hijack log, graag deskundige blik

[anoniem]

Graag een oordeel over dit logbestand, bvd: Logfile of HijackThis v1.97.7 Scan saved at 12:08:23, on 7-9-04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\MDSETSPW.EXE C:\WINDOWS\SYSTEM\ATIPTAAA.EXE C:\WINDOWS\QCOMBO3D.EXE C:\PROGRAM FILES\MULTIMEDIA HOTKEY PROGRAM\MMKBD.EXE C:\PROGRAM FILES\DIRECTCD\DIRECTCD.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE\OPWARE32.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\NAVISEARCH\BIN\NLS.EXE C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE C:\WINDOWS\RunDLL.exe C:\PROGRAM FILES\A.C\SCROLL-IN-MOUSE V2.0\SCROLL.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\MULTIMEDIA HOTKEY PROGRAM\HCLIENT.EXE C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE C:\ATI\ATIDESK\ATISCHED.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\DOWNLOADS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/defaults/sb/*http://www.yahoo.com/ext/search/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer van Het Net R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\BRIDGE.DLL O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\BI.DLL O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\SYSTEM\MSBE.DLL O2 - BHO: (no name) - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\SYSTEM\NVMS.DLL O2 - BHO: (no name) - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\SYSTEM\MSCB.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [Taakcontrole] c:\windows\taskmon.exe O4 - HKLM\..\Run: [OEMCleanup] C:\WINDOWS\OPTIONS\OEMRESET.EXE O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [ModemUtility] mdsetspw.exe O4 - HKLM\..\Run: [ATIGART] c:\ati\gart\atigart.exe O4 - HKLM\..\Run: [AtiPTA] Atiptaaa.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [Qcombo3Dmouse] Qcombo3d.exe O4 - HKLM\..\Run: [Multimedir KBD] C:\PROGRA~1\MULTIM~1\MMKbd.exe O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe O4 - HKLM\..\Run: [AtiQiPcl] AtiQiPcl.exe O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\DirectCD\DIRECTCD.EXE O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSHWIN32.EXE O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [Atikey] Atitask.exe O4 - HKLM\..\Run: [Omnipage] c:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE O4 - HKLM\..\Run: [vehij] C:\WINDOWS\vehij.exe O4 - HKLM\..\Run: [uxutox] C:\WINDOWS\uxutox.exe O4 - HKLM\..\Run: [ivmfgjaz] C:\WINDOWS\ivmfgjaz.exe O4 - HKLM\..\Run: [wvmrunob] C:\WINDOWS\wvmrunob.exe O4 - HKLM\..\Run: [BELT] C:\WINDOWS\BELT.exe O4 - HKLM\..\Run: [kdez] C:\WINDOWS\kdez.exe O4 - HKLM\..\Run: [gfwzox] C:\WINDOWS\gfwzox.exe O4 - HKLM\..\Run: [qxwl] C:\WINDOWS\qxwl.exe O4 - HKLM\..\Run: [ovizgp] C:\WINDOWS\ovizgp.exe O4 - HKLM\..\Run: [jgj] C:\WINDOWS\jgj.exe O4 - HKLM\..\Run: [tsr] C:\WINDOWS\tsr.exe O4 - HKLM\..\Run: [vmlcpmj] C:\WINDOWS\vmlcpmj.exe O4 - HKLM\..\Run: [xuvwb] C:\WINDOWS\xuvwb.exe O4 - HKLM\..\Run: [luper] C:\WINDOWS\luper.exe O4 - HKLM\..\Run: [xmh] C:\WINDOWS\xmh.exe O4 - HKLM\..\Run: [gzehspwh] C:\WINDOWS\gzehspwh.exe O4 - HKLM\..\Run: [wdupyr] C:\WINDOWS\wdupyr.exe O4 - HKLM\..\Run: [odgjqn] C:\WINDOWS\odgjqn.exe O4 - HKLM\..\Run: [sfitsh] C:\WINDOWS\sfitsh.exe O4 - HKLM\..\Run: [pmxol] C:\WINDOWS\pmxol.exe O4 - HKLM\..\Run: [ytcxityb] C:\WINDOWS\ytcxityb.exe O4 - HKLM\..\Run: [jmzgbwh] C:\WINDOWS\jmzgbwh.exe O4 - HKLM\..\Run: [qpancdmp] C:\WINDOWS\qpancdmp.exe O4 - HKLM\..\Run: [vqb] C:\WINDOWS\vqb.exe O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [rtvscn95] C:\PROGRA~1\SYMANT~1\SYMANT~1\rtvscn95.exe O4 - HKLM\..\RunServices: [defwatch] C:\PROGRA~1\SYMANT~1\SYMANT~1\defwatch.exe O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Startup: Scroll-In-Mouse V2.0.lnk = C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: ATI Scheduler.lnk = C:\ati\atidesk\atisched.exe O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38208.3214699074 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://www2.flingstone.com/cab/98ME/CDTInc/bridge-c2.cab O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_4us.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[anoniem]

Kijk wel ff.

[anoniem]

Run hjt opnieuw en fix onderstaande [list:7deb6cab28][b:7deb6cab28]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/defaults/sb/*http://www.yahoo.com/ext/search/search.html O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\BRIDGE.DLL O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\BI.DLL O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\SYSTEM\MSBE.DLL O2 - BHO: (no name) - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\SYSTEM\NVMS.DLL O2 - BHO: (no name) - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\SYSTEM\MSCB.DLL O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE O4 - HKLM\..\Run: [uxutox] C:\WINDOWS\uxutox.exe O4 - HKLM\..\Run: [ivmfgjaz] C:\WINDOWS\ivmfgjaz.exe O4 - HKLM\..\Run: [wvmrunob] C:\WINDOWS\wvmrunob.exe O4 - HKLM\..\Run: [BELT] C:\WINDOWS\BELT.exe O4 - HKLM\..\Run: [kdez] C:\WINDOWS\kdez.exe O4 - HKLM\..\Run: [gfwzox] C:\WINDOWS\gfwzox.exe O4 - HKLM\..\Run: [qxwl] C:\WINDOWS\qxwl.exe O4 - HKLM\..\Run: [ovizgp] C:\WINDOWS\ovizgp.exe O4 - HKLM\..\Run: [jgj] C:\WINDOWS\jgj.exe O4 - HKLM\..\Run: [tsr] C:\WINDOWS\tsr.exe O4 - HKLM\..\Run: [vmlcpmj] C:\WINDOWS\vmlcpmj.exe O4 - HKLM\..\Run: [xuvwb] C:\WINDOWS\xuvwb.exe O4 - HKLM\..\Run: [luper] C:\WINDOWS\luper.exe O4 - HKLM\..\Run: [xmh] C:\WINDOWS\xmh.exe O4 - HKLM\..\Run: [gzehspwh] C:\WINDOWS\gzehspwh.exe O4 - HKLM\..\Run: [wdupyr] C:\WINDOWS\wdupyr.exe O4 - HKLM\..\Run: [odgjqn] C:\WINDOWS\odgjqn.exe O4 - HKLM\..\Run: [sfitsh] C:\WINDOWS\sfitsh.exe O4 - HKLM\..\Run: [pmxol] C:\WINDOWS\pmxol.exe O4 - HKLM\..\Run: [ytcxityb] C:\WINDOWS\ytcxityb.exe O4 - HKLM\..\Run: [jmzgbwh] C:\WINDOWS\jmzgbwh.exe O4 - HKLM\..\Run: [qpancdmp] C:\WINDOWS\qpancdmp.exe O4 - HKLM\..\Run: [vqb] C:\WINDOWS\vqb.exe O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38208.3214699074 O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://www2.flingstone.com/cab/98ME/CDTInc/bridge-c2.cab [/list:u:7deb6cab28][/b:7deb6cab28] Reboot in safe mode met alle bestanden inclusief systeembestanden weergeven aan en verwijder onderstaande items indien aanwezig: [list:7deb6cab28][b:7deb6cab28] C:\WINDOWS\DOWNLOADED PROGRAM FILES\BRIDGE.DLL <--- dit bestand C:\WINDOWS\BI.DLL <--- dit bestand C:\WINDOWS\2_0_1browserhelper2.dll <--- dit bestand C:\WINDOWS\SYSTEM\MSBE.DLL <--- dit bestand C:\WINDOWS\SYSTEM\NVMS.DLL <--- dit bestand C:\WINDOWS\SYSTEM\MSCB.DLL <--- dit bestand C:\WINDOWS\SYSTEM\A.EXE <--- dit bestand C:\WINDOWS\uxutox.exe<--- dit bestand C:\WINDOWS\ivmfgjaz.exe <--- dit bestand C:\WINDOWS\wvmrunob.exe <--- dit bestand C:\WINDOWS\BELT.exe <--- dit bestand C:\WINDOWS\kdez.exe <--- dit bestand C:\WINDOWS\gfwzox.exe <--- dit bestand C:\WINDOWS\qxwl.exe <--- dit bestand C:\WINDOWS\ovizgp.exe <--- dit bestand C:\WINDOWS\jgj.exe<--- dit bestand C:\WINDOWS\tsr.exe<--- dit bestand C:\WINDOWS\vmlcpmj.exe <--- dit bestand C:\WINDOWS\xuvwb.exe<--- dit bestand C:\WINDOWS\luper.exe<--- dit bestand C:\WINDOWS\xmh.exe<--- dit bestand C:\WINDOWS\gzehspwh.exe <--- dit bestand C:\WINDOWS\wdupyr.exe <--- dit bestand C:\WINDOWS\odgjqn.exe <--- dit bestand C:\WINDOWS\sfitsh.exe <--- dit bestand C:\WINDOWS\pmxol.exe <--- dit bestand C:\WINDOWS\ytcxityb.exe <--- dit bestand C:\WINDOWS\jmzgbwh.exe <--- dit bestand C:\WINDOWS\qpancdmp.exe<--- dit bestand C:\WINDOWS\vqb.exe <--- dit bestand C:\Program Files\NaviSearch <--- deze map[/b:7deb6cab28][/list:u:7deb6cab28] Reboot in normale modus en post een nieuwe log met de nieuwe versie van hijackthis: http://computercops.biz/downloads-file-328.html

[anoniem]

Dank voor de snelle reactie. Alleen a.exe kan ik niet verwijderen (veilige modus - 'in gebruik door windows') [edit]inmiddels wel gelukt[/edit] Verder lijkt het probleem (reclame-popups) verholpen. Dit is het nieuwe log-bestand: Logfile of HijackThis v1.97.7 Scan saved at 14:06:38, on 7-9-04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\A.EXE C:\DOWNLOADS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer van Het Net R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [Taakcontrole] c:\windows\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [ModemUtility] mdsetspw.exe O4 - HKLM\..\Run: [ATIGART] c:\ati\gart\atigart.exe O4 - HKLM\..\Run: [AtiPTA] Atiptaaa.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [Qcombo3Dmouse] Qcombo3d.exe O4 - HKLM\..\Run: [Multimedir KBD] C:\PROGRA~1\MULTIM~1\MMKbd.exe O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe O4 - HKLM\..\Run: [AtiQiPcl] AtiQiPcl.exe O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\DirectCD\DIRECTCD.EXE O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSHWIN32.EXE O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [Atikey] Atitask.exe O4 - HKLM\..\Run: [Omnipage] c:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [rtvscn95] C:\PROGRA~1\SYMANT~1\SYMANT~1\rtvscn95.exe O4 - HKLM\..\RunServices: [defwatch] C:\PROGRA~1\SYMANT~1\SYMANT~1\defwatch.exe O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Startup: Scroll-In-Mouse V2.0.lnk = C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: ATI Scheduler.lnk = C:\ati\atidesk\atisched.exe O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_4us.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[anoniem]

[quote:82f664f49e="henkz"]Logfile of HijackThis v1.97.7[/quote:82f664f49e]' [quote:82f664f49e="pcguy"]Reboot in normale modus en post een nieuwe log met de nieuwe versie van hijackthis: http://computercops.biz/downloads-file-328.html[/quote:82f664f49e] Maak er a.u.b even een met de nieuwe versie, kan je downloaden door mijn link aan te klikken. De nieuwe versie ziet namelijk meer dan de oude.

[anoniem]

Ben inmiddels niet meer bij de pc van kennis. Het leek erop dat zijn probleem verholpen is. Ik laat het dus even hierbij. Vriendelijk bedankt nog.