mindere aandelenkarakter

Magazine
Go Back   Computer Juice > Computer Software > Virus, spyware & Security
Reload this Page

Trojan

Registreer Site Spy Leden Lijst Doneer Zoeken Today's Posts Markeer forums als gelezen Forum Regels

Register


 Default 

Trojan




Reply
Pagina 1 van 3 1 23
 
Thread Tools
  #1  
Old 24 okt 2008, 16:18
Lid Fractie
  
Default Trojan

Ik heb een Trojan op mijn pc in de System32-bestanden. Ik heb AVG, maar vroeg me af hoe af te raken van het van AVG als wanneer ik klik op verwijderen, ik vind het gewoon verwijderd uit de kluis tot de volgende scan als het weer gevonden.
  #2  
Old 24 okt 2008, 16:24
Donor Groep
  
Default Trojan

Lijkt alsof je zal meer moeten doen dan alleen maar proberen te verwijderen met AVG, probeer dan een kijkje op deze draad.
__________________

Mijn Systeem: Eerste OC

Processor (s):
Intel E2180@2.85
Moederbord:
Gigabyte GA-P35-DS3L
RAM Geheugen:
2x1GB OCZ PC2-9200 Reaper CL5
Graphics Card (s):
Gainward ATI 3850
Sound Card:
aan boord
Hard Drive (s):
Seagate Barracuda 7200.7 120GB
Optische Drive (s):
HITACHI DVD-ROM GD-2500
Case / PSU:
Corsair VX450
Koeling:
AC freezer7 Pro, 2x80mm, 1x90mm, 1x120mm
Netwerk / Internet:
aan boord / zogenaamd 10Meg maagd kabel
Monitor (s):
ViewSonic Vx922; Viewsonic VE702m
Operating System (s):
XP Home
  #3  
Old 25 okt 2008, 04:17
Lid Fractie
  
Default Trojan

Ok, dank je. Ik zal lopen kapen Deze morgen:)
  #4  
Old 25 okt 2008, 10:08
Moderator Groep
  
Default Trojan

Voer alle van de scans en na de logs. HijackThis is meestal niet voldoende.
__________________
  #5  
Old 26 oktober 2008, 15:58
Lid Fractie
  
Default Trojan

Ik liep SUPERAntiSpyware en kreeg het logboek. Ik liep AVG eens te meer, en het kwam met zes plaatsen die de Trojaanse heeft besmet.

Dit is de SUPERAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Gegenereerd 10.26.2008 op 08:30 PM

Toepassing Versie: 4.21.1004

Core Rules Database Version: 3609
Trace Rules Database Version: 1595

Scan type: Volledige Scan
Totaal Scan tijd: 00:59:08

Geheugen objecten gescand: 430
Geheugen bedreigingen gedetecteerd: 0
Register-items gescand: 4950
Griffie bedreigingen gedetecteerd: 0
Bestand objecten gescand: 73876
Bestand bedreigingen gedetecteerd: 77

Trojan.Unknown Oorsprong
C: \ WINDOWS \ mslagent \ 2_mslagent.dll
C: \ WINDOWS \ mslagent \ mslagent.exe
C: \ WINDOWS \ mslagent \ uninstall.exe
C: \ WINDOWS \ mslagent
C: \ WINDOWS \ system32 \ SMP \ msrc.exe
C: \ WINDOWS \ system32 \ SMP

Adware.INetDelivery
C: \ Program Files \ inet Delivery \ inetdl.exe
C: \ Program Files \ inet Delivery \ intdel.exe
C: \ Program Files \ inet Bezorging
C: \ Program Files \ AKL \ akl.dll
C: \ Program Files \ AKL \ akl.exe
C: \ Program Files \ AKL \ uninstall.exe
C: \ Program Files \ AKL \ unsetup.exe
C: \ Program Files \ AKL

Trojan.Fake-Drop/Gen
C: \ WINDOWS \ SYSTEM32 \ VBSYS2.DLL
C: \ WINDOWS \ SYSTEM32 \ AWTOOLB.DLL
C: \ WINDOWS \ SYSTEM32 \ SYSREQ.EXE
C: \ WINDOWS \ SYSTEM32 \ WINWGPX.EXE
C: \ WINDOWS \ SYSTEM32 \ BDN.COM
C: \ WINDOWS \ SYSTEM32 \ MSSECU.EXE
C: \ WINDOWS \ SYSTEM32 \ VCATCHPI.DLL
C: \ WINDOWS \ SYSTEM32 \ AKTTZN.EXE
C: \ WINDOWS \ SYSTEM32 \ WINSYSTEM.EXE
C: \ WINDOWS \ SYSTEM32 \ NEWSD32.EXE
C: \ WINDOWS \ SYSTEM32 \ EMESX.DLL
C: \ WINDOWS \ SYSTEM32 \ RUNDL1.EXE
C: \ WINDOWS \ SYSTEM32 \ ANTICIPATOR.DLL
C: \ WINDOWS \ SYSTEM32 \ THUN.DLL
C: \ WINDOWS \ SYSTEM32 \ THUN32.DLL
C: \ WINDOWS \ SYSTEM32 \ MSVCHOST.EXE
C: \ WINDOWS \ SYSTEM32 \ REGC64.DLL
C: \ WINDOWS \ SYSTEM32 \ REGM64.DLL
C: \ WINDOWS \ SYSTEM32 \ SSVCHOST.COM
C: \ WINDOWS \ SYSTEM32 \ SSVCHOST.EXE
C: \ WINDOWS \ SYSTEM32 \ TEMP # 01.EXE
C: \ WINDOWS \ SYSTEM32 \ MSGP.EXE
C: \ WINDOWS \ SYSTEM32 \ MTR2.EXE
C: \ WINDOWS \ SYSTEM32 \ h @ @ @ TKEYSH K. DLL
C: \ WINDOWS \ SYSTEM32 \ NETODE.EXE
C: \ WINDOWS \ SYSTEM32 \ MEDUP012.DLL
C: \ WINDOWS \ SYSTEM32 \ MEDUP020.DLL
C: \ WINDOWS \ SYSTEM32 \ SSURF022.DLL
C: \ WINDOWS \ SYSTEM32 \ MSNBHO.DLL
C: \ WINDOWS \ SYSTEM32 \ BSVA-EGIHSG52.EXE
C: \ WINDOWS \ SYSTEM32 \ PS1.EXE
C: \ WINDOWS \ SYSTEM32 \ HXIWLGPM.DAT
C: \ WINDOWS \ SYSTEM32 \ HXIWLGPM.EXE
C: \ WINDOWS \ SYSTEM32 \ TAACK.DAT
C: \ WINDOWS \ SYSTEM32 \ TAACK.EXE
C: \ WINDOWS \ SYSTEM32 \ MWIN32.EXE
C: \ WINDOWS \ SYSTEM32 \ VBIEWER.OCX
C: \ WINDOWS \ SYSTEM32 \ HOPROXY.DLL
C: \ WINDOWS \ SYSTEM32 \ WINLOGONPC.EXE
C: \ WINDOWS \ BDN.COM
C: \ WINDOWS \ MSSECU.EXE
C: \ WINDOWS \ WINSYSTEM.EXE
C: \ WINDOWS \ ITUNESMUSIC.EXE
C: \ WINDOWS \ A. BBT
C: \ WINDOWS \ BASE64.TMP
C: \ WINDOWS \ FVPROTECT.EXE
C: \ WINDOWS \ USERCONFIG9X.DLL
C: \ WINDOWS \ ZIP1.TMP
C: \ WINDOWS \ ZIP2.TMP
C: \ WINDOWS \ ZIP3.TMP
C: \ WINDOWS \ ZIPPED.TMP

Dpcproxy
C: \ WINDOWS \ SYSTEM32 \ DPCPROXY.EXE

Unclassified.Unknown Oorsprong / System
C: \ WINDOWS \ SYSTEM32 \ PSOF1.EXE

Adware.Pacer D
C: \ WINDOWS \ SYSTEM32 \ PSOFT1.EXE

Trojan.Dluca-I
C: \ WINDOWS \ SYSTEM32 \ SNCNTR.EXE

Adware.Vundo-Variant / J
C: \ WINDOWS \ QRBGLTOS.DLL

Trojan.Net-MSV/VPS-Variant
C: \ WINDOWS \ GRFXBANOMOK.DLL

Adware.180solutions/Seekmo/Zango
C: \ Documents and Settings \ GASTENBOEK \ Desktop \ SETUP.EXE

Adware.Tracking Cookie
C: \ Documents and Settings \ Score \ Cookies \ gast @ dubbelklik [2]. Txt
C: \ Documents and Settings \ Score \ Cookies \ gast @ portie-sys [2]. Txt
C: \ Documents and Settings \ Score \ Cookies \ gast @ atdmt [2]. Txt
C: \ Documents and Settings \ Score \ Cookies \ gast @ TradeDoubler [2]. Txt
C: \ Documents and Settings \ Score \ Cookies \ guest@bs.serving-sys [2]. Txt
  #6  
Old 26 oktober 2008, 16:11
Lid Fractie
  
Default Trojan

MalwareByres Logboek:

Malwarebytes' Anti-Malware 1.30
Database versie: 1324
Windows 5.1.2600 Service Pack 2

26/10/2008 23:09:02
mbam-log-2008-10-26 (23-09-02). txt

Scan type: Quick Scan
Objecten gescand: 52045
De verstreken tijd: 4 minuut (s), 36 seconde (n)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Geïnfecteerde bestanden: 1

Memory Processes Infected:
(Geen kwaadaardige items gedetecteerd)

Memory Modules Infected:
(Geen kwaadaardige items gedetecteerd)

Registry Keys Infected:
(Geen kwaadaardige items gedetecteerd)

Registry Values Infected:
(Geen kwaadaardige items gedetecteerd)

Registry Data Items Infected:
(Geen kwaadaardige items gedetecteerd)

Folders Infected:
C: \ Documents and Settings \ Score \ Local Settings \ temp \ ac8zt2 (Trojan.FakeAlert) ->

Quarantaine geplaatst en verwijderd.

Geïnfecteerde bestanden:
C: \ WINDOWS \ egsf.exe (Trojan.FakeAlert) -> quarantaine en verwijderd.
  #7  
Old 26 oktober 2008, 17:27
Moderator Groep
  
Default Trojan

Moeten de HijackThis log nu
__________________
  #8  
Old 27 oktober 2008, 14:27
Lid Fractie
  
Default Trojan

Citaat:
Oorspronkelijk geplaatst door jamesjon View Post
NOD32 is het beste voor trojan.
Zorg uit te breiden?
  #9  
Old 27 oktober 2008, 14:35
Moderator Groep
  
Default Trojan

Gelieve gewoon doorgaan met het posten van deze logboeken als je hulp nodig.
__________________
  #10  
Old 27 oktober 2008, 16:03
Lid Fractie
  
Default Trojan

Logbestand van Trend Micro HijackThis v2.0.2
Scan opgeslagen om 23:01:07 op 27/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Draaiende processen:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ Program Files \ Widcomm \ Bluetooth Software \ bin \ btwdins.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ explorer.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Acer \ Empowering Technology \ eRecovery \ Monitor.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ BroadJump \ Client Stichting \ CFD.exe
C: \ Program Files \ Virgin Broadband \ adviseur \ Broadbandadvisor.exe
C: \ Program Files \ TextBridge Pro Millennium \ Bin \ InstantAccess.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
C: \ WINDOWS \ sm56hlpr.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ WINDOWS \ system32 \ sistray.exe
C: \ Program Files \ Widcomm \ Bluetooth Software \ BTTray.exe
C: \ Program Files \ Ulead Systems \ Ulead Photo Express 3.0 SE \ CalCheck.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Trust \ Easy Webscan 19200 \ ScanPanel \ ScnPanel.exe
C: \ Program Files \ FinePixViewerS \ QuickDCF2.exe
C: \ PROGRA ~ 1 \ Widcomm \ BLUETO ~ 1 \ BTSTAC ~ 1.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ HijackThis \ Analyse.exe.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://global.acer.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. lokale
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: StumbleUpon Launcher - (145B29F4-A56B-4b90-BBAC-45784EBEBBB7) - C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Program Files \ Google \ googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ sw g.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implementeren \ jqs \ IE \ jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - (E99421FB-68DD-40F0-B4AC-B7027CAE2F1A) - C: \ Program Files \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - (EE5D279F-081B-4404-994D-C6B60AAEBA6D) - C: \ Program Files \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: StumbleUpon Toolbar - (5093EB4C-3E93-40AB-9266-B607BA87BDC8) - C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.dll
O4 - HKLM \ .. \ Run: [LaunchApp] Alaunch
O4 - HKLM \ .. \ Run: [ntiMUI] C: \ Program Files \ NewTech Infosystems \ NTI CD & DVD-Maker 7 \ ntiMUI.exe
O4 - HKLM \ .. \ Run: [afstandsbediening] "C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe"
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Verwen / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [SiSPower] Rundll32.exe SiSPower.dll, ModeAgent
O4 - HKLM \ .. \ Run: [geluidsman] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [eRecoveryService] C: \ Acer \ Empowering Technology \ eRecovery \ Monitor.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [BJCFD] C: \ Program Files \ BroadJump \ Client Stichting \ CFD.exe
O4 - HKLM \ .. \ Run: [Broadbandadvisor.exe] "C: \ Program Files \ Virgin Broadband \ adviseur \ Broadbandadvisor.exe" / AUTORUN
O4 - HKLM \ .. \ Run: [InstantAccess] C: \ Program Files \ TextBridge Pro Millennium \ Bin \ InstantAccess.exe / h
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [SMSERIAL] sm56hlpr.exe
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ MsnMsgr.Exe" / achtergrond
O4 - HKCU \ .. \ Run: [SWG] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: Comet Screensaver.lnk = C: \ Program Files \ Comet Screensaver \ Comet Screensaver.exe
O4 - Startup: IMVU.lnk = C: \ Program Files \ IMVU \ IMVUClient.exe
O4 - Startup: Accessoires
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Utility Tray.lnk = C: \ WINDOWS \ system32 \ sistray.exe
O4 - Global Startup: Bluetooth.lnk =?
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C: \ Program Files \ Ulead Systems \ Ulead Photo Express 3.0 SE \ CalCheck.exe
O4 - Global Startup: ScanPanel.lnk = C: \ Program Files \ Trust \ Easy Webscan 19200 \ ScanPanel \ ScnPanel.exe
O4 - Global Startup: Exif Launcher S.lnk =?
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Windows & Live Favorites -- http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E & xporteren naar Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Send To & Bluetooth - C: \ Program Files \ Belkin \ Bluetooth Software \ btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar & Bluetooth-apparaat ... - C: \ Program Files \ Widcomm \ Bluetooth Software \ btsendto_ie_ctx.htm
O8 - Extra context menu item: StumbleUpon Photoblog It! - Res: / / StumbleUponIEBar.dll / blogimage
O9 - Extra knop: StumbleUpon - (75C9223A-409A-4795-A3CA-08DE6B075B4B) - C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll
O9 - Extra button: Onderzoek - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: @ btrez.dll, -4015 - (CCA281CA-C863-46ef-9331-5C8D4460577F) - C: \ Program Files \ Widcomm \ Bluetooth Software \ btsendto_ie.htm
O9 - Extra 'Tools' MENUITEM: @ btrez.dll, -12650 - (CCA281CA-C863-46ef-9331-5C8D4460577F) - C: \ Program Files \ Widcomm \ Bluetooth Software \ btsendto_ie.htm
O9 - Extra button: (geen naam) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (Checkers Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: (5C051655-FCD5-4969-9182-770EA5AA5565) (Solitaire Showdown Class) -- http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl Class) -- http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1177956484625
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (F5A7706B-B9C0-4C89-A715-7A0C6B05DD48) (Minesweeper Flags Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: AVG8 watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C: \ Program Files \ Widcomm \ Bluetooth Software \ bin \ btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe

--
End of file - 11086 bytes


Ik denk dat de trojan (s) kwam van mijn zus het downloaden van spelletjes voor haar telefoon, ik ben niet zeker, maar ze infecteren het herstellen nu.
Reply
Pagina 1 van 3 1 23

Register

Bladwijzers

Gelijkaardige Draden
Draad Thread Starter Forum Antwoorden Last Post
Cant vinden Trojan! Jophen Virus, spyware & Security 1 29 dec 2008 20:55
Trojan.vundo.h, trojan.agent, adware.mirar + MORE! : ( sillyarfer Virus, spyware & Security 1 14 dec 2008 09:59
Misschien trojan Moyra Virus, spyware & Security 5 8 Jan 2008 23:55
Trojan Horse en AVG chuckeruk Virus, spyware & Security 8 De 2 juli 2007 10:02
MSN Trojan mitchbeast Virus, spyware & Security 9 20 jun 2007 12:26
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Contact -- Privacy -- Sitemap -- Top

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, Crawlability, Inc