Ga naar inhoud

[OPGELOST] malware


Aanbevolen berichten

Ik had bug doctor geinstaleer en ik liet eens mbam lopen. 119 bestanden geinfecteerd! Hopelijk is het nog niet te laat heb het nog geen uur geleden geïnstaleerd.

Mbam log:

Malwarebytes' Anti-Malware 1.28

Database versie: 1134

Windows 5.1.2600 Service Pack 2

2/10/2007 18:40:07

mbam-log-2007-10-02 (18-40-07).txt

Scan type: Snelle Scan

Objecten gescand: 49556

Verstreken tijd: 6 minute(s), 32 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 4

Registerwaarden geïnfecteerd: 0

Registerdata bestanden geïnfecteerd: 1

Mappen geïnfecteerd: 7

Bestanden geïnfecteerd: 119

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.

Mappen geïnfecteerd:

C:\Program Files\Maximum Software (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2 (Rogue.Multiple) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:

C:\Program Files\Maximum Software\Bug Doctor\Bug Doctor Help.chm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\BugDoctor.exe (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\BugDoctorLiveUpdate.exe (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\error_list(fixed).log (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\error_list.log (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\License.rtf (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\unins000.dat (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\unins000.exe (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\unins000.msg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\CLSID.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\FailUnlockDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\FixDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\FixItem.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\FixStatDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\FONT.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\HELP.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\LicenseGraceDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\LicenseGraceDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\LINK.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\LockedDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\LockedDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\LockedFailDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\LockedFailDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\PROGID.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\scan.swf (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\ScanDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\ScanItem.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatNoErrDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatNoErrorDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatNoErrorDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\SHAREDFILE.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\SHAREDTOOLS.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\skin.ini (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\style.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\style.css (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockedDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockedDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockFailDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockFailDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockingDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\UnlockingDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\bg.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_cancel.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_fixerrors.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_ok.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_order_key.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_stop_scan.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_unlock.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\html\img\progress_wheel.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_checked.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_disable_checked.GIF (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_rollover_checked.GIF (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\bug.swf (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\demo_advanced_pressed.GIF (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-roll_over.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_disable.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_enable.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_pressed.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_roll_over.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\mask12.bmp (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\saMasterCertificate.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan.swf (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scancomplete.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-roll_over.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\skin.ini (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainDisable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainNormal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainPressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainRollOver.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\UnlockingDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-roll_over.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\tempdel.bat (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\BM532462df.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Hilde\Bureaublad\BugdoctorSetup.exe (Rogue.BugDoctor) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Bureaublad\Bug Doctor.lnk (Rogue.BugDoctor) -> Quarantined and deleted successfully.

Hijactis log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:48:26, on 2/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Ad Muncher\AdMunch.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Telemeter 3.0\Telemeter3.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60113

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60113

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - c:\program files\LAB\msdxm.ocx

O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Telemeter.lnk = C:\Program Files\Telemeter 3.0\Telemeter3.exe

O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=G5148QM6&id=menu_ie_frame

O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=G5148QM6&id=menu_ie_image

O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=G5148QM6&id=menu_ie_link

O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=G5148QM6&id=menu_ie_exclude

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=G5148QM6&id=menu_ie_report

O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.nl/scanforvirus-en/kavwebscan_unicode.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197064011015

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C42B23DF-334C-4AD0-9AB4-91FF53D04239} (AbImporter Class) - http://v.netlogstatic.com/v2.05/652//s/m/oz/OzDesktopImporter.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

--

End of file - 7862 bytes

Link naar reactie
Delen op andere sites

MBAM heeft zijn werk goed gedaan. Dit mag je - als toetje - nog uitvoeren : start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab

Klik op 'Fix checked' om de items te verwijderen. En laat dan eens weten of je nog problemen opmerkt ?

Link naar reactie
Delen op andere sites

Ik heb eigenlijk nog wel een probleem als ik op mail druk voor mijn mails komt er de eigenschappen voor internet explorer
Kan je dit probleem eens wat beter omschrijven. Welk mailprogramma, waar druk je op "mail", enz. ... want dit is nogal onduidelijk. Maar dit is alvast geen probleem meer dat in verband kan gebracht worden met je besmetting. Daar moeten andere oorzaken voor gezocht worden.
Link naar reactie
Delen op andere sites

Als je bedoelt dat je bij "Eigesnchappen voor Internet" de verschillende tabbladen krijgt voor het gebruik van Internet (zie bijlage), dan kan ik je geruststellen ... ook bij mij is dat zo :)

Voor je probleem met de besmetting moet je nog wel wat opruimen.

Download CCleaner.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Opschonen'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

post-2078-1417703767,8038_thumb.jpg

Link naar reactie
Delen op andere sites

Als je bedoelt dat je bij "Eigesnchappen voor Internet" de verschillende tabbladen krijgt voor het gebruik van Internet (zie bijlage), dan kan ik je geruststellen ... ook bij mij is dat zo :)

Ja, maar vroeger toen ik daarop klikte kwam daar mijn e-mail programma.

En nu niet meer en ik vind mijn internet programma ook nergens anders

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.