Helpmij tegen spyware offensief (deel 2)

Status
Niet open voor verdere reacties.
Hallo Pieter,

Ik heb het programma gedownload en dat ging allemaal goed maar het wou niet via edit> copy branch to clipboard.
Er gebeurde niets en kon ook via zoeken nergens iets vinden dus ik heb de log gekopieerd en geplakt via printscreen in paint zodat ik het vandaar kon kopieren en plakken in dit bericht maar dat lukt niet en nu.
Doe ik iets fout.


groetjes Lineke
 
Hallo Pieter,

Na lang worstelen is het toch gelukt om de log van whatshappening te kopieren en plakken.
Ik hoor het wel wat de resultaten zijn.
Alvast weer bedankt voor je moeite.

groetjes Lineke

EXPLORER.EXE (C:\WINDOWS)
MSONSEXT.DLL (C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB FOLDERS)
<Microsoft Corporation-Microsoft Office-9.0.2612>
WZSHLSTB.DLL (C:\PROGRAM FILES\WINZIP)
<WinZip Computing, Inc.-WinZip-8.0 (3081)>
ARCEXT.DLL (C:\PROGRAM FILES\WINACE)
<>
ACE.DLL (C:\PROGRAM FILES\WINACE)
<ACE Compression Software-WinAce-2.2.0.0>
SYNCUI.DLL (C:\WINDOWS\SYSTEM)
<>
RWABS32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\VIRUSSCAN ENGINE\4.0.XX)
<Network Associates, Inc.-rwabs-4.0.xx>
AVPARAM.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\VIRUSSCAN ENGINE\4.0.XX)
<Network Associates, Inc.-McScan-4.3.20>
RESDLL.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\RES13)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
SYNCUTIL.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
VSUTIL.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
VSUTLRES.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\RES13)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
NAEVENT.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
NAEVTRES.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL\RES13)
<>
NAARCHIV.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
LZ32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
MCSCAN32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\VIRUSSCAN ENGINE\4.0.XX)
<Network Associates, Inc.-McScan-4.3.20>
NAUTIL32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
NAUTLRES.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL\RES13)
<>
NAKRNL32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
WBHOOK32.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
WBHKRES.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\RES13)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
WINSPOOL.DRV (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
LINKINFO.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
CFGMGR32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
PLUGIN.OCX (C:\WINDOWS\SYSTEM)
<>
WINMM.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft Windows-4.03.1998>
MSRATING.DLL (C:\WINDOWS\SYSTEM)
<>
MSRATELC.DLL (C:\WINDOWS\SYSTEM)
<>
MSHTMLED.DLL (C:\WINDOWS\SYSTEM)
<>
DXTMSFT.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® Windows® Operating System-6.00.2800.1106>
DDRAWEX.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® DirectX for Windows® 95 and 98-4.87.00.0700>
DDRAW.DLL (C:\WINDOWS\SYSTEM)
<>
NTDLL.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
DXTRANS.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® Windows® Operating System-6.00.2800.1106>
ATL.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft (R) Visual C++-6.00.8449>
MSLS31.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® Line Services-3.10>
JSCRIPT.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft (r) JScript-5.6.0.8513>
IMM32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
SENSAPI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) 2000 Operating System-5.50.4807.2300>
RNR20.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.2222>
MLANG.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® Windows® Operating System-6.00.2800.1106>
SHDOCLC.DLL (C:\WINDOWS\SYSTEM)
<>
MSHTML.DLL (C:\WINDOWS\SYSTEM)
<>
URLMON.DLL (C:\WINDOWS\SYSTEM)
<>
ACTXPRXY.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® Windows® Operating System-6.00.2800.1106>
BROWSELC.DLL (C:\WINDOWS\SYSTEM)
<>
IPHLPAPI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.00.1717.2>
MSAFD.DLL (C:\WINDOWS\SYSTEM)
<>
IPCFGDLL.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.00.1717.2>
DHCPCSVC.DLL (C:\WINDOWS\SYSTEM)
<>
ICMP.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.00.1454.1>
RASAPI32.DLL (C:\WINDOWS\SYSTEM)
<>
SECUR32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.2222>
MSVCRT20.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® Visual C++-2.10.000>
SVRAPI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
MSNET32.DLL (C:\WINDOWS\SYSTEM)
<>
MSPWL32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
TAPI32.DLL (C:\WINDOWS\SYSTEM)
<>
MSJAVA.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) Operating System-5.00.3810>
VMHELPER.DLL (C:\WINDOWS\SYSTEM)
<>
MPR.DLL (C:\WINDOWS\SYSTEM)
<>
VERSION.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
SHFOLDER.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft® Windows® Operating System-6.00.2800.1106>
WSOCK32.DLL (C:\WINDOWS\SYSTEM)
<>
MSWSOCK.DLL (C:\WINDOWS\SYSTEM)
<>
WS2_32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.2222>
WS2HELP.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
NETAPI32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
NETBIOS.DLL (C:\WINDOWS\SYSTEM)
<>
ES.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-COM Services-03.00.00.1003>
SENS.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) 2000 Operating System-5.50.4807.2300>
ESTIER2.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-COM Services-03.00.00.1003>
ESSHARED.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-COM Services-03.00.00.1003>
WININET.DLL (C:\WINDOWS\SYSTEM)
<>
CRYPT32.DLL (C:\WINDOWS\SYSTEM)
<>
MSOSS.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.131.1877.3>
WEBCHECK.DLL (C:\WINDOWS\SYSTEM)
<>
MSI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Windows Installer-2.0.2600.2>
RPCRT4.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(TM) Operating System-4.71.2900>
MYDOCS.DLL (C:\WINDOWS\SYSTEM)
<>
SHD401LC.DLL (C:\WINDOWS\SYSTEM)
<>
MSGPLUSH1.DLL (C:\PROGRAM FILES\MESSENGER PLUS! 2)
<>
OLEAUT32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems-3.50.5016.0>
COMDLG32.DLL (C:\WINDOWS\SYSTEM)
<>
BROWSEUI.DLL (C:\WINDOWS\SYSTEM)
<>
SHDOC401.DLL (C:\WINDOWS\SYSTEM)
<>
OLE32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(TM) Operating System-4.71.2900>
SHDOCVW.DLL (C:\WINDOWS\SYSTEM)
<>
SHELL32.DLL (C:\WINDOWS\SYSTEM)
<>
COMCTL32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) 2000 Operating System-5.50.4916.400>
SHLWAPI.DLL (C:\WINDOWS\SYSTEM)
<>
MSVCRT.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft (R) Visual C++-6.10.8924.0>
ADVAPI32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.80.1675> a < @  6   EXPLORER.EXE (C:\WINDOWS)
MSONSEXT.DLL (C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB FOLDERS)
<Microsoft Corporation-Microsoft Office-9.0.2612>
WZSHLSTB.DLL (C:\PROGRAM FILES\WINZIP)
<WinZip Computing, Inc.-WinZip-8.0 (3081)>
ARCEXT.DLL (C:\PROGRAM FILES\WINACE)
<>
ACE.DLL (C:\PROGRAM FILES\WINACE)
<ACE Compression Software-WinAce-2.2.0.0>
SYNCUI.DLL (C:\WINDOWS\SYSTEM)
<>
RWABS32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\VIRUSSCAN ENGINE\4.0.XX)
<Network Associates, Inc.-rwabs-4.0.xx>
AVPARAM.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\VIRUSSCAN ENGINE\4.0.XX)
<Network Associates, Inc.-McScan-4.3.20>
RESDLL.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\RES13)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
SYNCUTIL.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
VSUTIL.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
VSUTLRES.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\RES13)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
NAEVENT.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
NAEVTRES.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL\RES13)
<>
NAARCHIV.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
LZ32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
MCSCAN32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\VIRUSSCAN ENGINE\4.0.XX)
<Network Associates, Inc.-McScan-4.3.20>
NAUTIL32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
NAUTLRES.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL\RES13)
<>
NAKRNL32.DLL (C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\MCPAL)
<Network Associates, Inc.-McAfee Core Components-6.0.0>
WBHOOK32.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
WBHKRES.DLL (C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\RES13)
<Network Associates, Inc.-McAfee VirusScan-4.5.1>
WINSPOOL.DRV (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
LINKINFO.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
CFGMGR32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
PLUGIN.OCX (C:\WINDOWS\SYSTEM)
<>
WINMM.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft Windows-4.03.1998>
MSRATING.DLL (C:\WINDOWS\SYSTEM)
<>
MSRATELC.DLL (C:\WINDOWS\SYSTEM)
<>
MSHTMLED.DLL (C:\WINDOWS\SYSTEM)
<>
DXTMSFT.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© Windows© Operating System-6.00.2800.1106>
DDRAWEX.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© DirectX for Windows© 95 and 98-4.87.00.0700>
DDRAW.DLL (C:\WINDOWS\SYSTEM)
<>
NTDLL.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
DXTRANS.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© Windows© Operating System-6.00.2800.1106>
ATL.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft (R) Visual C++-6.00.8449>
MSLS31.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© Line Services-3.10>
JSCRIPT.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft (r) JScript-5.6.0.8513>
IMM32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
SENSAPI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) 2000 Operating System-5.50.4807.2300>
RNR20.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.2222>
MLANG.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© Windows© Operating System-6.00.2800.1106>
SHDOCLC.DLL (C:\WINDOWS\SYSTEM)
<>
MSHTML.DLL (C:\WINDOWS\SYSTEM)
<>
URLMON.DLL (C:\WINDOWS\SYSTEM)
<>
ACTXPRXY.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© Windows© Operating System-6.00.2800.1106>
BROWSELC.DLL (C:\WINDOWS\SYSTEM)
<>
IPHLPAPI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.00.1717.2>
MSAFD.DLL (C:\WINDOWS\SYSTEM)
<>
IPCFGDLL.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.00.1717.2>
DHCPCSVC.DLL (C:\WINDOWS\SYSTEM)
<>
ICMP.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.00.1454.1>
RASAPI32.DLL (C:\WINDOWS\SYSTEM)
<>
SECUR32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.2222>
MSVCRT20.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© Visual C++-2.10.000>
SVRAPI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
MSNET32.DLL (C:\WINDOWS\SYSTEM)
<>
MSPWL32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
TAPI32.DLL (C:\WINDOWS\SYSTEM)
<>
MSJAVA.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) Operating System-5.00.3810>
VMHELPER.DLL (C:\WINDOWS\SYSTEM)
<>
MPR.DLL (C:\WINDOWS\SYSTEM)
<>
VERSION.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
SHFOLDER.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft© Windows© Operating System-6.00.2800.1106>
WSOCK32.DLL (C:\WINDOWS\SYSTEM)
<>
MSWSOCK.DLL (C:\WINDOWS\SYSTEM)
<>
WS2_32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.2222>
WS2HELP.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
NETAPI32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.10.1998>
NETBIOS.DLL (C:\WINDOWS\SYSTEM)
<>
ES.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-COM Services-03.00.00.1003>
SENS.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) 2000 Operating System-5.50.4807.2300>
ESTIER2.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-COM Services-03.00.00.1003>
ESSHARED.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-COM Services-03.00.00.1003>
WININET.DLL (C:\WINDOWS\SYSTEM)
<>
CRYPT32.DLL (C:\WINDOWS\SYSTEM)
<>
MSOSS.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(R) Operating System-5.131.1877.3>
WEBCHECK.DLL (C:\WINDOWS\SYSTEM)
<>
MSI.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Windows Installer-2.0.2600.2>
RPCRT4.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(TM) Operating System-4.71.2900>
MYDOCS.DLL (C:\WINDOWS\SYSTEM)
<>
SHD401LC.DLL (C:\WINDOWS\SYSTEM)
<>
MSGPLUSH1.DLL (C:\PROGRAM FILES\MESSENGER PLUS! 2)
<>
OLEAUT32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems-3.50.5016.0>
COMDLG32.DLL (C:\WINDOWS\SYSTEM)
<>
BROWSEUI.DLL (C:\WINDOWS\SYSTEM)
<>
SHDOC401.DLL (C:\WINDOWS\SYSTEM)
<>
OLE32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows NT(TM) Operating System-4.71.2900>
SHDOCVW.DLL (C:\WINDOWS\SYSTEM)
<>
SHELL32.DLL (C:\WINDOWS\SYSTEM)
<>
COMCTL32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows (R) 2000 Operating System-5.50.4916.400>
SHLWAPI.DLL (C:\WINDOWS\SYSTEM)
<>
MSVCRT.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft (R) Visual C++-6.10.8924.0>
ADVAPI32.DLL (C:\WINDOWS\SYSTEM)
<Microsoft Corporation-Microsoft(R) Windows(R) Operating System-4.80.1675>
 
Hoi lineke57,

In je log staan een heleboel bestanden die zonder meer als Microsoft geidentificeerd zouden moeten worden, maar dat doen ze niet.

In Configuratiescherm > Software > Windows onderdelen kun je Internet Explorer repareren.
Probeer dat eerst even.

Groetjes,

Pieter
 
Hallo Pieter,

Ik ben naar configuratiescherm>software gegaan en dan kan ik kiezen uit installeren en verwijderen/windows setup/opstartdiskette.
Ik zie onder deze onderwerpen nergens windows onderdelen staan of dat ik iets zou kunnen repareren.
Ik heb windows 98 se, misschien maakt dat nog een verschil.

groetjes Lineke
 
Hier mijn log. Wie oh Wie

Logfile of HijackThis v1.81.1
Scan saved at 21:50:32, on 21-2-2004
Platform: Windows NT 5.01.2600
MSIE version: 6.0.2800.1106

R3 - URLSearchHook: Microsoft Url-zoeken Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\System32\shdocvw.dll (file missing)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {A4871CBE-5463-35A5-2FB2-88D8A380DFCE} - C:\PROGRA~1\32GPL~1\amokdead.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [B-Reader] D:\Birthday Reminder\B-Reader.exe
O4 - HKLM\..\Run: [A-Reader] D:\Birthday Reminder\A-Reader.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [roameach] C:\PROGRA~1\Noun Site Four\daleplatforminter.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Onderzoek
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37920.0678356482
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
 
Hallo Pieter,

Helaas helaas het heeft niets geholpen.
Ik heb je advies opgevolgd en uitgevoerd maar de problemen blijven, vooral het blijven hangen en vele resetten levert nogal war frustaties op hier in huis.
Maar ja wie weet komen we er nog achter.
In ieder geval bedankt voor je hulp tot zover.
Ik hoor het wel weer.

groetjes Lineke
 
Geplaatst door lineke57
Hallo Pieter,

Helaas helaas het heeft niets geholpen.
Ik heb je advies opgevolgd en uitgevoerd maar de problemen blijven, vooral het blijven hangen en vele resetten levert nogal war frustaties op hier in huis.
Maar ja wie weet komen we er nog achter.
In ieder geval bedankt voor je hulp tot zover.
Ik hoor het wel weer.

groetjes Lineke
Klik om te vergroten...

Hoi Lineke,

Download de installer voor IE 6 in de juiste taal hier: http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/default.asp
Verwijder dan de oude IE met IERadicator en start dan de Installer. Zorg wel dat je internetverbinding open blijft, want de installer moet de rest nog downloaden.

Groetjes,

Pieter
 
Geplaatst door blacksheep


R3 - URLSearchHook: Microsoft Url-zoeken Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\System32\shdocvw.dll (file missing)

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {A4871CBE-5463-35A5-2FB2-88D8A380DFCE} - C:\PROGRA~1\32GPL~1\amokdead.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"

O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
Klik om te vergroten...

Hoi Joyce,

Deze kun je alvast laten fixen, maar plaats nog wel even je log met de nieuwe versie van HijackThis.

Had je een "cadeautje" gehad bij MessengerPlus?

Groetjes,

Pieter
 
gescand met ad aware en 26 items verwijderd.
krijg laatste tijd emailtjes met netskyb virus. gelukkig onderschept met norton, maar misschien kun jij iets ontdekken.

Suc6,
RudTheBud

Logfile of HijackThis v1.97.7
Scan saved at 23:24:34, on 21-2-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Programma files\Norton Antivirus\navapsvc.exe
D:\Programma files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
D:\Programma files\Norton Internet Security\NISSERV.EXE
D:\Programma files\Norton Internet Security\SymProxySvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sm56hlpr.exe
D:\Programma files\spam inspector\piiserviceOE.exe
D:\PROGRA~1\NORTON~1\navapw32.exe
D:\Programma files\Norton Internet Security\IAMAPP.EXE
C:\WINDOWS\System32\MMTray.exe
C:\WINDOWS\System32\MMTray2k.exe
C:\WINDOWS\System32\MMTrayLSI.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\RUNDLL32.EXE
D:\Programma files\Intervideo\Common\Bin\WinCinemaMgr.exe
D:\Programma files\WinMX\WinMX.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Backup\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {08442457-929D-4522-AE24-9D3E4664A0C1} - C:\Program Files\IE URL Spoofing Patch\IEWorkaround3.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programma files\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [piiserviceOE] "D:\Programma files\spam inspector\piiserviceOE.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NAV Agent] D:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [iamapp] D:\Programma files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = D:\Programma files\Intervideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Onderzoekscentrum (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37982.1046990741
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7AF16A3-13A2-4529-B227-644A8AE9B5C0}: NameServer = 195.121.1.34 195.121.1.66
 
Geplaatst door rudthebud
gescand met ad aware en 26 items verwijderd.
krijg laatste tijd emailtjes met netskyb virus. gelukkig onderschept met norton, maar misschien kun jij iets ontdekken.
Klik om te vergroten...

Als je Windows (vooral IE) up-to-date zou maken, zou het een prachtlog zijn.

Dat je virussen ontvangt, is niet iets wat op jouw computer mis is.

Groetjes,

Pieter
 
OK nu met de laatste versie

Logfile of HijackThis v1.97.7
Scan saved at 0:05:45, on 22-2-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\Program Files\Messenger Plus! 2\MsgPlus.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\WINDOWS\System32\wfxsnt40.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\PROGRA~1\Noun Site Four\daleplatforminter.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
D:\Program Files\Webshots\WebshotsTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~2\MICROS~1\OFFICE11\OUTLOOK.EXE
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\OPScan.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\unzipped\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {A4871CBE-5463-35A5-2FB2-88D8A380DFCE} - C:\PROGRA~1\32GPL~1\amokdead.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: viewwingreat - {3B65B009-2008-8810-761C-8B066D25E7D4} - C:\PROGRA~1\32GPL~1\amokdead.dll
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [B-Reader] D:\Birthday Reminder\B-Reader.exe
O4 - HKLM\..\Run: [A-Reader] D:\Birthday Reminder\A-Reader.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [roameach] C:\PROGRA~1\Noun Site Four\daleplatforminter.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Webshots.lnk = D:\Program Files\Webshots\WebshotsTray.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Onderzoek (HKLM)
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37920.0678356482
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
 
Geplaatst door blacksheep


O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {A4871CBE-5463-35A5-2FB2-88D8A380DFCE} - C:\PROGRA~1\32GPL~1\amokdead.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: viewwingreat - {3B65B009-2008-8810-761C-8B066D25E7D4} - C:\PROGRA~1\32GPL~1\amokdead.dll

O4 - HKLM\..\Run: [roameach] C:\PROGRA~1\Noun Site Four\daleplatforminter.exe <=======?????
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"

O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
[/url]
Klik om te vergroten...

Hoi blacksheep,

Vink de bovenstaande aan in HijackThis, sluit dan allee vensters behalve HijackThis en klik op Fix checked.

Start dan opnieuw op en verwijder:
C:\Program Files\AutoUpdate <= de hele map (PeopleOnPage)
Zoek dan dit bestandje op: amokdead.dll
Als je in dezelfde map een .bin bestand vindt, kun je de hele map verwijderen (lop.com)

Die ene waar ik al die vraagtekens bij gezet heb, weet jij daar iets meer over?

Groetjes,

Pieter
 
Alles gedaan, opnieuw gescand. Onder volgt het resultaat. Het bestandje amokdead.dll kon de computer niet vinden. Sygate blokkeert nu nog wel steeds daleplatforminter.exe.

Logfile of HijackThis v1.97.7
Scan saved at 0:36:07, on 22-2-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Messenger Plus! 2\MsgPlus.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\WINDOWS\System32\wfxsnt40.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\PROGRA~1\NOUNSI~1\daleplatforminter.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
D:\Program Files\Webshots\WebshotsTray.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\unzipped\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [B-Reader] D:\Birthday Reminder\B-Reader.exe
O4 - HKLM\..\Run: [A-Reader] D:\Birthday Reminder\A-Reader.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [roameach] C:\PROGRA~1\NOUNSI~1\daleplatforminter.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Webshots.lnk = D:\Program Files\Webshots\WebshotsTray.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Onderzoek (HKLM)
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37920.0678356482
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
 
Laatst bewerkt:
Zo, daleplatforminter.exe ook weggehaald. Dat was nogal wat. Hartelijk dank voor de moeite. Wat een troep zeg. Daar wordt een mens stil van.
 
Geplaatst door blacksheep
Zo, daleplatforminter.exe ook weggehaald. Dat was nogal wat. Hartelijk dank voor de moeite. Wat een troep zeg. Daar wordt een mens stil van.
Klik om te vergroten...

Pieter, het enige dat ik kan bedenken, is dat deze van de van Dale site is, waar ik nogal eens kom. Dat zou dan slordig zijn. Voor de rest heb ik geen idee.

Joyce
 
Geplaatst door blacksheep


Pieter, het enige dat ik kan bedenken, is dat deze van de van Dale site is, waar ik nogal eens kom. Dat zou dan slordig zijn. Voor de rest heb ik geen idee.

Joyce
Klik om te vergroten...

Hoi Joyce,

Als je het bestand nog hebt wil ik er met alle plezier even naar kijken. Het zou ook de nieuwe versie van lop.com kunnen zijn.

Groetjes,

Pieter
 
Geplaatst door Pieter Arntz


Hoi X-O,

Voor je begint wil ik je aanraden om HijackThis naar een aparte map uit te pakken. Het programma maakt backups in de map waar het staat en
zoals jij het nu draait komen die op je bureaublad terecht.

Vink dan de bovenstaande aan, sluit alle vensters behalve HijackThis en klik op Fix checked.

Start daarna opnieuw op.
Zoek het bestandje c:\system.reg en rechtsklik erop. Kies dan "Openen met ... " en kies voor kladblok.
Post svp de inhoud.

Groetjes,

Pieter
Klik om te vergroten...


REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer]
"SearchURL"="http://www.searchxl.com/ie/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="no"
"Use Custom Search URL"=dword:00000001
"Default_Search_URL"="http://www.searchxl.com/ie/"
"Search Page"="http://www.searchxl.com/ie/"
"Search Bar"="http://www.searchxl.com/ie/"
"SearchURL"="http://www.searchxl.com/ie/"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.searchxl.com/ie/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.searchxl.com/ie/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.searchxl.com/ie/"
"Default_Search_URL"="http://www.searchxl.com/ie/"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"ITBarLayout"=hex:11,00,00,00,4c,00,00,00,00,00,00,00,30,00,00,00,1b,00,00,00,\
64,00,00,00,01,00,00,00,a0,06,00,00,e9,02,00,00,05,00,00,00,62,04,00,00,26,\
00,00,00,02,00,00,00,a1,06,00,00,f7,02,00,00,04,00,00,00,a1,00,00,00,11,03,\
00,00,03,00,00,00,a9,02,00,00,0b,03,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,01,24,d0,30,81,6a,d0,11,82,74,00,c0,4f,\
d5,ae,38,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SystemSearch"="REGEDIT.EXE -S c:\\system.reg"
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan