Hijackthis log ivm Istbar.JS(trj) en nog meer

Status
Niet open voor verdere reacties.
S

samarsanasb

Gebruiker
Lid geworden
8 nov 2004
Berichten
8
Here is de log:

Logfile of HijackThis v1.98.2
Scan saved at 14:00:05, on 10-11-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\System32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
H:\WINDOWS\AGRSMMSG.exe
H:\Program Files\Analog Devices\SoundMAX\SMTray.exe
H:\Program Files\Real\RealPlayer\RealPlay.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
H:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
H:\WINDOWS\System32\ctfmon.exe
H:\Program Files\Yahoo!\Messenger\ypager.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\MSN Messenger\msnmsgr.exe
H:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
H:\Program Files\WinZip\WZQKPICK.EXE
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
H:\Program Files\Ahead\InCD\InCDsrv.exe
H:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
H:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
H:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
H:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
H:\WINDOWS\System32\wuauclt.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\PROGRA~1\WINZIP\winzip32.exe
H:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - H:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroCheck] H:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] H:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATIPTA] H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SetIcon] C:\Program Files\Icons\SetIcon.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Smapp] H:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [RealTray] H:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] H:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [McAfee Guardian] "H:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] H:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "H:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Global Startup: WinZip Quick Pick.lnk = H:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://h:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Gelijkwaardige pagina's - res://h:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://h:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://h:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Yahoo! Dictionary - file:///H:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///H:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - H:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1099861644139
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp03.photoprintit.de/microsite/5/defaults/activex/XUpload.ocx
 
Hoi samarsanasb,

1. Start HijackThis, en vink onderstaande regels aan:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
Klik om te vergroten...

2. Sluit alle andere vensters en browsers, en klik op de knop “Fix Checked”.

3. Start opnieuw op, maak een nieuw logje aan, en post dat hier.
 
Hijackthis log na fixen

Logfile of HijackThis v1.98.2
Scan saved at 10:53:25, on 13-11-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\System32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Ahead\InCD\InCD.exe
H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
H:\WINDOWS\AGRSMMSG.exe
H:\Program Files\Analog Devices\SoundMAX\SMTray.exe
H:\Program Files\Real\RealPlayer\RealPlay.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
H:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
H:\WINDOWS\System32\ctfmon.exe
H:\Program Files\Yahoo!\Messenger\ypager.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\MSN Messenger\msnmsgr.exe
H:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
H:\Program Files\WinZip\WZQKPICK.EXE
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
H:\Program Files\Ahead\InCD\InCDsrv.exe
H:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
H:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
H:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
H:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
H:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - H:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroCheck] H:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] H:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATIPTA] H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SetIcon] C:\Program Files\Icons\SetIcon.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Smapp] H:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [RealTray] H:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] H:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [McAfee Guardian] "H:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] H:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "H:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Global Startup: WinZip Quick Pick.lnk = H:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://h:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Gelijkwaardige pagina's - res://h:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://h:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://h:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Yahoo! Dictionary - file:///H:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///H:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - H:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1099861644139
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp03.photoprintit.de/microsite/5/defaults/activex/XUpload.ocx
 
Istbar.js(trj)

Ik heb nog na fixen van de log via avast : Istbar.js(trj) en kan ik hem niet via avast verwijderen.
 
Je logje is schoon. Waar wordt die trojan gevonden? (Welke map)
 
Istbar.js(trj) gevonden in de log van avast!

4-10-2004 0:44:28 SUMMER\Haleh 2696 Sign of "Win32:IstBar-K [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\2VIP4JGV\0006_regular[1].cab\istactivex.dll" file.
24-10-2004 0:45:39 SUMMER\Haleh 2696 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].htm" file.
24-10-2004 15:00:24 SUMMER\Haleh 3392 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].php\prompt[1]" file.
25-10-2004 11:52:51 SUMMER\Haleh 2632 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].php\prompt[1]" file.
29-10-2004 19:14:20 SUMMER\Haleh 1536 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].php\prompt[1]" file.
29-10-2004 20:15:55 SUMMER\Haleh 2568 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].php\prompt[1]" file.
2-11-2004 9:49:47 SUMMER\Haleh 3460 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].php\prompt[1]" file.
2-11-2004 21:31:54 SUMMER\Haleh 2944 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].php\prompt[1]" file.
12-11-2004 23:15:30 NT AUTHORITY\SYSTEM 1952 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\GXAJ412N\prompt[1].htm" file.
12-11-2004 23:16:32 NT AUTHORITY\SYSTEM 1952 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].htm" file.
14-11-2004 0:20:20 SUMMER\Haleh 2152 Sign of "JS:Istbar [Trj]" has been found in "H:\Documents and Settings\Haleh\Local Settings\Temporary Internet Files\Content.IE5\4SC3UE8C\prompt[1].php\prompt[1]" file.
 
Goed, dat maakt al een hoop duidelijk :)

Download dit programma:
CleanUp!

Draai het, start opnieuw op, en draai het weer.

Start voor een laatste keer opnieuw op, en draai Avast nogmaals. Nu zouden bovenstaande "trojans" verdwenen moeten zijn :)
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan