Archief - highjack this help

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
G

Gerdt

Legacy Member
Zou iemand me kunnen helpen met het resultaat van een highjackthis scan? hier is de logfile, wat mag ik deleten?

Logfile of HijackThis v1.99.0
Scan saved at 16:07:09, on 21/12/2004
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNTNEW\System32\smss.exe
C:\WINNTNEW\system32\winlogon.exe
C:\WINNTNEW\system32\services.exe
C:\WINNTNEW\system32\lsass.exe
C:\WINNTNEW\system32\svchost.exe
C:\WINNTNEW\system32\LEXBCES.EXE
C:\WINNTNEW\system32\spoolsv.exe
C:\WINNTNEW\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNTNEW\System32\CTsvcCDA.exe
C:\WINNTNEW\System32\svchost.exe
C:\WINNTNEW\system32\hidserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNTNEW\System32\nvsvc32.exe
C:\WINNTNEW\system32\regsvc.exe
C:\WINNTNEW\system32\MSTask.exe
C:\WINNTNEW\system32\stisvc.exe
C:\WINNTNEW\System32\WBEM\WinMgmt.exe
C:\WINNTNEW\System32\MsPMSPSv.exe
C:\WINNTNEW\Explorer.exe
C:\WINNTNEW\System32\LXSUPMON.EXE
C:\WINNTNEW\System32\CTHELPER.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINNTNEW\loadqm.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\winntnew\system32\mcsmss.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNTNEW\System32\WScript.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgwb.dat
C:\Program Files\mIRC\mirc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Michiels\LOCALS~1\Temp\Rar$EX00.657\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchwww.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchwww.com/bar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file)
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - C:\WINNTNEW\System32\sfg_5ebf.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: G1.GZ - {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - C:\DOCUME~1\ALLUSE~2.WIN\APPLIC~1\Pribi\Pribi.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNTNEW\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PrinTray] C:\WINNTNEW\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINNTNEW\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNTNEW\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNTNEW\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater] regsvr32 /s C:\WINNTNEW\System32\kdpupd.dll
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [cmssSystemProcess] c:\winntnew\system32\mcsmss.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINNTNEW\System32\sfg_5ebf.dll"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [\IEService.exe] C:\DOCUME~1\ALLUSE~2.WIN\APPLIC~1\IESERV~1\IEService.exe
O4 - HKCU\..\Run: [\Pribi.exe] C:\DOCUME~1\ALLUSE~2.WIN\APPLIC~1\Pribi\Pribi.exe
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINNTNEW\System32\sfg_5ebf.dll"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Search.vbs
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNTNEW\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNTNEW\System32\msjava.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://www.intercommunity-soft.org/x.chm::/load.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - https://pay.banxafe.be/cab/ElementMisterCash.cab
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.com/activex/MyEMessengerSetupProject.cab
O16 - DPF: {970BF476-3CF2-4572-9EF9-4479E1591DB8} (VacPro.belgio_ver3) - http://www.advnt01.com/dialer/belgio_ver3.CAB
O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp02.photoprintit.de/microsite/2663/defaults/activex/ImageUploader2.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O21 - SSODL: Web Event Logger - {7CFBACFF-EE01-1231-ABDD-416592E5D639} - C:\WINNTNEW\System32\Cbiliime.dll
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNTNEW\System32\CTsvcCDA.exe
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNTNEW\System32\dmadmin.exe
O23 - Service: FireDaemon Service: explorer - Unknown - C:\WINNTNEW\FireDaemon.EXE
O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINNTNEW\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINNTNEW\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
[

[BAT] Brambo

Legacy Member
kzou liever gene nieuwe post maken... dus euhm sry dak uwe post in beslag neem :p

der is 1 ding da elke keer terugkomt in ad-aware, ook al verwijderd em da zogezegd...

"lop"
http://www.lavasoftnews.com/ms/display_main.php?tac=Lop


Logfile of HijackThis v1.99.0
Scan saved at 17:49:16, on 21-12-04
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Executive Software\Undelete\UdServe.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Aston\aston.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Motherboard Monitor 5\MBM5.EXE
C:\Program Files\NetLimiter\NetLimiter.exe
H:\Program Files\D-Tools\daemon.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Winamp\winampa.exe
H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
H:\Program Files\AnyDVD\AnyDVD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\lasss.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Opera7\Opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\FReNsJ\LOCALS~1\Temp\Rar$EX00.719\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zriruohoypodpurvirr.uk/t...t880HN0l10G06PTO35lv5ie8C03Dc4oMwTfUd8QpP.jpg
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7BF2DE65-6E02-DC63-B75C-4C27F07781EA} - C:\DOCUME~1\FReNsJ\APPLIC~1\SENDCL~1\bib city.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "H:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Move Heart Info Bolt] C:\Documents and Settings\All Users\Application Data\InsideCornMoveHeart\POLLAIM.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [RemoteControl] "H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] "H:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe"
O4 - HKLM\..\Run: [AnyDVD] H:\Program Files\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [WebSpecials] rundll32 "C:\Program Files\WebSpecials\webspec.dll",run
O4 - HKLM\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [DEFAULT EACH] C:\DOCUME~1\FReNsJ\APPLIC~1\STUPID~1\Platform poke.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [WebSpecials] rundll32 "C:\Program Files\WebSpecials\webspec.dll",run
O4 - HKCU\..\Run: [Clock] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} - http://www.contenidospc.com/ruboskizo2.cab
O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1093038478687
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712...com/downloads/player/Install2.0/Installer.exe
O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_01) -
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://www.tukati.com/software/4/1.7.20.20/tukati.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{84501378-AD57-4EDA-B329-53ECCF5FE062}: NameServer = 209.47.15.118,64.157.143.38,192.130.131.9,195.130.130.4
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InCD Helper - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: Executive Software Undelete - Executive Software International - C:\Program Files\Executive Software\Undelete\UdServe.exe
s

st3ph3n

Legacy Member
@ Gerdt
Malware processen:
C:\winntnew\system32\mcsmss.exe

Te fixen:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchwww.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchwww.com/bar.html
R3 - URLSearchHook: (no name) - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file)
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 banking.uboc.com
O1 - Hosts: 205.209.184.16 www.banking.uboc.com
O1 - Hosts: 205.209.184.15 web.da-us.citibank.com
O1 - Hosts: 205.209.184.15 www.web.da-us.citibank.com
O1 - Hosts: 205.209.184.16 ebank.hsbc.com.hk
O1 - Hosts: 205.209.184.16 www.ebank.hsbc.com.hk
O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - C:\WINNTNEW\System32\sfg_5ebf.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: G1.GZ - {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - C:\DOCUME~1\ALLUSE~2.WIN\APPLIC~1\Pribi\Pribi.dll (file missing)
O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater] regsvr32 /s C:\WINNTNEW\System32\kdpupd.dll
O4 - HKLM\..\Run: [cmssSystemProcess] c:\winntnew\system32\mcsmss.exe
O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINNTNEW\System32\sfg_5ebf.dll"
O4 - HKCU\..\Run: [\IEService.exe] C:\DOCUME~1\ALLUSE~2.WIN\APPLIC~1\IESERV~1\IEServi ce.exe
O4 - HKCU\..\Run: [\Pribi.exe] C:\DOCUME~1\ALLUSE~2.WIN\APPLIC~1\Pribi\Pribi.exe
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINNTNEW\System32\sfg_5ebf.dll"
O4 - Global Startup: Search.vbs
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://www.intercommunity-soft.org/x.chm::/load.exe
O16 - DPF: {970BF476-3CF2-4572-9EF9-4479E1591DB8} (VacPro.belgio_ver3) - http://www.advnt01.com/dialer/belgio_ver3.CAB
O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab
O21 - SSODL: Web Event Logger - {7CFBACFF-EE01-1231-ABDD-416592E5D639} - C:\WINNTNEW\System32\Cbiliime.dll

@ [BAT] Brambo
Malware processen:
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\WINDOWS\lasss.exe

Te fixen:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zriruohoypodpurvirr.uk/t...oMwTfUd8QpP.jpg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {7BF2DE65-6E02-DC63-B75C-4C27F07781EA} - C:\DOCUME~1\FReNsJ\APPLIC~1\SENDCL~1\bib city.exe
O4 - HKLM\..\Run: [Move Heart Info Bolt] C:\Documents and Settings\All Users\Application Data\InsideCornMoveHeart\POLLAIM.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [WebSpecials] rundll32 "C:\Program Files\WebSpecials\webspec.dll",run
O4 - HKLM\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe
O4 - HKCU\..\Run: [DEFAULT EACH] C:\DOCUME~1\FReNsJ\APPLIC~1\STUPID~1\Platform poke.exe
O4 - HKCU\..\Run: [WebSpecials] rundll32 "C:\Program Files\WebSpecials\webspec.dll",run
O4 - HKCU\..\Run: [Clock] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} - http://www.contenidospc.com/ruboskizo2.cab



Als je malware processen hebt: pc opstarten in Windows Veilige Modus en HiJackThis vandaaruit laten scannen en fixen. Fixen doe je door bovenstaande items aan te vinken en op 'Fix Checked' te drukken.

Steven
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan