CampoX
Lid-
Items
20 -
Registratiedatum
-
Laatst bezocht
CampoX's prestaties
-
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste, Ik heb dit alles uitgevoerd, en ccleaner had ik al, heb hem laten lopen. Er blijken toch geen problemen meer te zijn, dus de verhuis van het paardje is compleet! Bedankt voor alle hulp! -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Bedankt allemaal ! MSE geeft geen foutmelding meer, het paardje is gaan lopen! -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste, Hier de log van Dr. Web: {3C241639-79C5-4874-7608-360BBFD1988C}-iM28601IbMjO28601.exe C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy Trojan.Fakealert.21226 Verwijderd. A0001254.exe C:\System Volume Information\_restore{3F63C885-E613-4627-9CBA-E3384071A385}\RP1 Trojan.Fakealert.21226 Verwijderd. -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste Kape, Hier het logje van ComboFix. Nu wel terug probleem met internet, raak er via laptop niet meer op, dus via usb-stick overgebracht naar de vaste pc. Heeft dit iets met ComboFix te maken? Heb pc afgezet met wifi-knop uit en zal eens opnieuw proberen te conecten met internet. Het is een laptop van school die telkens door andere wordt gebruikt, dus ik heb hem nu voor nu, maar ben het dus echt wel beu dat die melding steeds komt, telkens opnieuw moet opstarten van MSE en dat er telkens geluidjes op de achtergrond zijn en hij soms vastloopt. Dus alvast bedankt voor alle hulp tot nu, ik apprecier dit enorm. Log ComboFix ComboFix 11-05-26.03 - gast 27/05/2011 15:20:26.2.2 - x86 Running from: c:\documents and settings\gast\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\gast\Desktop\CFScript.txt * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\iM28601IbMjO28601 c:\documents and settings\All Users\Application Data\iM28601IbMjO28601\iM28601IbMjO28601 c:\documents and settings\gast\Local Settings\Application Data\Conduit c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1257316_1252989_BE.xml c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_BE.xml c:\documents and settings\gast\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml c:\documents and settings\gast\Local Settings\Application Data\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=nl&browserType=IE&toolbarVersion=6_2_7_3.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634215803994037500_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634215829629975000_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634219291587531250_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634220946896281250_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634226715423943750_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634244832697856250_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633826753881225000_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633826758646068750_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552376087500_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552502181250_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552614056250_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552723118750_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827565870150000_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827655684775000_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d634161798257141250_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d634161799307581250_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d634161801077882500_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_SearchActivationButton-go_but01_gif-General-634220918830656250_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___Storage_conduit_com_BankImages_ConduitEngine_ContextMenu_Upgrade_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_site_search_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_e6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Appearance_634161804982048752_png.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\AccountTypes.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\aol.com.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\comcast.net.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\google.com.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\hotmail.com.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\yahoo.com.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=nl.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=nl.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=nl.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=nl.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGong_16.png c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\manifest.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\AppsMetaData\data.bck.txt c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\AppsMetaData\data.txt c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarLogin\data.txt c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarSettings\data.txt c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarTranslation\data.txt c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=fr&hl=fr&topic=h&num=3&output=rss.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=fr&hl=fr&topic=h&num=3&output=rss_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=us&hl=en&topic=h&num=3&output=rss.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=us&hl=en&topic=h&num=3&output=rss_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_pz=1&cf=all&ned=nl_nl&hl=nl&topic=h&num=3&output=rss.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_pz=1&cf=all&ned=nl_nl&hl=nl&topic=h&num=3&output=rss_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\Rss\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_structured.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\SearchInNewTab\SearchInNewTabContent.xml c:\documents and settings\gast\Local Settings\Application Data\uTorrentBar_NL\ThirdPartyComponents.xml c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1257316_1252989_BE.xml c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_BE.xml c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml c:\documents and settings\NetworkService\Local Settings\Application Data\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=nl&browserType=IE&toolbarVersion=6_2_7_3.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634215803994037500_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634215829629975000_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634219291587531250_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634220946896281250_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634226715423943750_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634244832697856250_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633826753881225000_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633826758646068750_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552376087500_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552502181250_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552614056250_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827552723118750_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827565870150000_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d633827655684775000_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d634161798257141250_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d634161799307581250_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_b99f575c-76e9-4402-8755-330aaffa3e6d634161801077882500_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_SearchActivationButton-go_but01_gif-General-634220918830656250_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___Storage_conduit_com_BankImages_ConduitEngine_ContextMenu_Upgrade_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_site_search_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_e6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Appearance_634161804982048752_png.png c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\AccountTypes.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\aol.com.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\comcast.net.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\google.com.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\hotmail.com.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\yahoo.com.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=nl.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=nl.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=nl.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=nl.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\AppsMetaData\data.bck.txt c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\AppsMetaData\data.txt c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarLogin\data.txt c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarSettings\data.txt c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_nl\ToolbarTranslation\data.txt c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=fr&hl=fr&topic=h&num=3&output=rss.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=fr&hl=fr&topic=h&num=3&output=rss_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=us&hl=en&topic=h&num=3&output=rss.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=us&hl=en&topic=h&num=3&output=rss_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_pz=1&cf=all&ned=nl_nl&hl=nl&topic=h&num=3&output=rss.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_pz=1&cf=all&ned=nl_nl&hl=nl&topic=h&num=3&output=rss_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml_structured.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\SearchInNewTab\SearchInNewTabContent.xml c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL\ThirdPartyComponents.xml c:\program files\Conduit c:\program files\Conduit\Community Alerts\Alert.dll c:\program files\Conduit\Community Alerts\Alert0.dll c:\program files\Conduit\Community Alerts\Alert1.dll c:\program files\uTorrentBar_NL c:\program files\uTorrentBar_NL\GottenAppsContextMenu.xml c:\program files\uTorrentBar_NL\INSTALL.LOG c:\program files\uTorrentBar_NL\OtherAppsContextMenu.xml c:\program files\uTorrentBar_NL\SharedAppsContextMenu.xml c:\program files\uTorrentBar_NL\toolbar.cfg c:\program files\uTorrentBar_NL\ToolbarContextMenu.xml c:\program files\uTorrentBar_NL\UNWISE.EXE c:\program files\uTorrentBar_NL\uTorrentBar_NLToolbarHelper.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_BLANKSCR -------\Service_BlankScr . . ((((((((((((((((((((((((( Files Created from 2011-04-27 to 2011-05-27 ))))))))))))))))))))))))))))))) . . 2011-05-27 13:38 . 2011-05-27 13:38 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6449EF5-FA3C-4427-81EC-5395E51AC698}\MpKsl3465434a.sys 2011-05-27 12:24 . 2011-05-18 10:37 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6449EF5-FA3C-4427-81EC-5395E51AC698}\mpengine.dll 2011-05-26 19:58 . 2011-05-26 19:58 -------- d-----w- c:\documents and settings\gast\Application Data\Malwarebytes 2011-05-26 19:58 . 2011-05-26 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-05-26 19:58 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-26 19:58 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-26 19:58 . 2011-05-26 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-05-24 17:44 . 2011-05-27 07:36 -------- d-----w- c:\program files\ConduitEngine 2011-05-24 17:44 . 2011-05-24 17:49 -------- d-----w- c:\documents and settings\gast\Local Settings\Application Data\ConduitEngine 2011-05-24 17:44 . 2011-05-24 17:44 -------- d-----w- C:\extensions 2011-05-23 17:09 . 2011-05-23 17:09 -------- d-----w- c:\documents and settings\gast\Local Settings\Application Data\PCHealth 2011-05-23 17:03 . 2011-05-23 17:03 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth 2011-05-22 17:40 . 2011-02-02 16:11 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-22 17:26 . 2011-05-22 17:26 -------- d-----w- c:\program files\CCleaner 2011-05-22 17:24 . 2011-05-22 17:27 -------- d-----w- c:\program files\Microsoft Security Client 2011-05-19 17:57 . 2011-05-19 17:57 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-05-02 17:05 . 2011-05-02 17:07 -------- d-----w- c:\documents and settings\gast\Application Data\Registry Mechanic 2011-04-30 22:12 . 2011-04-30 22:12 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee 2011-04-30 22:12 . 2011-04-30 22:12 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2006-06-15 19:33 . 2008-12-02 10:55 233472 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll 2006-05-25 17:43 . 2008-12-02 10:55 204895 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll 2005-09-29 13:41 . 2008-12-02 10:55 77824 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll 2006-06-19 12:10 . 2008-12-02 10:55 426081 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll 2005-02-02 11:19 . 2008-12-02 10:55 458752 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll 2006-04-10 17:35 . 2008-12-02 10:55 139264 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll 2005-11-09 10:10 . 2008-12-02 10:55 204800 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll 2005-11-09 10:42 . 2008-12-02 10:55 106496 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll 2006-01-04 10:22 . 2008-12-02 10:55 212992 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll 2006-01-04 10:21 . 2008-12-02 10:55 167936 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-05-27_10.59.20 ))))))))))))))))))))))))))))))))))))))))) . + 2011-05-27 13:38 . 2011-05-27 13:38 16384 c:\windows\Temp\Perflib_Perfdata_2b0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-18 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-08-20 1191936] "NWTRAY"="NWTRAY.EXE" [2002-03-12 28672] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408] "IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-08-20 1368064] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Application Explorer.lnk - c:\program files\Novell\ZENworks\NalView.exe [2006-6-13 35840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "CompatibleRUPSecurity"= 1 (0x1) "DeleteRoamingCache"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au] "NoAutoUpdate"= 1 (0x1) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{763370C4-268E-4308-A60C-D8DA0342BE32}"= "c:\program files\Novell\ZENworks\NalShell.dll" [2006-06-28 446464] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NetIdentity Notification] 2006-05-02 08:17 24576 ----a-w- c:\windows\system32\novell\xtnotify.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-06-12 01:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-10-19 20:02 136176 ----atw- c:\documents and settings\gast\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2008-02-28 14:00 141848 ----a-w- c:\windows\system32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPrint Event Monitor] 2008-08-25 13:28 45056 ----a-w- c:\windows\system32\iprntlgn.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPrint Tray] 2008-08-25 13:27 40960 ----a-w- c:\windows\system32\iprntctl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI] 2009-09-25 02:50 136512 ----a-w- c:\program files\McAfee\Common Framework\UdaterUI.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDPS] 2004-05-17 13:27 32859 ----a-w- c:\windows\system32\dpmw32.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM13Mon.exe] 2008-01-07 16:00 36864 ----a-w- c:\windows\OEM13Mon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-11-06 09:50 16855552 ----a-w- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-10-18 12:57 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZENRC Tray Icon] 2005-05-18 16:04 40960 ----a-w- c:\windows\system32\zentray.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dpmw32.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Documents and Settings\\gast\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R1 MpKsl8917e21c;MpKsl8917e21c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6449EF5-FA3C-4427-81EC-5395E51AC698}\MpKsl8917e21c.sys [x] R1 MpKsldd9345b1;MpKsldd9345b1;c:\windows\system32\MpEngineStore\MpKsldd9345b1.sys [x] R1 MpKslfac2d19c;MpKslfac2d19c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2D6DE892-D811-4614-88BB-9FA4A24BB5FD}\MpKslfac2d19c.sys [x] R2 ftbmyppu;CD-Burning Filter Monitor;c:\windows\System32\svchost.exe [2008-04-14 14336] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-18 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-18 136176] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [x] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [x] S1 MpKsl3465434a;MpKsl3465434a;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6449EF5-FA3C-4427-81EC-5395E51AC698}\MpKsl3465434a.sys [2011-05-27 28752] S1 nipplpt2;Novell iCapture Lpt Redirector 2;c:\windows\system32\drivers\nipplpt.sys [2008-08-25 34671] S2 Remote Management Agent;Novell ZENworks Remote Management Agent;c:\program files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe [2006-05-09 167936] S2 XTAgent;Novell XTier Agent Services;c:\windows\System32\Novell\XTAgent.exe [2006-05-02 61440] S3 Darpan;Darpan;c:\windows\system32\DRIVERS\Darpan.sys [2005-05-23 2773] S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-07-29 51288] S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2008-06-12 43608] S3 OEM13Afx;Provides a software interface to control audio effects of OEM013 camera.;c:\windows\system32\Drivers\OEM13Afx.sys [2007-06-07 141376] S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 7424] S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [2008-05-28 235840] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MPKSL3465434A . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ftbmyppu . Contents of the 'Scheduled Tasks' folder . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-18 12:57] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-18 12:57] . 2011-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2322020850-3978503659-2079644369-501Core.job - c:\documents and settings\gast\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-20 20:02] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2322020850-3978503659-2079644369-501UA.job - c:\documents and settings\gast\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-20 20:02] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html . - - - - ORPHANS REMOVED - - - - . AddRemove-uTorrentBar_NL Toolbar - c:\progra~1\UTORRE~1\UNWISE.EXE . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-05-27 15:39 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 Disk: TOSHIBA_MK1652GSX rev.LV011D -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e . device: opened successfully user: MBR read successfully error: Read A device attached to the system is not functioning. kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi DriverStartIo -> 0x89D0053B user & kernel MBR OK . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,31,1b,42,aa,cb,dc,ad,41,bb,ba,ce,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,31,1b,42,aa,cb,dc,ad,41,bb,ba,ce,\ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(928) c:\windows\system32\NETWIN32.DLL c:\program files\Novell\ZENworks\ZENPOL32.DLL c:\windows\system32\xmlparse.dll c:\windows\system32\ZenMup.dll . - - - - - - - > 'Explorer.exe'(1696) c:\windows\system32\hnetcfg.dll c:\windows\system32\ieframe.dll c:\windows\system32\NETWIN32.DLL c:\windows\system32\NLS\ENGLISH\NWSHLXNR.DLL c:\windows\system32\NLS\ENGLISH\NOVNPNTR.DLL c:\windows\system32\netprovcredman.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\McAfee\Common Framework\FrameworkService.exe c:\program files\Novell\ZENworks\nalntsrv.exe c:\windows\system32\DRIVERS\o2flash.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\McAfee\Common Framework\naPrdMgr.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Novell\ZENworks\wm.exe c:\program files\Novell\ZENworks\WMRUNDLL.EXE c:\windows\system32\igfxsrvc.exe c:\windows\system32\NWTRAY.EXE c:\program files\Novell\ZENworks\NalAgent.exe . ************************************************************************** . Completion time: 2011-05-27 15:43:53 - machine was rebooted ComboFix-quarantined-files.txt 2011-05-27 13:43 ComboFix2.txt 2011-05-27 11:04 . Pre-Run: 146.124.365.824 bytes free Post-Run: 146.120.896.512 bytes free . - - End Of File - - 8E3BEB13A9414F68D955ECA4301E6632 log.txt ComboFix logje.doc -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste, Oke, zal niet reageren op wat MSE aangeeft, hij vraagt telkens om op te schonen en opnieuw op te starten. Bedankt -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Ook nu geeft MSE nog hetzelfde. -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
[ATTACH]10994[/ATTACH]Beste, Ik denk dat dit het logje van ComboFix is ComboFix 11.docx -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste Kape, Ik heb MSE opnieuw laten lopen en hij geeft nog steeds aan dat die trojan er is. Als ik hem probeer te verwijderen komt er ook nog steeds dezelfde foutmelding. Bedankt, CampoX -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste Kape, Internet verbinding is geen enkel probleem meer. Hier een logje van een snelle scan van Malwarebytes: Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 6686 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 27/05/2011 11:07:52 mbam-log-2011-05-27 (11-07-52).txt Scantype: Snelle scan Objecten gescand: 239065 Verstreken tijd: 9 minuut/minuten, 45 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Zal dadelijk ook MSE uitvoeren en laten weten wat die zegt. BEDANKT! -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Hier het nieuwe Hijackthis logje: Logfile of Trend Micro HijackThis v1.docx -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste, Ik heb al die aangevinkt die u aangaf, behalve die dat ik niet vond namelijk: O2 - BHO: (no name) - {7B944F00-387F-0A68-E158-88C911AFAE2B} - c:\windows\system32\swrieizo.dll O4 - HKUS\S-1-5-18\..\RunOnce: [iM28601IbMjO28601] C:\Documents and Settings\All Users\Application Data\iM28601IbMjO28601\iM28601IbMjO28601.exe (User '?') O4 - HKUS\.DEFAULT\..\RunOnce: [iM28601IbMjO28601] C:\Documents and Settings\All Users\Application Data\iM28601IbMjO28601\iM28601IbMjO28601.exe (User 'Default user') bij de O4- HKUS was er telkens wel een gelijkaardige met Bonjour in -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste Kweezie Wabbit, Zal dadelijk alles uitvoeren wat u hierboven hebt gezegd, maar zal eerste de log van malware al geven. Hier het logje ervan: Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 6686 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 26/05/2011 22:33:09 mbam-log-2011-05-26 (22-33-09).txt Scantype: Volledige scan (C:\|) Objecten gescand: 288278 Verstreken tijd: 30 minuut/minuten, 46 seconde(n) Geheugenprocessen geïnfecteerd: 4 Geheugenmodulen geïnfecteerd: 1 Registersleutels geïnfecteerd: 11 Registerwaarden geïnfecteerd: 2 Registerdata geïnfecteerd: 1 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 12 Geheugenprocessen geïnfecteerd: c:\WINDOWS\Temp\Nns.exe (Trojan.Downloader) -> 3132 -> Unloaded process successfully. c:\WINDOWS\Temp\Nnq.exe (Trojan.Downloader) -> 3812 -> Unloaded process successfully. c:\WINDOWS\Temp\Nnr.exe (Trojan.Downloader) -> 2528 -> Unloaded process successfully. c:\WINDOWS\Temp\dhsj\setup.exe (Spyware.Passwords.XGen) -> 7600 -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: c:\WINDOWS\system32\swrieizo.dll (IPH.GenericBHO) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AMService (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7B944F00-387F-0A68-E158-88C911AFAE2B} (IPH.GenericBHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Gaayuqqe (IPH.GenericBHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B944F00-387F-0A68-E158-88C911AFAE2B} (IPH.GenericBHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B944F00-387F-0A68-E158-88C911AFAE2B} (IPH.GenericBHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\OO1310T0QS (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SNJQ66R8MU (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\idgbn5xehg (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4ECYTQ9SIC (Trojan.Downloader) -> Value: 4ECYTQ9SIC -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\iM28601IbMjO28601 (Rogue.MSRemovalTool) -> Value: iM28601IbMjO28601 -> Quarantined and deleted successfully. Registerdata geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\WINDOWS\Temp\Nns.exe (Trojan.Downloader) -> Delete on reboot. c:\WINDOWS\Temp\Nnq.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\Nnr.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\dhsj\setup.exe (Spyware.Passwords.XGen) -> Delete on reboot. c:\WINDOWS\system32\swrieizo.dll (IPH.GenericBHO) -> Delete on reboot. c:\documents and settings\all users\application data\im28601ibmjo28601\im28601ibmjo28601.exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully. c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\8U8UTBAS\5848b7[1].exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully. c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\T395768E\eb1faf0[1].exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully. c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\WKXXI1TX\info[1].exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully. -
Trojan horse melding bij Microsoft Security Essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Hello, Ik heb een logje van Hijack kunnen bekomen enkel nog het probleem is hem hierop krijgen. Als ik het hierin plak en op snel reageren duw krijg ik een foutmelding van mijn internetbrowser. Heb het op mail gezet en ga proberen via andere pc het hierop te krijgen! tot dadelijk Ook heb ik MBAM via stick erop gekregen, die ontdekte 31 fouten. Geduwd om te verwijderen, kon ze niet allen verwijderen en vroeg om opnieuw op te starten, heb ik ook gedaan. ---------- Post toegevoegd om 22:45 ---------- Vorige post was om 22:38 ---------- Hier het 'logje': Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:21:58, on 26/05/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Novell\XTAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\WiFi\bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\Novell\ZENworks\nalntsrv.exe C:\Program Files\McAfee\Common Framework\naPrdMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\DRIVERS\o2flash.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\WiFi\bin\WLKeeper.exe C:\Program Files\Novell\ZENworks\wm.exe C:\WINDOWS\TEMP\Nns.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\TEMP\Nnq.exe C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\WINDOWS\system32\NWTRAY.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Novell\ZENworks\NalAgent.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Adobe\Reader 9.0\Reader\Eula.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\TEMP\Nnr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\TEMP\dhsj\setup.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe E:\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2865317 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7B944F00-387F-0A68-E158-88C911AFAE2B} - c:\windows\system32\swrieizo.dll O2 - BHO: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-2322020850-3978503659-2079644369-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [iM28601IbMjO28601] C:\Documents and Settings\All Users\Application Data\iM28601IbMjO28601\iM28601IbMjO28601.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [iM28601IbMjO28601] C:\Documents and Settings\All Users\Application Data\iM28601IbMjO28601\iM28601IbMjO28601.exe (User 'Default user') O4 - Global Startup: Application Explorer.lnk = C:\Program Files\Novell\ZENworks\NalView.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\gast\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228207701203 O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aida.local O17 - HKLM\Software\..\Telephony: DomainName = aida.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aida.local O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: mekomdo - C:\Documents and Settings\NetworkService\Local Settings\Application Data\mekomdo.dll O20 - Winlogon Notify: uximert - C:\Documents and Settings\LocalService\Local Settings\Application Data\uximert.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AMService - Watoff Software - C:\WINDOWS\TEMP\dhsj\setup.exe O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Program Files\Novell\ZENworks\nalntsrv.exe O23 - Service: O2FLASH (o2flash) - O2Micro International - C:\WINDOWS\system32\DRIVERS\o2flash.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Novell ZENworks Remote Management Agent (Remote Management Agent) - Novell, Inc. - C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Program Files\Novell\ZENworks\wm.exe -- End of file - 12906 bytes -
0X80501001 Microsoft Security essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Heb een logje van Hijack kunnen bekomen het enige probleem is dat ik hem hier niet inkrijg als ik het plak en snel reageren duw komt er een 'foutmelding' van mijn internetbrowser. Heb het in een document op mail gezet en zal het dadelijk via een andere pc proberen door te sturen. ---------- Post toegevoegd om 22:41 ---------- Vorige post was om 22:33 ---------- Hier het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:21:58, on 26/05/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Novell\XTAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\WiFi\bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\Novell\ZENworks\nalntsrv.exe C:\Program Files\McAfee\Common Framework\naPrdMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\DRIVERS\o2flash.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\WiFi\bin\WLKeeper.exe C:\Program Files\Novell\ZENworks\wm.exe C:\WINDOWS\TEMP\Nns.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\TEMP\Nnq.exe C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\WINDOWS\system32\NWTRAY.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Novell\ZENworks\NalAgent.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Adobe\Reader 9.0\Reader\Eula.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\TEMP\Nnr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\TEMP\dhsj\setup.exe C:\Documents and Settings\gast\Local Settings\Application Data\Google\Chrome\Application\chrome.exe E:\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2865317 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7B944F00-387F-0A68-E158-88C911AFAE2B} - c:\windows\system32\swrieizo.dll O2 - BHO: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\tbuTor.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-2322020850-3978503659-2079644369-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [iM28601IbMjO28601] C:\Documents and Settings\All Users\Application Data\iM28601IbMjO28601\iM28601IbMjO28601.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [iM28601IbMjO28601] C:\Documents and Settings\All Users\Application Data\iM28601IbMjO28601\iM28601IbMjO28601.exe (User 'Default user') O4 - Global Startup: Application Explorer.lnk = C:\Program Files\Novell\ZENworks\NalView.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\gast\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228207701203 O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aida.local O17 - HKLM\Software\..\Telephony: DomainName = aida.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aida.local O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: mekomdo - C:\Documents and Settings\NetworkService\Local Settings\Application Data\mekomdo.dll O20 - Winlogon Notify: uximert - C:\Documents and Settings\LocalService\Local Settings\Application Data\uximert.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AMService - Watoff Software - C:\WINDOWS\TEMP\dhsj\setup.exe O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Program Files\Novell\ZENworks\nalntsrv.exe O23 - Service: O2FLASH (o2flash) - O2Micro International - C:\WINDOWS\system32\DRIVERS\o2flash.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Novell ZENworks Remote Management Agent (Remote Management Agent) - Novell, Inc. - C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Program Files\Novell\ZENworks\wm.exe -- End of file - 12906 bytes -
0X80501001 Microsoft Security essentials
CampoX reageerde op CampoX's topic in Archief Bestrijding malware & virussen
Beste Clarkie, Ja dat scherm, dan veilige modus met netwerkmogelijkheden, dan na heel lang laden (zwart scherm) kwam er om in te loggen, inloggen lukte niet, ook niet na heel heel lang wachten. Bedankt
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!