antivirus.startpagina.nl

your system is infected!

  • Anonymous avatar

    dario croci

    beste lezer,

    ik heb een probleem.

    er staat in een zwart scherm met rode letters op me scherm; your computer is infected!

    heb dit gegoogled en gezien dat het een veelvoorkomend virus is. maar overal worden er verschillende oplossingen en programmaas voor genoemd.

    heb er al een aantal van geprobeerd. de randverschijnselen heb ik al een beetje weggekregen. alleen ik krijg het niet helemaal weg.

    is er iemand die me hiermee kan helpen?? please !!

    groetjes dario

    hieronder staat me hjt log;

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 21:58:28, on 11-7-2009

    Platform: Windows XP SP3 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16850)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\csrss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

    C:\Program Files\Norton Internet Security\ISSVC.exe

    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\svchost.exe

    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

    C:\WINDOWS\AGRSMMSG.exe

    C:\Apps\Powercinema\PCMService.exe

    C:\Program Files\Common Files\Symantec Shared\ccApp.exe

    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

    C:\WINDOWS\RTHDCPL.EXE

    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

    c:\APPS\HIDSERVICE\HIDSERVICE.exe

    C:\Program Files\QuickTime\QTTask.exe

    C:\Program Files\SpyNoMore\SNM.exe

    C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\MSN Messenger\MsnMsgr.Exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\Eset\nod32krn.exe

    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

    C:\WINDOWS\system32\svchost.exe

    c:\APPS\Powercinema\Kernel\TV\CLSched.exe

    C:\WINDOWS\System32\alg.exe

    C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe

    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    C:\Program Files\Messenger\msmsgs.exe

    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

    O3 - Toolbar: PBNLV2 - {4E7BD74F-2B8D-469E-A0E8-F362B685FA7D} - C:\WINDOWS\system32\pbnlv2.dll (file missing)

    O3 - Toolbar: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll (file missing)

    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

    O4 - HKLM\..\Run: “C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE” /Spoil /RemAdvDef /Migration32

    O4 - HKLM\..\Run: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

    O4 - HKLM\..\Run: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

    O4 - HKLM\..\Run: C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: C:\WINDOWS\system32\igfxpers.exe

    O4 - HKLM\..\Run: HDAShCut.exe

    O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”

    O4 - HKLM\..\Run: AGRSMMSG.exe

    O4 - HKLM\..\Run: “c:\Apps\Powercinema\PCMService.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”

    O4 - HKLM\..\Run: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

    O4 - HKLM\..\Run: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 “EPSON Stylus Photo R240 Series” /O6 “USB001” /M “Stylus Photo R240”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot

    O4 - HKLM\..\Run: rem C:\Program Files\Silent Fear\Silent Fear Internet Radio 3.2\InternetRadio.exe

    O4 - HKLM\..\Run: RTHDCPL.EXE

    O4 - HKLM\..\Run: ALCMTR.EXE

    O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime

    O4 - HKLM\..\Run: “C:\Program Files\Hitman Pro\xphelper.exe”

    O4 - HKLM\..\Run: C:\Program Files\SpyNoMore\SNM.exe /startup

    O4 - HKLM\..\Run: C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

    O4 - HKLM\..\RunOnce: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background

    O4 - HKCU\..\Run: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    O4 - HKCU\..\Run: rem C:\Program Files\Silent Fear\Silent Fear Internet Radio 3.2\InternetRadio.exe

    O4 - HKCU\..\Run: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)

    O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)

    O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

    O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

    O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

    O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll

    O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab

    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)

    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

    O20 - AppInit_DLLs: cru629.dat

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

    O23 - Service: Microsoft ASPI Manager (aspimgr) - Unknown owner - C:\WINDOWS\system32\aspimgr.exe (file missing)

    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe

    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe

    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

    End of file - 12950 bytes

  • Anonymous avatar

    Ben

    Beste dario

    waar is stap 7

    Ben :)

  • Anonymous avatar

    dario

    sorry, hier is stap 7,

    Malwarebytes' Anti-Malware 1.38

    Database versie: 2410

    Windows 5.1.2600 Service Pack 3

    11-7-2009 22:15:00

    mbam-log-2009-07-11 (22-14-54).txt

    Scan type: Volledige Scan (C:\|)

    Objecten gescand: 129013

    Verstreken tijd: 53 minute(s), 26 second(s)

    Geheugenprocessen geïnfecteerd: 1

    Geheugenmodulen geïnfecteerd: 0

    Registersleutels geïnfecteerd: 5

    Registerwaarden geïnfecteerd: 1

    Registerdata bestanden geïnfecteerd: 13

    Mappen geïnfecteerd: 3

    Bestanden geïnfecteerd: 21

    Geheugenprocessen geïnfecteerd:

    C:\Program Files\SpyNoMore\SNM.exe (Rogue.SpyNoMore) -> No action taken.

    Geheugenmodulen geïnfecteerd:

    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:

    HKEY_LOCAL_MACHINE\SOFTWARE\xpsecuritycenter (Rogue.XPSecurityCenter) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SNM.exe (Rogue.SpyNoMore) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Illysoft (Rogue.SpyNoMore) -> No action taken.

    HKEY_CURRENT_USER\SOFTWARE\Illysoft (Rogue.SpyNoMore) -> No action taken.

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aspimgr (Trojan.Asprox) -> No action taken.

    Registerwaarden geïnfecteerd:

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> No action taken.

    Registerdata bestanden geïnfecteerd:

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    Mappen geïnfecteerd:

    C:\Program Files\SpyNoMore (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\RollBack (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\Temp (Rogue.SpyNoMore) -> No action taken.

    Bestanden geïnfecteerd:

    c:\program files\spynomore\DetectionLog.dtl (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\RegAllowedKeys.cfg (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\RegBlockedKeys.cfg (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\SNM.exe (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\snm.ico (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\snmIeGuard.dat (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\snmIeGuard.dll (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\SNMMain.da3 (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\SNMMain.da4 (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\snmShield.dat (Rogue.SpyNoMore) -> No action taken.

    c:\program files\spynomore\snmVaccinate.dat (Rogue.SpyNoMore) -> No action taken.

    c:\documents and settings\sabrina abramsen\local settings\temporary internet files\alirimax.exe (Trojan.Agent) -> No action taken.

    c:\documents and settings\sabrina abramsen\local settings\temporary internet files\ipeq.exe (Trojan.Agent) -> No action taken.

    c:\documents and settings\sabrina abramsen\local settings\temporary internet files\jocudoquli.exe (Trojan.Agent) -> No action taken.

    c:\documents and settings\sabrina abramsen\local settings\temporary internet files\ohatatal.exe (Trojan.Agent) -> No action taken.

    c:\documents and settings\sabrina abramsen\local settings\temporary internet files\qiwypop.exe (Trojan.Agent) -> No action taken.

    c:\documents and settings\sabrina abramsen\local settings\temporary internet files\rozoru.exe (Trojan.Agent) -> No action taken.

    c:\documents and settings\sabrina abramsen\Cookies\ejydodemy.exe (Fake.Dropped.Malware) -> No action taken.

    C:\WINDOWS\system32\AVR09.exe (Adware.AdvancedVirusRemover) -> No action taken.

    C:\WINDOWS\system32\critical_warning.html (Trojan.FakeAlert) -> No action taken.

    C:\WINDOWS\system32\winhelper.dll (Trojan.FakeAlert) -> No action taken.

    heb nu wel de melding your system is infected weggekregen, alleen de prestaties van de pc zijn nog zekert niet wat ze geweest zijn

  • Anonymous avatar

    Ben

    Beste dario

    Hier een handleiding want volgens mij heb je niet op verwijderen geselecteerden gedrukt?

    http://www.nationaalcomputerforum.nl/showthread.php?p=400188

    suc6 Ben

  • Anonymous avatar

    Luca

    Dat is mijn vermoeden ook. Overigens staat hier ook gewoon hoe het programma werkt:

    http://antivirus.startpagina.nl/prikbord/4625317/voer-dit-eerst-uit-voordat-je-de-logjes-plaatst!!#msg-4625317

    @ Dario: Plaats na het opruimen met Mbam ter controle nog wel even twee nieuwe logbestanden van Mbam en Hijackthis aub.

  • Anonymous avatar

    Roy

    Ik heb het zelfde probleem gehad alles blokkeerde zelfs internet opende niet meer ,ik hen toen systeem herstel gedaan en alles werkte weer als vanouds.