revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@www.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@statse.webtr endslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@statse.webtr endslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke schoonjans@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Anke Schoonjans\Cookies\anke_schoonjans@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert schoonjans@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias schoonjans@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@ad.yieldmana ger[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Mathias Schoonjans\Cookies\mathias_schoonjans@ad.yieldmana ger[3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Gert Schoonjans\Cookies\gert_schoonjans@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    C:\kybrdff_e6.exe -> Trojan.VB.asu : Cleaned with backup (quarantined).
    C:\dfndrff_e6.exe -> Trojan.VB.asv : Cleaned with backup (quarantined).

    ::Report end









    Nieuwe log van Hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 19:17:38, on 22/09/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    D:\Program Files\Winamp\winampa.exe
    D:\Program Files\Picasa2\PicasaMediaDetector.exe
    D:\Program Files\MessengerPlus! 3\MsgPlus.exe
    D:\Program Files\QuickTime\qttask.exe
    D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\WINDOWS\system32\wscntfy.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Steam\Steam.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\Xfire\Xfire.exe
    D:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Internet Explorer\iexplore.exe
    D:\Program Files\ewido anti-spyware 4.0\guard.exe
    D:\Program Files\ewido anti-spyware 4.0\ewido.exe
    D:\Program Files\Windows Media Player\wmplayer.exe
    D:\Documents and Settings\Gert Schoonjans\Local Settings\Temporary Internet Files\Content.IE5\BYC7J1WD\Install_Messenger[1].exe
    D:\DOCUME~1\GERTSC~1\LOCALS~1\Temp\IXP000.TMP\boot strap.exe
    D:\WINDOWS\system32\msiexec.exe
    D:\WINDOWS\system32\MsiExec.exe
    D:\WINDOWS\system32\NOTEPAD.EXE
    D:\Documents and Settings\Gert Schoonjans\Bureaublad\hijackthis[1]\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] D:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SweetIM] D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [wgr89510] RUNDLL32.EXE w0659412.dll,n 0048950c0000000a0659412
    O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe D:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "D:\DOCUME~1\GERTSC~1\LOCALS~1\Temp\IXP000.TMP \"
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [SweetIM] D:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - D:\Documents and Settings\Gert Schoonjans\Menu Start\Programma's\IMVU\Run IMVU.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
    Sig was te groot
  6. 22 September 2006, 20:55 #6
    Martijnc
    Martijnc is offline
    Erelid/Spyware Slayer  
    Geregistreerd
    10 May 2005
    Berichten
    1.887
    Bedankjes
    111
    Bedankt
    362 keer in 239 posts
    * Plaats HijackThis in een vaste map!!

    * Start HijackThis en klik op "Do a system scan only" en vink deze regel aan:

    O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe D:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "D:\DOCUME~1\GERTSC~1\LOCALS~1\Temp\IXP000.TMP \"

    * Sluit alle andere vensters en klik "Fix checked"

    * Download ATF Cleaner by Atribune.
    • Dubbelklik ATF-Cleaner.exe om het te starten.
      Onder Main kies je: Select All
      Klik de Empty Selected knop.
    Indien je Firefox gebruikt
    • Klik Firefox bovenaan in het menu en vink aan: Select All
      Klik de Empty Selected knop.
      NOTA: Indien je je wachtwoorden wilt behouden, klik No bij de melding wat betreft passwords.
    Indien je Opera gebruikt
    • Klik Opera bovenaan in het menu en kies: Select All
      Klik de Empty Selected knop.
      NOTA: Indien je je wachtwoorden wilt behouden, klik No bij de melding wat betreft passwords.
    Klik Exit om daarna het programma te beeïndigen.

    * Heb je nog steeds problemen?
  7. 24 September 2006, 22:02 #7
    Gertjeeuuhh
    Gertjeeuuhh is offline
    Gevorderd   Gertjeeuuhh's schermafbeelding
    Geregistreerd
    14 August 2005
    Locatie
    Meerbeke ( Ninove )
    Berichten
    271
    Bedankjes
    91
    Bedankt
    39 keer in 21 posts
    O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe D:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "D:\DOCUME~1\GERTSC~1\LOCALS~1\Temp\IXP000.TMP \"
    Srr maar die regel staat er niet bij
    Sig was te groot
« Vorige discussie | Volgende discussie »

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Problemen na klik op link.
    Door Gertjeeuuhh in forum Malware
    Reacties: 6
    Laatste bericht: 20 September 2006, 21:42
  2. d-link wireless pci adapter problemen
    Door boerken in forum Netwerken en internetproviders
    Reacties: 3
    Laatste bericht: 15 November 2005, 23:42
  3. link
    Door timberke in forum Internet
    Reacties: 1
    Laatste bericht: 10 September 2005, 10:35

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •  

Forumregels