antivirus.startpagina.nl

new malwere trojan

  • Anonymous avatar

    johan

    mijn mac afee kan de trojan niet deleten en ook niet quorantine hoe los ik diit op kheb al hijjack gedaan hieronder de gegevens help

    Logfile of HijackThis v1.99.1

    Scan saved at 16:02:57, on 25-10-2005

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\vsnpstd.exe

    C:\PROGRA~1\mcafee.com\agent\mcagent.exe

    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

    C:\Program Files\MessengerPlus! 3\MsgPlus.exe

    C:\WINDOWS\system32\rundll32.exe

    C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe

    C:\Program Files\Webroot\Washer\wwDisp.exe

    c:\progra~1\intern~1\iexplore.exe

    C:\Program Files\WinZip\WZQKPICK.EXE

    c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

    C:\WINDOWS\system32\svchost.exe

    c:\PROGRA~1\mcafee.com\vso\mcshield.exe

    C:\Program Files\Messenger\msmsgs.exe

    c:\progra~1\mcafee.com\vso\mcvsftsn.exe

    C:\Program Files\MSN Messenger\msnmsgr.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Documents and Settings\johanenmarion\Bureaublad\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)

    O2 - BHO: (no name) - {2CBF3F46-4989-3B57-13A8-AAA15422F4A2} - C:\DOCUME~1\JOHANE~1\APPLIC~1\Bashflag\okay mapi.exe (file missing)

    O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_90.dll

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl\msntb.dll

    O2 - BHO: (no name) - {E8DDD355-0D29-76C1-F83E-2AF51306F55E} - C:\DOCUME~1\JOHANE~1\APPLIC~1\Bashflag\Internet new.exe

    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl\msntb.dll

    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

    O4 - HKLM\..\Run: C:\Documents and Settings\All Users.WINDOWS\Application Data\TeamEncMessEach\bowsmove.exe

    O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe

    O4 - HKLM\..\Run: C:\WINDOWS\vsnpstd.exe

    O4 - HKLM\..\Run: c:\PROGRA~1\mcafee.com\agent\mcagent.exe

    O4 - HKLM\..\Run: C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

    O4 - HKLM\..\Run: C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

    O4 - HKLM\..\Run: “C:\Program Files\MessengerPlus! 3\MsgPlus.exe”

    O4 - HKLM\..\Run: %systemroot%\system32\dumprep 0 -k

    O4 - HKLM\..\Run: C:\Documents and Settings\All Users.WINDOWS\Application Data\WIPE HOPE BIND KNOB\WAIT MAPI.exe

    O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s

    O4 - HKLM\..\Run: “c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe” /checktask

    O4 - HKLM\..\Run: “c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe”

    O4 - HKLM\..\Run: c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun

    O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: “C:\Program Files\Spyware Doctor\swdoctor.exe” /Q

    O4 - HKCU\..\Run: “C:\Program Files\MessengerPlus! 3\MsgPlus.exe” /WinStart

    O4 - HKCU\..\Run: C:\DOCUME~1\JOHANE~1\APPLIC~1\SOAPPI~1\compflaw.exe

    O4 - HKCU\..\Run: C:\Program Files\Webroot\Washer\wwDisp.exe

    O4 - HKCU\..\Run: “C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe” -n=200

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

    O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O10 - Hijacked Internet access by New.Net

    O10 - Hijacked Internet access by New.Net

    O10 - Hijacked Internet access by New.Net

    O10 - Hijacked Internet access by New.Net

    O10 - Hijacked Internet access by New.Net

    O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab

    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab

    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx

    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

    O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/azesearch.cab

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - “C:\PROGRA~1\MSNMES~1\msgrapp.dll” (file missing)

    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

  • Anonymous avatar

    Piet

    http://www.newdotnet.com/removal.html

    Verwijder eerst Newdot, en plaats dan weer een nieuw logje