Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Trojan: [b]wie wil mij helpen met volgende "Hijack.This

juisterr
6 antwoorden
  • Heeeeelp! Heb het ook zitten met die Trojan-virus.
    Al wat gelezen op de forums.

    Heb Vundofix.exe uitgevoerd (op eerste gezicht niet meteen virus warnings meer).

    Heb nu een log van Hijack.this. Kan hier enige expert es zien naar mijn log wat verwijderd mag worden en niet.
    Ik begrijp er de knotsen van.

    [By the way. Hoe geraakt zo'n trojan door Telenet Anti-Virus F-Secure. Wordt da nie continu geupdatet. Ik vertrouwde er blindelings :o op.]

    [b:6569a805a3][u:6569a805a3]Merci alvast. Hier mijne log. [/u:6569a805a3][/b:6569a805a3]

    Logfile of HijackThis v1.99.1
    Scan saved at 22:32:15, on 2/07/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\MSI\Live Update 3\LMonitor.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Winamp\Winampa.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\BitTorrent\bittorrent.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\TELENE~2\backweb\3638286\Program\SERVIC~1.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsrw.exe
    C:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    C:\PROGRA~1\TELENE~2\ANTI-S~1\fsaw.exe
    C:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
    C:\Program Files\HP\Product Assistant\bin\hprblog.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Client\Bureaublad\hijackthis\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door Telenet Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {175F09F5-8347-4CCC-8110-A318EE8CA57E} - C:\WINDOWS\system32\awvtr.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Schmap Local - {AC89BF9C-4296-476C-86BC-6CAA3B398AB5} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Internet Security Pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Telenet Internet Security Pack\FSGUI\FSSW.EXE"
    eboot
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [j6281037] rundll32 C:\WINDOWS\system32\j6281037.dll sook
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Telenet Internet Security Pack.lnk = C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
    O8 - Extra context menu item: &Deze pop-up blokkeren - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-shield… - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Schmap Local - {f53a1294-34c5-4e48-afbd-5f5d5f081d2a} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com
    eader/dbplugin.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - C:\Program Files\Schmap\Schmap Player\SchmapDocLib.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Telenet Internet Security Pack (BackWeb Plug-in - 3638286) - BackWeb Technologies Inc. - C:\PROGRA~1\TELENE~2\backweb\3638286\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FSPC\fshttps\fshttps.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

  • Download LSPFix.exe van deze site http://cexx.org/lspfix.htm
    1. Start het programma.
    2. Selecteer "I know what I'am doing"
    3. Selecteer ALLEEN dit bestand: [b:a5ca04d3ce]winsflt.dll[/b:a5ca04d3ce]
    4. Klik op "remove" zodat het bestand naar het rechter venster gaat.
    5. Klik op "Finish"
    6. Herstart de pc.
    7. Verwijder het bovengenoemde bestand uit de C:\Windows\System32\ directory (als het bestand niet missing is)

    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:a5ca04d3ce]
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
    O2 - BHO: (no name) - {175F09F5-8347-4CCC-8110-A318EE8CA57E} - C:\WINDOWS\system32\awvtr.dll (file missing)
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O4 - HKLM\..\Run: [j6281037] rundll32 C:\WINDOWS\system32\j6281037.dll sook
    [/b:a5ca04d3ce]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Download [b:a5ca04d3ce]Combofix[/b:a5ca04d3ce] naar je Bureaublad.[list:a5ca04d3ce]
    Dubbelklik op [b:a5ca04d3ce]Combofix.exe[/b:a5ca04d3ce]
    Volg de instructies, aanvaard de disclaimer door [b:a5ca04d3ce]1[/b:a5ca04d3ce] (continue) te typen.
    Tijdens het runnen van de fix, [b:a5ca04d3ce]NIET[/b:a5ca04d3ce] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:a5ca04d3ce]
    Wanneer de fix voltooid is en na herstart, zal de log [b:a5ca04d3ce]combofix.txt[/b:a5ca04d3ce] openen.
    [i:a5ca04d3ce]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:a5ca04d3ce]

    Opmerking: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • [b:7d994d1b27]Hier mijn combofix.txt[/b:7d994d1b27]

    "Client" - 2007-07-03 18:09:01 - ComboFix 07-07-03.9 - Service Pack 2


    ((((((((((((((((((((((((( Files Created from 2007-06-03 to 2007-07-03 )))))))))))))))))))))))))))))))


    2007-07-03 18:07 51,200 –a—— C:\WINDOWS
    ircmd.exe
    2007-07-02 21:58 <DIR> d——– C:\VundoFix Backups
    2007-06-30 09:36 8,704 –a—— C:\WINDOWS\system32\vidccleaner.exe
    2007-06-30 09:36 589,824 –a—— C:\WINDOWS\system32\xvidcore.dll
    2007-06-30 09:36 180,224 –a—— C:\WINDOWS\system32\xvidvfw.dll
    2007-06-30 09:35 83,968 –a—— C:\WINDOWS\system32\Skbase40.dll
    2007-06-30 09:35 217,088 –a—— C:\WINDOWS\system32\skjpeg40.dll
    2007-06-30 09:35 <DIR> d——– C:\Program Files\Samsung


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-07-03 15:58:45 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Skype
    2007-06-30 07:35:33 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-05-31 20:31:59 ——– d—–w C:\Program Files\Common Files\Stardock
    2007-05-31 20:30:08 2,560 —-a-w C:\WINDOWS\_MSRSTRT.EXE
    2007-05-30 18:37:03 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Azureus
    2007-05-22 21:50:31 ——– d—–w C:\Program Files\CCleaner
    2007-05-22 21:49:59 ——– d—–w C:\Program Files\Yahoo!
    2007-05-22 20:46:44 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Ahead
    2007-05-22 19:28:58 ——– d—–w C:\Program Files\Common Files\Ahead
    2007-05-22 19:27:27 ——– d—–w C:\Program Files\Nero
    2007-05-21 18:30:09 ——– d—–w C:\Program Files\ahead
    2007-05-21 18:30:03 532,480 ——w C:\WINDOWS\system32\imagx5.dll
    2007-05-21 18:30:03 507,904 ——w C:\WINDOWS\system32\imagr5.dll
    2007-05-21 18:30:03 35,328 ——w C:\WINDOWS\system32\picn20.dll
    2007-05-21 18:30:03 275,312 ——w C:\WINDOWS\system32\ImagXpr5.dll
    2007-05-21 18:30:03 106,496 ——w C:\WINDOWS\system32\TwnLib20.dll
    2007-05-21 18:30:02 57,344 ——w C:\WINDOWS\system32\MultiSZ.dll
    2007-05-21 18:30:02 155,648 ——w C:\WINDOWS\system32\NeroCheck.exe
    2007-05-21 18:29:58 782,336 ——w C:\WINDOWS\UNNERO.exe
    2007-05-21 18:20:27 ——– d—–w C:\Program Files\AskTBar
    2007-05-21 13:11:58 ——– d—–w C:\Program Files\SubSync
    2007-05-21 13:11:25 249,856 ——w C:\WINDOWS\Setup1.exe
    2007-05-21 13:11:22 73,216 —-a-w C:\WINDOWS\ST6UNST.EXE
    2007-05-16 16:12:14 133,168 —-a-w C:\WINDOWS\system32\drivers\imagesrv.sys
    2007-05-16 16:12:12 11,568 —-a-w C:\WINDOWS\system32\drivers\imagedrv.sys
    2007-05-16 15:19:43 683,520 —-a-w C:\WINDOWS\system32\inetcomm.dll
    2007-05-16 07:42:22 972,336 —-a-w C:\WINDOWS\UNNeroMediaHome.exe
    2007-05-15 07:45:14 972,336 —-a-w C:\WINDOWS\UNNeroVision.exe
    2007-05-04 19:59:38 ——– d—–w C:\Program Files\Stardock
    2007-05-03 20:54:36 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\BitTorrent
    2007-05-03 20:54:26 ——– d—–w C:\Program Files\BitTorrent
    2007-05-03 20:24:25 ——– d—–w C:\Program Files\Windows Defender
    2007-05-03 20:19:49 ——– d—–w C:\Program Files\Hitman Pro
    2007-04-25 14:22:52 144,896 —-a-w C:\WINDOWS\system32\schannel.dll
    2007-04-23 20:30:55 871,656 —-a-w C:\WINDOWS\dbplugin.exe
    2007-04-23 14:42:50 972,336 —-a-w C:\WINDOWS\UNRecode.exe
    2007-04-18 16:15:26 2,854,400 —-a-w C:\WINDOWS\system32\msi.dll
    2007-04-16 20:47:36 33,624 —-a-w C:\WINDOWS\system32\wups.dll
    2007-04-16 20:45:54 1,710,936 —-a-w C:\WINDOWS\system32\wuaueng.dll
    2007-04-16 20:45:48 549,720 —-a-w C:\WINDOWS\system32\wuapi.dll
    2007-04-16 20:45:42 325,976 —-a-w C:\WINDOWS\system32\wucltui.dll
    2007-04-16 20:45:36 203,096 —-a-w C:\WINDOWS\system32\wuweb.dll
    2007-04-16 20:45:28 92,504 —-a-w C:\WINDOWS\system32\cdm.dll
    2007-04-16 20:45:20 53,080 —-a-w C:\WINDOWS\system32\wuauclt.exe
    2007-04-16 20:45:20 43,352 —-a-w C:\WINDOWS\system32\wups2.dll


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    2006-10-26 10:28 440384 –a—— C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    2006-01-12 20:38 63128 –a—— C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    2007-03-14 03:43 501400 –a—— C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
    2007-05-21 20:20 57344 –a—— C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    2006-08-09 17:52 2018368 -ra—— c:\program files\google\googletoolbar1.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC89BF9C-4296-476C-86BC-6CAA3B398AB5}]
    2007-04-02 16:46 385024 –a—— C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    2007-06-28 21:05 325048 –a—— C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"="SOUNDMAN.EXE" [2004-09-16 14:39 C:\WINDOWS\SOUNDMAN.EXE]
    "LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2005-07-11 10:44]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 12:31]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 12:24]
    "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 09:33]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 16:49]
    "F-Secure Manager"="C:\Program Files\Telenet Internet Security Pack\Common\FSM32.exe" [2005-10-26 03:51]
    "F-Secure TNB"="C:\Program Files\Telenet Internet Security Pack\TNB\TNBUtil.exe" [2005-07-18 16:51]
    "F-Secure Startup Wizard"="C:\Program Files\Telenet Internet Security Pack\FSGUI\FSSW.exe" [2005-10-18 10:29]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
    "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2006-09-03 20:11]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 12:06]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2005-08-13 22:35]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 18:20]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-28 21:05]
    "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-03-02 01:11]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 09:27]

    *Newly Created Service* - WEBNTACCESS

    Contents of the 'Scheduled Tasks' folder
    2007-07-03 15:59:36 C:\WINDOWS\tasks\MP Scheduled Scan.job
    2007-07-03 15:21:01 C:\WINDOWS\tasks\Scheduled scanning task.job

    **************************************************************************

    catchme 0.3.914 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-07-03 18:11:35
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-07-03 18:12:01

    — E O F —


    [b:7d994d1b27]Hier mijn nieuwe hijackthis-log[/b:7d994d1b27]

    Logfile of HijackThis v1.99.1
    Scan saved at 18:16:53, on 3/07/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\MSI\Live Update 3\LMonitor.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Winamp\Winampa.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\BitTorrent\bittorrent.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\PROGRA~1\TELENE~2\backweb\3638286\Program\SERVIC~1.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsrw.exe
    C:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    C:\PROGRA~1\TELENE~2\ANTI-S~1\fsaw.exe
    C:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
    C:\Program Files\HP\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32
    otepad.exe
    C:\Documents and Settings\Client\Bureaublad\NIET AANKOMEN!!!!!hijackthis\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Schmap Local - {AC89BF9C-4296-476C-86BC-6CAA3B398AB5} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Internet Security Pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Telenet Internet Security Pack\FSGUI\FSSW.EXE"
    eboot
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Telenet Internet Security Pack.lnk = C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
    O8 - Extra context menu item: &Deze pop-up blokkeren - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-shield… - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Schmap Local - {f53a1294-34c5-4e48-afbd-5f5d5f081d2a} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com
    eader/dbplugin.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - C:\Program Files\Schmap\Schmap Player\SchmapDocLib.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Telenet Internet Security Pack (BackWeb Plug-in - 3638286) - BackWeb Technologies Inc. - C:\PROGRA~1\TELENE~2\backweb\3638286\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FSPC\fshttps\fshttps.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    [b:7d994d1b27]Merci voor de moeite. Hoe dat je hier nog wijs uit geraakt…. :D [/b:7d994d1b27]



  • Heb nu nieuwe foutmelding: "MFC71.dll" kan niet worden gevonden.
    Via net wel down te loaden. maar aan te raden?…
  • Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:d0239a7090]
    O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
    [/b:d0239a7090]
    Klik op 'Fix checked' om de items te verwijderen.

    hoe is het met je problemen
  • Bestand verwijderd. Merci. Gelukkig eens geen kwakzalvers op het net.

    Zit nu nog enkel met da bestand da missing is: "MFC71.dll"
    Weet je toevallig hoe ik da best herstel.

    Pc probeert nu ook telkens Photogallery Windows te installeren bij opstart van PC. Voordien niet het geval.
    Duurt wel lang eer ik het kan cancelen. Keert telkens opnieuw terug, totdat het uiteindelijk stopt. Wrshl iets met software, zou es moeten checken.

    Greetz

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.