Automove.exe Trojan (vreemd!!) - Privacy en beveiliging

maandag 5 juli 2004 17:16

Acties:

Verwijderd

Topicstarter

Ik krijg wanneer ik een programma wilt openen de volgende fout melding:

"Er is voor deze bewerking geen programma aan het opgegeven bestand gekoppeld. Maak een koppeling via het onderdeel Mapopties van het confriguratiescherm"

De reden dat deze programma;s niet te openen zijn komt vanwege een Trojan die wel word gevonden door mijn Trojan Guarder en verwijderd, maar elke 5 minuten weer terug komt. Ik wil graag permanent verlost worden van deze Trojan.

Ook krijg ik om de 2 minuten een pop-up!

Spybot en adware al geprobeerd maar die krijgen hem er niet uit!!

Wie weet wat dit voor trojan is en waar hij zich verstopt??

maandag 5 juli 2004 17:17

Acties:

Godjira

To infinity and beyond!

Draai HijackThis eens en post daarvan de log, dan kunnen we meer zien.

Profile

maandag 5 juli 2004 17:24

Acties:

Verwijderd

Topicstarter

Heb hier de LOG van Adware (zijn er veel bestanden omdat ik laatst ivm problemen ze had laten recoveren)

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :maandag 5 juli 2004 17:17:31
Created with Ad-aware Personal, free for private use.
Using reference-file :01R298 20.04.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry

5-7-2004 17:17:31 - Scan started. (Smart mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 5-7-2004 15:10:26
BasePriority : Normal

#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 5-7-2004 15:10:43
BasePriority : High

#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 5-7-2004 15:10:44
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services en controllertoepassingen
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Besturingssysteem Microsoft
Created on : 7-9-2001 12:00:00
Last accessed : 5-7-2004 14:48:58
Last modified : 7-9-2001 12:00:00

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 5-7-2004 15:10:44
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 7-9-2001 12:00:00
Last accessed : 5-7-2004 14:49:06
Last modified : 9-9-2002 21:08:40

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 5-7-2004 15:10:46
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 7-9-2001 12:00:00
Last accessed : 5-7-2004 15:06:11
Last modified : 7-9-2001 12:00:00

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 5-7-2004 15:10:46
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 7-9-2001 12:00:00
Last accessed : 5-7-2004 15:06:11
Last modified : 7-9-2001 12:00:00

#:7 [szntsvc.exe]
FilePath : C:\Program Files\STOPzilla!\
ThreadCreationTime : 5-7-2004 15:10:46
BasePriority : Normal
FileSize : 68 KB
FileVersion : 3, 1, 2, 0
ProductVersion : 3, 1, 2, 0
Copyright : Copyright
CompanyName : International Software Systems Solutions
FileDescription : STOPzilla NT Service
InternalName : SZNTSvc.exe
OriginalFilename : SZNTSvc.exe
Created on : 17-3-2004 4:07:52
Last accessed : 5-7-2004 14:43:57
Last modified : 17-3-2004 4:07:52

#:8 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 5-7-2004 15:10:48
BasePriority : Normal
FileSize : 984 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Verkenner
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Besturingssysteem Microsoft
Created on : 25-5-2003 12:13:04
Last accessed : 5-7-2004 15:10:48
Last modified : 9-9-2002 21:08:34

#:9 [smc.exe]
FilePath : C:\Program Files\Sygate\SPF\
ThreadCreationTime : 5-7-2004 15:10:48
BasePriority : Normal
FileSize : 2280 KB
FileVersion : 5.5.00.2516
ProductVersion : 5.5.00.2516
Copyright : Copyright
CompanyName : Sygate Technologies, Inc.
FileDescription : Sygate Agent Firewall
InternalName : Smc
OriginalFilename : Smc.EXE
ProductName : Sygate
Created on : 21-10-2003 15:36:22
Last accessed : 5-7-2004 15:05:27
Last modified : 5-7-2004 14:40:37

#:10 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 5-7-2004 15:10:49
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 7-12-2003 21:42:08
Last accessed : 5-7-2004 14:44:20
Last modified : 10-11-2003 12:30:12

#:11 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 5-7-2004 15:10:49
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 7-12-2003 21:42:08
Last accessed : 5-7-2004 14:44:20
Last modified : 10-11-2003 12:30:04

#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 5-7-2004 15:10:49
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 7-9-2001 12:00:00
Last accessed : 5-7-2004 14:44:20
Last modified : 7-9-2001 12:00:00

#:13 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 5-7-2004 15:10:49
BasePriority : Normal
FileSize : 155 KB
FileVersion : 10.00.2
ProductVersion : 10.00.2
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 15-5-2004 7:40:20
Last accessed : 5-7-2004 14:49:01
Last modified : 23-4-2004 9:04:18

#:14 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 5-7-2004 15:10:50
BasePriority : Normal
FileSize : 60 KB
FileVersion : 6.13.10.2832
ProductVersion : 6.13.10.2832
Copyright : (c) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 28.32
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 28.32
Created on : 9-3-2002 7:53:00
Last accessed : 5-7-2004 14:44:20
Last modified : 9-3-2002 7:53:00

#:15 [savscan.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 5-7-2004 15:10:50
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.1.14
ProductVersion : 9.2
Copyright : Copyright (c) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 10-12-2003 19:43:36
Last accessed : 5-7-2004 14:44:20
Last modified : 4-12-2003 17:22:30

#:16 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 5-7-2004 15:10:50
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 7-9-2001 12:00:00
Last accessed : 5-7-2004 15:06:11
Last modified : 7-9-2001 12:00:00

#:17 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ThreadCreationTime : 5-7-2004 15:10:50
BasePriority : Normal
FileSize : 572 KB
FileVersion : 1, 8, 48, 77
ProductVersion : 1, 8, 48, 77
Copyright : Copyright (C) 2003
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
OriginalFilename : symlcsvc.exe
ProductName : Symantec Core Component
Created on : 7-12-2003 21:11:11
Last accessed : 5-7-2004 14:44:20
Last modified : 7-12-2003 21:11:11

#:18 [trojan guarder.exe]
FilePath : C:\Program Files\Trojan Guarder\
ThreadCreationTime : 5-7-2004 15:13:46
BasePriority : Normal
FileSize : 265 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : ???? (C) 2001
FileDescription : Knight Microsoft ???????
InternalName : Knight
OriginalFilename : Knight.EXE
ProductName : Knight ????
Created on : 25-2-2004 18:54:56
Last accessed : 5-7-2004 15:13:46
Last modified : 25-2-2004 18:54:56

#:19 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 5-7-2004 15:13:51
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Besturingssysteem Microsoft
Created on : 25-5-2003 12:18:20
Last accessed : 5-7-2004 15:13:14
Last modified : 9-9-2002 21:08:38

#:20 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ThreadCreationTime : 5-7-2004 15:16:49
BasePriority : Normal
FileSize : 4572 KB
FileVersion : 6.1.0211
ProductVersion : Version 6.1
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 4-3-2004 21:01:00
Last accessed : 5-7-2004 15:10:24
Last modified : 4-3-2004 21:01:00

#:21 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 5-7-2004 15:17:25
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 2-6-2003 17:46:11
Last accessed : 5-7-2004 15:10:42
Last modified : 12-7-2003 19:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : exefile\shell\open\command
Value :
Data :

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1

Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 1

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@2o7[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 10:57:52
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 11:21:12

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@advertising[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 18:21:14
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 18:21:14

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@as1.falkag[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 18:21:13
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 18:21:45

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@atdmt[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 5-7-2004 15:19:18
Last accessed : 5-7-2004 15:19:18
Last modified : 5-7-2004 15:19:18

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@bluestreak[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 5-7-2004 14:11:25
Last accessed : 5-7-2004 15:19:35
Last modified : 5-7-2004 14:11:25

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@bravenet[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 2-7-2004 19:43:48
Last accessed : 5-7-2004 14:30:40
Last modified : 2-7-2004 19:43:48

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@doubleclick[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 28-6-2004 20:10:23
Last accessed : 5-7-2004 15:05:50
Last modified : 28-6-2004 20:10:27

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@ehg-dig.hitbox[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\
FileSize : 1 KB
Created on : 4-7-2004 18:23:21
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 18:56:23

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@fastclick[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 5-7-2004 14:13:32
Last accessed : 5-7-2004 15:19:36
Last modified : 5-7-2004 14:13:32

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@gator[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 18:32:02
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 18:32:11

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@hitbox[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 18:23:21
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 18:56:23

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@mediaplex[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 29-6-2004 19:51:09
Last accessed : 5-7-2004 14:30:40
Last modified : 29-6-2004 19:51:09

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@qksrv[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 2-7-2004 17:58:22
Last accessed : 5-7-2004 14:30:40
Last modified : 2-7-2004 17:58:22

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@servedby.advertising[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 18:21:13
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 18:21:15

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@stat.onestat[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 20:43:24
Last accessed : 5-7-2004 14:30:40
Last modified : 4-7-2004 20:43:24

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@tribalfusion[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 5-7-2004 14:11:24
Last accessed : 5-7-2004 15:19:38
Last modified : 5-7-2004 14:11:24

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@valueclick[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 14:06:45
Last accessed : 5-7-2004 14:30:41
Last modified : 4-7-2004 14:06:45

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@web4.realtracker[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 18:15:57
Last accessed : 5-7-2004 14:30:41
Last modified : 4-7-2004 18:15:57

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@webads[2].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 5-7-2004 12:59:29
Last accessed : 5-7-2004 15:05:51
Last modified : 5-7-2004 12:59:29

Tracking Cookie Object recognized!
Type : File
Data : j.p. van der sloot@www.intelli-tracker[1].txt
Object : C:\Documents and Settings\J.P. van der Sloot\Cookies\

Created on : 4-7-2004 14:06:46
Last accessed : 5-7-2004 14:30:43
Last modified : 4-7-2004 14:06:46

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 21

17:20:25 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:02:53:970
Objects scanned :50391
Objects identified :21
Objects ignored :0
New objects :21

maandag 5 juli 2004 17:26

Acties:

Godjira

To infinity and beyond!

Download gewoon even HijackThis. Deze logs zijn veel duidelijker en uitgebreider. Hieruit kan ik meer opmaken in ieder geval. De log van Ad-Aware laat eigenlijk alleen zien wat hij heeft verwijderd en daar hebben we niet veel aan.

#:7 [szntsvc.exe]
FilePath : C:\Program Files\STOPzilla!\
ThreadCreationTime : 5-7-2004 15:10:46
BasePriority : Normal
FileSize : 68 KB
FileVersion : 3, 1, 2, 0
ProductVersion : 3, 1, 2, 0
Copyright : Copyright
CompanyName : International Software Systems Solutions
FileDescription : STOPzilla NT Service
InternalName : SZNTSvc.exe
OriginalFilename : SZNTSvc.exe
Created on : 17-3-2004 4:07:52
Last accessed : 5-7-2004 14:43:57
Last modified : 17-3-2004 4:07:52

Dit vertrouw ik in ieder geval niet. Ken je dit programma? Zo niet, dan weghalen...

[ Voor 58% gewijzigd door Godjira op 05-07-2004 17:30 ]

Profile

dinsdag 6 juli 2004 22:41

Acties:

Verwijderd

Topicstarter

Hier het logfile van HijackThis!:

Logfile of HijackThis v1.98.0
Scan saved at 22:40:40, on 6-7-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\STOPzilla!\szntsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sygate\SPF\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\hpupdate.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
C:\Program Files\Microsoft Office\Office\1043\OLFSNT40.EXE
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Trojan Guarder\Trojan Guarder.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\rsvp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\J.P. van der Sloot\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tweakers.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://startpagina.informatique.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/MS-Connect/Portal/portal.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)
F0 - system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O1 - Hosts: 127.0.0.0 localhost
O1 - Hosts: 127.0.0.2 auditmypc.com
O1 - Hosts: 127.0.0.3 boards.cexx.org
O1 - Hosts: 127.0.0.4 bulletproofsoft.net
O1 - Hosts: 127.0.0.5 camtech2000.net
O1 - Hosts: 127.0.0.6 cexx.org
O1 - Hosts: 127.0.0.7 computercops.us
O1 - Hosts: 127.0.0.8 ct7support.com
O1 - Hosts: 127.0.0.9 doxdesk.com
O1 - Hosts: 127.0.0.20 kellys-korner-xp.com
O1 - Hosts: 127.0.0.21 kephyr.com
O1 - Hosts: 127.0.0.22 lavasoft.de
O1 - Hosts: 127.0.0.23 lavasoftusa.com
O1 - Hosts: 127.0.0.24 lurkhere.com
O1 - Hosts: 127.0.0.25 majorgeeks.com
O1 - Hosts: 127.0.0.26 merijn.org
O1 - Hosts: 127.0.0.27 mjc1.com
O1 - Hosts: 127.0.0.28 moosoft.com
O1 - Hosts: 127.0.0.29 mvps.org
O1 - Hosts: 127.0.0.30 net-integration.net
O1 - Hosts: 127.0.0.31 noadware.net
O1 - Hosts: 127.0.0.32 no-spybot.com
O1 - Hosts: 127.0.0.33 onlinepcfix.com
O1 - Hosts: 127.0.0.34 pchell.com
O1 - Hosts: 127.0.0.35 pestpatrol.com
O1 - Hosts: 127.0.0.36 safer-networking.org
O1 - Hosts: 127.0.0.37 secure.spykiller.com
O1 - Hosts: 127.0.0.38 secureie.com
O1 - Hosts: 127.0.0.39 security.kolla.de
O1 - Hosts: 127.0.0.40 spybot.info
O1 - Hosts: 127.0.0.41 spychecker.com
O1 - Hosts: 127.0.0.42 spychecker.com
O1 - Hosts: 127.0.0.43 spycop.com
O1 - Hosts: 127.0.0.44 spyguard.com
O1 - Hosts: 127.0.0.45 spykiller.com
O1 - Hosts: 127.0.0.46 spyware.co.uk
O1 - Hosts: 127.0.0.47 spyware-cop.com
O1 - Hosts: 127.0.0.48 spywareinfo.com
O1 - Hosts: 127.0.0.49 spywarenuker.com
O1 - Hosts: 127.0.0.50 spywareremove.com
O1 - Hosts: 127.0.0.51 spywareremove.com
O1 - Hosts: 127.0.0.52 stopzillapro.com
O1 - Hosts: 127.0.0.53 sunbelt-software.com
O1 - Hosts: 127.0.0.54 thiefware.com
O1 - Hosts: 127.0.0.55 tomcoyote.org
O1 - Hosts: 127.0.0.56 unwantedlinks.com
O1 - Hosts: 127.0.0.57 webattack.com
O1 - Hosts: 127.0.0.58 wilders.org
O1 - Hosts: 127.0.0.59 www.auditmypc.com
O1 - Hosts: 127.0.0.60 www.bulletproofsoft.net
O1 - Hosts: 127.0.0.61 www.cexx.org
O1 - Hosts: 127.0.0.62 www.computercops.us
O1 - Hosts: 127.0.0.63 www.ct7support.com
O1 - Hosts: 127.0.0.64 www.doxdesk.com
O1 - Hosts: 127.0.0.65 www.eblocs.com
O1 - Hosts: 127.0.0.66 www.enigmasoftwaregroup.com
O1 - Hosts: 127.0.0.67 www.free-spyware-scan.com
O1 - Hosts: 127.0.0.68 www.free-web-browsers.com
O1 - Hosts: 127.0.0.69 www.grc.com
O1 - Hosts: 127.0.0.70 www.grisoft.com
O1 - Hosts: 127.0.0.71 www.hackfaq.org
O1 - Hosts: 127.0.0.72 www.hazeleger.net
O1 - Hosts: 127.0.0.73 www.javacoolsoftware.com
O1 - Hosts: 127.0.0.74 www.kellys-korner-xp.com
O1 - Hosts: 127.0.0.75 www.kephyr.com
O1 - Hosts: 127.0.0.76 www.lavasoft.de
O1 - Hosts: 127.0.0.77 www.lavasoftusa.com
O1 - Hosts: 127.0.0.78 www.lurkhere.com
O1 - Hosts: 127.0.0.79 www.majorgeeks.com
O1 - Hosts: 127.0.0.80 www.merijn.org
O1 - Hosts: 127.0.0.81 www.mjc1.com
O1 - Hosts: 127.0.0.82 www.moosoft.com
O1 - Hosts: 127.0.0.83 www.mvps.org
O1 - Hosts: 127.0.0.84 www.net-integration.net
O1 - Hosts: 127.0.0.85 www.noadware.net
O1 - Hosts: 127.0.0.86 www.no-spybot.com
O1 - Hosts: 127.0.0.87 www.onlinepcfix.com
O1 - Hosts: 127.0.0.88 www.pchell.com
O1 - Hosts: 127.0.0.89 www.pestpatrol.com
O1 - Hosts: 127.0.0.90 www.safer-networking.org
O1 - Hosts: 127.0.0.91 www.secureie.com
O1 - Hosts: 127.0.0.92 www.security.kolla.de
O1 - Hosts: 127.0.0.93 www.spybot.info
O1 - Hosts: 127.0.0.94 www.spychecker.com
O1 - Hosts: 127.0.0.95 www.spychecker.com
O1 - Hosts: 127.0.0.96 www.spycop.com
O1 - Hosts: 127.0.0.97 www.spyguard.com
O1 - Hosts: 127.0.0.98 www.spykiller.com
O1 - Hosts: 127.0.0.99 www.spyware.co.uk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SDWin32 Class - {5FA6752A-C4A0-4222-88C2-928AE5AB4966} - C:\WINDOWS\System32\SWin32.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\WINDOWS\System32\SZIEBHO.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [hplampc] C:\WINDOWS\system32\hplampc.exe
O4 - HKLM\..\Run: [HP Update 4200C] C:\hpupdate.exe 4200C+
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [STOPzilla] "C:\Program Files\STOPzilla!\Stopzilla.exe" /autorun
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
O4 - HKLM\..\RunOnce: [Q828026] "C:\WINDOWS\INF\unregmp2.exe" /UpdateWMP
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1015.dll,InstantAccess
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe /q
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MindManager PDF Writer.lnk = C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
O4 - Global Startup: Poort voor Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1043\OLFSNT40.EXE
O4 - Global Startup: Trojan Guarder.lnk = C:\Program Files\Trojan Guarder\Trojan Guarder.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &iSearch The Web - res://C:\WINDOWS\System32\toolbar.dll/SEARCH.HTML
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://startpagina.informatique.nl
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.postbank3X.nl/sesaXm/CAX.cab
O16 - DPF: {0XXX0B71CFB-6864-4XX346-A978-C0XXX4556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpo...rojector/dx660/index.html
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3....ent/EGAUTH_1015_EN_XP.cab
O16 - DPF: {0D5AAD20-C9EF-11D4-B5D3-00C04F163665} (CBSBiB.iPCRClickMap) - http://www.cbs.nl/nl/cijfers/buurt-in-beeld/klikkaart.CAB
O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://www.free32.com/POP.CHM::/sp.exe
O16 - DPF: {1059D2E2XXX-EA3E-11D5-AF3C-0060085C9531} (CAX Control) - https://www.p3.postbaXXXnk.nl/sesaXXXm/CAX.cab
O16 - DPF: {1D6711XXXC8-7WE-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_EN_XP.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (WficaCtl Object) - http://www.genisar.com/files/genplug60.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/NL/install.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net...in/QuickTimeInstaller.exe
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/...PUWALControl_v1-0-3-9.cab
O16 - DPF: {4E15D681-1D20-11D4-8B72-000021DA1956} - http://plugins.10er.nl/spermaslikkersnl349.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.c...9b305/netzip/RdxIE601.cab
O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messe...ng/nl/filesharingctrl.cab
O16 - DPF: {730F2451-A3FE-4A72-938C-FC8A74F15978} - http://www.igetnet.com/downloads/nlmupgradev4.exe
O16 - DPF: {731918D2-517A-47E2-886A-3BC1380C591D} (PdpPlg Class) - http://webpdp.gator.com/v...dpplugin_4094_hd3ptdm.cab
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} - http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {8E0D4DEEE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.../MessengerStatsClient.cab
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.c...MessengerSetupProject.cab
O16 - DPF: {9B4AA442-9EBF-11D5-8C11-0050DA4957F5} - http://www.cavello.com/dialxs/plugins/d/17/279/nl.exe
O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/2000XP/CDTInc/bridge-c5.cab
O16 - DPF: {AB1E62EB-3DE3-428F-A417-64AB3C9B6CF0} - http://econnect.libereco.net/econnect.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://www.wildtangent.co...rmadness/eacom/wtinst.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/...r/CAB/RealArcadeRdxIE.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/.../Install2.1/Installer.exe
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://www.p3.postbank.nl/XCDGTO/PBGNX.cab
O16 - DPF: {E8CD4-98C7E-4F3B-A51C-64DCC10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.co...an/1,5,0,4362/mcfscan.cab
O16 - DPF: {F0230524-9D39-4E84-8452-41C592961EA7} (Installer Class) - http://www.exchangeexit.com/Config.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1B1240E-122F-4817-A685-4D9C4E3DEAFA}: NameServer = 195.121.1.34 195.121.1.66
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Filter: text/html - {F11BE0CE-1A63-4C99-834B-FF6B43DCDC7F} - C:\Documents and Settings\J.P. van der Sloot\Local Settings\Application Data\microsoft\internet explorer\V0.15.dat

dinsdag 6 juli 2004 22:49

Acties:

lordgandalf

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (WficaCtl Object) - http://www.genisar.com/files/genplug60.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} -

Deze vertrouw ik niet echt

en gooi al die O1 regels uit je hosts bestand alleen 127.0.0.1 localhost laten staan

Steam: Profile / Socialclub: Profile / Uplay: minedwarf / Origin: lordgandalf3

dinsdag 6 juli 2004 22:54

Acties:

sarcast

je hebt waarschijnlijk nog wel een virus of de overblijfselen ervan.

O1 - Hosts: 127.0.0.26 merijn.org <- dat is het adres van CWShredder .. programma dat spyware uit je IE browser haalt. zonder dat adres kan je het programma niet updaten. idd even je host file leeghalen.

raad je ook aan om even wat andere anti-spy/adware programma's te draaien als bijvoorbeeld Spysweeper en spybot.

"Computer games don't affect kids; I mean if Pac-Man affected us as kids, we'd all be running around in darkened rooms, munching magic pills and listening to repetitive electronic music."

dinsdag 6 juli 2004 23:00

Acties:

F_J_K

Moderator CSA/PB

Front verplichte underscores

Dit is zo te onoverzichtelijk geworden; lees Beveiliging en Virussen - Nieuw topic starten even door, kijk zelf even welke bestanden verdacht zijn en open een nieuw topic.
En idd zijn die hosts regels erg fout

Welk trojan vond 'ie steeds en wat zeggen de verschillende websites over het verwijderen van dit trojan? Je geeft nu een overload aan ruwe gegevens maar het meeste kan je beter & sneller zelf bekijken ipv te wachten tot wij de tijd vinden om voor je te kijken

Gator en backweb zijn twee heel erg bekende foute zaken. Check (vanaf een schone PC) GoT en google daar even voor en kijk hoe het te verwijderen. (Niet blind deleten!) Als dat weg is, kijken we zo nog even mee

offtopic:
Hier is niets (vreemd!!) aan, je bent gewoon niet genoeg met je veiligheid bezig geweest. Schreeuw ajb wat minder in je nieuwe topic

Happy hunting

'Multiple exclamation marks,' he went on, shaking his head, 'are a sure sign of a diseased mind' (Terry Pratchett, Eric)