Ga naar inhoud

hijackthis logje


Aanbevolen berichten

Zouden jullie nog eens dit Hijackthis logje kunnen controleren aub? De ongewenste reclame swingt hier weer de pan uit!

Dikke merci!

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:46:00, on 1/12/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE

C:\Program Files\FilesFrog Update Checker\update_checker.exe

C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\dmwu.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Dell\My Documents\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [EPSON SX420W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\WINDOWS\TEMP\E_SDD.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [sDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Dell\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342698343578

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: WebOptimizer - Unknown owner - C:\WINDOWS\system32\dmwu.exe

--

End of file - 7202 bytes

Link naar reactie
Delen op andere sites

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Hier het gevraagde logje

ComboFix 12-12-01.02 - Dell 02/12/2012 14:44:14.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.188 [GMT 1:00]

Running from: c:\documents and settings\Dell\My Documents\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Incredibar.com

c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll

c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll

c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe

c:\program files\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll

c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 )))))))))))))))))))))))))))))))

.

.

2012-12-02 13:31 . 2012-12-02 13:31 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{54173A30-80F4-4A42-8608-B2EA337B5E99}\MpKsl6c47a38a.sys

2012-12-02 12:59 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{54173A30-80F4-4A42-8608-B2EA337B5E99}\mpengine.dll

2012-11-30 19:22 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-11-08 19:00 . 2012-11-08 19:24 -------- d-----w- C:\divx

2012-11-06 20:07 . 2012-11-07 16:11 -------- d-----w- c:\documents and settings\Dell\Application Data\Apple Computer

2012-11-06 20:04 . 2012-11-06 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2012-11-06 20:03 . 2012-11-06 20:03 -------- d-----w- c:\program files\Common Files\Apple

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\documents and settings\Dell\Local Settings\Application Data\Apple

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\program files\Apple Software Update

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\documents and settings\Dell\Local Settings\Application Data\Apple Computer

2012-11-06 19:47 . 2012-11-06 19:47 -------- d-----w- c:\documents and settings\Dell\Application Data\DDMSettings

2012-11-06 19:42 . 2012-11-08 18:59 -------- d-----w- c:\documents and settings\Dell\Application Data\DivX

2012-11-06 19:39 . 2012-11-06 19:41 -------- d-----w- c:\program files\Common Files\DivX Shared

2012-11-06 19:34 . 2012-11-06 19:42 -------- d-----w- c:\program files\DivX

2012-11-06 19:28 . 2012-11-06 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

2012-11-03 20:10 . 2012-11-03 20:10 -------- d-----w- c:\documents and settings\Dell\Application Data\Roxio

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-22 08:37 . 2008-04-13 23:00 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-10-16 17:54 . 2012-10-16 17:54 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-10-16 17:54 . 2012-10-16 17:54 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-10-16 17:54 . 2010-07-02 14:01 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-10-02 18:04 . 2008-04-14 03:42 58368 ----a-w- c:\windows\system32\synceng.dll

2012-09-13 13:26 . 2012-09-15 06:31 1006448 ----a-w- c:\windows\system32\dmwu.exe

2012-09-13 13:24 . 2012-09-15 06:31 28160 ----a-w- c:\windows\system32\ImHttpComm.dll

2012-09-07 15:04 . 2012-10-11 13:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-28 18:10 . 2012-10-28 18:07 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SDP"="c:\program files\FilesFrog Update Checker\update_checker.exe" [2012-10-03 201808]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

.

c:\documents and settings\Guest\Start Menu\Programs\Startup\

Internet.lnk - [N/A]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-02 08:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

2012-08-21 06:54 5576408 ----a-w- c:\documents and settings\Dell\Application Data\Spotify\spotify.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

2012-08-21 06:53 1193176 ----a-w- c:\documents and settings\Dell\Application Data\Spotify\Data\SpotifyWebHelper.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\ExpressFiles\\expressdl.exe"=

"c:\\Program Files\\ExpressFiles\\ExpressFiles.exe"=

"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=

"c:\\Documents and Settings\\Dell\\Application Data\\Spotify\\spotify.exe"=

"c:\\WINDOWS\\system32\\dmwu.exe"=

"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R1 MpKsl6c47a38a;MpKsl6c47a38a;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{54173A30-80F4-4A42-8608-B2EA337B5E99}\MpKsl6c47a38a.sys [2/12/2012 14:31 29904]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14/05/2009 16:07 759048]

R2 WebOptimizer;WebOptimizer;c:\windows\system32\dmwu.exe [15/09/2012 7:31 1006448]

S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [22/09/2012 13:11 100864]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17/06/2011 18:33 237008]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL6C47A38A

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]

.

2012-12-02 c:\windows\Tasks\Express FilesUpdate.job

- c:\program files\ExpressFiles\EFUpdater.exe [2012-07-31 19:12]

.

2012-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1563985344-1417001333-1005Core.job

- c:\documents and settings\Dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-19 11:32]

.

2012-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1563985344-1417001333-1005UA.job

- c:\documents and settings\Dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-19 11:32]

.

2012-12-02 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 15:25]

.

.

------- Supplementary Scan -------

.

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Free YouTube Download - c:\documents and settings\Dell\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm

TCP: DhcpNameServer = 195.130.130.5 195.130.131.5

FF - ProfilePath - c:\documents and settings\Dell\Application Data\Mozilla\Firefox\Profiles\9vazlijc.default\

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxp://google.be/

FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=BE&userid=4603dff3-f264-4842-80cb-da4c58e9d79d&affid=111585&searchtype=ds&babsrc=lnkry&q=

FF - ExtSQL: 2012-10-16 19:54; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

FF - ExtSQL: 2012-11-06 20:42; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF - user.js: extentions.y2layers.installId - c348c3e2-1102-49d2-a7af-da41c6bc5a13

FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube

FF - user.js: extensions.autoDisableScopes - 14

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyJDqEG4q&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - acdb185d0000000000000016761efc97

FF - user.js: extensions.incredibar_i.instlDay - 15552

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:51

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef -

FF - user.js: extensions.incredibar_i.dfltLng -

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id -

FF - user.js: extensions.incredibar_i.upn2 - 6OyJDqEG4q

FF - user.js: extensions.incredibar_i.upn2n - 92261851587098490

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10658

FF - user.js: extensions.incredibar_i.ppd -

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113480&tt=3112_1

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=

FF - user.js: extensions.BabylonToolbar.id - acdb185d0000000000000016761efc97

FF - user.js: extensions.BabylonToolbar.instlDay - 15552

FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1

FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.121:04

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

FF - user.js: extensions.claro.id - acdb185d0000000000000016761efc97

FF - user.js: extensions.claro.instlDay - 15552

FF - user.js: extensions.claro.vrsn - 1.6.4.1

FF - user.js: extensions.claro.vrsni - 1.6.4.1

FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.121:12

FF - user.js: extensions.claro.prtnrId - claro

FF - user.js: extensions.claro.prdct - claro

FF - user.js: extensions.claro.aflt - babsst

FF - user.js: extensions.claro_i.smplGrp - none

FF - user.js: extensions.claro.tlbrId - iclaro

FF - user.js: extensions.claro.instlRef - sst

FF - user.js: extensions.claro.dfltLng - en

FF - user.js: extensions.claro.excTlbr - false

FF - user.js: extensions.claro.admin - false

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-12-02 14:53

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2012-12-02 14:55:49

ComboFix-quarantined-files.txt 2012-12-02 13:55

.

Pre-Run: 24.900.747.264 bytes free

Post-Run: 25.682.010.112 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - FC0F15B35865CBF55A0ABEDD557A11D2

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - c:\documents and settings\Dell\Application Data\Mozilla\Firefox\Profiles\9vazlijc.default\

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: keyword.URL -

FF - user.js: extentions.y2layers.installId - c348c3e2-1102-49d2-a7af-da41c6bc5a13

FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyJDqEG4q&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - acdb185d0000000000000016761efc97

FF - user.js: extensions.incredibar_i.instlDay - 15552

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:51

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef -

FF - user.js: extensions.incredibar_i.dfltLng -

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id -

FF - user.js: extensions.incredibar_i.upn2 - 6OyJDqEG4q

FF - user.js: extensions.incredibar_i.upn2n - 92261851587098490

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10658

FF - user.js: extensions.incredibar_i.ppd -

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113480&tt=3112_1

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=

FF - user.js: extensions.BabylonToolbar.id - acdb185d0000000000000016761efc97

FF - user.js: extensions.BabylonToolbar.instlDay - 15552

FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1

FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.121:04

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

FF - user.js: extensions.claro.id - acdb185d0000000000000016761efc97

FF - user.js: extensions.claro.instlDay - 15552

FF - user.js: extensions.claro.vrsn - 1.6.4.1

FF - user.js: extensions.claro.vrsni - 1.6.4.1

FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.121:12

FF - user.js: extensions.claro.prtnrId - claro

FF - user.js: extensions.claro.prdct - claro

FF - user.js: extensions.claro.aflt - babsst

FF - user.js: extensions.claro_i.smplGrp - none

FF - user.js: extensions.claro.tlbrId - iclaro

FF - user.js: extensions.claro.instlRef - sst

FF - user.js: extensions.claro.dfltLng - en

FF - user.js: extensions.claro.excTlbr - false

FF - user.js: extensions.claro.admin – false

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

ComboFix 12-12-04.01 - Dell 04/12/2012 21:28:48.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.637 [GMT 1:00]

Running from: c:\documents and settings\Dell\My Documents\Downloads\ComboFix.exe

Command switches used :: c:\documents and settings\Dell\My Documents\CFScript.txt

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((( Files Created from 2012-11-04 to 2012-12-04 )))))))))))))))))))))))))))))))

.

.

2012-12-04 19:55 . 2012-12-04 19:55 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{046D4044-9916-455C-800B-578C902354D1}\MpKslf0e824c6.sys

2012-12-03 16:59 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{046D4044-9916-455C-800B-578C902354D1}\mpengine.dll

2012-12-02 17:41 . 2012-12-02 17:41 -------- d-----w- c:\program files\directx

2012-12-02 16:37 . 2012-12-02 16:38 -------- d-----w- c:\program files\Soldier of Fortune II - Double Helix

2012-12-02 12:59 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-11-08 19:00 . 2012-11-08 19:24 -------- d-----w- C:\divx

2012-11-06 20:07 . 2012-11-07 16:11 -------- d-----w- c:\documents and settings\Dell\Application Data\Apple Computer

2012-11-06 20:04 . 2012-11-06 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2012-11-06 20:03 . 2012-11-06 20:03 -------- d-----w- c:\program files\Common Files\Apple

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\documents and settings\Dell\Local Settings\Application Data\Apple

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\program files\Apple Software Update

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple

2012-11-06 20:02 . 2012-11-06 20:02 -------- d-----w- c:\documents and settings\Dell\Local Settings\Application Data\Apple Computer

2012-11-06 19:47 . 2012-11-06 19:47 -------- d-----w- c:\documents and settings\Dell\Application Data\DDMSettings

2012-11-06 19:42 . 2012-11-08 18:59 -------- d-----w- c:\documents and settings\Dell\Application Data\DivX

2012-11-06 19:39 . 2012-11-06 19:41 -------- d-----w- c:\program files\Common Files\DivX Shared

2012-11-06 19:34 . 2012-11-06 19:42 -------- d-----w- c:\program files\DivX

2012-11-06 19:28 . 2012-11-06 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-22 08:37 . 2008-04-13 23:00 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-10-16 17:54 . 2012-10-16 17:54 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-10-16 17:54 . 2012-10-16 17:54 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-10-16 17:54 . 2010-07-02 14:01 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-10-02 18:04 . 2008-04-14 03:42 58368 ----a-w- c:\windows\system32\synceng.dll

2012-09-13 13:26 . 2012-09-15 06:31 1006448 ----a-w- c:\windows\system32\dmwu.exe

2012-09-13 13:24 . 2012-09-15 06:31 28160 ----a-w- c:\windows\system32\ImHttpComm.dll

2012-09-07 15:04 . 2012-10-11 13:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-28 18:10 . 2012-10-28 18:07 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SDP"="c:\program files\FilesFrog Update Checker\update_checker.exe" [2012-10-03 201808]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

.

c:\documents and settings\Guest\Start Menu\Programs\Startup\

Internet.lnk - [N/A]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-02 08:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

2012-08-21 06:54 5576408 ----a-w- c:\documents and settings\Dell\Application Data\Spotify\spotify.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

2012-08-21 06:53 1193176 ----a-w- c:\documents and settings\Dell\Application Data\Spotify\Data\SpotifyWebHelper.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\ExpressFiles\\expressdl.exe"=

"c:\\Program Files\\ExpressFiles\\ExpressFiles.exe"=

"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=

"c:\\Documents and Settings\\Dell\\Application Data\\Spotify\\spotify.exe"=

"c:\\WINDOWS\\system32\\dmwu.exe"=

"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R1 MpKslf0e824c6;MpKslf0e824c6;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{046D4044-9916-455C-800B-578C902354D1}\MpKslf0e824c6.sys [4/12/2012 20:55 29904]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14/05/2009 16:07 759048]

R2 WebOptimizer;WebOptimizer;c:\windows\system32\dmwu.exe [15/09/2012 7:31 1006448]

S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [22/09/2012 13:11 100864]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17/06/2011 18:33 237008]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSLF0E824C6

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]

.

2012-12-04 c:\windows\Tasks\Express FilesUpdate.job

- c:\program files\ExpressFiles\EFUpdater.exe [2012-07-31 19:12]

.

2012-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1563985344-1417001333-1005Core.job

- c:\documents and settings\Dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-19 11:32]

.

2012-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1563985344-1417001333-1005UA.job

- c:\documents and settings\Dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-19 11:32]

.

2012-12-04 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 15:25]

.

.

------- Supplementary Scan -------

.

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Free YouTube Download - c:\documents and settings\Dell\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm

TCP: DhcpNameServer = 195.130.130.5 195.130.131.5

FF - ProfilePath - c:\documents and settings\Dell\Application Data\Mozilla\Firefox\Profiles\9vazlijc.default\

FF - prefs.js: browser.startup.homepage - hxxp://google.be/

FF - ExtSQL: 2012-10-16 19:54; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

FF - ExtSQL: 2012-11-06 20:42; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF - user.js: extensions.autoDisableScopes - 14

FF - user.js: extensions.claro.admin - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-12-04 21:34

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(2464)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2012-12-04 21:37:08

ComboFix-quarantined-files.txt 2012-12-04 20:37

ComboFix2.txt 2012-12-04 20:07

ComboFix3.txt 2012-12-02 13:55

.

Pre-Run: 24.575.135.744 bytes free

Post-Run: 24.560.001.024 bytes free

.

- - End Of File - - 0AF03CA544F34570623866448E4E625F

Link naar reactie
Delen op andere sites

Op facebook nog steeds heel wat ongewenste reclame. Of is dat nu weer iets nieuws dat ze doen?

Ik herinner mij dat jullie eens iets gepost hebben over een testje dat je kon doen om te kijken of je virusscanner naar behoren werkt. Waar kan ik dat precies vinden?

Groetjes en bedankt

Link naar reactie
Delen op andere sites

Is het enkel op facebook dat je nog ongewenste reclame krijgt of ook nog op ander sites?

Ik herinner mij dat jullie eens iets gepost hebben over een testje dat je kon doen om te kijken of je virusscanner naar behoren werkt. Waar kan ik dat precies vinden?

http://www.pc-helpforum.be/f163/hoe-kan-ik-mijn-antivirus-testen-19809/

Link naar reactie
Delen op andere sites

Download AdwCleaner by Xplode naar je bureaublad.

A3qkP9RCEAAOZhQ.jpg

  • Sluit alle openstaande vensters.
  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.