Ga naar inhoud

[OPGELOST] help!


Aanbevolen berichten

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:44:28, on 23-6-2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Common Files\Symantec Shared\ccProxy.exe

c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

c:\Program Files\Norton Internet Security\ISSVC.exe

c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\WINDOWS\system32\ps2.exe

C:\WINDOWS\ALCWZRD.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\system32\drwtsn32.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {43854BA4-CC46-4524-8929-3967FE2EEA32} - C:\WINDOWS\system32\xxyywtrr.dll

O2 - BHO: (no name) - {444FC7D1-8F08-4377-B39B-4D75AE0E9F70} - C:\WINDOWS\system32\geBssrPg.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: {295f2276-0113-a20a-da04-c70c5bb5d03f} - {f30d5bb5-c07c-40ad-a02a-31106722f592} - C:\WINDOWS\system32\vkugorwa.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [c0790c1a] rundll32.exe "C:\WINDOWS\system32\hnppomxr.dll",b

O4 - HKLM\..\Run: [bMc34a3f86] Rundll32.exe "C:\WINDOWS\system32\trsbvetv.dll",s

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

O20 - AppInit_DLLs: vkugorwa.dll

O20 - Winlogon Notify: geBssrPg - C:\WINDOWS\SYSTEM32\geBssrPg.dll

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--

End of file - 7341 bytes

Link naar reactie
Delen op andere sites

Doe het volgende:

Start Hijackthis terug op en klik op 'Do a system scan only"

Duid alleen deze regels aan:

O2 - BHO: (no name) - {43854BA4-CC46-4524-8929-3967FE2EEA32} - C:\WINDOWS\system32\xxyywtrr.dll

O2 - BHO: (no name) - {444FC7D1-8F08-4377-B39B-4D75AE0E9F70} - C:\WINDOWS\system32\geBssrPg.dll

O4 - HKLM\..\Run: [c0790c1a] rundll32.exe "C:\WINDOWS\system32\hnppomxr.dll",b

O4 - HKLM\..\Run: [bMc34a3f86] Rundll32.exe "C:\WINDOWS\system32\trsbvetv.dll",s

O20 - AppInit_DLLs: vkugorwa.dll

klik op "fixed checked" en bevestig als er om gevraagd word.

Sluit Hijackthis af:

Download Combofix.exe en zet het op je Bureaublad.

Dubbelklik op Combofix.exe en volg de instructies, aanvaard de disclaimer door y te typen. Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.

NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, moet je dit toestaan

Grtz

Link naar reactie
Delen op andere sites

Je mag de suggestie van Aaron uitvoeren, maar er moeten nog wel enkele items meer gefixt worden met HJT.

Om het makkelijk te maken het volledige lijstje :

O2 - BHO: (no name) - {43854BA4-CC46-4524-8929-3967FE2EEA32} - C:\WINDOWS\system32\xxyywtrr.dll

O2 - BHO: (no name) - {444FC7D1-8F08-4377-B39B-4D75AE0E9F70} - C:\WINDOWS\system32\geBssrPg.dll

O2 - BHO: {295f2276-0113-a20a-da04-c70c5bb5d03f} - {f30d5bb5-c07c-40ad-a02a-31106722f592} - C:\WINDOWS\system32\vkugorwa.dll

O4 - HKLM\..\Run: [c0790c1a] rundll32.exe "C:\WINDOWS\system32\hnppomxr.dll",b

O4 - HKLM\..\Run: [bMc34a3f86] Rundll32.exe "C:\WINDOWS\system32\trsbvetv.dll",s

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

O20 - AppInit_DLLs: vkugorwa.dll

O20 - Winlogon Notify: geBssrPg - C:\WINDOWS\SYSTEM32\geBssrPg.dll

En onderstaande vetgedrukte bestanden mag je dan verwijderen met Windows Verkenner :

C:\WINDOWS\system32\vkugorwa.dll

C:\WINDOWS\SYSTEM32\geBssrPg.dll

En laat dan het door Aaron gemelde Combofix los op je PC.

Logjes van HJT en Combofix aan je volgende bericht.

Link naar reactie
Delen op andere sites

Persoonlijk zou ik er nog niet aan denken om iets van Norton er op te zetten, maar dat is wel heel persoonlijk :)

En zou je misschien nog even de logjes van Combofix en HJT willen posten, want de kans is groot dat we daar nog wat restjes uit kunnen verwijderen. En daarna moet er op zijn minst nog wat gekuist worden. Wat er nu gebeurd is, zijn enkel de essentiële ingrepen.

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:08:10, on 24-6-2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Common Files\Symantec Shared\ccProxy.exe

c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

c:\Program Files\Norton Internet Security\ISSVC.exe

c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\WINDOWS\Explorer.EXE

c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\WINDOWS\system32\ps2.exe

C:\WINDOWS\ALCWZRD.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\Rundll32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Poker\Holland Poker\casino.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [bMc34a3f86] Rundll32.exe "C:\WINDOWS\system32\trsbvetv.dll",s

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--

End of file - 6871 bytes

----------------------------------------------------------------------------

ComboFix 08-06-20.4 - Compaq_Eigenaar 2008-06-24 11:44:31.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.637 [GMT 2:00]

Gestart vanuit: C:\Documents and Settings\Compaq_Eigenaar\Mijn documenten\Mijn muziek\ComboFix.exe

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\Documents and Settings\Compaq_Eigenaar\Local Settings\Application Data\syeiq.dat

c:\documents and settings\compaq_eigenaar\local settings\application data\syeiq.exe

c:\Documents and Settings\Compaq_Eigenaar\Local Settings\Application Data\syeiq_nav.dat

c:\Documents and Settings\Compaq_Eigenaar\Local Settings\Application Data\syeiq_navps.dat

C:\smp.bat

C:\WINDOWS\BMc34a3f86.xml

C:\WINDOWS\pskt.ini

C:\WINDOWS\system\update.exe

C:\WINDOWS\system32\byXPGXRi.dll

C:\WINDOWS\system32\geBsSijJ.dll

C:\WINDOWS\system32\geBssrPg.dll

C:\WINDOWS\system32\JjiSsBeg.ini

C:\WINDOWS\system32\JjiSsBeg.ini2

C:\WINDOWS\system32\ljJcDVoo.dll

C:\WINDOWS\system32\mcrh.tmp

C:\WINDOWS\system32\rrtwyyxx.ini

C:\WINDOWS\system32\rrtwyyxx.ini2

C:\WINDOWS\system32\rxmoppnh.ini

C:\WINDOWS\system32\rxmoppnh.ini2

C:\WINDOWS\system32\rxmoppnh.tmp

C:\WINDOWS\system32\xxyywtrr.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-05-24 to 2008-06-24 ))))))))))))))))))))))))))))))

.

2039-10-12 20:42 . 2039-10-12 20:42 3,120 --a------ C:\WINDOWS\MF_C421.lfa

2039-10-12 20:42 . 2039-10-12 20:42 3,120 --a------ C:\WINDOWS\MF_C420.lfa

2008-06-24 11:53 . 2008-06-24 11:53 22 --a------ C:\WINDOWS\pskt.ini

2008-06-24 11:53 . 2008-06-24 11:53 0 --a------ C:\WINDOWS\BMc34a3f86.xml

2008-06-23 17:39 . 2008-06-23 17:39 105,984 --a------ C:\WINDOWS\system32\vkugorwa.dll

2008-06-23 17:37 . 2008-06-23 17:37 91,136 --a------ C:\WINDOWS\system32\trsbvetv.dll

2008-06-23 17:37 . 2008-06-23 17:37 81,408 --a------ C:\WINDOWS\system32\hnppomxr.dll

2008-06-21 19:22 . 2008-06-21 19:22 127 --a------ C:\WINDOWS\system32\MRT.INI

2008-06-21 17:22 . 2008-06-23 00:40 90,112 --------- C:\WINDOWS\system32\gagchbfu.dll

2008-06-21 17:22 . 2008-06-23 00:40 81,408 --------- C:\WINDOWS\system32\gsdbayvv.dll

2008-06-18 19:57 . 2008-06-18 19:57 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-06-18 19:57 . 2008-06-18 19:57 <DIR> d-------- C:\Documents and Settings\Compaq_Eigenaar\Application Data\Malwarebytes

2008-06-18 19:57 . 2008-06-18 19:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-06-18 19:57 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-06-18 19:57 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-06-12 16:54 . 2008-06-12 16:54 <DIR> d-------- C:\Program Files\America's Army Server Manager

2008-06-12 16:52 . 2008-06-22 11:00 <DIR> d-------- C:\Program Files\America's Army

2008-06-12 09:49 . 2008-06-14 19:36 272,640 --------- C:\WINDOWS\system32\dllcache\bthport.sys

2008-06-12 09:49 . 2008-05-08 16:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys

2008-06-11 11:53 . 2002-07-30 21:38 647,168 --a------ C:\WINDOWS\system32\cdr.dll

2008-06-05 13:44 . 2008-06-05 13:44 <DIR> d-------- C:\Archivos de programa

2008-06-05 13:43 . 2008-06-12 11:29 <DIR> d-------- C:\Program Files\eMule

2008-06-01 15:30 . 2008-06-01 15:30 <DIR> d-------- C:\Taccels

2008-06-01 15:30 . 2008-06-01 15:30 <DIR> d-------- C:\Program Files\TAC

2008-06-01 15:30 . 2008-06-02 12:45 <DIR> d-------- C:\Documents and Settings\Compaq_Eigenaar\Application Data\TAC

2008-06-01 15:30 . 2006-05-08 09:54 132,880 --a------ C:\WINDOWS\system32\msinet.ocx

2008-05-31 16:11 . 2008-06-06 14:47 34 --a------ C:\WINDOWS\cdplayer.ini

2008-05-31 16:09 . 2008-05-31 16:14 <DIR> d-------- C:\audiograbber

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-24 09:50 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2008-06-23 19:04 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-06-23 18:08 --------- d-----w C:\Program Files\Windows Live Safety Center

2008-06-22 22:36 --------- d-----w C:\Program Files\NCH Swift Sound

2008-06-22 22:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-06-22 14:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet

2008-06-20 11:35 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\LimeWire

2008-06-18 20:10 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\OpenOffice.org2

2008-06-17 13:57 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\AdobeUM

2008-06-14 17:36 272,640 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-06-11 09:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

2008-06-06 09:00 --------- d-----w C:\Program Files\BitComet

2008-05-19 15:57 --------- d-----w C:\Program Files\MessengerDiscovery

2008-05-17 13:39 --------- d-----w C:\Program Files\Apple Software Update

2008-05-17 13:39 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\Apple Computer

2008-05-17 11:23 --------- d-----w C:\Program Files\Ashampoo

2008-05-17 11:23 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\Ashampoo

2008-05-17 10:27 --------- d-----w C:\Program Files\Windows Journal Viewer

2008-05-17 10:27 --------- d-----w C:\Program Files\GameSpy Arcade

2008-05-17 10:23 --------- d-----w C:\Program Files\Opera 9.5 beta

2008-05-15 18:49 --------- d-----w C:\Program Files\MSN Messenger

2008-05-15 18:49 --------- d-----w C:\Program Files\Messenger Plus! Live

2008-05-08 16:07 --------- d-----w C:\Program Files\Common Files\Adobe

2008-05-08 16:07 --------- d-----w C:\Program Files\Bonjour

2008-05-08 15:57 --------- d-----w C:\Program Files\Common Files\Macrovision Shared

2008-05-08 15:14 --------- d-----w C:\Program Files\PokerStars

2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys

2008-05-04 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-05-04 08:44 --------- d-----w C:\Program Files\Gpotato

2008-05-04 08:42 --------- d-----w C:\Program Files\3D Online Pool

2008-05-01 18:57 --------- d-----w C:\Program Files\Common Files\INCA Shared

2008-04-29 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo

2008-04-27 19:22 --------- d-----w C:\Program Files\Java

2008-04-14 17:03 70,144 ----a-w C:\WINDOWS\notepad.exe

2008-04-14 17:03 32,866 ------w C:\WINDOWS\slrundll.exe

2008-04-14 17:03 287,232 ----a-w C:\WINDOWS\winhlp32.exe

2008-04-14 17:03 153,088 ----a-w C:\WINDOWS\regedit.exe

2008-04-14 17:03 10,752 ----a-w C:\WINDOWS\hh.exe

2008-04-14 17:02 50,688 ----a-w C:\WINDOWS\twain_32.dll

2008-04-14 17:02 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll

2008-04-14 17:02 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll

2008-04-14 17:02 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll

2008-04-14 17:02 33,280 ----a-w C:\WINDOWS\Help\sstub.dll

2008-04-14 17:02 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll

2008-04-14 17:02 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll

2008-04-14 17:02 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll

2008-04-14 17:02 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll

2008-04-14 17:02 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll

2008-04-14 17:02 1,037,312 ----a-w C:\WINDOWS\explorer.exe

2008-03-06 14:22 56 --sha-w C:\Documents and Settings\All Users\Application Data\dc64vg9.sys

2008-02-28 21:55 22,328 ----a-w C:\Documents and Settings\Compaq_Eigenaar\Application Data\PnkBstrK.sys

2005-07-29 14:24 472 -csha-r C:\WINDOWS\TWFyayBOb3JicnVpcw\nqIVuV1ivaL2wBpDwT.vbs

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f30d5bb5-c07c-40ad-a02a-31106722f592}]

2008-06-23 17:39 105984 --a------ C:\WINDOWS\system32\vkugorwa.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 21:13 98304]

"AlcWzrd"="ALCWZRD.EXE" [2005-02-18 22:32 2754560 C:\WINDOWS\ALCWZRD.EXE]

"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2008-02-21 20:28 100056]

"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 18:22 58984]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]

"nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe]

"BMc34a3f86"="C:\WINDOWS\system32\trsbvetv.dll" [2008-06-23 17:37 91136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Eigenaar^Menu Start^Programma's^Opstarten^OpenOffice.org 2.3 .lnk]

path=C:\Documents and Settings\Compaq_Eigenaar\Menu Start\Programma's\Opstarten\OpenOffice.org 2.3 .lnk

backup=C:\WINDOWS\pss\OpenOffice.org 2.3 .lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

--a------ 2005-07-14 15:09 57344 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

--a------ 2004-06-29 19:06 88363 C:\WINDOWS\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]

--a------ 2008-02-01 09:20 2194744 C:\Program Files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

--a------ 2007-02-21 18:22 58984 c:\Program Files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

--a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

--a------ 2003-10-23 20:51 233472 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

--a------ 2003-06-25 12:24 49152 C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

--a------ 1998-05-07 18:04 52736 c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2004-10-14 00:04 278528 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

C:\HP\KBD\KBD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

--a------ 2007-02-08 02:13 774168 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]

--a------ 2008-02-20 23:50 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--a------ 2008-04-14 19:03 1695232 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]

C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2007-12-05 02:41 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

--a------ 2007-11-09 14:16 688128 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2005-01-02 01:54 98304 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]

--a------ 2004-04-14 22:43 233472 C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]

--a------ 2004-12-14 02:23 663552 C:\Windows\Creator\Remind_XP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sclauncher]

--a------ 2007-01-30 11:43 94208 C:\Program Files\SimpleCenter\bin\win\sclauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio]

--a------ 2004-03-18 00:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

--a------ 2005-02-21 22:49 90112 C:\WINDOWS\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LightScribeService"=2 (0x2)

"iPodService"=3 (0x3)

"WLSetupSvc"=3 (0x3)

"usnjsvc"=3 (0x3)

"LiveUpdate"=3 (0x3)

"LVSrvLauncher"=2 (0x2)

"LVPrcSrv"=2 (0x2)

"WMPNetworkSvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"FirewallDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\WINDOWS\\system32\\PnkBstrA.exe"=

"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"25558:TCP"= 25558:TCP:BitComet 25558 TCP

"25558:UDP"= 25558:UDP:BitComet 25558 UDP

"3167:TCP"= 3167:TCP:*:Disabled:SolidNetworkManager

"3167:UDP"= 3167:UDP:*:Disabled:SolidNetworkManager

"43577:TCP"= 43577:TCP:*:Disabled:SolidNetworkManager

"43577:UDP"= 43577:UDP:*:Disabled:SolidNetworkManager

"64507:TCP"= 64507:TCP:*:Disabled:SolidNetworkManager

"64507:UDP"= 64507:UDP:*:Disabled:SolidNetworkManager

S3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS [2004-11-30 20:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5eb9676c-fa63-11dc-8545-0013d42048e4}]

\Shell\AutoRun\command - L:\v.exe

\Shell\explore\Command - L:\v.exe

\Shell\open\Command - L:\v.exe

.

Inhoud van de 'Gedeelde Taken' map

"2008-06-20 11:16:28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-06-20 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job"

- C:\Program Files\Norton Security Scan\Nss.exe

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-24 11:52:58

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

C:\WINDOWS\pskt.ini

Scan succesvol afgerond

verborgen bestanden: 1

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

PROCESS: C:\WINDOWS\explorer.exe

-> C:\WINDOWS\system32\nview.dll

-> C:\WINDOWS\system32\trsbvetv.dll

.

------------------------ Other Running Processes ------------------------

.

C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE

C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE

C:\Program Files\Norton Internet Security\ISSVC.exe

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\rundll32.exe

.

**************************************************************************

.

Voltooingstijd: 2008-06-24 11:59:51 - machine was rebooted

ComboFix-quarantined-files.txt 2008-06-24 09:59:28

ComboFix2.txt 2008-01-25 17:45:58

ComboFix3.txt 2008-01-25 11:38:37

ComboFix4.txt 2008-01-24 22:39:21

Pre-Run: 124,722,946,048 bytes beschikbaar

Post-Run: 124,712,611,840 bytes beschikbaar

280 --- E O F --- 2008-06-21 22:14:32

ik hoop dat jullie er wat mee kunnen..

Mvg,

Mark

Link naar reactie
Delen op andere sites

Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

O4 - HKLM\..\Run: [bMc34a3f86] Rundll32.exe "C:\WINDOWS\system32\trsbvetv.dll",s

Klik op 'Fix checked' om de items te verwijderen.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\WINDOWS\BMc34a3f86.xml

C:\WINDOWS\system32\vkugorwa.dll

C:\WINDOWS\system32\trsbvetv.dll

C:\WINDOWS\system32\hnppomxr.dll

C:\WINDOWS\system32\gagchbfu.dll

C:\WINDOWS\system32\gsdbayvv.dll

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f30d5bb5-c07c-40ad-a02a-31106722f592}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BMc34a3f86"=-

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites

Nog even dit : Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

Klik op 'Fix checked' om de items te verwijderen. En laat dan eens weten of je problemen met je "explorer" nu opgelost zijn.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.