Trojaans paard downloader small hgx
- Onderwerp starter eeyk
- Startdatum
- Status
vanschagen
Banned
- Lid geworden
- 26 nov 2001
- Berichten
- 16.735
:dok ben van avg meldingen af maar nu krijg ik steeds popups van
66.230.188.67 deze ip
gelukkig blokkeer mijn Ad-aware scanner die
Anti malware resultaat
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversie: 4361
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
28-7-2010 9:27:51
mbam-log-2010-07-28 (09-27-51).txt
Scantype: Snelle scan
Objecten gescand: 147699
Verstreken tijd: 8 minuut/minuten, 5 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 8
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 1
Mappen geïnfecteerd: 4
Bestanden geïnfecteerd: 55
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8152a0b9-deb6-476e-bc67-175b19080a8a} (Adware.TargetWebAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7233cf20-0ba7-4fc2-879e-04cef6439f90} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\TG0PTF86JH (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XA5RJ9EADJ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://flvdirect.iamwired.net/) Good: (http://www.google.com) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
C:\Program Files\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
Bestanden geïnfecteerd:
C:\Users\patric\AppData\Local\Temp\133B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\13D8.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\25F0.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\265E.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\3D95.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\3DE4.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\45BF.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\466C.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\C885.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\C931.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\616A.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\AC1F.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\CA6A.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\ACDC.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\CA6B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D033.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D16C.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D513.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D5BF.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E00B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E163.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E893.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E9BC.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\F291.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\F3BB.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\62B2.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\64E3.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\658F.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\6A70.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\796C.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\799B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\8954.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\89D2.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\8F8B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\9141.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\A0AB.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\A2DD.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
66.230.188.67 deze ip
gelukkig blokkeer mijn Ad-aware scanner die
Anti malware resultaat
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversie: 4361
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
28-7-2010 9:27:51
mbam-log-2010-07-28 (09-27-51).txt
Scantype: Snelle scan
Objecten gescand: 147699
Verstreken tijd: 8 minuut/minuten, 5 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 8
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 1
Mappen geïnfecteerd: 4
Bestanden geïnfecteerd: 55
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8152a0b9-deb6-476e-bc67-175b19080a8a} (Adware.TargetWebAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7233cf20-0ba7-4fc2-879e-04cef6439f90} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\TG0PTF86JH (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XA5RJ9EADJ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://flvdirect.iamwired.net/) Good: (http://www.google.com) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
C:\Program Files\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
Bestanden geïnfecteerd:
C:\Users\patric\AppData\Local\Temp\133B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\13D8.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\25F0.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\265E.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\3D95.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\3DE4.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\45BF.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\466C.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\C885.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\C931.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\616A.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\AC1F.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\CA6A.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\ACDC.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\CA6B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D033.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D16C.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D513.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\D5BF.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E00B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E163.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E893.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\E9BC.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\F291.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\F3BB.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\62B2.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\64E3.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\658F.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\6A70.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\796C.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\799B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\8954.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\89D2.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\8F8B.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\9141.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\A0AB.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\patric\AppData\Local\Temp\A2DD.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
Laatst bewerkt:
- Status
