Mededeling

Collapse
No announcement yet.

veel genummerde.exe's in C:\Windows

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • veel genummerde.exe's in C:\Windows

    Beste mensen,

    Ik ben al een paar dagen met een zwaar vergiftigd systeem bezig.
    Bij een online scan bij Eset werd er nog een verdachte gevonden en die is gewist volgens de log.
    -----------------------------
    # version=4
    # OnlineScanner.ocx=1.0.0.635
    # OnlineScannerDLLA.dll=1, 0, 0, 79
    # OnlineScannerDLLW.dll=1, 0, 0, 78
    # OnlineScannerUninstaller.exe=1, 0, 0, 49
    # vers_standard_module=3006 (20080407)
    # vers_arch_module=1.064 (20080214)
    # vers_adv_heur_module=1.064 (20070717)
    # EOSSerial=53d2c8e424010541aeb30cb2aa9d3924
    # end=finished
    # remove_checked=true
    # unwanted_checked=true
    # utc_time=2008-04-07 12:57:37
    # local_time=2008-04-07 02:57:37 (+0100, West-Europa (standaardtijd))
    # country="Netherlands"
    # osver=5.1.2600 NT Service Pack 2
    # scanned=913166
    # found=1
    # scan_time=6894
    # nod_component=NOD32MOD_WINNT_DUTCH_BASE Build:0x11081627 (NOD32 voor Windows NT/2000/XP/2003 - Basis)
    # nod_component=NOD32MOD_WINNT_DUTCH_INET Build:0x11081627 (NOD32 voor Windows NT/2000/XP/2003 - Internetondersteuning)
    # nod_component=NOD32MOD_WINNT_DUTCH_STANDARD Build:0x11081627 (NOD32 for Windows NT/2000/XP/2003 - Standaard component)
    C:\WINDOWS\37709.exe probably unknown NewHeur_PE virus (unable to clean - deleted) 00000000000000000000000000000000
    ---------------------
    Toen ben ik daar maar eens verder gaan kijken en trof ik talloze genummerde.exe's aan. Allemaal gecomprimeerd en met een aangegeven grootte van 0 Kb. Bij de eigenschappen is nauwelijks informatie te vinden.
    Ik vroeg me af of ik die klakkeloos zou wissen. Dat deed ik in het Malware forum en die stuurden me met een HJT-log hier naartoe door.


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:45:36, on 7-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\1\Bureaublad\kaping\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

    --
    End of file - 6601 bytes
    ==========================

    Ik hoop wat gouden tips/adviezen te krijgen

  • #2
    Download Malwarebytes' Anti-Malware op je bureaublad.
    Dubbelklik mbam-setup.exe en kies voor "Next" om de tool te installeren.
    Als de installatie voltooid is zet je vinkjes bij "Update MalwareBytes' Anti-Malware" en bij "Launch MalwareBytes' Anti-Malware".
    Druk daarna op "Finish".
    Kies in het hoofdscherm voor de tab "Scanner" en selecteer het keuzerondje "Perform full scan".
    Druk op de knop "Scan" en zorg dat al je harde schijven/partities aangevinkt staan.
    Druk dan op de knop "Start Scan".
    Wanneer de scan voltooid is klik je op OK, daarna op "Show Results" om de resultaten te zien.
    Zorg ervoor dat alles aangevinkt is, klik daarna op "Remove Selected".
    Als het programma je computer wil laten herstarten, sta je dit toe.
    Daarna opent een logje(mbam-log-XX-XX-XXXX(xx-xx-xx).txt)
    Post deze log in je volgende bericht tesamen met een nieuw logje van Hijackthis

    Comment


    • #3
      nieuwe logjes

      De resultaten van Malwarebytes±
      --------------------------------
      Malwarebytes' Anti-Malware 1.11
      Database versie: 604

      Scan type: Volledige Scan (C:\|E:\|)
      Objecten gescand: 207338
      Verstreken tijd: 1 hour(s), 0 minute(s), 49 second(s)

      Geheugenprocessen geïnfecteerd: 0
      Geheugenmodulen geïnfecteerd: 0
      Registersleutels geïnfecteerd: 28
      Registerwaarden geïnfecteerd: 0
      Registerdata bestanden geïnfecteerd: 0
      Mappen geïnfecteerd: 11
      Bestanden geïnfecteerd: 156

      Geheugenprocessen geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Geheugenmodulen geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Registersleutels geïnfecteerd:
      HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoEgg.ActiveXLoader (Adware.VideoEgg) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoEgg.ActiveXLoader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.

      Registerwaarden geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Registerdata bestanden geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Mappen geïnfecteerd:
      C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4115 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152 (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Updater\4115 (Adware.VideoEgg) -> Quarantined and deleted successfully.

      Bestanden geïnfecteerd:
      C:\Program Files\VideoEgg\Loader\4115\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4115\dbghelp.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\dataCollection.tmp (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\dbghelp.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\remoteblacklist (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Publisher\4152\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Updater\4115\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Frenky\Application Data\VideoEgg\Updater\4115\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\p.log (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\c.log (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\ClickToFindandFixErrors_Intl.ico (Malware.Trace) -> Quarantined and deleted successfully.
      ----------------------------------------
      En de nieuwe HJT:
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 23:06:02, on 9-4-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16608)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\ATKKBService.exe
      E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\system32\cisvc.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
      C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
      C:\WINDOWS\system32\cidaemon.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Documents and Settings\Frenky\Bureaublad\kaping\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe"
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
      O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
      O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
      O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
      O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
      O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

      --
      End of file - 8362 bytes

      °°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
      Overigen stopte Malwarebytes de eerste keer spontaan met scannen na een minuut of 5. De tweede keer dat ik het startte liep het meer dan een uur. Tot mijn verbazing werden er veel´items´ gevonde op de tweede HD die ik in de log niet terug zie.

      Na de mwb-scan en de hjt gaf teatimer twee meldingen over registerwijzigingen. De eerste ging over SCR extension handler. En volgens mij hield de tweede melding daar ook verband mee.

      Ik wacht op nieuwe info. En tot zover alvast bedankt!

      pablo k
      Last edited by blokkendoos; 09-04-08, 23:14.

      Comment


      • #4
        Download dit bestand: zoek.exe
        Dubbelklik het, na een tijdje opent er een logje.
        Post de inhoud van dit logje in je volgende bericht

        Comment


        • #5
          log van zoeken.exe

          Beste Smeenk,
          Hierbij de nieuwe log van zoeken.exe

          ======C:\WINDOWS====
          ----a-w 0 2008-04-10 08:09:53 C:\WINDOWS\0.log
          --s-a-w 2,048 2008-04-10 08:08:57 C:\WINDOWS\bootstat.dat
          ----a-w 10,447 2008-04-09 21:21:40 C:\WINDOWS\comsetup.log
          ----a-w 30,913 2008-04-09 21:21:40 C:\WINDOWS\FaxSetup.log
          ----a-w 33,235 2008-04-09 21:21:40 C:\WINDOWS\iis6.log
          ----a-w 49 2008-04-07 15:11:28 C:\WINDOWS\iltwain.ini
          ----a-w 1,355 2008-04-09 21:20:59 C:\WINDOWS\imsins.BAK
          ----a-w 1,355 2008-04-09 21:21:40 C:\WINDOWS\imsins.log
          ----a-w 18,006 2008-04-09 21:20:59 C:\WINDOWS\KB941693.log
          ----a-w 8,367 2008-04-07 10:31:52 C:\WINDOWS\KB944533-IE7.log
          ----a-w 12,165 2008-04-09 21:17:47 C:\WINDOWS\KB945553.log
          ----a-w 19,604 2008-04-09 21:20:50 C:\WINDOWS\KB947864-IE7.log
          ----a-w 12,058 2008-04-09 21:19:52 C:\WINDOWS\KB948590.log
          ----a-w 13,295 2008-04-09 21:21:40 C:\WINDOWS\KB948881.log
          ----a-w 2,125 2008-04-09 21:21:40 C:\WINDOWS\MedCtrOC.log
          ----a-w 1,545 2008-04-09 21:21:40 C:\WINDOWS\msgsocm.log
          ----a-w 9,366 2008-04-09 21:21:39 C:\WINDOWS\msmqinst.log
          -c--a-w 69 2008-04-08 07:09:02 C:\WINDOWS\NeroDigital.ini
          ----a-w 5,415 2008-04-09 21:21:40 C:\WINDOWS\netfxocm.log
          ----a-w 268,880 2008-04-08 06:43:51 C:\WINDOWS\ntbtlog.txt
          ----a-w 6,325 2008-04-09 21:21:40 C:\WINDOWS\ntdtcsetup.log
          ----a-w 14,580 2008-04-09 21:21:40 C:\WINDOWS\ocgen.log
          ----a-w 1,930 2008-04-09 21:21:40 C:\WINDOWS\ocmsn.log
          -c--a-w 379 2008-04-08 09:32:30 C:\WINDOWS\ODBC.INI
          ----a-w 32 2008-04-08 07:43:08 C:\WINDOWS\pavsig.txt
          ----a-w 8,140 2008-04-09 21:21:55 C:\WINDOWS\SchedLgU.Txt
          ----a-w 300 2008-04-08 09:54:15 C:\WINDOWS\setupact.log
          ----a-w 42,395 2008-04-08 07:25:14 C:\WINDOWS\setupapi.log
          ----a-w 0 2008-04-07 13:37:44 C:\WINDOWS\setuperr.log
          -c--a-w 227 2008-04-07 08:12:46 C:\WINDOWS\system.ini
          ----a-w 1,555 2008-04-09 21:21:40 C:\WINDOWS\tabletoc.log
          ----a-w 14,105 2008-04-09 21:21:40 C:\WINDOWS\tsoc.log
          ----a-w 5,099 2008-04-09 21:20:32 C:\WINDOWS\updspapi.log
          -c--a-w 809 2008-04-08 07:36:00 C:\WINDOWS\win.ini
          ----a-w 174,402 2008-04-10 08:11:06 C:\WINDOWS\WindowsUpdate.log
          -c--a-w 373 2008-04-03 16:25:51 C:\WINDOWS\wininit.ini

          Entries: 36 (35)
          Directories: 0 Files: 36
          Bytes: 720,948 Blocks: 1,425
          ======C:\WINDOWS\system32=====
          -c--a-w 8 2008-03-26 18:57:55 C:\WINDOWS\System32\.event.log
          ----a-w 0 2008-04-08 07:44:26 C:\WINDOWS\System32\asfiles.txt
          -c--a-w 1,417,712 2008-04-10 08:09:12 C:\WINDOWS\System32\FNTCACHE.DAT
          ----a-w 1,406 2008-04-08 07:43:03 C:\WINDOWS\System32\Help.ico
          ----a-w 298,104 2008-04-07 08:26:38 C:\WINDOWS\System32\imon.dll
          ----a-w 6,300 2008-04-06 14:34:41 C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log
          ----a-w 74,703 2008-04-04 13:35:28 C:\WINDOWS\System32\mfc45.dll
          -c--a-w 19,836,024 2008-04-06 05:56:20 C:\WINDOWS\System32\MRT.exe
          ----a-w 30,590 2008-04-08 07:43:03 C:\WINDOWS\System32\pavas.ico
          ----a-w 63,644 2008-04-01 14:24:58 C:\WINDOWS\System32\perfc009.dat
          ----a-w 83,386 2008-04-01 14:24:59 C:\WINDOWS\System32\perfc013.dat
          ----a-w 406,636 2008-04-01 14:24:59 C:\WINDOWS\System32\perfh009.dat
          ----a-w 472,260 2008-04-01 14:24:59 C:\WINDOWS\System32\perfh013.dat
          -c--a-w 1,038,350 2008-04-01 14:24:57 C:\WINDOWS\System32\PerfStringBackup.INI
          ----a-w 1,544 2008-04-08 09:51:00 C:\WINDOWS\System32\tmp.reg
          ----a-w 0 2008-04-08 09:51:00 C:\WINDOWS\System32\tmp.txt
          ----a-w 2,550 2008-04-08 07:43:03 C:\WINDOWS\System32\Uninstall.ico
          ----a-w 1,845,376 2008-03-20 08:10:47 C:\WINDOWS\System32\win32k.sys
          -c--a-w 13,646 2008-04-10 08:10:39 C:\WINDOWS\System32\wpa.dbl

          Entries: 19 (19)
          Directories: 0 Files: 19
          Bytes: 25,592,239 Blocks: 49,994
          ======C:\WINDOWS\system32\drivers=====
          ----a-w 512,096 2008-04-07 08:26:37 C:\WINDOWS\System32\drivers\amon.sys
          ----a-w 821,856 2008-04-06 19:26:19 C:\WINDOWS\System32\drivers\avg7core.sys
          ----a-w 4,224 2008-04-04 15:55:06 C:\WINDOWS\System32\drivers\avg7rsw.sys
          ----a-w 27,776 2008-04-04 15:55:07 C:\WINDOWS\System32\drivers\avg7rsxp.sys
          ----a-w 10,760 2008-04-06 19:26:32 C:\WINDOWS\System32\drivers\avgclean.sys
          ----a-w 26,952 2008-04-06 19:26:31 C:\WINDOWS\System32\drivers\avgmfx86.sys
          ----a-w 4,960 2008-04-04 15:55:13 C:\WINDOWS\System32\drivers\avgtdi.sys
          ----a-w 15,424 2008-04-07 08:26:36 C:\WINDOWS\System32\drivers\nod32drv.sys

          Entries: 8 (8)
          Directories: 0 Files: 8
          Bytes: 1,424,048 Blocks: 2,787
          =======C:\Program Files=====
          Entries: 0 (0)
          Directories: 0 Files: 0
          Bytes: 0 Blocks: 0
          =======C:=====
          --sha-r 211 2008-04-07 08:12:46 C:\boot.ini
          --sha-w 1,509,949,440 2008-04-10 08:08:44 C:\pagefile.sys
          ----a-w 232,321 2008-04-08 09:51:46 C:\rapport.txt
          ----a-w 133 2008-04-06 11:29:14 C:\VundoFix.txt

          Entries: 4 (2)
          Directories: 0 Files: 4
          Bytes: 1,510,182,105 Blocks: 2,949,576
          ======C:\Documents and Settings\Frenky\Application Data======
          Entries: 0 (0)
          Directories: 0 Files: 0
          Bytes: 0 Blocks: 0
          ======C:\Temp======
          ----a-w 2,049,391 2008-03-16 13:39:54 C:\Temp\Rihanna - Don-t StopThe Music [2007][SkidVid].3gp

          Entries: 1 (1)
          Directories: 0 Files: 1
          Bytes: 2,049,391 Blocks: 4,003
          ======C:\Documents and Settings\Frenky======
          ----a-w 114 2008-03-20 21:06:01 C:\Documents and Settings\Frenky\default.pls
          ----a-w 9,437,184 2008-04-09 21:22:03 C:\Documents and Settings\Frenky\NTUSER.DAT
          ---ha-w 28,672 2008-04-10 08:13:45 C:\Documents and Settings\Frenky\NTUSER.DAT.LOG
          -csh--w 288 2008-04-09 21:16:10 C:\Documents and Settings\Frenky\ntuser.ini

          Entries: 4 (2)
          Directories: 0 Files: 4
          Bytes: 9,466,258 Blocks: 18,490
          ======C:\WINDOWS\Downloaded Program Files====
          Entries: 0 (0)
          Directories: 0 Files: 0
          Bytes: 0 Blocks: 0
          =============

          Comment


          • #6
            Heb je nog problemen?

            Comment


            • #7
              reactie op vraag van Smeenk

              Smeenk,

              Om je vraag te beantwoorden: niet dat ik merk.

              Ik neem aan dat je bedoelt dat je in de logbestanden geen aanleiding meer ziet voor mogelijke problemen?
              Dan zullen we het maar weer gaan proberen met het ding.

              Bedankt voor je inzet en hulp!!

              pablo k

              Comment


              • #8
                Graag gedaan hoor, ik zie inderdaad niets verdachts meer

                Doe dit nog maar even:

                Download ATF cleaner (mirror)(gemaakt door Atribune)

                Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

                Dubbelklik op ATF cleaner om het programma te starten.
                Op het tabblad "Main", plaats je een vinkje bij Select All.
                Klik op de knop Empty Selected.

                Het volgende doen als je ook FireFox als browser hebt:
                Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                (dit haalt het vinkje weer weg bij "Firefox saved passwords")
                Klik op de knop Empty Selected.

                Het volgende doen als je ook Opera als browser hebt:
                Klik op tabblad "Opera", plaats een vinkje bij Select All.
                Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                Klik op de knop Empty Selected.
                Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

                Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
                Kijk hier hoe je je systeemherstel moet uitschakelen.
                Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

                Dan denk ik dat we klaar zijn

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X