Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Gootje08
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:42:54, on 14-1-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mouse Driver\KMWDSrv.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ULi5287\ULi5287.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\GameShadow\GameShadow.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.811.com/saecs.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.811.com/saecs.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: 811 Toolbar - {9198CEC1-4DD8-95E7-1053-F5AAFDBBE0FB} - C:\PROGRA~1\811TOO~1\tbu13\toolbar.dll (file missing)
O1 - Hosts: 78.159.125.69 www.google.no
O1 - Hosts: 78.159.125.69 www.google.nl
O1 - Hosts: 78.159.125.69 www.google.com
O1 - Hosts: 78.159.125.69 www.google.se
O1 - Hosts: 78.159.125.69 uk.search.yahoo.com
O1 - Hosts: 78.159.125.69 www.google.pt
O1 - Hosts: 78.159.125.69 www.google.es
O1 - Hosts: 78.159.125.69 www.google.ca
O1 - Hosts: 78.159.125.69 www.google.be
O1 - Hosts: 78.159.125.69 www.google.fi
O1 - Hosts: 78.159.125.69 www.google.com.br
O1 - Hosts: 78.159.125.69 www.google.co.uk
O1 - Hosts: 78.159.125.69 www.google.dk
O1 - Hosts: 78.159.125.69 www.google.co.jp
O1 - Hosts: 78.159.125.69 www.google.fr
O1 - Hosts: 78.159.125.69 www.google.co.za
O1 - Hosts: 78.159.125.69 www.google.de
O1 - Hosts: 78.159.125.69 www.google.ch
O1 - Hosts: 78.159.125.69 www.google.at
O1 - Hosts: 78.159.125.69 www.google.it
O1 - Hosts: 78.159.125.69 search.yahoo.com
O1 - Hosts: 78.159.125.69 www.google.ie
O1 - Hosts: 78.159.125.69 us.search.yahoo.com
O1 - Hosts: 78.159.125.69 www.google.gr
O1 - Hosts: 78.159.125.69 www.google.com.mx
O1 - Hosts: 78.159.125.69 www.google.com.au
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9C033D01-1756-467E-BD11-E9D5767809F1} - C:\WINDOWS\system32\CNCI15.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: 811 Toolbar - {9198CEC1-4DD8-95E7-1053-F5AAFDBBE0FB} - C:\PROGRA~1\811TOO~1\tbu13\toolbar.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe”
O4 - HKLM\..\Run: C:\Program Files\ULi5287\ULi5287.exe
O4 - HKLM\..\Run: HDAShCut.exe
O4 - HKLM\..\Run: C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray
O4 - HKLM\..\Run: “C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe”
O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: “C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe”
O4 - HKLM\..\Run: C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: C:\Program Files\Search Settings Protection\SearchSettingsProtection.exe
O4 - HKLM\..\Run: C:\Program Files\Hotbar\bin\10.0.356.0\OEAddOn.exe
O4 - HKLM\..\Run: “C:\Program Files\Hotbar\bin\10.0.356.0\HotbarSA.exe”
O4 - HKLM\..\Run: C:\WINDOWS\system\smvss.exe /w
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE
O4 - HKLM\..\Run: C:\WINDOWS\System32\Rundll32.exe “C:\WINDOWS\system32\{94097125-c6f7-fde8-849a-94abd44578ba}.dll” DllInit
O4 - HKLM\..\Run: C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: “C:\Program Files\Ahead\Nero BackItUp\NBJ.exe”
O4 - HKCU\..\Run: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\DOWNLO~1\COMMAN~3.EXE /r
O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU\..\Run: D:\Documenten en settings\Rob Veltman\Local Settings\Temporary Internet Files\Content.IE5\BJTTBARN\setup_241_3777_.exe
O4 - HKCU\..\Run: C:\Program Files\GameShadow\GameShadow.exe /q
O4 - HKCU\..\Run: C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKLM\..\Policies\Explorer\Run: D:\Documenten en settings\All Users\Application Data\zclsjsrc\zqhqlyrq.exe
O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\ctfmon.exe (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\ctfmon.exe (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: OpenOffice.org 2.0 .lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/229?e89ec88e816f4ff3869b6901d4ae18a4
O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/230?e89ec88e816f4ff3869b6901d4ae18a4
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://nrgsupport.webex.com/client/T25L/support/ieatgpc.cab
O20 - AppInit_DLLs: c:\windows\system32\__c006ca97.dat
O20 - Winlogon Notify: pmkjk - C:\WINDOWS\system32\pmkjk.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O24 - Desktop Component 0: (no name) - http://upload.wikimedia.org/wikipedia/commons/thumb/6/69/Citroen_Traction_Avant_White.jpg/250px-Citroen_Traction_Avant_White.jpg
–
End of file - 15491 bytes
Malwarebytes' Anti-Malware 1.44
Database versie: 3556
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
14-1-2010 1:28:13
mbam-log-2010-01-14 (01-28-13).txt
Scan type: Snelle Scan
Objecten gescand: 188515
Verstreken tijd: 16 minute(s), 51 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 3
Registersleutels geïnfecteerd: 85
Registerwaarden geïnfecteerd: 15
Registerdata bestanden geïnfecteerd: 1
Mappen geïnfecteerd: 20
Bestanden geïnfecteerd: 89
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
C:\Program Files\Mozilla Firefox\components\59c7c375-233d-a313-00d6-10fcc693baef.dll (Adware.Yoog) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\components\nsBrowserGal.dll (Trojan.Agent) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\components\nsdnser.dll (Trojan.Agent) -> Delete on reboot.
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\anonystat.anonystatbho (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\anonystat.anonystatbho.1 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\errorhelper.errorhelperbho (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f1951551-9185-4f16-a189-22a3c5c094af} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{395a9dbe-6e05-4b08-af2c-a48524e69b12} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{87c2d900-0ee3-4173-aa32-0c7ac204d5c8} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a817e7a2-43fa-11d0-9e44-00aa00b6770a} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e5512262-79ce-476b-acc8-c8bd594823d1} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5206b7bf-5b84-47a2-b952-77387f4778b8} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{94e90eca-b06b-4f17-be69-014cb5b79efe} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e82e0739-0aae-4e99-9052-b40f7dabfa34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e82e0739-0aae-4e99-9052-b40f7dabfa34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e82e0739-0aae-4e99-9052-b40f7dabfa34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\errorhelper.errorhelperbho.1 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pornpro.pornpro_bho (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pornpro.pornpro_bho.1 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0a2a22e9-c506-4079-94a9-3653b7927d69} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8fcdf9d9-a28b-480f-8c3d-581f119a8ab8} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0a2a22e9-c506-4079-94a9-3653b7927d69} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\223ebefb-90ea-05e3-4601-1a9da1bf2a9e (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalore (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchassistant (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgaloregames (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anonystat (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\contexttool (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\errorstool (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalorednhelper (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3526087e-2bce-2f6f-0e1b-5e211686d4c8} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3526087e-2bce-2f6f-0e1b-5e211686d4c8} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3526087e-2bce-2f6f-0e1b-5e211686d4c8} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5036c932-6410-b483-34ec-76bc63f4227d} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5036c932-6410-b483-34ec-76bc63f4227d} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5036c932-6410-b483-34ec-76bc63f4227d} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\BitDownload (Trojan.Swizzor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\CrucialSoft Ltd (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Solt Lake Software (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3p_usecnl_is1 (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpmsky (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Somefox (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45a09e62-b563-e478-2231-71c31d989cae} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{45a09e62-b563-e478-2231-71c31d989cae} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d138782a-95d4-5d3e-51d0-24a47a052c20} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d138782a-95d4-5d3e-51d0-24a47a052c20} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6fc6ee7-4695-cee2-f045-735649f11ac8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d6fc6ee7-4695-cee2-f045-735649f11ac8} (Trojan.BHO) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\msn (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\msnconvert (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\msnhost (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\msnload (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\msnmessendger (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msfox (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\somefox (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\.nvsvc (Trojan.Agent) -> Quarantined and deleted successfully.
Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.SearchPage) -> Bad: (http://www.iesearch.com/) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
D:\Documenten en settings\All Users\Application Data\CrucialSoft Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009 (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\Solt Lake Software (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009 (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Adzgalore Games Collection (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\anonystat (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\AntiSpywareExpert (Rogue.AntiSpywareExpert) -> Quarantined and deleted successfully.
C:\Program Files\contexttool (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\errorstool (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\Microsoft.VC80.CRT (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\Adzgalore Games Collection (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\BitDownload (Trojan.Swizzor) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\SecureExpertCleaner (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Application Data\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
Bestanden geïnfecteerd:
C:\Program Files\ErrorsTool\ErrorsTool-2.dll (Adware.PLayMP3z) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\223ebefb-90ea-05e3-4601-1a9da1bf2a9e.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adzgalore-remove.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\{3af1c463-f18f-aa21-dca6-f89270304aa7}.dll-uninst.exe (Trojan.BHO) -> Quarantined and deleted successfully.
D:\Documenten en settings\Margo Veltman\Local Settings\Temp\Component Update 228 (Adware.BHO) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\tmp7622.tmp (Trojan.BHO) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\upd16AB.tmp.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\upd222.tmp.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 213 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 353 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 572 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 588 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 885 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 916 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Setup.tmp (Adware.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 635 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 681 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 697 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\Component Update 853 (Adware.Adrotator) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temp\ProductPath\runbst.exe (Rogue.AntiSpywareSolution) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Local Settings\Temporary Internet Files\Content.IE5\3KRLOUK6\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Adzgalore Games Collection\BattlesOfHelicopters.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Adzgalore Games Collection\BobAndBill.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Adzgalore Games Collection\CrazyBlocks.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Adzgalore Games Collection\Lines.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Adzgalore Games Collection\uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Adzgalore Games Collection\VideoPool.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\anonystat\Anonystat.dat (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\anonystat\pcre3.dll (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\anonystat\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\AntiSpywareExpert\BL.dat (Rogue.AntiSpywareExpert) -> Quarantined and deleted successfully.
C:\Program Files\contexttool\ContextHelper.dat (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\contexttool\pcre3.dll (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\contexttool\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\errorstool\ErrorHelper.dat (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\errorstool\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\mfc80.dll (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\Microsoft.VC80.MFC.manifest (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\SEC.ico (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\SEC.xml (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\unins.ico (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\unins000.dat (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
C:\Program Files\SecureExpertCleaner\unins000.exe (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\Adzgalore Games Collection\Bob and Bill adventures - Wild Hunting.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\Adzgalore Games Collection\Crazy Blocks.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\Adzgalore Games Collection\Lines.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\Adzgalore Games Collection\The Battles Of Helicopters.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\Adzgalore Games Collection\Video Pool.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\BitDownload\BitDownload Downloads.lnk (Trojan.Swizzor) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\PlayMP3z\Run PlayMP3z.lnk (Adware.PLayMP3z) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\SecureExpertCleaner\Launch SecureExpertCleaner.lnk (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\SecureExpertCleaner\Uninstall SecureExpertCleaner.lnk (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\HotbarSA\HotbarSAEula.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\HotbarSA\HotbarSA_gdf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Application Data\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\Hotbar\Uninstall Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Application Data\avp.ico (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Bureaublad\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Emiel Veltman\Bureaublad\Free PC Wallpapers.lnk (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documenten en settings\Margo Veltman\Bureaublad\Free PC Wallpapers.lnk (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documenten en settings\Tessa Veltman\Bureaublad\Free PC Wallpapers.lnk (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documenten en settings\Margo Veltman\Bureaublad\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documenten en settings\Tessa Veltman\Bureaublad\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\59c7c375-233d-a313-00d6-10fcc693baef.dll (Adware.Yoog) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\components\6090c770-314e-9980-d0c4-01026f864898.dll (Adware.Yoog) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\nsBrowserGal.dll (Trojan.Agent) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\components\nsdnser.dll (Trojan.Agent) -> Delete on reboot.
D:\Documenten en settings\Rob Veltman\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Application Data\Microsoft\Internet Explorer\Quick Launch\SecureExpertCleaner.lnk (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully.
D:\Documenten en settings\All Users\Menu Start\Programma's\Opstarten\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
D:\Documenten en settings\Rob Veltman\Menu Start\Programma's\Opstarten\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AdzgaloreDNHelper-uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iednser.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\OEMLINK.ICO (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nsf14D.dll (Trojan.BHO) -> Quarantined and deleted successfully.
Ik heb alles gedaan wat is vermeld. Behalve Java, want dat tabblad Cache was er niet, dus ik wist niet wat ik dan moest verwijderen.
Mijn probleem is dat we constant pop-ups krijgen van advertenties. Verder een norton virusscanner die zichzelf start (wij hebben geen norton) en sinds een paar dagen een andere soort agressieve virusmelder die iedere paar minuten opduikt in mijn scherm en aangeeft dat we 32 virussen hebben en dat ik die zo snel mogelijk via de link moet verwijderen. Het lijkt iets van windows, en ook rechtsonder in de balk zijn er icoontjes geplaatst. Overigens lijken die nu weg te zijn.
Ik heb verder niets met hijack gedaan, ik vraag me wel af wat ik daar nu verder mee moet.
Maar misschien is hiermee het probleem allemaal al opgelost?
groetjes Margo
