Weergegeven resultaten: 1 t/m 10 van 10

Threaded View

  1. 27 June 2006, 16:42 #1
    compuchrisje
    compuchrisje is offline
    mam@minatica   compuchrisje's schermafbeelding
    Geregistreerd
    10 May 2005
    Locatie
    Waasland
    Berichten
    18.848
    Bedankjes
    15.658
    Bedankt
    37.040 keer in 15.355 posts

    'k Heb het vlaggen: smitfraud?

    Bij een download kreeg ik plots popups en waarschuwingen te zien, popupblocker deed het dus nie meer? Online scans gedaan, scan met norton AV, ewido security suite, adaware, regcleaner. Laten verwijderen wat ze konden verwijderen. Opnieuw opgestart in veilige modus, wéér ewido, adaware en norton laten draaien.
    Kom terug in normale modus, online en die spullen beginnen hier alwéér op te duiken. Ofwel iets met "Adult Friends" ofwel moet ik opeens een virusscanner of malware-destroyer kopen.
    Dit heeft Panda online er niet uit gehaald:

    Logje ervan


    Incident Status Location

    Adware:adware/emediacodec Not disinfected C:\WINDOWS\system32\atmclk.exe
    Adware:adware/xpasswordmanager Not disinfected C:\WINDOWS\system32\ld101.tmp
    Virus:Trj/Nebuler.A Disinfected Operating system
    Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\winspool.dll
    Adware:adware/emediacodec Not disinfected c:\windows\system32\atmclk.exe
    Adware:adware/xpasswordmanager Not disinfected c:\windows\system32\ld101.tmp
    Adware:adware/securityerror Not disinfected c:\windows\system32\ot.ico
    Adware:adware/spywarequake Not disinfected c:\windows\system32\1024\ld9FD4.tmp
    Adware:adware/winres Not disinfected c:\windows\winres.dll
    Spyware:spyware/virtumonde Not disinfected Windows Registry
    Adware:adware/cws Not disinfected Windows Registry
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\HP_Eigenaar\Cookies\hp_eigenaar@perf.over ture[1].txt

    Wat nu nog lastig doet is een stom flikkerend geel gevarendriehoekje. Soms floept er een browser open met heel kouwelijk aandoende madammekes, of dus aanbod om virusscanner te kopen.

    Thx alvast voor de hulp!!





    Dit is het resultaat van hjt-scan:

    Logfile of HijackThis v1.99.1
    Scan saved at 15:42:30, on 27/06/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\Program Files\Common Files\SolidDocuments\SolidPrintPDF\SolidPrintServi ce.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\UPHClean\uphclean.exe
    C:\WINDOWS\System32\dmadmin.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\taskswitch.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\VM_STI.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\WHATPU~1\WHATPU~1.EXE
    C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe
    C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
    C:\PROGRA~1\Webshots\webshots.scr
    C:\Program Files\Common Files\System\Mapi\1043\NT\MAPISP32.EXE
    C:\Program Files\Common Files\Symantec Shared\NMain.exe
    C:\PROGRA~1\NORTON~1\navw32.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dcomcfg.exe
    C:\WINDOWS\system32\atmclk.exe
    C:\Program Files\HJThis\HijackThis.exe
    C:\Program Files\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.copernic.com/explorer17/?l=DUT&e=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gva.be/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ONDERH~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp
    O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\fccbcbx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration977.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
    O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] C:\WINDOWS\is-7H9VO.exe /REG
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WhatPulse] C:\PROGRA~1\WHATPU~1\WHATPU~1.EXE
    O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: TrayMin300.exe.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1123922551708
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {6CCD4548-CA67-4A83-947C-AA950389E325} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\winspool.dll
    O20 - Winlogon Notify: fccbcbx - C:\WINDOWS\SYSTEM32\fccbcbx.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SolidPrintReadSpool (SpReadSpool) - VoyagerSoft, LLC - C:\Program Files\Common Files\SolidDocuments\SolidPrintPDF\SolidPrintServi ce.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

    Uiteindelijk ook het logje van Adaware-scan gevonden:

    ArchiveData(auto-quarantine- 2006-06-27 13-29-06.bckp)
    Referencefile : SE1R112 15.06.2006
    ================================================== ====
    MRU LIST
    »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»
    obj[0]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
    obj[1]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
    obj[2]=MRU RegReference : software\microsoft\directdraw\mostrecentapplicatio n name
    obj[3]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\microsoft\directinput\mostrecentappl ication name
    obj[4]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\microsoft\directinput\mostrecentappl ication id
    obj[5]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\microsoft\internet explorer download directory
    obj[6]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\microsoft\windows\currentversion\exp lorer\comdlg32\lastvisitedmru
    obj[7]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\microsoft\windows\currentversion\exp lorer\comdlg32\opensavemru\*
    obj[8]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\microsoft\windows\currentversion\exp lorer\recentdocs\.log
    obj[9]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\3dsmax
    obj[10]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\au_
    obj[11]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\avant
    obj[12]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\ccapp
    obj[13]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\copernic desktopsearch
    obj[14]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\devenv
    obj[15]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\Dialogs
    obj[16]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\Exceptio ns
    obj[17]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\explorer
    obj[18]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\helpctr
    obj[19]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\moviemk
    obj[20]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\msconfig
    obj[21]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\msdev
    obj[22]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\msn6
    obj[23]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\mspaint
    obj[24]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\navw32
    obj[25]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\nvappbar
    obj[26]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\nvdvd
    obj[27]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\nwiz
    obj[28]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\photosho p
    obj[29]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\rtvscan
    obj[30]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\rundll32
    obj[31]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\smartcen ter
    obj[32]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\spider
    obj[33]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\spyware-quake
    obj[34]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\taskmgr
    obj[35]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\toolbarx p
    obj[36]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\twisting o
    obj[37]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\ultramon taskbar
    obj[38]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\wab
    obj[39]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\whatpu~1
    obj[40]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\wmplayer
    obj[41]=MRU RegReference : S-1-5-21-3122512531-2429156697-1145858461-1008\software\nvidia corporation\global\nview\windowmanagement\y1123ou
    SPYFALCON
    »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»
    obj[10]=Process : C:\WINDOWS\system32\hvcycg.dll
    ISTBAR
    »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»
    obj[11]=Regkey : interface\{5cde145a-b6b9-408d-a8cc-f9ca040ba7a4}
    obj[12]=Regkey : typelib\{344ee577-2027-4714-82ff-0d7538488547}
    obj[17]=Regkey : aspfile\persistenthandler
    obj[18]=Regkey : software\microsoft\downloadmanager
    obj[19]=File : C:\System Volume Information\_restore{89F3906E-EC2B-460B-AE11-2F9FAB20AC86}\RP351\A0074135.dll
    SPYWAREQUAKE
    »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»
    obj[13]=Regkey : clsid\{5b55c4e3-c179-ba0b-b4fd-f2db862d6202}
    VIRTUMONDE
    »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»
    obj[14]=Regkey : clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}
    obj[15]=Regkey : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer \Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}
    TRACKING COOKIE
    »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»
    obj[16]=IECache Entry : Cookie:hp_eigenaar@perf.overture.com/
    Laatst gewijzigd door compuchrisje; 27 June 2006 om 16:46

    Helpers altijd welkom! Contacteer één van onze admins voor meer info.
« Vorige discussie | Volgende discussie »

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Spybot geeft Smitfraud-C
    Door papypc in forum Malware
    Reacties: 11
    Laatste bericht: 1 May 2006, 16:22
  2. Smitfraud dinges
    Door Nikolas in forum HijackThis
    Reacties: 11
    Laatste bericht: 4 January 2006, 13:25

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •  

Forumregels