Beste,
Ik probeer een vriend te helpen met PC-problemen.
Zijn PC staat momenteel bij mij thuis zodanig dat ik jullie instructies niet hoef door te geven maar eventueel zelf kan uitvoeren.
Het gaat over de volgende problemen:
1) CD-Writer gaat steeds open en toe !
2) DotComToolBarNL krijg ik niet verwijderd via Add/remove software.
Is een probleem van vroeger en schijnbaar heeft men er de laatste tijd geen last meer van, doch ik zou het toch graag verwijderd zien.
3) Spybot krijgt onderstaande items niet verwijderd / Ook niet in veilige mode !
3.1 ) Probleem AXIS = 2 items
3.2 ) Probleem COMMAND SERVICE = 2 items
3.3 ) Probleem SEXDIALER = 2 items
Hieronder de laatse Hijackthis Log :
Reeds op voorhand bedankt voor jullie hulp.
Frans
Logfile of HijackThis v1.98.2<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o></o
Scan saved at 16:56:16, on 2/11/2006<o
Platform: Windows XP (WinNT 5.01.2600)<o
MSIE: Internet Explorer v6.00 (6.00.2600.0000)<o
<o
Running processes:<o
C:\WINDOWS\System32\smss.exe<o
C:\WINDOWS\system32\winlogon.exe<o
C:\WINDOWS\system32\services.exe<o
C:\WINDOWS\system32\lsass.exe<o
C:\WINDOWS\system32\svchost.exe<o
C:\WINDOWS\System32\svchost.exe<o
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe<o
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe<o
C:\WINDOWS\system32\spoolsv.exe<o
C:\Program Files\Symantec AntiVirus\DefWatch.exe<o
C:\WINDOWS\System32\HPZipm12.exe<o
C:\WINDOWS\System32\svchost.exe<o
C:\Program Files\Symantec AntiVirus\Rtvscan.exe<o
C:\WINDOWS\Explorer.EXE<o
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe<o
C:\Program Files\HijackThis.exe<o
<o
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank<o
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)<o
R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)<o
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe<o
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html<o
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html<o
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html<o
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html<o
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html<o
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html<o
O15 - Trusted Zone: *.adgate.info<o
O15 - Trusted Zone: *.adsextend.net<o
O15 - Trusted Zone: *.dollarrevenue.com<o
O15 - Trusted Zone: *.elitemediagroup.net<o
O15 - Trusted Zone: *.matcash.com<o
O15 - Trusted Zone: *.media-motor.com<o
O15 - Trusted Zone: *.mediatickets.net<o
O15 - Trusted Zone: *.snipernet.biz<o
O15 - Trusted Zone: *.systemdoctor.com<o
O15 - Trusted Zone: *.winantivirus.com<o
<o
Weergegeven resultaten: 1 t/m 10 van 12
Discussie: CD-Writer met eigen leven + ......
-
2 November 2006, 18:46 #1Beginner
- Geregistreerd
- 2 November 2006
- Berichten
- 6
- Bedankjes
- 3
- Bedankt
- 0 keer in 0 posts
CD-Writer met eigen leven + ......
-
2 November 2006, 18:52 #2Erelid/Spyware Slayer
- Geregistreerd
- 10 May 2005
- Locatie
- Heppen
- Berichten
- 1.188
- Bedankjes
- 25
- Bedankt
- 169 keer in 142 posts
Hi,
Je gebruikt een oude versie van hijackthis. Verwijder die even, en maak dan een logje met de nieuwe versie.
Je kan ze vinden op http://computercops.biz/downloads-file-328.html
Ik kan je wellicht vandaag geen instructies meer geven, aangezien ik dadelijk moet gaan werken, maar we komen er wel uit
Killing the beasts inside your paradise since 2004
-
De volgende gebruiker bedankt Beamerke voor deze nuttige post:
FransN ( 3 November 2006)
-
3 November 2006, 10:02 #3Beginner
- Geregistreerd
- 2 November 2006
- Berichten
- 6
- Bedankjes
- 3
- Bedankt
- 0 keer in 0 posts
Hallo,
Hieronder het nieuwe bestandje, ik had idd een verouderde versie :
Groeten,
Frans
Logfile of HijackThis v1.99.1<o></o>
Scan saved at 8:31:37, on 3/11/2006<o></o>
Platform: Windows XP (WinNT 5.01.2600)<o></o>
MSIE: Internet Explorer v6.00 (6.00.2600.0000)<o></o>
<o> </o>
Running processes:<o></o>
C:\WINDOWS\System32\smss.exe<o></o>
C:\WINDOWS\system32\winlogon.exe<o></o>
C:\WINDOWS\system32\services.exe<o></o>
C:\WINDOWS\system32\lsass.exe<o></o>
C:\WINDOWS\system32\svchost.exe<o></o>
C:\WINDOWS\System32\svchost.exe<o></o>
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe<o></o>
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe<o></o>
C:\WINDOWS\system32\spoolsv.exe<o></o>
C:\Program Files\Symantec AntiVirus\DefWatch.exe<o></o>
C:\WINDOWS\System32\HPZipm12.exe<o></o>
C:\WINDOWS\System32\svchost.exe<o></o>
C:\Program Files\Symantec AntiVirus\Rtvscan.exe<o></o>
C:\WINDOWS\Explorer.EXE<o></o>
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe<o></o>
C:\Documents and Settings\Daphne\Bureaublad\HijackThis.exe<o></o>
<o> </o>
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank<o></o>
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)<o></o>
R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)<o></o>
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe<o></o>
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html<o></o>
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html<o></o>
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html<o></o>
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html<o></o>
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html<o></o>
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html<o></o>
O15 - Trusted Zone: *.adgate.info<o></o>
O15 - Trusted Zone: *.adsextend.net<o></o>
O15 - Trusted Zone: *.dollarrevenue.com<o></o>
O15 - Trusted Zone: *.elitemediagroup.net<o></o>
O15 - Trusted Zone: *.matcash.com<o></o>
O15 - Trusted Zone: *.media-motor.com<o></o>
O15 - Trusted Zone: *.mediatickets.net<o></o>
O15 - Trusted Zone: *.snipernet.biz<o></o>
O15 - Trusted Zone: *.systemdoctor.com<o></o>
O15 - Trusted Zone: *.winantivirus.com<o></o>
O15 - Trusted Zone: *.adgate.info (HKLM)<o></o>
O15 - Trusted Zone: *.adsextend.net (HKLM)<o></o>
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)<o></o>
O15 - Trusted Zone: *.elitemediagroup.net (HKLM)<o></o>
O15 - Trusted Zone: *.matcash.com (HKLM)<o></o>
O15 - Trusted Zone: *.media-motor.com (HKLM)<o></o>
O15 - Trusted Zone: *.mediatickets.net (HKLM)<o></o>
O15 - Trusted Zone: *.snipernet.biz (HKLM)<o></o>
O15 - Trusted Zone: *.systemdoctor.com (HKLM)<o></o>
O15 - Trusted Zone: *.winantivirus.com (HKLM)<o></o>
O15 - Trusted IP range: 64.127.104.144<o></o>
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone<o></o>
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe<o></o>
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe<o></o>
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe<o></o>
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe<o></o>
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe<o></o>
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe<o></o>
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe<o></o>
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe<o></o>
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe<o></o>
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe<o></o>
<o> </o>
-
3 November 2006, 10:16 #4Erelid/Spyware Slayer
- Geregistreerd
- 10 May 2005
- Locatie
- Heppen
- Berichten
- 1.188
- Bedankjes
- 25
- Bedankt
- 169 keer in 142 posts
Hoi,
Sluit alle open vensters, run HijackThis nog een keer en plaats een vinkje bij de volgende items:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank>>
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)>>
R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)>>
O15 - Trusted Zone: *.adgate.info>>
O15 - Trusted Zone: *.adsextend.net>>
O15 - Trusted Zone: *.dollarrevenue.com>>
O15 - Trusted Zone: *.elitemediagroup.net>>
O15 - Trusted Zone: *.matcash.com>>
O15 - Trusted Zone: *.media-motor.com>>
O15 - Trusted Zone: *.mediatickets.net>>
O15 - Trusted Zone: *.snipernet.biz>>
O15 - Trusted Zone: *.systemdoctor.com>>
O15 - Trusted Zone: *.winantivirus.com>>
O15 - Trusted Zone: *.adgate.info (HKLM)>>
O15 - Trusted Zone: *.adsextend.net (HKLM)>>
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)>>
O15 - Trusted Zone: *.elitemediagroup.net (HKLM)>>
O15 - Trusted Zone: *.matcash.com (HKLM)>>
O15 - Trusted Zone: *.media-motor.com (HKLM)>>
O15 - Trusted Zone: *.mediatickets.net (HKLM)>>
O15 - Trusted Zone: *.snipernet.biz (HKLM)>>
O15 - Trusted Zone: *.systemdoctor.com (HKLM)>>
O15 - Trusted Zone: *.winantivirus.com (HKLM)>>
O15 - Trusted IP range: 64.127.104.144>>
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone>>
Klik daarna op "Fix checked" en sluit HijackThis af.
Download VundoFix.exe naar je bureaublad.- Dubbelklik op VundoFix.exe om het te starten.
- Klik de Scan for Vundo knop.
- Wanneer het scannen is gedaan, klik de Remove Vundo knop.
- Je zal de vraag gesteld worden of je de gevonden bestanden wilt laten verwijderen, klik YES
- Eenmaal je op Yes geklikt hebt zal je bureaublad verdwijnen (dit is normaal) en zal het tooltje Vundo verwijderen.
- Na het verwijderen zal je de melding krijgen dat het je computer gaat uitzetten. Klik OK.
- Start je computer opnieuw op.
- Post de inhoud van vundofix.txt die je op je *C:\ zal vinden samen met een nieuw hijackthislogje.
Killing the beasts inside your paradise since 2004
-
3 November 2006, 15:15 #5Beginner
- Geregistreerd
- 2 November 2006
- Berichten
- 6
- Bedankjes
- 3
- Bedankt
- 0 keer in 0 posts
Hallo,
Bovenstaande instructies zijn uitgevoerd.
Zoals je kunt lezen heeft Vundofix geen problemen gevonden.
Daardoor is Vundofix op mijn bureaublad blijven staan, maar dat zal wel geen probleem zijn natuurlijk !
Nieuw Logfiletje van Hijackthis gerund en toegevoegd.
Thanks,
Frans
************************
VundoFix V6.2.6
Checking Java version...
Java version is 1.5.0.6
Scan started at 13:57:00 3/11/2006
Listing files found while scanning....
No infected files were found.
Beginning removal...
***********************
Logfile of HijackThis v1.99.1<o></o>
Scan saved at 14:06:01, on 3/11/2006<o></o>
Platform: Windows XP (WinNT 5.01.2600)<o></o>
MSIE: Internet Explorer v6.00 (6.00.2600.0000)<o></o>
<o> </o>
Running processes:<o></o>
C:\WINDOWS\System32\smss.exe<o></o>
C:\WINDOWS\system32\winlogon.exe<o></o>
C:\WINDOWS\system32\services.exe<o></o>
C:\WINDOWS\system32\lsass.exe<o></o>
C:\WINDOWS\system32\svchost.exe<o></o>
C:\WINDOWS\System32\svchost.exe<o></o>
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe<o></o>
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe<o></o>
C:\WINDOWS\system32\spoolsv.exe<o></o>
C:\Program Files\Symantec AntiVirus\DefWatch.exe<o></o>
C:\WINDOWS\System32\HPZipm12.exe<o></o>
C:\WINDOWS\System32\svchost.exe<o></o>
C:\Program Files\Symantec AntiVirus\Rtvscan.exe<o></o>
C:\WINDOWS\Explorer.EXE<o></o>
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe<o></o>
C:\Documents and Settings\Daphne\Bureaublad\HijackThis.exe<o></o>
<o> </o>
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe<o></o>
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html<o></o>
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html<o></o>
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html<o></o>
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html<o></o>
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html<o></o>
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html<o></o>
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe<o></o>
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe<o></o>
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe<o></o>
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe<o></o>
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe<o></o>
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe<o></o>
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe<o></o>
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe<o></o>
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe<o></o>
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe<o></o>
<o> </o>
-
3 November 2006, 18:13 #6Erelid/Spyware Slayer
- Geregistreerd
- 10 May 2005
- Locatie
- Heppen
- Berichten
- 1.188
- Bedankjes
- 25
- Bedankt
- 169 keer in 142 posts
Vundofix mag je terug verwijderen dan hoor
Doe hetvolgende ook nog eens even:
Download en installeer AVG Anti-Spyware.
Na de installatie open je AVG Anti-Spyware:
- onder 'Status' klik je naast 'Resident shield' op Change state. (deze moet op 'Inactive' komen te staan)
- onder 'Update' klik je bij 'Manual update' op de knop Start update.
- onder 'Scanner' ga je naar de tab 'Settings' en wijzig je het volgende:- - onder 'How to act?', klik je op 'Recommended actions' en selecteer je Quarantine.
- Onder 'Reports', selecteer je Automatically generate report after every scan en verwijder je het vinkje bij Only if threats were found.
- Sluit AVG Anti-Spyware. Laat het nog niet scannen.
Start de computer op in veilige modus. Hoe je dit doet kan je hier lezen.
Start AVG Anti-Spyware.
- Klik op 'Scanner'.
- Klik op 'Complete system scan'.
AVG Anti-Spyware gaat nu je volledige computersysteem scannen.
- Als de scan beëindigd is, klik je onderaan op de knop Apply all Actions.
- Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop 'Save Report'. Het rapport van de scan wordt nu opgeslagen in de map C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports
Klik je op de knop 'Save report as' dan krijg je de mogelijkheid om het rapportje op een andere plaats op te slaan. (bv je bureaublad)
- Sluit AVG Anti-Spyware af.
Post het rapport van AVG Anti-SpywareKilling the beasts inside your paradise since 2004
-
5 November 2006, 16:06 #7Beginner
- Geregistreerd
- 2 November 2006
- Berichten
- 6
- Bedankjes
- 3
- Bedankt
- 0 keer in 0 posts
Hallo,
Bovenstaande opdracht werd ook uitgevoerd :
AVG Anti-Spyware heeft idd nogal wat gevonden en opgelost:
Zal hierna Spybot nogmaals laten lopen en zien of het daar verbeterd is.
Wat dat open en toe gaan van de Writer betreft dat is blijkbaar niet verholpen want die is momenteel volop bezig : soms een hele tijd niet en dan plots begint het spelleke weer opnieuw. ( Nu weer even gestopt .... oeioeioei daar gaat ie weer ....)
Hieronder het resultaat van AVG Anti-Spyware.
Tot binnenkort zeker ?
Grten en tof dat er mensen zijn zoals jullie,
Frans
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 14:49:33 5/11/2006
+ Scan result:
C:\WINDOWS\LastGood\banner.dll -> Adware.Banex : Cleaned with backup (quarantined).
C:\WINDOWS\system32\rqywdlk.exe -> Adware.CallingHome : Cleaned with backup (quarantined).
C:\WINDOWS\system32\OMsetup.exe -> Adware.ClientMan : Cleaned with backup (quarantined).
C:\WINDOWS\system32\cm1.dll -> Adware.ClientMan : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{0375DB0B-A138-898A-8565-1BE75E94375A} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{0652D47D-1C86-4A6E-368E-FC2CE7424D23} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{089D9145-FEBB-50AC-FF3F-B6FA52F8C65F} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{0FB0923E-A1A6-3424-9851-3C3801EB6314} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{137FBD76-C94E-29D8-CB88-FB29E07E3C8E} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{14F3941F-5396-4763-3BC9-D729D4A66E1A} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{19915FBD-83F1-27DA-3219-B044C7088F73} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{1CC69D4C-66FB-6633-669A-520869DCC675} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{1F78C92C-4C19-8C99-63B8-180F8DEADFA6} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{1FA8D016-1C73-BC8D-6A16-70E4A2EE58A2} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{20881ADC-7FCB-1C96-735F-EB9B62875CFC} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{2C25935F-49EF-D9FD-6C65-92C16EF26196} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{3C21EAED-F454-E176-15F0-6596002902B8} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{3D3177E3-B283-0367-5485-9DB32FC7FD05} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{3FC5F00B-0204-AD29-6D02-6C41C7707FDF} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{40085C16-35C4-5F0D-036A-9FC8A0C0F05C} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{484906C5-5673-80DC-0AC6-EE6009066FA7} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{48522E44-2657-63AA-D1A5-88BD8F6F6BCB} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{4D5BBF6A-0570-9AEB-7CDD-166B29D852B6} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{4D7B8768-BCF5-9381-1A51-C155E896D002} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{513F6EAA-2122-D8F1-1E93-77F1B9D55F4B} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{5516BFA5-EE96-EDEC-25BE-662B5516C656} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{5C19DA3A-627A-8F16-BA65-30D8566CB9E4} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{6D9E2D31-EB57-F24B-9B0F-61D4FA3DB1F4} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{744A16C6-2CBC-9842-0B28-DA72A989C3AB} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{83B938F6-F9C9-99A7-F5D7-08A5CE8EF0D7} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{85F175D1-7DD4-EDE0-8831-656AB0899A5E} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{87842630-AA24-E369-2329-D8F2628A7285} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{9881766B-AC45-48F1-1D4D-A6D6FCA17707} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{A676B660-3AAC-86ED-A0B2-6563C0AF3188} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{A830E705-7E69-B58C-5DBF-66FA538988C5} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{B26E180E-6248-2EE2-55AE-C6CB785F21C4} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{B30E47DA-686A-F6BD-2D76-4574041F4B05} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{B81CB9C1-88EE-BD54-B5A0-0D6FA7436CEA} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{B85144EE-6B1E-BDAB-F01C-4A7E2CE7AA46} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{BC931433-EABB-81AE-9413-97B9B278852A} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{BE12335B-881A-0FCD-A8A0-EB254F8E97FE} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{C48830C6-79F9-D04B-0876-061AF15F2321} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{C5092BEB-4984-01C4-0072-AE8C438F205B} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{CA88FA5E-80B4-BF81-57E7-74BD79FA38EB} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{CCD9CE33-BFC8-EDD7-1387-B049AA144CB9} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{CDB321C3-65E6-FD4B-0966-70348178E22A} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{D6F96C8F-4512-A517-5DA8-FB1C35C3D1C0} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{D9AC509D-1E9F-D513-D75E-449AC8A46BE2} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{E094EFAF-213F-3C45-33AF-72854344A750} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{E85FF69A-EC3D-866C-6F46-15461BCC7062} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{F0F99313-97A7-5376-9365-6479CBB57457} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{F1AFF455-C4AD-46E3-1990-97F1E91C5B7B} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{F46D5586-D033-2927-E708-C4C5ADFCAD24} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{F8B9848E-DD4B-7336-C734-7E561B0875DB} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{FC5F4FD2-9814-9658-709F-821EB79F97AB} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1\Level_0\Seqn_4492 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices\Queue -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices\Status -> Adware.Cydoor : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Dsi -> Adware.Delfin : Cleaned with backup (quarantined).
HKLM\SOFTWARE\DeluxeCommunications -> Adware.DeluxeCommunications : Cleaned with backup (quarantined).
HKLM\SOFTWARE\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\DeluxeCommunications -> Adware.DeluxeCommunications : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Cleaned with backup (quarantined).
C:\WINDOWS\system32\Xcite.exe -> Adware.F1Organizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTbarISTbar -> Adware.HotBar : Cleaned with backup (quarantined).
C:\WINDOWS\system\BHO.DLL -> Adware.IGetNet : Cleaned with backup (quarantined).
C:\WINDOWS\system\Install_All.DLL -> Adware.IGetNet : Cleaned with backup (quarantined).
C:\WINDOWS\system\RSP001.DLL -> Adware.IGetNet : Cleaned with backup (quarantined).
C:\WINDOWS\system\Update_com.DLL -> Adware.IGetNet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Cleaned with backup (quarantined).
C:\WINDOWS\system32\HKZidr12.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\LGodcCMP.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\MBC71FRA.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\MJC71ENU.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\PVBDLG.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\SY5X_32.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\SfOrder.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\SpmNeti.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ajmtd.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ajrace.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\altodisc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\amphelp.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\avsmsext.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\aztodisc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\bnowseui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\bpowselc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\brackbox.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dbound3d.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\djcpmon.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dlmstor.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dxsshlex.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\efrql1951.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\en0ol1d31.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ennml1511.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\enrql1951.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\f2l02c3mgf.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\g4lm0e31eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\hedserv.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\hjovst08.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\hlzsnt12.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\hr2005fme.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\iempagnt.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\il41_qcx.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\imetcomm.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\imrnonce.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\irl2l53o1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\iysutil.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\jVvacypt.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\jlbexec.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\kkdhu.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\korberos.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\krduzb.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ksdusr.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\l6l60g3se6.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mcswch.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mhrepl40.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\micsubs.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mmiseq.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mvdrv.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mviseq.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mxcpxl32.dLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mzgsvc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\nDrrhook.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\nfxpnt.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\njtlogon.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\nltfxperf.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\notlogon.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\nvevtmsg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\o2840clqefqe0.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ophlp30e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\orhlp30e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\otepro32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\p26slcj71fo.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\pagfilt.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\pqflbmsg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\qwdwipes.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\r0p80a7ued.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\rQssapi.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\rZcpldlg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\sXfrslv.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\slarddlg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\slncui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\snbrccsp.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\srorage.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\stbiop.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\swimgvw.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\swlwoa.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\tYpi32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\tcflog.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\utrrtosa.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wD012fe4.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wehtcpip.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wgadmod.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wtnstrm.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wwcltui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wybhits.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\zppfldr.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system\UpdInstall.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\SHAgent.dll -> Adware.Sahat : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ctbv2.dll -> Adware.Sahat : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
C:\WINDOWS\system32\SbCIe026.dll -> Adware.SideStep : Cleaned with backup (quarantined).
C:\WINDOWS\system32\SideStep.exe -> Adware.SideStep : Cleaned with backup (quarantined).
C:\WINDOWS\system32\SideStep026.exe -> Adware.SideStep : Cleaned with backup (quarantined).
C:\Program Files\Deskbar -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Program Files\Deskbar\inst.bat -> Adware.Softomate : Cleaned with backup (quarantined).
C:\WINDOWS\system32\httppost.exe -> Adware.SpecialOffers : Cleaned with backup (quarantined).
C:\Documents and Settings\Maria\Menu Start\Programma's\UCmore - The Search Accelerator -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Maria\Menu Start\Programma's\UCmore - The Search Accelerator\How To Uninstall.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Maria\Menu Start\Programma's\UCmore - The Search Accelerator\UCmore - The Search Accelerator.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Maria\Menu Start\Programma's\UCmore - The Search Accelerator\UCmore Tour.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Menu Start\Programma's\UCmore - The Search Accelerator -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Menu Start\Programma's\UCmore - The Search Accelerator\How To Uninstall.lnk -> Adware.Ucmore : Error during cleaning.
C:\Documents and Settings\Melissa\Menu Start\Programma's\UCmore - The Search Accelerator\UCmore - The Search Accelerator.lnk -> Adware.Ucmore : Error during cleaning.
C:\Documents and Settings\Melissa\Menu Start\Programma's\UCmore - The Search Accelerator\UCmore Tour.lnk -> Adware.Ucmore : Error during cleaning.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\MediaPassX.dll -> Adware.WinAD : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\PrevAdX.dll -> Adware.WinAD : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20060412-094358-560.dll -> Dialer.Creazione.x : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\GMSoft -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1294642078-3689853989-222395546-1010\Software\SCom -> Dialer.Generic : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\installer_MEDIAWHIZ6.exe -> Downloader.Adload.a : Cleaned with backup (quarantined).
C:\WINDOWS\6816BadPixelInfo.txt:lycab -> Downloader.Agent.al : Cleaned with backup (quarantined).
C:\WINDOWS\Compaq Ruby.BMP:chgul -> Downloader.Agent.al : Cleaned with backup (quarantined).
C:\WINDOWS\ODBC.INI:kyjgy -> Downloader.Agent.al : Cleaned with backup (quarantined).
C:\WINDOWS\Prairie.bmp:vdwuc -> Downloader.Agent.al : Cleaned with backup (quarantined).
C:\WINDOWS\SIERRA.INI:qhphn -> Downloader.Agent.al : Cleaned with backup (quarantined).
C:\WINDOWS\Zeepbellen.bmp:orswj -> Downloader.Agent.al : Cleaned with backup (quarantined).
C:\WINDOWS\ca533a.ini:wfaoa -> Downloader.Agent.al : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20041204-194123-967.dll -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20041204-194559-736.dll -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20041204-201533-401.dll -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20041204-212034-784.dll -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20041204-234114-302.dll -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Blauw 16.bmp:nqqmb -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Compaq Amber.BMP:jgopj -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Compaq Sapphire.BMP:zgdyx -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Kopje koffie.bmp:sxhet -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\ODBCINST.INI:nchol -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Setup1.exe:rwilw -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Setup2k.ini:otjwp -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Setup533.ini:fsxub -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Setup533.ini:gvxnf -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Zapotec.bmp:vdjkd -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\_default.pif:tyjuh -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\bootstat.dat:knpzq -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\msdfmap.ini:jshgs -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\mxtarget.ini:anfjt -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\pavsig.txt:vqebf -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\winhlp32.exe:sckjg -> Downloader.Agent.ap : Cleaned with backup (quarantined).
C:\WINDOWS\Dusb4ar.ini:naywl -> Downloader.Agent.bc : Cleaned with backup (quarantined).
C:\WINDOWS\Ausba4.dll:dqyhz -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\Ausba4.dll:zmmgt -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\Compaq Waterblue.BMP:aixac -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\SDSALRES.dll:uqmjf -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\Zapotec.bmp:zqzan -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\craw32.dll:mlzjy -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\mickey32.dll:jnlyn -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\msxmidi.exe.js:rcdaj -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\orun32.ini:cpuwd -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\regedit.exe:cyahk -> Downloader.Agent.bq : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\YSBactivex.dll -> Downloader.IstBar : Cleaned with backup (quarantined).
C:\Program Files\Common Files\oqrz\oqrzd\vocabulary -> Downloader.TSUpdate.j : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\OEWABLog.txt:ojmro -> Downloader.WinShow.ak : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\ocgen.log:bzdkn -> Downloader.WinShow.ak : Cleaned with backup (quarantined).
C:\WINDOWS\Groensteen.bmp:qmlmt -> Downloader.WinShow.ak : Cleaned with backup (quarantined).
C:\WINDOWS\Zapotec.bmp:eejzf -> Downloader.WinShow.ak : Cleaned with backup (quarantined).
C:\WINDOWS\winnt256.bmp:iivkl -> Downloader.WinShow.ak : Cleaned with backup (quarantined).
C:\WINDOWS\wmprfNLD.prx:optgp -> Downloader.WinShow.ak : Cleaned with backup (quarantined).
C:\WINDOWS\system32\nostalgia.dll -> Dropper.Agent.og : Cleaned with backup (quarantined).
C:\WINDOWS\system32\lw.dll -> Dropper.Mudrop.w : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\IEService\v28.exe -> Dropper.VB.cd : Cleaned with backup (quarantined).
C:\Program Files\Windows Media Player\wmplayer.exe.tmp -> Dropper.VB.cd : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20041204-194125-243.dll -> Hijacker.Adpower.a : Cleaned with backup (quarantined).
C:\Program Files\backups\backup-20050118-181858-260.dll -> Hijacker.Adpower.a : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UERSM_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX5_0001_N56M0311NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.c : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX5_0001_N56M0311NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.c : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWFX5_0001_N56M0311NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.c : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UERSM_0001_N68M1602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup (quarantined).
C:\Program Files\Common Files\Dpi\dpi.exe -> Not-A-Virus.NetTool.Win32.Dpi : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Cookies\melina@abetterintern et[1].txt -> TrackingCookie.Abetterinternet : Cleaned.
C:\Documents and Settings\LocalService\Cookies\melina@cliks[1].txt -> TrackingCookie.Cliks : Cleaned.
C:\Documents and Settings\LocalService\Cookies\system@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\WINDOWS\system32\cp.exe -> Trojan.Dialer.cp : Cleaned with backup (quarantined).
C:\WINDOWS\system32\hit.exe -> Trojan.Dialer.dv : Cleaned with backup (quarantined).
C:\Documents and Settings\Daphne\Local Settings\Application Data\Microsoft\Internet Explorer\V0.26.dat -> Trojan.Dialer.fy : Cleaned with backup (quarantined).
::Report end
-
5 November 2006, 17:53 #8Erelid/Spyware Slayer
- Geregistreerd
- 10 May 2005
- Locatie
- Heppen
- Berichten
- 1.188
- Bedankjes
- 25
- Bedankt
- 169 keer in 142 posts
Ok, daar staat inderdaad nog wat rotzooi op
Deïnstalleer eerst Kazaa.
Start daarna de computer op in veilige modus. Hoe je dit doet kan je hier lezen.
Verwijder dan de volgende mappen:
C:\Program Files\backups
C:\WINDOWS\Downloaded Program Files\CONFLICT.1
C:\WINDOWS\Downloaded Program Files\CONFLICT.2
C:\WINDOWS\Downloaded Program Files\CONFLICT.3
C:\Program Files\Common Files\Dpi
C:\Documents and Settings\Melissa\Menu Start\Programma's\UCmore
Herstart de pc terug in normale modus.
Download Combofix naar je bureaublad.
Dubbelklik combo.exe
Volg de instructies.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix gedaan heeft en na herstart, zal de log combofix.txt openen.
Plaats deze log in je volgende post samen met een nieuw hijackthislog.Killing the beasts inside your paradise since 2004
-
5 November 2006, 22:21 #9Beginner
- Geregistreerd
- 2 November 2006
- Berichten
- 6
- Bedankjes
- 3
- Bedankt
- 0 keer in 0 posts
Kazaa verwijderd, er stonden enkel nog wat linken : blijkbaar werd dit programma vroeger al eens verwijderd :
OK VERWIJDERD - C:\Program Files\backups
NIET GEVONDEN - C:\WINDOWS\Downloaded Program Files\CONFLICT.1
NIET GEVONDEN - C:\WINDOWS\Downloaded Program Files\CONFLICT.2
NIET GEVONDEN - C:\WINDOWS\Downloaded Program Files\CONFLICT.3
OK VERWIJDERD - C:\Program Files\Common Files\Dpi
OK DOCH NIET VIA VEILIGE MODE / TOEGANG TOT MENU START WERD GEWEIGERD - C:\Documents and Settings\Melissa\Menu Start\Programma's\UCmore
Daar de Writer in veilige mode ook bleef reageren heb ik hem verwijderd en een ander exemplaar gemonteerd : Tot op dit moment geen problemen meer gehad : Misschien was het wel een hardware probleem ipv een software !
Mijn eerste gedacht was dat het softwarematig moest zijn daar het zo onregelmatig was ......... maar misschien is dat probleem nu wel van de baan !
Hieronder resultaat Combofix en Hijackthis
Grten,
Frans
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Daphne\Bureaublad"
((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\Maria\Application Data\Sskdmns.dll
C:\Documents and Settings\Maria\Application Data\Sskknwrd.dll
C:\Documents and Settings\Maria\Application Data\Sskuknwrd.dll
C:\Documents and Settings\Melina\Application Data\Sskdmns.dll
C:\Documents and Settings\Melissa\Application Data\Sskknwrd.dll
C:\Documents and Settings\Daphne\Application Data\Dxcknwrd.dll
C:\Documents and Settings\Daphne\Application Data\Dxcuknwrd.dll
C:\Documents and Settings\Jules\Application Data\Dxcknwrd.dll
C:\Documents and Settings\Jules\Application Data\Dxcuknwrd.dll
C:\Documents and Settings\Maria\Application Data\Dxcknwrd.dll
C:\Documents and Settings\Maria\Application Data\Dxcuknwrd.dll
C:\Documents and Settings\Melina\Application Data\Dxcknwrd.dll
C:\Documents and Settings\Melissa\Application Data\Dxcknwrd.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\w001491a.dll
C:\WINDOWS\system32\w0016bf3.dll
C:\WINDOWS\system32\w0017f0e.dll
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\Common Files\{BC094264-04AB-2067-1018-010430200020}
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\QooBox\Purity\WINDOWS\system32\MANTEC~1
((((((((((((((((((((((((((((((( Files Created from 2006-10-05 to 2006-11-05 ))))))))))))))))))))))))))))))))))
2006-11-05 12:04 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))
2006-11-05 21:02 -------- d-------- C:\Program Files\Common Files
2006-11-05 20:57 -------- d-------- C:\Program Files\Mozilla Firefox
2006-11-05 20:55 -------- d-------- C:\Program Files\Symantec AntiVirus
2006-11-05 19:34 -------- d-------- C:\Program Files\backups
2006-11-05 12:04 -------- d-------- C:\Program Files\Grisoft
2006-11-03 08:29 27136 --ahs---- C:\Program Files\Thumbs.db
2006-10-23 14:32 -------- d-------- C:\Program Files\Common Files\oqrz
2006-10-22 16:57 -------- d-------- C:\Documents and Settings\Daphne\Application Data\MSN6
2006-10-19 19:22 -------- d-------- C:\Documents and Settings\Daphne\Application Data\Sun
2006-10-13 18:41 -------- d-------- C:\Program Files\Java
2006-10-13 18:39 -------- d-------- C:\Program Files\Common Files\Java
2006-10-02 09:07 -------- d-------- C:\Documents and Settings\Daphne\Application Data\Real
2006-10-02 09:05 -------- d-------- C:\Program Files\Common Files\xing shared
2006-10-02 09:04 -------- d-------- C:\Program Files\Real
2006-10-02 09:04 -------- d-------- C:\Program Files\Common Files\Real
2006-10-01 16:32 -------- d-------- C:\Program Files\CCleaner
2006-10-01 16:15 -------- d-------- C:\Program Files\Google
2006-09-30 17:18 -------- d-------- C:\Program Files\Internet Explorer
2006-09-13 22:13 234050 -r--s---- C:\WINDOWS\system32\n48olel31hq.dll
2006-08-22 15:53 56940 --a------ C:\WINDOWS\system32\yzh62541.dll
2006-08-18 08:07 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2006-08-16 09:39 2 --a------ C:\WINDOWS\system32\wnsinttr.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"MMTray"="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EX E"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EX E"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"NoDispScrSavPage"=dword:00000000
"NoDispSettingsPage"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoInstrumentation"=dword:00000000
"NoToolbarCustomize"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoCDBurning"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\run]
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: 06-11-05 21:05:35.78
C:\ComboFix.txt ... 06-11-05 21:05
*********************************
Logfile of HijackThis v1.99.1
Scan saved at 21:07:51, on 5/11/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Documents and Settings\Daphne\Bureaublad\HijackThis.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
-
6 November 2006, 20:39 #10Erelid/Spyware Slayer
- Geregistreerd
- 10 May 2005
- Locatie
- Heppen
- Berichten
- 1.188
- Bedankjes
- 25
- Bedankt
- 169 keer in 142 posts
LOL!!
Het kon in ieder geval geen kwaad om een logje te plaatsen, want we hebben er ondertussen toch heel wat vuiligheid afgehaald
Laat ons hopen dat het een hardwareprobleem was, en dat de cd-rom nu kalm blijft
Je zou op die pc wel DRINGEND de windows updates moeten doen, want die zijn hopeloos verouderd, en daardoor blijft dat systeem dus zeer kwetsbaar
Killing the beasts inside your paradise since 2004
-
De volgende gebruiker bedankt Beamerke voor deze nuttige post:
FransN ( 7 November 2006)
Discussie informatie
Users Browsing this Thread
Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)
Soortgelijke discussies
-
Ons leven is een trein !!!
Door Mp3Tjoeper in forum OfficeReacties: 20Laatste bericht: 7 March 2006, 09:07
Regels voor berichten
- Copyright © 2004 - 2019, Minatica.be
-
Powered by vBulletin®, versie 4.2.2
Copyright © 2024 vBulletin Solutions, Inc. - Design door Gert Bangels
Favorieten/bladwijzers