Msn doet raar..
Beste helpers heb al paar maanden de nieuwe versie van msn.
Alleen heb ik vandaag iemand toegevoegd.
En die stond zomaar op blok.
Heb hem nooit eerder gehad in me lijst.
En sinds ik nu webcam doe met iemand.
Gaat het beeld op en neer..
Na de reclame als ik de persoon zie.
Wat is er aan de hand?
Bedankt alvast
:d
Laatst gewijzigd door Tommiiee; 10-09-10 om 16:07.
Ik zou je wachtwoord van je MSN eens veranderen en eventueel je virusscan laten draaien...
Plaats een Hijackthis logje om te kijken of er een infectie aanwezig is.
Volg het stappenplan dat je op de bovenstaande link vindt. Vervolgens zal een helper je logje behandelen en infectie(s) behandelen/uitsluiten.
Laatst gewijzigd door Driesiooo; 31-08-10 om 12:26.
Ik heb Hijackthis geinstalleerd naar me bureublad.
Alleen als ik hem open krijg ik niks.
De computer maakt een geluid als je bestanden opent.
Maar er gebeurt niks?
Verander naam van HijackThis naar 12345.exe, en probeer het dan eens.
Tevreden met de hulp die we je geboden hebben? Overweeg een donatie!
Ben jij een Knights and Merchants fan? Bezoek dan de Engelse fansite met een actieve community en unieke informatie over de Remake van Knights and Merchants!
Nee hellaas nog niks.
Heb je de rest van het stappenplan wel doorlopen?
Gebruik anders in plaats van HijackThis, DDS:
Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:
DDS - Techsupport download.
DDS - Bleeping Computer download.
DDS - Forospyware Download.
DDS is een diagnosetool en maakt gebruik van scripts. Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.
Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt.
Beide logfiles sla je op je bureaublad op.
Post de inhoud van DDS.txt.
De inhoud Attach.txt moet je niet posten en niet als bijlage toevoegen aan je post, tenzij ik er om vraag.
Mvg,
Tom
Tevreden met de hulp die we je geboden hebben? Overweeg een donatie!
Ben jij een Knights and Merchants fan? Bezoek dan de Engelse fansite met een actieve community en unieke informatie over de Remake van Knights and Merchants!
Deze is gelukt bedankt.
Hier die van DDS
DDS (Ver_10-03-17.01) - NTFSx86
Run by Rachid Berkani at 17:43:07,55 on do 02-09-2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.767.345 [GMT 2:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\Svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rachid Berkani\Bureaublad\dds.pif
============== Pseudo HJT Report ===============
uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof1.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof1.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof1.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
mExplorerRun: [SysAnti] c:\program files\common files\SysAnti.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IFEO: 360hotfix.exe - ntsd -d
IFEO: 360rpt.exe - ntsd -d
IFEO: 360Safe.exe - ntsd -d
IFEO: 360safebox.exe - ntsd -d
IFEO: 360tray.exe - ntsd -d
Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 127.0.0.1 www.kaspersky.com
Hosts: 127.0.0.1 www.virustotal.com
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\rachid~1\applic~1\mozilla\firefox\profiles\889aapt2.default\
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "Firefox web browser | Faster, more secure, & customizable");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-8-20 54760]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-2 135664]
S3 bns;bns;\??\c:\docume~1\rachid~1\locals~1\temp~bns.tmp --> c:\docume~1\rachid~1\locals~1\Temp~bns.tmp [?]
S3 DrvKiller;DrvKiller;\??\c:\windows\fonts\bpbc.fon --> c:\windows\fonts\bpbc.fon [?]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
=============== Created Last 30 ================
2010-09-01 23:31:23 0 d-----w- c:\program files\common files\DivX Shared
2010-09-01 23:29:36 0 d-----w- c:\program files\DivX
2010-09-01 23:29:03 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX
2010-08-30 16:41:49 38 ----a-w- c:\windows\avisplitter.ini
2010-08-30 16:41:49 165376 ----a-w- c:\windows\system32\unrar.dll
2010-08-30 16:41:45 0 d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 22:54:32 0 d-----w- c:\program files\NCH Software
2010-08-28 20:01:07 0 d-----w- c:\windows\system32\wbem\Repository
2010-08-27 22:19:50 0 d-----w- c:\windows\system32\Adobe
2010-08-24 17:45:23 0 d-----w- c:\docume~1\rachid~1\applic~1\ProgSense
2010-08-24 17:45:18 0 d-----w- c:\program files\Orbitdownloader
2010-08-23 16:03:22 0 d-----w- c:\program files\common files\xing shared
2010-08-23 16:03:08 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-08-23 16:03:08 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-08-23 16:03:05 0 d-----w- c:\program files\common files\Real
2010-08-23 10:44:39 0 d-----w- c:\windows\system32\XPSViewer
2010-08-23 10:44:19 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-08-23 10:44:19 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-08-23 10:44:19 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-08-23 10:44:19 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-08-23 10:44:19 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-08-23 10:44:19 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-08-23 10:44:19 117760 ------w- c:\windows\system32\prntvpt.dll
2010-08-23 10:44:18 0 d-----w- C:\c219b39e48f86a80dd5679
2010-08-21 21:59:58 0 d-----w- c:\program files\NCH Swift Sound
2010-08-21 10:41:52 0 d-----w- c:\program files\Conduit
2010-08-21 10:41:51 0 d-----w- c:\program files\Softonic-Eng7
2010-08-21 10:27:05 272640 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-08-21 10:27:05 272640 ------w- c:\windows\system32\drivers\bthport.sys
2010-08-21 10:26:55 126464 -c----w- c:\windows\system32\dllcache\ftpsvc2.dll
2010-08-21 10:26:48 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-08-20 22:40:06 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-08-20 22:40:06 215920 ----a-w- c:\windows\system32\muweb.dll
2010-08-20 22:40:06 17776 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-08-20 19:31:24 52224 --sh--w- C:\SysAnti.exe
2010-08-20 19:31:24 167 --sh--w- C:\AutoRun.inf
2010-08-20 19:31:23 52224 --sh--w- c:\program files\common files\SysAnti.exe
2010-08-20 19:18:05 0 d-----w- c:\documents and settings\rachid berkani\Tracing
2010-08-20 19:05:08 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-08-20 19:04:27 58112 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-08-20 19:04:11 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2010-08-20 19:03:47 76288 ----a-w- c:\windows\system32\usbui.dll
2010-08-20 19:02:43 0 d-----w- c:\program files\common files\ODBC
2010-08-20 19:02:39 0 d-----w- c:\program files\common files\SpeechEngines
2010-08-20 19:02:13 0 d--h--w- c:\documents and settings\all users\Sjablonen
2010-08-20 19:02:13 0 d-----w- c:\documents and settings\all users\Favorieten
2010-08-20 19:02:13 0 d-----w- c:\documents and settings\all users\Bureaublad
2010-08-20 19:02:13 0 d-----r- c:\documents and settings\all users\Menu Start
2010-08-20 19:02:13 0 d-----r- c:\documents and settings\all users\Documenten
2010-08-20 19:01:34 0 d-----w- C:\Documents and Settings
2010-08-20 19:00:59 823 ----a-w- c:\windows\system32\$winnt$.inf
2010-08-20 18:51:41 0 d-----w- c:\program files\Microsoft
2010-08-20 18:51:27 0 d-----w- c:\program files\Windows Live SkyDrive
2010-08-20 18:48:20 0 d-----w- c:\program files\Ares
2010-08-20 18:20:57 0 d-----w- c:\program files\nLite
2010-08-20 18:16:57 0 d-----w- c:\program files\common files\Windows Live
2010-08-20 17:48:44 0 d-----w- c:\program files\Realtek
2010-08-20 17:34:36 0 d-----w- c:\program files\Siemens
2010-08-20 17:34:20 0 d-----w- c:\program files\Funk Software
2010-08-20 17:34:20 0 d-----w- c:\program files\common files\Funk Software
2010-08-20 17:28:43 0 d-----w- c:\program files\support.com
2010-08-20 17:11:17 0 d-sh--w- c:\documents and settings\all users\DRM
2010-08-20 17:11:04 0 d--h--w- c:\program files\WindowsUpdate
2010-08-20 17:11:01 0 d-----w- c:\program files\Online Services
2010-08-20 17:10:22 0 d-----w- c:\program files\common files\MSSoap
2010-08-20 17:08:40 0 d-----w- c:\program files\Messenger
2010-08-20 17:08:36 0 d-----w- c:\program files\MSN Gaming Zone
2010-08-20 17:08:04 0 d-----w- c:\program files\Windows NT
==================== Find3M ====================
2010-09-02 12:07:59 14720 ----a-w- c:\windows\fonts\gbcft.dll
2010-09-02 09:03:41 14720 ----a-w- c:\windows\fonts\kfekr.dll
2010-09-01 17:10:53 14720 ----a-w- c:\windows\fonts\hpfkx.dll
2010-09-01 15:41:00 14720 ----a-w- c:\windows\fonts\itgui.dll
2010-09-01 13:27:23 14720 ----a-w- c:\windows\fonts\gqmov.dll
2010-08-31 15:32:11 14720 ----a-w- c:\windows\fonts\sotlx.dll
2010-08-31 15:30:38 14720 ----a-w- c:\windows\fonts\guqkl.dll
2010-08-31 15:27:16 14720 ----a-w- c:\windows\fonts\xbqkf.dll
2010-08-31 15:11:36 14720 ----a-w- c:\windows\fonts\stvbe.dll
2010-08-31 10:33:32 14720 ----a-w- c:\windows\fonts\affdi.dll
2010-08-30 08:28:59 14720 ----a-w- c:\windows\fonts\hbfrd.dll
2010-08-29 18:14:35 595644 ----a-w- c:\windows\system32\perfh013.dat
2010-08-29 18:14:35 125688 ----a-w- c:\windows\system32\perfc013.dat
2010-08-29 18:13:07 14720 ----a-w- c:\windows\fonts\qhgnq.dll
2010-08-29 13:24:35 14720 ----a-w- c:\windows\fonts\detoc.dll
2010-08-28 20:07:30 14720 ----a-w- c:\windows\fonts\pckmj.dll
2010-08-28 20:06:44 14720 ----a-w- c:\windows\fonts\xmfab.dll
2010-08-24 09:08:41 14720 ----a-w- c:\windows\fonts\eemhi.dll
2010-08-23 23:50:18 14720 ----a-w- c:\windows\fonts\vojla.dll
2010-08-23 20:07:01 14720 ----a-w- c:\windows\fonts\kvgtm.dll
2010-08-23 11:21:56 14720 ----a-w- c:\windows\fonts\jicwh.dll
2010-08-23 10:38:47 14720 ----a-w- c:\windows\fonts\jprmp.dll
2010-08-21 15:16:25 14720 ----a-w- c:\windows\fonts\uqrro.dll
2010-08-21 10:20:53 14720 ----a-w- c:\windows\fonts\scgkn.dll
2010-08-20 19:31:23 14720 ----a-w- c:\windows\fonts\idxqm.dll
2010-08-20 19:31:20 14720 ----a-w- c:\windows\fonts\bnsfa.dll
2010-08-20 17:48:40 315392 ----a-w- c:\windows\HideWin.exe
2010-08-20 17:09:03 21748 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-30 12:33:19 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:27:56 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02:59 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-17 14:03:48 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 07:43:35 1172480 ----a-w- c:\windows\system32\msxml3.dll
============= FINISH: 17:43:24,76 ===============
Groetjes
verplaatst naar hijack log sectie
tevreden over de hulp?
wilt u een bijdrage doen kijk hier: vrijwillige bijdrage
Is het nog gelukt mijn helden?
Ik zie een aantal ernstige dingen.
Je hebt o.a. last van een Information Stealer. Het komt er dus op een neer dat je gegevens en wachtwoorden in gevaar zijn.
Het heeft geen zin om gegevens te versleutelen of wachtwoorden te veranderen, voordat we die weg hebben..
Volg deze instructies om Combofix te downloaden naar je Bureaublad.
Indien je Combofix al eerder hebt gebruikt kun je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
OPMERKING: indien je tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
- Dubbelklik op Combofix.exe
- Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
- Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het Query - Recovery Console venster.
- Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
- Klik na afloop terug op Ja om het scannen op malware te starten.
- Tijdens het runnen van de fix NIET in het venster klikken want dit zal je pc doen vastlopen.
Wanneer de fix voltooid is en na herstart
zal de log Combofix.txt openen.
Plaats de inhoud van dat log in je volgende bericht.
Mvg,
Tom
Tevreden met de hulp die we je geboden hebben? Overweeg een donatie!
Ben jij een Knights and Merchants fan? Bezoek dan de Engelse fansite met een actieve community en unieke informatie over de Remake van Knights and Merchants!
Ik heb alles gevolgd wat u boven hebt vermeld.
Alles ging goed.
Heb nu een bestand gekregen van combofix met het naam log.
Dit kreeg ik:
ComboFix 10-09-01.04 - Rachid Berkani 02-09-2010 23:47:49.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.767.460 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Rachid Berkani\Bureaublad\ComboFix.exe
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
c:\documents and settings\Rachid Berkani\Bureaublad\Internet Explorer.lnk
c:\program files\Common Files\SysAnti.exe
C:\SysAnti.exe
c:\windows\Fonts\affdi.dll
c:\windows\Fonts\bnsfa.dll
c:\windows\Fonts\detoc.dll
c:\windows\Fonts\eemhi.dll
c:\windows\Fonts\gbcft.dll
c:\windows\Fonts\gqmov.dll
c:\windows\Fonts\guqkl.dll
c:\windows\Fonts\hbfrd.dll
c:\windows\Fonts\hpfkx.dll
c:\windows\Fonts\hqxeu.dll
c:\windows\Fonts\idxqm.dll
c:\windows\Fonts\itgui.dll
c:\windows\Fonts\jicwh.dll
c:\windows\Fonts\jprmp.dll
c:\windows\Fonts\kfekr.dll
c:\windows\Fonts\kvgtm.dll
c:\windows\Fonts\pckmj.dll
c:\windows\Fonts\qhgnq.dll
c:\windows\Fonts\scgkn.dll
c:\windows\Fonts\sotlx.dll
c:\windows\Fonts\stvbe.dll
c:\windows\Fonts\uqrro.dll
c:\windows\Fonts\vojla.dll
c:\windows\Fonts\xbqkf.dll
c:\windows\Fonts\xmfab.dll
c:\windows\system32\Cache
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-08-02 to 2010-09-02 ))))))))))))))))))))))))))))))
.
2010-09-02 17:14 . 2010-09-02 17:14 -------- d-----w- c:\documents and settings\Rachid Berkani\Application Data\DivX
2010-09-02 09:03 . 2010-09-02 09:03 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-09-01 23:36 . 2010-09-01 23:36 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-09-01 23:32 . 2010-09-01 23:29 185640 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\finishPlugin.dll
2010-09-01 23:32 . 2010-09-01 23:29 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-09-01 23:32 . 2010-09-01 23:29 850200 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-09-01 23:32 . 2010-09-01 23:32 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-09-01 23:32 . 2010-09-01 23:32 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-09-01 23:29 . 2010-09-01 23:29 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-09-01 23:29 . 2010-09-01 23:36 -------- d-----w- c:\documents and settings\Rachid Berkani\Local Settings\Application Data\Google
2010-09-01 23:29 . 2010-09-02 17:34 -------- d-----w- c:\program files\Google
2010-09-01 23:29 . 2010-09-01 23:32 -------- d-----w- c:\program files\DivX
2010-09-01 23:29 . 2010-09-01 23:29 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-09-01 23:29 . 2010-09-01 23:32 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-08-30 23:46 . 2010-08-30 23:46 -------- d-----w- c:\documents and settings\Rachid Berkani\Local Settings\Application Data\Identities
2010-08-30 22:42 . 2010-08-30 22:42 -------- d-----w- c:\documents and settings\LocalService\Bureaublad
2010-08-30 16:42 . 2010-08-30 16:42 -------- d-----w- c:\documents and settings\Rachid Berkani\Application Data\Media Player Classic
2010-08-30 16:41 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-08-30 16:41 . 2010-08-30 16:41 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 22:54 . 2010-08-28 22:54 -------- d-----w- c:\program files\NCH Software
2010-08-28 22:46 . 2010-08-28 22:46 -------- d-----w- c:\documents and settings\Rachid Berkani\Application Data\NCH Swift Sound
2010-08-28 22:46 . 2010-08-28 22:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2010-08-28 21:53 . 2010-08-28 21:53 0 ----a-w- c:\windows\nsreg.dat
2010-08-28 21:53 . 2010-08-28 21:53 -------- d-----w- c:\documents and settings\Rachid Berkani\Local Settings\Application Data\Mozilla
2010-08-28 20:01 . 2010-08-28 20:01 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-27 22:19 . 2010-08-28 19:59 -------- d-----w- c:\windows\system32\Adobe
2010-08-24 17:45 . 2010-08-24 17:45 -------- d-----w- c:\documents and settings\Rachid Berkani\Application Data\ProgSense
2010-08-24 17:45 . 2010-08-28 20:01 -------- d-----w- c:\program files\Orbitdownloader
2010-08-24 17:45 . 2010-08-28 20:01 -------- d-----w- c:\documents and settings\Rachid Berkani\Application Data\Orbit
2010-08-23 10:44 . 2010-08-23 10:44 -------- d-----w- c:\windows\system32\XPSViewer
2010-08-21 21:59 . 2010-08-21 21:59 -------- d-----w- c:\program files\NCH Swift Sound
2010-08-21 17:28 . 2010-08-21 17:28 -------- d-----w- c:\program files\Ubisoft
2010-08-21 17:27 . 2010-08-21 17:27 -------- d-----w- c:\documents and settings\Rachid Berkani\Application Data\InstallShield
2010-08-21 10:41 . 2010-08-28 19:59 -------- d-----w- c:\documents and settings\Rachid Berkani\Local Settings\Application Data\Conduit
2010-08-21 10:41 . 2010-08-21 10:41 -------- d-----w- c:\program files\Conduit
2010-08-21 10:41 . 2010-08-28 20:18 -------- d-----w- c:\program files\Softonic-Eng7
2010-08-21 10:41 . 2010-08-28 20:18 -------- d-----w- c:\documents and settings\Rachid Berkani\Local Settings\Application Data\Softonic-Eng7
2010-08-21 10:27 . 2008-06-14 17:36 272640 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-08-21 10:27 . 2008-06-14 17:36 272640 ------w- c:\windows\system32\drivers\bthport.sys
2010-08-21 10:26 . 2009-09-06 07:16 126464 -c----w- c:\windows\system32\dllcache\ftpsvc2.dll
2010-08-21 10:26 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-08-21 10:25 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-08-21 10:22 . 2010-04-28 18:15 2194304 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-08-21 10:22 . 2010-04-28 05:45 2071168 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-08-21 10:22 . 2010-04-28 05:45 2150912 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-08-21 10:22 . 2010-04-28 05:45 2029056 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-08-20 22:40 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-08-20 22:40 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-08-20 22:17 . 2010-08-23 20:52 -------- d-----w- c:\documents and settings\Rachid Berkani\Local Settings\Application Data\Adobe
2010-08-20 19:18 . 2010-09-02 21:39 -------- d-----w- c:\documents and settings\Rachid Berkani\Tracing
2010-08-20 19:05 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-08-20 19:04 . 2008-04-14 22:04 58112 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-08-20 19:04 . 2001-08-17 21:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2010-08-20 19:03 . 2008-04-14 22:32 76288 ----a-w- c:\windows\system32\usbui.dll
2010-08-20 19:01 . 2010-08-20 17:17 -------- d-----w- C:\Documents and Settings
2010-08-20 19:01 . 2010-08-20 17:12 -------- d--h--w- c:\documents and settings\Default User
2010-08-20 19:01 . 2010-08-20 17:11 -------- d-----w- c:\documents and settings\All Users
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-01 13:27 . 2010-08-20 18:24 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-30 21:42 . 2010-08-20 17:39 14640 ----a-w- c:\documents and settings\Rachid Berkani\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-29 18:14 . 2001-09-07 12:00 595644 ----a-w- c:\windows\system32\perfh013.dat
2010-08-29 18:14 . 2001-09-07 12:00 125688 ----a-w- c:\windows\system32\perfc013.dat
2010-08-23 10:44 . 2010-08-23 10:44 -------- d-----w- c:\program files\MSBuild
2010-08-23 10:44 . 2010-08-23 10:44 -------- d-----w- c:\program files\Reference Assemblies
2010-08-22 16:30 . 2010-08-20 18:48 -------- d-----w- c:\program files\Ares
2010-08-21 19:22 . 2010-08-20 17:11 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-21 17:28 . 2010-08-20 17:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-20 18:52 . 2010-08-20 18:51 -------- d-----w- c:\program files\Windows Live
2010-08-20 18:51 . 2010-08-20 18:51 -------- d-----w- c:\program files\Microsoft
2010-08-20 18:51 . 2010-08-20 18:51 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-08-20 18:35 . 2010-08-20 18:20 -------- d-----w- c:\program files\nLite
2010-08-20 18:16 . 2010-08-20 18:16 -------- d-----w- c:\program files\Common Files\Windows Live
2010-08-20 18:12 . 2010-08-20 18:12 2826192 ----a-w- c:\documents and settings\Rachid Berkani\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-08-20 17:48 . 2010-08-20 17:48 -------- d-----w- c:\program files\Realtek
2010-08-20 17:48 . 2010-08-20 17:48 315392 ----a-w- c:\windows\HideWin.exe
2010-08-20 17:48 . 2010-08-20 17:34 -------- d-----w- c:\program files\Common Files\InstallShield
2010-08-20 17:34 . 2010-08-20 17:34 -------- d-----w- c:\program files\Siemens
2010-08-20 17:34 . 2010-08-20 17:34 -------- d-----w- c:\program files\Funk Software
2010-08-20 17:34 . 2010-08-20 17:34 -------- d-----w- c:\program files\Common Files\Funk Software
2010-08-20 17:28 . 2010-08-20 17:28 -------- d-----w- c:\program files\support.com
2010-08-20 17:28 . 2010-08-20 17:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Support.com
2010-08-20 17:12 . 2010-08-20 17:12 -------- d-----w- c:\program files\microsoft frontpage
2010-08-20 17:09 . 2010-08-20 17:09 21748 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-30 12:33 . 2008-04-14 20:32 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:27 . 2008-04-14 20:32 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2008-04-14 20:05 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-13 22:45 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-14 20:32 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2010-08-20 17:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:43 . 2008-04-14 20:32 1172480 ----a-w- c:\windows\system32\msxml3.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-08-28 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-08-28 20:18 2734688 ----a-w- c:\program files\Softonic-Eng7\tbSof1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-08-28 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-08-28 2734688]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"="c:\program files\Ares\Ares.exe" [2010-07-10 1015808]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 16377344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-12 7626752]
"nwiz"="nwiz.exe" [2006-07-12 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-12 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-23 202256]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Gigaset WLAN Adapter Monitor.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Gigaset WLAN Adapter Monitor.lnk
backup=c:\windows\pss\Gigaset WLAN Adapter Monitor.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
S3 bns;bns;\??\c:\docume~1\RACHID~1\LOCALS~1\Temp~bns.tmp --> c:\docume~1\RACHID~1\LOCALS~1\Temp~bns.tmp [?]
.
Inhoud van de 'Gedeelde Taken' map
2010-09-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1220945662-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
2010-09-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1220945662-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
2010-09-02 c:\windows\Tasks\User_Feed_Synchronization-{E5634CBF-F7E6-4267-AE45-5FD3D3B379C9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
- - - - ORPHANS VERWIJDERD - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-09-02 23:53
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bns]
"ImagePath"="\??\c:\docume~1\RACHID~1\LOCALS~1\Temp~bns.tmp"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(1344)
c:\program files\Funk Software\Odyssey Client\odLogin.dll
.
Voltooingstijd: 2010-09-02 23:54:30
ComboFix-quarantined-files.txt 2010-09-02 21:54
Pre-Run: 226.937.524.224 bytes beschikbaar
Post-Run: 228.144.914.432 bytes beschikbaar
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - A9113335423F21CC5B2A2858B76508A1
Ik zal mijn Pc nu herstarten kijken wat ik nu krijg.
Harstikke bedankt. Echt raar hoe die informatie stealer is gekomen.
Heb niks ontvangen na herstart mischien is dat die boven geplaatste.
Hoi
Ga naar Start > Configuratiescherm > Software. Zoek in de lijst naar onderstaand programma:
Softonic Toolbar
Selecteer deze door er eenmaal op te klikken, en klik op Verwijderen.
Verander nu al je wachtwoorden! Combofix heeft afgerekend met de Information Stealer.
Maak vervolgens een nieuw HijackThis log.
Mvg,
Tom
Tevreden met de hulp die we je geboden hebben? Overweeg een donatie!
Ben jij een Knights and Merchants fan? Bezoek dan de Engelse fansite met een actieve community en unieke informatie over de Remake van Knights and Merchants!
Hey dan krijg ik. COULD NOT OPEN INSTALLLog. File.
en hij verwijdert niet.
Ik ga revo unistallergebruiken dan..
Forum Rechten
LinkBack URL
About LinkBacks
Pchelper Donatie 