windowsmark

bedankt jongens, puik werk! grz mark

Malwarebytes' Anti-Malware 1.30 Database versie: 1430 Windows 5.1.2600 Service Pack 3 27-11-2008 23:02:37 mbam-log-2008-11-27 (23-02-37).txt Scan type: Snelle Scan Objecten gescand: 53998 Verstreken tijd: 5 minute(s), 29 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 7 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) -------------------------------------------------------- Ik gebruik nu mozilla firefox, maar heb nu geen pop-ups meer. gr mark

ik dacht dat ik mijn reactie al had geplaatst en had gewoon de MBAM log gekopieerd en niet opgeslagen, ik weet niet waar hij nu is? ..

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:18:21, on 28-11-2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 7667 bytes

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:08:43, on 27-11-2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\AVG\AVG8\avgui.exe C:\PROGRA~1\AVG\AVG8\avgscanx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Compaq_Eigenaar\Local Settings\Temporary Internet Files\Content.IE5\K943CR4W\ATF-Cleaner[1].exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: {31bc1f96-5216-bf7a-daa4-c037c38d33f3} - {3f33d83c-730c-4aad-a7fb-612569f1cb13} - C:\WINDOWS\system32\jxyjor.dll O2 - BHO: (no name) - {85E1C558-0C84-4984-ACA3-D73EFCB87B5B} - C:\WINDOWS\system32\khfDvwXP.dll (file missing) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {E9681C1C-C1DF-4970-97BB-86C3E716AFA3} - C:\WINDOWS\system32\ljJCtrqR.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll jxyjor.dll O20 - Winlogon Notify: ljJCtrqR - ljJCtrqR.dll (file missing) O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8744 bytes

Ik heb heel windows opniew geinstalleerd, hij was ook wat traagjes.. dus het probleem is nu dus ook weg:) bedankt voor de hulp.. mvg, mark

Hallo, ik heb de laatste tijd heel veel pop ups met reclame,, hoe kom ik hier het beste vanaf, en een goede pop up blokker ofzo? gr mark

Normaal brand ik alleen muziek ( dus met Itunes) Toen heb ik PPT2DVD geïnstalleerd en weer verwijderd en sindsdien brand iTunes niet meer.. verder geen brandprogramma's

al gebeurd...

Eerst stond Itunes er altijd op. toen heb ik PPT2DVD geinstalleerd ( om powerpoint op dvd te zetten) dit was eenmalig en heb het daarna verwijderd.. nu brand Itunes niet meer.. grz

Het heeft allebei wel invloed gehad, maar hij is nog niet echt op optimale snelheid moet ik zeggen. grz

Ik ga er mee aan de slag, laat snel iets weten.

Ik heb de herstel functie al eens geprobeerd, zonder succes. Eerst stond Itunes er altijd op. toen heb ik PPT2DVD geinstalleerd ( om powerpoint op dvd te zetten) dit was eenmalig en heb het daarna verwijderd.. nu brand Itunes niet meer.. grz

Ik wil mijn computer helemaal opschonen. ( internet is sloom, Computer is sloom, opstarten duurt lang, de bekende problemen van een volle (mogelijk vervuilde)computer) Kunnen jullie mij daar bij helpen? hier een logje alvast.. [ATTACH]1255[/ATTACH] Alvast bedankt Grz mark hijackthis.log

Als ik Itunes opstart krijg ik deze melding: De registerinstellingen die door de iTunes-stuurprogramma's worden gebruikt voor het importeren en branden van cd's en dvd's ontbreken. Mogelijk hebt u andere software voor het branden van cd's geïnstalleerd.. Installeer iTunes opnieuw. ik heb Itunes al opnieuw geinstalleerd en ook een keer gerepareerd maar werkt beide niet.. weet iemand raad? grz mark

[attach]1022[/attach] [attach]1023[/attach] hijackthis.log mbam-log-2008-09-09 (20-18-58).txt

Als het goed is, moet hij het nu doen

Ik krijg steeds als ik iets open, bijvoorbeeld mijn documenten de foutmelding '; in explorer is een fout opgetreden.......moet worden afgesloten.......................... wel/niet verzenden.. en dan sluit ie weer alles af.. dus kan nergens komen.. Ik had toevallig internet nog open staan. en had hijackthis op bureaublad dus hier een logje: [ATTACH]1021[/ATTACH] mvg, mark p.s. me com is ook niet echt snel meer.. hijackthis.log

De pop-up heb ik niet meer gehad en ik heb idd geen problemen meer met het traag openen van pagina's.. Bedankt!

Logje: Malwarebytes' Anti-Malware 1.24 Database versie: 1045 Windows 5.1.2600 Service Pack 3 22:38:05 12-8-2008 mbam-log-8-12-2008 (22-38-05).txt Scan type: Snelle Scan Objecten gescand: 41625 Verstreken tijd: 7 minute(s), 55 second(s) Geheugenprocessen geïnfecteerd: 1 Geheugenmodulen geïnfecteerd: 5 Registersleutels geïnfecteerd: 17 Registerwaarden geïnfecteerd: 2 Registerdata bestanden geïnfecteerd: 2 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 17 Geheugenprocessen geïnfecteerd: C:\WINDOWS\Config\csrss.exe (Trojan.Agent) -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: C:\WINDOWS\system32\ddsswmja.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\khfCrPHw.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\hrngsrqi.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\kakzkb.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\vtUomklI.dll (Trojan.vundo) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1660882d-7546-42e1-94e7-9bb9952b119f} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{1660882d-7546-42e1-94e7-9bb9952b119f} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{380ef41c-595f-432d-9d3d-2ae3e4952dd7} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{380ef41c-595f-432d-9d3d-2ae3e4952dd7} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.BHO) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.BHO) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtuomkli (Trojan.vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmc34a3f86 (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.vundo) -> Delete on reboot. Registerdata bestanden geïnfecteerd: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\khfcrphw -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\khfcrphw -> Delete on reboot. Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: C:\WINDOWS\system32\khfCrPHw.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\wHPrCfhk.ini (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\wHPrCfhk.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kakzkb.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\ddsswmja.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\ajmwssdd.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hrngsrqi.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\vtUomklI.dll (Trojan.BHO) -> Delete on reboot. C:\WINDOWS\system32\nsf14B.dll (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rhqilqox.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yhkwhgnd.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\Config\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BMc34a3f86.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BMc34a3f86.txt (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully. Hijack This: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:27:10, on 13-8-2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\Explorer.EXE c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ps2.exe C:\WINDOWS\ALCWZRD.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Adparatus\Adparatus.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Adparatus - {8B2C7C9D-716D-4e9e-9358-B9C80A81B7ED} - C:\Program Files\Adparatus\Adparatus.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Duhiki - {20001E7A-823D-4E19-ADE2-D6AB53C7C81E} - C:\Program Files\Duhiki\DuhikiToolbar\Duhiki.dll O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 8346 bytes

De laatste tijd duurt het echt een eeuwigheid voordat een site is geladen en er opent zich soms ook automatisch een antivirus site en begint met downloaden.. Ook wil ik mijn computer opruimen.. Mvg, Mark Alvast een hijackthis logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:44:03, on 12-8-2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Config\csrss.exe C:\WINDOWS\system32\ps2.exe C:\WINDOWS\ALCWZRD.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Adparatus\Adparatus.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Duhiki - {20001E7A-823D-4E19-ADE2-D6AB53C7C81E} - C:\Program Files\Duhiki\DuhikiToolbar\Duhiki.dll O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [c0790c1a] rundll32.exe "C:\WINDOWS\system32\ddsswmja.dll",b O4 - HKLM\..\Run: [bMc34a3f86] Rundll32.exe "C:\WINDOWS\system32\hrngsrqi.dll",s O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [Adparatus] "C:\Program Files\Adparatus\Adparatus.exe" O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 8621 bytes

Bedankt iedereen. Dit heeft mijn probleem verholpen. Nogmaals bedankt, Mark

Sorry voor de late reactie maar mijn internet heeft plat gelegen: Bedankt voor alle reacties: hier de logjes: [ATTACH]875[/ATTACH] [ATTACH]876[/ATTACH] Mvg, Mark hijackthis.log log.txt

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:08:10, on 24-6-2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\Explorer.EXE c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\ps2.exe C:\WINDOWS\ALCWZRD.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Poker\Holland Poker\casino.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [bMc34a3f86] Rundll32.exe "C:\WINDOWS\system32\trsbvetv.dll",s O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 6871 bytes ---------------------------------------------------------------------------- ComboFix 08-06-20.4 - Compaq_Eigenaar 2008-06-24 11:44:31.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.637 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\Compaq_Eigenaar\Mijn documenten\Mijn muziek\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\Documents and Settings\Compaq_Eigenaar\Local Settings\Application Data\syeiq.dat c:\documents and settings\compaq_eigenaar\local settings\application data\syeiq.exe c:\Documents and Settings\Compaq_Eigenaar\Local Settings\Application Data\syeiq_nav.dat c:\Documents and Settings\Compaq_Eigenaar\Local Settings\Application Data\syeiq_navps.dat C:\smp.bat C:\WINDOWS\BMc34a3f86.xml C:\WINDOWS\pskt.ini C:\WINDOWS\system\update.exe C:\WINDOWS\system32\byXPGXRi.dll C:\WINDOWS\system32\geBsSijJ.dll C:\WINDOWS\system32\geBssrPg.dll C:\WINDOWS\system32\JjiSsBeg.ini C:\WINDOWS\system32\JjiSsBeg.ini2 C:\WINDOWS\system32\ljJcDVoo.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\rrtwyyxx.ini C:\WINDOWS\system32\rrtwyyxx.ini2 C:\WINDOWS\system32\rxmoppnh.ini C:\WINDOWS\system32\rxmoppnh.ini2 C:\WINDOWS\system32\rxmoppnh.tmp C:\WINDOWS\system32\xxyywtrr.dll . (((((((((((((((((((( Bestanden Gemaakt van 2008-05-24 to 2008-06-24 )))))))))))))))))))))))))))))) . 2039-10-12 20:42 . 2039-10-12 20:42 3,120 --a------ C:\WINDOWS\MF_C421.lfa 2039-10-12 20:42 . 2039-10-12 20:42 3,120 --a------ C:\WINDOWS\MF_C420.lfa 2008-06-24 11:53 . 2008-06-24 11:53 22 --a------ C:\WINDOWS\pskt.ini 2008-06-24 11:53 . 2008-06-24 11:53 0 --a------ C:\WINDOWS\BMc34a3f86.xml 2008-06-23 17:39 . 2008-06-23 17:39 105,984 --a------ C:\WINDOWS\system32\vkugorwa.dll 2008-06-23 17:37 . 2008-06-23 17:37 91,136 --a------ C:\WINDOWS\system32\trsbvetv.dll 2008-06-23 17:37 . 2008-06-23 17:37 81,408 --a------ C:\WINDOWS\system32\hnppomxr.dll 2008-06-21 19:22 . 2008-06-21 19:22 127 --a------ C:\WINDOWS\system32\MRT.INI 2008-06-21 17:22 . 2008-06-23 00:40 90,112 --------- C:\WINDOWS\system32\gagchbfu.dll 2008-06-21 17:22 . 2008-06-23 00:40 81,408 --------- C:\WINDOWS\system32\gsdbayvv.dll 2008-06-18 19:57 . 2008-06-18 19:57 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-18 19:57 . 2008-06-18 19:57 <DIR> d-------- C:\Documents and Settings\Compaq_Eigenaar\Application Data\Malwarebytes 2008-06-18 19:57 . 2008-06-18 19:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-18 19:57 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-18 19:57 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-06-12 16:54 . 2008-06-12 16:54 <DIR> d-------- C:\Program Files\America's Army Server Manager 2008-06-12 16:52 . 2008-06-22 11:00 <DIR> d-------- C:\Program Files\America's Army 2008-06-12 09:49 . 2008-06-14 19:36 272,640 --------- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-12 09:49 . 2008-05-08 16:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-06-11 11:53 . 2002-07-30 21:38 647,168 --a------ C:\WINDOWS\system32\cdr.dll 2008-06-05 13:44 . 2008-06-05 13:44 <DIR> d-------- C:\Archivos de programa 2008-06-05 13:43 . 2008-06-12 11:29 <DIR> d-------- C:\Program Files\eMule 2008-06-01 15:30 . 2008-06-01 15:30 <DIR> d-------- C:\Taccels 2008-06-01 15:30 . 2008-06-01 15:30 <DIR> d-------- C:\Program Files\TAC 2008-06-01 15:30 . 2008-06-02 12:45 <DIR> d-------- C:\Documents and Settings\Compaq_Eigenaar\Application Data\TAC 2008-06-01 15:30 . 2006-05-08 09:54 132,880 --a------ C:\WINDOWS\system32\msinet.ocx 2008-05-31 16:11 . 2008-06-06 14:47 34 --a------ C:\WINDOWS\cdplayer.ini 2008-05-31 16:09 . 2008-05-31 16:14 <DIR> d-------- C:\audiograbber . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-24 09:50 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-06-23 19:04 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-06-23 18:08 --------- d-----w C:\Program Files\Windows Live Safety Center 2008-06-22 22:36 --------- d-----w C:\Program Files\NCH Swift Sound 2008-06-22 22:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-22 14:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-06-20 11:35 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\LimeWire 2008-06-18 20:10 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\OpenOffice.org2 2008-06-17 13:57 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\AdobeUM 2008-06-14 17:36 272,640 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 09:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound 2008-06-06 09:00 --------- d-----w C:\Program Files\BitComet 2008-05-19 15:57 --------- d-----w C:\Program Files\MessengerDiscovery 2008-05-17 13:39 --------- d-----w C:\Program Files\Apple Software Update 2008-05-17 13:39 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\Apple Computer 2008-05-17 11:23 --------- d-----w C:\Program Files\Ashampoo 2008-05-17 11:23 --------- d-----w C:\Documents and Settings\Compaq_Eigenaar\Application Data\Ashampoo 2008-05-17 10:27 --------- d-----w C:\Program Files\Windows Journal Viewer 2008-05-17 10:27 --------- d-----w C:\Program Files\GameSpy Arcade 2008-05-17 10:23 --------- d-----w C:\Program Files\Opera 9.5 beta 2008-05-15 18:49 --------- d-----w C:\Program Files\MSN Messenger 2008-05-15 18:49 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-05-08 16:07 --------- d-----w C:\Program Files\Common Files\Adobe 2008-05-08 16:07 --------- d-----w C:\Program Files\Bonjour 2008-05-08 15:57 --------- d-----w C:\Program Files\Common Files\Macrovision Shared 2008-05-08 15:14 --------- d-----w C:\Program Files\PokerStars 2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-04 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-04 08:44 --------- d-----w C:\Program Files\Gpotato 2008-05-04 08:42 --------- d-----w C:\Program Files\3D Online Pool 2008-05-01 18:57 --------- d-----w C:\Program Files\Common Files\INCA Shared 2008-04-29 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo 2008-04-27 19:22 --------- d-----w C:\Program Files\Java 2008-04-14 17:03 70,144 ----a-w C:\WINDOWS\notepad.exe 2008-04-14 17:03 32,866 ------w C:\WINDOWS\slrundll.exe 2008-04-14 17:03 287,232 ----a-w C:\WINDOWS\winhlp32.exe 2008-04-14 17:03 153,088 ----a-w C:\WINDOWS\regedit.exe 2008-04-14 17:03 10,752 ----a-w C:\WINDOWS\hh.exe 2008-04-14 17:02 50,688 ----a-w C:\WINDOWS\twain_32.dll 2008-04-14 17:02 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll 2008-04-14 17:02 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll 2008-04-14 17:02 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll 2008-04-14 17:02 33,280 ----a-w C:\WINDOWS\Help\sstub.dll 2008-04-14 17:02 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll 2008-04-14 17:02 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll 2008-04-14 17:02 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll 2008-04-14 17:02 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll 2008-04-14 17:02 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll 2008-04-14 17:02 1,037,312 ----a-w C:\WINDOWS\explorer.exe 2008-03-06 14:22 56 --sha-w C:\Documents and Settings\All Users\Application Data\dc64vg9.sys 2008-02-28 21:55 22,328 ----a-w C:\Documents and Settings\Compaq_Eigenaar\Application Data\PnkBstrK.sys 2005-07-29 14:24 472 -csha-r C:\WINDOWS\TWFyayBOb3JicnVpcw\nqIVuV1ivaL2wBpDwT.vbs . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f30d5bb5-c07c-40ad-a02a-31106722f592}] 2008-06-23 17:39 105984 --a------ C:\WINDOWS\system32\vkugorwa.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 21:13 98304] "AlcWzrd"="ALCWZRD.EXE" [2005-02-18 22:32 2754560 C:\WINDOWS\ALCWZRD.EXE] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2008-02-21 20:28 100056] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 18:22 58984] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe] "BMc34a3f86"="C:\WINDOWS\system32\trsbvetv.dll" [2008-06-23 17:37 91136] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XFR1"= xfcodec.dll [HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Eigenaar^Menu Start^Programma's^Opstarten^OpenOffice.org 2.3 .lnk] path=C:\Documents and Settings\Compaq_Eigenaar\Menu Start\Programma's\Opstarten\OpenOffice.org 2.3 .lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.3 .lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] --a------ 2005-07-14 15:09 57344 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] --a------ 2004-06-29 19:06 88363 C:\WINDOWS\AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet] --a------ 2008-02-01 09:20 2194744 C:\Program Files\BitComet\BitComet.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] --a------ 2007-02-21 18:22 58984 c:\Program Files\Common Files\Symantec Shared\ccApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a------ 2003-10-23 20:51 233472 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2003-06-25 12:24 49152 C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] --a------ 1998-05-07 18:04 52736 c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2004-10-14 00:04 278528 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] --a------ 2007-02-08 02:13 774168 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] --a------ 2008-02-20 23:50 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2008-04-14 19:03 1695232 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-12-05 02:41 8523776 C:\WINDOWS\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] --a------ 2007-11-09 14:16 688128 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2005-01-02 01:54 98304 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] --a------ 2004-04-14 22:43 233472 C:\WINDOWS\SMINST\RECGUARD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] --a------ 2004-12-14 02:23 663552 C:\Windows\Creator\Remind_XP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sclauncher] --a------ 2007-01-30 11:43 94208 C:\Program Files\SimpleCenter\bin\win\sclauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio] --a------ 2004-03-18 00:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] --a------ 2005-02-21 22:49 90112 C:\WINDOWS\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "LightScribeService"=2 (0x2) "iPodService"=3 (0x3) "WLSetupSvc"=3 (0x3) "usnjsvc"=3 (0x3) "LiveUpdate"=3 (0x3) "LVSrvLauncher"=2 (0x2) "LVPrcSrv"=2 (0x2) "WMPNetworkSvc"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "25558:TCP"= 25558:TCP:BitComet 25558 TCP "25558:UDP"= 25558:UDP:BitComet 25558 UDP "3167:TCP"= 3167:TCP:*:Disabled:SolidNetworkManager "3167:UDP"= 3167:UDP:*:Disabled:SolidNetworkManager "43577:TCP"= 43577:TCP:*:Disabled:SolidNetworkManager "43577:UDP"= 43577:UDP:*:Disabled:SolidNetworkManager "64507:TCP"= 64507:TCP:*:Disabled:SolidNetworkManager "64507:UDP"= 64507:UDP:*:Disabled:SolidNetworkManager S3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS [2004-11-30 20:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5eb9676c-fa63-11dc-8545-0013d42048e4}] \Shell\AutoRun\command - L:\v.exe \Shell\explore\Command - L:\v.exe \Shell\open\Command - L:\v.exe . Inhoud van de 'Gedeelde Taken' map "2008-06-20 11:16:28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-06-20 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-24 11:52:58 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... C:\WINDOWS\pskt.ini Scan succesvol afgerond verborgen bestanden: 1 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\system32\nview.dll -> C:\WINDOWS\system32\trsbvetv.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe . ************************************************************************** . Voltooingstijd: 2008-06-24 11:59:51 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-24 09:59:28 ComboFix2.txt 2008-01-25 17:45:58 ComboFix3.txt 2008-01-25 11:38:37 ComboFix4.txt 2008-01-24 22:39:21 Pre-Run: 124,722,946,048 bytes beschikbaar Post-Run: 124,712,611,840 bytes beschikbaar 280 --- E O F --- 2008-06-21 22:14:32 ik hoop dat jullie er wat mee kunnen.. Mvg, Mark

Bedankt !! Mijn computer is weer de oude,, zijn jullie verder nog iets tegen gekomen wat jullie persoonlijk er niet op zouden zetten? Mvg, Mark