hai....
bedankt pieter....wat wil het zeggen dat ik geinfecteerd ben met lop.com....en dit is wat er stond in de log file...
Logfile of HijackThis v1.91.2
Scan saved at 17:10:34, on 6-2-2003
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL=http://www.sureseeker.com/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.chello.nl/utilities/search/index.php3
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://ecpm.com/passthrough/index.html?
http://www.chello.nl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.sureseeker.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://www.chello.nl/
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: (no name) - {1678F7E1-C422-11D0-AD7D-00400515CAAA} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [proall] C:\WINDOWS\APPLIC~1\qucrebsh.exe -QuieT
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Synchronization Agent] C:\PROGRAM FILES\SYNC MANAGER\AGENT\SYNCAGENT.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Real.com (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.chello.nl/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37645.5960185185
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) -
http://www.housecall.nl/housecall/xscan4.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) -
http://www1.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {78960E0E-0B0C-11D4-8997-00104BD12D94} (AV Class) -
http://www.pcpitstop.com/antivirus/PCPAV.CAB
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) -
http://www1.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) -
http://www1.pcpitstop.com/mhLbl.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) -
http://quickfix.chello.nl/sdccommon/download/tgctlins.cab