Gesloten
1
Hoi!
Gisteren werd ik geteisterd door een virus dat zich voordeed als politiebericht.
Ik heb gelijk gepoogd hem weg te halen.
Als eerste heb ik in 'safe modus met opdrachtprompt' in regedit de waarde 'vasja' verwijderd.
Daarna in gewoon windows virus scanner erover heen gehaald.
Ondertussen liet ik een zoekopdracht uitgaan naar 'vasja', om te checken of hij echt weg was.
Geen resultaat dus dat was goed, lijkt me.
Daarna Emsisoft emergiancy kit en daarna DDS gemaakt.

In http://www.pcwebplus.nl/phpbb/viewtopic ... 222&t=5525" onclick="window.open(this.href);return false; stond dat ik hier een berichtje kon plaatsen ter controle.
Wat ontzettend fijn dat dat kan!

Hieronder de EEK scan:
Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 24-11-2011 0:51:31

Scaninstellingen:

Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan

Scan gestart: 24-11-2011 1:11:12

C:\Documents and Settings\[user]\Cookies\[user]@2o7[2].txt Ontdekt: Trace.TrackingCookie.2o7!A2
C:\Documents and Settings\[user]\Cookies\[user]@adtech[1].txt Ontdekt: Trace.TrackingCookie.adtech!A2
C:\Documents and Settings\[user]\Cookies\[user]@advertising[1].txt Ontdekt: Trace.TrackingCookie.advertising!A2
C:\Documents and Settings\[user]\Cookies\[user]@bluestreak[2].txt Ontdekt: Trace.TrackingCookie.bluestreak!A2
C:\Documents and Settings\[user]\Cookies\[user]@bs.serving-sys[1].txt Ontdekt: Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\[user]\Cookies\[user]@clickbank[1].txt Ontdekt: Trace.TrackingCookie.clickbank!A2
C:\Documents and Settings\[user]\Cookies\[user]@ehg-techtarget.hitbox[1].txt Ontdekt: Trace.TrackingCookie.ehg-techtarget.hitbox!A2
C:\Documents and Settings\[user]\Cookies\[user]@fastclick[1].txt Ontdekt: Trace.TrackingCookie.fastclick!A2
C:\Documents and Settings\[user]\Cookies\[user]@fl01.ct2.comclick[1].txt Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Documents and Settings\[user]\Cookies\[user]@hitbox[1].txt Ontdekt: Trace.TrackingCookie.hitbox!A2
C:\Documents and Settings\[user]\Cookies\[user]@iwon[2].txt Ontdekt: Trace.TrackingCookie.iwon!A2
C:\Documents and Settings\[user]\Cookies\[user]@mediaplex[1].txt Ontdekt: Trace.TrackingCookie.mediaplex!A2
C:\Documents and Settings\[user]\Cookies\[user]@metriweb[1].txt Ontdekt: Trace.TrackingCookie.metriweb!A2
C:\Documents and Settings\[user]\Cookies\[user]@pointroll[2].txt Ontdekt: Trace.TrackingCookie.pointroll!A2
C:\Documents and Settings\[user]\Cookies\[user]@pro-market[2].txt Ontdekt: Trace.TrackingCookie.pro-market!A2
C:\Documents and Settings\[user]\Cookies\[user]@serving-sys[2].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\[user]\Cookies\[user]@stat.onestat[1].txt Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Cookies\[user]@statcounter[1].txt Ontdekt: Trace.TrackingCookie.statcounter!A2
C:\Documents and Settings\[user]\Cookies\[user]@tradedoubler[1].txt Ontdekt: Trace.TrackingCookie.tradedoubler!A2
C:\Documents and Settings\[user]\Cookies\[user]@tribalfusion[2].txt Ontdekt: Trace.TrackingCookie.tribalfusion!A2
C:\Documents and Settings\[user]\Cookies\[user]@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2
C:\Documents and Settings\[user]\Cookies\[user]@zedo[1].txt Ontdekt: Trace.TrackingCookie.zedo!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1261349091953000 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1261349243437000 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1261349583187002 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1261349782531000 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1261351673796000 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1266185770515000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1266256034734001 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1266259754718000 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1267028958812000 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1275389682703001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1275899930109000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1275899930109001 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1277237677328000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1277909485609000 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1277909485609001 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1277928062796002 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1278281814468001 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1282130933171000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1310938924657000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1310944499016000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1310997363968002 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311008079656000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311017165500000 Ontdekt: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311018746703000 Ontdekt: Trace.TrackingCookie.aol.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311020240421002 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311020240421003 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311095402359001 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311095402359002 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311098988218001 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311178343718000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311187976015000 Ontdekt: Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311188524859000 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311253135937000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311263654218000 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311263655546000 Ontdekt: Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311264504437001 Ontdekt: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311264506000000 Ontdekt: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311264506000003 Ontdekt: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311280656734000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311685669359000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311685669359001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311687703984001 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311728264984000 Ontdekt: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311950838671000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1311950838671001 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1312324216828001 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1312651912000000 Ontdekt: Trace.TrackingCookie.go.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1312651920328002 Ontdekt: Trace.TrackingCookie.go.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1312651923796000 Ontdekt: Trace.TrackingCookie.go.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1312651925500000 Ontdekt: Trace.TrackingCookie.go.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1312660547390000 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1312998948546000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1313004288906000 Ontdekt: Trace.TrackingCookie.www.burstnet.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1313175504937000 Ontdekt: Trace.TrackingCookie.lycos.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1313695193812000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1313849988968003 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1314117069812000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1314912885562000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1314912885562001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1314915990625001 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1315237613609000 Ontdekt: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1315495448250000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1315695764593000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1315747586000001 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1315781594906000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1315781622171001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1315861349621000 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1316035965937000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1316036061187000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1316296743750007 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1316435426468000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1316457591906000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1316718566484000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1316972777875000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317044820078001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317157998468000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317217338187000 Ontdekt: Trace.TrackingCookie.z.blogads.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317319023468001 Ontdekt: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317321270515000 Ontdekt: Trace.TrackingCookie.ign.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317382127250000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317385264484008 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317386527906004 Ontdekt: Trace.TrackingCookie.track.effiliation.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317386527906009 Ontdekt: Trace.TrackingCookie.track.effiliation.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317386528078001 Ontdekt: Trace.TrackingCookie.tracking.publicidees.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317386528078002 Ontdekt: Trace.TrackingCookie.tracking.publicidees.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317390086812000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317390086812001 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317420554609000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317508523656000 Ontdekt: Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317847944859000 Ontdekt: Trace.TrackingCookie.www.adspace.be!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317848198781000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1317849341406000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318344958765000 Ontdekt: Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318367060515000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318367080468000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318371417593000 Ontdekt: Trace.TrackingCookie.www6.addfreestats.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318372363484000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318534363875000 Ontdekt: Trace.TrackingCookie.go.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318534363875001 Ontdekt: Trace.TrackingCookie.go.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318607472796000 Ontdekt: Trace.TrackingCookie.loc1.hitsprocessor.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318779152703000 Ontdekt: Trace.TrackingCookie.www5.addfreestats.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1318873130171001 Ontdekt: Trace.TrackingCookie.media!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319061010250001 Ontdekt: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319061010250002 Ontdekt: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319061012125001 Ontdekt: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319061012125002 Ontdekt: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319400825953000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319750583685000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319819440890000 Ontdekt: Trace.TrackingCookie.pmetrics.performancing.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319837753562003 Ontdekt: Trace.TrackingCookie.usatoday.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319837754796001 Ontdekt: Trace.TrackingCookie.usatoday.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319837755765004 Ontdekt: Trace.TrackingCookie.usatoday.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319837758078000 Ontdekt: Trace.TrackingCookie.usatoday.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1319837760609000 Ontdekt: Trace.TrackingCookie.usatoday.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1320186100656005 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1320341961796001 Ontdekt: Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1320348020328001 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1320433911140000 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1320700861078000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1320861067734000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321096084203000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321460053171005 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321462085843004 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321473661531002 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321566419790006 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321566623790003 Ontdekt: Trace.TrackingCookie.ads.pubmatic.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321902568531000 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321910682156000 Ontdekt: Trace.TrackingCookie.count!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321978701796000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321982039265000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1321982039265001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322069207906000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322069208187001 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322069208187002 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322069209484001 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322069209484003 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322086062312000 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322088172062000 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2
C:\Documents and Settings\[user]\Application Data\Mozilla\Firefox\Profiles\hp8b47b7.default\cookies.sqlite:1322091160437000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\Option.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\Parser.class Ontdekt: Exploit.Java.CVE-2010-0840!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\SmartyPointer.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\ThreadParser.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\XML.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\12\d26804c-5e67b828/I\I.class Ontdekt: Trojan-Downloader.Java.OpenConnection!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/CustomClass.class Ontdekt: Exploit.Java.CVE-2010!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/CustomClassLoaderRepository.class Ontdekt: Exploit.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/CustomMBeanServer.class Ontdekt: Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/evil.class Ontdekt: Exploit.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/evilPolicy.class Ontdekt: Exploit.Java.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/dostuff.class Ontdekt: Exploit.Java.CVE-2010-0094!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/SiteError.class Ontdekt: Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/xmo.ser Ontdekt: Exploit.Java.CVE-2010-0094!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\25\24bee7d9-76b586ab/seopack.class Ontdekt: Exploit.Java.CVE-2009!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\27\1b3d8b1b-3cacd938 Ontdekt: Exploit.Java.Agent!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\Option.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\Parser.class Ontdekt: Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\SmartyPointer.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\ThreadParser.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\XML.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\Parser.class Ontdekt: Exploit.Java.Agent!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\SmartyPointer.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\ThreadParser.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\XML.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\Search.class Ontdekt: Exploit.Java.CVE-2010-0840!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\SP.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\ThreadParser.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\XSLT.class Ontdekt: Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3253041684117399291.tmp Ontdekt: Exploit.Java.CVE-2009-3867!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/0264c034 Ontdekt: Exploit.Java.CVE-2010-0094!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/CustomClass.class Ontdekt: Exploit.Java.CVE-2010!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/evilPolicy.class Ontdekt: Exploit.Java.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/SiteError.class Ontdekt: Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Mijn documenten\Downloads\The sims 2 stuff\The Sims 2 Seasons\keygen.exe Ontdekt: Riskware.Keygen.EAGames-Multi!IK

Gescand

Bestanden: 352598
Sporen: 460412
Cookies: 3249
Processen: 48

Gevonden

Bestanden: 35
Sporen: 0
Cookies: 191
Processen: 0
Registersleutels: 0

Scan Geëindigd: 24-11-2011 3:16:50
Scantijd: 2:05:38

C:\Documents and Settings\[user]\Mijn documenten\Downloads\The sims 2 stuff\The Sims 2 Seasons\keygen.exe Verwijderd Riskware.Keygen.EAGames-Multi!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3253041684117399291.tmp Verwijderd Exploit.Java.CVE-2009-3867!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\27\1b3d8b1b-3cacd938 Verwijderd Exploit.Java.Agent!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\Parser.class Verwijderd Exploit.Java.Agent!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\25\24bee7d9-76b586ab/seopack.class Verwijderd Exploit.Java.CVE-2009!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/dostuff.class Verwijderd Exploit.Java.CVE-2010-0094!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/xmo.ser Verwijderd Exploit.Java.CVE-2010-0094!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/0264c034 Verwijderd Exploit.Java.CVE-2010-0094!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/evilPolicy.class Verwijderd Exploit.Java.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/evilPolicy.class Verwijderd Exploit.Java.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/CustomMBeanServer.class Verwijderd Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/SiteError.class Verwijderd Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\Parser.class Verwijderd Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/SiteError.class Verwijderd Exploit.Java.CVE!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/CustomClassLoaderRepository.class Verwijderd Exploit.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/evil.class Verwijderd Exploit.CVE-2008-5353!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\16\6cfd71d0-681ab3f2/CustomClass.class Verwijderd Exploit.Java.CVE-2010!IK
C:\Documents and Settings\[user]\Local Settings\Temp\jar_cache3414230159830973519.tmp/CustomClass.class Verwijderd Exploit.Java.CVE-2010!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\12\d26804c-5e67b828/I\I.class Verwijderd Trojan-Downloader.Java.OpenConnection!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\Parser.class Verwijderd Exploit.Java.CVE-2010-0840!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\Search.class Verwijderd Exploit.Java.CVE-2010-0840!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\Option.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\SmartyPointer.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\ThreadParser.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\10\2db2554a-29e016e1/json\XML.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\Option.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\SmartyPointer.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\ThreadParser.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\35\3a5b7163-6960faff/json\XML.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\SmartyPointer.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\ThreadParser.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\41\76f3af69-6ae176c5/json\XML.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\SP.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\ThreadParser.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Application Data\Sun\Java\Deployment\cache\6.0\53\4c1920b5-2b4e0f7e/json\XSLT.class Verwijderd Exploit.Java.Blacole!IK
C:\Documents and Settings\[user]\Cookies\[user]@zedo[1].txt Verwijderd Trace.TrackingCookie.zedo!A2
C:\Documents and Settings\[user]\Cookies\[user]@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2
C:\Documents and Settings\[user]\Cookies\[user]@tribalfusion[2].txt Verwijderd Trace.TrackingCookie.tribalfusion!A2
C:\Documents and Settings\[user]\Cookies\[user]@tradedoubler[1].txt Verwijderd Trace.TrackingCookie.tradedoubler!A2
C:\Documents and Settings\[user]\Cookies\[user]@statcounter[1].txt Verwijderd Trace.TrackingCookie.statcounter!A2
C:\Documents and Settings\[user]\Cookies\[user]@stat.onestat[1].txt Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Documents and Settings\[user]\Cookies\[user]@serving-sys[2].txt Verwijderd Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\[user]\Cookies\[user]@pro-market[2].txt Verwijderd Trace.TrackingCookie.pro-market!A2
C:\Documents and Settings\[user]\Cookies\[user]@pointroll[2].txt Verwijderd Trace.TrackingCookie.pointroll!A2
C:\Documents and Settings\[user]\Cookies\[user]@metriweb[1].txt Verwijderd Trace.TrackingCookie.metriweb!A2
C:\Documents and Settings\[user]\Cookies\[user]@mediaplex[1].txt Verwijderd Trace.TrackingCookie.mediaplex!A2
C:\Documents and Settings\[user]\Cookies\[user]@iwon[2].txt Verwijderd Trace.TrackingCookie.iwon!A2
C:\Documents and Settings\[user]\Cookies\[user]@hitbox[1].txt Verwijderd Trace.TrackingCookie.hitbox!A2
C:\Documents and Settings\[user]\Cookies\[user]@fl01.ct2.comclick[1].txt Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Documents and Settings\[user]\Cookies\[user]@fastclick[1].txt Verwijderd Trace.TrackingCookie.fastclick!A2
C:\Documents and Settings\[user]\Cookies\[user]@ehg-techtarget.hitbox[1].txt Verwijderd Trace.TrackingCookie.ehg-techtarget.hitbox!A2
C:\Documents and Settings\[user]\Cookies\[user]@clickbank[1].txt Verwijderd Trace.TrackingCookie.clickbank!A2
C:\Documents and Settings\[user]\Cookies\[user]@bs.serving-sys[1].txt Verwijderd Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\[user]\Cookies\[user]@bluestreak[2].txt Verwijderd Trace.TrackingCookie.bluestreak!A2
C:\Documents and Settings\[user]\Cookies\[user]@advertising[1].txt Verwijderd Trace.TrackingCookie.advertising!A2
C:\Documents and Settings\[user]\Cookies\[user]@adtech[1].txt Verwijderd Trace.TrackingCookie.adtech!A2
C:\Documents and Settings\[user]\Cookies\[user]@2o7[2].txt Verwijderd Trace.TrackingCookie.2o7!A2

Verwijderd

Bestanden: 35
Sporen: 0
Cookies: 161


En de DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by [user] at 17:14:53 on 2011-11-24
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1499.699 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\WTMKM.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\[user]\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\[user]\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\[user]\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://nl.ask.com?o=15458&l=dis" onclick="window.open(this.href);return false;
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Akamai NetSession Interface] c:\documents and settings\[user]\local settings\application data\akamai\netsession_win.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MacrokeyManager] WTMKM.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\[user]\menust~1\progra~1\opstar~1\dropbox.lnk - c:\documents and settings\[user]\application data\dropbox\bin\Dropbox.exe
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab" onclick="window.open(this.href);return false;
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab" onclick="window.open(this.href);return false;
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{9CFE2D72-2BCA-4843-BEAC-94477AFD47AC} : DhcpNameServer = 212.54.40.25 212.54.35.25
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\[user]\application data\mozilla\firefox\profiles\hp8b47b7.default\
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\alwil software\avast5\webrep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-23 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-12-10 320856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-9-2 232512]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-10 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-2 44768]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
S2 gupdate1ca81c57d5423c;Google Updateservice (gupdate1ca81c57d5423c);c:\program files\google\update\GoogleUpdate.exe [2009-12-20 133104]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S2 WTService;WTService;c:\windows\system32\atwtusb.exe -s --> c:\windows\system32\atwtusb.exe -s [?]
S3 cpuz130;cpuz130;\??\c:\docume~1\[user]\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\[user]\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-20 133104]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [2006-8-28 10664]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-11-23 22:36:20 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-10 18:48:13 -------- d-----w- c:\documents and settings\[user]\local settings\application data\Akamai
2011-10-25 22:30:10 -------- d-----w- c:\documents and settings\[user]\Adobe Premiere Pro CS5.5 Family
.
==================== Find3M ====================
.
2011-10-19 21:44:00 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-19 18:43:42 2516 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys
2011-10-10 14:22:51 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 04:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06:45 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41:44 614912 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41:44 23040 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 21:45:29 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 14:09:57 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 20:39:42 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-02 19:41:48 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-05-14 19:02:10 3392872 ----a-w- c:\program files\common files\adlmint_libFNP.dll
2009-05-14 19:02:10 3298152 ----a-w- c:\program files\common files\adlmint.dll
.
============= FINISH: 17:16:46,60 ===============


Ik heb de username even veranderd in [user].
Zou je kunnen checken of het weer oke is?

Alvast bedankt!
2
Hoi en welkom op het forum,

1. Download aswMBR.exe naar het bureaublad.
  • Dubbelklik op "aswMBR.exe" om de tool te starten.
  • Klik bij het volgende venster op "Nee" Afbeelding
  • Klik op de knop "scan"
  • Afbeelding
  • Als de scan gereed is klikt u op de knop "save log"
  • Afbeelding
  • Plaats dit log bestand in het volgende bericht.

2. Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:
  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)
  • Het venster met de vraag of je de "Evaluatie wil starten" mag je in principe weigeren, deze kan je later ook nog inschakelen.
  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


3. Download de HijackThis Installer naar je bureaublad.
Dubbelklik op HiJackThis.msi om de installatie te starten.

Dubbelklik op het programma HijackThis en klik op de optie "Main Menu", en kies voor Do a system scan and save a logfile. Plaats vervolgens de inhoud van het log dat verschijnt in je volgende post.

Let op!!! Windows Vista & 7 gebruikers dienen HijackThis als administrator uit te voeren "Rechtermuisknop uitvoeren als", indien dit via de snelkoppeling niet lukt voert u HijackThis als administrator uit in de volgende directory (C:\Program Files\Trend Micro\HiJackThis)

Plaats het logje van MBAM en HijackThis in het volgende bericht.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
3
Bedankt!
Hieronder eerst de MBAM log:

Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org" onclick="window.open(this.href);return false;

Databaseversie: 8238

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

25-11-2011 16:45:50
mbam-log-2011-11-25 (16-45-50).txt

Scantype: Snelle scan
Objecten gescand: 187101
Verstreken tijd: 5 minuut/minuten, 56 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
c:\documents and settings\[user]\local settings\Temp\upd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

En de Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:09:51, on 25-11-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\WTMKM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\[user]\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\[user]\Application Data\Spotify\Spotify.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Documents and Settings\[user]\Application Data\Dropbox\bin\Dropbox.exe
C:\Documents and Settings\[user]\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.ask.com?o=15458&l=dis" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157" onclick="window.open(this.href);return false;
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MacrokeyManager] WTMKM.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Documents and Settings\[user]\Local Settings\Application Data\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Spotify] "C:\Documents and Settings\[user]\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\[user]\Application Data\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C" onclick="window.open(this.href);return false;:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C" onclick="window.open(this.href);return false;:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab" onclick="window.open(this.href);return false;
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab" onclick="window.open(this.href);return false;
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate1ca81c57d5423c) (gupdate1ca81c57d5423c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe

--
End of file - 11730 bytes

Ik vroeg me trouwens ook af: Mijn portebel harde schijf zat aan mijn computer aangesloten, toen het virus binnenkwam. Ik heb hem er uit schrik direct uitgetrokken.
Bestaat er een kans dat daar nu ook een virus op staat en hoe kan ik die het beste verwijderen?

Super fijn om zo geholpen te kunnen worden!
4
Hoi,

Start HijackThis

Let op!!! Windows Vista & 7 gebruikers dienen HijackThis als administrator uit te voeren "Rechtermuisknop uitvoeren als", indien dit via de snelkoppeling niet lukt voert u HijackThis als administrator uit in de volgende directory (C:\Program Files\Trend Micro\HiJackThis)

En klik op "Do a system scan only".
Selecteer alle regels die hier onder staan, indien aanwezig.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.ask.com?o=15458&l=dis" onclick="window.open(this.href);return false;
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)


Sluit nu alle vensters behalve het programma HijackThis.

Klik op "Fix checked" om de items te verwijderen.
Kenna schreef:Ik vroeg me trouwens ook af: Mijn portebel harde schijf zat aan mijn computer aangesloten, toen het virus binnenkwam. Ik heb hem er uit schrik direct uitgetrokken.
Bestaat er een kans dat daar nu ook een virus op staat en hoe kan ik die het beste verwijderen?
Ter controle kan je deze schijf even laten scannen met je virusscanner en MBAM door een volledige scan uit te voeren.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
5
Hee Maxstar,

p. harde schijf had geen virussen.
Hijackthis gedaan; alle 2 verwijderd.

Thanks voor de hulp!
8
Hoi,

Aangezien de problemen zijn verholpen adviseer ik u nog wel even het onderstaande uit te voeren.

De volgende programma's en bijbehorende log bestanden mag je verwijderen.
  • DDS
  • aswMBR
  • HijackThis
1.) Systeemherstelpunten verwijderen
Als de computer geïnfecteerd is geweest met een malware infectie is het raadzaam om alle aanwezige systeemherstelpunten te verwijderen, want hier kunnen namelijk besmette herstelpunten tussen zitten.
  • Hoe u de herstelpunten verwijderd leest u hier
  • Hoe u zelf snel een nieuw systeemherstelpunt aan kunt maken leest u hier
2.) Installeren van essentiële updates.
Hoe u uw besturingssysteem en overige software up to date houdt kunt u hier lezen.
Door middel van het programma Secunia PSI wordt u automatisch gewaarschuwd indien er updates voor de geïnstalleerde software beschikbaar is, meer informatie leest u hier

3.) Pas op voor 'Phishing' berichten.
Phishing is een vorm van internet oplichting (fraude), met valse e-mailberichten en websites die er vertrouwd uitzien wordt er getracht 'logingegevens' en andere persoonlijke informatie te achterhalen.
Dit gebeurt vaak op hele slinkse manieren, zoals bijvoorbeeld e-mailberichten waarin u gevraagd wordt uw inloggegevens te verifiëren, in deze gevallen wordt u vaak naar een valse (clone) website gestuurd, zodra u uw gegevens hier hebt ingevoerd zijn deze in de handen van de kwaadwillende met alle gevolgen van dien.
Meer informatie leest u hier

4.) Gebruikersaccounts
Met dit account heeft u dus het volledige beheer van de computer in handen, het is dan ook niet aan te raden om dit account als primair account voor het dagelijkse gebruik in te stellen.
Meer informatie hierover leest u hier

5.) Risico's bij het downloaden
Peer to Peer (P2P) netwerken en ook Usenet (nieuwsgroepen) zijn een grote bron op het internet wat betreft het verspreiden van malware, het aanbieden van 'gevaarlijke' software (malware) gebeurt vrijwel anoniem waardoor dit een veel gebruikte methode is voor het verspreiden van malware.
Meer informatie hierover leest u hier

6.) Preventie informatie & het gebruik van beveiligings software.
Hier en hier staat informatie hoe u een infectie kunt voorkomen, lees dit eens op uw gemak door.

Meer informatie over het gebruik van "beveiligings software" en "valse (nep) software" (rogueware) leest u hier
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
10
Trouwens nog een laatste vraag: Is het mogelijk dat mijn afgelopen berichten met logjes verwijderd worden? Ik zie dat ik daar zelf geen rechten toe heb, maar ik zou ze graag wel verwijderd zien worden.
11
Kenna schreef:Trouwens nog een laatste vraag: Is het mogelijk dat mijn afgelopen berichten met logjes verwijderd worden? Ik zie dat ik daar zelf geen rechten toe heb, maar ik zou ze graag wel verwijderd zien worden.
Waarom wil je deze verwijderd hebben?
Als je graag je gebruikersnaam verwijderd wilt hebben uit de logjes dan kunnen wij dit nog wel even doen.
Alius aliud dicit "Ieder vogeltje zingt zoals het gebekt is" ook al is deze uit de as herrezen.
12
Ja, dat zou iig fijn zijn. Het eerste logje bevat geen gebruikersnamen, maar de 2e wel. Volgens mij staat er voor de rest geen gevoelige info in. Maar als dat eerste kan gebeuren, zou ik het heel fijn vinden!
Alvast bedankt!
13
Hoi,

Ik heb alle vermeldingen van de 'gebruikersnaam' verwijderd uit de logjes en vervangen door [user] zoals je deels zelf al had gedaan.
Kenna schreef:Volgens mij staat er voor de rest geen gevoelige info in
Nee inderdaad de enigste gevoelige info die in zo'n logje kan staan is de gebruikersnaam en eventueel het gebruikte IP-adres verder niets.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
14
Bedankt!
Sorry dat ik zo lang blijf hangen, ik dacht dat alle problemen op waren gelost. Maar er speelt er nog eentje op, nml:
Flash werkte niet in firefox (gisteren nog wel) en wilde ook niet instaleren.
Toen dacht ik firefox te upgraden. Nu staat er ipv het icoontje van firefox het software-icoontje en als ik daarop klik, dan zegt hij dat ik opnieuw op moet starten. En dat zegt hij naar meerdere malen opnieuw opstarten nog steeds.

Ik heb na het laatste bericht de systeempunten verwijderd en van m'n gewone account eentje met beperkte rechten gemaakt en een admin aangemaakt. (nog zonder ww) Heeft dat ermee te maken?

Nogmaals sorry dat het nog zo lang duurt.
15
Hoi,
Kenna schreef:Sorry dat ik zo lang blijf hangen, ik dacht dat alle problemen op waren gelost. Maar er speelt er nog eentje op, nml:
Geen probleem hoor hier is het forum juist voor.
Verwijder Firefox eens in zijn geheel en installeer deze daarna opnieuw en kijk of de problemen dan zijn verholpen.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
Gesloten

Terug naar “Hulp bij malware problemen, adware, ongewenste software en een trage computer”