Vraag & Antwoord

Beveiliging & privacy

family probleem!

Anoniem
None
37 antwoorden
  • hello fooks hier een logje om te controleren van mijn nichtje!

    Logfile of HijackThis v1.99.1
    Scan saved at 19:37:37, on 23-3-2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\WINDOWS\Explorer.EXE
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
    c:\program files\mcafee.com\vso\mcvsshld.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\Service.exe
    C:\WINDOWS\System32\RaConfig2500.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\DSB\dsb.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.startpagina.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    Koppelingen
    R3 - URLSearchHook: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} -
    C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
    Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} -
    C:\Program Files\RXToolBar\sfcont.dll (file missing)
    O2 - BHO: CIEPl Object - {F85E86D8-F796-4C97-AAA2-26664A98A42C} -
    C:\WINDOWS\System32\bin32.dll
    O2 - BHO: (no name) - {FD213033-4905-45B7-AE02-44B864C09B37} -
    C:\WINDOWS\System32\sdgttpfa.dll
    O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} -
    C:\Program Files\RXToolBar\RXToolBar.dll (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
    c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [RaConfig2500.EXE] RaConfig2500.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20002\winlogon.exe
    O4 - HKLM\..\Run: [E-nrgyPlus] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe
    O4 - HKLM\..\Run: [AdsBlocker] C:\Program Files\AdsBlocker\stopAds.exe
    O4 - HKLM\..\Run: [DSB] C:\Program Files\DSB\dsb.exe
    O4 - HKLM\..\Run: [SHA256] C:\Program Files\SHA256\secure.exe
    O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [Windows Update AutoUpdate Client]
    C:\WINDOWS\System32\winupd\wuauclt.exe
    O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe
    O4 - HKLM\..\Run: [WIZZ] C:\Program Files\WIZZ\dazzler.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
    /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program
    Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe"
    /background
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE
    C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [qicxifud] C:\WINDOWS\System32\qicxifud.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program
    Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft
    Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Search -
    http://kn.bar.need2find.com/KN/menusearch.html?p=KN
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\MICROS~1\Office10\EXCEL.EXE/3000
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
    Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
    http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
    http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
    http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
    O17 -
    HKLM\System\CCS\Services\Tcpip\..\{4CA4971A-31F8-45E3-9689-576A4E0E726E}:
    NameServer = 62.108.1.67,0.0.0.0
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: bin32 - C:\WINDOWS\SYSTEM32\bin32.dll
    O21 - SSODL: IEFilter - {DC01F512-1B98-4953-9328-66553E7934B8} -
    C:\WINDOWS\system32\IEFilter.dll (file missing)
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
    c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
    Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
    Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
    C:\WINDOWS\System32\nvsvc32.exe


    grtjes and thanx….. :D
  • bij een volgende keer gaarne een druk op de knop geven met [b:9264e57d8e]nieuw antwoord[/b:9264e57d8e] en niet [b:9264e57d8e]nieuw onderwerp[/b:9264e57d8e]
    blijven de topics overzichtelijker

    bvd
  • [quote:0bd592b560="M@rc"]
    Ga naar Start - Uitvoeren en tik in: notepad.exe
    Klik op OK.

    Ga in Kladblok naar Opmaak, en haal het vinkje voor "Automatische terugloop" weg.
    Sluit Notepad terug af.

    Maak een nieuwe HijackThislog. Post deze.[/quote:0bd592b560]

    Dat gaat het logje makkelijker leesbaar maken.

    Ik zal even wat in elkaar steken om dit te verwijderen. Je hoort nog van me.
  • Download the Avenger: http://swandog46.geekstogo.com/avenger.zip
    Plaatst het op je desktop en unzip het programma.
    Sluit alle open venster en sla al je werk op. De computer zal zo dadelijk herstarten.
    Open de map Avenger op je bureaublad en dubbelklik op Avenger.exe om het programma te starten.
    In het venster "script file to execute", zorg je dat "Input script manually" geselecteerd is.
    Rechtsklik op de knop met het vergrootglas.
    Er opent een venster "View/edit script".
    Hierin kopieer en plak je het volgende:
    [code:1:f5606235fd]Files to delete:
    C:\WINDOWS\SYSTEM32\bin32.dll
    C:\WINDOWS\SYSTEM32\23nib.dll
    C:\WINDOWS\System32\sdgttpfa.dll

    Registry keys to delete:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F85E86D8-F796-4C97-AAA2-26664A98A42C}
    HKLM\SOFTWARE\Classes\{F85E86D8-F796-4C97-AAA2-26664A98A42C}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
    HKLM\SOFTWARE\Classes\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bin32
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}
    HKLM\SOFTWARE\Classes\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD213033-4905-45B7-AE02-44B864C09B37}
    HKLM\SOFTWARE\Classes\{FD213033-4905-45B7-AE02-44B864C09B37}
    HKLM\SOFTWARE\Classes\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}

    Registry values to delete:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | {DC01F512-1B98-4953-9328-66553E7934B8}
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {25D8BACF-3DE2-4B48-AE22-D659B8D835B0}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | AdsBlocker
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | DSB
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | SHA256
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | Windows Update AutoUpdate Client
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | WIZZ
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | qicxifud

    Folders to delete:
    C:\Program Files\RXToolBar
    C:\Program Files\SHA256
    C:\Program Files\DSB
    C:\Program Files\AdsBlocker
    C:\Program Files\WIZZ[/code:1:f5606235fd]
    Klik daarna op de knop "Done" om het venster te sluiten.
    Klik op de knop met het "groene lichtje" om de fix te starten.
    De computer zal herstarten.
    Na herstart opent er een kladblok bestand. Post de inhoud van dit bestand.
    Maak een nieuwe hijackthislog en post deze ook.
  • vraagje van mijn nichtje!

    Hoi,

    Heb the avenger gedownload, uitgepakt en geopend. In venster 'script file to
    execute' heb de 'input script manually' geselecteerd en daarna ingeklikt op
    het vergrootglas. Er opent inderdaad een venster 'view/edit script' alleen
    de volgende stap staat dat ik de hieronder beschreven bestanden (zie files
    to delete, registry keys to delete, registry values to delete) moet kopieren
    en plakken.
    En mijn vraag is hoe ik dat dan moet doen? Waar kan ik deze bestanden vinden
    en hoe kan ik ze in het venster 'view/edit script' kopieren en plakken, want
    er zit helemaal geen menu bij dit venster. Of moet ik ze handmatig al deze
    bestanden intypen (lijkt me niet, mr weet niet)?


    groetjes
  • Via kopiëren en plakken moet het lukken.
  • Hoi,


    Heb net de bestanden uit het mailtje gekopieerd en geplakt in het venster
    'view/edit script', dit heb ik op twee manieren gedaan.
    Ten eerste heb ik alles wat in het mailtje staat gekopieerd, dus van 'code:,
    files to delete… t/m….c:\Program Files\WIZZ. Maar na de knop 'done' om
    venster te sluiten en de knop 'groen lichtje' in te klikken, geeft de
    Avenger de volgende foutmelding: syntax error in line — does not appear to
    be a valid registry path. line will be ignored.
    Bij de tweede poging heb ik alleen de bestanden gekopieerd, dus
    C\WINDOWS\SYSTEM32\bin32.dll, HKLM\SOFTWARE\Microsoft\Windows…. etcetera
    tot en met C:\Program Files\WIZZ
    Nu geeft de Avenger de volgende foutmelding: Error: selected file does not
    appear to be a valid script.

    Hoe moet ik nu die bestanden invoeren?

    grt :)
  • Files to delete:
    C:\WINDOWS\SYSTEM32\bin32.dll
    C:\WINDOWS\SYSTEM32\23nib.dll
    C:\WINDOWS\System32\sdgttpfa.dll

    Registry keys to delete:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F85E86D8-F796-4C97-AAA2-26664A98A42C}
    HKLM\SOFTWARE\Classes\{F85E86D8-F796-4C97-AAA2-26664A98A42C}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
    HKLM\SOFTWARE\Classes\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bin32
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}
    HKLM\SOFTWARE\Classes\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD213033-4905-45B7-AE02-44B864C09B37}
    HKLM\SOFTWARE\Classes\{FD213033-4905-45B7-AE02-44B864C09B37}
    HKLM\SOFTWARE\Classes\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}

    Registry values to delete:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | {DC01F512-1B98-4953-9328-66553E7934B8}
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {25D8BACF-3DE2-4B48-AE22-D659B8D835B0}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | AdsBlocker
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | DSB
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | SHA256
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | Windows Update AutoUpdate Client
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | WIZZ
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | qicxifud

    Folders to delete:
    C:\Program Files\RXToolBar
    C:\Program Files\SHA256
    C:\Program Files\DSB
    C:\Program Files\AdsBlocker
    C:\Program Files\WIZZ
  • Zie mijn vorige post.
    Enkel dat moet je kopiëren en in het venster plakken.
    Het woordje code mag er niet bij staan.
  • En als het dan nog niet lukt, dan doe je dit:
    Download dit bestandje: http://users.telenet.be/marcvn/temp/martyfix.txt
    en plaats het direct op je c:\
    Het volledige pad naar het bestand zal dan zijn: c:\martyfix.txt

    Open op je bureaublad de map Avenger en dubbelklik op Avenger.exe om het programma te starten.
    In het venster "script file to execute", zorg je dat "Load script from file" geselecteerd is.
    Klik op het knopje met het gele mapje en ga naar dit bestand: [b:c2b40944a6]c:\martyfix.txt[/b:c2b40944a6]

    Klik op de knop met het "groene lichtje" om de fix te starten.
    Na herstart opent er een kladblok bestand. Post de inhoud van dit bestand.
  • Hoi,


    Heb net de avenger uitgevoerd. Hierbij het gevraagde avanger- bestandje en
    de nieuwe hijack logje. Wel moet ik even erbij vermelden dat na de avenger
    uitgevoerd te hebben, heel vaak mijn pc
    moet opstarten en dan nog doet mijn internet het niet en programma's als msn
    messenger en windows media player. De pc sluit ook niet af en start telkens
    opnieuw op. Hij blokkeert waarschijnlijk iets. Mr heb geen melding meer van
    het virus trojaanse paard 'vundo' gekregen.



    groetjes

    //////////////////////////////////////////
    Avenger Pre-Processor log
    //////////////////////////////////////////

    Syntax error in line — does not appear to be a valid registry path. Line will be ignored.
    Error code: 0
    Line: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | qicxifud


    //////////////////////////////////////////


    Logfile of The Avenger version 1, by Swandog46
    Running from registry key:
    \Registry\Machine\System\CurrentControlSet\Services\xspdsogd

    *******************

    Script file located at: \??\C:\Documents and Settings\vxxje^fo.txt
    Script file opened successfully.

    Script file read successfully

    Backups directory opened successfully at C:\Avenger

    *******************

    Beginning to process script file:

    File C:\WINDOWS\SYSTEM32\bin32.dll deleted successfully.


    File C:\WINDOWS\SYSTEM32\23nib.dll not found!
    Deletion of file C:\WINDOWS\SYSTEM32\23nib.dll failed!

    Could not process line:
    C:\WINDOWS\SYSTEM32\23nib.dll
    Status: 0xc0000034

    File C:\WINDOWS\System32\sdgttpfa.dll deleted successfully.


    Folder C:\Program Files\RXToolBar not found!
    Deletion of folder C:\Program Files\RXToolBar failed!

    Could not process line:
    C:\Program Files\RXToolBar
    Status: 0xc0000034

    Folder C:\Program Files\SHA256 deleted successfully.
    Folder C:\Program Files\DSB deleted successfully.
    Folder C:\Program Files\AdsBlocker deleted successfully.
    Folder C:\Program Files\WIZZ deleted successfully.
    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F85E86D8-F796-4C97-AAA2-26664A98A42C} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{F85E86D8-F796-4C97-AAA2-26664A98A42C} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{F85E86D8-F796-4C97-AAA2-26664A98A42C} failed!
    Status: 0xc0000034

    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} failed!
    Status: 0xc0000034

    Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bin32 deleted successfully.
    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} failed!
    Status: 0xc0000034

    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD213033-4905-45B7-AE02-44B864C09B37} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{FD213033-4905-45B7-AE02-44B864C09B37} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{FD213033-4905-45B7-AE02-44B864C09B37} failed!
    Status: 0xc0000034



    Registry key HKLM\SOFTWARE\Classes\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} failed!
    Status: 0xc0000034



    Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad|{DC01F512-1B98-4953-9328-66553E7934B8}
    Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad|{DC01F512-1B98-4953-9328-66553E7934B8} failed!
    Status: 0xc0000034

    Registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AdsBlocker deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DSB deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SHA256 deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Update AutoUpdate Client deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WIZZ deleted successfully.

    Completed script processing.

    *******************

    Finished! Terminate.


    Logfile of HijackThis v1.99.1
    Scan saved at 15:44:51, on 26-3-2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\RaConfig2500.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\LocalProxy\proxy4free.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.startpagina.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    Koppelingen
    R3 - URLSearchHook: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
    Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
    c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [RaConfig2500.EXE] RaConfig2500.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20002\winlogon.exe
    O4 - HKLM\..\Run: [E-nrgyPlus] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe
    O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
    /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program
    Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Documents and
    Settings\Missy\Bureaublad\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe"
    /background
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE
    C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [qicxifud] C:\WINDOWS\System32\qicxifud.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program
    Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft
    Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Search -
    http://kn.bar.need2find.com/KN/menusearch.html?p=KN
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\MICROS~1\Office10\EXCEL.EXE/3000
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
    http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
    http://a1540.g.akamai.net/7/1540/52/20060104/qtinstall.info.apple.com/snape/us/win/QuickTimeInstaller.exe
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
    http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
    http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
    O17 -
    HKLM\System\CCS\Services\Tcpip\..\{4CA4971A-31F8-45E3-9689-576A4E0E726E}:
    NameServer = 62.108.1.67,0.0.0.0
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: IEFilter - {DC01F512-1B98-4953-9328-66553E7934B8} -
    C:\WINDOWS\system32\IEFilter.dll (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
    32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
    c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
    Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
    Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
    C:\WINDOWS\System32\nvsvc32.exe


    hoop dat dit helpt!

    thanx
  • Doe dit eerst eens even:
    [quote:cbd7f103b4="M@rc"]
    Ga naar Start - Uitvoeren en tik in: notepad.exe
    Klik op OK.

    Ga in Kladblok naar Opmaak, en haal het vinkje voor "Automatische terugloop" weg.
    Sluit Notepad terug af.

    Maak een nieuwe HijackThislog. Post deze.[/quote:cbd7f103b4]

    Dat gaat het logje makkelijker leesbaar maken.
  • //////////////////////////////////////////
    Avenger Pre-Processor log
    //////////////////////////////////////////

    Syntax error in line — does not appear to be a valid registry path. Line will be ignored.
    Error code: 0
    Line: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | qicxifud


    //////////////////////////////////////////


    Logfile of The Avenger version 1, by Swandog46
    Running from registry key:
    \Registry\Machine\System\CurrentControlSet\Services\xspdsogd

    *******************

    Script file located at: \??\C:\Documents and Settings\vxxje^fo.txt
    Script file opened successfully.

    Script file read successfully

    Backups directory opened successfully at C:\Avenger

    *******************

    Beginning to process script file:

    File C:\WINDOWS\SYSTEM32\bin32.dll deleted successfully.


    File C:\WINDOWS\SYSTEM32\23nib.dll not found!
    Deletion of file C:\WINDOWS\SYSTEM32\23nib.dll failed!

    Could not process line:
    C:\WINDOWS\SYSTEM32\23nib.dll
    Status: 0xc0000034

    File C:\WINDOWS\System32\sdgttpfa.dll deleted successfully.


    Folder C:\Program Files\RXToolBar not found!
    Deletion of folder C:\Program Files\RXToolBar failed!

    Could not process line:
    C:\Program Files\RXToolBar
    Status: 0xc0000034

    Folder C:\Program Files\SHA256 deleted successfully.
    Folder C:\Program Files\DSB deleted successfully.
    Folder C:\Program Files\AdsBlocker deleted successfully.
    Folder C:\Program Files\WIZZ deleted successfully.
    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F85E86D8-F796-4C97-AAA2-26664A98A42C} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{F85E86D8-F796-4C97-AAA2-26664A98A42C} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{F85E86D8-F796-4C97-AAA2-26664A98A42C} failed!
    Status: 0xc0000034

    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} failed!
    Status: 0xc0000034

    Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bin32 deleted successfully.
    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} failed!
    Status: 0xc0000034

    Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD213033-4905-45B7-AE02-44B864C09B37} deleted successfully.


    Registry key HKLM\SOFTWARE\Classes\{FD213033-4905-45B7-AE02-44B864C09B37} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{FD213033-4905-45B7-AE02-44B864C09B37} failed!
    Status: 0xc0000034



    Registry key HKLM\SOFTWARE\Classes\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} not found!
    Deletion of registry key HKLM\SOFTWARE\Classes\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} failed!
    Status: 0xc0000034



    Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad|{DC01F512-1B98-4953-9328-66553E7934B8}
    Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad|{DC01F512-1B98-4953-9328-66553E7934B8} failed!
    Status: 0xc0000034

    Registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AdsBlocker deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DSB deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SHA256 deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Update AutoUpdate Client deleted successfully.
    Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WIZZ deleted successfully.

    Completed script processing.

    *******************

    Finished! Terminate.



    Logfile of HijackThis v1.99.1
    Scan saved at 15:44:51, on 26-3-2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\RaConfig2500.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\LocalProxy\proxy4free.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.startpagina.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    Koppelingen
    R3 - URLSearchHook: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
    Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
    c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [RaConfig2500.EXE] RaConfig2500.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20002\winlogon.exe
    O4 - HKLM\..\Run: [E-nrgyPlus] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe
    O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
    /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program
    Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Documents and
    Settings\Missy\Bureaublad\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe"
    /background
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE
    C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [qicxifud] C:\WINDOWS\System32\qicxifud.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program
    Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft
    Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Search -
    http://kn.bar.need2find.com/KN/menusearch.html?p=KN
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\MICROS~1\Office10\EXCEL.EXE/3000
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
    http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
    http://a1540.g.akamai.net/7/1540/52/20060104/qtinstall.info.apple.com/snape/us/win/QuickTimeInstaller.exe
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
    http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
    http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
    O17 -
    HKLM\System\CCS\Services\Tcpip\..\{4CA4971A-31F8-45E3-9689-576A4E0E726E}:
    NameServer = 62.108.1.67,0.0.0.0
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: IEFilter - {DC01F512-1B98-4953-9328-66553E7934B8} -
    C:\WINDOWS\system32\IEFilter.dll (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
    32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
    c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
    Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
    Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
    C:\WINDOWS\System32\nvsvc32.exe


    hoop dat dit leesbaarder is?

    grt
  • Je post dezelfde hijackthislog als daar straks, en dat vraag ik niet.

    Volg aub mijn instructies.
  • Sluit alle open vensters, run HijackThis nog een keer en plaats een vinkje bij de volgende items:

    [b:2b1003cf00]F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O4 - HKLM\..\Run: [E-nrgyPlus] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe
    O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
    O4 - HKCU\..\Run: [qicxifud] C:\WINDOWS\System32\qicxifud.exe
    O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN[/b:2b1003cf00]

    Klik daarna op "Fix checked" en sluit HijackThis af.

    Herstart de computer.

    Start HijackThis opnieuw, maak een nieuwe log en post deze. (en volg deze keer de instructies aub.)
  • Zover ik weet werkt by mijn nichtje het internet, windows mediaplayer en de trojan vundo is zover verdwenen….!

    zal haar vragen een nieuwe hijack logje aan te maken!

    grtjes…m….! :D
  • [quote:bafdc62a84="M@rc"]Sluit alle open vensters, run HijackThis nog een keer en plaats een vinkje bij de volgende items:

    [b:bafdc62a84]F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O4 - HKLM\..\Run: [E-nrgyPlus] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe
    O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
    O4 - HKCU\..\Run: [qicxifud] C:\WINDOWS\System32\qicxifud.exe
    O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN[/b:bafdc62a84]

    Klik daarna op "Fix checked" en sluit HijackThis af.

    Herstart de computer.

    Moeten de mappen neit verwijderd worden??

    Greetz chrizz :)

    Start HijackThis opnieuw, maak een nieuwe log en post deze. (en volg deze keer de instructies aub.)[/quote:bafdc62a84]
  • Logfile of HijackThis v1.99.1
    Scan saved at 20:30:50, on 26-3-2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\Service.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\RaConfig2500.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\REAL\realjbox.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.startpagina.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    Koppelingen
    R3 - URLSearchHook: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
    Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
    c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [RaConfig2500.EXE] RaConfig2500.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20002\winlogon.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
    /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program
    Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Documents and
    Settings\Missy\Bureaublad\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WIZZ] C:\Program Files\WIZZ\dazzler.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe"
    /background
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE
    C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program
    Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft
    Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\MICROS~1\Office10\EXCEL.EXE/3000
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
    http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
    http://a1540.g.akamai.net/7/1540/52/20060104/qtinstall.info.apple.com/snape/us/win/QuickTimeInstaller.exe
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
    http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
    http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
    O17 -
    HKLM\System\CCS\Services\Tcpip\..\{4CA4971A-31F8-45E3-9689-576A4E0E726E}:
    NameServer = 62.108.1.67,0.0.0.0
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: IEFilter - {DC01F512-1B98-4953-9328-66553E7934B8} -
    C:\WINDOWS\system32\IEFilter.dll (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
    32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
    c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
    Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
    Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
    C:\WINDOWS\System32\nvsvc32.exe

    Hoi,

    Hierbij het nieuwe logje. Krijg geen meldingen meer van virus vunda en
    MOP's, maar moet mijn pc nog steeds vaak opstarten voordat ik kan
    internetten,waar kan dit aan liggen?

    thanx alot !
    :D
  • een van de laatste logjes vanavond/nacht van mijn nichtje!

    Logfile of HijackThis v1.99.1
    Scan saved at 23:56:11, on 26-3-2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\Service.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\RaConfig2500.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\REAL\realjbox.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.startpagina.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    Koppelingen
    R3 - URLSearchHook: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
    Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: SweetIM For Internet Explorer -
    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program
    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
    c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [RaConfig2500.EXE] RaConfig2500.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe"
    /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program
    Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Documents and
    Settings\Missy\Bureaublad\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WIZZ] C:\Program Files\WIZZ\dazzler.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe"
    /background
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE
    C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program
    Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft
    Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\MICROS~1\Office10\EXCEL.EXE/3000
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
    http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
    http://a1540.g.akamai.net/7/1540/52/20060104/qtinstall.info.apple.com/snape/us/win/QuickTimeInstaller.exe
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
    http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
    http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
    O17 -
    HKLM\System\CCS\Services\Tcpip\..\{4CA4971A-31F8-45E3-9689-576A4E0E726E}:
    NameServer = 62.108.1.67,0.0.0.0
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: IEFilter - {DC01F512-1B98-4953-9328-66553E7934B8} - (no file)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
    32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
    c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
    Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
    Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
    C:\WINDOWS\System32\nvsvc32.exe


    Vanuit deze kant bedankt voor de moeite en aandacht aan deze probleem!

    grtjes van my en hartelijk dank van mijn nichtje naar jullie toe!..
  • Deze mogen weg:
    O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20002\winlogon.exe
    O21 - SSODL: IEFilter - {DC01F512-1B98-4953-9328-66553E7934B8} - (no file)

    Doe deze online-scan: http://www.pandasoftware.com/activescan/com/activescan_principal.htm
    Na het scannen krijg je de mogelijkheid om het logje op te slaan. Doe dit.
    Post de inhoud van dat logje.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.